WO2000064096A1 - Encrypted communication system - Google Patents

Encrypted communication system Download PDF

Info

Publication number
WO2000064096A1
WO2000064096A1 PCT/JP2000/002554 JP0002554W WO0064096A1 WO 2000064096 A1 WO2000064096 A1 WO 2000064096A1 JP 0002554 W JP0002554 W JP 0002554W WO 0064096 A1 WO0064096 A1 WO 0064096A1
Authority
WO
WIPO (PCT)
Prior art keywords
random number
pseudo
number sequence
bit
communication system
Prior art date
Application number
PCT/JP2000/002554
Other languages
French (fr)
Japanese (ja)
Inventor
Junko Suginaka
Toshi Suzuki
Original Assignee
Akita, Yasuo
Fujino, Shigeru
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Akita, Yasuo, Fujino, Shigeru filed Critical Akita, Yasuo
Publication of WO2000064096A1 publication Critical patent/WO2000064096A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/34Bits, or blocks of bits, of the telegraphic message being interchanged in time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher

Definitions

  • the present invention relates to a secret communication system that communicates various data in a secret state.
  • BACKGROUND ART In recent years, various types of data have been transmitted and received via networks such as the Internet and Internet. At that time, in order to prevent important data from being leaked to a third party, various encryption methods have been proposed to keep the data to be transmitted and received confidential. In many of such encryption methods, a ciphertext is created by repeating a substitution process and a transposition process on a plaintext a predetermined number of times.
  • a predetermined bit length such as a 4-bit length or a 6-bit length is used as a unit of the transposition process, and the transposition process is performed on a predetermined bit position. For this reason, in the conventional encryption method, the characteristic resulting from the transposition process remains in the ciphertext, which may be decrypted.
  • An object of the present invention is to provide a confidential communication system capable of eliminating a characteristic caused by transposition processing in a sent / received encrypted text.
  • a secret communication system generates a pseudo-random number sequence based on predetermined key information, and generates the generated pseudo-random number sequence and a preset pseudo-random number sequence. Based on a fixed transposition rule, a plurality of exchange positions are specified for the bit string of the plaintext, and a transposition process of exchanging values between the plurality of exchange positions is performed. And transmitting and receiving the encrypted text between the transmitting device and the receiving device.
  • the exchange position to be subjected to the transposition processing is specified based on the pseudo-random number sequence in the plaintext bit string, so that the exchange position changes continuously. Therefore, in the sent / received cryptogram, the characteristics caused by the transposition process are eliminated, and a high encryption strength can be obtained.
  • FIG. 1 is an overall conceptual diagram of a secure communication system according to the present invention.
  • FIG. 2 is a configuration diagram of a pseudo random number generator.
  • FIG. 3 is an explanatory diagram showing an example of a pseudo random number sequence.
  • FIG. 4 is an explanatory diagram showing a plaintext blocking process.
  • FIG. 5 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (1).
  • FIG. 6 is a conceptual diagram of the encryption processing shown in FIG.
  • FIG. 7 is an explanatory diagram showing an example of a decoding process (transposition process) based on the transposition rule (1).
  • FIG. 8 is an explanatory diagram showing a process of assembling a block of plaintext.
  • FIG. 9 is an explanatory diagram showing an example of an encryption process in which the transposition process is repeated a plurality of times.
  • FIG. 10 is an explanatory diagram showing a process of extracting a pseudo-random number sequence used in each transposition process from a series of pseudo-random number sequences when the transposition process is repeated a plurality of times.
  • FIG. 11 is an explanatory diagram showing another example of extracting a plurality of pseudo-random number sequences from a series of pseudo-random number sequences.
  • FIG. 12 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (2).
  • FIG. 13 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (3).
  • FIG. 14 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (4).
  • FIG. 15 is an explanatory diagram showing an example of a process of specifying a set of exchange bit positions from a pseudo-random number sequence in an encryption process (transposition process) based on the transposition rule (5).
  • FIG. 16 is an explanatory diagram showing exchange processing in encryption processing (transposition processing) based on the transposition rule (5).
  • FIG. 1 is an overall schematic diagram of a secret communication system according to the present invention.
  • the secure communication system includes a transmitting device 10 and a receiving device 20 that can be connected via a network 30 such as the Internet.
  • the transmitting device 10 includes a pseudorandom number sequence generating means 11 for generating a pseudorandom number sequence based on predetermined key information 40, and a blocking means 12 for dividing a plain text (original text) into blocks having a predetermined bit length.
  • Encrypting means 13 for creating a ciphertext from the plaintext by performing a predetermined transposition process, which will be described later, on each block of the plaintext based on the pseudo-random number sequence, and a network 30
  • transmission means 14 for transmitting to the reception-side device 20 via the communication device.
  • the receiving device 20 generates the same pseudo-random number sequence as the pseudo-random number sequence generating device 11 of the transmitting device 10 based on predetermined key information 40.
  • An assembly means 24 for assembling each block to obtain a plain text (original text) is provided.
  • the transmitting device 10 and the receiving device 20 are constituted by a personal computer or the like. It is configured as a functional block realized by However, as long as the function of each of the above means can be fulfilled, each of the above means can be constituted by hardware such as a dedicated circuit.
  • the transmitting device 10 and the receiving device 20 need not be dedicated devices for transmission or reception, but are desirably transmission / reception devices of a confidential communication system capable of both transmission and reception.
  • the pseudo random number sequence generating means 11 and 21 used for the transmitting side and the receiving side can be shared by one means.
  • the pseudo random number sequence generating means 11 and 21 are provided for both the transmitting device 10 and the receiving device 20.
  • the pseudo random number sequence generating means 11 and 21 have the same configuration. . Therefore, when a transmitting / receiving device having both functions of the transmitting device 10 and the receiving device 20 is configured, the pseudo random number sequence generating means 11 and 21 can be shared.
  • the pseudo-random number sequence generation means 11 and 21 are specifically configured by software that realizes a function corresponding to a circuit for generating a pseudo-random number sequence generally called an M-sequence shown in FIG. 2 on a computer. ing.
  • the pseudo-random number sequence generation means 1 1, 21 is provided with a k-number of Shift register Xi X l ⁇ x k connected in series, the elements that serve as the exclusive OR calculator X OR, each shift register X l ⁇ x k output caries Chi of the feedback terminal specified coefficients a ⁇ ! ⁇ exclusive OR of the specified output by is the input of the shift register evening x k of the most upstream side, of most downstream side shift register pseudo-random number sequence shown from X l in Figure 3 for example is adapted to be sequentially output.
  • the pseudo-random number sequence generated by the pseudo-random number sequence generation means 11 and 21 determines the sequence of the pseudo-random number sequence according to the exclusive OR of the outputs from the shift registers X i X k . That is, the feedback terminal designating coefficient Ai Ak is information indicating a procedure for generating a pseudo random number sequence.
  • the initial value X i to X k applied to the shift register X it to X k is the beginning of the k bits of the value of the pseudo-random number sequence, that is, a default value.
  • the feedback terminal designation coefficient A i Ak and the initial value Xi Xk of the pseudo random number are used as the key information 40.
  • Sender 10 and receive Each of the side devices 20 is provided with input means such as a keyboard for inputting the key information 40 by an operator, or receiving means for obtaining the key information 40 through a communication line or the like. Further, a storage means such as a memory for storing the input or obtained key information 40 is provided.
  • the pseudo-random number sequence generating means 11 and 21 read the key information 40 stored in the storage means in this way, and generate a pseudo-random number sequence based on the key information 40.
  • the blocking means 12 divides the plaintext data transmitted from the transmitting apparatus 10 to the receiving apparatus 20 into blocks each having a predetermined bit length (for example, 64 bit length). Perform the following processing.
  • the plaintext data may be data input from an input means such as a keyboard or data read from a storage means such as a hard disk.
  • the encryption means 13 interprets the pseudo-random number sequence generated by the pseudo-random number sequence generation means 11 based on a preset transposition rule, thereby performing a plurality of exchanges on the blocked plaintext bit string. A position is specified, and a transposition process is performed to exchange values between the specified plurality of replacement positions.
  • transposition rule various rules can be used as described later.
  • the following transposition rule (1) is adopted.
  • the pseudo-random number sequence is a binary value sequence, and in the part where 1 or 0 continues over 2 bits or more in this pseudo-random number sequence, the start bit position and the tail bit position of each continuous part are exchanged. And exchange each other's bit values.
  • the encryption means 13 is provided with input means such as a keyboard for the operator to input such transposition rules, or reception means for obtaining the same through a communication line or the like.
  • storage means such as a memory for storing the input or obtained transposition rules are provided.
  • the encryption means 13 reads out the transposition rule stored in the storage means in this way, and performs transposition processing (encryption processing) based on the transposition rule.
  • FIG. 5 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (1).
  • plaintext, 6 4-bit string bit length was one block S o, SJ, S 2, ..., a S 6 3, bit value of 0 or 1 is given to each bit.
  • the pseudorandom number sequence also uses the first 64 bits as shown in FIG.
  • the pseudo-random sequence is a plaintext bit sequence S. , S There S 2, ⁇ , it will correspond by S 6 3 and the first bit or al 1-one.
  • bit position 0 and bit position 2 which are the first bits, are specified as a pair of exchange positions.
  • S at bit position 0 of the plaintext.
  • S 2 at bit position 2 exchange bit values with each other.
  • pseudo-random number sequence is 0 are continuous in the bit positions 3, 4, since the bit position 8, 9 0 is continuous, S 3 and S 4, 3 8 and 3 9 of plaintext, one in each Bit values are exchanged.
  • bit string of the plaintext having a length of 64 bits is written into the bit string of the plaintext having the same length of 64 bits.
  • the transposition process shown in FIG. 5 can be schematically represented as the same procedure as that of a so-called “Amidakuji”, as shown in FIG. That is, the bit positions corresponding to the plaintext and the encrypted text are connected by vertical lines, and a schematic diagram is created in which the vertical lines of the set of exchange positions are connected by horizontal lines. In this figure, the vertical line is traced downward from each bit position of the plain text, and when the start point of the horizontal line is reached, the end point of the horizontal line is shifted to the connected vertical line. To reach.
  • the encryption process is a process of writing the bit value of each bit position of the plaintext into the bit position of the ciphertext reached as described above. For example, S in bit 0 of plaintext. Will be written in the second bit position of the ciphertext by the horizontal line.
  • the same transposition process as described above is performed on the second block of the plaintext using the next 64 bits of the pseudo random number sequence.
  • the transmitting means 14 and the receiving means 22 transmit and receive the text created by the encrypting means 13 via the network 30.
  • the transmitting means 14 and the receiving means 22 are composed of software for adding various information to the ciphertext according to a protocol on the network or the like, and hardware such as a modem device.
  • the transmitting means 14 and the receiving means 22 are one transmitting / receiving means having both functions. Can be realized.
  • the decryption unit 23 decrypts the received ciphertext based on the pseudo-random number sequence generated by the pseudo-random number sequence generation unit 21 and the transposition rule used by the encryption unit 13 Perform processing. In this embodiment, since the sentence is divided into blocks, the bit string of the sentence is decoded into a bit string of plain text for each block.
  • the decoding is performed by exactly the same processing as the transposition processing according to the transposition rule (1). Processing can be performed.
  • the decoding means 23 is provided with input means such as a keyboard for the operator to input such transposition rules, or receiving means for obtaining the transposition rules via a communication line or the like.
  • storage means such as a memory for storing the input or obtained transposition rules are provided.
  • the decoding means 23 reads the transposition rule stored in the storage means in this way, and performs transposition processing (decoding processing) based on the transposition rule.
  • FIG. 6, which schematically shows the encryption process the decryption is a process of following a vertical line upward from each bit position of the ciphertext.
  • the above-mentioned encryption means 13 can be used also as the decryption means 23.
  • the assembling means 24 performs a process of assembling the plaintext divided into a plurality of blocks decrypted by the decrypting means 23 into a series of plaintexts.
  • the plaintext assembled in this way is output to an output means such as a monitor, or written to a storage means such as a hard disk and used for various purposes.
  • the exchange position to be transposed in the plaintext bit string changes continuously based on the pseudo-random number sequence. Therefore, features resulting from the transposition process are excluded from the sent and received encrypted text. Also, since the plaintext bit string is transposed and disturbed in bit units, high encryption strength can be obtained.
  • the exchange position is identified based on the pseudo-random number sequence and the bit value at the exchange position is exchanged, the encryption is performed by a simple process, so that the load on the encryption and decryption processes is small and the speed is high. Can be achieved.
  • the encryption means 13 and the decryption means 23 can be configured to perform the same transposition processing. Further, when a transmitting / receiving device that performs both transmission and reception is configured, one unit can be used as the encryption unit 13 and the decryption unit 23.
  • the bit positions other than the exchange position can be immediately written into the bit string of the cipher without storing in the buffer, and the processing load of the encryption means 13 and the decryption means 23 performing the transposition processing Can be reduced.
  • the pseudo-random number sequence of binary values is made to correspond one-to-one with the bit sequence of the plain text, and the exchange position is specified according to the pseudo-random number sequence. It is possible to manage. Therefore, the encrypted data can be transmitted to the receiving device 20 sequentially from the first bit. In addition, since the same applies to the decryption of encrypted text, high real-time performance can be obtained between the transmitting device 10 and the receiving device 20 by decrypting the received encrypted text in order from the first bit. it can.
  • the encryption means 13 performs the transposition process based on the transposition rule (1) a plurality of times (three times) on each block of the plaintext to perform the secret culture. .
  • the transposition processing in the above embodiment is schematically represented as the procedure of “Amidakuji” in FIG. 6, the encryption processing and the decryption processing in the second embodiment will be as shown in FIG.
  • the transposition process represented by the horizontal line is performed over multiple stages (three stages).
  • the pseudo-random number sequence is divided into blocks of a predetermined bit length (for example, 64 bit length) from the first bit, and each block is subjected to the first transposition of the first block. It may be used in order.
  • a plurality of blocks may be extracted from the pseudo random number sequence by shifting the leading bit position by n bits.
  • the transposition process can be easily performed on more bit positions in the bit string of the plain text.
  • the encryption means 13 performs a dark culture on each block of the plaintext by a transposition process based on the following transposition rule (2).
  • the pseudo-random number sequence is defined as a binary value sequence, and in the portion of the pseudo-random number sequence that changes from 0 to 1, the bit position corresponding to 0 and the bit position corresponding to 1 are specified as a pair of exchange positions. Exchange bit values with each other.
  • FIG. 12 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (2). If the pseudo-random number sequence shown in FIG. 12 is interpreted in order from the first bit based on the above transposition rule (2), it changes from 0 to 1 at bit positions 4 and 5. Therefore, bit position 4 and bit position 5 are specified as a set of exchange bits. And with the S 5 S 4 and bit position 5 of the bit positions of the plaintext 4 is replaced bit values of each other. Similarly, the bit values are exchanged in the pair of bit positions 6 and 7 and in the pair of bit positions 9 and 10 to create a ciphertext.
  • the encryption means 13 and the decryption means 23 can be configured to perform the same transposition processing.
  • the encryption means 13 performs a dark culture on each block of plaintext by a transposition process based on the following transposition rule (3).
  • the pseudo-random number sequence is converted into a binary value sequence, and the bit positions corresponding to consecutive 1s or 0s in the pseudo-random number sequence are respectively specified as a group of exchange positions, and adjacent exchange positions are exchanged in group units. .
  • FIG. 13 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (3). If the pseudo-random number sequence in FIG. 13 is interpreted in order from the first bit based on the transposition rule (3), bit positions 0 to 2 are consecutive. For this reason, bit positions 0 to 2 are specified as a group of exchange positions, as enclosed in FIG. Subsequently, 0s are consecutive in bit positions 3 and 4. Thus, bit positions 3 and 4 are also specified as a group of exchange positions. Then, have you a bit string of the plaintext, the S Q to S 2 of these bit positions 0 to 2, S 3, S 4 bit positions 3, 4 is exchanged bit group basis.
  • bit position 5 is specified as an exchange position with one bit.
  • bit position 6 is specified as an exchange position with one bit. Then, in the plaintext bit string, S 5 at bit position 5 and S 6 at bit position 6 are exchanged.
  • the exchange position in the plaintext bit string changes according to the pseudo-random number sequence, so that it is possible to obtain a ciphertext in which the characteristics resulting from the transposition processing are eliminated.
  • the bit length of each exchange position to be transposed changes according to the pseudo-random number, so that the transposition process can be diversified and the encryption strength can be further increased.
  • the encryption means 13 performs a dark culture on each block of plaintext by a transposition process based on the following transposition rule (4).
  • FIG. 14 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (4). If the pseudo-random number sequence shown in FIG. 14 is interpreted in order from the first bit based on the transposition rule (4), bit positions 0 to 2 are consecutive. For this reason, bit positions 0 to 2 are specified as a group of exchange positions, as enclosed in FIG. Subsequently, bit position 5 of the pseudo-random number sequence is 1. Thus, bit position 5 is specified as the next exchange position.
  • bit position 7 and bit position 10 are each specified as an exchange position.
  • the exchange position in the bit string of the plaintext changes according to the pseudo-random number sequence, so that it is possible to obtain a ciphertext in which the characteristics due to the transposition process are eliminated.
  • the bit length of each exchange position to be transposed changes according to the pseudorandom number, so that the transposition process can be diversified and the encryption strength can be further increased.
  • a sixth embodiment of the secret communication system according to the present invention will be described.
  • a dark culture is performed on each block of plain text by a transposition process based on the following transposition rule (5).
  • Each random value of the pseudo-random number sequence is an integer value including 0 that is less than the bit length of the plain-text bit sequence, and the bit positions corresponding to each of the two random numbers from the beginning of the pseudo-random number sequence are written in plain text. It is specified as a set of exchange positions in the bit sequence of, and the bit value of each exchange position is exchanged.
  • FIG. 15 is an explanatory diagram showing a specific example of a pseudo-random number sequence used for performing transposition processing according to the transposition rule (5).
  • the plaintext is treated as a block having a length of 64 bits at bit positions 0 to 63, and accordingly, each random value of the pseudo-random number sequence is one of integer values of 0 to 63.
  • Each random value of the pseudo-random number sequence Indicates the bit position of the exchange position in the plaintext bit string. Then, the bit positions indicated by each of the two random numbers from the beginning of the pseudo-random number sequence are used as a set of exchange positions, and the m-th random number value of the pseudo-random number sequence is used for transposing the first block of the plaintext.
  • FIG. 16 is an explanatory diagram showing a specific example of the transposition processing according to the transposition rule (5).
  • the exchange of the first set of exchange positions specified by the pseudo-random number sequence in FIG. ) Is shown. That is, in the pseudo-random number sequence shown in FIG. 15, since the first random value is 6 and the second random value is 18, bit position 6 and bit position 18 are specified as a pair of exchange positions. Therefore, in the plaintext bit string, the bit value of S 6 at bit position 6 and the bit value of S i 8 at bit position 18 are exchanged.
  • the second block may be sequentially encrypted in the same manner for the third and subsequent blocks using the m + 1 to 2m-th random numbers of the pseudo-random sequence.
  • the exchange position in the bit string of the plaintext changes according to the pseudo-random number sequence, so that it is possible to obtain a sentence in which the characteristics resulting from the transposition process are eliminated.
  • the transposition rule (5) it is easy to set bit positions apart from each other in the plaintext bit string as a set of exchange positions, so that the transposition process is diversified and the encryption strength is further increased. be able to.
  • the present invention has been described with reference to the embodiment.
  • the confidential communication system according to the present invention is not limited to the above embodiment, and may be configured as follows.
  • transposition rules (1) to (5) are described, but the transposition rule is not limited to these. That is, any transposition rule can be adopted as long as a plurality of exchange positions can be uniquely specified for a plaintext bit string based on a pseudo-random number sequence.
  • the plaintext is divided into blocks of a predetermined bit length before the encryption process is performed. However, such blocking is not necessarily performed, and starting from the first bit of the plaintext bit string. You may encrypt sequentially.
  • the key information the feedback specification coefficients A Q to A k and the random number initial value that specify the procedure for generating the M sequence are used.However, if the information can specify the pseudo-random number sequence, Any information can be used.
  • the pseudo random number sequence generating means 11 and 21 included in the transmitting device 10 and the receiving device 20 are devices having the same configuration, but based on the key information. As long as the same pseudorandom numbers can be generated, pseudorandom number generation means 11 and 21 having an arbitrary configuration can be used.
  • a transposition process is performed on a plaintext bit string according to a pseudo-random number sequence as a secret communication system that transmits and receives data over a network in a secret state.
  • a pseudo-random number sequence as a secret communication system that transmits and receives data over a network in a secret state.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

An encrypted communication system for data communication in an encrypted status. A transmission device and reception device are provided with pseudo-random number sequence generating means for generating the same pseudo-random number sequence based on key information. The transmission device interprets a pseudo-random number sequence based on a preset transposition rule to thereby specify a plurality of exchange positions for a bit-string in a regular text; a ciphered text is prepared by exchanging individual values between these exchange positions. An example of a transposition rule is such that, in a portion of a pseudo-random number sequence where '1' or '0' continues over at least 2 bits, the leading bit and the trailing bit of each continuous portion are specified as a set of exchange positions to exchange bit values to each other.

Description

明 細 書 秘匿通信システム  Document Secure communication system
技術分野 本発明は、 種々のデ一夕を秘匿状態で通信する秘匿通信システムに関する < TECHNICAL FIELD The present invention relates to a secret communication system that communicates various data in a secret state.
背景技術 近年、 種々のデータがイン夕一ネット等のネットワークを介して送受されてい る。 その際、 重要なデ一夕が第三者に漏洩することを防止するため、 送受するデ 一夕を秘匿状態とする種々の暗号化方法が提案されている。 このような暗号化方 法は、 平文に対して、 換字処理および転置処理を所定回数繰り返すことにより暗 文を作成するものが多い。 BACKGROUND ART In recent years, various types of data have been transmitted and received via networks such as the Internet and Internet. At that time, in order to prevent important data from being leaked to a third party, various encryption methods have been proposed to keep the data to be transmitted and received confidential. In many of such encryption methods, a ciphertext is created by repeating a substitution process and a transposition process on a plaintext a predetermined number of times.
しかしながら、 従来の種々の暗号化方法においては、 たとえば 4ビット長や 6 ビット長等の所定ビット長を転置処理の単位とし、 さらに予め定められたビット 位置に対して転置処理が行われている。 このため、 従来の暗号化方法では、 暗文 に転置処理に起因する特徴が残ってしまい、 解読されるおそれがあった。  However, in various conventional encryption methods, a predetermined bit length such as a 4-bit length or a 6-bit length is used as a unit of the transposition process, and the transposition process is performed on a predetermined bit position. For this reason, in the conventional encryption method, the characteristic resulting from the transposition process remains in the ciphertext, which may be decrypted.
本発明は、 送受される暗文において、 転置処理に起因する特徴を排除すること ができる秘匿通信システムを提供することを目的とする。  An object of the present invention is to provide a confidential communication system capable of eliminating a characteristic caused by transposition processing in a sent / received encrypted text.
発明の開示 上記目的を達成するため、 本発明にかかる秘匿通信システムは、 所定の鍵情報 に基づいて疑似乱数列を生成し、 生成された疑似乱数列および予め設定された所 定の転置規則に基づいて、 平文のビット列に対して複数の交換位置を特定し、 こ れら複数の交換位置の間で互いの値を交換する転置処理を行うことにより、 前記 平文から暗文を作成し、 この暗文を送信側装置と受信側装置とで送受することを 特徴とする。 DISCLOSURE OF THE INVENTION To achieve the above object, a secret communication system according to the present invention generates a pseudo-random number sequence based on predetermined key information, and generates the generated pseudo-random number sequence and a preset pseudo-random number sequence. Based on a fixed transposition rule, a plurality of exchange positions are specified for the bit string of the plaintext, and a transposition process of exchanging values between the plurality of exchange positions is performed. And transmitting and receiving the encrypted text between the transmitting device and the receiving device.
このような秘匿通信システムによれば、 平文のビット列のうち、 転置処理の対 象となる交換位置が疑似乱数列に基づいて特定されるため、 この交換位置は連続 的に変化することとなる。 したがって、 送受される暗文において、 転置処理に起 因する特徴が排除され、 高い暗号強度が得られる。  According to such a confidential communication system, the exchange position to be subjected to the transposition processing is specified based on the pseudo-random number sequence in the plaintext bit string, so that the exchange position changes continuously. Therefore, in the sent / received cryptogram, the characteristics caused by the transposition process are eliminated, and a high encryption strength can be obtained.
図面の簡単な説明 第 1図は、 本発明にかかる秘匿通信システムの全体概念図である。 BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is an overall conceptual diagram of a secure communication system according to the present invention.
第 2図は、 疑似乱数発生器の構成図である。  FIG. 2 is a configuration diagram of a pseudo random number generator.
第 3図は、 疑似乱数列の一例を示す説明図である。  FIG. 3 is an explanatory diagram showing an example of a pseudo random number sequence.
第 4図は、 平文のブロック化処理を示す説明図である。  FIG. 4 is an explanatory diagram showing a plaintext blocking process.
第 5図は、 転置規則 (1 ) に基づく暗号化処理 (転置処理) の一例を示す説明 図である。  FIG. 5 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (1).
第 6図は、 第 5図に示した暗号化処理の概念図である。  FIG. 6 is a conceptual diagram of the encryption processing shown in FIG.
第 7図は、 転置規則 (1 ) に基づく復号化処理 (転置処理) の一例を示す説明 図である。  FIG. 7 is an explanatory diagram showing an example of a decoding process (transposition process) based on the transposition rule (1).
第 8図は、 プロック化された平文の組立処理を示す説明図である。  FIG. 8 is an explanatory diagram showing a process of assembling a block of plaintext.
第 9図は、 転置処理を複数回繰り返す暗号化処理の一例を示す説明図である。 第 1 0図は、 転置処理を複数回繰り返す場合に、 各回の転置処理に用いる疑似 乱数列を、 一連の疑似乱数列から抽出する処理を示す説明図である。  FIG. 9 is an explanatory diagram showing an example of an encryption process in which the transposition process is repeated a plurality of times. FIG. 10 is an explanatory diagram showing a process of extracting a pseudo-random number sequence used in each transposition process from a series of pseudo-random number sequences when the transposition process is repeated a plurality of times.
第 1 1図は、 一連の疑似乱数列から複数の疑似乱数列を抽出する他の例を示す 説明図である。  FIG. 11 is an explanatory diagram showing another example of extracting a plurality of pseudo-random number sequences from a series of pseudo-random number sequences.
第 1 2図は、 転置規則 (2 ) に基づく暗号化処理 (転置処理) の一例を示す説 明図である。 第 1 3図は、 転置規則 (3 ) に基づく暗号化処理 (転置処理) の一例を示す説 明図である。 FIG. 12 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (2). FIG. 13 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (3).
第 1 4図は、 転置規則 (4 ) に基づく暗号化処理 (転置処理) の一例を示す説 明図である。  FIG. 14 is an explanatory diagram showing an example of encryption processing (transposition processing) based on the transposition rule (4).
第 1 5図は、 転置規則 (5 ) に基づく暗号化処理 (転置処理) において、 疑似 乱数列から交換ビット位置の組を特定する処理の一例を示す説明図である。  FIG. 15 is an explanatory diagram showing an example of a process of specifying a set of exchange bit positions from a pseudo-random number sequence in an encryption process (transposition process) based on the transposition rule (5).
第 1 6図は、 転置規則 (5 ) に基づく暗号化処理 (転置処理) における交換処 理を示す説明図である。  FIG. 16 is an explanatory diagram showing exchange processing in encryption processing (transposition processing) based on the transposition rule (5).
発明を実施するための最良の形態 第 1図は、 本発明にかかる秘匿通信システムの全体概略図である。 BEST MODE FOR CARRYING OUT THE INVENTION FIG. 1 is an overall schematic diagram of a secret communication system according to the present invention.
本発明にかかる秘匿通信システムは、 インターネット等のネットワーク 3 0を 介して接続可能な送信側装置 1 0および受信側装置 2 0とを備えている。  The secure communication system according to the present invention includes a transmitting device 10 and a receiving device 20 that can be connected via a network 30 such as the Internet.
送信側装置 1 0は、 所定の鍵情報 4 0に基づいて疑似乱数列を生成する疑似乱 数列生成手段 1 1と、 平文 (原文) を所定ビット長のブロックに分割するブロッ ク化手段 1 2と、 平文の各ブロックに対し、 前記疑似乱数列に基づいて後述する 所定の転置処理を施すことにより平文から暗文を作成する暗号化手段 1 3と、 作 成された暗文をネットワーク 3 0を介して受信側装置 2 0に送信する送信手段 1 4とを備えている。  The transmitting device 10 includes a pseudorandom number sequence generating means 11 for generating a pseudorandom number sequence based on predetermined key information 40, and a blocking means 12 for dividing a plain text (original text) into blocks having a predetermined bit length. Encrypting means 13 for creating a ciphertext from the plaintext by performing a predetermined transposition process, which will be described later, on each block of the plaintext based on the pseudo-random number sequence, and a network 30 And transmission means 14 for transmitting to the reception-side device 20 via the communication device.
受信側装置 2 0は、 前記暗文を受信する受信手段 2 2と、 所定の鍵情報 4 0に 基づいて前記送信側装置 1 0の疑似乱数列生成手段 1 1と同一の疑似乱数列を生 成する疑似乱数列生成手段 2 1と、 前記疑似乱数列に基づいて後述する所定の転 置処理を施すことにより、 暗文をブロックごとに復号化する復号化手段 2 3と、 復号化された各ブロックを組み立てて平文 (原文) を得る組立手段 2 4とを備え ている。  The receiving device 20 generates the same pseudo-random number sequence as the pseudo-random number sequence generating device 11 of the transmitting device 10 based on predetermined key information 40. Pseudo-random number sequence generating means 21 to be formed, and decoding means 23 for decoding a ciphertext for each block by performing a predetermined transposition process described later based on the pseudo-random number sequence. An assembly means 24 for assembling each block to obtain a plain text (original text) is provided.
なお、 この実施形態においては、 これら送信側装置 1 0および受信側装置 2 0 は、 パーソナルコンピュータ等によって構成され、 上記各手段は、 ソフトウェア によって実現される機能ブロックとして構成されている。 ただし、 上記各手段の 機能を果たすことができれば、 上記各手段を専用回路等のハードウエアで構成す ることもできる。 In this embodiment, the transmitting device 10 and the receiving device 20 are constituted by a personal computer or the like. It is configured as a functional block realized by However, as long as the function of each of the above means can be fulfilled, each of the above means can be constituted by hardware such as a dedicated circuit.
また、 送信側装置 10および受信側装置 20は、 送信用または受信用の専用機 である必要はなく、 送信および受信とも可能な秘匿通信システムの送受信装置で あることが望ましい。 その際、 後述するように、 送信側用と受信側用に用いる疑 似乱数列生成手段 1 1, 21等を、 1つの手段で兼用することができる。  Also, the transmitting device 10 and the receiving device 20 need not be dedicated devices for transmission or reception, but are desirably transmission / reception devices of a confidential communication system capable of both transmission and reception. In this case, as described later, the pseudo random number sequence generating means 11 and 21 used for the transmitting side and the receiving side can be shared by one means.
以下、 各手段について、 詳細に説明する。 疑似乱数列生成手段 1 1, 2 1は、 送信側装置 1 0および受信側装置 20の両 者ともに備えられており、 両疑似乱数列生成手段 1 1, 2 1は、 同一の構成であ る。 このため、 送信側装置 10および受信側装置 20の両機能を備えた送受信装 置を構成する場合には、疑似乱数列生成手段 1 1, 2 1を兼用することができる。 疑似乱数列生成手段 1 1, 2 1は、 具体的には、 第 2図に示す、 一般に M系列 と呼ばれる疑似乱数列を生成する回路に相当する機能を、 コンピュータ上で実現 するソフトウェアによって構成されている。 この疑似乱数列生成手段 1 1, 21 は、 直列に接続された k個のシフトレジス夕 X l〜xkと、 排他的論理和演算器 X ORとの機能を果たす要素を備えており、各シフトレジスタ X l〜xkの出力のう ち、 フィードバック端子指定係数 A 〜 !^によって指定された出力の排他的論理 和が最上流側のシフトレジス夕 xkの入力とされ、最下流側のシフトレジスタ X l からたとえば第 3図に示す疑似乱数列が順次出力されるようになっている。 Hereinafter, each means will be described in detail. The pseudo random number sequence generating means 11 and 21 are provided for both the transmitting device 10 and the receiving device 20. The pseudo random number sequence generating means 11 and 21 have the same configuration. . Therefore, when a transmitting / receiving device having both functions of the transmitting device 10 and the receiving device 20 is configured, the pseudo random number sequence generating means 11 and 21 can be shared. The pseudo-random number sequence generation means 11 and 21 are specifically configured by software that realizes a function corresponding to a circuit for generating a pseudo-random number sequence generally called an M-sequence shown in FIG. 2 on a computer. ing. The pseudo-random number sequence generation means 1 1, 21 is provided with a k-number of Shift register Xi X l ~x k connected in series, the elements that serve as the exclusive OR calculator X OR, each shift register X l ~x k output caries Chi of the feedback terminal specified coefficients a ~! ^ exclusive OR of the specified output by is the input of the shift register evening x k of the most upstream side, of most downstream side shift register pseudo-random number sequence shown from X l in Figure 3 for example is adapted to be sequentially output.
この疑似乱数列生成手段 1 1, 2 1によって生成される疑似乱数列は、 どのシ フトレジス夕 X i X kからの出力の排他的論理和をとるかによって、疑似乱数列 の系列が決定される。 すなわち、 上記フィードバック端子指定係数 Ai Akが疑 似乱数列の生成手順を示す情報となっている。  The pseudo-random number sequence generated by the pseudo-random number sequence generation means 11 and 21 determines the sequence of the pseudo-random number sequence according to the exclusive OR of the outputs from the shift registers X i X k . That is, the feedback terminal designating coefficient Ai Ak is information indicating a procedure for generating a pseudo random number sequence.
また、各シフトレジスタ X i〜 X kに与えられる初期値 X i〜 X kが、疑似乱数列 のはじめの kビット分の値、 すなわち初期値となっている。 The initial value X i to X k applied to the shift register X it to X k is the beginning of the k bits of the value of the pseudo-random number sequence, that is, a default value.
この秘匿通信システムでは、 これらフィードバック端子指定係数 A i Akおよ び疑似乱数の初期値 Xi Xkが鍵情報 40とされる。送信側装置 10および受信 側装置 2 0は、 それぞれ、 この鍵情報 4 0を操作者が入力するためのキーボード 等の入力手段、あるいは、通信回線等によって入手する受信手段等を備えている。 また、 入力されたあるいは入手した鍵情報 4 0を記憶しておくメモリ等の記憶手 段を備えている。 疑似乱数列生成手段 1 1 , 2 1は、 こうして記憶手段に記憶さ れた鍵情報 4 0を読み出して、 鍵情報 4 0に基づいて疑似乱数列を生成するよう になっている。 In this confidential communication system, the feedback terminal designation coefficient A i Ak and the initial value Xi Xk of the pseudo random number are used as the key information 40. Sender 10 and receive Each of the side devices 20 is provided with input means such as a keyboard for inputting the key information 40 by an operator, or receiving means for obtaining the key information 40 through a communication line or the like. Further, a storage means such as a memory for storing the input or obtained key information 40 is provided. The pseudo-random number sequence generating means 11 and 21 read the key information 40 stored in the storage means in this way, and generate a pseudo-random number sequence based on the key information 40.
なお、 疑似乱数列生成手段 1 1 , 2 1は、 鍵情報 4 0に応じて同一の疑似乱数 列を再現できるものであれば、 種々の公知の疑似乱数列生成手段を適用すること ができる。 また、 専用回路等のハードウェアで構成してもよい。 ブロック化手段 1 2は、 第 4図に示すように、 送信側装置 1 0が受信側装置 2 0に送信する平文データを、 所定ビット長 (たとえば 6 4ビット長) のビット列 からなるブロックに分割する処理を行う。 平文データは、 キーボード等の入力手 段から入力されたデータでも、 ハードディスク等の記憶手段から読み出したデ一 夕でもよい。  It should be noted that various known pseudo-random number sequence generation means can be applied to the pseudo-random number sequence generation means 11 and 21 as long as the same pseudo-random number sequence can be reproduced according to the key information 40. Further, it may be constituted by hardware such as a dedicated circuit. As shown in FIG. 4, the blocking means 12 divides the plaintext data transmitted from the transmitting apparatus 10 to the receiving apparatus 20 into blocks each having a predetermined bit length (for example, 64 bit length). Perform the following processing. The plaintext data may be data input from an input means such as a keyboard or data read from a storage means such as a hard disk.
なお、 平文デ一夕が所定ビット長に満たない場合は、 任意のダミーデータを付 加して所定ビッ卜長のブロックを作成すればよい。 暗号化手段 1 3は、 上記疑似乱数列生成手段 1 1によって生成された疑似乱数 列を予め設定された転置規則に基づいて解釈することにより、 プロック化された 平文のビット列に対して複数の交換位置を特定し、 さらに、 特定された複数の交 換位置の間で互いの値を交換する転置処理を行う。  If the length of the plaintext data is less than the predetermined bit length, a block having the predetermined bit length may be created by adding arbitrary dummy data. The encryption means 13 interprets the pseudo-random number sequence generated by the pseudo-random number sequence generation means 11 based on a preset transposition rule, thereby performing a plurality of exchanges on the blocked plaintext bit string. A position is specified, and a transposition process is performed to exchange values between the specified plurality of replacement positions.
転置規則としては、 後述するように、 種々の規則を用いることができるが、 こ の実施形態においては、 次の転置規則 (1 ) を採用する。  As the transposition rule, various rules can be used as described later. In this embodiment, the following transposition rule (1) is adopted.
( 1 ) 疑似乱数列を 2進数値列とし、 この疑似乱数列で 2ビット以上にわたつ て 1または 0が連続する部分において、 各連続部分の先頭ビット位置と後尾ビッ ト位置とを交換位置の組として特定し、 互いのビット値を交換する。  (1) The pseudo-random number sequence is a binary value sequence, and in the part where 1 or 0 continues over 2 bits or more in this pseudo-random number sequence, the start bit position and the tail bit position of each continuous part are exchanged. And exchange each other's bit values.
暗号化手段 1 3は、 このような転置規則を操作者が入力するためのキーボード 等の入力手段、あるいは、通信回線等によって入手する受信手段等を備えている。 また、 入力されたあるいは入手した転置規則を記憶しておくメモリ等の記憶手段 を備えている。 暗号化手段 1 3は、 こうして記憶手段に記憶された転置規則を読 み出して、転置規則に基づいて転置処理(暗号化処理)を行うようになっている。 第 5図は、 この転置規則 (1 ) による転置処理の具体例を示す説明図である。 この例は、 平文は、 6 4ビット長を 1ブロックとしたビット列 S o , S J , S 2 , …, S 6 3であり、 各ビットには 0または 1のビット値が与えられている。 疑似乱 数列もまた、 第 3図に示すように、 先頭ビットから 6 4ビットが用いられる。 そ して、 疑似乱数列は、 平文のビット列 S。, Sい S 2, ···, S 6 3と先頭ビットか ら 1対 1で対応させていく。 The encryption means 13 is provided with input means such as a keyboard for the operator to input such transposition rules, or reception means for obtaining the same through a communication line or the like. In addition, storage means such as a memory for storing the input or obtained transposition rules are provided. The encryption means 13 reads out the transposition rule stored in the storage means in this way, and performs transposition processing (encryption processing) based on the transposition rule. FIG. 5 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (1). This example, plaintext, 6 4-bit string bit length was one block S o, SJ, S 2, ..., a S 6 3, bit value of 0 or 1 is given to each bit. The pseudorandom number sequence also uses the first 64 bits as shown in FIG. The pseudo-random sequence is a plaintext bit sequence S. , S There S 2, ···, it will correspond by S 6 3 and the first bit or al 1-one.
そして、 上記転置規則 (1 ) に基づいて、 第 5図の疑似乱数列を先頭ビットか ら順に解釈していけば、 ビット位置 0〜2において、 1が連続している。 このた め、 この先頭ビットであるビット位置 0とビット位置 2とが交換位置の組として 特定される。 そして、 平文のビット位置 0の S。とビット位置 2の S 2とが互いの ビット値を交換される。 Then, if the pseudo-random number sequence of FIG. 5 is interpreted in order from the first bit based on the transposition rule (1), 1 is continuous at bit positions 0 to 2. For this reason, bit position 0 and bit position 2, which are the first bits, are specified as a pair of exchange positions. Then, S at bit position 0 of the plaintext. And S 2 at bit position 2 exchange bit values with each other.
同様に、 疑似乱数列はビット位置 3 , 4において 0が連続し、 ビット位置 8, 9において 0が連続しているため、 平文の S 3と S 4, 3 8と3 9が、 それぞれ互い のビット値を交換される。 Similarly, pseudo-random number sequence is 0 are continuous in the bit positions 3, 4, since the bit position 8, 9 0 is continuous, S 3 and S 4, 3 8 and 3 9 of plaintext, one in each Bit values are exchanged.
以上の転置処理をビット位置 6 3まで行うことにより、 6 4ビット長の平文の ビット列は、 同じく 6 4ビット長の暗文のビット列に暗文化される。  By performing the above transposition processing up to bit position 63, the bit string of the plaintext having a length of 64 bits is written into the bit string of the plaintext having the same length of 64 bits.
なお、 この第 5図に示される転置処理は、 第 6図に示すように、 いわゆる 「あ みだくじ」 と同じ手順として模式的に表現することができる。 すなわち、 平文と 暗文の対応するビット位置を縦線でつなぎ、 交換位置の組の縦線同士を横線で接 続した模式図を作成する。 そして、 この図において、 平文の各ビット位置から縦 線を下向きにたどり、 横線の始点に到達すればその横線の終点が接続された縦線 に移ることとすれば、 暗文のあるビッ卜位置に到達する。暗号化処理(転置処理) は、 平文の各ビット位置のビット値を、 上述のようにして到達した暗文のビット 位置に書き込む処理となる。 たとえば、 平文の第 0ビット位置の S。は、 横線に よって、 暗文の第 2ビット位置に書き込まれることとなる。  The transposition process shown in FIG. 5 can be schematically represented as the same procedure as that of a so-called “Amidakuji”, as shown in FIG. That is, the bit positions corresponding to the plaintext and the encrypted text are connected by vertical lines, and a schematic diagram is created in which the vertical lines of the set of exchange positions are connected by horizontal lines. In this figure, the vertical line is traced downward from each bit position of the plain text, and when the start point of the horizontal line is reached, the end point of the horizontal line is shifted to the connected vertical line. To reach. The encryption process (transposition process) is a process of writing the bit value of each bit position of the plaintext into the bit position of the ciphertext reached as described above. For example, S in bit 0 of plaintext. Will be written in the second bit position of the ciphertext by the horizontal line.
このようにして、 平文の第 1ブロックの転置処理が終了すれば、 第 3図に示す ように次の 6 4ビットの疑似乱数列を用いて平文の第 2ブロックに対して上記と 同様の転置処理を行われる。 そして、 このような転置処理を平文の全ブロックに ついて行うことにより、 平文の全てが暗号化され、 平文のブロックと同数の暗文 のブロックが作成される。 送信手段 1 4および受信手段 2 2は、 前記暗号化手段 1 3によって作成された 喑文をネットワーク 3 0を介して送受する。 具体的には、 送信手段 1 4および受 信手段 2 2は、 ネットワーク上のプロトコル等に応じて、 暗文に種々の情報を付 加するソフトウェアおよびモデム装置等のハードウエアから構成される。 なお、 送信側装置 1 0および受信側装置 2 0の両機能を備えた送受信装置を構成する場 合には、 送信手段 1 4および受信手段 2 2は、 両機能を備えた 1つの送受信手段 で実現することができる。 復号化手段 2 3は、 上記疑似乱数列生成手段 2 1によって生成された疑似乱数 列と、 暗号化手段 1 3で用いられた転置規則とに基づいて、 受信した暗文を復号 化する復号化処理を行う。この実施形態では、喑文はブロック化されているため、 各ブロックごとに、 喑文のビット列を平文のビット列に復号化する。 When the transposition of the first block of plaintext is completed in this way, As described above, the same transposition process as described above is performed on the second block of the plaintext using the next 64 bits of the pseudo random number sequence. By performing such a transposition process on all the plaintext blocks, all the plaintexts are encrypted, and the same number of ciphertext blocks as the plaintext blocks are created. The transmitting means 14 and the receiving means 22 transmit and receive the text created by the encrypting means 13 via the network 30. Specifically, the transmitting means 14 and the receiving means 22 are composed of software for adding various information to the ciphertext according to a protocol on the network or the like, and hardware such as a modem device. When a transmitting / receiving device having both functions of the transmitting device 10 and the receiving device 20 is configured, the transmitting means 14 and the receiving means 22 are one transmitting / receiving means having both functions. Can be realized. The decryption unit 23 decrypts the received ciphertext based on the pseudo-random number sequence generated by the pseudo-random number sequence generation unit 21 and the transposition rule used by the encryption unit 13 Perform processing. In this embodiment, since the sentence is divided into blocks, the bit string of the sentence is decoded into a bit string of plain text for each block.
具体的には、 上記転置規則 (1 ) によって転置処理が行われたこの実施形態で は、 第 7図に示すように、 上記転置規則 (1 ) による転置処理と全く同じ処理に よって、 復号化処理を行うことができる。  More specifically, in this embodiment in which the transposition processing is performed according to the transposition rule (1), as shown in FIG. 7, the decoding is performed by exactly the same processing as the transposition processing according to the transposition rule (1). Processing can be performed.
復号化手段 2 3は、 このような転置規則を操作者が入力するためのキーボード 等の入力手段、あるいは、通信回線等によって入手する受信手段等を備えている。 また、 入力されたあるいは入手した転置規則を記憶しておくメモリ等の記憶手段 を備えている。 復号化手段 2 3は、 こうして記憶手段に記憶された転置規則を読 み出して、転置規則に基づいて転置処理(復号化処理)を行うようになっている。 なお、 この復号化は、 暗号化処理を模式的に表した第 6図においては、 暗文の 各ビット位置から縦線を上向きにたどる処理となる。  The decoding means 23 is provided with input means such as a keyboard for the operator to input such transposition rules, or receiving means for obtaining the transposition rules via a communication line or the like. In addition, storage means such as a memory for storing the input or obtained transposition rules are provided. The decoding means 23 reads the transposition rule stored in the storage means in this way, and performs transposition processing (decoding processing) based on the transposition rule. In FIG. 6, which schematically shows the encryption process, the decryption is a process of following a vertical line upward from each bit position of the ciphertext.
したがって、 送信側装置 1 0および受信側装置 2 0の両機能を備えた送受信装 置を構成する場合には、 上記暗号化手段 1 3を復号化手段 2 3として兼用するこ とができる。 組立手段 2 4は、 第 8図に示すように、 復号化手段 2 3によって復号化された 複数のブロックに分割された平文を、 一連の平文に組み立てる処理を行う。 こう して組み立てられた平文は、 モニタ等の出力手段に出力されるか、 あるいは、 ハ —ドディスク等の記憶手段に書き込まれ、 種々の用途に供される。 以上のような秘匿通信システムによれば、 平文のビット列のうち、 転置処理の 対象となる交換位置が疑似乱数列に基づいて連続的に変化する。 したがって、 送 受される暗文において、 転置処理に起因する特徴が排除される。 また、 平文のビ ット列はビット単位で転置、 攪乱されるため、 高い暗号強度が得られる。 Therefore, when a transmitting / receiving device having both functions of the transmitting device 10 and the receiving device 20 is configured, the above-mentioned encryption means 13 can be used also as the decryption means 23. Can be. As shown in FIG. 8, the assembling means 24 performs a process of assembling the plaintext divided into a plurality of blocks decrypted by the decrypting means 23 into a series of plaintexts. The plaintext assembled in this way is output to an output means such as a monitor, or written to a storage means such as a hard disk and used for various purposes. According to the above secret communication system, the exchange position to be transposed in the plaintext bit string changes continuously based on the pseudo-random number sequence. Therefore, features resulting from the transposition process are excluded from the sent and received encrypted text. Also, since the plaintext bit string is transposed and disturbed in bit units, high encryption strength can be obtained.
また、 疑似乱数列に基づいて交換位置を特定し、 交換位置のビット値を交換す るだけの、 簡単な処理で暗号化を行うため、 暗号化処理および復号化処理の負担 が小さく、 高速化を図ることができる。  In addition, since the exchange position is identified based on the pseudo-random number sequence and the bit value at the exchange position is exchanged, the encryption is performed by a simple process, so that the load on the encryption and decryption processes is small and the speed is high. Can be achieved.
また、 疑似乱数列の生成手順を特定する情報と疑似乱数列の初期値を示す情報 とを鍵情報としているため、 種々の疑似乱数列を生成することができ、 この点か らも高い暗号強度を得ることができる。  In addition, since the information specifying the pseudo-random number sequence generation procedure and the information indicating the initial value of the pseudo-random number sequence are used as key information, various pseudo-random number sequences can be generated. Can be obtained.
また、転置規則(1 )によれば、交換位置がすべて同じ 1ビット長であるから、 暗号化手段 1 3および復号化手段 2 3を、 同一の転置処理を行うものとして構成 することができる。 さらに、 送信および受信の両方を行う送受信装置を構成する 場合には、 暗号化手段 1 3と復号化手段 2 3を 1つの手段で兼用することができ る。  Further, according to the transposition rule (1), since all the exchange positions have the same 1-bit length, the encryption means 13 and the decryption means 23 can be configured to perform the same transposition processing. Further, when a transmitting / receiving device that performs both transmission and reception is configured, one unit can be used as the encryption unit 13 and the decryption unit 23.
また、転置規則(1 )によれば、交換位置がすべて同じ 1ビット長であるから、 交換位置以外のビット位置の値は変化しない。 したがって、 転置処理において、 交換位置以外のビット位置についてはバッファに記憶させることなく、 直ちに暗 文のビット列に書き込むことができ、 転置処理を行う暗号化手段 1 3および復号 化手段 2 3の処理負担を小さくすることができる。  Further, according to the transposition rule (1), since all the exchange positions have the same 1-bit length, the values of the bit positions other than the exchange position do not change. Therefore, in the transposition process, the bit positions other than the exchange position can be immediately written into the bit string of the cipher without storing in the buffer, and the processing load of the encryption means 13 and the decryption means 23 performing the transposition processing Can be reduced.
また、 2進数値の疑似乱数列を平文のビット列と 1対 1で対応させ、 疑似乱数 列に応じて交換位置が特定されるため、 平文のビット列を先頭ビッ卜から順に処 理していくことが可能である。 したがって、 暗号化された先頭ビットから順々に 受信側装置 2 0に送出することができる。また、暗文の復号化も同様であるため、 受信した暗文を先頭ビッ卜から順に復号化処理することにより、 送信側装置 1 0 と受信側装置 2 0間で高いリアルタイム性を得ることもできる。 In addition, the pseudo-random number sequence of binary values is made to correspond one-to-one with the bit sequence of the plain text, and the exchange position is specified according to the pseudo-random number sequence. It is possible to manage. Therefore, the encrypted data can be transmitted to the receiving device 20 sequentially from the first bit. In addition, since the same applies to the decryption of encrypted text, high real-time performance can be obtained between the transmitting device 10 and the receiving device 20 by decrypting the received encrypted text in order from the first bit. it can.
また、 平文データを複数のブロックに分割し、 各ブロックごとに暗号化し、 復 号化するため、 暗号化処理および復号化処理が各ブロックごとに完結する。 した がって、 大容量の平文データに対しても、 暗号化手段 1 3および復号化手段 2 3 の負担を軽減することができる。  In addition, since plaintext data is divided into a plurality of blocks, and each block is encrypted and decrypted, encryption and decryption are completed for each block. Therefore, the load on the encryption means 13 and the decryption means 23 can be reduced even for a large amount of plaintext data.
また、 平文デ一夕を複数のブロックに分割するため、 各ブロックごとに送受信 処理を行うことができ、 バケツト通信方式等にも容易に対応できる。 次に、 本発明にかかる秘匿通信システムの第 2の実施形態について説明する。 この第 2の実施形態は、 暗号化手段 1 3が、 平文の各ブロックに対して、 転置 規則 (1 ) に基づく転置処理を複数回 (3回) 繰り返し行って、 暗文化を行うも のである。  Also, since the plaintext data is divided into a plurality of blocks, transmission / reception processing can be performed for each block, and a bucket communication method can be easily supported. Next, a second embodiment of the secret communication system according to the present invention will be described. In the second embodiment, the encryption means 13 performs the transposition process based on the transposition rule (1) a plurality of times (three times) on each block of the plaintext to perform the secret culture. .
上述したように、 上記実施形態における転置処理を第 6図の 「あみだくじ」 の 手続きとして模式的に表せば、 この第 2実施形態における暗号化処理および復号 化処理は、 第 9図に示すように、 横線で表される転置処理を、 複数段 (3段) に わたって行う処理となる。  As described above, if the transposition processing in the above embodiment is schematically represented as the procedure of “Amidakuji” in FIG. 6, the encryption processing and the decryption processing in the second embodiment will be as shown in FIG. The transposition process represented by the horizontal line is performed over multiple stages (three stages).
各転置処理には、 疑似乱数列生成手段 1 1, 2 1が生成する疑似乱数列からそ れぞれ切り出した異なる部分を用いればよい。 具体的には、 第 1 0図に示すよう に、 疑似乱数列を先頭ビットから所定ビット長 (たとえば 6 4ビット長) ごとの ブロックに区切り、 各ブロックを、 第 1ブロックの第 1転置処理から順に用いれ ばよい。 あるいは、 第 1 1図に示すように、 疑似乱数列から、 先頭ビット位置を nビットずつずらして複数のブロックを抽出してもよい。  In each transposition process, different portions cut out from the pseudo-random number sequence generated by the pseudo-random number sequence generation means 11 and 21 may be used. Specifically, as shown in Fig. 10, the pseudo-random number sequence is divided into blocks of a predetermined bit length (for example, 64 bit length) from the first bit, and each block is subjected to the first transposition of the first block. It may be used in order. Alternatively, as shown in FIG. 11, a plurality of blocks may be extracted from the pseudo random number sequence by shifting the leading bit position by n bits.
このように転置処理を複数回繰り返し行う構成とすれば、 平文のビット列にお いて、 より多くのビット位置に対して容易に転置処理を施すことができる。  With such a configuration in which the transposition process is repeated a plurality of times, the transposition process can be easily performed on more bit positions in the bit string of the plain text.
また、 平文を所定ビット長のブロックに分割し、 先頭ブロックから複数回 (3 回) の転置処理による暗号化処理を順次完結させていけば、 暗号化処理が完了し たブロックから順に送出することができるため、 通信のリアルタイム性を高める ことができる。 次に、 本発明にかかる秘匿通信システムの第 3の実施形態について説明する。 この第 3の実施形態は、 暗号化手段 1 3が、 平文の各ブロックに対し、 下記の 転置規則 (2 ) に基づく転置処理によって暗文化を行うものである。 Also, if the plaintext is divided into blocks of a predetermined bit length, and the encryption processing by transposing multiple times (three times) from the first block is completed sequentially, the encryption processing will be completed. Since the blocks can be transmitted in order, the real-time communication can be improved. Next, a third embodiment of the secret communication system according to the present invention will be described. In the third embodiment, the encryption means 13 performs a dark culture on each block of the plaintext by a transposition process based on the following transposition rule (2).
( 2 ) 疑似乱数列を 2進数値列とし、 この疑似乱数列で 0から 1に変化する部 分において、 0に対応するビット位置と 1に対応するビット位置とを交換位置の 組として特定し、 互いのビット値を交換する。  (2) The pseudo-random number sequence is defined as a binary value sequence, and in the portion of the pseudo-random number sequence that changes from 0 to 1, the bit position corresponding to 0 and the bit position corresponding to 1 are specified as a pair of exchange positions. Exchange bit values with each other.
第 1 2図は、 この転置規則(2 )による転置処理の具体例を示す説明図である。 上記転置規則 (2 ) に基づいて、 第 1 2図の疑似乱数列を先頭ビットから順に解 釈していけば、 ビット位置 4, 5において、 0から 1に変化している。 このため、 これらビット位置 4とビット位置 5とが交換ビットの組として特定される。 そし て、平文のビット位置 4の S 4とビット位置 5の S 5とが互いのビット値を交換さ れる。 同様にして、 ビット位置 6, 7の組、 およびビット位置 9, 1 0の組にお いてビット値が交換され、 暗文が作成される。 FIG. 12 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (2). If the pseudo-random number sequence shown in FIG. 12 is interpreted in order from the first bit based on the above transposition rule (2), it changes from 0 to 1 at bit positions 4 and 5. Therefore, bit position 4 and bit position 5 are specified as a set of exchange bits. And with the S 5 S 4 and bit position 5 of the bit positions of the plaintext 4 is replaced bit values of each other. Similarly, the bit values are exchanged in the pair of bit positions 6 and 7 and in the pair of bit positions 9 and 10 to create a ciphertext.
このように転置規則 (2 ) によっても、 平文のビット列における交換位置は疑 似乱数列に応じて変化するため、 転置処理に起因する特徴が排除された暗文をえ ることができる。  In this way, even with the transposition rule (2), the exchange position in the bit string of the plaintext changes according to the pseudo-random number sequence, so that it is possible to obtain a ciphertext in which the features resulting from the transposition process have been eliminated.
また、転置規則(2 )によれば、交換位置がすべて同じ 1ビット長であるから、 暗号化手段 1 3および復号化手段 2 3を、 同一の転置処理を行うものとして構成 することができる。  Further, according to the transposition rule (2), since all the exchange positions have the same 1-bit length, the encryption means 13 and the decryption means 23 can be configured to perform the same transposition processing.
なお、 この転置規則 (2 ) によって転置処理を行う場合であっても、 上述した 第 2の実施形態のように、 転置処理を複数回繰り返し行うことができる。 以下の 実施形態においても同様である。 次に、 本発明にかかる秘匿通信システムの第 4の実施形態について説明する。 この第 4の実施形態は、 暗号化手段 1 3が、 平文の各ブロックに対し、 下記の 転置規則 (3 ) に基づく転置処理によって暗文化を行うものである。 ( 3 ) 疑似乱数列を 2進数値列とし、 この疑似乱数列で連続する 1または 0に 対応するビッ卜位置をそれぞれ一群の交換位置として特定し、 隣り合う交換位置 同士を群単位で交換する。 Note that, even when the transposition processing is performed according to the transposition rule (2), the transposition processing can be repeated a plurality of times as in the above-described second embodiment. The same applies to the following embodiments. Next, a fourth embodiment of the secret communication system according to the present invention will be described. In the fourth embodiment, the encryption means 13 performs a dark culture on each block of plaintext by a transposition process based on the following transposition rule (3). (3) The pseudo-random number sequence is converted into a binary value sequence, and the bit positions corresponding to consecutive 1s or 0s in the pseudo-random number sequence are respectively specified as a group of exchange positions, and adjacent exchange positions are exchanged in group units. .
第 1 3図は、 この転置規則(3 )による転置処理の具体例を示す説明図である。 上記転置規則 (3 ) に基づいて、 第 1 3図の疑似乱数列を先頭ビットから順に解 釈していけば、 ビット位置 0〜 2は 1が連続している。 このため、 ビット位置 0 〜2は、 同図でひとまとまりに囲っているように、 一群の交換位置として特定さ れる。 つづいて、 ビット位置 3、 4は 0が連続している。 このため、 ビット位置 3, 4もまた、 一群の交換位置として特定される。 そして、 平文のビット列にお いて、 これらビット位置 0〜2の S Q〜S 2と、 ビット位置 3, 4の S 3, S 4が、 ビット群単位で交換される。 FIG. 13 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (3). If the pseudo-random number sequence in FIG. 13 is interpreted in order from the first bit based on the transposition rule (3), bit positions 0 to 2 are consecutive. For this reason, bit positions 0 to 2 are specified as a group of exchange positions, as enclosed in FIG. Subsequently, 0s are consecutive in bit positions 3 and 4. Thus, bit positions 3 and 4 are also specified as a group of exchange positions. Then, have you a bit string of the plaintext, the S Q to S 2 of these bit positions 0 to 2, S 3, S 4 bit positions 3, 4 is exchanged bit group basis.
さらに、 疑似乱数列において、 ビット位置 5では 1が単独で存在する。 このた め、 ビット位置 5は 1ビットで交換位置として特定される。 同様に、 ビット位置 6では 0が単独で存在する。 このため、 ビット位置 6は 1ビットで交換位置とし て特定される。そして、平文のビット列において、 これらビット位置 5の S 5と、 ビット位置 6の S 6とが交換される。 Furthermore, in the pseudo-random number sequence, at bit position 5, there is only one 1. For this reason, bit position 5 is specified as an exchange position with one bit. Similarly, at bit position 6, there is a single 0. For this reason, bit position 6 is specified as an exchange position with one bit. Then, in the plaintext bit string, S 5 at bit position 5 and S 6 at bit position 6 are exchanged.
このような転置規則 (3 ) によれば、 平文のビット列における交換位置は疑似 乱数列に応じて変化するため、 転置処理に起因する特徴が排除された暗文を得る ことができる。  According to the transposition rule (3), the exchange position in the plaintext bit string changes according to the pseudo-random number sequence, so that it is possible to obtain a ciphertext in which the characteristics resulting from the transposition processing are eliminated.
特に、 転置規則 (3 ) によれば、 転置処理の対象となる各交換位置のビット長 が、 疑似乱数に応じて変化するため、 転置処理が多様化し、 より一層暗号強度を 高めることができる。 次に、 本発明にかかる秘匿通信システムの第 5の実施形態について説明する。 この第 5の実施形態は、 暗号化手段 1 3が、 平文の各ブロックに対し、 下記の 転置規則 (4 ) に基づく転置処理によって暗文化を行うものである。  In particular, according to the transposition rule (3), the bit length of each exchange position to be transposed changes according to the pseudo-random number, so that the transposition process can be diversified and the encryption strength can be further increased. Next, a fifth embodiment of the secret communication system according to the present invention will be described. In the fifth embodiment, the encryption means 13 performs a dark culture on each block of plaintext by a transposition process based on the following transposition rule (4).
( 4 ) 疑似乱数列を 2進数値列とし、 この疑似乱数列で連続する 1に対応する ピット位置をそれぞれ一群の交換位置として特定し、 隣り合う交換位置同士を群 単位で交換する。 第 1 4図は、 この転置規則(4 )による転置処理の具体例を示す説明図である。 上記転置規則 (4 ) に基づいて、 第 1 4図の疑似乱数列を先頭ビットから順に解 釈していけば、 ビット位置 0〜2は 1が連続している。 このため、 ビット位置 0 〜2は、 同図でひとまとまりに囲っているように、 一群の交換位置として特定さ れる。 つづいて、 疑似乱数列のビット位置 5は 1である。 このため、 ビット位置 5が次の交換位置として特定される。 そして、 平文のビット列において、 これら ビット位置 0〜2の S。〜S 2と、 ビット位置 5の S 5力 群単位で交換される。 さらに、 疑似乱数列のビット位置 7およびビット位置 1 0は 1である。 このた め、 これらビット位置 7およびビット位置 1 0は、 それぞれ交換位置として特定 される。 そして、 平文のビット列において、 これらビット位置 7の S 7とビット 位置 1 0の S i。とが交換される。 (4) The pseudo-random number sequence is converted into a binary value sequence, and the pit positions corresponding to consecutive 1s are specified as a group of exchange positions in the pseudo-random number sequence, and adjacent exchange positions are exchanged in group units. FIG. 14 is an explanatory diagram showing a specific example of the transposition process based on the transposition rule (4). If the pseudo-random number sequence shown in FIG. 14 is interpreted in order from the first bit based on the transposition rule (4), bit positions 0 to 2 are consecutive. For this reason, bit positions 0 to 2 are specified as a group of exchange positions, as enclosed in FIG. Subsequently, bit position 5 of the pseudo-random number sequence is 1. Thus, bit position 5 is specified as the next exchange position. Then, in the bit string of the plaintext, these S at bit positions 0 to 2 are set. ~ S 2 and S 5 at bit position 5 are swapped in units. Further, bit positions 7 and 10 of the pseudo random number sequence are 1. Therefore, bit position 7 and bit position 10 are each specified as an exchange position. Then, in the plaintext bit string, S 7 at bit position 7 and S i at bit position 10. Is exchanged.
このような転置規則 (4 ) によっても、 平文のビット列における交換位置は疑 似乱数列に応じて変化するため、 転置処理に起因する特徴が排除された暗文を得 ることができる。  Even according to the transposition rule (4), the exchange position in the bit string of the plaintext changes according to the pseudo-random number sequence, so that it is possible to obtain a ciphertext in which the characteristics due to the transposition process are eliminated.
特に、 転置規則 (4 ) によれば、 転置処理の対象となる各交換位置のビット長 が、 疑似乱数に応じて変化するため、 転置処理が多様化し、 より一層暗号強度を 高めることができる。 次に、 本発明にかかる秘匿通信システムの第 6の実施形態について説明する。 この第 6の実施形態は、 平文の各ブロックに対し、 下記の転置規則 (5 ) に基 づく転置処理によって暗文化を行うものである。  In particular, according to the transposition rule (4), the bit length of each exchange position to be transposed changes according to the pseudorandom number, so that the transposition process can be diversified and the encryption strength can be further increased. Next, a sixth embodiment of the secret communication system according to the present invention will be described. In the sixth embodiment, a dark culture is performed on each block of plain text by a transposition process based on the following transposition rule (5).
( 5 ) 疑似乱数列の各乱数値を平文のビット列のビッ卜長未満の 0を含む整数 値とし、 この疑似乱数列の先頭から 2個ずつの各乱数値にそれぞれ対応するビッ ト位置を平文のビット列における交換位置の組として特定し、 各交換位置同士の ビッ卜値を交換する。  (5) Each random value of the pseudo-random number sequence is an integer value including 0 that is less than the bit length of the plain-text bit sequence, and the bit positions corresponding to each of the two random numbers from the beginning of the pseudo-random number sequence are written in plain text. It is specified as a set of exchange positions in the bit sequence of, and the bit value of each exchange position is exchanged.
第 1 5図は、 この転置規則 (5 ) による転置処理を行うために用いられる疑似 乱数列の具体例を示す説明図である。 この実施形態では、 平文をビット位置 0〜 6 3の 6 4ビット長からなるブロックとして扱うものとし、 これに応じて、 疑似 乱数列の各乱数値は 0〜6 3の整数値のいずれかをとる。 疑似乱数列の各乱数値 は、 平文のビット列における交換位置のビット位置を示す。 そして、 疑似乱数列 の先頭から 2個ずつの各乱数値が示すビット位置を交換位置の組とし、 疑似乱数 列の m個目までの乱数値を平文の第 1ブロックの転置処理に用いる。 FIG. 15 is an explanatory diagram showing a specific example of a pseudo-random number sequence used for performing transposition processing according to the transposition rule (5). In this embodiment, the plaintext is treated as a block having a length of 64 bits at bit positions 0 to 63, and accordingly, each random value of the pseudo-random number sequence is one of integer values of 0 to 63. Take. Each random value of the pseudo-random number sequence Indicates the bit position of the exchange position in the plaintext bit string. Then, the bit positions indicated by each of the two random numbers from the beginning of the pseudo-random number sequence are used as a set of exchange positions, and the m-th random number value of the pseudo-random number sequence is used for transposing the first block of the plaintext.
第 1 6図は、 この転置規則(5 )による転置処理の具体例を示す説明図であり、 第 1 5図の疑似乱数列によって特定される第 1番目の交換位置の組の交換 (転置 処理) を行う様子を示している。 すなわち、 第 1 5図の疑似乱数列では、 第 1の 乱数値が 6、 第 2の乱数値が 1 8であるから、 ビット位置 6とビット位置 1 8が 交換位置の組として特定される。 このため、 平文のビット列において、 ビット位 置 6の S 6と、 ビット位置 1 8の S i 8のビット値が交換される。 FIG. 16 is an explanatory diagram showing a specific example of the transposition processing according to the transposition rule (5). The exchange of the first set of exchange positions specified by the pseudo-random number sequence in FIG. ) Is shown. That is, in the pseudo-random number sequence shown in FIG. 15, since the first random value is 6 and the second random value is 18, bit position 6 and bit position 18 are specified as a pair of exchange positions. Therefore, in the plaintext bit string, the bit value of S 6 at bit position 6 and the bit value of S i 8 at bit position 18 are exchanged.
以下、 疑似乱数列の先頭から m番目までの各乱数値について、 同様の操作を行 うことにより、 第 1のブロックについての暗文が作成される。 なお、 第 2ブロッ クは疑似乱数列の m + l〜 2 m番目の各乱数値を用いて、 第 3ブロック以下も同 様にして順次暗号化していけばよい。  Hereinafter, the same operation is performed for each of the m-th random number values from the beginning of the pseudo-random number sequence, thereby generating a cryptogram for the first block. The second block may be sequentially encrypted in the same manner for the third and subsequent blocks using the m + 1 to 2m-th random numbers of the pseudo-random sequence.
このような転置規則 (5 ) によっても、 平文のビット列における交換位置は疑 似乱数列に応じて変化するため、 転置処理に起因する特徴が排除された喑文を得 ることができる。  Even according to the transposition rule (5), the exchange position in the bit string of the plaintext changes according to the pseudo-random number sequence, so that it is possible to obtain a sentence in which the characteristics resulting from the transposition process are eliminated.
特に、 転置規則 (5 ) によれば、 平文のビット列のなかで互いに離れたビット 位置同士を交換位置の組とすることが容易であるため、 転置処理が多様化し、 よ り一層暗号強度を高めることができる。 以上、 本発明を実施形態に即して説明したが、 本発明にかかる秘匿通信システ ムは、 上記実施形態に限定されるものではなく、 以下のように構成してもよい。  In particular, according to the transposition rule (5), it is easy to set bit positions apart from each other in the plaintext bit string as a set of exchange positions, so that the transposition process is diversified and the encryption strength is further increased. be able to. As described above, the present invention has been described with reference to the embodiment. However, the confidential communication system according to the present invention is not limited to the above embodiment, and may be configured as follows.
( 1 ) 上記実施形態においては、 転置規則 (1 ) 〜 (5 ) を挙げたが、 転置規 則はこれらに限定されない。 すなわち、 疑似乱数列に基づいて、 平文のビット列 に対し、 複数の交換位置を一意に特定できる規則であれば、 任意の転置規則を採 用することができる。  (1) In the above embodiment, the transposition rules (1) to (5) are described, but the transposition rule is not limited to these. That is, any transposition rule can be adopted as long as a plurality of exchange positions can be uniquely specified for a plaintext bit string based on a pseudo-random number sequence.
( 2 ) 上記実施形態においては、 平文を所定ビット長のブロックに分割してか ら暗号化処理を行ったが、 このようなブロック化は必ずしも行う必要はなく、 平 文のビット列の先頭ビットから順次暗号化してもよい。 ( 3 ) 上記実施形態においては、 鍵情報として、 M系列の生成手順を特定する フィードバック指定係数 A Q〜A kおよび乱数初期値を用いたが、 疑似乱数列を特 定できる情報であれば、 任意の情報を用いることができる。 (2) In the above embodiment, the plaintext is divided into blocks of a predetermined bit length before the encryption process is performed. However, such blocking is not necessarily performed, and starting from the first bit of the plaintext bit string. You may encrypt sequentially. (3) In the above embodiment, as the key information, the feedback specification coefficients A Q to A k and the random number initial value that specify the procedure for generating the M sequence are used.However, if the information can specify the pseudo-random number sequence, Any information can be used.
( 4 ) 上記実施形態においては、 送信側装置 1 0および受信側装置 2 0が備え る疑似乱数列生成手段 1 1, 2 1をともに同一の構成からなる装置としたが、 鍵 情報に基づいて同一の疑似乱数を生成できるものであれば、 任意の構成の疑似乱 数生成手段 1 1, 2 1を用いることができる。  (4) In the above embodiment, the pseudo random number sequence generating means 11 and 21 included in the transmitting device 10 and the receiving device 20 are devices having the same configuration, but based on the key information. As long as the same pseudorandom numbers can be generated, pseudorandom number generation means 11 and 21 having an arbitrary configuration can be used.
産業上の利用可能性 以上のように本発明によれば、 ネットワークを介してデ一夕を秘匿状態で送受 する秘匿通信システムとして、 疑似乱数列に応じて平文のビット列に対して転置 処理を行うことにより、 転置処理に起因する特徴を排除したシステムを提供する ことができる。 INDUSTRIAL APPLICABILITY As described above, according to the present invention, a transposition process is performed on a plaintext bit string according to a pseudo-random number sequence as a secret communication system that transmits and receives data over a network in a secret state. As a result, it is possible to provide a system that eliminates characteristics caused by the transposition process.

Claims

請求の範囲 The scope of the claims
1 . デ一夕を秘匿状態として通信を行う秘匿通信システムであって、 送信側は、 1. A confidential communication system that performs communication in a concealed state,
所定の鍵情報に基づいて疑似乱数列を生成する疑似乱数列生成手段と、 生成された疑似乱数列および予め設定された所定の転置規則に基づいて、 平文 のビット列に対して複数の交換位置を特定し、 これら複数の交換位置の間で互い の値を交換する転置処理を行うことにより、 前記平文から暗文を作成する暗号化 手段と、  Pseudo-random number sequence generating means for generating a pseudo-random number sequence based on predetermined key information; and a plurality of exchange positions for a plaintext bit sequence based on the generated pseudo-random number sequence and a predetermined transposition rule set in advance. Encrypting means for generating a ciphertext from the plaintext by performing a transposition process of identifying and exchanging values between the plurality of exchange positions;
前記暗文を送信する送信手段と、 を備え、  Transmitting means for transmitting the cryptogram,
受信側は、  The receiving side
前記暗文を受信する受信手段と、  Receiving means for receiving the ciphertext;
前記所定の鍵情報に基づいて前記送信側の疑似乱数列生成手段と同一の疑似乱 数列を生成する疑似乱数列生成手段と、  Pseudo-random number sequence generation means for generating the same pseudo-random number sequence as the pseudo-random number sequence generation means on the transmitting side based on the predetermined key information;
生成された疑似乱数列および前記転置規則に基づいて、 受信した暗文を復号化 する復号化手段と、 を備えたことを特徴とする秘匿通信システム。  A secret communication system, comprising: decoding means for decoding a received cipher text based on the generated pseudo-random number sequence and the transposition rule.
2 . デ一夕を秘匿状態として通信を行う秘匿通信システムに用いられる送信側 装置であって、 2. A transmitting-side device used in a confidential communication system that performs communication in a secret state,
所定の鍵情報に基づいて疑似乱数列を生成する疑似乱数列生成手段と、 生成された疑似乱数列および予め設定された所定の転置規則に基づいて、 平文 のビット列に対して複数の交換位置を特定し、 これら複数の交換位置の間で互い の値を交換する転置処理を行うことにより、 前記平文から暗文を作成する暗号化 手段と、  Pseudo-random number sequence generating means for generating a pseudo-random number sequence based on predetermined key information; and a plurality of exchange positions for a plaintext bit sequence based on the generated pseudo-random number sequence and a predetermined transposition rule set in advance. Encrypting means for generating a ciphertext from the plaintext by performing a transposition process of identifying and exchanging values between the plurality of exchange positions;
前記暗文を受信側装置に送信する送信手段と、 を備えたことを特徴とする秘匿 通信システムの送信側装置。  A transmission unit for transmitting the ciphertext to a reception-side device; and a transmission-side device for a secret communication system.
3 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 前記所定の鍵情報は、 疑似乱数列の生成手順を特定する情報を含む秘匿通信シ ステムの送信側装置。 3. The transmission-side apparatus for a confidential communication system according to claim 2, wherein the predetermined key information is a confidential communication system including information for specifying a pseudo-random number sequence generation procedure. The transmitting device of the stem.
4 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 前記所定の鍵情報は、 疑似乱数列の初期値を示す情報を含む秘匿通信システム の送信側装置。 4. The transmitting device of the confidential communication system according to claim 2, wherein the predetermined key information includes information indicating an initial value of a pseudo-random number sequence.
5 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 前記暗号化手段は、 異なる疑似乱数列を用いて、 前記転置処理を所定回数繰り 返し行う秘匿通信システムの送信側装置。 5. The transmitting device of the confidential communication system according to claim 2, wherein the encrypting means repeats the transposition process a predetermined number of times using a different pseudo-random number sequence.
6 . 請求の範囲第 5項記載の秘匿通信システムの送信側装置において、 前記異なる疑似乱数列は、 一連の疑似乱数列の異なる部分である秘匿通信シス テムの送信側装置。 6. The transmitting device of a confidential communication system according to claim 5, wherein the different pseudo-random number sequence is a different part of a series of pseudo-random number sequences.
7 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 前記転置処理は、 疑似乱数列に応じて、 平文のビット列に対して互いの値を交 換する交換位置の組を特定し、 各交換位置の組ごとに互いの値を交換するもので ある秘匿通信システムの送信側装置。 7. The transmitting device of a confidential communication system according to claim 2, wherein the transposing process specifies a set of exchange positions at which values are exchanged with respect to a plaintext bit sequence according to a pseudo-random number sequence. A transmitting-side device of a confidential communication system for exchanging values for each set of exchange positions.
8 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 前記交換位置は、すべて同一ビット長からなる秘匿通信システムの送信側装置。 8. The transmitting device of a confidential communication system according to claim 2, wherein all the exchange positions have the same bit length.
9 . 請求の範囲第 8項記載の秘匿通信システムの送信側装置において、 前記交換位置は、 すべて 1ビット長である秘匿通信システムの送信側装置。 9. The transmitting device of a confidential communication system according to claim 8, wherein the exchange positions are all 1-bit length.
1 0 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 前記交換位置は、 そのビット長が可変である秘匿通信システムの送信側装置。 10. The transmitting device of the confidential communication system according to claim 2, wherein the exchange position has a variable bit length.
1 1 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 前記転置処理は、 平文のビッ卜列と 2進数値の疑似乱数列とを先頭ビットから 1対 1で対応させ、 疑似乱数列に予め設定された所定の特徴が認められるビッ卜 位置に対応する平文のビット位置を、 前記交換位置として特定するものである秘 匿通信システムの送信側装置。 11. The transmitting device of the confidential communication system according to claim 2, The transposition process associates a plaintext bit string with a binary-valued pseudo-random number sequence on a one-to-one basis from the first bit, and corresponds to a bit position where a predetermined feature set in the pseudo-random number sequence is recognized. A transmitting-side device of a secret communication system for specifying a bit position of a plaintext as the exchange position.
1 2 . 請求の範囲第 2項記載の秘匿通信システムの送信側装置において、 平文のビット列を所定ビット長のブロックに分割するプロック作成手段をさら に備え、 前記暗号化手段は、 各ブロック内で前記転置処理を行うものである秘匿 通信システムの送信側装置。 12. The transmitting device of the confidential communication system according to claim 2, further comprising a block creating unit that divides a plaintext bit string into blocks having a predetermined bit length, wherein the encrypting unit includes: A transmitting-side device of a secret communication system that performs the transposition process.
1 3 . データを秘匿状態として通信を行う秘匿通信システムに用いられる送信 側装置としてコンピュー夕を動作させるためのプログラムが記録されたコンビュ 一夕読取り可能な記録媒体であつて、 1 3. A computer-readable recording medium in which a program for operating a computer is recorded as a transmission-side device used in a secure communication system that communicates in a confidential state.
所定の鍵情報に基づいて疑似乱数列を生成する疑似乱数列生成機能と、 生成された疑似乱数列および予め設定された所定の転置規則に基づいて、 平文 のビット列に対して複数の交換位置を特定し、 これら複数の交換位置の間で互い の値を交換する転置処理を行うことにより、 前記平文から暗文を作成する暗号化 機能と、 をコンピュータに実現させるためのプログラムを記録したコンピュータ 読取り可能な記録媒体。  A pseudo-random number sequence generation function for generating a pseudo-random number sequence based on predetermined key information; and a plurality of exchange positions for a plaintext bit sequence based on the generated pseudo-random number sequence and a predetermined transposition rule set in advance. By performing a transposition process of identifying and exchanging values between the plurality of exchange positions, an encryption function of creating a ciphertext from the plaintext, and a computer-readable program recording a program for realizing Possible recording medium.
PCT/JP2000/002554 1999-04-19 2000-04-19 Encrypted communication system WO2000064096A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP14700799 1999-04-19
JP11/147007 1999-04-19

Publications (1)

Publication Number Publication Date
WO2000064096A1 true WO2000064096A1 (en) 2000-10-26

Family

ID=15420461

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2000/002554 WO2000064096A1 (en) 1999-04-19 2000-04-19 Encrypted communication system

Country Status (1)

Country Link
WO (1) WO2000064096A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1193666A1 (en) * 1999-01-28 2002-04-03 Yutaka Yasukura Method for securing safety of electronic information
WO2007032070A1 (en) * 2005-09-14 2007-03-22 Future Technology Institute Corporation Data protection processing method, its device, data processing device, and circuit device
CN117459322A (en) * 2023-12-22 2024-01-26 济南工程职业技术学院 Computer software data encryption method based on Internet of things

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0486135A (en) * 1990-07-30 1992-03-18 Sharp Corp Privacy call device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0486135A (en) * 1990-07-30 1992-03-18 Sharp Corp Privacy call device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
STINSON D R, KYORITSU SHUPPAN, XX, XX, 1 January 1996 (1996-01-01), XX, pages 21 - 24, XP002946680 *
STINSON D R, KYORITSU SHUPPAN, XX, XX, 1 January 1996 (1996-01-01), XX, pages 69 - 72, XP002946681 *
STINSON D R, SAKURAI K: "ANGO RIRON NO KISO", KYORITSU SHUPPAN, XX, XX, 1 January 1996 (1996-01-01), XX, pages 19/20, XP002946679 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1193666A1 (en) * 1999-01-28 2002-04-03 Yutaka Yasukura Method for securing safety of electronic information
EP1193666A4 (en) * 1999-01-28 2004-03-10 Yutaka Yasukura Method for securing safety of electronic information
US6957349B1 (en) 1999-01-28 2005-10-18 Yutaka Yasukura Method for securing safety of electronic information
WO2007032070A1 (en) * 2005-09-14 2007-03-22 Future Technology Institute Corporation Data protection processing method, its device, data processing device, and circuit device
CN117459322A (en) * 2023-12-22 2024-01-26 济南工程职业技术学院 Computer software data encryption method based on Internet of things
CN117459322B (en) * 2023-12-22 2024-03-08 济南工程职业技术学院 Computer software data encryption method based on Internet of things

Similar Documents

Publication Publication Date Title
JP3188940B2 (en) Encryption system
JP4735644B2 (en) Message authentication apparatus, message authentication method, message authentication program and recording medium thereof
KR100657062B1 (en) Method for encrypting information and device for realization of the method
US7221756B2 (en) Constructions of variable input length cryptographic primitives for high efficiency and high security
EP2197144A1 (en) Methods and devices for a chained encryption mode
JP5141558B2 (en) Common key block encryption apparatus, method thereof, program thereof, and recording medium
JPWO2009020060A1 (en) Common key block encryption apparatus, common key block encryption method, and program
AU2003273688B2 (en) Method of generating a stream cipher using multiple keys
JPH0863097A (en) Method and system for symmetric encoding for encoding of data
JP4860708B2 (en) Stream cipher method and cipher system
US8122075B2 (en) Pseudorandom number generator and encryption device using the same
JP2000511755A (en) How to encrypt binary code information
Robshaw Block ciphers
CN102713994B (en) Encryption device
US6301361B1 (en) Encoding and decoding information using randomization with an alphabet of high dimensionality
WO2000064096A1 (en) Encrypted communication system
JP3358954B2 (en) Pseudo-random bit string generator and cryptographic communication method using the same
JP3358953B2 (en) Pseudo-random bit string generator and cryptographic communication method using the same
JPH1117673A (en) Common key encryption communication method and its communication network
WO2022096141A1 (en) Method for processing encrypted data
JP3154991B2 (en) Cryptographic processing device, cryptographic processing method, and storage medium storing cryptographic processing program
Hassan et al. NETWORK SECURITY BY BLOCK CIPHERS
RU2701128C1 (en) Binary information encryption method
WO2009081975A1 (en) Encryption device, decryption device, encryption method, decryption method, and program
JP3748184B2 (en) Secret communication device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 09719707

Country of ref document: US

122 Ep: pct application non-entry in european phase