JP2007104731A - Encryption key management apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an encryption key management apparatus capable of preventing data on a private personal computer from being viewed by a third party by making an encryption algorithm using a pseudo random number generator for generating pseudo random numbers of a chaos system to be hardly decrypted. <P>SOLUTION: In the encryption key management apparatus for managing an encryption key 1d configured so as to be detachably attached on an external apparatus 2d, the external apparatus 2d is provided with an initial value table 83 storing a encryption key number and an initial value of a chaos function for each encryption key 1d so that they are correlated, and a transmitting section 22d for reading an initial value corresponding to a number of an encryption key 1d attached on the external apparatus 2d from the initial value table when the encryption key 1d is attached on the external apparatus 2d and transmitting the read value to the encryption key. The encryption key 1d is provided with a memory 13d for storing the initial value from the external apparatus 2d, and a pseudo random number generator 14 for generating pseudo random numbers of the chaos system on the basis of the initial value stored in the memory 13d, the data size of data and the chaos function. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an encryption key management apparatus that manages an encryption key having a pseudo random number generator that generates a pseudo random number of a chaotic sequence.

  In recent years, USB (Universal Serial Bus) has been used as an interface that unifies the connections between personal computers and relatively low-speed peripheral devices such as keyboards, mice, speakers, modems, and printers with the same connectors and cables. ing. In this USB, the data transfer speed between the personal computer and the peripheral device is, for example, 1.5 Mbps, which is relatively low.

  2. Description of the Related Art An encryption device that performs data encryption processing using a personal computer and peripheral devices conforming to the USB standard is known. This encryption apparatus includes a key information part in which key information is registered, and a personal computer to which the key information part is attached and which has an encryption algorithm.

The key information section includes a key information section in which key information is registered by an individual at the time of purchase, a key information section in which key information is registered at the time of factory shipment, and the like. When the key information part is attached, the personal computer reads the key information from the key information part, generates an encryption key from the key information using an encryption algorithm, and encrypts Heisei sentence data using the encryption key. The encryption data was generated.
JP 2000-310942 A

  However, in the conventional encryption apparatus, since the encryption algorithm resides in the personal computer, the encryption key based on the encryption algorithm is easily deciphered by a third party. For this reason, there has been a problem that plain text data on a personal computer is easily viewed by a third party.

  On the other hand, in multi-user information communication for the next generation, code division multiple access (CDMA) using a spread spectrum communication method that is excellent in secrecy and has high ability to eliminate interference waves and interference waves is mainstream. It becomes. In this spread spectrum communication system, a pseudo random number generator capable of generating pseudo random numbers is a key device. True physical noise is not reproducible and cannot be industrial technology. Therefore, it is desired to realize a pseudo-random number generator that can artificially reproduce and generate many types of binary sequences that can be regarded as pseudo-random numbers.

  Pseudo-noise has the same meaning as pseudo-random numbers. True random numbers cannot be industrial technology because they are not reproducible, such as coin throwing and dice swinging. On the other hand, sufficient scramble and sufficient spreading cannot be realized unless the sequence is unpredictable. An ideal pseudo-random number generator cannot be realized without realizing contradictions in terms of thinking as industrial technology.

  Here, chaos includes waves of all frequencies, and it is known that chaos and random numbers have a very close relationship. Therefore, it is known that if chaos can be time-series, it can be used as a pseudo-random number. For this reason, an encryption process for encrypting data using a pseudorandom number generator that generates a pseudorandom number of a chaotic sequence has been desired.

  The present invention makes it difficult for a third party to decrypt an encryption algorithm using a pseudo-random number generator that generates a pseudo-random number of a chaotic sequence, so that data on a personal computer can be easily viewed by a third party. It is an object of the present invention to provide an encryption key management apparatus capable of managing encryption keys that can prevent the above-described problem.

  In order to solve the above-described problems, an encryption key management device according to the present invention is an encryption key management device that manages an encryption key configured to be detachable from an external device. An apparatus includes an initial value table storing an encryption key number and an initial value of a chaos function in association with each encryption key, and the encryption key corresponding to the encryption key number when the encryption key is attached to the external device. A transmission unit that reads an initial value from the initial value table and transmits the initial value to the encryption key. The encryption key includes a memory that stores the initial value from the external device, and the initial value stored in the memory. And a pseudo-random number generator for generating a pseudo-random number of a chaotic sequence based on the data size of the data and a chaotic function.

  According to a second aspect of the present invention, in the first aspect, the external device includes an input unit that inputs the cryptographic key number and the initial value for each cryptographic key, and each cryptographic key that is input by the input unit. And a storage control unit for storing the encryption key number and the initial value in the initial value table.

  According to the first aspect of the present invention, when an encryption key is attached, the external device reads an initial value corresponding to the number of the encryption key from the initial value table and transmits it to the encryption key. Stores an initial value from an external device in a memory, and generates a pseudo random number of a chaotic sequence based on the initial value stored in the memory, the data size of the data, and a chaos function. Accordingly, an initial value corresponding to the encryption key can be registered for each encryption key from the external device in the memory in the encryption key.

  According to the second aspect of the present invention, when the input unit inputs the encryption key number and the initial value for each encryption key, the storage control unit receives the encryption key number for each encryption key input by the input unit and Since the initial value is stored in the initial value table, the initial value can be managed for each encryption key using the generated initial value table.

  Embodiments of an encryption key management apparatus according to the present invention will be described below in detail with reference to the drawings. The embodiment of the invention corresponding to the inventions of claims 1 and 2 corresponds to [Example 4], and examples other than this example are for reference only. It is not an embodiment of the invention corresponding to the invention.

  FIG. 1 is a block diagram showing a configuration of an encryption apparatus according to a first embodiment of the present invention. The encryption device shown in FIG. 1 is configured to be detachable from the personal computer 2 (corresponding to the external device of the present invention) that encrypts plaintext data using an encryption key, and conforms to the USB standard. And a USB key (corresponding to the encryption key of the present invention) 1. The external device may be a mobile terminal such as a mobile phone instead of a personal computer.

  The USB key 1 is portable and owned by an individual. The USB key 1 is formed with a key protrusion 10, and the key protrusion 10 is inserted into a computer groove 20 formed in the personal computer 2. The USB key 1 and the personal computer 2 are electrically connected so that mutual data communication can be performed between them.

  The USB key 1 includes an input / output unit 11 that controls input / output of data to / from the personal computer 2, a USB controller 12, a memory 13, and a pseudo random number generator 14.

  The pseudo random number generator 14 generates a pseudo random number of a chaotic sequence based on the data size of the plain text data, the chaotic function, and the initial value of the chaotic function. The pseudorandom number of this chaotic sequence will be described. Random numbers are generated irregularly, and the chaotic time-series waveform behaves irregularly. For this reason, pseudo-random numbers of chaotic sequences are generated using chaotic time-series waveforms.

  One of the equations that generate a chaotic time-series waveform and has a chaotic property is a logistic mapping equation. This logistic map equation is expressed by a recurrence formula as shown in equation (1).

x (t + 1) = 4x (t) {1-x (t)}
x (t) = x (t + 1) (1)
Here, since x (t) is moved to x (t + 1), it is called mapping. t is a discrete time, and x (t) corresponds to the chaotic function described above. When an initial value x (0) is given to Expression (1) and the discrete time t is changed from 0 to a constant time Δt (discretely), for example, 100, a time series waveform of a logistic map chaos as shown in FIG. That is, a time series {x (t) -t} is obtained. In FIG. 2, the value of x (t) for each fixed time Δt is plotted.

  This logistic mapping equation is a time-series waveform in which the value repeatedly increases / decreases, and the state of the time-series waveform changes greatly with a slight change in the initial value x (0). In other words, the logistic map equation is sensitively dependent on the initial value x (0). For this reason, by changing the initial value x (0), it is possible to generate a plurality of types of pseudorandom numbers of chaotic sequences, whereby a plurality of types of USB keys 1 can be produced.

  In addition, the logistic map equation has nonlinear input / output characteristics and behaves nonlinearly. Furthermore, x (t) does not take the same value twice and is irreversible. For this reason, since the value of x (t) cannot be simply predicted, confidentiality can be increased.

  The specific circuit configuration of the pseudo random number generator will be described later in detail.

  The memory 13 stores the initial value of the chaos function and the password of the individual who owns the key. A USB controller 12 (corresponding to the transmission / reception control unit of the present invention) controls each unit, and when the USB key 1 is attached to the personal computer 2, receives the data size of plain text data from the personal computer 2, and generates a pseudo-random number generator. 14 is transmitted to the personal computer 2 as a cryptographic key.

  The personal computer 2 transmits the data size of the plaintext data to the USB key 1 when the USB key 1 is attached, and encrypts the plaintext data using the chaotic sequence pseudo-random number sent from the USB key 1 as the encryption key. To do. The personal computer 2 includes an input / output unit 21 that controls input / output of data to / from the USB key 1, a controller 22, a memory 23 that stores personal passwords and various data input from the input unit 3, and exclusive logic A sum circuit (hereinafter abbreviated as XOR) 24 and a transmission unit 25 are included. Connected to the personal computer 2 are an input unit 3 for inputting plaintext data and other various data, and a display unit 4 for displaying data on the screen.

  When the USB key 1 is attached, the controller 22 receives the attachment signal from the USB key 1 and transmits the number of plaintext data bytes (corresponding to the data size of the present invention) to the USB key 1. The pseudo random number obtained by the pseudo random number generator 14 is received. The controller 22 collates the password input from the input unit 3 with the password stored in the USB key 1, and permits the encryption process when both passwords match. The XOR 24 performs encryption by executing an exclusive OR operation between the pseudo random number from the controller 22 and the plain text data, and outputs the obtained encrypted data to the transmission unit 25.

  Next, the operation of the encryption apparatus including the encryption key configured as described above will be described in detail with reference to FIGS. FIG. 3 is a diagram for explaining a specific example of encryption using a pseudo-random number as a key. FIG. 4 is a sequence diagram illustrating encryption processing on the transmission side.

  First, the USB key 1 is attached to the personal computer 2 (step S1), and the personal computer 2 is activated (step S2). And a user's password is input from the input part 3 (step S3).

  Next, the personal computer 2 requests a password from the USB key 1 (d1). In the USB key 1, in response to the password request, the USB controller 12 reads the password from the memory 13, and transmits the password to the personal computer 2 (d2).

  Next, the controller 22 in the personal computer 2 determines whether or not the password input from the input unit 3 matches the password stored in the USB key 1 (step S5). When both passwords do not match, the encryption process is not performed. When both passwords match, the encryption process is permitted and the number of bytes of plaintext data is transmitted to the USB key 1 (d3).

  In the USB key 1, the pseudo random number generator 14 generates a pseudo random number of a chaotic sequence based on the received number of bytes of plaintext data, a chaotic function, and an initial value of the chaotic function (step S7). Then, the USB controller 12 transmits the chaotic sequence pseudo-random number obtained by the pseudo-random number generator 14 to the personal computer 2 (d4).

  In the personal computer 2, the XOR 24 performs encryption by executing an exclusive OR operation between the pseudo random number from the controller 22 and the plaintext data, and outputs the obtained encrypted data to the transmitting unit 25 (step S8). . For example, as shown in FIG. 3, when plaintext data is “011001”, a pseudorandom number as an encryption key is “100100”, and both are XORed, “111101” is obtained as encrypted data. The transmission unit 25 transmits the encrypted data from the XOR 24 to the outside. Further, the encrypted data is stored in the memory 23.

  As described above, according to the encryption device of the first embodiment, the USB key 1 is provided only when the pseudo random number generator 14 is provided in the USB key 1 that is separate from the personal computer 2 and encryption is performed. Is attached to the personal computer 2 and a chaotic random number is transmitted from the USB key 1 to the personal computer 2. That is, since the pseudo random number generator 14 (encryption algorithm) is not resident in the personal computer 2 and is built in the USB key body, it becomes difficult for a third party to decipher the chaotic sequence pseudo random number as the encryption key. Thereby, it is possible to prevent the data on the personal computer from being browsed by a third party.

  In use, files of various formats such as documents and images can be encrypted simply by inserting the USB key 1 into the personal computer 2. Furthermore, if the other party also has the USB key 1, a secret encrypted mail based on encrypted data can be transmitted to the other party.

  Further, since the personal computer 2 is not provided with the pseudo random number generator 14, the processing load on the personal computer 2 can be reduced.

  Furthermore, since the encryption process cannot be performed unless the password on the USB key 1 side matches the password on the personal computer 2 side, the secrecy can be further improved.

  In addition, by changing the initial value x (0), pseudo random numbers of a plurality of types of chaotic sequences can be generated, so that a plurality of types of USB keys 1 can be produced, which can be used in a plurality of groups. Become.

  In addition, because chaotic sequence pseudo-random numbers can be generated at high speed, the encryption processing speed of this method is approximately 80 times that of the DES (Data Encryption Standard) method, which is a conventional general encryption method. .

  Next, the encryption / decryption device according to the second embodiment of the present invention will be described in detail. This encryption / decryption device is characterized in that the plaintext data is encrypted on the transmission side and transmitted to the reception side, and the original plaintext data is obtained by decrypting the encrypted data received on the reception side.

  FIG. 5 is a block diagram showing the configuration of the encryption / decryption device according to the second embodiment of the present invention. As shown in FIG. 5, the encryption / decryption device includes a personal computer 2a on the transmission side, a USB key 1a attached to the personal computer 2a, a personal computer 2b on the reception side, and a USB key attached to the personal computer 2b. 1b, the personal computer 2a, 2b is configured to have the Internet 5 for mutual data communication.

  The USB key 1a on the transmission side has the same configuration and the same function as the USB key 1 shown in FIG. 1, is configured to be detachable from the personal computer 2a, and includes an input / output unit 11a, a USB controller 12a, a memory 13a, and a pseudo random number generator. It has a container 14a. The personal computer 2a on the transmission side has the same configuration and the same function as the personal computer 2 shown in FIG. 1, and includes an input / output unit 21a, a controller 22a, a memory 23a, an XOR 24a, and a transmission unit 25a. 3a and the display part 4a are connected.

  The USB key 1b on the receiving side has the same configuration and the same function as the USB key 1a, is configured to be detachable from the personal computer 2b, and has an input / output unit 11b, a USB controller 12b, a memory 13b, and a pseudo random number generator 14b. Configured. The memory 13b stores the password of the individual who owns the key and the initial value having the same value as the initial value x (0) of the chaos function x (t) generated by the pseudo random number generator 14a on the transmitting side. . The USB controller 12b controls each part, and when the USB key 2b is attached to the personal computer 2b, receives the data size of the encrypted data from the personal computer 2b, and receives the pseudo random number of the chaotic sequence generated by the pseudo random number generator 14b. It transmits to the personal computer 2b as an encryption key.

  The personal computer 2b on the receiving side has substantially the same configuration and the same function as the personal computer 2a. When the USB key 1b is attached, the data size of the encrypted data is transmitted to the USB key 1b and sent from the USB key 1b. Encrypted data is decrypted using pseudo-random chaotic random numbers as encryption keys. The personal computer 2b includes an input / output unit 21b, a controller 22b, a memory 23b, an XOR 24b, and a receiving unit 25b, and an input unit 3b and a display unit 4b are connected to the personal computer 2b.

  The receiving unit 25b receives the encrypted data from the transmission side via the Internet 5, and sends the received encrypted data to the controller 22b and the XOR 24b. When the USB key 1b is attached, the controller 22b receives the attachment signal from the USB key 1b, transmits the number of bytes of the encrypted data to the USB key 1b, and is obtained from the USB key 1b by the pseudo random number generator 14b. Receive pseudo-random number of chaotic sequence. Further, the controller 22b collates the password input from the input unit 3b with the password stored in the USB key 1b, and permits the decryption process when both passwords match. The XOR 24b performs decryption by executing an exclusive OR operation between the pseudorandom numbers of the chaotic sequence from the controller 22b and the plaintext data, and obtains plaintext data that is the decrypted data.

  Next, the operation of the encryption / decryption device configured as described above will be described. FIG. 6 is a diagram for explaining a specific example of encryption and decryption using a pseudo random number as a key. FIG. 7 is a sequence diagram illustrating a decoding process on the receiving side.

  Note that the encryption process by the personal computer 2a on the transmission side and the USB key 1a is the same as each process in the sequence diagram shown in FIG. 4, and therefore the description thereof is omitted here, and the personal computer on the reception side. Only the decryption process using 2b and the USB key 1b will be described.

  First, the encrypted data is transmitted to the receiving personal computer 2b via the Internet 5.

  On the other hand, on the receiving side, the USB key 1b is attached to the personal computer 2b (step S11), and the personal computer 2b is activated (step S12). And a user's password is input from the input part 3b (step S13).

  Next, the personal computer 2b requests a password for the USB key 1b (d11). In the USB key 1b, in response to the password request, the USB controller 12b reads the password from the memory 13b and transmits the password to the personal computer 2b (d12).

  Next, the controller 22b in the personal computer 2b determines whether or not the password input from the input unit 3b matches the password stored in the USB key 1b (step S15). When both passwords do not match, decryption processing is not performed. When both passwords match, decryption processing is permitted and the number of bytes of encrypted data is transmitted to the USB key 1b (d13).

  In the USB key 1b, the pseudo random number generator 14b generates a pseudo random number of a chaotic sequence based on the number of bytes of the received encrypted data, the chaotic function, and the initial value of the chaotic function (step S17). Then, the USB controller 12b transmits the pseudo random number obtained by the pseudo random number generator 14b to the personal computer 2b (d14).

  In the personal computer 2b, the XOR 24b performs decryption by executing an exclusive OR operation between the pseudo random number from the controller 22b and the encrypted data, and obtains plaintext data as decrypted data (step S18). For example, as shown in FIG. 6, if the encrypted data is “111101”, the pseudorandom number as the encryption key is “100100”, and both are XORed, “011001” is obtained as the decrypted data, It becomes the same value as plain text data.

  As described above, according to the encryption / decryption device of the second embodiment, the USB key 1a and the personal computer 2a constitute the encryption device. Therefore, the effect of the encryption device of the first embodiment is Similar effects can be obtained.

  Also, a pseudo random number generator 14b is provided in a USB key 1b that is separate from the personal computer 2b, and only when decryption is performed, the USB key 1b is attached to the personal computer 2b and pseudo random numbers are received from the USB key 1b. It transmits to the personal computer 2b. That is, since the pseudo random number generator 14b is not resident in the personal computer 2b and is built in the USB key body, it becomes difficult for a third party to decipher the chaotic sequence pseudo random number as the encryption key. Further, if the USB key 1b is not provided, it is not possible to see a file made up of data, so that confidentiality can be enhanced.

  In this case, since the same initial value x (0) is given to each of the pseudorandom number generator 14a for encryption on the transmission side and the pseudorandom number generator 14b for decryption on the reception side, The pseudo-random number for decoding and the pseudo-random number for decoding are kept the same. Also, if the exclusive OR between the same pseudorandom numbers is taken for the encrypted data obtained by taking the exclusive OR of some plaintext data and the pseudorandom numbers, the original plaintext data is restored. Using the property of the exclusive OR operation, the encrypted data can be decrypted in synchronism between the transmitting and receiving sides, so that necessary plaintext data can be accurately transmitted to the other party.

  In addition, since the pseudo random number generator 14b is not provided in the personal computer 2b, the processing load on the personal computer 2b can be reduced.

  Furthermore, since the decryption process cannot be performed unless the password on the USB key 1b side matches the password on the personal computer 2b side, the secrecy can be further improved.

  In addition, by changing the initial value x (0), pseudo random numbers of a plurality of types of chaotic sequences can be generated, so that a plurality of types of USB keys 1 can be produced, which can be used in a plurality of groups. Become.

  Next, a communication process between the USB key and the personal computer provided on each of the transmission side and the reception side will be described in detail with reference to the sequence diagram of FIG.

  First, when the personal computer 2 makes a preparation confirmation request to the USB key 1 (d21), the USB key 1 determines its own state (step S21), and ACK (preparation OK) as the determination result. Alternatively, NAK (in other processing or NG) or STALL (some error) is returned to the personal computer 2 (d22).

  Next, the personal computer 2 receives the determination result of the USB key 1, and determines whether the reception result is ACK, NAK, or STALL (step S22). If the reception result is NAK, the process returns to d21. If it is STALL, an error message is displayed (step S23). If it is ACK, key information (data size) is transmitted to the USB key 1. Then, a pseudo random number (PN code) generation request is made (d23).

  On the other hand, in the USB key 1, the pseudo random number generator 14 generates a PN code string of a chaotic sequence based on the data size of the key information, the chaotic function, and the initial value of the chaotic function (step S24). Then, the USB key 1 displays DATA0 / 1 (PN code string data composed of “0” and “1”), NAK (PN code string is being generated), or STALL (some error) depending on the generation state of the PN code string. Return to the personal computer 2 (d24).

  Next, the personal computer 2 receives the determination result of the USB key 1, and determines whether the reception result is DATA0 / 1, NAK, or STALL (step S25). If the reception result is NAK, the process returns to d23. If it is STALL, an error message is displayed (step S26). If DATA0 / 1, a PN code string reception completion notification request is sent to the USB key 1. (D25).

  The USB key 1 confirms the end of generation of the PN code string (step S27), and returns ACK (confirmation of end) or NAK (during some processing) or STALL (some error) to the personal computer 2 depending on the generation state (d26). .

  Next, the personal computer 2 receives the determination result of the USB key 1, and determines whether the reception result is ACK, NAK, or STALL (step S28). If the reception result is NAK, the process returns to d25. If the reception result is STALL, an error message is displayed (step S29). If the reception result is ACK, the process waits for the next instruction, that is, enters an idle state (step S30). .

  As described above, by attaching the USB key 1 to the personal computer 2, communication of the USB port can be performed at the time of encryption and decryption.

(Pseudorandom number generator)
Next, a specific circuit configuration of the pseudo random number generator 14 described above will be described. FIG. 9 is a schematic block diagram of the pseudo random number generator. As shown in FIG. 9, the pseudo-random number generator 14 has a pair of one-input one-output one-dimensional mapping circuits 43 and 51 for generating a chaotic function having nonlinear input / output characteristics, A pair of CMOS switches 45 and 53 that alternately perform opening and closing operations of the output side paths in the one-dimensional mapping circuits 43 and 51, and analog outputs of the one-dimensional mapping circuits 43 and 51 are passed through the CMOS switches 45 and 53, respectively. The chaos generating loop 63 including a pair of feedback loops 47 and 55 that feed back to the input side of the one-dimensional mapping circuits 43 and 51, and the one-dimensional mapping circuits taken out through the CMOS switches 45 and 53, respectively. A pair of AD converters 49 and 57 for digitally converting the analog outputs of 43 and 51, respectively, in a digital signal form An initial value x (0) is a DA converter 65 to analog conversion which is configured to include a CMOS switch 67 for opening and closing operations of the output side path of the DA converter 65 in synchronization with the external clock.

  The pseudo random number generator 14 is configured so that each one-dimensional mapping circuit 43, 51 alternately repeats mapping in accordance with the lapse of the discrete time t (0, 1, 2,...) Engraved by the external clock in the chaos generation loop 63. A binary sequence as a chaotic sequence is output through the AD converters 49 and 57, respectively.

  FIG. 10 shows a circuit diagram in which the pseudo random number generator 14 shown in FIG. 9 is integrated. FIG. 9 and FIG. 10 are drawn so as to correspond to each other, and the same reference numerals are given to the members common to both drawings. With reference to FIG. 10, the internal configuration of each block of the pseudo random number generator 14 shown in FIG. 9 will be referred to.

  Each of the one-dimensional mapping circuits 43 and 51 having an approximately N-shaped input / output characteristic includes six MOS transistors. In FIG. 10, the channel dimension ratio W / L (W represents the width and L represents the length) of each transistor is indicated by a number as a weight. The first stage CMOS inverter provides an increasing function, and the second stage CMOS inverter provides a decreasing function. By combining the inputs and outputs of both CMOS inverters, function synthesis is performed, and as a result, a substantially N-shaped input / output characteristic is obtained.

  The third-stage CMOS inverter receives external adjustment voltages 71 and 73 and distorts the input / output characteristics of the one-dimensional mapping circuits 43 and 51. The voltage values of the external adjustment voltages 71 and 73 may be the same or different from each other. Furthermore, at least one of the external adjustment voltages 71 and 73 may be omitted.

  The external adjustment voltage applied to the input terminals 71 and 73 may be provided by converting a digital code preset by a computer into an analog voltage by a DA converter. In that case, the value of the external adjustment voltage changes stepwise according to the quantization resolution of the DA converter.

  The CMOS switches 45, 53, and 67 are configured by combining a CMOS inverter with a transmission gate in which a PMOS transistor and an NMOS transistor are connected in parallel. The CMOS switch is opened and closed in accordance with control signals applied to the input terminals 75, 77, and 79.

  A reset pulse for giving an initial value is applied to the input terminal 75, and the value of the initial value x (0) is given through the DA converter 65. That is, the initial value x (0) of the internal state of the loop at the discrete time t = 0 is given to the one-dimensional mapping circuit 51 through the DA converter 65 via the CMOS switch 67. For example, in a system employing a DA converter 65 having a 12-bit quantization resolution, 212 = 4096 kinds of initial values x (0) that can be given.

  External clocks (discrete time t) applied to the input terminals 77 and 79 are rectangular waves that do not overlap each other. The maximum clock frequency at this time determines the processing speed of the pseudorandom number generator. This processing speed is determined depending on the internal state determination speed of the one-dimensional mapping circuit. When individual components were breadboarded on a printed circuit board, the clock frequency could be increased to 20 kHz. The one-dimensional mapping circuit is aimed to be formed as a chip as an integrated circuit using standard CMOS integrated circuit technology, but when it is prototyped assuming a minimum dimension = 0.8 μm, It has been confirmed by simulation experiments that it operates at the clock frequency.

  The 1-bit output AD converters 49 and 57 input the outputs of the one-dimensional mapping circuits 43 and 51 through CMOS switches 45 and 53, which are alternately opened and closed in synchronization with an external clock, respectively. A binary code string corresponding to each is output.

More specifically, the AD converters 49 and 57 compare the reference voltage obtained by the voltage division at each of the pair of resistors rA and rB and the output voltage of each one-dimensional mapping circuit 43 and 51 by a comparator. Then, a “0” or “1” signal corresponding to the magnitude relationship between the two is converted and output. From the output terminals 59 and 61, binary code time-series data is alternately extracted as the external clock (discrete time t) advances. The extracted binary code time-series data is random array data in which “0” and “1” are mixed, and the symmetry of the input / output characteristics of the one-dimensional mapping circuits 43 and 51 is kept good. The appearance frequencies of “0” and “1” are substantially equal. At this time, isolated “0” or “1” appears twice as often as “00” and “11”. By obtaining a binary code time series in which both binary code time series alternately extracted from the output terminals 59 and 61 are arranged according to an integrated time series, a pseudorandom number of a chaotic sequence can be generated. it can.

  When we look at the world from a chaos perspective, there are no two things in the world. Also, when focusing on the individual input / output characteristics of a single one-dimensional mapping circuit, it is quite difficult to keep the symmetry completely. Further, it is quite difficult to completely match individual input / output characteristics of each pair of one-dimensional mapping circuits 43 and 51. Moreover, there is no guarantee that the AD converters 49 and 57 perform the same quantization. In order to dispel these various doubts, it can be said that the realization of the pseudo-random number generator in hardware is extremely effective in the sense that the same integrated circuit can be mass-produced through industrial mass production processes.

  Maintaining initial value sensitivity is an extremely important factor in chaos industrial technology. In the present invention, the initial value sensitivity is given through the DA converter 65. That is, between a pair of binary code time series outputs 59 and 61 starting from different initial values, no matter how they are phase-shifted and superimposed, they do not overlap each other. A sufficiently small time series is obtained for both correlation and cross-correlation.

  Now, let Y (t) be a binary code time series in which values taken alternately from the output terminals 59 and 61 are arranged in time series. In order to cut out a periodic sequence from these to obtain a PN signal, for example, in the case of a binary sequence PN signal having a period of 64 bits, Y (0) to Y (63), Y (64) to Y (127),. Cutting out like this is only an example. Assuming that the internal state of chaos is observed until t = 2 16 = 65536, 1024 64-bit binary sequence PN signals are obtained. When the quantization resolution of the DA converter 65 that gives the initial value is 12 bits, the initial value can be given in 212 = 4096 ways, and the number of types of PN signals obtained at this time reaches 4,194,304 ways. .

  However, there is no guarantee that all types of PN signals thus extracted can be used independently. This is because the unpredictability exhibited by the chaotic code sequence as the PN signal greatly depends on individual input / output characteristics of the one-dimensional mapping circuit and parameters such as initial values to be given. Therefore, it is necessary to verify that the degree of correlation is sufficiently small except for the period by examining the auto-correlation and the cross-correlation for the PN signal thus extracted by changing the phase.

  In the pseudo random number generator 14 described above, the symmetry of the individual input / output characteristics of the one-dimensional mapping circuits 43 and 51 is “0” and “1” in the binary time series extracted from the output terminals 59 and 61. Directly affects the output distribution of. In general, in the case of an ideal pseudo-random number, the output distribution ratio of “0” and “1” is equal. When it is desired to operate the pseudo-random number generator 14 in such a manner, the one-dimensional mapping circuit 43 and 51 both have the same input / output characteristics and maintain good symmetry. 43 and 51 may be designed.

  However, the pseudo random number generator as an industrial technology does not necessarily require that the output distribution ratios of “0” and “1” are equal. If the necessary condition that the autocorrelation and cross-correlation are sufficiently small when the phase is shifted is satisfied, the output distribution ratio of “0” and “1” is biased in the ciphertext code of the stream cipher. This is because there is no inconvenience from the viewpoint of encryption confidentiality. In particular, when the design is designed so as to impair the symmetry, when a third party attempts to decrypt the ciphertext code on the assumption that the symmetry is maintained well, the decryption will definitely fail. In the sense that it ends, it can also take the position that the robustness of the cryptographic system is strengthened.

  There is no necessity to make the individual input / output characteristics of the one-dimensional mapping circuits 43 and 51 equivalent. Each of the one-dimensional mapping circuits 43 and 51 can be realized by giving the weight given to each transistor as its own component consciously different. Further, even when the individual input / output characteristics of the circuits 43 and 51 are designed to be equivalent, the input / output characteristics of the respective circuits 43 and 51 can be obtained by giving different external adjustment voltages to the respective circuits 43 and 51 independently. Equivalence can be broken. Furthermore, it may be designed to combine input / output characteristics that are distorted with each other, with the intention of expanding the dynamic range of the mapping.

  In the pseudo random number generator 14 described above, under the assumption that the DA converter and the clock generator are not included in the one-chip implementation, as shown in FIG. 10, a pseudo random number obtained by integrating a sufficiently small integrated circuit into one chip. A generator can be realized. Since the chaos generation loop 63 including the pair of one-dimensional mapping circuits 43 and 51, which is the main part of the pseudorandom number generator 14, is configured by an analog circuit, the DA converter and the clock generator can be configured by a digital circuit. It would be easy to make an integrated circuit including all of them into a single chip.

  Although the CMOS integrated circuit is generally designed and realized in an enhancement mode, the first stage CMOS source follower, which is a component of the one-dimensional mapping circuits 43 and 51 included in the pseudorandom number generator 14, is preferably designed and realized in a depletion mode. . In this way, the weight of the MOS transistor can be designed to be small, and a balanced mask design of the one-dimensional mapping circuit can be realized.

  The parameters including the symmetry of the input / output characteristics of the one-dimensional mapping circuits 43 and 51 and the agreement or mismatch between the input / output characteristics of the pair of one-dimensional mapping circuits 43 and 51 are the initial characteristics peculiar to chaos. Combined with the value sensitivity, the appearance balance of “0” and “1” in the obtained binary sequence is slightly upset. The fluctuation phenomenon peculiar to chaos resulting from such parameter fluctuations can contribute to improving the robustness of the chaos stream cipher.

  Next, the encryption key management apparatus according to the third embodiment of the present invention will be described in detail. FIG. 11 is a block diagram showing the configuration of the encryption key management apparatus according to the third embodiment of the present invention. The encryption key management apparatus shown in FIG. 11 manages the USB key 1c configured to be detachable from the personal computer 2c, and the program in the memory 13c in the USB key 1c can be rewritten from the personal computer 2c. And

  In FIG. 11, the USB key 1 c includes an input / output unit 11, a USB controller 12 c, a memory 13 c, and a pseudo random number generator 14. The memory 13c is an EEPROM, that is, a flash memory, in which information is not erased even when the power is turned off, and writing or erasing is possible. As shown in FIG. 12, the memory 13c includes an application program area AE1 for storing an application program from an address (0000), an initial value, an application password PW1 for permitting use of the application program, and an application program in the application program area AE1. Update password PW2 for indicating whether or not update (hereinafter referred to as update) is permitted and program update for storing the update program in a predetermined length unit (for example, 128 bytes) in the area from address (F800) to address (FFFF) And an area AE2.

  The personal computer 2c includes an input / output unit 21, a controller 22c, a memory 23c, an XOR 24, and a transmission unit 25, and the input unit 3 and the display unit 4 are connected to the personal computer 2c. The personal computer 2c that generates the encrypted data is exemplified as the personal computer, but instead of this, the personal computer 2b shown in FIG. 5 for decrypting the encrypted data may be used.

  The memory 23c has a management program 81 and an update program 82 for managing the memory 1c of the USB key 1c. When updating the application program in the application program area in the memory 13c of the USB key 1c, the controller 22c sends a delete command to the USB key 1c to delete the update password, deletes the updater password, and then updates the update program. Send to the USB key 1c in long units.

  The USB controller 12c in the USB key 1c enters the update mode by deleting the update password, stores the update program from the personal computer 2c in the program update area in units of a predetermined length, and then stores the update program stored in the program update area. Are transferred to the application program area in units of a predetermined length.

  Next, with reference to FIG. 13, a process of rewriting the memory program in the USB key from the personal computer of the encryption key management apparatus according to the third embodiment will be described.

  First, the USB key 1c is attached to the personal computer 2c (step S31), and the personal computer 2c activates the management program 81 when updating the application program in the application program area in the memory of the USB key 1c (step S32). . Then, a delete command for deleting the update password is transmitted to the USB key 1c (d31). Furthermore, the personal computer 2c starts an update program (step S33).

  On the other hand, with the USB key 1c, the USB controller 12c deletes the update password in the memory 13c by the received delete command (step S34) and enters the update mode (step S35). Then, the update mode information is transmitted to the personal computer 2c (d32).

  The personal computer 2c recognizes the update mode based on the received update mode information (step S36), sends a rewrite command to the USB key 1c (d33), and then sends the update program data to the USB key 1c in predetermined bytes. (D34).

  On the other hand, in the USB key 1c, the USB controller 12c writes the update program from the personal computer 2c into the program update area in units of predetermined bytes according to the received rewrite command. At this time, since the update password is also included in the update program, the updater password is also written in the memory 13c (step S37).

  Further, the USB controller 12c moves the update program stored in the program update area to the application program area in units of predetermined bytes (step S38).

  Therefore, the application program in the memory of the USB key 1c can be easily rewritten from the personal computer 2c. Further, since the application program is rewritten depending on the presence or absence of the update password, only a specific person can rewrite the application program.

  In the above, only the rewriting process of the application program has been described. With reference to FIG. 14, the activation of the application program in the memory in the USB key or the activation of the update program will be described.

  First, when the power is turned on (step S41), the USB controller 12c of the USB key 1c determines whether there is an update password in the memory 13c (step S42). The program is started and the process is executed from the address (0000) which is the storage area (step S43). That is, normal processing can be performed by starting an application program.

  On the other hand, when there is no update password, it jumps to the address (F800) which is a storage area (step S44), starts the update program in the program update area, and executes the process from the address (F800) (step S45). That is, the update process can be performed by starting the update program.

  Next, the encryption key management apparatus according to the fourth embodiment of the present invention will be described in detail. FIG. 15 is a block diagram showing the configuration of the encryption key management apparatus according to the fourth embodiment of the present invention. The encryption key management apparatus shown in FIG. 15 manages the USB key 1d configured to be detachable from the personal computer 2d, and the initial value of the chaos function can be registered from the personal computer 2d to the memory 13d in the USB key 1d. It is characterized by that.

  In FIG. 15, the USB key 1 d includes an input / output unit 11, a USB controller 12 d, a memory 13 d, and a pseudo random number generator 14.

  The personal computer 2d includes an input / output unit 21, a controller 22d, and a memory 23d, and the input unit 3 and the display unit 4 are connected to the personal computer 2d. The input unit 3 inputs the product number and initial value of the USB key for each USB key 1d. The controller 22 d stores the product number and initial value of the USB key for each USB key 1 d input from the input unit 3 in the initial value table 83.

  As shown in FIG. 16, the memory 23d has an initial value table 83 that stores the product number of the USB key and the initial value (key ID) of the chaos function in association with each USB key 1d. When the USB key 1d is attached, the controller 22d reads the initial value corresponding to the product number of the USB key 1d from the initial value table 83 and transmits it to the USB key 1d. The USB controller 12d of the USB key 1d stores the initial value sent from the personal computer 2d in the memory 13d.

  Next, an initial value table creation process by a personal computer of the encryption key management apparatus according to the fourth embodiment will be described with reference to FIG.

  First, it is determined whether or not the product number of the USB key 1d has been input (step S51). If the product number of the USB key 1d has been input, the product number of the USB key 1d is stored in the initial value table 83 (step S51). Step S52).

  Next, it is determined whether or not an initial value is input (step S53). If an initial value is input, the initial value is stored in the initial value table 83 (step S54).

  Next, it is determined whether the storage process has been completed for all the USB keys 1d (step S55). If the storage process has not been completed for all the USB keys 1d, the process returns to step S51 and the process is repeatedly executed. To do. By such processing, an initial value table 83 as shown in FIG. 16 can be created, and the created initial value table 83 can manage the initial value for each USB key 1d.

  Next, the initial value registration process from the personal computer 2d of the encryption key management apparatus of the fourth embodiment to the memory 13d of the USB key 1d will be described with reference to FIG.

  First, the personal computer 2d determines whether or not the USB key 1d is attached (step S61). When the USB key 1d is attached, the product number of the USB key 1d is input (step S62).

  Then, the controller 22d reads the initial value corresponding to the input product number of the USB key 1d from the initial value table 83 (step S63), and transmits the read initial value to the USB key 1d (step S64).

  Next, the USB key 1d stores the initial value from the personal computer 2d in the memory 13d (step S65).

  Next, it is determined whether or not the initial value registration process has been completed for all the USB keys 1d (step S66). If the initial value registration process has not been completed for all the USB keys 1d, the process returns to step S61. Repeat the process.

  Therefore, the initial value corresponding to the USB key 1d can be registered in the memory 13d in the USB key 1d for each USB key 1d from the personal computer 2d. Conventionally, the initial value is written in the IC of another chip. However, in the embodiment, the initial value can be written in the flash memory of the CPU.

  Next, the decoding apparatus according to the fifth embodiment of the present invention will be described in detail. FIG. 19 is a block diagram showing the configuration of the decoding apparatus according to the fifth embodiment of the present invention. The decryption device shown in FIG. 19 decrypts encrypted data by using a USB key 1e configured to be detachable from the personal computer 2e. By using a group password as an initial value, the encrypted data is transferred in groups. It is characterized in that the encrypted file can be shared.

  The personal computer 2e includes an input / output unit 21, a controller 22e, a memory 23, an XOR 24, and an encryption file 26, and the input unit 3 and the display unit 4 are connected to the personal computer 2e. As shown in FIG. 20, the encryption file 26 has encryption data in the encryption data area, and an extension as group mode information for representing that a plurality of users can use the encryption data in the header area. (Yzg) and a group ID as a group password unique to a plurality of users who can use the encrypted data.

  The controller 22e determines whether or not the ID input from the input unit 3 matches the group ID stored in the encrypted file 26. If the ID matches, the USB key 1e is used with the group ID as the initial value of the chaos function. The data size of the encrypted data is also transmitted to the USB key 1e. The XOR 24 inputs a chaotic sequence pseudo-random number generated by the pseudo-random number generator 14 as a key, and also inputs encrypted data from the encryption file 26 and decrypts the encrypted data using the pseudo-random number.

  The USB key 1e includes an input / output unit 11, a USB controller 12e, a memory 13, and a pseudo random number generator 14e. The pseudo random number generator 14e generates a pseudo random number of a chaotic sequence based on the data size of the encrypted data from the personal computer 2e, the chaotic function, and the group ID that is the initial value of the chaotic function.

  Next, with reference to FIG. 21, it is necessary to describe the decoding process of the decoding apparatus according to the fifth embodiment.

  First, the controller 22e of the personal computer 2e reads the extension from the encrypted file 26 (step S71), and determines whether the extension is yzg in the group mode (step S72). If the extension is yzg, the group ID of the encrypted file 26 is read (step S73).

  Next, when the group ID is input (step S74), it is determined whether or not the input group ID matches the group ID stored in the encrypted file 26 (step S75). If the group IDs match, the group ID and the data size of the encrypted data are transmitted to the USB key 1e.

  On the other hand, the USB key 1e generates a pseudo random number of the chaotic sequence based on the data size of the encrypted data from the personal computer 2e, the chaotic function, and the group ID that is the initial value of the chaotic function, and the generated pseudo chaotic sequence is simulated. The random number is transmitted as a key to the personal computer 2e.

  The personal computer 2e acquires a pseudo random number from the USB key 1e (step S77), and the XOR 24 decrypts the encrypted data in the encryption file 26 using the pseudo random number from the USB key 1e. That is, the encryption file 26 can be shared by a group of a plurality of users by setting the group ID as the initial value of the chaos function.

  Further, only when the extension yzg which is group mode information is present and the input ID matches the group ID stored in the encrypted file 26, the encrypted file 26 is shared by a group of a plurality of users. be able to. That is, confidentiality can be further improved.

  INDUSTRIAL APPLICABILITY The encryption key management device according to the present invention can be used for an encryption key management device that manages encryption keys that can prevent data on a personal computer from being easily viewed by a third party.

1 is a configuration block diagram illustrating an encryption device according to a first embodiment of the present invention. It is a figure which shows the time-sequential waveform of logistic map chaos. It is a figure explaining the specific example of the encryption using a pseudorandom number as a key. It is a sequence diagram explaining the encryption process in the transmission side. It is a block diagram which shows the encryption / decryption apparatus of 2nd Embodiment which concerns on this invention. It is a figure explaining the specific example of the encryption and decoding using a pseudorandom number as a key. It is a sequence diagram explaining the decoding process in the receiving side. It is a sequence diagram which shows the communication process between a USB key and a personal computer in detail. It is a schematic block diagram of a pseudo random number generator. It is the circuit diagram which integrated the pseudorandom number generator into the integrated circuit. It is a block diagram which shows the encryption key management apparatus of 3rd Embodiment concerning this invention. It is a figure which shows the main structures of the personal computer of the encryption key management apparatus of 3rd Embodiment, and the memory area structure of the memory in a USB key. It is a figure which shows the sequence which rewrites the program of the memory in a USB key from the personal computer of the encryption key management apparatus of 3rd Embodiment. It is a flowchart which shows starting of the application program of the memory in the USB key of the encryption key management apparatus of 3rd Embodiment, or starting of an updater program. It is a block diagram which shows the encryption key management apparatus of 4th Embodiment based on this invention. It is a figure which shows the structure of the initial value table in the personal computer of the encryption key management apparatus of 4th Embodiment concerning this invention. It is a flowchart which shows the creation process of the initial value table by the personal computer of the encryption key management apparatus of 4th Embodiment concerning this invention. It is a flowchart which shows the registration process of the initial value from the personal computer of the encryption key management apparatus of 4th Embodiment concerning this invention to the memory of a USB key. It is a block diagram which shows the decoding apparatus of 5th Embodiment based on this invention. It is a figure which shows the structure of the encryption file in the personal computer of the decryption apparatus of 5th Embodiment concerning this invention. It is a flowchart which shows the decoding process of the decoding apparatus of 5th Embodiment based on this invention.

Explanation of symbols

1, 1a, 1b USB key 2, 2a, 2b Personal computer 3, 3a, 3b Input unit 4, 4a, 4b Display unit 10 Key projection 11, 11, 11b, 21, 21a, 21b Input / output units 12, 12a, 12b USB controller
13, 13a, 13b, 23, 23a, 23b Memory 14, 14a, 14b Pseudo-random number generator 20 Computer groove 22, 22a, 22b Controller 24, 24a, 24b XOR (exclusive OR)
25, 25a Transmission unit 25b Reception unit 26 Encryption file 43, 51 One-dimensional mapping circuit 45, 53, 67 CMOS switch 47, 55 Feedback loop 49, 57 AD converter 59, 61 Output terminal 63 Chaos generation loop 65 DA converter 71 , 73, 75, 77, 79 Input terminal 81 Management program 82 Update program 83 Initial value table

Claims (2)

An encryption key management device that manages an encryption key configured to be detachable from an external device,
The external device is an initial value table that stores an encryption key number and an initial value of a chaos function in association with each encryption key;
A transmission unit that reads out the initial value corresponding to the number of the encryption key from the initial value table and transmits it to the encryption key when the encryption key is attached to the external device;
The encryption key is a memory for storing the initial value from the external device;
A pseudo random number generator for generating a pseudo random number of a chaotic sequence based on the initial value stored in the memory, the data size of the data, and a chaos function;
An encryption key management device comprising:   The external device includes an input unit that inputs the encryption key number and the initial value for each encryption key, and the encryption key number and the initial value that are input by the input unit for the encryption key. The encryption key management apparatus according to claim 1, further comprising a storage control unit that stores the value in a value table.

Images