WO2010095662A1 - Encoding device, decoding device, transmission system, encoding method, decoding method, program - Google Patents

Encoding device, decoding device, transmission system, encoding method, decoding method, program Download PDF

Info

Publication number
WO2010095662A1
WO2010095662A1 PCT/JP2010/052373 JP2010052373W WO2010095662A1 WO 2010095662 A1 WO2010095662 A1 WO 2010095662A1 JP 2010052373 W JP2010052373 W JP 2010052373W WO 2010095662 A1 WO2010095662 A1 WO 2010095662A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
information
message information
data
channel
Prior art date
Application number
PCT/JP2010/052373
Other languages
French (fr)
Japanese (ja)
Inventor
俊則 荒木
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to JP2011500635A priority Critical patent/JPWO2010095662A1/en
Publication of WO2010095662A1 publication Critical patent/WO2010095662A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H03ELECTRONIC CIRCUITRY
    • H03MCODING; DECODING; CODE CONVERSION IN GENERAL
    • H03M13/00Coding, decoding or code conversion, for error detection or error correction; Coding theory basic assumptions; Coding bounds; Error probability evaluation methods; Channel models; Simulation or testing of codes
    • H03M13/03Error detection or forward error correction by redundancy in data representation, i.e. code words containing more digits than the source words
    • H03M13/05Error detection or forward error correction by redundancy in data representation, i.e. code words containing more digits than the source words using block codes, i.e. a predetermined number of check bits joined to a predetermined number of information bits
    • H03M13/13Linear codes
    • H03M13/15Cyclic codes, i.e. cyclic shifts of codewords produce other codewords, e.g. codes defined by a generator polynomial, Bose-Chaudhuri-Hocquenghem [BCH] codes
    • H03M13/151Cyclic codes, i.e. cyclic shifts of codewords produce other codewords, e.g. codes defined by a generator polynomial, Bose-Chaudhuri-Hocquenghem [BCH] codes using error location or error correction polynomials
    • H03M13/1515Reed-Solomon codes
    • HELECTRICITY
    • H03ELECTRONIC CIRCUITRY
    • H03MCODING; DECODING; CODE CONVERSION IN GENERAL
    • H03M13/00Coding, decoding or code conversion, for error detection or error correction; Coding theory basic assumptions; Coding bounds; Error probability evaluation methods; Channel models; Simulation or testing of codes
    • H03M13/35Unequal or adaptive error protection, e.g. by providing a different level of protection according to significance of source information or by adapting the coding according to the change of transmission channel characteristics
    • H03M13/353Adaptation to the channel

Definitions

  • the present invention relates to an encoding device, a decoding device, a transmission system, an encoding method, a decoding method, a program, and a recording medium, and in particular, an encoding device, a decoding device, and a transmission system that reduce the size of data that flows through each channel.
  • the present invention relates to an encoding method, a decoding method, and a program.
  • Patent Documents 1 and 2 There are various methods for transmitting a message via a network (see Patent Documents 1 and 2). Such a method requires (1) a function that can send a message with sufficient accuracy even if there is a slight failure in the network. In addition, various functions are added depending on the application. In particular, (2) a function for not knowing what is being sent to the eavesdropper is also important.
  • Function 1 Information that flows through up to t channels can be falsified, and the receiver can receive messages sent from the transmitter with an overwhelming probability even if an unauthorized person exists.
  • Function 2 Information that flows through up to t channels can be falsified, and even if there is an unauthorized person who can know, the unauthorized person cannot estimate any message sent by the transmitting device. It is a function.
  • the t channels are channels assumed as channels that can be used by an unauthorized person to falsify information, and the number of channels, t, is the number of assumed illegal channels in the following description. Call it.
  • the operation of the transmission system shown in FIG. 8 has two phases. That is, a transmission phase in which a message is encoded and the encoded message is transmitted through channels 300-1 to 300-n, and a reception phase in which an encoded message received from channels 300-1 to 300-n is decoded. There is.
  • the transmission apparatus 100 operates in the transmission phase
  • the reception apparatus 200 operates in the reception phase.
  • Non-Patent Document 1 As a method of encoding and transmitting a message and receiving and decoding the transmitted message, there is a method disclosed in Non-Patent Document 1.
  • the method shown in Non-Patent Document 1 is a method of encoding a message into n codewords, and information about the message cannot be obtained from t or less encoded messages in the transmission phase.
  • a message encoded using a method capable of correcting the error even if there is an error in t data or less is transmitted one by one from each channel, and in the reception phase, the transmission phase is determined from the codeword of the received message.
  • the message is restored using a decoding method corresponding to the encoding method used in FIG.
  • Non-Patent Document 1 when a message is selected from elements of a set with the number of elements p, data transmitted through each channel is an element of the set with the number of elements p [1 / (n ⁇ 3t)] .
  • the number of elements n is the number of channels for transmitting data
  • t is the number of channels that an unauthorized person can tamper with information.
  • the method disclosed in Non-Patent Document 1 has an advantage that the message reception failure probability is 0, but has a problem that the capacity (size) of data transmitted through the channel increases.
  • Non-Patent Document 2 As a technique for solving the problem regarding the data capacity in Non-Patent Document 1, there is a method shown in Non-Patent Document 2.
  • the method according to Non-Patent Document 2 can be said to be a method intended to reduce the size of data flowing through a channel instead of allowing a failure of data reception with a small probability.
  • the operation of the message transmission system according to Non-Patent Document 2 has two phases. That is, the two phases are a transmission phase in which a message is encoded and the encoded message is transmitted through a channel, and a reception phase in which an encoded message received from the channel is decoded.
  • the configuration of the message transmission system according to Non-Patent Document 2 will be described with reference to FIGS.
  • the transmission device 100 in the message transmission system according to Non-Patent Document 2 includes a message encoding unit 101 and an illegal channel specifying information generation unit 102.
  • the receiving apparatus 200 is connected to the transmitting apparatus 100 through channels 300-1 to 300-n, and includes a message decoding unit 201 and an unauthorized channel specifying unit 202.
  • the message encoding unit 101 shown in FIG. 9 includes an assumed number t of unauthorized channels assumed as the number of channels by which unauthorized persons tamper information, and the number n of channels set for transmitting data. Is input (step A1 in FIG. 11).
  • the message encoding unit 101 generates n encoded message information V1 to Vn by executing message encoding processing using the message s, the assumed illegal channel number t, and the channel number n. Then, the message information V1 to Vn is input to the channels 300-1 to 300-n and the illegal channel specifying information generation unit 102 (step A2 in FIG. 11).
  • the unauthorized channel specifying information generating unit 102 receives the message information V1 to Vn, the number of assumed unauthorized persons t and the number of channels that have been input. n is used to generate illegal channel specifying information A1 to An corresponding to each of the message information V1 to Vn, and the generated illegal channel specifying data A1 to An are assigned to channels 300-1 to 300-n. Input (step A3 in FIG. 11).
  • the receiving apparatus 200 includes message information V1 to Vn encoded by the message encoding unit 101, illegal channel specifying data A1 to An generated by the illegal channel specifying information generating unit 102, and The information of the assumed illegal channel number t and the channel number n input to the message encoding unit 101 is input (step B1 in FIG. 12).
  • the unauthorized channel specifying unit 202 of the receiving device 200 reads the message information V1 to Vn from the channels 300-1 to 300-n (Step B2 in FIG. 12), and the message information V1 to Vn and the unauthorized channel specifying data.
  • A1 to An are used to identify message information V1 to Vn-1 or Vn that has been tampered with when transmitted through channels 300-1 to 300-n.
  • the unauthorized channel specifying unit 202 When tampering is detected, the unauthorized channel specifying unit 202 generates a set L whose elements are identifiers indicating the channels 300-1 to 300-n in which the tampering has been performed (step B3 in FIG. 121). The set L is input to the message decryption unit 201. If no alteration is detected, the unauthorized channel identification unit 202 inputs an empty set indicating that no alteration has been performed on the channels 300-1 to 300-n to the message decoding unit 201.
  • the message decoding unit 201 receives the message information V1 to Vn from the channels 300-1 to 300-n, and the channels 300-1 to 300-n-1 that are not included in the set L input from the unauthorized channel specifying unit 202. Alternatively, it is checked whether the message information V1 to Vn-1 or Vn transmitted through 300-n are all codewords of the same message. More specifically, when the set L includes, for example, channels 300-1 to 300-50, the message decoding unit 201 uses other channels, that is, channels 300-51 to 300-51 to which are not included in the set L. For example, it is checked whether the message information V51 to Vn transmitted through 300-n are all codewords of the same message (step B4 in FIG. 12).
  • the message decoding unit 201 determines that the codewords are the same message, the message decoding unit 201 outputs a message obtained from the codeword (step B5 in FIG. 12). When the message decoding unit 201 determines that they are not codewords of the same message, the message decoding unit 201 outputs a symbol indicating that reception of the message information V1 to Vn has failed (step B6 in FIG. 12).
  • each channel 300-1 to 300-n-1 or Data transmitted through 300-n is an element of a set of approximately the number of elements p [1 / (n-2t)] + 1 / ⁇ .
  • the method according to Non-Patent Document 2 is a method of encoding a message into n pieces of data as shown in FIGS.
  • the following method is adopted as the encoding method. That is, in the encoding method, information about data cannot be obtained from t or less encoded data, and the original n data can be decoded even if t or less tampered data exists.
  • encoding is performed in such a way that it can be checked whether the codewords of n ⁇ t + 1 or more messages are all codewords of the same message.
  • the n ⁇ t + 1 number indicates the number obtained by subtracting the assumed number of illegal channels t assumed to receive information tampering from the number n of all channels and adding one to the subtracted value.
  • the message is encoded into n pieces of data, and these data are transmitted one by one through each channel.
  • Non-Patent Document 2 n illegally encoded message specifying data A1 to An are generated corresponding to n pieces of data, and these illegally encoded message specifying data A1 to An are generated as described above.
  • the data for specifying an illegally encoded message is data for enabling detection of t or less errors in the codeword of the message even if an error due to tampering occurs in t or less data. .
  • the codewords of all messages are checked for errors and then determined to be error-free. Check that all of the codewords in the message are codewords of the same message, if all are codewords of the same message, decode the message from the codewords, otherwise, in some form Outputs that message reception has failed.
  • Non-Patent Document 2 the data transmitted through each of the channels 300-1 to 300-n is an element of a set of about the number of elements p [1 / n-2t] + 1 / ⁇ .
  • a message codeword (message information V1 to Vn) is an element of a set having the number of elements p [1 / n-2t] , and illegal message specifying data A1 to data for detecting an error in the codeword of this message.
  • An is an element of a set having the number of elements 1 / ⁇ .
  • a message is output when all message information from channels not included in the set L is the same message codeword as described above (step B5 in FIG. 12), and only one message is output. If the codeword of the wrong message passes through the error detection process using the illegally encoded message specifying data, the message reception process fails (step B6 in FIG. 12). Therefore, in the method of Non-Patent Document 2, a set of about 1 / ⁇ is required as a set of data for specifying illegally encoded messages so that even a single erroneous data does not pass through the detection process. .
  • Non-Patent Document 2 As the capacity of the message information V1 to Vn is reduced, the capacity of the illegally encoded message specifying data A1 to An is increased, and as a result, the channels 300-1 to 300- There is a limit to reducing the amount of information transmitted through 300-n.
  • Non-Patent Document 2 when an element of a set having the number of elements p is sent as a message, the codeword of the message has a size of the number of elements p [1 / n ⁇ 2t] .
  • the larger the number of channels n the smaller the value of the number of elements, but the degree of decrease in the number of elements p when the number of channels increases by one decreases. For example, even if the number of channels is increased by 1, the degree of reduction in the number of elements p is limited to a degree of reduction that is a fraction of 1 / ⁇ .
  • Non-Patent Document 2 has a problem that the size of data flowing through the channel is large and there is a limit in reducing the size.
  • the encoding apparatus is a code that outputs n message m codewords and n illegal codeword specifying data, where t is the number of assumed illegal channels and ⁇ is an acceptable message reception failure probability.
  • represents the bit length of m
  • Each of the above is processed so as to have a different value on the finite field, and an illegal codeword specifying data generating means for generating the output when the processed value is input in correspondence with the code
  • the decoding device includes a codeword of a message that is an output of the encoding device according to the present invention, illegal codeword specifying data, the number of channels n, an assumed number of illegal channels t, an adjustment parameter s, , And outputs a message, the Reed-Solomon error correction process is performed on the incorrect codeword specifying data, and these are generated from the incorrect codeword specifying data after the correction process t Perform a restoration process of the second order polynomial, process the t-order polynomial restored for the codewords of all messages in the same way as the processing performed by the encoder, and convert the processed value to the t-order polynomial.
  • the transmission system according to the present invention is the above-described encoding apparatus according to the present invention, the encoding apparatus having a process for transmitting the output thereof, and the above-described present invention having a process for receiving the output of the encoding apparatus. And a decoding device according to the above.
  • the encoding method according to the present invention is a code that outputs a codeword of n messages m and n illegal codeword specific data, where t is the number of assumed illegal channels and ⁇ is an acceptable message reception failure probability.
  • represents the bit length of m
  • / (t + 1-s) + Generates an adjustment parameter s that minimizes (log1 / ⁇ ) / s, and generates an n- (t + s + 1) -degree polynomial F over a finite field with embedded messages.
  • N points are generated as codewords of the message, and a t-order polynomial G on the finite field is generated using the codeword of the message as an input, and each of the codewords of the message generated in G has a different value on the finite field.
  • the output when the processed value is input is generated as illegal codeword specifying data in correspondence with the codeword of the message.
  • a decoding method includes a codeword of a message that is an output of the encoding method according to the present invention, illegal codeword specifying data, the number of channels n, an assumed number of illegal channels t, an adjustment parameter s, , And outputs a message, the Reed-Solomon error correction process is performed on the incorrect codeword specifying data, and these are generated from the incorrect codeword specifying data after the correction process.
  • Perform a restoration process of the second order polynomial process the t-order polynomial restored for the codewords of all messages in the same way as the processing performed by the encoder, and convert the processed value to the t-order polynomial.
  • the encoding program according to the present invention is a code that outputs codewords of n messages m and n illegal codeword specifying data, where t is the number of assumed illegal channels and ⁇ is an acceptable message reception failure probability.
  • represents the bit length of m
  • a decoding program includes a codeword of a message that is an output of the encoding device according to claim 1, illegal codeword specifying data, the number of channels n, an assumed number of illegal channels t, and an adjustment parameter s. And a message that outputs a message, the Reed-Solomon error correction process is performed on the incorrect codeword specifying data, and these are generated from the incorrect codeword specifying data after the correction process.
  • a t-order polynomial that has been restored to the t-order polynomial that has been restored to the code word of all messages by the same method as the processing performed by the encoding device, and that has been restored to the t-order polynomial that has been restored by the t-order polynomial.
  • the recording medium according to the present invention is a computer-readable recording medium for recording the processing of the program according to the present invention.
  • the present invention it is possible to reduce the size of the data that flows through each channel, on the balance between the degree that the capacity of the message information is reduced and the degree that the illegal channel specifying data is increased.
  • the embodiment of the present invention is a scheme intended to reduce the size of data flowing through a channel, instead of allowing a failure to receive data with a small probability, for transmitting message information V1 to Vn.
  • the following is a specific example of a method related to a case where the relationship between the number of all channels n and the number of assumed illegal channels t, which is the number of channels assumed to cause tampering on the channel, satisfies n ⁇ 3t + 1. explain.
  • the number of all channels for transmitting the message information V1 to Vn is expressed as n
  • the assumed number of illegal channels assumed that tampering or the like may occur on the channel is expressed as t.
  • a transmission message (a message composed of two or more message information V1 to Vn) is expressed as m
  • an acceptable message reception failure probability is expressed as ⁇ .
  • the term “tamper” refers not only to the case where an unauthorized person intentionally falsifies, but also due to some factor in the process in which the message information V1 to Vn is transmitted on the channels 300-1 to 300-n. This includes cases where the message information V1 to Vv has been altered to an illegal one.
  • the assumed number of illegal channels t means the upper limit of the number of assumed illegal channels that are assumed to be falsified on the channels 300-1 to 300-n.
  • the degree to which the capacity of the message information V1 to Vn decreases is small.
  • the adjustment parameter s which is a coefficient that increases the degree of increase in the unauthorized channel specifying data A1 to An, is selected, and the message information V1 to Vn is transmitted from the message m based on the encoding method that takes into account the selected adjustment parameter s. Is generated and transmitted.
  • information on the message m cannot be obtained from t or less encoded message information V1 to Vn-1 or Vn, and t + s or less encoded message information V1 to Vn-1 or Vn. Even if the message is falsified, the message m composed of n pieces of message information V1 to Vn can be decoded, and s or less errors among the code words (message information V1 to Vn) of nt or more messages Code words (message information V1 to Vn) of n messages that can be corrected, and the n message information V1 to Vn are transmitted.
  • the encoding method may generate code words (messages) of the n messages even if there are errors in t message information V1 to Vn-1 or Vn when generating the message information V1 to Vn.
  • code words messages
  • the encoding method may generate code words (messages) of the n messages even if there are errors in t message information V1 to Vn-1 or Vn when generating the message information V1 to Vn.
  • n pieces of illegally encoded message specifying data capable of detecting t errors or less are generated, and the n pieces of illegally encoded message specifying data A1 to An are transmitted.
  • the transmission apparatus 400 includes an adjustment parameter generation unit 401, a message encoding unit 402, and illegal channel identification information generation as shown in FIG. Part 403.
  • the assumed number of illegal channels assumed that information may be falsified on channels 300-1 to 300-n is t, and the allowable message reception failure rate is ⁇ .
  • the allowable message reception failure rate is ⁇ .
  • the adjustment parameter generation unit 401 receives the message m, the assumed number of illegal channels t, the number n of channels, and the allowable message reception failure rate ⁇ , and the degree of reduction in the capacity of the message information V1 to Vn is small.
  • the adjustment parameter s which is a coefficient that increases the degree of increase in the illegal channel specifying data A1 to An, is selected, and the selected adjustment parameter s is output to the message encoding unit 402.
  • the adjustment parameter generation unit 401 selects the following equation as an example.
  • the following equation is expressed as follows.
  • means the bit length of the message m selected from the elements of the set having the number p of elements.
  • n is the total number of channels for transmitting the message information V1 to Vn.
  • t is an assumed number of illegal channels assumed that tampering or the like may occur on the channel.
  • is an acceptable message reception failure rate.
  • the adjustment parameter generation unit 401 receives the message m, the assumed number of illegal channels t, the number of channels n, and the allowable message reception failure rate ⁇ , and
  • the adjustment parameter s that minimizes ⁇ s) + log (1 / ⁇ ) / s is selected, and the selected adjustment parameter s is output to the message encoding unit 402.
  • the above formula is used when selecting the adjustment parameter s.
  • the degree to which the capacity of the message information V1 to Vn decreases is small and the degree to which the illegal channel specifying data A1 to An increases. Any expression other than the above expression may be used as long as the adjustment parameter s, which is a coefficient that increases, can be selected.
  • the message encoding unit 402 receives the information of the message m, the number of all channels n, the assumed number of illegal channels t, and the adjustment parameter s, and based on the encoding method considering the adjustment parameter s.
  • the message information V1 to Vn is generated from the message m, and these message information V1 to Vn are transmitted to the channels 300-1 to 300-n and the illegal channel specifying information generating unit 403.
  • Non-Patent Document 3 As the encoding method, the method shown in Non-Patent Document 3 can be cited.
  • the encoding method according to Non-Patent Document 3 is called the (a, b, c) threshold encoding method.
  • This encoding method encodes message m into distributed information in which c messages are distributed.
  • the secret information regarding the distribution of the message m into c pieces can be completely restored based on any a or more pieces of shared information, but the information about the secret information can be completely restored based on up to ab pieces of shared information. It has the characteristic that it cannot be obtained. Therefore, even if up to ab shared information is stolen, the secret information is not leaked, and the secret information can be restored even if up to ca shared information is destroyed.
  • Non-Patent Document 3 a codeword that is distributedly encoded based on the (a, b, c) threshold method is used for Reed-Solomon error correction processing, and a + 2y or more. In the codeword, y or less errors can be corrected.
  • the value of the adjustment parameter s is used as the y, and a, b, and c, which are the threshold values of Non-Patent Document 3, are replaced with the number of all channels n, the number of assumed illegal channels t, and the adjustment parameter s.
  • encoding is performed using the (a, b, c) threshold method of Non-Patent Document 3.
  • the points on the generated polynomial F are generated as n pieces of message information V1 to Vn which are message codewords.
  • the message encoding unit 402 transmits the generated n pieces of message information V1 to Vn to the channels 300-1 to 300-n and the illegal channel specifying information generating unit 403.
  • Non-Patent Document 3 when the data that encodes the message m is message information V1 to Vn, the message information V1 to Vn is used as input and t on a finite field is input. An order polynomial G is generated, the generated t-order polynomial G is processed so that the message information V1 to Vn have different values on a finite field, and the message information is converted into the processed t-order polynomial G.
  • V1 to Vn are input as the illegally encoded message specifying data A1 to An, t or less errors in the n pieces of message information V1 to Vn are corrected by the Reed-Solomon error correction process.
  • Non-Patent Document 4 It is known that detection and correction are possible (Non-Patent Document 4). Further, the t-order polynomial G can be restored based on the data for specifying the illegally encoded message A1 to An, and by checking the consistency with the values when the message information V1 to Vn is input to the t-order polynomial G. It is known that tampering of up to t message information V1 to Vn can be detected (Non-patent Document 2).
  • the illegal channel specifying information generating unit 403 in this embodiment receives the message information V1 to Vn from the message encoding unit 402, the assumed illegal channel number t, and the channel number n, and receives a finite field in which the message m is embedded.
  • the above t-order polynomial G is generated, the t-order polynomial G is processed so that the message information V1 to Vn have different values on the finite field, and the message information V1 is converted into the t-order polynomial after the processing.
  • Outputs when .about.Vn are inputted are illegally encoded message specifying data A1 to An, and the illegally encoded message specifying data A1 to An are generated in correspondence with the message information V1 to Vn.
  • the illegally encoded message specifying data A1 corresponds to the message information V1.
  • the illegally encoded message specifying data An corresponds to the message information Vn.
  • the illegal channel specifying information generating unit 403 outputs the generated illegal encoded message specifying data A1 to An to the channels 300-1 to 300-n.
  • the message transmission system receives message information from the channels 300-1 to 300-n in the reception phase for decoding the message information V1 to Vn received from two or more channels 300-1 to 300-n.
  • Each message information is received by receiving V1 to Vn and the corresponding illegally encoded message specifying data A1 to An and using the message information V1 to Vn and the illegally encoded message specifying data A1 to An. It is determined whether or not V1 to Vn are falsified illegal message information, error correction processing is performed on the message information that is not determined to be illegal message information, and the message is decoded from the corrected message information To do.
  • the receiving device 500 for executing the reception phase in the message transmission system includes an encoded message error correction unit 501 and an illegal channel specifying unit 502 as shown in FIG.
  • the illegal channel specifying unit 502 receives illegal encoded message specifying data A1 to An and message information V1 to Vn from the channels 300-1 to 300-n in addition to the assumed illegal channel number t and channel number n. Then, error correction processing is performed on the received illegally encoded message specifying data A1 to An, and the incorrect channel specifying information generating unit 403 generates based on the incorrect encoded message specifying data after the correction processing.
  • the t-order polynomial G is restored, and the t-order polynomial G restored for all the message information V1 to Vn is processed by the same method as the processing performed by the unauthorized channel specifying information generation unit 403,
  • the values obtained by inputting the message information V1 to Vn to the t-order polynomial are not corresponding to the message information V1 to Vn before processing. It is determined whether it is equal to the correct encoded message specifying data A1 to An, and a list of all equal encoded message specifying data A1 to An-2 or An that are equal is output as a set L.
  • the encoded message error correction unit 501 receives the set L from the illegal channel specifying unit 502 in addition to the assumed illegal channel number t and the channel number n, and message information V1 to Vn from the channels 300-1 to 300-n. And error correction processing is performed on the message information V1 to Vn-1 or Vn corresponding to the illegally encoded message specifying data A1 to An-1 or An not included in the set L, and the message information after the correction processing is performed.
  • the n- (t + s + 1) degree polynomial F generated by the message encoding unit 402 based on the above is restored, and from this polynomial F, the message encoding unit 402 corresponds to a method of embedding message information V1 to Vn in a finite field. The message is extracted and output by this method.
  • the adjustment parameter generation unit 401 receives the message m, the assumed illegal channel number t, the channel number n, and the allowable message reception failure rate ⁇ (step C1 in FIG. 4), and the capacity of the message information V1 to Vn.
  • the adjustment parameter s which is a coefficient that increases the degree of increase of the unauthorized channel specifying data A1 to An, is selected (step C2 in FIG. 4), and the selected adjustment parameter s is encoded with the message.
  • the illegal channel specifying information generating unit 403 in this embodiment receives the message information V1 to Vn from the message encoding unit 402, the assumed illegal channel number t, and the channel number n, and receives a finite field in which the message m is embedded.
  • the above t-order polynomial G is generated, the t-order polynomial G is processed so that the message information V1 to Vn have different values on the finite field, and the message information V1 is converted into the t-order polynomial after the processing.
  • Outputs when .about.Vn are input are illegally encoded message specifying data A1 to An, and the illegally encoded message specifying data A1 to An are generated in correspondence with the message information V1 to Vn (step C4 in FIG. 4). )
  • the unauthorized channel identifying unit 502 receives the unauthorized encoded message identifying data A1 to An and the message information V1 to Vn from the channels 300-1 to 300-n in addition to the assumed unauthorized channel number t and the channel number n ( Steps D1 and D2) of FIG. 5 perform error correction processing on the received illegally encoded message specifying data A1 to An, and based on the incorrect encoded message specifying data after the correction processing, the illegal channel
  • the same method as the processing performed by the unauthorized channel specifying information generating unit 403 is performed on the t order polynomial G recovered by performing restoration processing of the t order polynomial G generated by the specific information generating unit 403 and restoring all the message information V1 to Vn.
  • the value obtained by inputting the message information V1 to Vn into the t-order polynomial after processing is the message information before processing. It is determined whether or not the data V1 to Vn corresponding to the illegally encoded message specifying data A1 to An is equal, and a list of all equal message information V1 to Vn is output as a set L (step D3 in FIG. 5).
  • the encoded message error correction unit 501 receives the set L from the illegal channel specifying unit 502 in addition to the assumed illegal channel number t and the channel number n, and message information V1 to Vn from the channels 300-1 to 300-n. And performs error correction processing on the message information V1 to Vn-1 or Vn corresponding to the illegally encoded message specifying data A1 to An-1 or An not included in the set L (step D4 in FIG. 5).
  • the message encoding unit 402 converts the message information V1 to Vn to finite A message is extracted and output by a method corresponding to the method embedded in the body (step D5 in FIG. 5).
  • the embodiment of the present invention by adjusting the message encoding method using the adjustment parameter s, for example, up to s pieces of erroneous data are errors due to illegally encoded message specifying data. Even if the detection process is passed, it is possible to correct s or less errors in the codeword of the message. Therefore, the reception of the message is successful as long as at least s + 1 erroneous data does not pass through the error detection process using the illegally encoded message specifying data. Therefore, the data transmitted through each channel can be reduced in the case where the size of the codeword of the message is hardly reduced when the number of channels is increased.
  • the probability that one erroneous data passes through the error detection process is ⁇
  • the probability that s + 1 data passes through the error detection process is about ⁇ [s] .
  • the bit length is 1 / s.
  • n channels are used.
  • the assumed number of illegal channels represents the maximum number that allows tampering and eavesdropping on n sets of information generated by the transmission device.
  • the adjustment parameter s may be input with a value calculated beforehand.
  • the assumed number of illegal channels means the upper limit number of assumed illegal channels. According to the message transmission system of this embodiment, the number of encoded message information up to the assumed number of channels has been altered.
  • the encoded message information can be specified.
  • the transmission apparatus 400 shown in FIG. 1 and the reception apparatus 500 shown in FIG. 2 in the message transmission system according to the embodiment of the present invention are constructed as hardware, but the present invention is not limited to this.
  • the adjustment parameter generation unit 401, the message encoding unit 402, and the illegal channel identification information generation unit 403 of the transmission apparatus 400 illustrated in FIG. 1 may be configured on software by causing a computer to execute an encoding program. It is.
  • the encoded message error correcting unit 501 and the illegal channel specifying unit 502 of the receiving apparatus 500 shown in FIG. 2 may be constructed on software by causing a computer to execute a decoding program.
  • the encoding program and the decoding program are recorded on a recording medium and are subject to commercial transactions.
  • An example of the computer is shown in FIG.
  • the processing device 10 executes predetermined processing according to a program.
  • the input device 20 is an input device used for inputting commands and information to the processing device 10.
  • the output device 30 is an output device for monitoring the processing result of the processing device 10.
  • the processing device 10 includes a CPU (Central Processing Unit) 11, a main storage unit 12, a recording medium 13, a data storage unit 14, a memory control interface unit 15, and an I / O interface unit 16. Are connected to each other.
  • CPU Central Processing Unit
  • the CPU 11 is a processor that executes a program.
  • the main storage unit 12 temporarily stores information necessary for the processing of the CPU 11.
  • the recording medium 13 stores a program for the CPU 11 to execute.
  • the data storage unit 14 stores secret information and access structure data.
  • the memory control interface unit 15 is an interface device that controls writing and reading of data in the main storage unit 12, the recording medium 13, or the data storage unit 14.
  • I The / O interface unit 16 is an interface device that controls data input / output with the input device 20 and the output device 30. Using this interface device, data is transmitted and received using the channel 300.
  • the recording medium 13 is a magnetic disk, a semiconductor memory, an optical disk, or other recording medium.
  • n ⁇ 3t + 1 holds between the number of channels n and the assumed number of illegal channels t
  • p is a prime power
  • it may be a prime number itself.
  • the finite field GF (p [N] ) represents an Nth-order extension field of the finite field with respect to the power p of the prime number.
  • the adjustment parameter generation unit 401 of the transmission apparatus 400 in the message transmission system according to the embodiment of the present invention has a value that minimizes
  • the adjustment parameter s is selected, and the adjustment parameter s is input to the message encoding unit 402. Further, the adjustment parameter generation unit 401 transmits the adjustment parameter s to the receiving device 500 through the channels 300-1 to 300-n.
  • the transmitter 100 is inputted with information of a message m, an assumed number of unauthorized persons t, an adjustment parameter s, and the number of all channels n.
  • the message m which is an element of GF (p [n-2ts-s] ), has (m, 0,... M [n-2ts-s-1] ) as a sequence of the elements of GF (p). It can be expressed as follows.
  • the message encoding unit 402 of the transmitting apparatus 400 has coefficients (m, 0,... M [n ⁇ 2t ⁇ s] from the constant term on GF (p) to the n ⁇ 2t ⁇ s ⁇ 1 order term. ⁇ 1] ) is randomly generated as an n ⁇ (t + s + 1) degree polynomial. This polynomial is denoted as fm (x). However, x is 1 to n. In this case, n corresponds to the total number of channels n.
  • the message encoding unit 402 embeds the message m in a coefficient
  • the message m embedding method may be any method as long as the message can be extracted from a polynomial.
  • a method of embedding the message m at n-2ts points on the polynomial may be used.
  • the message information (V1, Vn) Vi generated as described above is based on the existing (a, b, c) threshold method described in Non-Patent Document 3. This corresponds to the secret information that is distributed and encoded. Also, the message information encoded at this time is an element of the data set GF (p), but the number of erroneous values corresponding to the adjustment parameter s is included in the n ⁇ t + s encoded message information V1 to Vn. Even if included, the error can be corrected by Reed-Solomon error correction processing.
  • FIG. 6 is a block diagram showing more specifically the configuration of the unauthorized channel specifying information generating unit 403 shown in FIG. As illustrated in FIG. 6, the unauthorized channel identification information generation unit 403 includes an encoded message information conversion unit 601, an RS information source generation unit 602, and an RS codeword generation unit 603.
  • the RS information source generation unit 602 generates random data e0, e1,..., Et on the finite field GF (q), and outputs the generated data to the RS codeword generation unit 603.
  • the acquired message information A1, A2,..., An is a Reed-Solomon error correction code using the outputs e0, e1,. It is a code word.
  • n ⁇ 3t + 1 from the premise, t errors included in the illegally encoded message specifying data A1 to An (Ai) are corrected, and the original information sources e0, e1,. It is possible.
  • the t number corresponds to the assumed number t of illegal channels.
  • the illegal channel specifying unit 502 includes an RS error correction unit 701 and an illegal channel set output unit 702 as shown in FIG.
  • the same original information sources e0, e1,..., Et as those generated by the RS information source generation unit 602 of the unauthorized channel specifying information generation unit 403 are restored, and the restored information sources are output to the unauthorized channel set.
  • an existing method may be used as the Reed-Solomon error correction process.
  • An example of existing Reed-Solomon error correction processing is the Bale Kamp method.
  • a set L that lists .about.tn-2 or tn is sent to the encoded message error correction unit 501.
  • ⁇ used in the equation of FIG. 6 means ⁇ multiplication.
  • the encoded message error correction unit 501 acquires the set L from the illegal channel specifying unit 702, and message information V1 to Vn-2 corresponding to the assumed illegal channels t1 to tn-2 or tn not included in the set L. Alternatively, Reed-Solomon error correction processing is executed for Vn, and message information V1 to Vn-2 or Vn embedded in the encoded message after error correction is output.
  • the encoded message error correction unit 501 performs the Reed-Solomon error correction process on the encoded message information V1 to Vn (Vi) in which no error is detected in the Reed-Solomon error correction process by the unauthorized channel specifying unit 502, The message m embedded in the encoded message information V1 to Vn after the correction process is output.
  • the values obtained by substitution are used as the illegally encoded message specifying data A1 to An (Ai) for the message information V1 to Vn (Vi).
  • the size of the encoded message information is p
  • the size of the set combining the sizes of the message information V1 to Vn and the sizes of the illegally encoded message specifying data A1 to Ant is p ⁇ q.
  • This process may be performed by any method as long as the message information V1 to Vn are input to the t-order polynomial so as to be processed to have different values on the finite field used by the t-order polynomial. .
  • the probability that unauthorized message information V1 to Vn-2 or Vn is not detected by the unauthorized channel specifying unit 502 is approximately 1 / q.
  • the probability that correct message information V1 to Vn-2 or Vn can be received is approximately 1-1 / q s . Therefore, the probability of failing to receive the message information V1 to Vn-2 or Vn is ⁇ , and when the message information V1 to Vn-2 or Vn is selected from the set of the number of elements p, it is transmitted through the channels 300-1 to 300-n.
  • the data to be processed are elements of a set of approximately the number of elements p [1 / (n ⁇ 2t ⁇ s) + [1 / ⁇ ] [1 / s] .
  • Non-Patent Document 2 When the method described in Non-Patent Document 2 is used, data transmitted through each channel is an element of a set of approximately the number of elements p [1 / (n-2t)] + 1 / ⁇ .
  • p and ⁇ the size of data transmitted through each channel of the present embodiment is reduced as compared with the method described in Non-Patent Document 2.
  • Reed-Solomon error correction processing is used as a method for correcting an error in data for specifying an illegally encoded message.
  • other methods may be used as long as the error can be reliably corrected. Good.
  • n message information can be decoded, and n ⁇ t or more message information (message codewords) Can decode n message information (message codeword) from 2t + 1 or more message information (message codeword) so that s or less errors can be corrected.
  • a message is generated by using a message codeword and illegally encoded message specifying data for a transmission device that generates and transmits data for use, a codeword of the received message, and an illegally encoded message specifying data corresponding thereto.
  • a receiving device that determines whether each of the codewords is fraudulent, performs error correction processing on the codeword of the message that has been determined to be fraudulent, and decodes the message from the codeword of the corrected message is used As a result, even if n channels are used and information flowing through t channels is tampered with, the message can be efficiently and accurately transmitted.
  • a transmission system capable of transmitting a signal can be provided.
  • the program for the CPU to execute the processing shown in the flowcharts of the drawings constitutes a program according to the present invention.
  • a recording medium for recording the program a semiconductor storage unit, an optical and / or magnetic storage unit, or the like can be used.

Landscapes

  • Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Detection And Prevention Of Errors In Transmission (AREA)
  • Error Detection And Correction (AREA)

Abstract

Disclosed is a method whereby data size is reduced when a message is encoded and transmitted through channels. Said method comprises an adjustment parameter generation means, which selects an adjustment parameter, which is a coefficient that reduces the degree to which the capacity for pieces of message information decreases and increases the degree to which data for determining improper channels increases; a message encoding means, which generates at least two pieces of message information from the message based on an encoding procedure that takes the adjustment parameter into consideration; and a means for generating data for determining improper code words, which generates a t-degree polynomial over a finite field where the t-degree polynomial contains the message, processes the t-degree polynomial such that the pieces of message information result in differing values over the finite field, and generates data for determining improper encoded messages corresponding to the pieces of message information, where the output resulting from inputting the pieces of message information into the processed t-degree polynomial is the data for determining improper encoded messages.

Description

符号化装置、復号化装置、伝送システム、符号化方法、復号化方法、プログラムEncoding device, decoding device, transmission system, encoding method, decoding method, program
 本発明は、符号化装置、復号化装置、伝送システム、符号化方法、復号化方法、プログラム及び記録媒体に関し、特に各チャンネルを通して流すデータのサイズを小さくする符号化装置、復号化装置、伝送システム、符号化方法、復号化方法、プログラムに関する。 The present invention relates to an encoding device, a decoding device, a transmission system, an encoding method, a decoding method, a program, and a recording medium, and in particular, an encoding device, a decoding device, and a transmission system that reduce the size of data that flows through each channel. The present invention relates to an encoding method, a decoding method, and a program.
 ネットワークを介してメッセージを伝送する方法は様々ある(特許文献1、2参照)。このような方法には、ネットワークに少しの障害があっても、(1)十分な正確さでメッセージを送ることができるような機能が求められる。また、用途に応じて様々な機能が付加されており、特に、(2)盗聴者に何を送っているか知られないための機能も重要である。 There are various methods for transmitting a message via a network (see Patent Documents 1 and 2). Such a method requires (1) a function that can send a message with sufficient accuracy even if there is a slight failure in the network. In addition, various functions are added depending on the application. In particular, (2) a function for not knowing what is being sent to the eavesdropper is also important.
 前述の(1)(2)の2つの機能を持っているメッセージ伝送方法を実施する伝送システムは図8に示す様に、送信装置100と、受信装置200と、これらの装置100と200との間に配置された複数のチャンネル300-1=300-nとを有している。なお、図8に示す例では、送信装置100と受信装置200との間にn本のチャンネル300-1~300-nを配置している。 As shown in FIG. 8, a transmission system that implements the message transmission method having the two functions (1) and (2) described above includes a transmission device 100, a reception device 200, and these devices 100 and 200. And a plurality of channels 300-1 = 300-n arranged therebetween. In the example shown in FIG. 8, n channels 300-1 to 300-n are arranged between the transmission device 100 and the reception device 200.
 上述した(1)及び(2)の機能を具体的に説明すると、次の様になる。すなわち、
 機能1:t本までのチャンネルを流れる情報を改ざんすることができ、知ることができる不正者が存在しても、受信装置は圧倒的確率で送信装置の送ったメッセージを受信できること。
 機能2:t本までのチャンネルを流れる情報を改ざんすることができ、知ることができる不正者が存在しても、不正者は送信装置の送ったメッセージを一切推定することができないこと。
 という機能である。上述した様に、前記t本のチャンネルとは、不正者が情報を改竄などすることが可能なチャンネルとして想定したチャンネルであって、そのチャンネル数であるtを以下の説明では想定不正チャンネル数と称す。 The functions (1) and (2) described above will be specifically described as follows. That is,
Function 1: Information that flows through up to t channels can be falsified, and the receiver can receive messages sent from the transmitter with an overwhelming probability even if an unauthorized person exists.
Function 2: Information that flows through up to t channels can be falsified, and even if there is an unauthorized person who can know, the unauthorized person cannot estimate any message sent by the transmitting device.
It is a function. As described above, the t channels are channels assumed as channels that can be used by an unauthorized person to falsify information, and the number of channels, t, is the number of assumed illegal channels in the following description. Call it.
 図8に示す伝送システムの動作には、2つのフェーズがある。すなわち、メッセージを符号化し、その符号化したメッセージをチャンネル300-1~300-nにより送信する送信フェーズと、チャンネル300-1~300-nから受信した符号化されたメッセージを復号化する受信フェーズとがある。
 前記送信フェーズでは送信装置100が動作し、前記受信フェーズでは受信装置200が動作する。 The operation of the transmission system shown in FIG. 8 has two phases. That is, a transmission phase in which a message is encoded and the encoded message is transmitted through channels 300-1 to 300-n, and a reception phase in which an encoded message received from channels 300-1 to 300-n is decoded. There is.
The transmission apparatus 100 operates in the transmission phase, and the reception apparatus 200 operates in the reception phase.
 図8において、メッセージを符号化して送信し、その送信されたメッセージを受信して復号化する方法としては、非特許文献1に示された方法がある。
 非特許文献1に示された方式は、メッセージをn個の符号語に符号化する方式であって、送信フェーズにおいて、t個以下の符号化されたメッセージからメッセージに関する情報が得られず、そのうちt個以下のデータに誤りがあってもその誤りを修正できるような方法を用いて符号化したメッセージを各チャンネルより1つずつ送信し、受信フェーズにおいて、受信したメッセージの符号語から前記送信フェーズで用いた符号化方法に対応する復号化方法を用いてメッセージを復元するものである。
 非特許文献1の方式では、メッセージが要素数pの集合の要素から選ばれる場合、各チャンネルを通して送信するデータは要素数p[1/(n-3t)]の集合の要素となる。なお、要素数のnは、データを送信するためのチャンネル数であり、tは、不正者が情報を改竄などすることが可能なチャンネル数である。
 非特許文献1に示された方式では、メッセージの受信失敗確率が0であるという利点があるが、チャンネルを通して伝送されるデータの容量(サイズ)が大きくなるという課題がある。 In FIG. 8, as a method of encoding and transmitting a message and receiving and decoding the transmitted message, there is a method disclosed in Non-Patent Document 1.
The method shown in Non-Patent Document 1 is a method of encoding a message into n codewords, and information about the message cannot be obtained from t or less encoded messages in the transmission phase. A message encoded using a method capable of correcting the error even if there is an error in t data or less is transmitted one by one from each channel, and in the reception phase, the transmission phase is determined from the codeword of the received message. The message is restored using a decoding method corresponding to the encoding method used in FIG.
In the method of Non-Patent Document 1, when a message is selected from elements of a set with the number of elements p, data transmitted through each channel is an element of the set with the number of elements p [1 / (n−3t)] . Note that the number of elements n is the number of channels for transmitting data, and t is the number of channels that an unauthorized person can tamper with information.
The method disclosed in Non-Patent Document 1 has an advantage that the message reception failure probability is 0, but has a problem that the capacity (size) of data transmitted through the channel increases.
 非特許文献1におけるデータの容量についての課題を解決する技術として非特許文献2に示された方式がある。
 非特許文献2に係る方式は、小さな確率の下にデータの受信の失敗を許す代わりに、チャンネルを通して流すデータのサイズを削減することを意図した方式であるといえる。 As a technique for solving the problem regarding the data capacity in Non-Patent Document 1, there is a method shown in Non-Patent Document 2.
The method according to Non-Patent Document 2 can be said to be a method intended to reduce the size of data flowing through a channel instead of allowing a failure of data reception with a small probability.
 非特許文献2に係るメッセージ伝送システムの動作には2つのフェーズがある。すなわち、前記2つのフェーズは、メッセージを符号化し、その符号化したメッセージをチャンネルにより送信する送信フェーズと、前記チャンネルから受信した符号化されたメッセージを復号化する受信フェーズとである。非特許文献2に係るメッセージ伝送システムの構成を図9及び図10に基づいて説明する。 The operation of the message transmission system according to Non-Patent Document 2 has two phases. That is, the two phases are a transmission phase in which a message is encoded and the encoded message is transmitted through a channel, and a reception phase in which an encoded message received from the channel is decoded. The configuration of the message transmission system according to Non-Patent Document 2 will be described with reference to FIGS.
 非特許文献2に係るメッセージ伝送システムにおける送信装置100は図9に示す様に、メッセージ符号化部101と、不正チャンネル特定情報生成部102とを有している。また、受信装置200は、前記送信装置100にチャンネル300-1~300-nにより接続されており、メッセージ復号部201と、不正チャンネル特定部202とを有している。 As shown in FIG. 9, the transmission device 100 in the message transmission system according to Non-Patent Document 2 includes a message encoding unit 101 and an illegal channel specifying information generation unit 102. The receiving apparatus 200 is connected to the transmitting apparatus 100 through channels 300-1 to 300-n, and includes a message decoding unit 201 and an unauthorized channel specifying unit 202.
 図9に示すメッセージ符号化部101には、メッセージsに加えて、不正者が情報を改竄などするチャンネル数として想定した想定不正チャンネル数tと、データを伝送するために設定したチャンネル数nとの情報が入力される(図11のステップA1)。
 前記メッセージ符号化部101は、前記メッセージs、前記想定不正チャンネル数t及び前記チャンネル数nを用いてメッセージ符号化の処理を実行することにより、n個の符号化したメッセージ情報V1~Vnを生成し、それらのメッセージ情報V1~Vnをチャンネル300-1~300-nと、不正チャンネル特定情報生成部102とに入力する(図11のステップA2)。
 図9に示す不正チャンネル特定情報生成部102には、不正者が情報を改竄などするチャンネル数として想定した想定不正チャンネル数tと、データを伝送するために設定したチャンネル数nとの情報が入力されている。前記不正チャンネル特定情報生成部102は、前記メッセージ符号化部101から前記メッセージ情報V1~Vnを受け取ると、それらのメッセージ情報V1~Vnと、入力されている前記想定不正者数tおよび前記チャンネル数nとを用いることにより、前記メッセージ情報V1~Vnのそれぞれに対応した不正チャンネル特定情報A1~Anを生成し、その生成した不正チャンネル特定用データA1~Anをチャンネル300-1~300-nに入力する(図11のステップA3)。 In addition to the message s, the message encoding unit 101 shown in FIG. 9 includes an assumed number t of unauthorized channels assumed as the number of channels by which unauthorized persons tamper information, and the number n of channels set for transmitting data. Is input (step A1 in FIG. 11).
The message encoding unit 101 generates n encoded message information V1 to Vn by executing message encoding processing using the message s, the assumed illegal channel number t, and the channel number n. Then, the message information V1 to Vn is input to the channels 300-1 to 300-n and the illegal channel specifying information generation unit 102 (step A2 in FIG. 11).
The illegal channel identification information generation unit 102 shown in FIG. 9 receives information on the assumed number of illegal channels t assumed as the number of channels that an unauthorized person has tampered with information and the number of channels n set for transmitting data. Has been. Upon receiving the message information V1 to Vn from the message encoding unit 101, the unauthorized channel specifying information generating unit 102 receives the message information V1 to Vn, the number of assumed unauthorized persons t and the number of channels that have been input. n is used to generate illegal channel specifying information A1 to An corresponding to each of the message information V1 to Vn, and the generated illegal channel specifying data A1 to An are assigned to channels 300-1 to 300-n. Input (step A3 in FIG. 11).
 図10に示す様に、受信装置200には、前記メッセージ符号化部101が符号化したメッセージ情報V1~Vnと、前記不正チャンネル特定情報生成部102が生成した不正チャンネル特定用データA1~Anと、前記メッセージ符号化部101に入力される前記想定不正チャンネル数tと前記チャンネル数nとの情報が入力される(図12のステップB1)。 As shown in FIG. 10, the receiving apparatus 200 includes message information V1 to Vn encoded by the message encoding unit 101, illegal channel specifying data A1 to An generated by the illegal channel specifying information generating unit 102, and The information of the assumed illegal channel number t and the channel number n input to the message encoding unit 101 is input (step B1 in FIG. 12).
 前記受信装置200の不正チャンネル特定部202は、前記メッセージ情報V1~Vnをチャンネル300-1~300-nから読み出し(図12のステップB2)、そのメッセージ情報V1~Vnと前記不正チャンネル特定用データA1~Anとを用いて、チャンネル300-1~300-nにより伝送される際に改竄されたメッセージ情報V1~Vn-1又はVnを特定する。
 前記不正チャンネル特定部202は、改竄が検出されれば、その改竄が行われたチャンネル300-1~300-nを指し示す識別子を要素とする集合Lを生成し(図121のステップB3)、その集合Lをメッセージ復号部201に入力する。前記不正チャンネル特定部202は、改竄が検出されなければ、チャンネル300-1~300-n上で改竄が行われなかったことを示す空集合をメッセージ復号部201に入力する。 The unauthorized channel specifying unit 202 of the receiving device 200 reads the message information V1 to Vn from the channels 300-1 to 300-n (Step B2 in FIG. 12), and the message information V1 to Vn and the unauthorized channel specifying data. A1 to An are used to identify message information V1 to Vn-1 or Vn that has been tampered with when transmitted through channels 300-1 to 300-n.
When tampering is detected, the unauthorized channel specifying unit 202 generates a set L whose elements are identifiers indicating the channels 300-1 to 300-n in which the tampering has been performed (step B3 in FIG. 121). The set L is input to the message decryption unit 201. If no alteration is detected, the unauthorized channel identification unit 202 inputs an empty set indicating that no alteration has been performed on the channels 300-1 to 300-n to the message decoding unit 201.
 メッセージ復号部201は、チャンネル300-1~300-nから前記メッセージ情報V1~Vnを受信し、不正チャンネル特定部202から入力する集合Lに含まれていないチャンネル300-1~300-n-1又は300-nを通して伝送された前記メッセージ情報V1~Vn-1又はVnがすべて同じメッセージの符号語であるか調べる。具体的に説明すると、前記メッセージ復号部201は、前記集合Lに例えばチャンネル300-1~300-50が含まれている場合、それ以外のチャンネル即ち集合Lに含まれていないチャンネル300-51~300-nを通して伝送された例えば前記メッセージ情報V51~Vnが全て同じメッセージの符号語であるかを調べる(図12のステップB4)。
 前記メッセージ復号部201は、同じメッセージの符号語であると判断した場合、符号語から得られたメッセージを出力する(図12のステップB5)。前記メッセージ復号部201は、同じメッセージの符号語でないと判断した場合、メッセージ情報V1~Vnの受信に失敗した旨を指し示す記号を出力する(図12のステップB6)。 The message decoding unit 201 receives the message information V1 to Vn from the channels 300-1 to 300-n, and the channels 300-1 to 300-n-1 that are not included in the set L input from the unauthorized channel specifying unit 202. Alternatively, it is checked whether the message information V1 to Vn-1 or Vn transmitted through 300-n are all codewords of the same message. More specifically, when the set L includes, for example, channels 300-1 to 300-50, the message decoding unit 201 uses other channels, that is, channels 300-51 to 300-51 to which are not included in the set L. For example, it is checked whether the message information V51 to Vn transmitted through 300-n are all codewords of the same message (step B4 in FIG. 12).
When the message decoding unit 201 determines that the codewords are the same message, the message decoding unit 201 outputs a message obtained from the codeword (step B5 in FIG. 12). When the message decoding unit 201 determines that they are not codewords of the same message, the message decoding unit 201 outputs a symbol indicating that reception of the message information V1 to Vn has failed (step B6 in FIG. 12).
特開平06-350528号公報Japanese Patent Laid-Open No. 06-350528 特開2002-530007号公報JP 2002-530007 A
 非特許文献2に係る方式を用いる場合、メッセージの受信を失敗する確率をδとすると、メッセージが要素数pの集合の要素から選ばれる場合に、各チャンネル300-1~300-n-1又は300-nを通して送信するデータは、およそ要素数p[1/(n-2t)]+1/δの集合の要素となる。
 非特許文献2に係る方式は図9~図12に示したように、メッセージをn個のデータに符号化する方式である。非特許文献2の送信方式では、その符号化方式に次の方式を採用している。すなわち、前記符号化方式は、t個以下の符号化されたデータからデータに関する情報が得られず、t個以下の改竄されたデータがあったとしても元のn個のデータを復号することができ、n-t+1個以上のメッセージの符号語がすべて同じメッセージの符号語であるかをチェックできるような方式で符号化するものである。前記n-t+1個は、全てのチャンネル数nから、情報の改竄を受けるとして想定した想定不正チャンネル数tを差し引き、その差し引いた値に1個を加算した個数を示している。前記送信方式では、前記符号化方式を採用する事により、前記メッセージをn個のデータに符号化して、これらのデータを各チャンネルにより1つずつ送信している。
 非特許文献2の送信方式では、さらに、n個のデータに対応させてn個の不正符号化メッセージ特定用データA1~Anを生成し、これらの不正符号化メッセージ特定用データA1~Anを前記データとともに各チャンネルに送信している。前記不正符号化メッセージ特定用データは、t個以下のデータに改竄による誤りが生じても、前記メッセージの符号語のうちt個以下の誤りを検出することができるようにするためのデータである。、
 非特許文献2の受信方式では、受信した複数の前記メッセージ及び前記不正符号化メッセージ特定用データを用い、すべてのメッセージの符号語について誤りの有無をチェックし、次に誤りが無いと判断されたメッセージの符号語のすべてが同じメッセージの符号語であるかをチェックし、すべてが同じメッセージの符号語であった場合、符号語よりメッセージを復号し、それ以外の場合、なんからかの形でメッセージの受信が失敗したことを表す出力を行う。 When the method according to Non-Patent Document 2 is used, if the probability of failure in receiving a message is δ, each channel 300-1 to 300-n-1 or Data transmitted through 300-n is an element of a set of approximately the number of elements p [1 / (n-2t)] + 1 / δ.
The method according to Non-Patent Document 2 is a method of encoding a message into n pieces of data as shown in FIGS. In the transmission method of Non-Patent Document 2, the following method is adopted as the encoding method. That is, in the encoding method, information about data cannot be obtained from t or less encoded data, and the original n data can be decoded even if t or less tampered data exists. In other words, encoding is performed in such a way that it can be checked whether the codewords of n−t + 1 or more messages are all codewords of the same message. The n−t + 1 number indicates the number obtained by subtracting the assumed number of illegal channels t assumed to receive information tampering from the number n of all channels and adding one to the subtracted value. In the transmission method, by adopting the encoding method, the message is encoded into n pieces of data, and these data are transmitted one by one through each channel.
In the transmission method of Non-Patent Document 2, n illegally encoded message specifying data A1 to An are generated corresponding to n pieces of data, and these illegally encoded message specifying data A1 to An are generated as described above. It is sent to each channel along with the data. The data for specifying an illegally encoded message is data for enabling detection of t or less errors in the codeword of the message even if an error due to tampering occurs in t or less data. . ,
In the reception method of Non-Patent Document 2, using the plurality of received messages and the data for specifying illegally encoded messages, the codewords of all messages are checked for errors and then determined to be error-free. Check that all of the codewords in the message are codewords of the same message, if all are codewords of the same message, decode the message from the codewords, otherwise, in some form Outputs that message reception has failed.
 非特許文献2の方式において、各チャンネル300-1~300-nを通して送信されるデータがおよそ要素数p[1/n-2t]+1/δの集合の要素となるとして記述したが、この内訳は、メッセージの符号語(メッセージ情報V1~Vn)が要素数p[1/n-2t]の集合の要素であり、このメッセージの符号語の誤りを検出するための不正メッセージ特定用データA1~Anが要素数1/δの集合の要素となっている。 In the method of Non-Patent Document 2, it has been described that the data transmitted through each of the channels 300-1 to 300-n is an element of a set of about the number of elements p [1 / n-2t] + 1 / δ. Is a message codeword (message information V1 to Vn) is an element of a set having the number of elements p [1 / n-2t] , and illegal message specifying data A1 to data for detecting an error in the codeword of this message. An is an element of a set having the number of elements 1 / δ.
 非特許文献2の方式においては、上述した様に集合Lに含まれないチャンネルからのメッセージ情報がすべて同じメッセージの符号語である場合にメッセージが出力され(図12のステップB5)、ただひとつでも誤ったメッセージの符号語が不正符号化メッセージ特定用データによる誤り検出処理を擦り抜けた場合、メッセージの受信処理が失敗する(図12のステップB6)。
 そのため、非特許文献2の方式では、ただひとつの誤ったデータであっても検出処理を通り抜けないように、不正符号化メッセージ特定用データの集合としておよそ1/δの集合が必要となっている。
 したがって、非特許文献2の方式では、メッセージ情報V1~Vnの容量を減らしたのに伴って、不正符号化メッセージ特定用データA1~Anの容量が増えてしまい、結果として、チャンネル300-1~300-nを通して伝送する情報量を減らすには限界がある。 In the method of Non-Patent Document 2, a message is output when all message information from channels not included in the set L is the same message codeword as described above (step B5 in FIG. 12), and only one message is output. If the codeword of the wrong message passes through the error detection process using the illegally encoded message specifying data, the message reception process fails (step B6 in FIG. 12).
Therefore, in the method of Non-Patent Document 2, a set of about 1 / δ is required as a set of data for specifying illegally encoded messages so that even a single erroneous data does not pass through the detection process. .
Therefore, in the method of Non-Patent Document 2, as the capacity of the message information V1 to Vn is reduced, the capacity of the illegally encoded message specifying data A1 to An is increased, and as a result, the channels 300-1 to 300- There is a limit to reducing the amount of information transmitted through 300-n.
 また、非特許文献2の方式では、要素数pの集合の要素をメッセージとして送る場合、メッセージの符号語は要素数p[1/n-2t]のサイズになる。非特許文献2の方式では、チャンネル数nが大きければ大きいほど前記要素数の値は小さくなるが、チャンネル数が1つ増えたときの要素数pの減少量の度合いが小さくなっていく。例えば、チャンネル数が1つ増えても、前記要素数pの減少量の度合いは、1/δの数分の一程度の減少度合いに止まるものである。 In the method of Non-Patent Document 2, when an element of a set having the number of elements p is sent as a message, the codeword of the message has a size of the number of elements p [1 / n−2t] . In the method of Non-Patent Document 2, the larger the number of channels n, the smaller the value of the number of elements, but the degree of decrease in the number of elements p when the number of channels increases by one decreases. For example, even if the number of channels is increased by 1, the degree of reduction in the number of elements p is limited to a degree of reduction that is a fraction of 1 / δ.
 以上の様に、非特許文献2に係るメッセージ伝送システムでは、チャンネルを通して流すデータのサイズが大きく、そのサイズを減少させるにも限界があるという課題がある。 As described above, the message transmission system according to Non-Patent Document 2 has a problem that the size of data flowing through the channel is large and there is a limit in reducing the size.
 本発明の目的はメッセージ伝送システムにおいて、各チャンネルを通して流すデータのサイズを小さくすることができる伝送方式などを提供することにある。 It is an object of the present invention to provide a transmission method that can reduce the size of data flowing through each channel in a message transmission system.
 本発明に係る符号化装置は、想定不正チャンネル数をtとし、許容可能なメッセージ受信失敗確率をδとして、n個のメッセージmの符号語と、n個の不正符号語特定データを出力する符号化装置であって、|m|はmのビット長を表すものとし、|m|/(t+1-s)
+ (log1/δ)/s が最小になるような調整パラメータsを生成する調整パラメータ生成手段と、メッセージが埋め込まれた有限体上のn-(t+s+1)次多項式Fを生成し、この多項式上の点をメッセージの符号語としてn個生成するメッセージ符号化手段と、前記メッセージの符号語を入力として有限体上のt次多項式Gを生成し、Gに生成したメッセージの符号語のそれぞれが有限体上で異なる値となるように加工し、加工後の値を入力したときの出力を不正符号語特定データとしてメッセージの符号語と対応させて生成する不正符号語特定データ生成手段と、を備えることを特徴とする。 The encoding apparatus according to the present invention is a code that outputs n message m codewords and n illegal codeword specifying data, where t is the number of assumed illegal channels and δ is an acceptable message reception failure probability. | M | represents the bit length of m, and | m | / (t + 1-s)
+ Adjustment parameter generation means for generating an adjustment parameter s that minimizes (log1 / δ) / s, and an n- (t + s + 1) degree polynomial F over a finite field in which the message is embedded A message encoding means for generating n points on the polynomial as a codeword of the message, and generating a t-order polynomial G on a finite field with the codeword of the message as an input, and the codeword of the message generated in G Each of the above is processed so as to have a different value on the finite field, and an illegal codeword specifying data generating means for generating the output when the processed value is input in correspondence with the codeword of the message as the illegal codeword specifying data And.
 本発明に係る復号化装置は、上記本発明に係る符号化装置の出力であるメッセージの符号語と、不正符号語特定用データとチャンネル数nと、想定不正チャンネル数tと、調整パラメータsと、を入力としてメッセージを出力する復号化装置であって、前記不正符号語特定データに対してリード・ソロモン誤り訂正処理を行い、訂正処理後の不正符号語特定データより、これらが生成されたt次多項式の復元処理を行い、すべてのメッセージの符号語について復元されたt次多項式に、前記符号化装置が行った加工と同じ方法で加工を行い、加工後の値を復元したt次多項式に入力した値が加工前のメッセージの符号語と対応する不正符号語特定データと等しいか判定し、等しかったすべてのメッセージの符号語のリストを出力する不正符号化メッセージ特定手段と、前記不正符号化メッセージ特定手段が出力したリストに含まれるメッセージの符号語にリード・ソロモン誤り訂正処理を行い、訂正処理後のメッセージの符号語からn-(t+s+1)次多項式を復元し、この多項式から前記符号化装置がメッセージを埋め込んだ方法と対応する方法でメッセージを抽出して出力する符号化メッセージ誤り訂正手段と、を備えることを特徴とする。 The decoding device according to the present invention includes a codeword of a message that is an output of the encoding device according to the present invention, illegal codeword specifying data, the number of channels n, an assumed number of illegal channels t, an adjustment parameter s, , And outputs a message, the Reed-Solomon error correction process is performed on the incorrect codeword specifying data, and these are generated from the incorrect codeword specifying data after the correction process t Perform a restoration process of the second order polynomial, process the t-order polynomial restored for the codewords of all messages in the same way as the processing performed by the encoder, and convert the processed value to the t-order polynomial. It is judged whether the input value is equal to the codeword specific data corresponding to the codeword of the message before processing, and an illegally encoded message that outputs a list of codewords of all equal messages. And a Reed-Solomon error correction process on the codewords of the messages included in the list output by the illegally encoded message specifying means, and n- (t + s + 1) It is characterized by comprising encoded message error correction means for restoring a degree polynomial and extracting and outputting a message from the polynomial by a method corresponding to a method in which the encoding device embeds a message.
 本発明に係る伝送システムは、上記本発明に係る符号化装置であって、その出力を送信する処理を備えた符号化装置と、前記符号化装置の出力を受信する処理を備えた上記本発明に係る復号化装置と、を備えることを特徴とする。 The transmission system according to the present invention is the above-described encoding apparatus according to the present invention, the encoding apparatus having a process for transmitting the output thereof, and the above-described present invention having a process for receiving the output of the encoding apparatus. And a decoding device according to the above.
 本発明に係る符号化方法は、想定不正チャンネル数をtとし、許容可能なメッセージ受信失敗確率をδとして、n個のメッセージmの符号語と、n個の不正符号語特定データを出力する符号化方法であって、|m|はmのビット長を表すものとし、|m|/(t+1-s)
+ (log1/δ)/s が最小になるような調整パラメータsを生成し、メッセージが埋め込まれた有限体上のn-(t+s+1)次多項式Fを生成し、この多項式上の点をメッセージの符号語としてn個生成し、前記メッセージの符号語を入力として有限体上のt次多項式Gを生成し、Gに生成したメッセージの符号語のそれぞれが有限体上で異なる値となるように加工し、加工後の値を入力したときの出力を不正符号語特定データとしてメッセージの符号語と対応させて生成することを特徴とする。 The encoding method according to the present invention is a code that outputs a codeword of n messages m and n illegal codeword specific data, where t is the number of assumed illegal channels and δ is an acceptable message reception failure probability. Where | m | represents the bit length of m, and | m | / (t + 1-s)
+ Generates an adjustment parameter s that minimizes (log1 / δ) / s, and generates an n- (t + s + 1) -degree polynomial F over a finite field with embedded messages. N points are generated as codewords of the message, and a t-order polynomial G on the finite field is generated using the codeword of the message as an input, and each of the codewords of the message generated in G has a different value on the finite field. The output when the processed value is input is generated as illegal codeword specifying data in correspondence with the codeword of the message.
 本発明に係る復号化方法は、上記本発明に係る符号化方法の出力であるメッセージの符号語と、不正符号語特定用データとチャンネル数nと、想定不正チャンネル数tと、調整パラメータsと、を入力としてメッセージを出力する復号化方法であって、前記不正符号語特定データに対してリード・ソロモン誤り訂正処理を行い、訂正処理後の不正符号語特定データより、これらが生成されたt次多項式の復元処理を行い、すべてのメッセージの符号語について復元されたt次多項式に、前記符号化装置が行った加工と同じ方法で加工を行い、加工後の値を復元したt次多項式に入力した値が加工前のメッセージの符号語と対応する不正符号語特定データと等しいか判定し、等しかったすべてのメッセージの符号語のリストを出力、前記出力されたリストに含まれるメッセージの符号語にリード・ソロモン誤り訂正処理を行い、訂正処理後のメッセージの符号語からn-(t+s+1)次多項式を復元し、この多項式から前記符号化装置がメッセージを埋め込んだ方法と対応する方法でメッセージを抽出して出力することを特徴とする。 A decoding method according to the present invention includes a codeword of a message that is an output of the encoding method according to the present invention, illegal codeword specifying data, the number of channels n, an assumed number of illegal channels t, an adjustment parameter s, , And outputs a message, the Reed-Solomon error correction process is performed on the incorrect codeword specifying data, and these are generated from the incorrect codeword specifying data after the correction process. Perform a restoration process of the second order polynomial, process the t-order polynomial restored for the codewords of all messages in the same way as the processing performed by the encoder, and convert the processed value to the t-order polynomial. It is determined whether or not the input value is equal to the codeword specific data corresponding to the codeword of the message before processing, and a list of codewords of all the messages that are equal is output. Reed-Solomon error correction processing is performed on the codeword of the message included in the message, and an n- (t + s + 1) degree polynomial is restored from the codeword of the message after the correction processing. The message is extracted and output by a method corresponding to the method in which the message is embedded.
 本発明に係る符号化プログラムは、想定不正チャンネル数をtとし、許容可能なメッセージ受信失敗確率をδとして、n個のメッセージmの符号語と、n個の不正符号語特定データを出力する符号化プログラムであって、|m|はmのビット長を表すものとし、|m|/(t+1-s)
+ (log1/δ)/s が最小になるような調整パラメータsを生成する機能と、メッセージが埋め込まれた有限体上のn-(t+s+1)次多項式Fを生成し、この多項式上の点をメッセージの符号語としてn個生成する機能と、前記メッセージの符号語を入力として有限体上のt次多項式Gを生成し、Gに生成したメッセージの符号語のそれぞれが有限体上で異なる値となるように加工し、加工後の値を入力したときの出力を不正符号語特定データとしてメッセージの符号語と対応させて生成する機能と、をコンピュータに実行させることを特徴とする。 The encoding program according to the present invention is a code that outputs codewords of n messages m and n illegal codeword specifying data, where t is the number of assumed illegal channels and δ is an acceptable message reception failure probability. Where | m | represents the bit length of m, and | m | / (t + 1-s)
+ A function to generate an adjustment parameter s that minimizes (log1 / δ) / s and an n- (t + s + 1) th order polynomial F over a finite field with embedded messages. A function for generating n points as message codewords and a t-order polynomial G on a finite field using the message codewords as input, and each of the message codewords generated in G is on a finite field And a function for generating an output corresponding to the codeword of the message as invalid codeword specific data, by processing the value so as to have different values in the computer, and causing the computer to execute. .
 本発明に係る復号化プログラムは、請求項1に記載の符号化装置の出力であるメッセージの符号語と、不正符号語特定用データとチャンネル数nと、想定不正チャンネル数tと、調整パラメータsと、を入力としてメッセージを出力する復号化プログラムであって、前記不正符号語特定データに対してリード・ソロモン誤り訂正処理を行い、訂正処理後の不正符号語特定データより、これらが生成されたt次多項式の復元処理を行い、すべてのメッセージの符号語について復元されたt次多項式に、前記符号化装置が行った加工と同じ方法で加工を行い、加工後の値を復元したt次多項式に入力した値が加工前のメッセージの符号語と対応する不正符号語特定データと等しいか判定し、等しかったすべてのメッセージの符号語のリストを出力する機能と、前記不正符号化メッセージ特定処理により出力されたリストに含まれるメッセージの符号語にリード・ソロモン誤り訂正処理を行い、訂正処理後のメッセージの符号語からn-(t+s+1)次多項式を復元し、この多項式から前記符号化装置がメッセージを埋め込んだ方法と対応する方法でメッセージを抽出して出力する機能と、をコンピュータに実行させることを特徴とする。 A decoding program according to the present invention includes a codeword of a message that is an output of the encoding device according to claim 1, illegal codeword specifying data, the number of channels n, an assumed number of illegal channels t, and an adjustment parameter s. And a message that outputs a message, the Reed-Solomon error correction process is performed on the incorrect codeword specifying data, and these are generated from the incorrect codeword specifying data after the correction process. A t-order polynomial that has been restored to the t-order polynomial that has been restored to the code word of all messages by the same method as the processing performed by the encoding device, and that has been restored to the t-order polynomial that has been restored by the t-order polynomial. To determine whether the value entered in the message is equal to the codeword specific data corresponding to the codeword of the message before processing, and to output a list of codewords of all equal messages And a Reed-Solomon error correction process on the codeword of the message included in the list output by the illegally encoded message specifying process, and the n- (t + s + 1) th order from the codeword of the corrected message A function of restoring a polynomial and extracting and outputting a message by a method corresponding to a method in which the encoding device embeds the message from the polynomial is output to the computer.
 本発明に係る記録媒体は、上記本発明に係るプログラムの処理を記録するコンピュータ読取り可能な記録媒体である。 The recording medium according to the present invention is a computer-readable recording medium for recording the processing of the program according to the present invention.
 本発明によれば、メッセージ情報の容量が減少する度合いと不正チャンネル特定用データが増加する度合いとのバランスの上に立って、各チャンネルを通して流すデータのサイズを小さくすることができる。 According to the present invention, it is possible to reduce the size of the data that flows through each channel, on the balance between the degree that the capacity of the message information is reduced and the degree that the illegal channel specifying data is increased.
本発明の実施形態に係るメッセージ伝送システムにおける送信装置の構成を示すブロック図である。It is a block diagram which shows the structure of the transmitter in the message transmission system which concerns on embodiment of this invention. 本発明の実施形態に係るメッセージ伝送システムにおける受信装置の構成を示すブロック図である。It is a block diagram which shows the structure of the receiver in the message transmission system which concerns on embodiment of this invention. 本発明の実施形態に係るメッセージ伝送システムをソフトウェア上で構築する際に用いるコンピュータの構成を示すブロック図である。It is a block diagram which shows the structure of the computer used when building the message transmission system which concerns on embodiment of this invention on software. 本発明の実施形態に係るメッセージ伝送システムにおける送信装置の動作を示すフローチャートである。It is a flowchart which shows operation | movement of the transmitter in the message transmission system which concerns on embodiment of this invention. 本発明の実施形態に係るメッセージ伝送システムにおける受信装置の動作を示すフローチャートである。It is a flowchart which shows operation | movement of the receiver in the message transmission system which concerns on embodiment of this invention. 本発明の実施形態に係るメッセージ伝送システムの送信装置における不正チャンネル特定情報生成部の構成を具体的に示すブロック図である。It is a block diagram which shows concretely the structure of the unauthorized channel specific information generation part in the transmitter of the message transmission system which concerns on embodiment of this invention. 本発明の実施形態に係るメッセージ伝送システムの受信装置における不正チャンネル特定部の構成を具体的に示すブロック図である。It is a block diagram which shows concretely the structure of the unauthorized channel specific | specification part in the receiver of the message transmission system which concerns on embodiment of this invention. 一般的なメッセージ伝送システムの構成を示すブロック図である。It is a block diagram which shows the structure of a general message transmission system. 非特許文献2に係る送信装置の構成を示すブロック図である。It is a block diagram which shows the structure of the transmitter which concerns on a nonpatent literature 2. 非特許文献2に係る受信装置の構成を示すブロック図である。It is a block diagram which shows the structure of the receiver which concerns on a nonpatent literature 2. 非特許文献2に係る送信装置の動作を示すフローチャートである。10 is a flowchart illustrating an operation of a transmission device according to Non-Patent Document 2. 非特許文献2に係る受信装置の動作を示すフローチャートである。10 is a flowchart showing an operation of the receiving device according to Non-Patent Document 2.
 以下に、本発明の実施形態を図に基づいて詳細に説明する。なお、以下に述べる実施形態は、本発明の好適な実施形態であるから、技術的に好ましい種々の限定が付されているが、本発明の範囲は、以下の説明において特に本発明を限定する旨の記載がない限り、これらの態様に限られるものではない。 Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. The embodiments described below are preferred embodiments of the present invention, and thus various technically preferable limitations are given. However, the scope of the present invention is particularly limited in the following description. As long as there is no description of the effect, it is not restricted to these aspects.
 本発明の実施形態は、小さな確率の下にデータの受信の失敗を許す代わりに、チャンネルを通して流すデータのサイズを削減することを意図した方式であって、メッセージ情報V1~Vnを伝送するための全てのチャンネル数nと、チャンネル上で改竄等が生じる可能性があるとして想定したチャンネル数である想定不正チャンネル数tの関係がn≧3t+1を満たす場合に関する方式を例にとって、以下、具体的に説明する。 The embodiment of the present invention is a scheme intended to reduce the size of data flowing through a channel, instead of allowing a failure to receive data with a small probability, for transmitting message information V1 to Vn. The following is a specific example of a method related to a case where the relationship between the number of all channels n and the number of assumed illegal channels t, which is the number of channels assumed to cause tampering on the channel, satisfies n ≧ 3t + 1. explain.
 先ず、本発明の実施形態における基本原理について説明する。以下の説明では、メッセージ情報V1~Vnを伝送するための全てのチャンネル数をnとして表記し、前記チャンネル上で改竄などが生じる可能性があるとして想定した想定不正チャンネル数をtとして表記する。また、送信メッセージ(2以上のメッセージ情報V1~Vnからなるメッセージ)をmとして表記し、許容可能なメッセージの受信失敗確率をδとして表記する。以下の説明では、改竄と表記する場合には、不正者が意図的に改竄する場合ばかりでなく、メッセージ情報V1~Vnがチャンネル300-1~300-n上を伝送される過程において何らかの要因でメッセージ情報V1~Vvが不正なものに変質してしまった場合も含むものとする。また、前記想定不正チャンネル数tとは、チャンネル300-1~300-n上で改竄が生じる可能性があるとして想定した想定不正チャンネル数の上限数を意味している。 First, the basic principle in the embodiment of the present invention will be described. In the following description, the number of all channels for transmitting the message information V1 to Vn is expressed as n, and the assumed number of illegal channels assumed that tampering or the like may occur on the channel is expressed as t. Further, a transmission message (a message composed of two or more message information V1 to Vn) is expressed as m, and an acceptable message reception failure probability is expressed as δ. In the following description, the term “tamper” refers not only to the case where an unauthorized person intentionally falsifies, but also due to some factor in the process in which the message information V1 to Vn is transmitted on the channels 300-1 to 300-n. This includes cases where the message information V1 to Vv has been altered to an illegal one. Further, the assumed number of illegal channels t means the upper limit of the number of assumed illegal channels that are assumed to be falsified on the channels 300-1 to 300-n.
 本実施形態に係るメッセージ伝送システムは、符号化したメッセージ情報V1~Vnを2以上のチャンネル300-1~300-nにより送信する送信フェーズにおいて、メッセージ情報V1~Vnの容量が減少する度合いが小さく且つ不正チャンネル特定用データA1~Anが増加する度合いが大きくなる係数である調整パラメータsを選定し、その選定した調整パラメータsを考慮した符号化方式に基づいて、メッセージmからメッセージ情報V1~Vnを生成して送信するものである。
 前記符号化方式は、t個以下の符号化されたメッセージ情報V1~Vn-1又はVnからメッセージmに関する情報が得られず、t+s個以下の符号化されたメッセージ情報V1~Vn-1又はVnが改竄された場合であっても、n個のメッセージ情報V1~Vnからなるメッセージmが復号でき、n―t個以上のメッセージの符号語(メッセージ情報V1~Vn)のうちs個以下の誤りを訂正することができるようなn個のメッセージの符号語(メッセージ情報V1~Vn)を生成し、そのn個のメッセージ情報V1~Vnを送信する。さらに、前記符号化方式は、前記メッセージ情報V1~Vnを生成する際に、t個以下のメッセージ情報V1~Vn-1又はVnに誤りがあっても、前記n個のメッセージの符号語(メッセージ情報V1~Vn)のうちt個以下の誤りを検出することができるn個の不正符号化メッセージ特定用データを生成し、そのn個の不正符号化メッセージ特定用データA1~Anを送信する。 In the message transmission system according to the present embodiment, in the transmission phase in which the encoded message information V1 to Vn is transmitted through two or more channels 300-1 to 300-n, the degree to which the capacity of the message information V1 to Vn decreases is small. In addition, the adjustment parameter s, which is a coefficient that increases the degree of increase in the unauthorized channel specifying data A1 to An, is selected, and the message information V1 to Vn is transmitted from the message m based on the encoding method that takes into account the selected adjustment parameter s. Is generated and transmitted.
In the encoding method, information on the message m cannot be obtained from t or less encoded message information V1 to Vn-1 or Vn, and t + s or less encoded message information V1 to Vn-1 or Vn. Even if the message is falsified, the message m composed of n pieces of message information V1 to Vn can be decoded, and s or less errors among the code words (message information V1 to Vn) of nt or more messages Code words (message information V1 to Vn) of n messages that can be corrected, and the n message information V1 to Vn are transmitted. Further, the encoding method may generate code words (messages) of the n messages even if there are errors in t message information V1 to Vn-1 or Vn when generating the message information V1 to Vn. Among the information V1 to Vn), n pieces of illegally encoded message specifying data capable of detecting t errors or less are generated, and the n pieces of illegally encoded message specifying data A1 to An are transmitted.
 本発明の実施形態に係るメッセージ伝送システムにおける符号化方式を実行するために、送信装置400は図1に示す様に、調整パラメータ生成部401と、メッセージ符号化部402と、不正チャンネル特定情報生成部403とを有している。
 以下の説明では、チャンネル300-1~300-n上で情報の改竄が生じる可能性があるとして想定した想定不正チャンネル数をt、許容可能なメッセージ受信失敗率をδとして表記するものとする。また、n個のメッセージmの符号語について、前記mを|m|と表記した場合、前記|m|は前記mのビット長を表すものとする。 In order to execute the encoding method in the message transmission system according to the embodiment of the present invention, the transmission apparatus 400 includes an adjustment parameter generation unit 401, a message encoding unit 402, and illegal channel identification information generation as shown in FIG. Part 403.
In the following description, it is assumed that the assumed number of illegal channels assumed that information may be falsified on channels 300-1 to 300-n is t, and the allowable message reception failure rate is δ. For m codewords of message m, when m is represented as | m |, | m | represents the bit length of m.
 前記調整パラメータ生成部401は、メッセージmと、想定不正チャンネル数tと、チャンネル数nと、許容可能なメッセージ受信失敗率δとを入力として、メッセージ情報V1~Vnの容量が減少する度合いが小さく且つ不正チャンネル特定用データA1~Anが増加する度合いが大きくなる係数である調整パラメータsを選定し、その選定した調整パラメータsを前記メッセージ符号化部402に出力するものである。 The adjustment parameter generation unit 401 receives the message m, the assumed number of illegal channels t, the number n of channels, and the allowable message reception failure rate δ, and the degree of reduction in the capacity of the message information V1 to Vn is small. In addition, the adjustment parameter s, which is a coefficient that increases the degree of increase in the illegal channel specifying data A1 to An, is selected, and the selected adjustment parameter s is output to the message encoding unit 402.
 前記調整パラメータ生成部401が前記調整パラメータsを選定する方式について記述する。前記調整パラメータ生成部401は、その一例として次式を用いて選定している。
 次式は、次の様に表される。
 |m|/(n-2t+1-s)+log(1/δ)/s
 前記式において、|m|は、要素数pの集合の要素から選ばれるメッセージmのビット長を意味している。nは、メッセージ情報V1~Vnを伝送するための全てのチャンネル数である。tは、チャンネル上で改竄などが生じる可能性があるとして想定した想定不正チャンネル数である。δは、許容可能なメッセージ受信失敗率である。
 すなわち、前記調整パラメータ生成部401は、メッセージmと、想定不正チャンネル数tと、チャンネル数nと許容可能なメッセージ受信失敗率δとを入力として、上記式である|m|/(n-2t+1-s)+log(1/δ)/sが最小となる様な調整パラメータsを選定し、その選定した調整パラメータsをメッセージ符号化部402に出力するものである。
 なお、本実施形態では、前記調整パラメータsを選定する際に上記式を用いたが、メッセージ情報V1~Vnの容量が減少する度合いが小さく且つ不正チャンネル特定用データA1~Anが増加する度合いが大きくなる係数である調整パラメータsを選定することができる式であれば、上記式以外のものを用いても良いものである。 A method by which the adjustment parameter generation unit 401 selects the adjustment parameter s will be described. The adjustment parameter generation unit 401 selects the following equation as an example.
The following equation is expressed as follows.
| M | / (n−2t + 1−s) + log (1 / δ) / s
In the above expression, | m | means the bit length of the message m selected from the elements of the set having the number p of elements. n is the total number of channels for transmitting the message information V1 to Vn. t is an assumed number of illegal channels assumed that tampering or the like may occur on the channel. δ is an acceptable message reception failure rate.
In other words, the adjustment parameter generation unit 401 receives the message m, the assumed number of illegal channels t, the number of channels n, and the allowable message reception failure rate δ, and | m | / (n−2t + 1) The adjustment parameter s that minimizes −s) + log (1 / δ) / s is selected, and the selected adjustment parameter s is output to the message encoding unit 402.
In the present embodiment, the above formula is used when selecting the adjustment parameter s. However, the degree to which the capacity of the message information V1 to Vn decreases is small and the degree to which the illegal channel specifying data A1 to An increases. Any expression other than the above expression may be used as long as the adjustment parameter s, which is a coefficient that increases, can be selected.
 前記メッセージ符号化部402は、メッセージmと、全てのチャンネル数nと、想定不正チャンネル数tと、前記調整パラメータsとの情報を受け取って、前記調整パラメータsを考慮した符号化方式に基づいて、メッセージmからメッセージ情報V1~Vnを生成し、これらのメッセージ情報V1~Vnをチャネル300-1~300-n及び不正チャンネル特定情報生成部403に送信するものである。 The message encoding unit 402 receives the information of the message m, the number of all channels n, the assumed number of illegal channels t, and the adjustment parameter s, and based on the encoding method considering the adjustment parameter s. The message information V1 to Vn is generated from the message m, and these message information V1 to Vn are transmitted to the channels 300-1 to 300-n and the illegal channel specifying information generating unit 403.
 前記符号化方式としては、非特許文献3に示された方式が挙げられる。非特許文献3に係る符号化方式は、(a,b,c)閾値符号化方式と言われるものである。この符号化方式は、メッセージmをc個に分散した分散情報に符号化するものである。そのうち任意のa個以上の分散情報に基づいて、メッセージmをc個に分散したことに関する秘密情報を完全に復元できるが、a-b個までの分散情報に基づいて前記秘密情報に関する情報を全く得られないという特徴を持つ。したがって、a-b個までの分散情報が盗難にあったとしても、前記秘密情報が漏洩せず、c-a個までの分散情報が破壊されても、前記秘密情報を復元できるものである。また、非特許文献3に示された符号化方式において、(a,b,c)閾値法に基づいて分散符号化された符号語は、リード・ソロモン誤り訂正処理に用いて、a+2y個以上の符号語のうちy個以下の誤りを訂正することができるものである。 As the encoding method, the method shown in Non-Patent Document 3 can be cited. The encoding method according to Non-Patent Document 3 is called the (a, b, c) threshold encoding method. This encoding method encodes message m into distributed information in which c messages are distributed. Among them, the secret information regarding the distribution of the message m into c pieces can be completely restored based on any a or more pieces of shared information, but the information about the secret information can be completely restored based on up to ab pieces of shared information. It has the characteristic that it cannot be obtained. Therefore, even if up to ab shared information is stolen, the secret information is not leaked, and the secret information can be restored even if up to ca shared information is destroyed. In addition, in the encoding method shown in Non-Patent Document 3, a codeword that is distributedly encoded based on the (a, b, c) threshold method is used for Reed-Solomon error correction processing, and a + 2y or more. In the codeword, y or less errors can be corrected.
 本実施形態では、前記yとして前記調整パラメータsの値を用い、非特許文献3の閾値となるa,b,cを、全てのチャンネル数n,想定不正チャンネル数t,調整パラメータsで置き換えることにより、非特許文献3の(a,b,c)閾値法を用いて符号化を実行している。
 すなわち、前記メッセージ符号化部402は、入力したパラメータである全てのチャンネル数n,想定不正チャンネル数t,調整パラメータsを用いて、前記a=n-(t+s),前記b=t+1-s,前記c=nに置き換えて、(n-(t+s)t+1-s,n)閾値法を用いることにより、メッセージmを有限体に埋め込み、その有限体上の(n-(t+s+1))次多項式Fを生成し、その生成した多項式F上の点をメッセージの符号語であるn個のメッセージ情報V1~Vnとして生成するものである。前記メッセージ符号化部402は、前記生成したn個のメッセージ情報V1~Vnをチャネル300-1~300-n及び不正チャンネル特定情報生成部403に送信する。 In the present embodiment, the value of the adjustment parameter s is used as the y, and a, b, and c, which are the threshold values of Non-Patent Document 3, are replaced with the number of all channels n, the number of assumed illegal channels t, and the adjustment parameter s. Thus, encoding is performed using the (a, b, c) threshold method of Non-Patent Document 3.
That is, the message encoding unit 402 uses the input parameters, ie, the number n of all channels, the number t of assumed illegal channels, and the adjustment parameter s, so that a = n− (t + s), b = t + 1−s, The message m is embedded in a finite field by using the (n− (t + s) t + 1−s, n) threshold method instead of c = n, and the (n− (t + s + 1)) degree polynomial F on the finite field is embedded. And the points on the generated polynomial F are generated as n pieces of message information V1 to Vn which are message codewords. The message encoding unit 402 transmits the generated n pieces of message information V1 to Vn to the channels 300-1 to 300-n and the illegal channel specifying information generating unit 403.
 非特許文献3による(a,b,c)閾値法を用いることにより、メッセージmを符号化したデータがメッセージ情報V1~Vnである場合、前記メッセージ情報V1~Vnを入力として有限体上のt次多項式Gを生成し、その生成したt次多項式Gに、前記メッセージ情報V1~Vnが有限体上で異なる値となるように加工処理を行い、その加工後のt次多項式Gに前記メッセージ情報V1~Vnを入力したときの出力を不正符号化メッセージ特定用データA1~Anとして用いることにより、n個のメッセージ情報V1~Vnのうちt個以下の誤りをリード・ソロモン誤り訂正処理による誤りの検出および訂正が可能であることが知られている(非特許文献4)。
 また、これら不正符号化メッセージ特定用データA1~Anに基づいて前記t次多項式Gが復元でき、このt次多項式Gにメッセージ情報V1~Vnを入力したときの値との整合性を調べることにより、t個までのメッセージ情報V1~Vnの改竄が検知可能であることが知られている(非特許文献2)。 By using the (a, b, c) threshold method according to Non-Patent Document 3, when the data that encodes the message m is message information V1 to Vn, the message information V1 to Vn is used as input and t on a finite field is input. An order polynomial G is generated, the generated t-order polynomial G is processed so that the message information V1 to Vn have different values on a finite field, and the message information is converted into the processed t-order polynomial G. By using the output when V1 to Vn are input as the illegally encoded message specifying data A1 to An, t or less errors in the n pieces of message information V1 to Vn are corrected by the Reed-Solomon error correction process. It is known that detection and correction are possible (Non-Patent Document 4).
Further, the t-order polynomial G can be restored based on the data for specifying the illegally encoded message A1 to An, and by checking the consistency with the values when the message information V1 to Vn is input to the t-order polynomial G. It is known that tampering of up to t message information V1 to Vn can be detected (Non-patent Document 2).
 本実施形態における不正チャンネル特定情報生成部403は、前記メッセージ符号化部402からのメッセージ情報V1~Vnと、想定不正チャンネル数tと、チャンネル数nを入力として、メッセージmが埋め込まれた有限体上のt次多項式Gを生成し、前記t次多項式Gに、前記メッセージ情報V1~Vnが有限体上で異なる値となるように加工処理を行い、その加工後のt次多項式にメッセージ情報V1~Vnを入力したときの出力を不正符号化メッセージ特定用データA1~Anとし、その不正符号化メッセージ特定用データA1~Anをメッセージ情報V1~Vnと対応させて生成するものである。前記不正符号化メッセージ特定用データA1はメッセージ情報V1に対応しており、同様に前記不正符号化メッセージ特定用データAnはメッセージ情報Vnに対応している。
 前記不正チャンネル特定情報生成部403は、生成した前記不正符号化メッセージ特定用データA1~Anをチャンネル300-1~300-nに出力する。 The illegal channel specifying information generating unit 403 in this embodiment receives the message information V1 to Vn from the message encoding unit 402, the assumed illegal channel number t, and the channel number n, and receives a finite field in which the message m is embedded. The above t-order polynomial G is generated, the t-order polynomial G is processed so that the message information V1 to Vn have different values on the finite field, and the message information V1 is converted into the t-order polynomial after the processing. Outputs when .about.Vn are inputted are illegally encoded message specifying data A1 to An, and the illegally encoded message specifying data A1 to An are generated in correspondence with the message information V1 to Vn. The illegally encoded message specifying data A1 corresponds to the message information V1. Similarly, the illegally encoded message specifying data An corresponds to the message information Vn.
The illegal channel specifying information generating unit 403 outputs the generated illegal encoded message specifying data A1 to An to the channels 300-1 to 300-n.
 本発明の実施形態に係るメッセージ伝送システムは、2以上のチャンネル300-1~300-nから受信したメッセージ情報V1~Vnを復号化する受信フェーズにおいて、チャンネル300-1~300-nからメッセージ情報V1~Vnとそれらに対応する不正符号化メッセージ特定用データA1~Anとを受信し、そのメッセージ情報V1~Vnと、不正符号化メッセージ特定用データA1~Anとを用いることにより、各メッセージ情報V1~Vnが改竄された不正なメッセージ情報であるかを判断し、不正なメッセージ情報であると判断されなかったメッセージ情報に対して誤り訂正処理を行い、訂正処理後のメッセージ情報からメッセージを復号するものである。 The message transmission system according to the embodiment of the present invention receives message information from the channels 300-1 to 300-n in the reception phase for decoding the message information V1 to Vn received from two or more channels 300-1 to 300-n. Each message information is received by receiving V1 to Vn and the corresponding illegally encoded message specifying data A1 to An and using the message information V1 to Vn and the illegally encoded message specifying data A1 to An. It is determined whether or not V1 to Vn are falsified illegal message information, error correction processing is performed on the message information that is not determined to be illegal message information, and the message is decoded from the corrected message information To do.
 本発明の実施形態に係るメッセージ伝送システムにおける受信フェーズを実行するための受信装置500は図2に示す様に、符号化メッセージ誤り訂正部501と、不正チャンネル特定部502とを有している。 The receiving device 500 for executing the reception phase in the message transmission system according to the embodiment of the present invention includes an encoded message error correction unit 501 and an illegal channel specifying unit 502 as shown in FIG.
 前記不正チャンネル特定部502は、想定不正チャンネル数tとチャンネル数nとに加えて、チャンネル300-1~300-nから不正符号化メッセージ特定用データA1~An及びメッセージ情報V1~Vnを受信し、その受信した不正符号化メッセージ特定用データA1~Anに対して誤り訂正処理を行い、その訂正処理後の不正符号化メッセージ特定用データに基づいて、前記不正チャンネル特定情報生成部403が生成したt次多項式Gの復元処理を行い、すべてのメッセージ情報V1~Vnについて復元されたt次多項式Gに、前記不正チャンネル特定情報生成部403が行った加工と同じ方法で加工を行い、加工後のt次多項式に前記メッセージ情報V1~Vnを入力した値が加工前のメッセージ情報V1~Vnと対応する不正符号化メッセージ特定用データA1~Anと等しいかを判定し、等しかったすべての不正符号化メッセージ特定用データA1~An-2又はAnのリストを集合Lとして出力するものである。 The illegal channel specifying unit 502 receives illegal encoded message specifying data A1 to An and message information V1 to Vn from the channels 300-1 to 300-n in addition to the assumed illegal channel number t and channel number n. Then, error correction processing is performed on the received illegally encoded message specifying data A1 to An, and the incorrect channel specifying information generating unit 403 generates based on the incorrect encoded message specifying data after the correction processing. The t-order polynomial G is restored, and the t-order polynomial G restored for all the message information V1 to Vn is processed by the same method as the processing performed by the unauthorized channel specifying information generation unit 403, The values obtained by inputting the message information V1 to Vn to the t-order polynomial are not corresponding to the message information V1 to Vn before processing. It is determined whether it is equal to the correct encoded message specifying data A1 to An, and a list of all equal encoded message specifying data A1 to An-2 or An that are equal is output as a set L.
 符号化メッセージ誤り訂正部501は、想定不正チャンネル数tとチャンネル数nとに加えて、前記不正チャンネル特定部502から集合Lを受け取ると共に、チャンネル300-1~300-nからメッセージ情報V1~Vnを受信し、前記集合Lに含まれない不正符号化メッセージ特定用データA1~An-1又はAnに対応するメッセージ情報V1~Vn-1又はVnに誤り訂正処理を行い、訂正処理後のメッセージ情報に基づいて前記メッセージ符号化部402が生成したn-(t+s+1)次多項式Fを復元し、この多項式Fから、前記メッセージ符号化部402がメッセージ情報V1~Vnを有限体に埋め込んだ方法に対応する方法でメッセージを抽出して出力するものである。 The encoded message error correction unit 501 receives the set L from the illegal channel specifying unit 502 in addition to the assumed illegal channel number t and the channel number n, and message information V1 to Vn from the channels 300-1 to 300-n. And error correction processing is performed on the message information V1 to Vn-1 or Vn corresponding to the illegally encoded message specifying data A1 to An-1 or An not included in the set L, and the message information after the correction processing is performed. The n- (t + s + 1) degree polynomial F generated by the message encoding unit 402 based on the above is restored, and from this polynomial F, the message encoding unit 402 corresponds to a method of embedding message information V1 to Vn in a finite field. The message is extracted and output by this method.
 次に、本発明の実施形態に係るメッセージ伝送システムを用いて、メッセージをメッセージ情報に符号化する方法と、符号化されてチャンネルを通して伝送されたメッセージ情報に基づいてメッセージを復号する方法とを実行する場合を説明する。 Next, using the message transmission system according to the embodiment of the present invention, a method for encoding a message into message information and a method for decoding the message based on the encoded message information transmitted through the channel are executed. The case where it does is demonstrated.
 先ず、メッセージmをメッセージ情報に符号化する方法を実行する場合について説明する。
 調整パラメータ生成部401は、メッセージmと、想定不正チャンネル数tと、チャンネル数nと、許容可能なメッセージ受信失敗率δとを入力として(図4のステップC1)、メッセージ情報V1~Vnの容量が減少する度合いが小さく且つ不正チャンネル特定用データA1~Anが増加する度合いが大きくなる係数である調整パラメータsを選定し(図4のステップC2)、その選定した調整パラメータsを前記メッセージ符号化部402に出力する。 First, the case where the method of encoding the message m into message information is executed will be described.
The adjustment parameter generation unit 401 receives the message m, the assumed illegal channel number t, the channel number n, and the allowable message reception failure rate δ (step C1 in FIG. 4), and the capacity of the message information V1 to Vn. The adjustment parameter s, which is a coefficient that increases the degree of increase of the unauthorized channel specifying data A1 to An, is selected (step C2 in FIG. 4), and the selected adjustment parameter s is encoded with the message. Output to the unit 402.
 前記メッセージ符号化部402は、入力したパラメータである全てのチャンネル数n,想定不正チャンネル数t,調整パラメータsを用いて、前記a=n-(t+s),前記b=t+1-s,前記c=nに置き換えて、(n-(t+s)t+1-s,n)閾値法を用いることにより、メッセージmを有限体に埋め込み、その有限体上の(n-(t+s+1))次多項式Fを生成し、その生成した多項式F上の点をメッセージの符号語であるn個のメッセージ情報V1~Vnとして生成し(図4のステップC3)、前記生成したn個のメッセージ情報V1~Vnをチャネル300-1~300-n及び不正チャンネル特定情報生成部403に送信する。 The message encoding unit 402 uses the input parameters of all the channel number n, the assumed illegal channel number t, and the adjustment parameter s, so that a = n− (t + s), b = t + 1−s, c = N, by using the (n- (t + s) t + 1-s, n) threshold method, the message m is embedded in a finite field, and the (n- (t + s + 1)) degree polynomial F over the finite field is generated Then, the generated points on the polynomial F are generated as n pieces of message information V1 to Vn which are message codewords (step C3 in FIG. 4), and the generated n pieces of message information V1 to Vn are transmitted to the channel 300. −1 to 300-n and the unauthorized channel identification information generation unit 403.
 本実施形態における不正チャンネル特定情報生成部403は、前記メッセージ符号化部402からのメッセージ情報V1~Vnと、想定不正チャンネル数tと、チャンネル数nを入力として、メッセージmが埋め込まれた有限体上のt次多項式Gを生成し、前記t次多項式Gに、前記メッセージ情報V1~Vnが有限体上で異なる値となるように加工処理を行い、その加工後のt次多項式にメッセージ情報V1~Vnを入力したときの出力を不正符号化メッセージ特定用データA1~Anとし、その不正符号化メッセージ特定用データA1~Anをメッセージ情報V1~Vnと対応させて生成し(図4のステップC4)、その不正符号化メッセージ特定用データV1~Vnをチャンネル300-1~300-nに出力する。 The illegal channel specifying information generating unit 403 in this embodiment receives the message information V1 to Vn from the message encoding unit 402, the assumed illegal channel number t, and the channel number n, and receives a finite field in which the message m is embedded. The above t-order polynomial G is generated, the t-order polynomial G is processed so that the message information V1 to Vn have different values on the finite field, and the message information V1 is converted into the t-order polynomial after the processing. Outputs when .about.Vn are input are illegally encoded message specifying data A1 to An, and the illegally encoded message specifying data A1 to An are generated in correspondence with the message information V1 to Vn (step C4 in FIG. 4). ) To output the illegally encoded message specifying data V1 to Vn to the channels 300-1 to 300-n.
 次に、符号化されてチャンネルを通して伝送されたメッセージ情報に基づいてメッセージを復号する方法を実行する場合を説明する。 Next, a case where a method for decoding a message based on message information encoded and transmitted through a channel will be described.
 不正チャンネル特定部502は、想定不正チャンネル数tとチャンネル数nとに加えて、チャンネル300-1~300-nから不正符号化メッセージ特定用データA1~An及びメッセージ情報V1~Vnを受信し(図5のステップD1,D2)、その受信した不正符号化メッセージ特定用データA1~Anに対して誤り訂正処理を行い、その訂正処理後の不正符号化メッセージ特定用データに基づいて、前記不正チャンネル特定情報生成部403が生成したt次多項式Gの復元処理を行い、すべてのメッセージ情報V1~Vnについて復元されたt次多項式Gに、前記不正チャンネル特定情報生成部403が行った加工と同じ方法で加工を行い、加工後のt次多項式に前記メッセージ情報V1~Vnを入力した値が加工前のメッセージ情報V1~Vnと対応する不正符号化メッセージ特定用データA1~Anと等しいかを判定し、等しかったすべてのメッセージ情報V1~Vnのリストを集合Lとして出力する(図5のステップD3)。 The unauthorized channel identifying unit 502 receives the unauthorized encoded message identifying data A1 to An and the message information V1 to Vn from the channels 300-1 to 300-n in addition to the assumed unauthorized channel number t and the channel number n ( Steps D1 and D2) of FIG. 5 perform error correction processing on the received illegally encoded message specifying data A1 to An, and based on the incorrect encoded message specifying data after the correction processing, the illegal channel The same method as the processing performed by the unauthorized channel specifying information generating unit 403 is performed on the t order polynomial G recovered by performing restoration processing of the t order polynomial G generated by the specific information generating unit 403 and restoring all the message information V1 to Vn. The value obtained by inputting the message information V1 to Vn into the t-order polynomial after processing is the message information before processing. It is determined whether or not the data V1 to Vn corresponding to the illegally encoded message specifying data A1 to An is equal, and a list of all equal message information V1 to Vn is output as a set L (step D3 in FIG. 5).
 符号化メッセージ誤り訂正部501は、想定不正チャンネル数tとチャンネル数nとに加えて、前記不正チャンネル特定部502から集合Lを受け取ると共に、チャンネル300-1~300-nからメッセージ情報V1~Vnを受信し、前記集合Lに含まれない不正符号化メッセージ特定用データA1~An-1又はAnに対応するメッセージ情報V1~Vn-1又はVnに誤り訂正処理を行い(図5のステップD4)、訂正処理後のメッセージ情報に基づいて前記メッセージ符号化部402が生成したn-(t+s+1)次多項式Fを復元し、この多項式Fから、前記メッセージ符号化部402がメッセージ情報V1~Vnを有限体に埋め込んだ方法に対応する方法でメッセージを抽出して出力する(図5のステップD5)。 The encoded message error correction unit 501 receives the set L from the illegal channel specifying unit 502 in addition to the assumed illegal channel number t and the channel number n, and message information V1 to Vn from the channels 300-1 to 300-n. And performs error correction processing on the message information V1 to Vn-1 or Vn corresponding to the illegally encoded message specifying data A1 to An-1 or An not included in the set L (step D4 in FIG. 5). Then, the n- (t + s + 1) degree polynomial F generated by the message encoding unit 402 based on the message information after the correction processing is restored, and from this polynomial F, the message encoding unit 402 converts the message information V1 to Vn to finite A message is extracted and output by a method corresponding to the method embedded in the body (step D5 in FIG. 5).
 以上説明したように、本発明の実施形態によれば、調整パラメータsを用いてメッセージの符号化方式を調整することにより、例えs個までの誤ったデータが不正符号化メッセージ特定用データによる誤り検出処理を通りぬけたとしても、メッセージの符号語のなかのs個以下のあやまりを訂正することができる。そのため、少なくとも、s+1個の誤ったデータが不正符号化メッセージ特定用データによる誤り検出処理を通りぬけない限り、メッセージの受信は成功する。
 従って、チャンネル数が増えた場合にメッセージの符号語のサイズがほとんど減らない場合について、各チャンネルを通して送信されるデータを小さくすることができる。 As described above, according to the embodiment of the present invention, by adjusting the message encoding method using the adjustment parameter s, for example, up to s pieces of erroneous data are errors due to illegally encoded message specifying data. Even if the detection process is passed, it is possible to correct s or less errors in the codeword of the message. Therefore, the reception of the message is successful as long as at least s + 1 erroneous data does not pass through the error detection process using the illegally encoded message specifying data.
Therefore, the data transmitted through each channel can be reduced in the case where the size of the codeword of the message is hardly reduced when the number of channels is increased.
 つまり、1つの誤ったデータが誤り検出処理を通りぬける確率をρとすると、簡単に評価するならば、s+1個のデータが誤り検出処理を通り抜ける確率はおよそρ[s]程度になる。つまり、許容可能な確率をδとし、δ=ρ[s]とすると、1つ1つの不正符号化メッセージ特定用データのサイズは1/ρ=1/(δ[1/s])であるので、非特許文献3の方式に比べ、ビット長で1/sのサイズとなる。 In other words, assuming that the probability that one erroneous data passes through the error detection process is ρ, if simply evaluated, the probability that s + 1 data passes through the error detection process is about ρ [s] . In other words, if the allowable probability is δ and δ = ρ [s] , the size of each illegally encoded message specifying data is 1 / ρ = 1 / (δ [1 / s] ). Compared with the method of Non-Patent Document 3, the bit length is 1 / s.
 このとき、調整パラメータsは|m|/(t+1-s)+(log(1/δ)/sが最小になるように選ばれているため、非特許文献2記載の方式においてチャンネル数が多くなり、チャンネルが1本増えたときに各チャンネルを通して送信されるデータがあまり減少しなくなった場合に効率的であることがわかる。 At this time, since the adjustment parameter s is selected so that | m | / (t + 1−s) + (log (1 / δ) / s is minimized, the number of channels is large in the method described in Non-Patent Document 2. Thus, it can be seen that it is efficient when the data transmitted through each channel does not decrease so much when the number of channels increases by one.
 以上、n本のチャンネルを用いた場合の説明を行ったが、チャンネルを実現する手段は、送信装置の生成した複数のデータを分けて送信することができるものであれば、n本のチャンネルを設ける必要はない。想定不正チャンネル数とは、送信装置が生成するn組の情報に対する改竄、盗聴を許す最大の数を表しているものである。また、調整パラメータsは前持って計算した値が入力されてもよい。 The case where n channels are used has been described above. However, if the means for realizing the channels can transmit a plurality of data generated by the transmission device separately, the n channels are used. There is no need to provide it. The assumed number of illegal channels represents the maximum number that allows tampering and eavesdropping on n sets of information generated by the transmission device. The adjustment parameter s may be input with a value calculated beforehand.
 想定不正チャンネル数とは、想定される不正なチャンネルの上限数という意味であり、本実施形態のメッセージ伝送システムによれば想定チャンネル数までの数の符号化メッセージ情報の改竄であれば改竄された符号化メッセージ情報の特定が可能である。 The assumed number of illegal channels means the upper limit number of assumed illegal channels. According to the message transmission system of this embodiment, the number of encoded message information up to the assumed number of channels has been altered. The encoded message information can be specified.
 まず、分散メッセージ情報を送信し、その後で、不正チャンネル特定情報を送信する必要はなく、すべて生成された後で、一度に送ってもよい。調整パラメータsはそれぞれのチャンネルから送信する。このようにすることにより、チャンネル数の半数未満を用いて送信されたyの値が改竄されても多数決をとることでにより、確実に正しいyの値を受信できる。本発明の実施の形態においても、このような方法を用いる。 First, it is not necessary to transmit the distributed message information, and then transmit the illegal channel specifying information, and it may be sent at a time after all the information is generated. The adjustment parameter s is transmitted from each channel. By doing in this way, even if the value of y transmitted using less than half of the number of channels is falsified, the correct y value can be reliably received by taking a majority vote. Such a method is also used in the embodiment of the present invention.
 以上の説明では、本発明の実施形態に係るメッセージ伝送システムにおける図1に示す送信装置400及び図2に示す受信装置500をハードウェアとして構築したが、これに限られるものではない。コンピュータに符号化プログラムを実行させることにより、図1に示す送信装置400の調整パラメータ生成部401,メッセージ符号化部402及び不正チャンネル特定情報生成部403をソフトウェア上で構築する様にしてもよいものである。さらに、コンピュータに復号化プログラムを実行させることにより、図2に示す受信装置500の符号化メッセージ誤り訂正部501及び不正チャンネル特定部502をソフトウェア上で構築する様にしてもよいものである。なお、前記符号化プログラム及び前記復号化プログラムは記録媒体に記録されて商取引の対象となる。
 前記コンピュータの一例を図3に示す。 In the above description, the transmission apparatus 400 shown in FIG. 1 and the reception apparatus 500 shown in FIG. 2 in the message transmission system according to the embodiment of the present invention are constructed as hardware, but the present invention is not limited to this. The adjustment parameter generation unit 401, the message encoding unit 402, and the illegal channel identification information generation unit 403 of the transmission apparatus 400 illustrated in FIG. 1 may be configured on software by causing a computer to execute an encoding program. It is. Furthermore, the encoded message error correcting unit 501 and the illegal channel specifying unit 502 of the receiving apparatus 500 shown in FIG. 2 may be constructed on software by causing a computer to execute a decoding program. The encoding program and the decoding program are recorded on a recording medium and are subject to commercial transactions.
An example of the computer is shown in FIG.
 図3において、処理装置10は、プログラムにしたがって所定の処理を実行する。入力装置20は、処理装置10に対するコマンドや情報の入力に用いられる入力装置である。出力装置30は、処理装置10の処理結果をモニタするための出力装置である。 In FIG. 3, the processing device 10 executes predetermined processing according to a program. The input device 20 is an input device used for inputting commands and information to the processing device 10. The output device 30 is an output device for monitoring the processing result of the processing device 10.
 また処理装置10は、CPU(Central Processing Unit)11、主記憶部12、記録媒体13、データ蓄積部14、メモリ制御インタフェース部15、およびI/Oインタフェース部16を有し、それらがバス18を介して相互に接続された構成である。 The processing device 10 includes a CPU (Central Processing Unit) 11, a main storage unit 12, a recording medium 13, a data storage unit 14, a memory control interface unit 15, and an I / O interface unit 16. Are connected to each other.
 CPU11はプログラムを実行するプロセッサである。主記憶部12は、CPU11の処理に必要な情報を一時的に記憶する。記録媒体13は、CPU11に実行させるためのプログラムを記憶している。データ蓄積部14は、秘密情報やアクセス構造データを記憶する。メモリ制御インタフェース部15は、主記憶部12、記録媒体13、またはデータ蓄積部14のデータの書き込みおよび読み出しを制御するインタフェース装置である。I
/Oインタフェース部16は、入力装置20および出力装置30とのデータの入出力を制御するインタフェース装置である。このインタフェース装置を用いて、チャンネル300を用いてのデータの送受信を行う。また、記録媒体13は、磁気ディスク、半導体メモリ、光ディスク、あるいはその他の記録媒体である。 The CPU 11 is a processor that executes a program. The main storage unit 12 temporarily stores information necessary for the processing of the CPU 11. The recording medium 13 stores a program for the CPU 11 to execute. The data storage unit 14 stores secret information and access structure data. The memory control interface unit 15 is an interface device that controls writing and reading of data in the main storage unit 12, the recording medium 13, or the data storage unit 14. I
The / O interface unit 16 is an interface device that controls data input / output with the input device 20 and the output device 30. Using this interface device, data is transmitted and received using the channel 300. The recording medium 13 is a magnetic disk, a semiconductor memory, an optical disk, or other recording medium.
 次に、本発明の実施形態に係るメッセージ伝送システムを具体例に基づいて更に詳細に説明する。 Next, the message transmission system according to the embodiment of the present invention will be described in more detail based on a specific example.
 以下の説明では、チャンネル数nと想定不正チャンネル数tとが、n≧3t+1が成立している場合を例にとって説明する。また、pは素数の冪乗としたとき、素数そのものである場合もある。このとき、有限体GF(p[N])は、素数の冪乗pについての有限体のN次拡大体を表す。 In the following description, a case where n ≧ 3t + 1 holds between the number of channels n and the assumed number of illegal channels t will be described as an example. In addition, when p is a prime power, it may be a prime number itself. At this time, the finite field GF (p [N] ) represents an Nth-order extension field of the finite field with respect to the power p of the prime number.
 本発明の実施形態に係るメッセージ伝送システムにおける送信装置400の調整パラメータ生成部401は、メッセージmについて、|m|/(n-2t+1-s)+log(1/δ)/sが最小となる値として調整パラメータsを選び、その調整パラメータsをメッセージ符号化部402に入力する。また前記調整パラメータ生成部401は、前記調整パラメータsをチャンネル300-1~300-nにより受信装置500に送信する。 The adjustment parameter generation unit 401 of the transmission apparatus 400 in the message transmission system according to the embodiment of the present invention has a value that minimizes | m | / (n−2t + 1−s) + log (1 / δ) / s for the message m. The adjustment parameter s is selected, and the adjustment parameter s is input to the message encoding unit 402. Further, the adjustment parameter generation unit 401 transmits the adjustment parameter s to the receiving device 500 through the channels 300-1 to 300-n.
 前記送信装置100には、メッセージm,想定不正者数t,調整パラメータs,全てのチャンネル数nの情報が入力される。GF(p[n-2t-s])の要素であるメッセージmは、前記GF(p)の要素の列として、(m,0,・・・m[n-2t-s-1])のように表せる。 The transmitter 100 is inputted with information of a message m, an assumed number of unauthorized persons t, an adjustment parameter s, and the number of all channels n. The message m, which is an element of GF (p [n-2ts-s] ), has (m, 0,... M [n-2ts-s-1] ) as a sequence of the elements of GF (p). It can be expressed as follows.
 送信装置400のメッセージ符号化部402は、GF(p)上の定数項からn-2t-s-1次の項までの係数がそれぞれ(m,0,・・・m[n-2t-s-1])であるn-(t+s+1)次多項式をランダムに生成する。この多項式をfm(x)と記す。ただし、xは1~nまでである。この場合、nは全てのチャンネル数nに相当するものである。 The message encoding unit 402 of the transmitting apparatus 400 has coefficients (m, 0,... M [n−2t−s] from the constant term on GF (p) to the n−2t−s−1 order term. −1] ) is randomly generated as an n− (t + s + 1) degree polynomial. This polynomial is denoted as fm (x). However, x is 1 to n. In this case, n corresponds to the total number of channels n.
 なお、前記メッセージ符号化部402はメッセージmを係数に埋め込んでいるが、メッセージmを埋め込み方式は多項式からメッセージを抽出可能な形式であれば、何れの方式であっても。例えば、多項式上のn-2t-s個の点にメッセージmを埋め込む方法などであってもよい。 Note that the message encoding unit 402 embeds the message m in a coefficient, but the message m embedding method may be any method as long as the message can be extracted from a polynomial. For example, a method of embedding the message m at n-2ts points on the polynomial may be used.
 前記メッセージ符号化部101は、fm(1),fm(2),・・・,fm(n)を計算し、その計算結果と入力iとのペアVi=(i,Vi)(i=1,2,・・・,n,Vi=fm(i))を、符号化したメッセージ情報V1~Vnとして、それぞれチャンネル300-iに出力する。 The message encoding unit 101 calculates fm (1), fm (2),..., Fm (n), and a pair Vi = (i, Vi) (i = 1) of the calculation result and the input i. , 2,..., N, Vi = fm (i)) are output to the channel 300-i as encoded message information V1 to Vn, respectively.
 本発明の実施形態に係るメッセージ伝送システムにおいて、上述したようにして生成した前記メッセージ情報(V1,Vn)Viは、非特許文献3に記載された既存の(a,b,c)閾値法を用いて秘密情報を分散符号化したものに相当する。また、このとき符号化されたメッセージ情報はデータ集合GF(p)の要素であるが、n-t+s個の符号化されたメッセージ情報V1~Vnに調整パラメータsに対応する個数の誤った値が含まれていても、その誤りはリード・ソロモン誤り訂正処理によって訂正可能である。 In the message transmission system according to the embodiment of the present invention, the message information (V1, Vn) Vi generated as described above is based on the existing (a, b, c) threshold method described in Non-Patent Document 3. This corresponds to the secret information that is distributed and encoded. Also, the message information encoded at this time is an element of the data set GF (p), but the number of erroneous values corresponding to the adjustment parameter s is included in the n−t + s encoded message information V1 to Vn. Even if included, the error can be corrected by Reed-Solomon error correction processing.
 図6は、図1に示す不正チャンネル特定情報生成部403の構成をさらに具体的に示すブロック図である。不正チャンネル特定情報生成部403は図6に示す様に、符号化メッセージ情報変換部601と、RS情報源生成部602およびRS符号語生成部603とを有している。 FIG. 6 is a block diagram showing more specifically the configuration of the unauthorized channel specifying information generating unit 403 shown in FIG. As illustrated in FIG. 6, the unauthorized channel identification information generation unit 403 includes an encoded message information conversion unit 601, an RS information source generation unit 602, and an RS codeword generation unit 603.
 前記符号化メッセージ情報変換部601は、メッセージ符号化部402の出力であるメッセージ情報V1~Vn(Vi=(i,Vi))を取得し、q≧n×pとなるqに対し、メッセージmを埋め込んだ有限体GF(q)上でxi=p×(i-1)+Vi(i=1,2,・・・,n)を計算し、その計算結果をRS符号語生成部603に出力する。 The encoded message information conversion unit 601 obtains message information V1 to Vn (Vi = (i, Vi)) that are output from the message encoding unit 402, and the message m for q satisfying q ≧ n × p. Xi = p × (i−1) + Vi (i = 1, 2,..., N) is calculated on the finite field GF (q) in which is embedded, and the calculation result is output to the RS codeword generation unit 603 To do.
 RS情報源生成部602は、有限体GF(q)上のランダムなデータe0,e1,・・・,etを生成し、その生成したデータをRS符号語生成部603に出力する。 The RS information source generation unit 602 generates random data e0, e1,..., Et on the finite field GF (q), and outputs the generated data to the RS codeword generation unit 603.
 RS符号語生成部603は、符号化メッセージ情報変換部601から出力されたxi(i=1,2,・・・,n)と、RS情報源生成部602から出力されたe0,e1,・・・,etとを取得し、有限体GF(q)上でAi=e0+e1×xi+e2×xi+・・・+et×xi(i=1,2,・・・,n)を計算し、このデータAiを不正符号化メッセージ特定用データA1~Anとしてチャンネル300-i(i=1,2,・・・,n)に出力する。 The RS codeword generation unit 603 includes xi (i = 1, 2,..., N) output from the encoded message information conversion unit 601 and e0, e1,... Output from the RS information source generation unit 602. · to acquire and et, Ai = e0 + e1 × xi + e2 × xi 2 + ··· + et × xi t (i = 1,2, ···, n) was calculated on the finite body GF (q), The data Ai is output to the channel 300-i (i = 1, 2,..., N) as illegally encoded message specifying data A1 to An.
 一方、図2に示す受信装置500には、想定不正者数t,チャンネル数nが入力される。また、受信装置500には、チャンネル300-1,300-2,・・・,300-nからメッセージ情報V1~Vn(Vi=(i,V
i))と、不正符号化メッセージ特定用データA1~An(Ai(i=1,2,・・・,n)),調整パラメータsがそれぞれ入力される。 On the other hand, the assumed number of unauthorized persons t and the number of channels n are input to the receiving apparatus 500 shown in FIG. In addition, the receiver 500 receives message information V1 to Vn (Vi = (i, V) from the channels 300-1, 300-2,..., 300-n.
i)), illegally encoded message specifying data A1 to An (Ai (i = 1, 2,..., n)), and adjustment parameter s are input.
 ここで取得したメッセージ情報A1,A2,・・・,Anは、RS情報源生成部602の出力e0,e1,・・・,etを情報源とするリード・ソロモン(Reed-Solomon)誤り訂正符号の符号語になっている。 The acquired message information A1, A2,..., An is a Reed-Solomon error correction code using the outputs e0, e1,. It is a code word.
 前提より、n≧3t+1であるので、不正符号化メッセージ特定用データA1~An(Ai)に含まれるt個の誤りを訂正し、元の情報源e0,e1,・・・,etを復元することが可能である。前記t個は、想定不正チャンネル数tに相当するものである。 Since n ≧ 3t + 1 from the premise, t errors included in the illegally encoded message specifying data A1 to An (Ai) are corrected, and the original information sources e0, e1,. It is possible. The t number corresponds to the assumed number t of illegal channels.
 受信装置500の不正チャンエル特定部502は、前記不正符号化メッセージ特定用データA1~An(Ai)と、メッセージ情報V1~Vn(Vi=(i,Vi))とを受け取る。 The unauthorized channel identifying unit 502 of the receiving device 500 receives the unauthorized encoded message identifying data A1 to An (Ai) and the message information V1 to Vn (Vi = (i, Vi)).
 前記不正チャンネル特定部502は図7に示す様に、RS誤り訂正部701と、不正チャンネル集合出力部702とを有している。 The illegal channel specifying unit 502 includes an RS error correction unit 701 and an illegal channel set output unit 702 as shown in FIG.
 RS誤り訂正部701は、前記不正符号化メッセージ特定用データA1~An(Ai)と、メッセージ情報V1~Vn(Vi=(i,Vi))とを用いてリード・ソロモン誤り訂正処理を実行する事により、不正チャンネル特定情報生成部403のRS情報源生成部602が生成したものと同じ元の情報源e0,e1,・・・,etを復元し、その復元した情報源を不正チャンネル集合出力部502に出力する。このときリード・ソロモン誤り訂正処理としては既存の方法を用いればよい。既存のリード・ソロモン誤り訂正処理の一例としてバーレカンプ法がある。 The RS error correction unit 701 executes Reed-Solomon error correction processing using the illegally encoded message specifying data A1 to An (Ai) and the message information V1 to Vn (Vi = (i, Vi)). As a result, the same original information sources e0, e1,..., Et as those generated by the RS information source generation unit 602 of the unauthorized channel specifying information generation unit 403 are restored, and the restored information sources are output to the unauthorized channel set. Output to the unit 502. At this time, an existing method may be used as the Reed-Solomon error correction process. An example of existing Reed-Solomon error correction processing is the Bale Kamp method.
 不正チャンネル集合出力部702は、前記不正符号化メッセージ特定用データA1~An(Ai)と、メッセージ情報V1~Vn(Vi=(i,Vi))とを受け取ると、その取得したデータを用いてxi=p×(i-1)+Vi(i=1,2,・・・,n)を計算し、Ai=e0+e1×xi+e2×xi+・・・+et×xiが成立しない想定不正チャンネルt1~tn-2又はtnをリストした集合Lを符号化メッセージ誤り訂正部501に送る。なお、図6の式中で用いられているは冪乗算を意味している。 Upon receiving the illegally encoded message specifying data A1 to An (Ai) and the message information V1 to Vn (Vi = (i, Vi)), the illegal channel set output unit 702 uses the acquired data. xi = p × (i-1 ) + Vi (i = 1,2, ···, n) to calculate the, Ai = e0 + e1 × xi + e2 × xi 2 + ··· + et × xi t is not satisfied assumed cheating channels t1 A set L that lists .about.tn-2 or tn is sent to the encoded message error correction unit 501. Note that used in the equation of FIG. 6 means 冪 multiplication.
 符号化メッセージ誤り訂正部501は、不正チャンネル特定部702からの集合Lを取得し、その集合Lに含まれていない想定不正チャンネルt1~tn-2又はtnに対応するメッセージ情報V1~Vn-2又はVnに対しリード・ソロモン誤り訂正処理を実行し、誤り訂正後の符号化メッセージに埋め込まれているメッセージ情報V1~Vn-2又はVnを出力する。 The encoded message error correction unit 501 acquires the set L from the illegal channel specifying unit 702, and message information V1 to Vn-2 corresponding to the assumed illegal channels t1 to tn-2 or tn not included in the set L. Alternatively, Reed-Solomon error correction processing is executed for Vn, and message information V1 to Vn-2 or Vn embedded in the encoded message after error correction is output.
 以上説明したように、送信装置400において、メッセージ符号化部402は、(n-t+s,t+1―s,n)閾値法でn個の符号化メッセージ情報V1~Vn(Vi(i=1,2,・・・,n))を生成する。不正チャンネル特定情報生成部403は、メッセージ符号化部402の生成したn個の符号化メッセージ情報V1~Vn(Vi)と、t次多項式とを用いて、各符号化メッセージ情報V1~Vn(Vi)に対する不正チャンネル特定情報A1~An(Ai(i=1,2,・・・,n))を生成する。 As described above, in the transmission device 400, the message encoding unit 402 uses the (n−t + s, t + 1−s, n) threshold method to encode n pieces of encoded message information V1 to Vn (Vi (i = 1, 2). ,..., N)) are generated. The illegal channel identification information generation unit 403 uses the n pieces of encoded message information V1 to Vn (Vi) generated by the message encoding unit 402 and the t-order polynomial to generate each encoded message information V1 to Vn (Vi). ) To generate illegal channel specifying information A1 to An (Ai (i = 1, 2,..., N)).
 一方、受信装置500の不正チャンネル特定部502は、メッセージ情報V1~Vn(Vi(i=1,2,・・・,n))およびそれらに対応する不正符号化メッセージ特定用データA1~Anを用いて、リード・ソロモン誤り訂正処理を行って、実際に改竄された想定不正チャンネルt1~tn-2又はtnをリストした集合Lを出力する。 On the other hand, the unauthorized channel specifying unit 502 of the receiving device 500 receives the message information V1 to Vn (Vi (i = 1, 2,..., N)) and the corresponding illegally encoded message specifying data A1 to An. Then, a Reed-Solomon error correction process is performed, and a set L that lists the actually assumed falsified channels t1 to tn-2 or tn is output.
 符号化メッセージ誤り訂正部501は、不正チャンネル特定部502によるリード・ソロモン誤り訂正処理にて誤りが検出されなかった符号化メッセージ情報V1~Vn(Vi)にリード・ソロモン誤り訂正処理を行って、訂正処理後の符号化メッセージ情報V1~Vnに埋め込まれているメッセージmを出力する。 The encoded message error correction unit 501 performs the Reed-Solomon error correction process on the encoded message information V1 to Vn (Vi) in which no error is detected in the Reed-Solomon error correction process by the unauthorized channel specifying unit 502, The message m embedded in the encoded message information V1 to Vn after the correction process is output.
 各メッセージ情報V1~Vn(Vi(i=1,2,・・・,n))から一意に導き出される値xi(i=1,2,・・・,n)を、ランダムなt次多項式に代入し、得られた値を各メッセージ情報V1~Vn(Vi)に対する不正符号化メッセージ特定用データA1~An(Ai)とする。その際、任意のメッセージ情報Vi,VjについてVi≠Vjであればxi≠xjが成立するように、メッセージ情報Viとiからxiを生成するとき、q≦n×pとなるqに対して、有限体GF(q)上でxi=p×(i-1)+Vi(i=1,2,・・・,n)を計算する。 A value xi (i = 1, 2,..., N) uniquely derived from each message information V1 to Vn (Vi (i = 1, 2,..., N)) is converted into a random t-order polynomial. The values obtained by substitution are used as the illegally encoded message specifying data A1 to An (Ai) for the message information V1 to Vn (Vi). At that time, when generating xi from the message information Vi and i so that xi ≠ xj is satisfied if Vi ≠ Vj for any message information Vi, Vj, for q satisfying q ≦ n × p, Xi = p × (i−1) + Vi (i = 1, 2,..., N) is calculated on the finite field GF (q).
 符号化メッセージ情報のサイズをpとする本実施形態では、メッセージ情報V1~Vnとのサイズと不正符号化メッセージ特定用データA1~Antのサイズとを併せた集合のサイズがp×qとなる。この処理は、各メッセージ情報V1~Vnをt次多項式に入力する際に、t次多項式が用いている有限体上で異なる値となるように加工する処理であれば、どのような方法でもよい。 In the present embodiment where the size of the encoded message information is p, the size of the set combining the sizes of the message information V1 to Vn and the sizes of the illegally encoded message specifying data A1 to Ant is p × q. This process may be performed by any method as long as the message information V1 to Vn are input to the t-order polynomial so as to be processed to have different values on the finite field used by the t-order polynomial. .
 まず、不正なメッセージ情報V1~Vn-2又はVnが不正チャンネル特定部502によって検出されない確率はおよそ、1/qである。しかし、s個までの不正なメッセージ情報V1~Vn-2又はVnは、リード・ソロモン誤り訂正処理によって訂正される。つまり、正しいメッセージ情報V1~Vn-2又はVnを受信できる確率はおよそ1-1/qsとなる。よってメッセージ情報V1~Vn-2又はVnの受信を失敗する確率をδし、メッセージ情報V1~Vn-2又はVnが要素数pの集合から選ばれる場合、チャンネル300-1~300-nを通して送信するデータは、およそ要素数p[1/(n-2t-s)+[1/δ][1/s]の集合の要素となる。 First, the probability that unauthorized message information V1 to Vn-2 or Vn is not detected by the unauthorized channel specifying unit 502 is approximately 1 / q. However, up to s pieces of invalid message information V1 to Vn-2 or Vn are corrected by the Reed-Solomon error correction process. That is, the probability that correct message information V1 to Vn-2 or Vn can be received is approximately 1-1 / q s . Therefore, the probability of failing to receive the message information V1 to Vn-2 or Vn is δ, and when the message information V1 to Vn-2 or Vn is selected from the set of the number of elements p, it is transmitted through the channels 300-1 to 300-n. The data to be processed are elements of a set of approximately the number of elements p [1 / (n−2t−s) + [1 / δ] [1 / s] .
 非特許文献2に記載されている方式を用いる場合、各チャンネルを通して送信するデータはおよそ要素数p[1/(n-2t)]+1/δの集合の要素であった。ここで、pとδを適切に選ぶことで、本実施形態の各チャンネルを通して送るデータのサイズは、非特許文献2に記載されている方式に比べて低減される。 When the method described in Non-Patent Document 2 is used, data transmitted through each channel is an element of a set of approximately the number of elements p [1 / (n-2t)] + 1 / δ. Here, by appropriately selecting p and δ, the size of data transmitted through each channel of the present embodiment is reduced as compared with the method described in Non-Patent Document 2.
 本実施形態は、不正符号化メッセージ特定用データの誤りを訂正する方法として、リード・ソロモン誤り訂正処理を用いているが、誤りが確実に訂正できる方法であれば、他の方法を用いてもよい。 In this embodiment, Reed-Solomon error correction processing is used as a method for correcting an error in data for specifying an illegally encoded message. However, other methods may be used as long as the error can be reliably corrected. Good.
 以上説明したように、チャンネル数をnとし、想定する不正な想定不正チャンネル数をtとし、許容可能なメッセージ受信失敗確率δとする場合、メッセージmを伝送する場合、|m|はmのビット長を表すものとして|m|/(t+1-s)+(log(1/δ)/sが最小になるような調整パラメータsを生成し、メッセージをt個以下の数の符号化されたメッセージ情報からメッセージに関する情報が得られず、t+s個以下の符号化されたメッセージ情報がない場合であってもn個のメッセージ情報を復号でき、n-t個以上のメッセージ情報(メッセージの符号語)のうちs個以下の誤りを訂正することができるようなn個のメッセージ情報(メッセージの符号語)を2t+1個以上のメッセージ情報(メッセージの符号語)からメッセージが復号できるような3t+1個以上のメッセージの符号語とt個以下の誤りがあっても、前記した複数のメッセージの符号語のうちt個以下の誤りの検出することができる複数の不正符号化メッセージ特定用データを生成、送信する送信装置と、受信したメッセージの符号語とそれらに対応する不正符号化メッセージ特定用データに対してメッセージの符号語と、不正符号化メッセージ特定用データを用いて、メッセージの符号語のそれぞれに不正がないか判定し、不正がないと判定されたメッセージの符号語に対して誤り訂正処理を行い、訂正処理後のメッセージの符号語からメッセージを復号する受信装置を用いる。これにより、n本のチャンネルを用いて、そのうちt本のチャンネルを流れる情報が改竄される場れても、効率的かつ正確にメッセージを伝送可能な伝送システムを提供することができる。 As described above, when the number of channels is n, the assumed number of assumed illegal channels is t, and the allowable message reception failure probability is δ, when transmitting the message m, | m | An adjustment parameter s that minimizes | m | / (t + 1−s) + (log (1 / δ) / s as a length is generated, and the number of encoded messages is t or less. Even if there is no information about the message from the information and there is no t + s encoded message information, n message information can be decoded, and n−t or more message information (message codewords) Can decode n message information (message codeword) from 2t + 1 or more message information (message codeword) so that s or less errors can be corrected. Even when there are 3t + 1 or more message codewords and t or less errors, the identification of a plurality of illegally encoded messages that can detect t or less errors among the codewords of the plurality of messages described above A message is generated by using a message codeword and illegally encoded message specifying data for a transmission device that generates and transmits data for use, a codeword of the received message, and an illegally encoded message specifying data corresponding thereto. A receiving device that determines whether each of the codewords is fraudulent, performs error correction processing on the codeword of the message that has been determined to be fraudulent, and decodes the message from the codeword of the corrected message is used As a result, even if n channels are used and information flowing through t channels is tampered with, the message can be efficiently and accurately transmitted. A transmission system capable of transmitting a signal can be provided.
 なお、各図のフローチャートに示す処理を、CPUが実行するためのプログラムは本発明によるプログラムを構成する。このプログラムを記録する記録媒体としては、半導体記憶部や光学的及び/又は磁気的な記憶部等を用いることができる。このようなプログラム及び記録媒体を、前述した各実施形態とは異なる構成のシステム等で用い、そこのCPUで上記プログラムを実行させることにより、本発明と実質的に同じ効果を得ることができる。 It should be noted that the program for the CPU to execute the processing shown in the flowcharts of the drawings constitutes a program according to the present invention. As a recording medium for recording the program, a semiconductor storage unit, an optical and / or magnetic storage unit, or the like can be used. By using such a program and a recording medium in a system having a configuration different from that of each of the above-described embodiments and causing the CPU to execute the program, substantially the same effect as the present invention can be obtained.
 以上、本発明を好適な実施形態に基づき具体的に説明したが、本発明は上記のものに限定されるものではなく、その要旨を逸脱しない範囲で種々変更可能であることは言うまでもない。 As described above, the present invention has been specifically described based on the preferred embodiments, but the present invention is not limited to the above-described ones, and it is needless to say that various modifications can be made without departing from the scope of the present invention.
 この出願は2009年2月17日に出願された日本出願特願2009-034468を基礎とする優先権を主張し、その開示の全てをここに取り込む。 This application claims priority based on Japanese Patent Application No. 2009-034468 filed on Feb. 17, 2009, the entire disclosure of which is incorporated herein.
 本発明によれば、チャンネルを通して伝送するデータの容量を小さくする事に貢献できるものである。 According to the present invention, it is possible to contribute to reducing the volume of data transmitted through the channel.
 100、400  送信装置
 101  メッセージ符号化部
 102  不正チャンネル特定情報生成部
 200、500  受信装置
 201  メッセージ復元部
 202  不正チャンネル特定部
 300-1~300-n  チャンネル
 401  調整パラメータ生成部
 402  メッセージ符号化部
 403  不正チャンネル特定情報生成部
 501  符号化メッセージ誤り訂正部
 502  不正チャンネル特定部
 601  符号化メッセージ情報変換部
 602  RS情報源生成部
 603  RS符号語生成部
 701  RS誤り訂正部
 702  不正チャンネル集合出力部 100, 400 Transmitting device 101 Message encoding unit 102 Illegal channel specifying information generating unit 200, 500 Receiving device 201 Message restoring unit 202 Illegal channel specifying unit 300-1 to 300-n Channel 401 Adjustment parameter generating unit 402 Message encoding unit 403 Unauthorized channel identification information generation unit 501 Encoded message error correction unit 502 Unauthorized channel identification unit 601 Encoded message information conversion unit 602 RS information source generation unit 603 RS codeword generation unit 701 RS error correction unit 702 Unauthorized channel set output unit

Claims (7)

  1.  メッセージをn個のメッセージ情報に符号化し、そのn個のメッセージ情報をチャンネルに出力する符号化装置であって、
     想定不正チャンネル数tと、許容可能なメッセージ受信失敗確率δと、チャンネル数nとを入力として、メッセージ情報の容量が減少する度合いが小さく且つ、前記メッセージ情報に不正が生じたチャンネルを特定するための不正チャンネル特定用データが増加する度合いが大きくなる係数である調整パラメータを選定する調整パラメータ生成手段と、
     メッセージmと、全てのチャンネル数nと、想定不正チャンネル数tと、前記調整パラメータsとの情報を受け取って、前記調整パラメータsを考慮した符号化方式に基づいて、前記メッセージから2以上のメッセージ情報を生成するメッセージ符号化手段と、
     前記メッセージ符号化手段からのメッセージ情報と、想定不正チャンネル数tと、チャンネル数nを入力として、前記メッセージが埋め込まれた有限体上のt次多項式Gを生成し、前記t次多項式Gに、前記メッセージ情報が有限体上で異なる値となるように加工処理を行い、その加工後のt次多項式にメッセージ情報を入力したときの出力を不正符号化メッセージ特定用データとし、その不正符号化メッセージ特定用データを前記メッセージ情報と対応させて生成する不正符号語特定データ生成手段とを有することを特徴とする符号化装置。
    An encoding device that encodes a message into n message information and outputs the n message information to a channel,
    In order to identify the channel in which the amount of message information is reduced and the message information is fraudulent, with the assumed number of illegal channels t, the acceptable message reception failure probability δ, and the number of channels n as inputs. Adjustment parameter generation means for selecting an adjustment parameter that is a coefficient that increases the degree of increase in the unauthorized channel specifying data of
    Two or more messages are received from the message on the basis of an encoding scheme that receives the information of the message m, the number of all channels n, the assumed number of illegal channels t, and the adjustment parameter s. Message encoding means for generating information;
    The message information from the message encoding means, the assumed number of illegal channels t, and the number of channels n are input, and a t-order polynomial G on a finite field in which the message is embedded is generated. Processing is performed so that the message information has a different value on a finite field, and the output when the message information is input to the t-order polynomial after the processing is used as data for specifying an illegally encoded message, and the illegally encoded message An encoding apparatus comprising: illegal codeword specifying data generating means for generating specifying data in association with the message information.
  2.  符号化装置が出力するメッセージ情報と不正符号化メッセージ特定用データとを受信し、符号化されたメッセージ情報に基づいてメッセージを復号する復号化装置であって、
     想定不正チャンネル数tとチャンネル数nとに加えて、チャンネルから不正符号化メッセージ特定用データ及びメッセージ情報を受信し、その受信した不正符号化メッセージ特定用データに対して誤り訂正処理を行い、その訂正処理後の不正符号化メッセージ特定用データに基づいて、前記符号化装置が生成したt次多項式Gの復元処理を行い、すべてのメッセージ情報について復元されたt次多項式Gに、前記符号化装置が行った加工と同じ方法で加工を行い、加工後のt次多項式に前記メッセージ情報を入力した値が加工前のメッセージ情報と対応する不正符号化メッセージ特定用データと等しいかを判定し、等しかったすべての不正符号化メッセージ特定用データのリストを集合として出力する不正チャンネル特定手段と、
     想定不正チャンネル数tとチャンネル数nとに加えて、前記不正チャンネル特定手段から前記集合を受け取ると共に、チャンネルからメッセージ情報を受信し、前記集合Lに含まれない不正符号化メッセージ特定用データに対応するメッセージ情報に誤り訂正処理を行い、訂正処理後のメッセージ情報に基づいて前記符号化装置が生成したn-(t+s+1)次多項式Fを復元し、この多項式Fから、前記符号化装置がメッセージ情報を有限体に埋め込んだ方法に対応する方法でメッセージを抽出して出力する符号化メッセージ誤り訂正手段とを有することを特徴とする復号化装置。
    A decoding device that receives message information output from an encoding device and data for specifying an illegally encoded message, and decodes the message based on the encoded message information,
    In addition to the assumed illegal channel number t and channel number n, the illegally encoded message specifying data and message information are received from the channel, and error correction processing is performed on the received illegally encoded message specifying data, Based on the data for specifying the illegally encoded message after the correction process, the encoding device performs a restoration process on the t-order polynomial G generated by the encoding device, and converts the t-order polynomial G restored for all message information into the encoding device. The processing is performed in the same manner as the processing performed, and it is determined whether the value obtained by inputting the message information in the t-order polynomial after processing is equal to the data for specifying the illegally encoded message corresponding to the message information before processing. An illegal channel specifying means for outputting a list of all illegally encoded message specifying data as a set,
    In addition to the assumed illegal channel number t and channel number n, the set is received from the illegal channel specifying means, message information is received from the channel, and data for specifying an illegally encoded message not included in the set L is supported. Error correction processing is performed on the message information to be corrected, and the n- (t + s + 1) degree polynomial F generated by the encoding device is restored based on the message information after the correction processing. From this polynomial F, the encoding device transmits message information And a coded message error correcting means for extracting and outputting a message by a method corresponding to a method of embedding the code in a finite field.
  3.  請求項1に記載の符号化装置と、前記請求項2に記載の復号化装置とを組み合わせたことを特徴とする伝送システム。
    A transmission system comprising a combination of the encoding device according to claim 1 and the decoding device according to claim 2.
  4.  メッセージをn個のメッセージ情報に符号化し、そのn個のメッセージ情報をチャンネルに出力する符号化方法であって、
     想定不正チャンネル数tと、許容可能なメッセージ受信失敗確率δと、チャンネル数nとを入力として、メッセージ情報の容量が減少する度合いが小さく且つ、前記メッセージ情報に不正が生じたチャンネルを特定するための不正チャンネル特定用データが増加する度合いが大きくなる係数である調整パラメータを選定し、
     メッセージmと、全てのチャンネル数nと、想定不正チャンネル数tと、前記調整パラメータsとの情報を受け取って、前記調整パラメータsを考慮した符号化方式に基づいて、前記メッセージから2以上のメッセージ情報を生成し、
     前記符号化されたメッセージ情報と、想定不正チャンネル数tと、チャンネル数nを入力として、前記メッセージが埋め込まれた有限体上のt次多項式Gを生成し、前記t次多項式Gに、前記メッセージ情報が有限体上で異なる値となるように加工処理を行い、その加工後のt次多項式にメッセージ情報を入力したときの出力を不正符号化メッセージ特定用データとし、その不正符号化メッセージ特定用データを前記メッセージ情報と対応させて生成することを特徴とする符号化方法。
    An encoding method for encoding a message into n message information and outputting the n message information to a channel,
    In order to identify the channel in which the amount of message information is reduced and the message information is fraudulent, with the assumed number of illegal channels t, the acceptable message reception failure probability δ, and the number of channels n as inputs. Select an adjustment parameter that is a coefficient that increases the degree of increase in the unauthorized channel identification data for
    Two or more messages are received from the message on the basis of an encoding scheme that receives the information of the message m, the number of all channels n, the assumed number of illegal channels t, and the adjustment parameter s. Generate information,
    The encoded message information, the assumed number of illegal channels t, and the number of channels n are input, and a t-order polynomial G on a finite field in which the message is embedded is generated. Processing is performed so that the information has a different value on the finite field, and the output when the message information is input to the t-order polynomial after the processing is used as the data for specifying the illegally encoded message. An encoding method, wherein data is generated in correspondence with the message information.
  5.  符号化装置が符号化したメッセージ情報と、その情報に対応する不正符号化メッセージ特定用データとを受信し、符号化されたメッセージ情報に基づいてメッセージを復号する復号化方法であって、
     想定不正チャンネル数tとチャンネル数nとに加えて、チャンネルから不正符号化メッセージ特定用データ及びメッセージ情報を受信し、その受信した不正符号化メッセージ特定用データに対して誤り訂正処理を行い、その訂正処理後の不正符号化メッセージ特定用データに基づいて、前記符号化装置が生成したt次多項式Gの復元処理を行い、すべてのメッセージ情報について復元されたt次多項式Gに、前記符号化装置が行った加工と同じ方法で加工を行い、加工後のt次多項式に前記メッセージ情報を入力した値が加工前のメッセージ情報と対応する不正符号化メッセージ特定用データと等しいかを判定し、等しかったすべての不正符号化メッセージ特定用データのリストを集合として出力し、
     想定不正チャンネル数tとチャンネル数nとに加えて、前記集合を受け取ると共に、チャンネルからメッセージ情報を受信し、前記集合Lに含まれない不正符号化メッセージ特定用データに対応するメッセージ情報に誤り訂正処理を行い、訂正処理後のメッセージ情報に基づいて前記符号化装置が生成したn-(t+s+1)次多項式Fを復元し、この多項式Fから、前記符号化装置がメッセージ情報を有限体に埋め込んだ方法に対応する方法でメッセージを抽出して出力することを特徴とする復号化方法。
    A decoding method for receiving message information encoded by an encoding device and data for specifying an illegally encoded message corresponding to the information, and decoding a message based on the encoded message information,
    In addition to the assumed illegal channel number t and channel number n, the illegally encoded message specifying data and message information are received from the channel, and error correction processing is performed on the received illegally encoded message specifying data, Based on the data for specifying the illegally encoded message after the correction process, the encoding device performs a restoration process on the t-order polynomial G generated by the encoding device, and converts the t-order polynomial G restored for all message information into the encoding device. The processing is performed in the same manner as the processing performed, and it is determined whether the value obtained by inputting the message information in the t-order polynomial after processing is equal to the data for specifying the illegally encoded message corresponding to the message information before processing. Output a list of all illegally encoded message identification data as a set,
    In addition to the assumed illegal channel number t and channel number n, the set is received, message information is received from the channel, and error correction is performed on message information corresponding to illegally encoded message specifying data not included in the set L. The n- (t + s + 1) degree polynomial F generated by the encoding device is restored based on the message information after correction processing, and the encoding device embeds the message information in a finite field from this polynomial F A decoding method, wherein a message is extracted and output by a method corresponding to the method.
  6.  メッセージをn個のメッセージ情報に符号化し、そのn個のメッセージ情報をチャンネルに出力する制御を行う符号化プログラムであって、
     コンピュータに、
     想定不正チャンネル数tと、許容可能なメッセージ受信失敗確率δと、チャンネル数nとを入力として、メッセージ情報の容量が減少する度合いが小さく且つ、前記メッセージ情報に不正が生じたチャンネルを特定するための不正チャンネル特定用データが増加する度合いが大きくなる係数である調整パラメータを選定する機能と、
     メッセージmと、全てのチャンネル数nと、想定不正チャンネル数tと、前記調整パラメータsとの情報を受け取って、前記調整パラメータsを考慮した符号化方式に基づいて、前記メッセージから2以上のメッセージ情報を生成する機能と、
     前記符号化されたメッセージ情報と、想定不正チャンネル数tと、チャンネル数nを入力として、前記メッセージが埋め込まれた有限体上のt次多項式Gを生成し、前記t次多項式Gに、前記メッセージ情報が有限体上で異なる値となるように加工処理を行い、その加工後のt次多項式にメッセージ情報を入力したときの出力を不正符号化メッセージ特定用データとし、その不正符号化メッセージ特定用データを前記メッセージ情報と対応させて生成する機能とを実行させることを特徴とする符号化プログラム。
    An encoding program for performing control to encode a message into n message information and output the n message information to a channel,
    On the computer,
    In order to identify the channel in which the amount of message information is reduced and the message information is fraudulent, with the assumed number of illegal channels t, the acceptable message reception failure probability δ, and the number of channels n as inputs. A function for selecting an adjustment parameter, which is a coefficient that increases the degree of increase in illegal channel identification data of
    Two or more messages are received from the message on the basis of an encoding scheme that receives the information of the message m, the number of all channels n, the assumed number of illegal channels t, and the adjustment parameter s. The ability to generate information,
    The encoded message information, the assumed number of illegal channels t, and the number of channels n are input, and a t-order polynomial G on a finite field in which the message is embedded is generated. Processing is performed so that the information has a different value on the finite field, and the output when the message information is input to the t-order polynomial after the processing is used as the data for specifying the illegally encoded message. An encoding program for executing a function of generating data in association with the message information.
  7.  符号化装置が符号化したメッセージ情報と、その情報に対応する不正符号化メッセージ特定用データとを受信し、符号化されたメッセージ情報に基づいてメッセージを復号する制御を行う復号化プログラムであって、
     コンピュータに、
     想定不正チャンネル数tとチャンネル数nとに加えて、チャンネルから不正符号化メッセージ特定用データ及びメッセージ情報を受信し、その受信した不正符号化メッセージ特定用データに対して誤り訂正処理を行い、その訂正処理後の不正符号化メッセージ特定用データに基づいて、前記符号化装置が生成したt次多項式Gの復元処理を行い、すべてのメッセージ情報について復元されたt次多項式Gに、前記符号化装置が行った加工と同じ方法で加工を行い、加工後のt次多項式に前記メッセージ情報を入力した値が加工前のメッセージ情報と対応する不正符号化メッセージ特定用データと等しいかを判定し、等しかったすべての不正符号化メッセージ特定用データのリストを集合として出力する機能と、
     想定不正チャンネル数tとチャンネル数nとに加えて、前記集合を受け取ると共に、チャンネルからメッセージ情報を受信し、前記集合Lに含まれない不正符号化メッセージ特定用データに対応するメッセージ情報に誤り訂正処理を行い、訂正処理後のメッセージ情報に基づいて前記符号化装置が生成したn-(t+s+1)次多項式Fを復元し、この多項式Fから、前記符号化装置がメッセージ情報を有限体に埋め込んだ方法に対応する方法でメッセージを抽出して出力する機能とを実行させることを特徴とする復号化プログラム。     A decoding program that receives message information encoded by an encoding device and data for specifying an illegally encoded message corresponding to the information, and performs control for decoding the message based on the encoded message information. ,
    On the computer,
    In addition to the assumed illegal channel number t and channel number n, the illegally encoded message specifying data and message information are received from the channel, and error correction processing is performed on the received illegally encoded message specifying data, Based on the data for specifying the illegally encoded message after the correction process, the encoding device performs a restoration process on the t-order polynomial G generated by the encoding device, and converts the t-order polynomial G restored for all message information into the encoding device. The processing is performed in the same manner as the processing performed, and it is determined whether the value obtained by inputting the message information in the t-order polynomial after processing is equal to the data for specifying the illegally encoded message corresponding to the message information before processing. A function to output a list of all illegally encoded message identification data as a set,
    In addition to the assumed illegal channel number t and channel number n, the set is received, message information is received from the channel, and error correction is performed on message information corresponding to illegally encoded message specifying data not included in the set L. The n- (t + s + 1) degree polynomial F generated by the encoding device is restored based on the message information after correction processing, and the encoding device embeds the message information in a finite field from this polynomial F A decoding program that executes a function of extracting and outputting a message in a method corresponding to the method.
PCT/JP2010/052373 2009-02-17 2010-02-17 Encoding device, decoding device, transmission system, encoding method, decoding method, program WO2010095662A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2011500635A JPWO2010095662A1 (en) 2009-02-17 2010-02-17 Encoding device, decoding device, transmission system, encoding method, decoding method, program

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2009-034468 2009-02-17
JP2009034468 2009-02-17

Publications (1)

Publication Number Publication Date
WO2010095662A1 true WO2010095662A1 (en) 2010-08-26

Family

ID=42633942

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2010/052373 WO2010095662A1 (en) 2009-02-17 2010-02-17 Encoding device, decoding device, transmission system, encoding method, decoding method, program

Country Status (2)

Country Link
JP (1) JPWO2010095662A1 (en)
WO (1) WO2010095662A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005210735A (en) * 2004-01-26 2005-08-04 Hewlett-Packard Development Co Lp Signal processing apparatus, signal processing method and computer readable storage medium
WO2009020143A1 (en) * 2007-08-06 2009-02-12 Nec Corporation Transmission system, method, and program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005210735A (en) * 2004-01-26 2005-08-04 Hewlett-Packard Development Co Lp Signal processing apparatus, signal processing method and computer readable storage medium
WO2009020143A1 (en) * 2007-08-06 2009-02-12 Nec Corporation Transmission system, method, and program

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
TOSHINORI ARAKI ET AL.: "Efficient Almost Secure 1-Round Message Transmission Schemes for 3t+1 Channels", IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS, COMMUNICATIONS AND COMPUTER SCIENCES, vol. E93.A, no. 1, January 2010 (2010-01-01), pages 126 - 135, XP001552392, DOI: doi:10.1587/transfun.93.A.126 *

Also Published As

Publication number Publication date
JPWO2010095662A1 (en) 2012-08-30

Similar Documents

Publication Publication Date Title
JP5510590B2 (en) Transmission system, method and program
JP5564434B2 (en) Methods and entities for probabilistic symmetric encryption
KR100730715B1 (en) Flexible method of error protection in communications systems
US8473738B2 (en) Mode of information transmission and complex protection
US9059746B2 (en) Data sharing method, transmitter, receiver and data sharing system
JP5151987B2 (en) Distributed information generation apparatus and restoration apparatus
RU2680350C2 (en) Method and system of distributed storage of recoverable data with ensuring integrity and confidentiality of information
JP2004274459A (en) Method for delivering quantum key and communication apparatus
US20180270014A1 (en) Information processing apparatus
US9231927B2 (en) Information processing apparatus, data generation method, information processing method, and information processing system for updating and verifying software programs
US20150304293A1 (en) Message authentication system and message authentication method
WO2013185271A1 (en) Data reconstruction method and apparatus against byzantine failure in network storage, and method and apparatus for restoring failure data
US20030188242A1 (en) Shared data refining device and shared data refining method
EP2850765B1 (en) Method and apparatus for error recovery using information related to the transmitter
WO2015092585A1 (en) Method and apparatus for cipher fault detection
WO2010095662A1 (en) Encoding device, decoding device, transmission system, encoding method, decoding method, program
JP2014030228A (en) System and method for effectively transferring electronic information
US11196447B2 (en) Computer-implemented method for error-correction-encoding and encrypting of a file
WO2023089776A1 (en) Communication system, transmitting device, receiving device, method thereof, and program
RU2536384C2 (en) Method of receiving information over two parallel channels
RU2396723C2 (en) Correction of single bit errors in code words coded by method of relative phased manipulation, with help of accepted combined digital sum
Omote et al. ND-POR: A POR based on network coding and dispersal coding
Zivic Reliability of soft verification of message authentication codes
Lv et al. Loss‐tolerant authentication with digital signatures
Omote et al. Improvement of Network coding-based System for Ensuring Data Integrity in Cloud Computing

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10743788

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2011500635

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10743788

Country of ref document: EP

Kind code of ref document: A1