JP2007020159A - Data transmission apparatus and data reception apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide transmission and reception apparatuses which can realize performing key distribution and encrypted communication, at the same time. <P>SOLUTION: A transmission apparatus overlaps and transmits minute amplitude modulations, based on a random number signal on a multi-level signal generated, based on information data and key information. A receiving apparatus, in addition to data identification, performs, by using 2 thresholds between which an interval sufficiently larger than a modulation amplitude by a random number is provided, 3 kinds of identification for the random number signal: "1", "0", and "identification impossible", sends back to the transmission apparatus the information of bits with which the identification has succeeded, and shares the sent-back bits as a new key. Thus, the common device, including the transmission and reception apparatuses can realize performing the key distribution and the encrypted communication in the simultaneous manner. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an apparatus that performs secret communication that prevents illegal eavesdropping and interception by a third party. More specifically, the present invention relates to an apparatus that performs data communication by selecting and setting a specific encoding / decoding (modulation / demodulation) scheme between authorized senders and receivers.

  Conventionally, in order to perform communication only between specific persons, original information (key information) for encoding / decoding is shared between transmission / reception, and information data to be transmitted based on the original information ( In general, a configuration that realizes secret communication by mathematically calculating / reversing a plaintext) is employed.

  On the other hand, in recent years, several encryption schemes that actively use physical phenomena in the transmission path have been proposed. One of them is a method called Y-00 protocol that performs cryptographic communication using quantum noise generated in an optical transmission line. One example of a transmission / reception apparatus using the Y-00 protocol is disclosed in Patent Document 1.

  FIG. 13 is a block diagram illustrating a configuration example of a conventional transmission / reception apparatus using the Y-00 protocol. In FIG. 13, the transmission unit 90001 includes a first multilevel code generation unit 911, a multilevel processing unit 912, and a modulation unit 913. The receiving unit 90002 includes a demodulating unit 915, a second multi-level code generating unit 914, and an identifying unit 916. First, the transmission unit 90001 and the reception unit 90002 share the first key information 91 and the second key information 96 having the same contents in advance. Based on the first key information 91, the first multi-level code generator 911 converts a multi-value pseudo-random number sequence having M values from “0” to “M−1” into a multi-level code sequence. 92.

  Based on the values of the information data 90 and the multi-level code string 92, the multi-level processing unit 912 generates a multi-level signal 93 that is an intensity modulation signal using the signal format shown in FIG. That is, the multi-level processing unit 912 divides the signal strength of the multi-level code sequence 92 into 2M levels, sets these levels to M combinations (modulation schemes) two by two, and stores information on one level of each combination. “0” of data 90 is assigned and “1” is assigned to the other level. The multi-value processing unit 912 assigns the levels corresponding to “0” and “1” of the information data 90 so as to be evenly distributed in the entire 2M levels.

  In the example of FIG. 14, “0” and “1” are alternately assigned. The multi-level processing unit 912 selects one level combination based on the value of the input multi-level code string 92, selects one level of the combination based on the value of the information data 90, and selects the level. The multi-value signal 93 is output. In Patent Document 1, the first multi-level code generation unit 911 is a “transmission pseudo-random number generation unit”, the multi-level processing unit 912 is a “modulation method designation unit”, a “laser modulation drive unit”, and a modulation unit 913. Is a “laser diode”, a demodulator 915 is a “photo detector”, a second multi-level code generator 914 is a “reception pseudo-random number generator”, and an identification unit 916 is a “determination circuit”.

  Examples of signal changes when M = 4 are shown in FIGS. For example, when the value of the information data 90 changes as “0111” (see FIG. 15A) and the value of the multilevel code string 92 changes as “0321” (see FIG. 15B), the multilevel signal 93 Changes as shown in FIG. The modulation unit 913 converts the multilevel signal 93 into a modulation signal 94 that is a light intensity modulation signal, and transmits the modulated signal 94 via the optical transmission path 910.

  The demodulator 915 photoelectrically converts the modulated signal 94 transmitted via the optical transmission path 910 and outputs it as a multilevel signal 95. Based on the second key information 96, the second multi-level code generation unit 914 generates a multi-level code sequence 97 that is the same multi-value pseudo-random number sequence as the multi-level code sequence 92. The identifying unit 916 determines which one of the signal level combinations (modulation schemes) shown in FIG. 14 is used from the value of the multi-level code sequence 97 in the multi-level signal 95, and the two signal levels included in the combination Is binary-identified. Specifically, as shown in FIG. 15E, the identification unit 916 sets an identification level based on the value of the multi-level code sequence 97, and whether the multi-level signal 95 is larger (above) than the identification level. Or it is judged whether it is small (below). In this example, the identification unit 916 identifies “lower, lower, upper, lower”.

  Next, the identification unit 916 determines that the lower side is “0”, the upper side is “1”, the lower side is “1”, and the upper side is “0” when the multi-level code sequence 97 is an even number. Output as data 98. In this example, since the multi-level code sequence 97 is “even, odd, even, odd”, the information data 98 is “0111”. Although the multi-level signal 95 includes noise, the transmission unit 90001 can suppress the occurrence of errors in binary identification to a negligible level by appropriately selecting the signal strength.

  Next, assumed wiretapping will be described. An eavesdropper attempts to decrypt the information data 90 or the first key information 91 from the modulated signal 94 without having the key information shared by the sender and the receiver. Since it does not have key information, an eavesdropper cannot use the same reception method based on binary identification as an authorized receiver uses the receiving unit 90002. Therefore, the eavesdropper identifies the multilevel signal 81 obtained by photoelectric conversion using the demodulating unit 921 by the multilevel identifying unit 922 and decrypts the obtained received sequence 82 by the decrypting processing unit 923. By performing the above, it is considered that the information data 90 or the first key information 91 is attempted to be decrypted.

In this case, when the demodulator 921 performs photoelectric conversion with the photodetector, shot noise is generated and superimposed on the multilevel signal 81. It is known that this shot noise is always generated by the principle of quantum mechanics. Here, if the signal level interval (hereinafter referred to as step width) is made sufficiently smaller than the shot noise level, the multilevel signal 81 received due to the identification error takes various multilevel levels other than the correct signal level. The possibility cannot be ignored. Therefore, an eavesdropper needs to perform decryption processing in consideration of the possibility that the correct signal level is a value other than the signal level obtained by identification. The calculation amount increases, and as a result, security against eavesdropping is improved.
JP 2005-57313 A

  13 is based on the premise that the first key information 91 and the second key information 96 are shared in advance. However, in actual communication, the key information is out of synchronization. In some cases, it may be necessary to deliver the key information again. However, the conventional transmission / reception apparatus shown in FIG. 13 has a problem that it does not have a key distribution function.

  Therefore, an object of the present invention is to solve the above-described problems and to provide a transmission / reception apparatus that can simultaneously realize key distribution and encrypted communication.

  The present invention is directed to a data transmission apparatus for secretly communicating information data. In order to achieve the above object, the data transmitting apparatus of the present invention uses a predetermined key information, a multi-level code generation unit that generates a multi-level code sequence whose signal level changes in a substantially random manner, The multi-level code sequence and the information data are combined in accordance with the above processing, a multi-level processing unit for generating a multi-level signal having a level corresponding to the combination of both signal levels, and a predetermined modulation format based on the multi-level signal A modulation unit that generates a modulation signal, a random number generation unit that generates a random number signal, and a selected bit that is selected from the random number signal based on the selected modulation signal transmitted from the reception side, and the selected bits are selected bits And a key sharing unit that outputs selected bits as new key information when a predetermined condition is satisfied. In addition, amplitude modulation based on a random number signal is added to the modulation signal in a predetermined period.

  Preferably, the key sharing unit demodulates a selection modulation signal of a predetermined modulation format and selects a part of the selection signal demodulation unit that outputs the selection modulation signal as a selection signal and a random signal based on the selection signal. A key storage control unit that outputs the selected bit as a selected bit, a key storage unit that outputs key information and stores the selected bit, and outputs a selected bit as new key information when a predetermined condition is satisfied, Is provided.

  Preferably, the data transmission device is inserted before the amplitude control signal generation unit that outputs the amplitude control signal for determining the amplitude of the information data based on the random number signal and the multi-level processing unit, and based on the amplitude control signal And an amplitude modulation unit that performs amplitude modulation on the information data and outputs the information data.

  Further, the data transmission device is inserted between the amplitude control signal generating unit that outputs an amplitude control signal that determines the information amplitude of the multilevel signal based on the random number signal, the multilevel processing unit, and the modulation unit, and the amplitude An amplitude modulation unit that performs amplitude modulation on the multilevel signal based on the control signal and outputs the result may be further included.

  In addition, the data transmission device includes an amplitude control signal generation unit that outputs an amplitude control signal that determines the information amplitude of the modulation signal based on the random number signal, and a modulation signal that is inserted in the subsequent stage of the modulation unit and that is based on the amplitude control signal. And an amplitude modulation unit that performs amplitude modulation and outputs the result.

  However, the amplitude modulation based on the random number signal is sufficiently smaller than the information amplitude of the multilevel signal. The predetermined period is the same as the period for transmitting information data.

  Preferably, the data transmission device further includes a control signal generation unit that outputs a control signal of a predetermined format to the multilevel code generation unit.

  The present invention is also directed to a data receiving apparatus for secretly communicating information data. In order to achieve the above object, the data receiving apparatus of the present invention receives a modulation signal of a predetermined modulation format from the transmission side, demodulates the received modulation signal, and outputs a multilevel signal And a multi-level code generator that generates a multi-level code sequence whose signal level changes in a substantially random manner using predetermined key information, and the multi-level signal is identified based on the multi-level code sequence, and information data And a multi-value identification unit that outputs a random number signal generated on the transmission side from a multi-value signal in a predetermined period, and if the identification is successful, the result is stored as a selection bit, and a predetermined condition is When satisfied, a key sharing unit is provided that outputs a selected bit as new key information and outputs a selected modulation signal indicating the position of the successfully identified bit to the transmitting side.

  Preferably, the key sharing unit attempts to identify the random number signal from the multi-level signal in a predetermined period, outputs the result as a selection bit when the identification is successful, and a selection signal indicating the position of the successfully identified bit A key identification unit that outputs the key information, accumulates the selected bits, and stores a selected bit as key information when a predetermined condition is satisfied, and a selection signal as a predetermined signal. A selection signal modulation unit that modulates the signal in a modulation format and outputs the signal as a selection modulation signal.

  However, the amplitude modulation based on the random number signal is sufficiently smaller than the information amplitude of the multilevel signal. The predetermined period is the same as the period for transmitting information data.

  Preferably, the data receiving apparatus further includes a control signal reproduction unit that reproduces a control signal of a predetermined format from the multilevel signal.

  The data communication apparatus of the present invention encodes and modulates information data into a multilevel signal based on the key information, transmits the multilevel signal, and demodulates and decodes the received multilevel signal based on the same key information. In addition to optimizing the signal-to-noise power ratio, amplitude modulation based on a random number signal is superimposed on the multilevel signal. As a result, the data communication apparatus of the present invention realizes the transmission of the ciphertext and the distribution of the encryption key at the same time by using the same transmission / reception unit, and does not require a separate encryption key distribution system. A system can be provided.

  In addition to ciphertext and encryption key, various control signals such as timing signals can be transmitted by the same transmitter / receiver by superimposing amplitude modulation based on random number signals on the control signal and transmitting it. become. Therefore, it is not necessary to prepare a separate encryption key distribution system, and the configuration of the secret communication system can be simplified.

(First embodiment)
FIG. 1 is a block diagram showing a configuration example of a data communication apparatus according to the first embodiment of the present invention. 1, the data communication apparatus includes a transmission unit 23105, a reception unit 23205, a transmission path 110, and a selection signal transmission path 152. The transmission unit 23105 includes a multi-level encoding unit 111, a modulation unit 112, a first key sharing unit 150, and a random number generation unit 151. The receiving unit 23205 includes a demodulating unit 211, a multi-level decoding unit 212, and a second key sharing unit 250. The multi-level encoding unit 111 includes a first multi-level code generation unit 111a and a multi-level processing unit 111b. The multi-level decoding unit 212 includes a second multi-level code generation unit 212a and a multi-level identification unit 212b. The first key sharing unit 150 includes a key accumulation control unit 1501, a selection signal demodulation unit 1502, and a first key accumulation unit 1503. The second key sharing unit 250 includes a key identification unit 2501, a selection signal modulation unit 2502, and a second key storage unit 2503.

  In the present embodiment, ciphertext transmission and delivery of key information used to generate a multilevel code are performed by the same transmission / reception unit. For delivery of key information, a method called Yuen-Kim key delivery protocol is used. First, the Yuen-Kim key distribution protocol will be described with reference to FIG. FIG. 2 is a diagram for explaining signal levels in the Yuen-Kim key distribution protocol.

  In the distribution of key information, the data communication apparatus needs to create a condition in which only a legitimate receiver can receive correct key information and an eavesdropper cannot receive correct key information. Here, the signal-to-noise ratio of the signal transmitted from the sender to the authorized receiver is small, and the noise superimposed on the signal is quantum noise generated in the optical device or noise generated in the receiver. Think. In such a case, there is no correlation between the noise superimposed on the reception signal of the legitimate receiver and the noise superimposed on the reception signal of the eavesdropper, and as a result, there is a correlation between the reception levels of the legitimate receiver and the eavesdropper. Disappears. The Yuen-Kim key distribution protocol uses this mechanism.

  First, the sender modulates the signal based on a random number. At this time, as shown in FIG. 2, the sender sets the difference between the signal levels corresponding to “1” and “0” sufficiently smaller than the noise level. When a regular receiver receives this signal, noise is superimposed, so that the signal level indicates a probability distribution as indicated by a solid line when it is “1” and indicated by a dotted line when it is “0”. Here, the regular receiver sets the threshold value 1 to a level that is sufficiently larger than the average level of “1” and has a probability that the value is “0” above this level.

  Further, the regular receiver sets the threshold value 0 to a level that is sufficiently smaller than the average level of “0” and has a probability that the value is “1” at a level below this level. A legitimate recipient identifies “1” if the received signal is greater than threshold 1, and “0” if the received signal is less than threshold 0, and the value is unknown if the received signal is at a level between threshold 1 and threshold 0. It is determined that the bit is discarded. The legitimate receiver returns the position of the successfully identified bit to the sender, and shares this as a key. In addition, although a regular receiver may rarely mistakenly identify a received signal, this can be dealt with using an error correction code or the like.

  On the other hand, since the reception level of the eavesdropper shows a probability distribution similar to that of the regular receiver, the eavesdropper can try the same identification, but there is a correlation between the signal level of the regular receiver and the eavesdropper. Because there is no bit, the position of the bit that succeeds in identification is different. For this reason, eavesdroppers cannot share keys. Even if an eavesdropper identifies an intermediate level between the average levels of “1” and “0” as a threshold, since the probability distribution of the signal level is distributed beyond the intermediate level, a bit error occurs with high probability. Occurs, and the bit string of the key obtained by the eavesdropper is incorrect. Thereby, key distribution can be realized safely.

  Next, the operation of each part of this embodiment will be described with reference to FIG. In FIG. 1, a first multi-level code generator 111a generates a multi-level code string 12 whose signal level changes substantially in a random manner based on predetermined first key information 11 determined in advance. The multi-level processing unit 111b receives the multi-level code string 12 and the information data 10. The multilevel processing unit 111b combines the multilevel code string 12 and the information data 10 according to a predetermined procedure, and generates and outputs a multilevel signal 13 having a level uniquely corresponding to the combination of both signal levels. The modulation unit 112 converts the multi-level signal 13 as original data into a modulation signal 14 having a predetermined modulation format, and sends it to the transmission line 110.

  The demodulator 211 demodulates the modulated signal 14 transmitted via the transmission path 110 and reproduces the multilevel signal 15. The second multi-level code generation unit 212 a shares in advance the second key information 16 that is the same as the first key information 11, and the multi-level code sequence 12 corresponds to the multi-level code sequence 12 based on the second key information 16. A value code string 17 is generated. The multilevel identifying unit 212b identifies the multilevel signal 15 (binary determination) using the multilevel code string 17 as a threshold value, and reproduces the information data 18. Here, the modulation signal 14 of a predetermined modulation format transmitted and received by the modulation unit 112 and the demodulation unit 211 via the transmission line 110 is obtained by modulating an electromagnetic wave (electromagnetic field) or a light wave with the multilevel signal 13. It is.

  The generation of the multi-level signal 13 in the multi-level processing unit 111b is not limited to the method of adding the multi-level code sequence 12 and the information data 10 as described above, but according to the information data 10, the multi-level code sequence 12 Any method can be used, such as a method of amplitude modulating / controlling the level of a signal or a method of sequentially reading out a multi-level signal level corresponding to a combination of both signal levels from a memory in which the signal levels are stored in advance. I do not care.

  The random number generation unit 151 generates a random number signal 84 and outputs the random number signal 84 to the first multi-level code generation unit 111a and the key accumulation control unit 1501. The first multi-level code generation unit 111a generates the multi-level code sequence 12 based on the value of the random number signal 84 in addition to the first key information 11, and outputs the multi-level code sequence 12 to the multi-level processing unit 111b.

  The first key sharing unit 150 and the second key sharing unit 250 share the successfully identified bits in the transmitted random number signal 84 between the transmission and reception, and hold them as new key information. Details thereof will be described below. The key identifying unit 2501 identifies the random number signal 84 from the multilevel signal 15 and outputs the result to the second key storage unit 2503 as the selection bit 88 when the identification is successful, and the position of the bit that has been successfully identified. As a selection signal 89 to the selection signal modulation section 2502. The second key storage unit 2503 stores the value of the second key information 16, outputs the value of the second key information 16 to the second multi-level code generation unit 212a, and stores the selection bit 88. It has the function to do. Then, the second key storage unit 2503 replaces the value of the second key information 16 with the stored value of the selection bit 88 when a predetermined condition is satisfied.

  The predetermined condition may be a case where the number of bits of the stored selection bits 88 has reached the number of bits of the second key information 16 or when a predetermined time has elapsed since the previous key information was replaced. It may be. The selection signal modulation unit 2502 modulates the selection signal 89 into a selection modulation signal 87 having a predetermined modulation format, and transmits the modulation signal 87 via the selection signal transmission path 152. An arbitrary transmission path can be used as the selection signal transmission path 152. For example, the selection signal transmission path 152 may be multiplexed on a transmission path in the opposite direction to the transmission path 110, or a dedicated transmission path may be prepared.

  The selection signal demodulator 1502 demodulates the selection modulation signal 87 transmitted via the selection signal transmission path 152 and outputs it to the key accumulation control unit 1501 as the selection signal 85. The key accumulation control unit 1501 holds the value of the random number signal 84 until the selection signal 85 is returned, and when it is found from the information of the selection signal 85 that the identification is successful on the receiving side, the bit of the random number signal 84 Is output as a selection bit 86 to the first key storage unit 1503.

  On the other hand, the key accumulation control unit 1501 discards the bits of the random number signal 84 when it is found that identification has failed on the receiving side. The first key accumulation unit 1503 has a function of holding the value of the first key information 11 and outputting the value to the first multi-level code generation unit 111a and a function of accumulating the selection bit 86. The first key storage unit 1503 replaces the value of the first key information 11 with the stored value of the selected bit 86 when the same predetermined condition as that of the second key storage unit 2503 is satisfied.

  Next, signals used in the present embodiment will be described with reference to FIGS. 3 and 4. FIG. 3 is a schematic diagram for explaining signal waveforms used in the data communication apparatus according to the first embodiment. Consider a case where the value of the random number signal 84 is “100100” as shown in FIG. As shown in FIG. 3B, when the multi-level encoding unit 111 takes eight levels based on the information data 10 and the first key information 11, the multi-level encoding unit 111 uses a random number signal for each level. Levels corresponding to 84 values “1” and “0” (represented by “+” and “−”, respectively) are set, and a total of 16 types of levels are set.

  Here, the difference between the levels (for example, L1 + and L1−) corresponding to the values “1” and “0” of the random number signal is smaller than the level of the quantum noise or noise generated in the demodulator 211, and the information amplitude ( For example, it is set to be sufficiently smaller than the difference between L1 + and L5 +). As a result, the multilevel signal 13 satisfies the signal level condition of the Yuen-Kim key distribution protocol described above, and the level difference of the multilevel signal 13 can be ignored as an error during identification in the multilevel identification unit 212b. Like that.

  On the receiving side, noise is superimposed on the demodulated multilevel signal 15 as shown in FIG. In the identification by the key identification unit 2501, the random number signal 84 is generated using the level of the multi-level code sequence 17 generated based on the second key information 16 and the key identification level generated based on the multi-level code sequence 17. Identify This identification method will be described taking the period t1 (level C1 of the multilevel code string) as an example. Here, four types of key identification levels, “CK1a +”, “CK1a−”, “CK1b +”, and “CK1b−” are set. “CK1a +” and “CK1b +” correspond to the threshold value 1 in FIG. 2, and “CK1a−” and “CK1b−” correspond to the threshold value 0 in FIG. “CK1a +” and “CK1a−” correspond to the case where the value of the information data 18 is “0”, and “CK1b +” and “CK1b−” correspond to the case where the value of the information data 18 is “1”.

  FIG. 4 is a diagram illustrating a correspondence relationship between the relative value of the received signal level and the identification result at each identification level. In FIG. 4, “upper” indicates that the received signal level is higher than the identification level, and “lower” indicates that the received signal level is lower than the identification level. Since the value of the information data 18 corresponds to “0” when the received signal level is smaller than the multi-level code string level C1, the key identification unit 2501 uses “CK1a +” and “CK1a−” to generate a random number signal. Identify. At this time, the key identifying unit 2501 identifies the random number signal as “1” when the signal level is greater than “CK1a +”, and identifies the random number signal as “0” when the signal level is smaller than “CK1b−”, and “CK1a +” and “CK1a−”. "", It is determined that the random number signal is unknown.

  On the other hand, when the received signal level is smaller than the multi-level code string level C1, the key identification unit 2501 uses “CK1b +” and “CK1b−” as a random number because the value of the information data 18 corresponds to “1”. Identify the signal. At this time, the key identifying unit 2501 identifies the random number signal as “1” when the signal level is greater than “CK1b +”, and identifies the random number signal as “0” when the signal level is smaller than “CK1b−”, and “CK1b +” and “CK1b−”. "", It is determined that the random number signal is unknown. Similarly, the key identification unit 2501 sets a key identification level based on the level of the multilevel code string 17 in each period, and identifies a random number signal.

  The method described above is a random number signal transmission method in the case where key information already used is updated to new key information. In the case of the first key distribution, no random number signal is transmitted using only predetermined two adjacent multilevel signal levels (for example, L1 + and L1−) without transmitting data. As a result, the method of this embodiment can be applied to both the distribution of the key information to be used first and the case where it is desired to update the key information for some reason (such as loss of synchronization of the key information or improvement of security). .

  The processing described above can be realized even if the transmission unit 23105 has another configuration. Some examples will be described. FIG. 5 is a block diagram illustrating a second configuration example of the data communication apparatus according to the first embodiment. 5 is different from the configuration of FIG. 1 in that a transmission unit 23105a newly includes an amplitude control signal generation unit 153 and an amplitude modulation unit 154. In this configuration example, the random number signal 84 is input to the amplitude control signal generation unit 153 instead of the first multi-level code generation unit 111a. The amplitude control signal generator 153 outputs an amplitude control signal 35 that determines the amplitude of the information data 10 based on the random number signal 80. The amplitude modulation unit 154 is inserted in the previous stage of the multi-value processing unit 111b, performs amplitude modulation smaller than the noise level on the information data 10 based on the amplitude control signal 35, and outputs it. Thereby, the multi-value processing unit 111b can generate the multi-value signal 13 similar to that described with reference to FIG.

  FIG. 6 is a block diagram showing a third configuration example of the data communication apparatus according to the first embodiment of the present invention. This configuration example is different from the configuration example of FIG. 5 in that the amplitude modulation unit 154 is inserted between the multi-level processing unit 111b and the modulation unit 112. In this case, the amplitude modulation unit 154 performs amplitude modulation smaller than the noise level on the multilevel signal 13 and outputs the result.

  FIG. 7 is a block diagram showing a fourth configuration example of the data communication apparatus according to the first embodiment of the present invention. This configuration example is different from the configuration example of FIG. 5 only in that the amplitude modulation unit 154 is inserted in the subsequent stage of the modulation unit 112. In this case, the amplitude modulation unit 154 performs amplitude modulation smaller than the noise level on the modulated signal 14 and outputs the result.

  As described above, according to the present embodiment, since the transmission of ciphertext and the distribution of the encryption key can be realized simultaneously using the same transmission / reception unit, it is not necessary to prepare a separate encryption key distribution system, and the configuration of the secret communication system Can be simplified.

(Second Embodiment)
FIG. 8 is a block diagram showing a configuration example of a data communication apparatus according to the second embodiment of the present invention. The configuration of the data communication apparatus shown in FIG. 8 is basically the same as that in FIG. 1 (first embodiment), except that the multi-level code string 17 output from the second multi-level code generator 212a is key identification. The timing signal 61 is input to the key identifying unit 2501 and the multi-level identifying unit 212b without being input to the unit 2501. In the present embodiment, the period for data transmission is divided into a data period for cryptographic transmission and a key distribution period for key distribution. The signal form in this embodiment will be described with reference to FIG.

  FIG. 9 is a schematic diagram for explaining signal waveforms used in the data communication apparatus according to the second embodiment. As shown in FIG. 9A, a level dedicated to key distribution is set in the multi-value signal 13 in the key distribution period (t1), the level corresponding to the value “1” of the random number signal is set to K2, and the value “ A level corresponding to 0 ″ is K1. Here, the difference between K2 and K1 is set to be sufficiently smaller than the level of quantum noise or noise generated in the demodulator 211. Since values set in the data period are the same as those in the first embodiment, description thereof is omitted.

  On the receiving side, noise is superimposed on the multilevel signal 15 as shown in FIG. The key identification unit 2501 performs key identification during the period in which the timing signal 61 indicating the key distribution period is input. The key identification level CK2 corresponding to the value “1” of the random number signal (corresponding to the threshold value 1 in FIG. 2) is sufficiently larger than the average level K2 of “1”, and the key identification level CK1 corresponding to the value “0” of the random number signal ( (Corresponding to the threshold value 0 in FIG. 2) is set sufficiently smaller than the average level K1 of “0”. The key identification unit 2501 identifies the random number signal as “1” when the signal level of the multilevel signal 15 is greater than CK2, and identifies the random number signal as “0” when it is smaller than CK1, and in the case between CK2 and CK1. It is determined that the random number signal is unknown.

  The multi-level identifying unit 212b determines a data period from the timing signal 61, and identifies information data in that period. Since the operation of each part other than this is the same as that of the first embodiment, the description thereof is omitted.

  Although FIG. 9 illustrates the case where the multi-level signal level in the key distribution period is set to a value different from the data period, the multi-level signal level in the key distribution period may be set to the same value as the data period. . The ratio between the key distribution period and the data period can be arbitrarily set according to the requirements of the communication system. For example, if it is important to increase security by increasing the frequency of key exchange, the key distribution period may be increased. If it is important to increase the throughput of information data, the data period may be increased. Good.

  As described above, according to the second embodiment of the present invention, the same effect as that of the first embodiment can be obtained without complicatedly controlling the identification level in the key identifying unit 2501.

(Third embodiment)
FIG. 10 is a block diagram showing a configuration example of a data communication apparatus according to the third embodiment of the present invention. In addition to the configuration shown in FIG. 8, the data communication apparatus in FIG. 10 newly includes a timing signal generation unit 132 inside the transmission unit 23107 and a timing signal reproduction unit 230 inside the reception unit 23207. The timing signal generator 132 generates the timing signal 62. The timing signal 62 is a signal obtained by dividing the frame clock or the data clock. The timing signal reproduction unit 230 reproduces the timing signal 63 from the multilevel signal 15.

  In the present embodiment, in addition to the ciphertext and the encryption key, a timing signal is also transmitted at the same time. The signal form in this embodiment will be described with reference to FIG. FIG. 11 is a schematic diagram for explaining signal waveforms used in the third embodiment of the present invention. FIGS. 11A to 11C show examples when the timing signal and key distribution are performed at the same timing. Referring to FIG. 11A, the multi-level encoding unit 111 sets the level of the multi-level signal 13 to a dedicated level during a period in which timing signal transmission and key distribution are performed. The modulation and identification of the random number signal are the same as those described with reference to FIG. Referring to FIG. 11B, the timing signal reproducing unit 230 determines the timing signal identification level between the multi-level signal level in the data period and the multi-level signal 15 in the period for performing the timing signal transmission and key distribution. CC is set and the multilevel signal 15 is identified. Thereby, the timing signal reproducing unit 230 can obtain the timing signal 63 as shown in FIG. This timing signal 63 is used as a reference of a clock signal used in the multi-level encoding unit 212 and the key identification unit 2501.

  Note that FIG. 11 shows an example in which key distribution is performed only during a period in which the timing signal is transmitted. However, if the method described in the first embodiment is used, key distribution can be performed in the data period.

  Moreover, although the example which transmits a timing signal showed the data communication apparatus mentioned above, it is possible to transmit not only a timing signal but various types of control signals by using the same method. FIG. 12 is a block diagram illustrating a second configuration example of the data communication apparatus according to the third embodiment. In FIG. 12, the transmission unit 23107 a includes a control signal generation unit 155 that generates the control signal 55 instead of the timing signal generation unit 132, and the reception unit 23207 a replaces the timing signal reproduction unit 230 with the multilevel signal 15. The control signal reproduction unit 255 for reproducing the control signal 56 is provided.

  As described above, according to the present embodiment, in addition to the ciphertext and the encryption key, various control signals such as timing signals can be transmitted by the same transmission / reception unit.

  The data communication apparatus according to the present invention is useful as a secure secret communication apparatus that does not receive eavesdropping / interception.

1 is a block diagram showing a configuration example of a data communication apparatus according to a first embodiment of the present invention. The figure explaining the signal level in a Yuen-Kim key distribution protocol Schematic diagram illustrating a signal waveform used in the data communication apparatus according to the first embodiment of the present invention. The figure which shows the correspondence of the relative value of the signal level received in each identification level, and an identification result FIG. 3 is a block diagram showing a second configuration example of the data communication apparatus according to the first embodiment. The block diagram which shows the 3rd structural example of the data communication apparatus which concerns on 1st Embodiment. The block diagram which shows the 4th structural example of the data communication apparatus which concerns on 1st Embodiment. The block diagram which shows the structural example of the data communication apparatus which concerns on the 2nd Embodiment of this invention. Schematic diagram illustrating the signal waveform used in the second embodiment of the present invention The block diagram which shows the structural example of the data communication apparatus which concerns on the 3rd Embodiment of this invention. Schematic diagram illustrating a signal waveform used in a data communication apparatus according to a third embodiment of the present invention. The block diagram which shows the 2nd structural example of the data communication apparatus which concerns on 3rd Embodiment. Block diagram showing the configuration of a conventional data communication device Illustration of signal point arrangement in a conventional data communication device Schematic diagram explaining signal waveforms used in conventional data communication devices

Explanation of symbols

10, 18 Information data 11, 16 Key information 12, 17 Multi-level code string 13, 15 Multi-level signal 14 Modulated signal 84 Random number signal 85, 89 Select signal 86, 88 Select bit 87 Select modulation signal 110 Transmission path 111 Multi-level code Conversion unit 111a first multi-level code generation unit 111b multi-level processing unit 112 modulation unit 150 first key sharing unit 151 random number generation unit 152 selection signal transmission path 153 amplitude control signal generation unit 154 amplitude modulation unit 155 control signal generation unit 1501 Key accumulation control unit 1502 Selection signal demodulation unit 1503 First key accumulation unit 211 Demodulation unit 212 Multi-level decoding unit 212a Second multi-level code generation unit 212b Multi-level identification unit 230 Timing signal reproduction unit 250 Second key Sharing unit 255 Control signal generation unit 2501 Key identification unit 2502 Selection signal modulation unit 2503 Second key storage units 23105 to 23107 Transmitter 23205 to 23207 Receiver

Claims (13)

A data transmission device for secretly communicating information data,
A multi-level code generator that generates a multi-level code sequence in which the signal level changes substantially randomly using predetermined key information;
In accordance with a predetermined process, the multilevel code sequence and the information data are combined, and a multilevel processing unit that generates a multilevel signal having a level corresponding to a combination of the multilevel code sequence and the level of the information data;
A modulation unit that generates a modulation signal of a predetermined modulation format based on the multilevel signal;
A random number generator for generating a random number signal;
Based on the selected modulation signal transmitted from the receiving side, some bits are selected from the random number signal, the selected bits are stored as selected bits, and when the predetermined condition is satisfied, the selected bits are newly set. A key sharing unit that outputs as key information,
The data transmission device, wherein the modulation signal is subjected to amplitude modulation based on the random number signal in a predetermined period. The key sharing unit
A selection signal demodulator that demodulates a selection modulation signal of a predetermined modulation format and outputs the demodulation signal;
A key accumulation control unit that selects some bits from the random number signal based on the selection signal and outputs the selected bits as a selection bit;
2. A key storage unit that outputs the key information, stores the selected bits, and outputs the selected bits as new key information when a predetermined condition is satisfied. The data transmission device described in 1. An amplitude control signal generator for outputting an amplitude control signal for determining the amplitude of the information data based on the random number signal;
2. The data transmission according to claim 1, further comprising: an amplitude modulation unit that is inserted in a preceding stage of the multi-level processing unit and that performs amplitude modulation on the information data based on the amplitude control signal and outputs the information data. apparatus. An amplitude control signal generator for outputting an amplitude control signal for determining an information amplitude of the multilevel signal based on the random number signal;
2. The apparatus according to claim 1, further comprising: an amplitude modulation unit that is inserted between the multi-level processing unit and the modulation unit and performs amplitude modulation on the multi-level signal based on the amplitude control signal and outputs the result. The data transmission device described in 1. An amplitude control signal generator for outputting an amplitude control signal for determining an information amplitude of the modulation signal based on the random number signal;
The data transmission apparatus according to claim 1, further comprising: an amplitude modulation unit that is inserted in a subsequent stage of the modulation unit and performs amplitude modulation on the modulation signal based on the amplitude control signal and outputs the modulated signal.   The data transmitting apparatus according to claim 1, wherein the magnitude of amplitude modulation based on the random number signal is sufficiently smaller than the information amplitude of the multilevel signal.   The data transmission apparatus according to claim 1, wherein the predetermined period is the same as a period for transmitting the information data.   The data transmission apparatus according to claim 1, further comprising a control signal generation unit that outputs a control signal of a predetermined format to the multilevel code generation unit. A data receiving device for secretly communicating information data,
A demodulator that receives a modulated signal in a predetermined modulation format from the transmission side, demodulates the received modulated signal, and outputs a multi-level signal;
A multi-level code generator that generates a multi-level code sequence in which the signal level changes substantially randomly using predetermined key information;
Based on the multi-level code sequence, a multi-level identifying unit that identifies the multi-level signal and outputs the information data;
In a predetermined period, an attempt is made to identify a random number signal generated on the transmission side from the multilevel signal, and if the identification is successful, the result is stored as a selection bit, and if the predetermined condition is satisfied, the selection bit is stored. And a key sharing unit that outputs a selection modulation signal indicating the position of the bit that has been successfully identified to the transmission side. The key sharing unit
A key identification unit that attempts to identify the random number signal from the multilevel signal in a predetermined period, outputs the result as a selection bit when the identification is successful, and outputs a selection signal indicating the position of the successfully identified bit When,
A key storage unit that outputs the key information and stores the selected bits, and outputs the selected bits as new key information when a predetermined condition is satisfied;
The data receiving apparatus according to claim 9, further comprising a selection signal modulation unit that modulates the selection signal in a predetermined modulation format and outputs the modulation signal as a selection modulation signal.   The data receiving apparatus according to claim 9, wherein the magnitude of amplitude modulation based on the random number signal is sufficiently smaller than the information amplitude of the multilevel signal.   The data receiving apparatus according to claim 9, wherein the predetermined period is the same period as a period for transmitting the information data. The data receiving apparatus according to claim 9, further comprising a control signal reproducing unit that reproduces a control signal of a predetermined format from the multilevel signal.

Images