JP2003143127A - Security maintaining method, its execution system and its processing process - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide technique prohibits a tapping person from recognizing a key found by once accident to be really a right key. SOLUTION: A plurality of sets of equipments obtained by connecting a center equipment and a home equipment is set with respect to the single equipment in a network security maintaining method. The method has a step for setting a Mac address of sending destination equipment to the sending destination address of a frame to be transmitted and setting the Mac address of sending source equipment to a sending source address within set of the equipments obtained by connecting the center equipment and the home equipment to cipher the frame with the first ciphering key of the home equipment corresponding to the frame, a step for selecting the frame ciphered by a first ciphering key and ciphering it with the second ciphering key of the home equipment corresponding to the frame, a step for selecting the ciphered frame ciphered by the first ciphering key and deciphering it with the second ciphering key of the corresponding home equipment, and a step for deciphering the frame deciphered by the second ciphering key by the first ciphering key of the corresponding home equipment.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a network system, and more particularly to a network in which a plurality of terminals are 1: N.
The present invention relates to a technique effectively applied to prevention of wiretapping in a system connected by (N is a natural number).

[0002]

2. Description of the Related Art In a cable television network, many modems are connected to the network and the network is divided (frequency or time division) for use. Therefore,
Communication data flowing in the network is input to all the modems connected to the network, and all the modems connected to the network have a possibility of eavesdropping on each other. Therefore, in the conventional cable television network, eavesdropping, spoofing and the like are prevented by encrypting communication data and authenticating the device.

As a security standard for conventional cable television, the CATV high-speed data transmission device baseline privacy was established in 1999 as a standard of Japan CATV Technical Association. This is Mac (M: M
edia Access Control) layer (a part of the data link layer) was used for encryption.

As a conventional cable television device authentication system, Japanese Patent Application No. 2001-62962,
Or Japan Catv Technology Council Standard JC
There was CATV high speed data transmission equipment baseline privacy of TEA STA-005-BP-1.0. In these authentication systems, the unique numerical value (Ma
c address, etc.) and the key distributed to the device (common key in the above patent, public key and private key in baseline privacy)
It was configured to perform device authentication based on the above.

[0005]

The present inventor has found the following problems as a result of examining the above-mentioned prior art. It is known that the ciphers used are computationally secure and will always be resolved with time.

For this reason, there is a possibility that important information may be accidentally solved and the important information may be tapped by repeated attempts. Furthermore, it is undeniable that wiretapping of important information may occur accidentally.

It is an object of the present invention to provide a technique capable of preventing an eavesdropper from recognizing that a key is truly correct even if the key is found by accident once.

The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

[0009]

Among the inventions disclosed in the present application, a brief description will be given to the outline of typical ones.
It is as follows.

In a network security system in which a plurality of sets of devices connecting a center device and a home device are set for a single center device, the center address is set to the destination address of a frame transmitted from the home device. A MAC address of the device, a MAC address of the home device as a source address, and a frame for encrypting the frame with the first encryption key of the home device; and a means for encrypting with the first encryption key. Means for selecting a frame for transmitting an encryption key from among the encrypted frames and encrypting it with the second encryption key of the home device, and a unit for encrypting the encrypted frame transmitted from the home device to the center device. Select the encrypted frame encrypted with the second encryption key in the selected encrypted frame with the second encryption key of the home device that is the transmission source. Means for decoding of the frame,
The frame encrypted with the first encryption key and the second
Means for decrypting the frame decrypted by the first encryption key of the home apparatus which is the transmission source, and the Mac address of the home apparatus is set as the destination address of the frame transmitted from the center apparatus. , Set the Mac address of the center device to the sender address,
Means for encrypting the frame with the first encryption key of the home device which is the destination, and a frame for transmitting the encryption key among the frames encrypted with the first encryption key, and selecting the frame as the destination. Means for encrypting with the second encryption key of the home device, and selecting an encrypted frame encrypted with the second encryption key from the encrypted frames transmitted from the center device to the home device. Means for decrypting the encrypted frame with the second encryption key of the home device that is the destination, and the destination with the frame encrypted with the first encryption key and the frame decrypted with the second encryption key And means for decrypting with the first encryption key of the home device.

According to the above-mentioned means, in the set of devices in which the center device and the home device are connected, after the device on the transmission side encrypts the frame with the first encryption key corresponding to the home device, The encrypted frame is encrypted with the second encryption key, and the doubly encrypted frame is sent to the network.

On the other hand, in this set of devices, the device on the receiving side decrypts the double-encrypted frame with the second encryption key corresponding to the home device, and then uses the first encryption key. By decrypting, even if an eavesdropper accidentally finds the second encryption key, for example, the obtained result is the same as that when it cannot be solved, and it is not possible to determine whether or not it can be solved. That is, the frame decrypted with the second encryption key becomes the frame encrypted with the first encryption key,
Since the data has no special meaning, the eavesdropper cannot determine that the second encryption key used for analysis is a correct key. As a result, even if the eavesdropper could decrypt the frame with the correct second encryption key, the decryption result would be a list of meaningless data. Will be discarded as, and the security can be improved.

[0013]

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, the present invention will be described in detail with reference to the drawings together with an embodiment (example) of the invention.

In all the drawings for explaining the embodiments of the invention, components having the same function are designated by the same reference numeral, and the repeated description thereof will be omitted.

(First Embodiment) FIG. 1 is a diagram for explaining a schematic configuration of a security system according to a first embodiment of the present invention. In particular, a center station and subscribers are connected by a tree network. The figure shows the case of application to a cable television network. Further, in the following description, the number of subscriber devices 110 and 120 connected to one center station 100 is two.
Two cases will be described. The subscriber units 110 and 12
Needless to say, 0 is not limited to two and may be two or more. Furthermore, in the first embodiment,
The case of using the encryption key No. 3 will be described, but the number of encryption keys may be four or more.

In FIG. 1, 100 is a center station (center device), 101 is a headend modem, 102 is an encryption / decryption device, 103 is an address detection means, 104 is a key management / key distribution means, and 105 is dummy data generation. means,
110 is a first subscriber device (first home device), 11
1 is a cable modem, 112 is an encryption / decryptor, 113 is a key manager, 114 is a personal computer (P
C), 120 is a second subscriber device (second home device), and 130 is a network. However, in the present embodiment, as in the conventional cable television network, the center station 100 is configured to be connected to other center stations or information processing devices (not shown) via a dedicated line or internet line not shown. .

As shown in FIG. 1, the center station 100 is
Headend modem 101 and encryption / decryption device 102
Address detection means 103 and key management / key distribution means 1
04 and dummy data generating means 105.

The headend modem 101 is means for modulating / demodulating an encrypted frame and transmitting / receiving it to / from each of the subscriber devices 110 and 120 via a network 130 such as a cable television network.

The encryption / decryption device 102 is composed of, for example, a first encryption / decryption device not shown and a second encryption device not shown.

The first encryption / decryption device is the center station 1
00, the Mac address of any of the subscriber devices 110 and 120 of the transmission destination is set to the transmission destination address of the frame, the Mac address of the center station 100 is set to the transmission source address, and the frame is key-managed / Subscriber devices 110, 120 from the key distribution means 104
Is means for encrypting with the first encryption key corresponding to. The first encryption / decryption device is the subscriber device 110, 1
The encrypted frame from the first subscriber device 110, which is the sender of the encrypted frame transmitted from the 20 to the center station 100, is transmitted from the key management / key distribution unit 104 to the first encrypted frame.
It is means for decrypting with the first encryption key corresponding to the subscriber device 110 of.

The second encryption device is a device which operates only when an encryption key (key data to be updated) to be transmitted from the key management / key distribution means 104 to the subscriber devices 110 and 120 is input. By inputting this key data, the first encryption /
Key management / encryption of encrypted frames encrypted by the decryption device
It is means for encrypting with the second encryption key corresponding to the subscriber device 110, 120 from the key distribution means 104. However,
As will be described later, the subscriber device 11 to which the encryption key is sent, such as at the time of initial registration of the subscriber devices 110 and 120.
If at least two encryption keys are not set in 0 and 120, the second encryption device does not encrypt the frame.

In the first embodiment, only the transmission of the encryption key generated by the center station is double-encrypted, so that the second encryption device encrypts with the second encryption key. It does not require a decoding function for the generated frames. However, from each subscriber device 110, 120 to the center station 1
It is also possible to duplicate the frame to be sent to 00, and in this case, it goes without saying that the second encryption device needs a decryption function for the frame encrypted with the second encryption key. Further, information in which the Mac address of each subscriber device 110, 120 is duplicated and encrypted is also required.

Further, in the first embodiment, the key data input from the key management / key distribution means 104 is the data of the encryption key into which the dummy data generated by the dummy data generation circuit 105 is inserted. There is.

Further, the first encryption / decryption device and the second encryption device include the destination Mac address and source Mac address of the frame and communication data (including data in which dummy data is inserted). It is configured to encrypt each separately.

The address detecting means 103 stores the encrypted Mac address obtained by encrypting the Mac address of each of the subscriber devices 110 and 120 and the center station with the first encryption key, and is demodulated by the headend modem 101. And a means for comparing the encrypted destination address and the source address of the encrypted frame with the encrypted Mac address. With such a configuration, recognition is performed only by comparing the encrypted destination address and the source address of the transmitted encrypted frame, and the load required for demodulating the encrypted Mac address is reduced. It is configured to let. In addition, each subscriber device 110, 1
20 and the encrypted Mac address obtained by encrypting the Mac address of the center station with the first encryption key is managed by the key management / key distribution unit 104, and the encrypted Mac address managed by the key management / key distribution unit 104 is Address detecting means 103
May be referred to.

The key management / key distribution means 104 generates one or more encryption keys among the first to third encryption keys at the time of initial registration, authentication, and update of the encryption key, and applies this encryption key. It is a means for managing the setting of the available period, the current time, etc., and information regarding these encryption keys. Further, the key management / key distribution means 140 monitors whether the encryption key is within the applicable period, and when the applicable period has expired, the new encryption key and the destination address and the source address of this encryption key are added. To generate. Further, when the key management / key distribution unit 104 outputs the encryption key to be updated (new encryption key) to the encryption / decryption device 102, the data of the encryption key to be updated is generated by the dummy data generation circuit 105. Insert dummy data and output.
Further, the key management / key distribution unit 104 also generates a preamble which is a synchronization code added to the beginning of the frame.

The dummy data generating means 105 has a known random number generating means, etc., and is a means for outputting a random amount of data which is a random character string generated by this random number generating means as dummy data. However, in the first embodiment, since the encryption key (key data) into which the dummy data is inserted is doubly encrypted, the dummy data is 0
It may be continuous data or the like that is easy to estimate by single encryption such as 00 ... Or 111.

However, the program for causing the center station 100 to function as the headend modem 101, the encryption / decryption device 102, the address detection means 103, the key management / key distribution means 104, and the dummy data generation means 105 is C
After being recorded in a recording medium such as a D-ROM and stored in a magnetic disk or the like, it is loaded into a memory and executed. The recording medium for recording this program is a CD
-A recording medium other than the ROM may be used. Further, this program may be installed in an information processing apparatus from a recording medium and used, or the recording medium may be accessed through a network to use this program.

Each of the subscriber devices 110 and 120 is configured to have a cable modem 111, an encryption / decryption device 112, a key manager 113, and a personal computer 114. However, each subscriber device 110, 12
0 is connected to the center station 100 via a network 130 of a cable television network formed in a tree shape. In particular, it goes without saying that the personal computer 114 does not have to be installed in all subscriber devices. That is, when the present invention can be applied to a case where the center station 100 is used as a head end, a digital image (digital broadcast) is distributed to a subscriber device, and the digital image distributed by the subscriber device is reproduced and viewed. This is because the personal computer 114 is unnecessary in the above.

The cable modem 111 is means for modulating / demodulating the encrypted frame and transmitting / receiving it to / from the center station 100 via the network 130 such as a cable television network.

The encryption / decryption device 112 is composed of, for example, a first encryption / decryption device (not shown) and a second decryption device (not shown).

The first encryption / decryption device sets, for example, the Mac address of the center station 100, which is the destination, to the destination address of the frame transmitted from the first subscriber unit 110, and sets the source address to the first address. Of the first subscriber device 110 from the key manager 113 by setting the Mac address of the subscriber device 110 of the
Is means for encrypting with the first encryption key corresponding to. Also, the first encryption / decryption device is the
Of the first subscriber device 1 which the key manager 113 holds the encrypted frame from the center station 100 which is the sender of the encrypted frame transmitted to the subscriber device 110 of
It is means for decrypting with the first encryption key corresponding to 10.

The second decryptor is a means that operates only when a double-encrypted frame, that is, a frame having key data is input, and is encrypted by the second encryption key (second It is triggered by the reception of a (heavyly encrypted) frame. The activated second decryptor decrypts the double-encrypted frame with the second encryption key corresponding to the first subscriber device 110 from the key manager 113, and then performs the first encryption. / Output to the decoder. As described above, in the encryption / decryption device 112, when a double-encrypted frame is received, the second decryption device decrypts the decrypted frames before the first encryption / decryption device performs the decryption. I do.

Incidentally, the encryption / decryption device 112 according to the first embodiment.
Since only the encryption key generated by the center station is doubly encrypted, the second decryptor does not need the function of encrypting the frame with the second encryption key. . However, it is also possible to duplicate the frame sent from each of the subscriber devices 110 and 120 to the center station 100. In this case, the second decoder has a decryption function for encrypting the frame with the second encryption key. Needless to say.

Further, in the first embodiment, since dummy data is inserted in the doubly encrypted frame,
The encryption / decryption device 112 includes means for removing dummy data from the decrypted communication data, that is, for extracting only the key data, and the extracted key data is stored in the key manager 11.
3 is output and held. However, when the number of bytes of the first to third encryption keys is fixed, the key data is extracted by the extraction means by extracting the data of the number of bytes of the encryption key from the communication data. You can

The key manager 113 holds and manages the first to third encryption keys input and received by the IC card and the subscriber, and sets the Mac address of each subscriber device 110, 120 and the center station to the first and the second. The encrypted Mac address encrypted with the second encryption key is stored. With such a configuration, recognition is performed only by comparing the encrypted destination address and the source address of the transmitted encrypted frame, and the load required for demodulating the encrypted Mac address is reduced. It is configured to let. Furthermore, with such a configuration, it is only necessary to compare the encrypted destination address and source address of the encrypted frame that has been sent, and the encrypted frame can be a single encrypted frame or a double encrypted frame. It is possible to quickly and easily determine whether to make an encrypted frame.

The key manager 113 also monitors access to the encrypted Mac address encrypted by the first to second encryption keys and the first and second encryption keys held by the key manager 113, and these are external (center station 100). Functioning as a means for denying access from other devices so that the data cannot be easily read from other devices connected via the Internet).

The subscriber devices 110 and 120 are connected to the encryption / decryption device 11 from the well-known personal computer 114.
A conversion means of a well-known interface for converting the data to 2 or the data from the encryption / decryptor 112 to the personal computer 114 is provided.

The subscriber device 110 is connected to the cable modem 11
The program for functioning as 1, the encryption / decryption device 112, and the key manager 113 is recorded in a recording medium such as a ROM and executed. The recording medium for recording this program may be a recording medium other than the ROM. Further, the program may be installed in the information processing apparatus from the recording medium and used, or the recording medium may be accessed through the network to use the program.

As described above, in the security system of this embodiment, the center station 100, the subscriber device 110,
When transmitting / receiving a frame (excluding key data) to / from 120, a frame including a destination Mac address and a source Mac address is encrypted and decrypted by using a first encryption key to improve network security. It is configured to let. It should be noted that the transmission and reception of this single encrypted frame is performed in the same application as Japanese Patent Application No. 2001-2001.
The operation is similar to that of 62962.

Furthermore, in the present embodiment, when transmitting / receiving the encryption key which is important for network security, the frame having the encryption key is double-encrypted and the encryption key data (key data) By inserting the dummy data into, it is so configured that it cannot be distinguished from other communication data.

FIG. 2 is a diagram for explaining the data format of the Mac layer of the doubly encrypted frame in the security system of the first embodiment. In particular, (a) of FIG. 2 shows the Mac layer data format before encryption, and (b) of FIG. 2 shows the Mac layer data format encrypted with the first encryption key. c) Mac encrypted with the second encryption key
It is a layer data format.

The frame transmitting / receiving operation in the security system according to the first embodiment will be described below with reference to FIG. However, the most important information in the network (the information that has the greatest effect when eavesdropped) is the key distribution information. Normally, the security of the network is maintained unless the key information that is the basis of security is decrypted.
Therefore, it is usual to construct a system using a plurality of keys. Here, although it is also used in BS digital broadcasting, a case where three common keys are used as the first to third encryption keys will be described. However, in the following description, a case will be described where a system is constructed with three types of common keys, namely, a master key Km, a work key Kw, and a scramble key Ks, as the three common keys. Further, in the first embodiment, the operations between the center station 100 and the first and second subscriber devices 110 and 120 are the same, so in the following description,
The operation of setting the work key Kw between the center station 100 and the first subscriber device 110 will be described.

First, the operation at the time of initial registration will be described. The master key Km is reliable (such as sending an IC card)
According to the method, one is set for each of the center station 100 and the subscriber device 110 arranged at the subscriber's house. That is, the key management / key distribution means 104 and the key manager 113.
Register the master key Km in and.

When the registration of the master key Km is completed,
The master key Km and the Mac address of the cable modem 111 authenticate each other's devices (the center station 100 and the subscriber device 110), the work key Kw is encrypted with the master key Km, and the work is sent from the center station to the subscriber's house. . At the time of initial registration, the subscriber device 110 does not have an encryption key other than the master key Km, so the subscriber device 110 sends it as it is.

That is, the first encryption / decryption unit constituting the encryption / decryption device 112 sets the Mac address of the center station 100 as the transmission destination address of the frame of the authentication request, and the subscriber device 110 as the transmission source address. Set the Mac address and set the frame to the master key K
It is encrypted by m and transmitted from the cable modem 111. In the center station 100, the destination address and the source address of the encrypted frame demodulated by the headend modem 101 are detected by the address detecting means 103, and the authentication request is issued by the first encryption / decryption device of the encryption / decryption device 102. Be decrypted.

Based on this authentication request, the center station 10
On the side of 0, the key management / key distribution means 104 has the master key K.
The work key Kw corresponding to m and the lifetime of the key associated with the work key Kw, the current time, and the like are generated and output to the encryption / decryption device 102. The first encryption / decryption device of the encryption / decryption device 102 has a work key Kw and this work key Kw.
The subscriber device 11 as a destination address of a frame including communication life data such as the life of the key associated with
By setting the Mac address of 0 and the Mac address of the center station 100 as the source address, encrypting the frame with the master key Km, and transmitting from the headend modem 101, the work key Kw
Is registered in the key manager 113 of the subscriber device 110. Next, the key management / key distribution means 104 causes the master key Km.
The scramble key Ks corresponding to the key, the lifetime of the key associated with the scramble key Ks, the current time, and the like are generated and output to the encryption / decryption device 102. Encryption / decryption device 1
The first encryption / decryption device No. 02 sets the Mac address of the subscriber device 110 as a destination address of a frame including the scramble key Ks and the life of the accompanying key, the current time, etc. as communication data, and By setting the Mac address of the center station 100 as the sender address, encrypting the frame with the master key Km, and transmitting from the headend modem 101, the scramble key Ks is sent to the key manager 11 of the subscriber device 110.
Register to 3.

With the above operation, the authentication of the subscriber unit 110 is completed. However, in the first embodiment, the scramble key Ks is used for transmitting and receiving normal communication data, and the scramble key Ks is frequently replaced to make the system resistant to eavesdropping. However, the master key Km, the work key Kw, and the scramble key Ks each have a life, and become shorter in the order of Km>Kw> Ks.

Next, the operation of updating the work key Kw to a new work key Kwn according to the life of the work key Kw will be described.

Key management / key distribution means 1 of the center station 100
When 04 detects the life of the work key Kw, the key management /
The key distribution unit 104 generates a new work key Kwn and information such as the lifespan of the key and the current time associated with the work key Kwn. Next, the key management / key distribution unit 104 generates dummy data in the data (key data) including the work key Kwn, which is the encryption key to be updated, and the information such as the lifetime of the key associated with the work key Kwn and the current time. The dummy data generated by the circuit 105 is inserted. As a result, as shown in FIG. 2A, CRC (C) for checking whether there is an error in the preamble, destination Mac address, source Mac address, key data, dummy data, or packet.
A frame with a Cyclonic Redundancy Check) is generated.

Next, the work key K, which is the encryption key to be updated.
As the encryption key other than wn, the encryption / decryption device 102 uses the master key Km as the key management / key distribution means 10, for example.
4. Encrypt the generated frame of 4. At this time, the master key Km is the master key Km corresponding to the destination subscriber device 110. As a result, as shown in FIG. 2B, the destination Mac address, the source Mac address, the key data, the dummy data, and the CRC are separately encrypted. However, K of the encrypted frame
m (DA) is the encrypted destination Mac address, Km
(SA) is the encrypted source Mac address, Km
(Data, dummy, CRC) indicates encrypted key data, dummy data, and CRC.

Next, the work key K, which is the encryption key to be updated.
As the encryption key other than wn and the master key Km which is the encryption key used in the first encryption, for example, the scramble key K
The encryption / decryption device 102 uses the master key Km
Re-encrypt the frame that was encrypted in. At this time, the scramble key Ks is the scramble key Ks corresponding to the destination subscriber device 110. As a result, as shown in FIG. 2C, the encrypted destination Mac address, source Mac address, key data, dummy data, and CRC are separately encrypted. However,
The doubly encrypted Ks (Km (DA)) is the destination Mac address and Ks encrypted with the scramble key Ks.
(Km (SA)) is the source Mac address encrypted with the scramble key Ks, and Ks (Km (data, dummy,
CRC)) indicates the key data and dummy data encrypted with the scramble key Ks, and the CRC.

The frame double-encrypted with the master key Km and the scramble key Ks is used as the encryption / decryption device 10.
2 to the network via the headend modem 101.

At this time, in the subscriber terminal 110, the key manager 113 sends the destination Mac address and the source Mac.
A destination Mac address Ks (Km (DA)) and a transmission source Ma obtained by sequentially encrypting the address with the master key Km and the scramble key Ks corresponding to the subscriber device 110.
It is configured to have a c address and Ks (Km (SA)). Therefore, the cable modem 111 included in the first subscriber device 110, based on the destination Mac address Ks (Km (DA)) of the doubly encrypted frame transmitted to the network 130 included in the key manager 113, Since the doubly-encrypted destination (destination) of this frame is determined, it is possible to immediately identify that it is addressed to the first subscriber device 110. However, DA is a destination address, in this case, the Mac address of the cable modem 201.

Here, for example, even if an eavesdropper accidentally finds out the scramble key Ks, the obtained result is the same as the case where the scramble key Ks cannot be solved, and it is not possible to determine whether or not it can be solved. That is, the frame decrypted with the scramble key Ks becomes a frame encrypted with the master key Km, and the data has no special meaning.
An eavesdropper cannot determine that the scramble key Ks is a correct key. As a result, even if the eavesdropper was able to decrypt the frame with the correct scramble key Ks, the decryption result is a list of meaningless data, so the frame including the scramble key Ks and this new work key Kwn cannot be decrypted. Data will be discarded.

Further, the key distribution information (frame when transmitting the encryption key) usually has a fixed data amount in many cases. In this case, an eavesdropper can collect the key distribution data in a concentrated manner, which makes it possible to decrypt the key information. However, in the first embodiment, since it is not detected that the key distribution data is key-distributed from the data amount, the dummy data generation device 105 inserts a random amount of dummy data into the key distribution data. It is composed. As a result, it becomes difficult for an eavesdropper to distinguish the key distribution data from other distribution data based on the data amount of the frame, so that the eavesdropper can protect the key distribution data.

In the first embodiment, the master key Km
Directly as an IC card, the subscriber device at the subscriber's home 1
However, if the master key Km and the work key Kw can be installed in the subscriber's house without passing through the network 130 at the time of initial registration (Km and Kw are sent by another method at the time of registration), the network 130 It is possible to prevent the risk of sending important data such as key data only by encrypting the master key Km. That is, since it is possible to issue the double-encrypted scramble key Ks using the master key Km and the work key Kw and to transmit other important communication data, it is possible to improve security against eavesdropping and the like. .

(Embodiment 2) FIG. 3 is a diagram for explaining the data format of the Mac layer of a frame encrypted by the security system according to Embodiment 2 of the present invention, and in particular, FIG. ) Is the data format of the Mac layer before encryption, (b) of FIG. 3 is the data format of the encrypted Mac layer on the uplink, and (c) of FIG. 3 is the encryption on the downlink. It is a data format of the created Mac layer. However,
The configuration for inserting the dummy data into the communication data according to the second embodiment is the same as that of the first embodiment, and will not be described below.

As shown in FIG. 3A, the destination Mac
When the address DA and the source Mac address SA are 6 bytes and the tree connection is 1: N (where N is a natural number), the uplink (when transmitting from the subscriber devices 110 and 120 to the center station 100) is used. ) Destination Mac address DA and downlink (from center station 100 to subscriber device 1
Source Mac address S (when sending to 10, 120)
A is the headend modem 101 of the center station 100.
Is always constant at the Mac address of. Therefore, it is not necessary to use the actual Mac address, and there is no problem in setting any value.

Therefore, in the second embodiment, as shown in FIG. 3B, in the uplink, the destination Mac address D which is the destination (center station 100) in the uplink.
The last 2 bytes of A and the sender (subscriber device 110, 1
20 bytes) and 8 bytes including 6 bytes of the source Mac address SA are encrypted as data. However,
As encryption at this time, CBC (Cipher B
By using the lock chaining mode, the encrypted data of the destination Mac address DA and the source Mac address SA always changes, so that the security can be improved.

Similarly, as shown in FIG.
In the downlink, the destination (the subscriber device 11
0,120) of the destination Mac address DA of 6 bytes, and the source (center station 100) of the source Mac
8 bytes including the first 2 bytes of the address SA,
Encrypt as data. However, the encryption at this time also uses the CBC mode, so that the encrypted data of the destination Mac address DA and the source Mac address SA always changes, so that the security can be improved. However, since it is necessary to know in advance the initial value for starting encryption in both the uplink and the downlink, the notification is given, for example, at the time of initial setting. Since the initial value for starting the encryption does not have to be constant at all times, for example, by changing the initial value at every predetermined cycle and notifying between the center station 100 and each of the subscriber devices 110 and 120, It is possible to further improve security. That is, in block ciphers such as DES and MULTI2, in order to encrypt 48-bit information to 48 bits, OFB (Output FeedBac) is used.
k) mode must be used in 48-bit mode. On the other hand, the destination Mac address DA and the source Mac address SA have only 6 bytes of information, which makes decryption relatively easy. However, in the second embodiment, the destination Mac address DA and the source Mac address SA are encrypted. Since the encrypted data is constantly changing, it is possible to further improve security.

The encryption described above is performed by the center station 10
In 0, the encryption / decryption device 102 sends the destination Mac address DA and the source Ma from the key management / key distribution unit 104.
c Based on the address SA and the initial value. On the other hand, in the subscriber devices 110 and 120, the encryption / decryption device 112 performs this based on the destination Mac address DA and the source Mac address SA from the key manager 113 and the initial value.

In the first and second embodiments, to simplify the description, the data portion (including the upper layer header and the like) excluding the destination and the source Mac address of one frame is described as communication data.

In the first and second embodiments, the capacity of the communication data including the header of the upper layer and the like is monitored. However, data (user data) excluding information such as header information necessary for constructing the LAN is used. Needless to say, the configuration may be such that only the capacity of (1) is monitored.

Further, in the first and second embodiments, the case where the center station 100 and the respective subscriber devices 110 and 120 are network-connected in a tree shape has been described, but the center station 100 and the respective subscriber devices 110 and 120 are described. Is 1: N
(However, N is a natural number) Other connection forms such as a star form may be used.

Further, it goes without saying that the network 130 is not limited to the cable television network, and can be applied to other networks such as a wireless LAN.

As described above, the invention made by the present inventor is
Although the specific description has been given based on the embodiment of the invention, the invention is not limited to the embodiment of the invention and can be variously modified without departing from the scope of the invention. .

[0068]

The effects obtained by the typical ones of the inventions disclosed in the present application will be briefly described as follows.

(1) Even if the encryption key is found by accident once, the decrypted result can be made into a meaningless character string. Therefore, it is necessary to confirm that the encryption key used for decryption is a truly correct encryption key. It can be prevented from being recognized by an eavesdropper.

(2) Since it is possible to prevent an eavesdropper from recognizing that the encryption key used for decryption is a truly correct encryption key, it is possible to improve security.

[Brief description of drawings]

FIG. 1 is a diagram for explaining a schematic configuration of a security system according to a first embodiment of the present invention.

FIG. 2 is a diagram for explaining a Mac layer data format of a doubly encrypted frame in the security system according to the first embodiment.

FIG. 3 is a diagram for explaining a data format of a Mac layer of a frame encrypted by the security system according to the second embodiment of the present invention.

[Explanation of symbols]

100 ... Center station, 101 ... Headend modem, 1
02 ... Encryption / decryption device, 103 ... Address detection means,
104 ... Key management / key distribution means, 105 ... Dummy data generating means, 110 ... First subscriber device, 111 ... Cable modem, 112 ... Encryption / decryption device, 113 ... Key manager, 114 ... Personal computer, 120 ... 2 subscriber devices, 130 ... Network.

   ─────────────────────────────────────────────────── ─── Continued front page    (72) Inventor Tatsuei Ishii             2-31-19 Shiba, Minato-ku, Tokyo Communications and Broadcasting Organization             Within (72) Inventor Shin Ito             2-31-19 Shiba, Minato-ku, Tokyo Communications and Broadcasting Organization             Within F term (reference) 5J104 AA12 EA08 KA02 MA01 PA05

Claims (9)

[Claims] 1. A method for maintaining security of a network, wherein a plurality of sets of devices connecting a center device and a home device are set for a single center device, and a destination address of a frame transmitted from the home device. The MAC address of the center device is set to the MAC address of the home device, the Mac address of the home device is set to the sender address, and the frame is encrypted by the first encryption key of the home device; Selecting a frame for transmitting the encryption key from the frames encrypted with the key and encrypting the frame with the second encryption key of the home device; and the encryption transmitted from the home device to the center device. The second cipher of the home device which is the transmission source by selecting the cipher frame encrypted with the second cipher key from the ciphered frames. And the step of decrypting the encrypted frame, and the first encryption key of the home device which is the source of the frame encrypted with the first encryption key and the frame decrypted with the second encryption key. And a step of decrypting the frame with the MAC address of the home device set as the destination address of the frame transmitted from the center device, the MAC address of the center device set as the source address, and the frame as the destination home. Encrypting with the first encryption key of the device, and selecting the frame for transmitting the encryption key from the frames encrypted with the first encryption key, and selecting the frame of the home device to be the destination. Encrypting with an encryption key, and encrypting with a second encryption key in the encrypted frame transmitted from the center device to the home device Selecting a frame and decrypting the encrypted frame with the second encryption key of the home device that is the destination, and the frame encrypted with the first encryption key and the decryption with the second encryption key And a step of decrypting the created frame with a first encryption key of a home device which is a transmission destination. 2. A method for maintaining security of a network, wherein a plurality of sets of devices connecting a center device and a home device are set for a single center device, and a data amount of a frame transmitted from the center device. Monitoring the data amount, generating dummy data according to the result of monitoring the data amount, inserting the dummy data into the communication data of the frame, and adding the dummy data to the destination Mac address of the communication data. Setting the Mac address of the center device, and setting the Mac address of the home device as the source Mac address of the communication data in which the dummy data is inserted; and the step of sending the Mac address of the home device to the home device. From the frame in which dummy data is inserted, add the dummy data Security holding method characterized by having a Ku steps. 3. A method for maintaining security of a network, wherein a plurality of sets of devices connecting a center device and a home device are set for a single center device, wherein a destination address of a frame transmitted from the home device is set. The Mac address of the center device is set, the Mac address of the home device is set as the sender address, the frame is divided into preset Mac address areas of the center device, and the divided frames are respectively divided. Encrypting with the work key of the home device, decrypting the encrypted frame with the work key of the home device that is the sender of the encrypted frame transmitted from the home device to the center device, The destination address of the frame sent from the center device The Mac address of the center device, the Mac address of the center device is set as the source address, the frame is divided by the preset Mac address area of the center device, and the divided frame is sent to the destination. And the step of decrypting the encrypted frame with the work key of the home device that is the destination of the encrypted frame transmitted from the center device to the home device. A characteristic security method. 4. In a network security system, wherein a set of a device connecting a center device and a home device is set for a single center device, a destination address of a frame transmitted from the home device is set. Means for setting the Mac address of the center device, setting the Mac address of the home device as the sender address, and encrypting the frame with the first encryption key of the home device; and the first encryption key. Means for selecting a frame for transmitting an encryption key from among the frames encrypted by the above and encrypting it with the second encryption key of the home device, and the encryption transmitted from the home device to the center device. An encrypted frame encrypted with the second encryption key is selected from among the frames, and the selected second encrypted key is used with the second encryption key of the home device that is the transmission source. Means for decoding Goka frame, said first
Means for decrypting the frame encrypted with the encryption key and the frame decrypted with the second encryption key with the first encryption key of the home device which is the transmission source, and the frame transmitted from the center device. Means for setting the Mac address of the home apparatus to the destination address, setting the Mac address of the center apparatus to the source address, and encrypting the frame with the first encryption key of the home apparatus as the destination; Means for selecting a frame for transmitting the encryption key from the frames encrypted with the first encryption key and encrypting the frame with the second encryption key of the home device which is the destination, and the center device to the home Among the encrypted frames transmitted to the device, the encrypted frame encrypted by the second encrypted key is selected and the encrypted by the second encrypted key of the destination home device. Means for decoding the frame, the first
And a means for decrypting the frame encrypted with the encryption key and the frame decrypted with the second encryption key with the first encryption key of the home apparatus which is the destination. 5. In a network security system in which a plurality of sets of devices connecting a center device and a home device are set for a single center device, a data amount of a frame transmitted from the center device is set. The means for monitoring, the means for generating dummy data according to the monitoring result of the data amount and inserting the dummy data in the communication data of the frame, and the destination Mac address of the communication data in which the dummy data is inserted Means for setting the Mac address of the center device, and setting the Mac address of the home device as the source Mac address of the communication data in which the dummy data is inserted; and the dummy transmitted from the center device to the home device. Means for removing the dummy data from the frame in which the data is inserted Security system, characterized in that to obtain. 6. In a network security system in which a plurality of sets of devices connecting a center device and a home device are set for a single center device, a destination address of a frame transmitted from the home device is set. The Mac address of the center device is set, the Mac address of the home device is set as the sender address, the frame is divided into preset Mac address areas of the center device, and the divided frames are respectively divided. Means for encrypting with the work key of the home apparatus, means for decrypting the encrypted frame with the work key of the home apparatus which is the sender of the encrypted frame transmitted from the home apparatus to the center apparatus, Home of the destination to the destination address of the frame transmitted from the center device The MAC address of the center device is set as the transmission source address, the frame is divided by the preset Mac address area of the center device, and the divided frame becomes the destination. A means for encrypting with the work key of the home apparatus, and a means for decrypting the encrypted frame with the work key of the home apparatus, which is the destination of the encrypted frame transmitted from the center apparatus to the home apparatus. Security system. 7. A program for causing a computer to function as a network security system configured by setting a plurality of devices, each of which connects a center device and a home device, to a single center device. Means for setting the Mac address of the center device as the destination address of the frame, setting the Mac address of the home device as the source address, and encrypting the frame with the first encryption key of the home device; Means for selecting a frame for transmitting an encryption key from the frames encrypted with the first encryption key and encrypting it with the second encryption key of the home device, and the home device to the center device Select the encrypted frame that was encrypted with the second encryption key from the encrypted frames sent to Means for decrypting the encrypted frame with the second encryption key of the original to become the home device, the first
Means for decrypting the frame encrypted with the encryption key and the frame decrypted with the second encryption key with the first encryption key of the home device which is the transmission source, and the frame transmitted from the center device. Means for setting the Mac address of the home apparatus to the destination address, setting the Mac address of the center apparatus to the source address, and encrypting the frame with the first encryption key of the home apparatus as the destination; Means for selecting a frame for transmitting the encryption key from the frames encrypted with the first encryption key and encrypting the frame with the second encryption key of the home device which is the destination, and the center device to the home Among the encrypted frames transmitted to the device, the encrypted frame encrypted by the second encrypted key is selected and the encrypted by the second encrypted key of the destination home device. Means for decoding the frame, the first
A program causing a computer to function as a means for decrypting a frame encrypted with the encryption key of the above and a frame decrypted with the second encryption key with the first encryption key of the home apparatus which is the destination. . 8. A program for causing a computer to function as a network security system configured by setting a plurality of devices, each of which is configured by connecting a center device and a home device, to a single center device. Means for monitoring the data amount of the frame to be generated, means for generating dummy data according to the result of monitoring the data amount, and means for inserting the dummy data into the communication data of the frame, and communication data in which the dummy data is inserted. Means for setting the Mac address of the center device to the destination Mac address of the home device, and setting the Mac address of the home device to the source Mac address of the communication data in which the dummy data is inserted, and the home device from the center device. The dummy data sent to A program characterized by the over-time causing a computer to function as means for excluding the dummy data. 9. A program for causing a computer to function as a network security system configured by setting a plurality of devices, each of which is configured by connecting a center device and a home device, to a single center device. The MAC address of the center device is set to the destination address of the frame to be set, the Mac address of the home device is set to the source address, and the frame is divided in the preset Mac address area of the center device. Means for encrypting each of the divided frames with the work key of the home device, and decryption of the encrypted frame with the work key of the home device that is the sender of the encrypted frame transmitted from the home device to the center device And means for transmitting from the center device The Mac address of the home device of the destination is set to the destination address of the frame, the Mac address of the center device is set to the source address, and the frame is divided in the preset Mac address area of the center device. A means for encrypting the divided frame with the work key of the home device that is the destination and a work key of the home device that is the destination of the encrypted frame sent from the center device to the home device to decrypt the encrypted frame A program that causes a computer to function as a means.