JP2005130534A - Information communication method and apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To obtain an information management method and an information communication apparatus in which an illegal action such as camouflaging, revising and forging is prevented from being performed upon request information for requesting information to be provided via a network, and the information provided via a network can be safely managed. <P>SOLUTION: A transmitter station 1 exclusively ORs a sequence of immediate communication type information to be transmitted and a sequence of pseudo random numbers generated by a pseudo random number generating part 109 on the basis of a data encryption key from a magnetic storage device 101, thereby performing encryption using a common key scheme for transmitting the immediate communication type information. A receiver station 2 exclusively ORs the encrypted signal and the same sequence of pseudo random numbers generated by a pseudo random number generating part 209, as the sequence of pseudo random numbers generated by the pseudo random number generating part 109 in the transmitter station 1, on the basis of the data encryption key from the magnetic storage device 201, thereby performing decryption. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to an information management method and an information communication apparatus, and more particularly to a technique for managing information provided via a network.

  In recent years, with the development of optical fiber networks in mainline communication networks, the practical use of satellite communications, the spread of local area networks (LAN), etc., the contents of communication should not be known to third parties other than those at the time of communication. For this purpose, it is important to build a network system that achieves encryption and secrecy.

  In addition, the so-called information service industry that collects charges according to the contents and amount of information provided through such communication networks is increasing. For this reason, it is important to record and collect billing information for the provided information at the same time, in addition to the above encryption and secrecy.

  Conventionally, a method called a common key encryption method and a method called a public key encryption method are known as methods for encrypting and secretizing information in such communication.

These details are described in detail in Non-Patent Document 1 and the like.
Details will be given in the above-mentioned document, but these methods will be described briefly below.
In the common key encryption method, an encryption / decryption key is shared between a transmission terminal and a reception terminal, and information is encrypted / transmitted / decrypted using this key.
There are many known encryption methods, from simple sum encryption / transposition encryption to encryption called DES, which is standardized by the US Department of Commerce.

  In the common key method, a key for encryption / decryption must be determined in advance between the transmission terminal and the reception terminal, and this key must not be known to a third party. This is because if the third party knows this key, the encrypted information can be easily decrypted.

On the other hand, the public key encryption method uses a different encryption key and decryption key to be paired, and the encryption key is disclosed to all terminals.
Each terminal has a decryption key unique to the terminal. Then, the transmission terminal selects a transmission destination key from the publicly disclosed encryption keys of each terminal, and encrypts and transmits information using this key. On the other hand, the receiving terminal decrypts the information with the decryption key paired with this key.

As described above, since a key pair that cannot be used to determine the decryption key from the encryption key is used, even if the encryption key is disclosed, the encrypted information is not decrypted by a third party. It is.
In addition, since there is no need to determine a key in advance between the sending and receiving terminals, there is no possibility that a third party will know the key when the key is decided in advance between the sending and receiving terminals.

By D.W.Davies and W.L.Pric, translated by Tadahiro Uenono, “Netto Work Security”, published by Nikkei McGraw-Hill (December 5, 1985)

However, the conventional example has the following drawbacks.
In the common key encryption method,
(1) As described above, the encryption / decryption key must be determined in advance between the transmission terminal and the reception terminal, and the key is obtained by communication for negotiating the encryption / decryption key. There is a known risk.
(2) In order to avoid the above danger, even if the same key is controlled to be used over and over again, the third information is still obtained by comparing a plurality of pieces of information encrypted with the same key. May break through the keys.
(3) Complex encryption such as DES reduces this possibility, but high-speed encryption / decryption becomes difficult, and the amount of data transferred per hour for digitized video signals, etc. Encrypt data with lots of data.
In public key cryptography,
(4) High-speed encryption / decryption processing is generally difficult.

  Both of the above encryption methods have the above-mentioned drawbacks (1) to (4), so that the conventional communication type information that requires high-speed transmission such as a video signal has been conventionally used. It was difficult to encrypt and transmit the data securely.

  The present invention has been made for the purpose of solving the above-described problems, and includes the following configuration as one means for solving the above-described problems.

  One of the information communication methods of the present invention includes: a decryption step of decrypting the third information using a public key method after receiving the third information for requesting the first information; After the third information is decrypted, a confirmation step of confirming a transmission source of the third information using a public key method; and after the transmission source of the third information is confirmed, the first information Determining data required for encryption and decryption of the information, and first encryption for encrypting the first information using a common key scheme before the first information is transmitted And a second encryption step of encrypting the second information using a public key method before the second information that is billing information of the first information is transmitted. Features.

  One of the information communication methods of the present invention includes: a decryption step of decrypting the third information using a public key method after receiving the third information for requesting the first information; After the third information is decrypted, a confirmation step of confirming a transmission source of the third information using a public key method; and after the transmission source of the third information is confirmed, the first information Determining data required for encryption and decryption of the information, and first encryption for encrypting the first information using a common key scheme before the first information is transmitted And a second encryption step for encrypting the data using a public key method before data necessary for encryption and decryption of the first information is transmitted, and the first information Before transmitting the second information, which is the billing information, the third encryption that encrypts the second information using the public key method. And having a step.

  One of the information communication terminals of the present invention comprises: decryption means for decrypting the third information using a public key method after receiving the third information for requesting the first information; After the third information is decrypted, confirmation means for confirming a transmission source of the third information using a public key method, and after the transmission source of the third information is confirmed, the first information Means for determining data required for encryption and decryption of the information, and first encryption for encrypting the first information using a common key scheme before the first information is transmitted And second encryption means for encrypting the second information using a public key method before the second information, which is billing information of the first information, is transmitted. Features.

  One of the information communication terminals of the present invention comprises: decryption means for decrypting the third information using a public key method after receiving the third information for requesting the first information; After the third information is decrypted, confirmation means for confirming a transmission source of the third information using a public key method, and after the transmission source of the third information is confirmed, the first information Means for determining data required for encryption and decryption of the information, and first encryption for encrypting the first information using a common key scheme before the first information is transmitted Means and before the data necessary for encryption and decryption of the first information is transmitted, the data is encrypted using a public key method, and the second information is billing information of the first information. And a second encryption means for encrypting the second information using a public key method before the information is transmitted. The features.

  With such a configuration, according to the present invention, the first information can be encrypted safely and at high speed, and the second information can be transmitted safely without the contents being known to a third party. The third information can be safely received without the contents being known to a third party. Further, according to the present invention, not only fraudulent acts such as spoofing can be eliminated, but the first information can be transmitted to a legitimate transmission source.

  In addition, according to the present invention, it is possible to effectively calculate billing information for high bit rate information such as a video signal.

Hereinafter, an embodiment according to the present invention will be described in detail with reference to the drawings.
[First Embodiment]
A first embodiment according to the present invention will be described below with reference to FIGS.
FIG. 1 is a block diagram of a first embodiment according to the present invention, FIG. 2 is a diagram showing an example of an outline of a multimedia network system to which the present embodiment is applied, and FIG. FIG. 4 is a diagram showing a function of a part that performs encryption with a public key in FIG. 1, and FIG. 5 is a diagram showing a function of a part that performs a digital signature in FIG.

  In FIG. 1, 1 is a first terminal that encrypts and transmits the immediate communication type information, 2 is a second terminal that receives and decrypts the encrypted immediate communication type information, and 3 is a transmission path.

  In the first terminal 1, 101 is a magnetic storage device for storing storage type information such as a computer file and an electronic slip in the transmission terminal 1, and 102 is certainly the first terminal when the storage type information is transmitted. 1 is a digital signature part for performing a digital signature for authenticating that it has not been forged by a third party, and 103 is disclosed to the second terminal 2 that is the destination of information. The public key encryption unit 104 encrypts the storage type information using the encrypted key, and 104 stores the storage type information encrypted and transmitted using the public encryption key unique to the first terminal 1. , A public key decryption unit for decrypting using a secret decryption key unique to the terminal 1, and 105 indicates that the storage type information decrypted by the public key decryption unit 104 is certainly the second terminal 2. From the third party A signature confirmation unit for confirming a digital signature for authenticating that it is not created, 106 is an immediate communication type information generating apparatus for generating digital immediate communication type information such as a TV camera 106a and a VTR 106b, and 107 is a first A synchronization signal generating unit for obtaining synchronization necessary for communication between the terminal 1 and the second terminal 2, and a clock extracting unit for extracting a clock signal from the immediate communication type information from the immediate communication type information generating device 106; 109 is a pseudo-random number generator for generating a pseudo-random number sequence that corresponds to the data key given from the magnetic storage device 101 and is synchronized with the clock signal from the clock extractor 108, and 110 is from the immediate communication type information generator 106. , And an exclusive OR gate that takes the exclusive OR of the pseudorandom number from the pseudorandom number generator 109 and 111 is a pseudorandom number generator 10 The billing information collecting unit 112 measures the operation state of the information and takes information on the consideration to be paid for the transmitted information. 112 is the information from the public key encryption unit 103 and the signal from the exclusive OR gate 110 Is a communication interface for receiving the signal from the transmission path 3 and outputting the signal to the public key decryption unit 104.

  In the second terminal 2, reference numerals 201 to 205 and 212 denote the same magnetic storage device, digital signature unit, public key encryption unit, public key decryption unit, and signature as those of the first terminal 101 to 105 and 112, respectively. It is a confirmation part and a communication interface. Reference numeral 206 denotes an immediate communication type information processing device including a CRT 206a, a VTR 206b, a magnetic storage device 206c, and the like for displaying, storing, processing, and the like for the immediate communication type information. A synchronization signal extraction unit for extracting a synchronization signal from the signal transmitted to the transmission path 3, 208 a reception clock extraction unit for extracting a clock component from the transmitted signal, and 209 for transmission of immediate communication type information When receiving the same key as the pseudo-random number generating unit 109 of the first terminal 1 which is the side device, the pseudo-random number generating unit 210 generates the same pseudo-random number, 210 is the received information from the communication interface 212 and the pseudo-random number This is an exclusive OR gate that takes an exclusive OR with a pseudo-random number from the generation unit 209.

  FIG. 2 shows a system system configuration of the multimedia network system according to the present embodiment, which includes the first terminal 1 which is a transmitting station apparatus having the above configuration and the second terminal 2 which is a receiving station. Show.

  In FIG. 2, 11 is a transmitting station corresponding to the first terminal 1 shown in FIG. 1 that provides information and receives compensation for the information, 21A to 21C, 2A2 to 22c, 23A to 23C, and 24A to 24C. 1 receives the information from the transmitting station 11 and pays for it. The receiving station has the same configuration as the second terminal 2 in FIG. 1, 31 is a communication satellite, 32 is a trunk communication network using an optical fiber, etc. , A communication network such as CATV, 34 is a local area network (LAN), 341 to 344 are nodes that exchange information between the LAN 34 and the outside, and 35 is a communication between the transmission station 11 and the communication satellite 31. The ground stations 351, 361 to 363 are antennas used for communication between the communication satellite and the ground.

  The transmission path 3 in FIG. 1 is the transmission path using the ground station 351, the communication satellite 31 shown in FIG. 2, the transmission path using the trunk station 32, the transmission path using the CATV network 33, or the LAN. It is a general term for the transmission lines used.

  The schematic operation of the system of the present embodiment having the above configuration will be described below with reference to the flowchart of FIG.

  In the system of FIG. 2, the transmitting station 11 provides video information and other immediate communication type information according to the request from each of the receiving stations 21A to 24C. This information includes the communication satellite 31, the trunk station 32, and the CATV network 33. Or, it is transmitted via the LAN 34 to the receiving station that requested the information. The receiving station pays for this information. Further, between the transmitting station 11 and the receiving stations 21 to 24, transmission of all information except for the payment of the consideration is performed via any one of the transmission paths shown in FIG. 2, that is, online.

However, as described above, in the network shown in FIG.
(A) A third party intercepts immediate communication type information without paying consideration.
(B) A third party disguises other receiving stations and requests and receives information.
(C) After receiving the information, the receiving station falsifies the billed electronic slip.
(D) The receiving station forges the electronic voucher for receipt without paying the consideration.

  In the present embodiment, in order to prevent such fraud, the transmitting station 11 that is the first terminal 1 includes a public key encryption unit 103, a public key decryption unit 104, and The pseudo random number generation unit 109 is equipped, and the receiving stations 21A to 24C as the second terminals are each equipped with the public key encryption unit 203, the public key decryption unit 204, and the pseudo random number generation unit 209 shown in FIG. Has been.

Therefore, the procedure from the time each receiving station requests information until the consideration is paid is as follows.
First, in step S1, a file (electronic slip) for ordering information is transmitted from the receiving station to the transmitting station 11. The transmission and reception are subjected to encryption / decryption processing by a public key method described later. Subsequently, the transmitting station 11 that has received the file transmits the immediate communication type information according to the file to the ordering receiving station in step S2. As will be described later, this transmission information is subjected to encryption / decryption processing by a common key method.

  In step S3, an electronic voucher for confirming receipt is transmitted from the receiving station to the transmitting station 11. In step S4, the transmitting station 11 transmits an electronic voucher for billing from the transmitting station to the receiving station. The transmission and reception of the electronic slip are subjected to encryption / decryption processing by a public key method described later.

  In step S5, the receiving station pays the value using means other than the network. Upon confirming the payment, the transmitting station 11 transmits an electronic voucher for receipt to the ordering receiving station in step S6. Also in the transmission and reception of the electronic slip, encryption / decryption processing by the public key method described later is similarly performed.

Through the above procedure, provision of information and payment for compensation are performed.
The encryption / decryption processing of the present embodiment in the information communication procedure of FIG. 3 outlined above will be described in detail below.

In the present embodiment, the immediate communication type information is transmitted / received after being encrypted / decrypted by the common key method by the pseudo random number generators 109 and 209.
On the other hand, the electronic slips are encrypted by a public key method by each encryption / decryption unit.

First, an outline of encryption / decryption of immediate communication type information by the common key method of this embodiment will be described.
The transmitting station 11 of the present embodiment excludes the immediate communication type information sequence to be transmitted and the pseudo random number sequence generated by the pseudo random number generation unit 109 using the data encryption key from the magnetic storage device 101 as a seed. By performing the logical OR, the communication using the common key method is performed and the immediate communication type information is transmitted.

  The receiving station uses the encrypted signal and the pseudorandom number sequence generated by the pseudorandom number generator 109 of the transmitting station 11 generated by the pseudorandom number generator 209 using the data encryption key from the magnetic storage device 201 as a seed. Decoding is performed by taking an exclusive OR with the same pseudorandom number sequence.

  In the above description, the transmitting station and the receiving station use the same pseudorandom number generator, and the same pseudorandom number sequence can be generated by giving the same data encryption key.

Next, an outline of encryption / decryption by the public key system of the above-described embodiment will be described.
In the present embodiment, the public key method is used to encrypt and transmit electronic vouchers such as information request, receipt, consideration charge, receipt, and the data encryption key in the common key method.

  The data encryption key in this common key system transmitted from the transmitting station 11 to the requesting receiving station is encrypted in advance using the public key encryption system, thereby preventing the third party from knowing it. be able to. In addition, by changing this type for each communication, it is possible to prevent a pseudorandom number sequence encrypted by comparing a plurality of communication texts.

  In this embodiment, by using such an encryption method, it is possible to perform high-speed and highly secure encryption in real time even for high bit rate immediate communication information. Become.

  Further, in the present embodiment, in order to prevent (b) to (d) among the frauds described above, electronic slips are transmitted by encryption / decryption using a public key method, and each terminal In addition, the digital signature units 102 and 202 and the signature confirmation units 105 and 205 have a function of performing a so-called digital signature and a function of confirming the digital signature for authenticating the transmission source simultaneously with encryption.

  Thereby, especially (b)-(d) can be effectively prevented among the frauds described above. For this reason, it becomes possible to detect when the electronic slip is forged by a third party or is tampered with after transmission.

Hereinafter, the functions of the public key encryption and the digital signature in the present embodiment will be described with reference to FIGS.
First, the details of the public key encryption method of this embodiment will be described with reference to FIG.

  In FIG. 4, the input “x” is information such as an unencrypted electronic voucher and a data encryption key, “ke” is a key for encryption by a public key encryption method, and “E” is a key “ encryption unit that encrypts information “x” using “ke”, “y” is information encrypted by encryption unit E, “kd” is a key for decryption, “D” is key “kd” "K" is information for determining a pair of encryption key "ke" and decryption key "kd", "F" , “G” is an apparatus that generates an encryption key “ke” and a decryption key “kd” from information “ks”.

  The information “ks” and the decryption key “kd” are stored as confidential information unique to each terminal so as not to leak from the terminal. In contrast, the encryption key “ke” is disclosed to all terminals as public information unique to each terminal.

  In the above configuration, the transmission-side terminal encrypts and transmits information using a public encryption key unique to the counterpart terminal to which the information is to be transmitted. The encryption key “ke” and the decryption key “kd” make a pair, but it is virtually impossible to estimate the decryption key “kd” from the encryption key “ke”. Pairs are used. Such a key pair is generated by using a function called a one-way function.

  As a preferred example of this one-way function, when two disjoint integers are “p” and “q”, the product n is (n = p · q). That is, “p” and “q” can be easily obtained from “n”, but it is difficult to obtain “p” and “q” from “n”. Can be generated.

  As described above, in the present embodiment, information is encrypted and transmitted using a public encryption key, and decrypted using a secret decryption key that cannot be estimated from this encryption key, Highly secure encrypted transmission can be performed without transmitting a decryption key.

Next, details of the digital signature function of this embodiment will be described with reference to FIG.
In FIG. 5, “s” is a signed communication message. Further, parts having the same functions as those in FIG.

  In the above configuration, when a digital signature is transmitted, the terminal on the transmission side performs the decryption operation on the original information using the decryption key unique to the terminal and transmits the information. Then, the encryption operation performed on the decrypted information is performed using the encryption key disclosed by the receiving terminal. Since the cryptographic operation and the decryption operation are mathematically inversely related, even if such an operation is performed, the received and cryptographically operated information can be returned to the information before the decryption operation at the transmitting terminal. it can. The decryption key “kd” is stored as the secret method of the transmitting terminal as described above, and cannot be estimated from the publicly available encryption key “ke”. Therefore, the receiving terminal obtains information “x”, which is the original communication text, by performing an encryption operation on the transmitted signed communication text “s” using the public encryption key. It is done.

  As a result, it can be authenticated that this information “x” is certainly issued from the terminal that disclosed the encryption key. Information forged by a third party who does not know the decryption key becomes information that has not been appropriately encrypted. Even if encryption processing is performed with an inappropriate encryption key, only a signal (information) that does not make sense is obtained.

The specific role of each unit when the above processing is performed will be described below according to a specific example.
In the following description, a case where the receiving station 24B receives information from the transmitting station 11 and pays the price is taken as an example. It goes without saying that the same operation is performed in communication in other stations.

  First, the receiving station 24B, which is the terminal 2 in FIG. 1, performs the process of step S1 in FIG. That is, an electronic slip (order slip) that requests immediate communication type information is created in the magnetic storage device 201. Subsequently, the digital signature unit 202 digitally signs the electronic slip using a secret signature decryption key unique to the receiving station 24B. Further, the encryption device 203 encrypts the electronic voucher including the digital signature using the public encryption key unique to the transmission station 11 and sends it out to the transmission path 3 via the communication interface 212.

  The receiving station 24B is connected to the LAN 34 by the node 343, and the signed and encrypted slip from the receiving station 24B is sent to the LAN 34 through the node 343, passes through the nodes 344 and 341, The transmission station 11 is reached.

  This slip is taken into the transmitting station 11 by the communication interface 112. Then, this signal is decrypted by the public key decryption unit 104 using a secret decryption key unique to the transmitting station 11. This decrypted information includes the digital signature transmitted from the receiving station 24B, and the digital signature transmitted from the receiving station 24B is confirmed by the signature verification device 105, and the electronic signature from the receiving station 24B is confirmed. It is verified that it is a slip. This electronic slip is stored in the magnetic storage device 101.

  Next, the transmitting station 11 executes the process of step S2 of FIG. That is, the common key encryption data key used when transmitting the immediate communication type information is first determined. Subsequently, the digital signature unit 102 signs the data key. Then, the public key encryption unit 103 performs encryption processing using the public key, and transmits this data key to the receiving station 24B. The receiving station 24B decrypts the received signal, confirms the signature, and receives the data key. Then, using this data key, the pseudo-random number generator 209 is set up to prepare for reception of immediate communication type information. Thereafter, it notifies the transmitting station 11 that the preparation for reception has been completed.

  Upon receiving the notification of completion of reception preparation, the transmitting station 11 sets up the pseudo-random number generator 109 using the same data key transmitted to the receiving station 24B, and then energizes the synchronization signal generator 107. By generating a synchronization signal, starting the operation of any device based on the request of the immediate communication type information terminal group 106, and taking the exclusive OR of the signal sequence output from this device and the pseudo-random number sequence Encrypt. Then, the encrypted signal is transmitted to the receiving station 24B via the communication interface 112. In the receiving station 24B that has received this encrypted signal through the communication interface 212, the synchronization signal extraction unit 207 detects the synchronization signal in this signal and activates the pseudo-random number generation unit 209.

  The exclusive OR gate 210 performs an exclusive OR operation on the encrypted immediate communication type information from the transmitting station 11 and the pseudo random number sequence from the pseudo random number generator 209 to perform a decryption process, and CRT 206a, Input to the VTR 206b or the like.

  Charging information collection units 111 and 211 that measure the operating time of the own apparatus and measure charging information are connected to the pseudo random number generation unit 109 of the transmission station 11 and the pseudo random number generation unit 209 of the reception station 24B, respectively. The billing information collecting units 111 and 211 can charge and pay for the amount according to the amount of information transmitted.

In the present embodiment, since the billing information collecting units 111 and 211 for measuring the billing information by measuring the operation time of each device are connected, by displaying the billing information collection information by displaying it, etc. Billing information can be grasped on both the transmitting side and the receiving side, and preparations for payment at a later date can be made promptly.
Further, by transmitting this collected billing information at the end of communication, it becomes possible to prevent troubles in the future.

  When the transmission of the immediate communication type information is completed, the receiving station 24B executes the process of step S3 in FIG. That is, the electronic voucher (acknowledgment confirmation voucher) received is sent to the transmitting station 11 after being signed and encrypted by the same control as described above.

On the other hand, the transmitting station 11 also signs and encrypts the electronic bill for billing in step S4 in FIG. 3 and sends it to the receiving station 24B.
As shown in step S5, the receiving station 24B pays the consideration to the transmitting station 11 side through a bank or other methods.

  On the other hand, as shown in step S6, the transmitting station 11 signs and encrypts the receipt electronic voucher and transmits it to the receiving station 24B, thereby completing one unit of information service transaction.

  As described above, according to the present embodiment, by performing such a procedure, the immediate communication type information can be transmitted in high-speed real time without the encryption key being known or estimated by a third party. It is possible to transmit with secure encryption, and to prevent forgery or falsification of electronic slips.

  Furthermore, since all communications are encrypted, it is not known to third parties what kind of information has been traded, and the confidentiality of communications is protected not only in terms of content but also in its presence or absence. .

[Other Embodiments]
The present invention is not limited to the encryption / decryption processing in the above system, and is not limited to the configuration and control of the above-described embodiment. The encryption and decryption processing according to the present invention can be applied to any data transmission system.

  A second embodiment of the present invention in which the present invention is applied to another system will be described below with reference to FIGS.

  In recent years, a conference system using a network called an electronic conference or a video conference has begun to spread. Such a conference system uses a local area network (LAN) and a public line to send a signal from a television camera that captures a person or an object, a picture image, or an image scanner signal from a remote location. It is transmitted between the two rooms. Usually, a plurality of electronic conference rooms are connected to a LAN provided in an office, and information is transmitted via a public line network. In order to avoid the interception of information by three parties, it is necessary to encrypt the information.

  FIG. 6 is a schematic diagram of such a conference system according to the present embodiment. In FIG. 6, 5 is a first establishment of a company, and 6 is a second establishment of the company. The stations are connected via a public line 7.

  In the first office 5, 51 is the first meeting room A of the office 5, 52 and 53 are the second and third meeting rooms B and C, and 511 to 515 of this office are in the meeting room A. 511 is a control device, 512 is a display, 513 is a CRT for document presentation, 514 is a TV camera, 515 is an image scanner, 551 to 555 are nodes, 561 is a LAN transmission line, and 562 is branched from the LAN. The transmission lines are coaxial cables and optical fibers.

  In the second office 6 as well, similar conference rooms 61 and 62, nodes 651 to 655, an interface 64, and transmission paths 661 and 662 are arranged.

  FIG. 7 and FIG. 8 show a schematic configuration of a communication interface for performing encryption of each device except for the control device installed in the conference room shown in FIG. 6 in the conference system of the present embodiment having the above configuration. .

  FIG. 7 is a configuration diagram of an interface for a transmission device that sends out information such as a TV camera and an image scanner. FIG. 8 is a configuration diagram of an interface for a reception device that receives information such as a display and a CRT.

  7 and 8, reference numerals 71 and 81 denote these information devices, 72 and 82 denote clock extraction circuits that extract clock components from information signals, 73 and 83 denote pseudo-random number generation circuits, and 74 and 84 denote communication synchronization and pseudo-signals. Control circuits for controlling the generation of random numbers, the automatic operation of information devices, etc., 75 and 85 are exclusive OR gates that take exclusive OR, and 76 and 86 are transmission / reception circuits for transmitting and receiving signals to and from the transmission line.

  The operation of the present embodiment having the above configuration will be described below. In the following description, a case where a conference is performed between the conference room A51 and the conference room B61 will be described as an example. The conference rooms 52, 53, 62, etc. have the same functions as those of these conference rooms, and it goes without saying that the same operation is performed between other conference rooms.

  Assume that each conference room control device, for example, the control devices 511 and 611, has the information encryption function based on the public key encryption described in the first embodiment.

  First, the control device 511 of the conference room 51 determines a data key for common key encryption for each of the devices in the conference room 51 and the conference room 61 prior to the start of the conference between the conference room 51 and the conference room 51. Then, this data key is encrypted by the same public key method as in the first embodiment described above, and is transmitted to the control device 611 in the conference room 61. Next, the control device 511 transmits this data key to the control circuits 74 and 84 of all the devices in the conference room 51, and sets up the encrypted communication interface of each device.

Similarly, the control device 611 transmits a data key to the control circuit of each device in the conference room 61 to perform setup.
Thereafter, each device is synchronized using a synchronization signal from the control circuit of each device, and communication is started.

  In this state, all information from each transmitting device is encrypted and transmitted by exclusive OR with a pseudo-random number sequence using the previously determined data key as a seed. Each receiving device decodes and receives a signal using the same pseudo-random number sequence. The encryption / decryption during this period is performed in the same manner as in the first embodiment described above.

By conducting the electronic conference in this way, for example, it is possible to prevent the viewing of the conference from the conference room C52 or the conference room D53.
Moreover, the danger of being intercepted by a third party while information is transmitted through the public line can be avoided.

The details of the present invention have been described above using the first embodiment and the second embodiment. However, the scope of the present invention is not limited to these embodiments.
In other words, the present invention allows immediate communication type information that requires high-speed, real-time encryption and storage-type information that requires more secure encryption and caller authentication via the same medium. It is obvious that any form of multimedia network can be applied, and it does not depend on the form of network or the type of terminal.

1 is a block configuration diagram of a first embodiment according to the present invention. FIG. It is a figure which shows an example of the outline | summary of the multimedia network system with which this embodiment is applied. It is a flowchart which shows schematic operation | movement of this Embodiment. It is a figure which shows the function of the site | part which performs encryption by a public key in FIG. It is a figure which shows the function of the site | part which performs a digital signature in FIG. It is a conference system block diagram of the 2nd example of an embodiment concerning the present invention. It is a block diagram of the interface for transmitter apparatuses in the second embodiment. It is a block diagram of the interface for receiving devices in the second embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1, 2 Communication terminal 3 Transmission path 5, 6 Business establishment 7 Public line 11 Transmission station 21A-24C Reception station 31 Communication satellite 32 Trunk station 33 Communication network 34 Local area network (LAN)
35 Ground station 51 to 53, 61, 62 Conference room 54, 64 Interface 71, 81 Information equipment 72, 82 Clock extraction circuit 73, 83 Pseudo random number generation circuit 74, 84 Control circuit 75, 85, 110, 210 Exclusive logic Sum gate 76, 86 Transmission / reception circuit 101, 201 Magnetic storage device 102, 202 Digital signature unit 103, 203 Public key encryption unit 104, 204 Public key decryption unit 105, 205 Signature confirmation unit 106, 206 Immediate communication type information generation device 106a, 206a TV camera 106b, 206b VTR
107, 207 Sync signal generator 108, 208 Clock extractor 109, 209 Pseudo random number generator 111, 211 Billing information collection unit 112, 212 Communication interface 341-344, 551-555 Node 511 Control device 512 Display 513 For document presentation CRT
514 TV camera 515 Image scanner D Decryption unit E Encryption unit D Decryption unit

Claims (6)

A decrypting step of decrypting the third information using a public key scheme after receiving the third information for requesting the first information;
A confirmation step of confirming a transmission source of the third information using a public key method after the third information is decrypted;
Determining data necessary for encryption and decryption of the first information after the transmission source of the third information is confirmed;
A first encryption step of encrypting the first information using a common key scheme before the first information is transmitted;
A second encryption step of encrypting the second information using a public key method before the second information, which is billing information of the first information, is transmitted. Information communication method. A decrypting step of decrypting the third information using a public key scheme after receiving the third information for requesting the first information;
A confirmation step of confirming a transmission source of the third information using a public key method after the third information is decrypted;
Determining data necessary for encryption and decryption of the first information after the transmission source of the third information is confirmed;
A first encryption step of encrypting the first information using a common key scheme before the first information is transmitted;
A second encryption step of encrypting the data using a public key scheme before data necessary for encryption and decryption of the first information is transmitted;
And a third encryption step of encrypting the second information using a public key method before the second information which is billing information of the first information is transmitted. Information communication method.   The information communication method according to claim 1 or 2, wherein data necessary for encryption and decryption of the first information is changed every time. Decryption means for decrypting the third information using a public key scheme after receiving the third information for requesting the first information;
Confirmation means for confirming a transmission source of the third information using a public key method after the third information is decrypted;
Means for determining data necessary for encryption and decryption of the first information after the transmission source of the third information is confirmed;
First encryption means for encrypting the first information using a common key scheme before the first information is transmitted;
And a second encryption unit that encrypts the second information using a public key method before the second information that is billing information of the first information is transmitted. Information communication terminal. Decryption means for decrypting the third information using a public key scheme after receiving the third information for requesting the first information;
Confirmation means for confirming a transmission source of the third information using a public key method after the third information is decrypted;
Means for determining data necessary for encryption and decryption of the first information after the transmission source of the third information is confirmed;
First encryption means for encrypting the first information using a common key scheme before the first information is transmitted;
Before data necessary for encryption and decryption of the first information is transmitted, the data is encrypted using a public key method, and second information that is billing information of the first information is transmitted. An information communication terminal comprising: a second encryption unit configured to encrypt the second information using a public key method before being performed.   6. The information communication terminal according to claim 4, wherein data necessary for encryption and decryption of the first information is changed every time.

Images