JP2009141767A - Generation system of encryption key, generation method of encryption key, encryption authentication system, and encrypted communication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an encryption system which has high security and is capable of high-speed communication using a disposable key. <P>SOLUTION: A sender 7-1 and a recipient 7-10 exchange and hold a large prime number YRAN 7-9 in a safe distribution method 7-15, in advance. The sender 7-1 generates and composites a component K(i) of a key by a key generating tool 7-12 (71) from among a plurality of random numbers 7-2 generated by a random number generation tool 7-11 and the large prime number YRAN 7-9, and obtains a key K 7-3. The sender encodes information 7-4 by a common key encryption tool 7-5 to a cryptogram 7-6 using the key, and sends the cryptogram and the random numbers 7-2 to the recipient through a normal communication line. The recipient generates an encryption key by using a key generating tool using the random numbers 7-2 and the large prime number, and decodes the cryptogram to information 7-4 by the decoding tool 7-14 using the key. It is difficult for an eavesdropper to decode the cryptogram, because the large prime number is unknown and the key changes, as random numbers vary each time. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention is based on a common key cryptosystem that can generate and use a disposable key for each communication without using the same key by using a large prime number secretly shared by a sender and a receiver. The present invention relates to an encryption key generation system and method, and an encryption authentication system and an encryption communication system which are performed using the encryption key generation system and method.

(1) Disadvantages of the current technology The encryption methods currently used are roughly classified into a common key encryption method and a public key encryption method.
In the common key method, the encryption key (encryption key, encryption key) and the encrypted text (hereinafter also referred to as ciphertext) are returned to the text before encryption (hereinafter also referred to as plaintext). The keys (decryption key, encryption key) are the same. There are many encryption methods such as DES (Data Encryption Standard), FEAL (Fast Encryption Algorithm), AES (Advanced Encryption Standard), RC4 (Rivest's Cipher 4).
On the other hand, in the public key cryptosystem, the encryption key and the decryption key are paired. However, it is necessary to use two different pairs of keys whose decryption key cannot be easily estimated from the encryption key. It is a feature.

(2) Common key encryption method Detailed explanation of the current common key encryption method (Fig. 1)
The information sender 1-1 shares the encryption tool 1-5 and the decryption tool 1-11 (generally both are software) and uses the key K1-3 generated by the encryption key generation tool 1-2. Pass to recipients 1-10 using secure method 1-7.

  Information sender 1-1 creates information 1-4 (plain text) to send and encrypts information 1-4 to send using encryption tool 1-5 under encryption key K1-3. To generate ciphertext En1-6.

  The sender 1-1 sends this ciphertext En1-6 to the receiver 1-10 using the normal communication path 1-8. Therefore, an eavesdropper 1-9 who tries to decipher the ciphertext 1-6 can freely obtain it.

  The recipient 1-10 of the information who received the ciphertext 1-6 decrypts the obtained ciphertext 1-6 with the decryption tool 1-11 under the common key K1-3 obtained by a secure means. Information is obtained by generating information (plain text) 1-4.

On the other hand, an eavesdropper 1-9 who tries to decrypt cannot decrypt because there is no encryption key K1-3.
In order to estimate the encryption key K1-3, all keys are tried by trial and error by a computer. However, when the size of the encryption key K1-3 increases, it becomes difficult to estimate it within a finite time by a trial and error round-robin method. In current computer technology, a key size of 128 bits or more is sufficient.

(3) Problems with the common key method In the encryption method using the common key, it is necessary to securely pass the common key K1-3 to the receiver 1-10. Furthermore, if the same key is used repeatedly, the possibility of decryption is increased by a brute force method based on trial and error, so it is necessary to change the key periodically. In addition, since the damage caused by the leak of the common key affects everyone, when sharing information in large numbers, it is necessary to securely distribute the key K1-3 to everyone, and everyone must securely store the key securely. However, in reality, it is difficult to achieve secure key distribution and management for multiple users.

(4) Public key cryptosystem (Detailed explanation of RSA cryptosystem, which is currently used public key cryptosystem (Fig. 2))
There is a public key cryptosystem as a new concept cryptosystem for common key cryptography.
In this encryption method, a public key / private key pair is generated, encryption is performed using a public key, and decryption is performed using a secret key. A secret text created with a public encryption key can be decrypted only with a single secret key.

  Therefore, anyone can perform encryption using the public key, but only the recipient who has the secret key of the pair can read the encrypted text. The private key does not need to be disclosed to anyone, and since it is held individually, damage caused by key leaks can be kept to a minimum. There are various public key cryptosystems such as the RSA cryptosystem and the elliptical cryptosystem. The RSA cryptosystem is mainly used at present, and the RSA cryptosystem will be mainly described below with reference to FIG.

  The information recipient 2-10 generates a public key Kp2-2 and a secret key Ks2-8 by using a key generation tool 2-9 of public key encryption (RSA). Furthermore, the recipient 2-10 makes the public key Kp2-2 public. The sender 2-1 who wants to send information 2-3 to the recipient 2-10 obtains the public key Kp2-2 of the recipient 2-10 via the normal communication path 2-6 (for example, an Internet homepage). Then, encrypt the information (plain text) 2-3 that you want to send with Public Key Cryptography Tool (RSA) 2-4 to create cipher text 2-5. The sender 2-1 sends this to the receiver 2-10 using the normal communication path 2-6. An eavesdropper 2-7 who tries to decrypt the cipher can freely obtain the ciphertext 2-5 and the public key Kp2-2.

  Receiving the ciphertext 2-5, the receiver 2-10 decrypts the ciphertext 2-5 under the secret key Ks2-8 using the decryption tool 2-11 and sends it to the sender 2-1 Get the desired information 2-3. On the other hand, since the eavesdropper 2-7 does not have the secret key Ks2-8, the information 2-3 cannot be obtained.

(5) Detailed explanation of RSA public encryption system (Fig. 3)
The actual RSA public encryption method is explained in detail below.
Two large prime numbers (P3-12 and Q3-13) are selected to generate a cryptographic key. The product of both prime numbers P3-12 and Q3-13 is the modulus key N3-11.

Find the least common multiple LCM (P-1, Q-1) 3-14 of (P-1) and (Q-1). Using this LCM (P-1, Q-1) as a modulo, a secret key D3-8 and a public key E3-2 are determined so that E × D becomes 1 (see equation (31)).
E × D (mod LCM (P-1, Q-1)) = 1 ... Formula (31)

  Public key E3-2 and legal key N3-11 are made public. The private key D3-8 is stored securely.

The sender 3-1 of information regards the information 3-3 to be sent as a large numerical value, and the size of the information 3-3 is a plurality of values below the legal key N3-11 TEXT (1)… TEXT (2)… TEXT (i) ( i = 1`m). The following processing is performed for the first TEXT (1).
C (1) = TEXT (1) ^E (mod N)
As a result, C (1) is the first part of the ciphertext. Subsequently, the second and subsequent TEXT (2)... TEXT (m) are processed in the same manner (see equation (32)), and the second and subsequent C (i) are obtained.
C (i) = TEXT (1) ^E (mod N) ... Formula (32) (RSA encryption)

  All of these are connected and transmitted as ciphertext C (1) ... C (i) ... C (m) 3-5. The above processing is performed by the RSA encryption tool 3-4.

Recipient 3-10 performs processing of equation (33) using his private key D3-8 and legal key N3-11, and ciphertext C (1) ... C (i) ... C (m) 3-5 Is converted to plain text TEXT (1)… TEXT (i)… TEXT (m) 3-3.
TEXT (i) = C (i) ^D (mod N) ... Equation (33) (Decryption of RSA encryption)

  An eavesdropper can obtain the ciphertext C (1) ... C (m), the public key E3-2, and the legal key N3-11, but the secret key D3-8 must be estimated from the legal key N3-11 . Therefore, the security of this encryption method depends on whether or not it is easy to perform prime factorization of a large modulus key N3-11.

(6) Problems with public key cryptosystem (RSA cryptosystem)
RSA cryptography uses modulo “power residue” computation, and the difficulty of prime factorization is based on security. This requires a large number of keys. At present, a key size of 1024 bits or 2048 bits has been required to ensure the security of the key. For this reason, it takes a long time to process the encryption, and a normal personal computer takes time in seconds.

(7) Cooperation between common key cryptosystem and public key (RSA) cryptosystem (Figure 4)
High-speed processing, but common key cryptography that has drawbacks in renewal and distribution of encryption keys and public key cryptography that requires a long processing time due to the use of long keys, are used in conjunction with each other to compensate for the shortcomings. As a method for this, a method has been proposed in which only a relatively short common key encryption key (56 bits to 256 bits) is encrypted by a public key encryption method, and large sentences are encrypted by a common key encryption method. According to this method, text and information to be transmitted are encrypted using a common key cryptosystem, and the encryption key used for the text and information is short, so it is encrypted with a public key and distributed.

  As shown in FIG. 4, the sender 4-1 causes the key generation tool 4-14 to generate a disposable key K4-15 used for the common key cryptosystem. Using the generated key K4-15, encrypt the information 4-3 you want to send with the common key encryption tool 4-5 to create the ciphertext 4-16, and send it to the recipient 4-10 with the normal communication line 4-6. Send with.

  Further, the sender 4-1 uses the public key Kp4-2 of the receiver 4-10 and the legal key N4-11 to encrypt the key K4-15 with the disposable key K4-15 public key encryption tool 4-4. Create encrypted ciphertext (encrypted key 4-17) and send it to recipient 4-10 via normal communication line 4-6.

  Recipient 4-10 decrypts received encrypted key 4-17 with his / her private key Ks4-8 using public key (RSA) decryption tool 4-18, and uses disposable encryption key K4-15. obtain. Further, the receiver 4-10 decrypts the ciphertext 4-16 obtained by encrypting the information 4-3 using the common key decryption tool 4-19 under the disposable key K4-15, and sends it from the sender 4-1 Get information 4-3.

  On the other hand, the eavesdropper 4-7 estimates the private key Ks4-8 of the receiver 4-10 from the public key Kp4-2 and the legal key N4-11.

(8) Common key encryption method and public key (RSA) key distribution method using the encryption method (description of FIG. 5)
Several practical proposals using this method have been made. Some of these methods are basically methods for distributing a common key using a public key with the same mechanism. The first proposed Diffie-Hellman (DH) public key distribution method will be described.

  Sharer A5-1 and sharer B5-12 who share the encryption key select a large prime number P5-2 and primitive root α5-13 in advance and make them available to all. An eavesdropper can know this.

In order to share the encryption key K using a normal communication line, the sharer A5-1 randomly selects one of the numbers from 0 to (P-1) smaller than the large prime number P5-2. This is set as Xa5-3, and the public key Ya is generated by calculating with the following calculation formula (51) by the public key calculation tool 5-5.
Ya ＝ α ^Xa mod (P)… (51)

  The calculated Ya is transmitted to the encryption key sharer B5-12 via the normal communication line 5-9. An eavesdropper 5-7 can know this value.

Similarly, the encryption key sharer B5-12 randomly selects any number from 0 to (P-1) smaller than the large prime number P5-2. This is set as Xb5-4, and the public key Yb is generated by calculating with the following calculation formula (53) by the public key calculation tool 5-5.
Yb = α ^Xb mod (P)… (53)

  The calculated Yb is sent to the encryption sharer A5-1 using the normal communication line 5-9. An eavesdropper can know this.

The cryptographic sharer A5-1 who has received Yb uses the common key generation tool 5-10 to generate the shared key K5-8 using the following calculation formula (52).
K = Yb ^Xa mod (P)… (52)

Upon receiving Ya, the cryptographic sharer B5-12 generates a shared key K5-8 using the following calculation formula (54) by the common key generation tool 5-10.
K = Ya ^Xb mod (P)… (54)

  An eavesdropper 5-8 who does not know Xa and Xb needs to estimate these, but if the prime number is sufficiently large, enormous calculation is required to perform the estimation.

  In the above technique, it is common to use a public key (RSA) cryptosystem in order to exchange keys securely. However, RSA encryption is difficult to adopt in online systems that require computation time and high speed.

In particular, in cryptographic communication using mutual authentication performed between a wireless card reader and a controller, the time allocated for encryption is about several milliseconds to 10 milliseconds, and the key distribution method using the RSA method is difficult to put into practical use. It was.
Therefore, when performing high-speed communication, a mutual authentication method using a common encryption method is used as described below.

(9) Mutual authentication of common key method (Fig. 6)
In advance, two common keys (Ka and Kb) 6-3 are distributed by a secure method 6-19 and stored in the controller 6-1 and the card reader 6-17, respectively.

  The controller 6-1 generates an authentication random number 6-2 for authenticating the card reader 6-17 by the random number generation tool 6-21, and encrypts this using the encryption tool under the common encryption key Ka6-3. Encrypt using 6-4. The encrypted random number 6-5 (encrypted random number) is transmitted to the card reader 6-17 using the normal communication line 6-6.

  The card reader 6-17 decrypts the received encrypted random number 6-5 using the decryption tool 6-20 under the common key Ka6-3. The decrypted random number 6-7 is encrypted again using the encryption tool 6-4 under the encryption key Kb6-3. Further, the card reader 6-17 transmits the encrypted random number 6-8 to the controller 6-1 through a normal communication line 6-6.

  The controller 6-1 decrypts the received encrypted random number 6-8 using the decryption tool 6-20 under the encryption key Kb6-3 to obtain a decrypted random number 6-9. For authentication of the card reader 6-17, the controller 6-1 authenticates the card reader 6-17 using a card reader authentication tool 6-10. This authentication method is determined based on whether or not the decrypted random number 6-9 matches the original authentication random number 6-2. If they match, it is authenticated that the card reader 6-17 shares the common keys Ka and Kb 6-3.

  In order to authenticate the controller 6-1, the card reader 6-17 newly generates a random number for authentication 6-11 by the random number generation tool 6-21 and uses the encryption tool 6 under the common key Ka6-3. -4 is used to encrypt the random number 6-11 to create an encrypted random number 6-12, which is transmitted through the normal communication line 6-6.

  Receiving the encrypted random number 6-12, the controller 6-1 decrypts this using the decryption tool 6-20 under the common key Ka6-3, and generates a decrypted random number 6-13. Further, the controller 6-1 encrypts the decrypted random number 6-13 using the encryption tool 6-4 under the encryption key Kb6-3 to generate the encrypted random number 6-14, and the normal communication line 6 -6 to return to card reader 6-17.

  Receiving this, the card reader 6-17 decrypts the encrypted random number 6-14 using the decryption tool 6-20 under the encryption key Kb6-3 to obtain a decrypted random number 6-15. The card reader 6-17 determines whether or not the decrypted random number 6-15 matches the random number 6-11 with the authentication tool 6-16, and authenticates the controller 6-1.

  The disadvantage of mutual authentication using the common key method described with reference to FIG. 6 is that the key Ka / Kb6-3 is repeatedly used, so that an eavesdropper 6-18 obtains an unlimited number of ciphertexts created with the same key. Therefore, the key can be easily deciphered and the security is lowered. In order to prevent this, it is necessary to change the encryption key frequently in this method.

  Therefore, the present invention uses a common key cryptosystem that does not use the same key but uses a single-use key and performs secure key distribution at a minimum, thereby providing a high security and high-speed communication encryption system (encryption). An object of the present invention is to provide a key generation system and generation method), and an encryption authentication system and an encryption communication system to which this is applied.

  The system for generating an encryption key according to claim 1 includes means for holding a relatively large prime number secretly shared by a sender and a receiver, and a random number generating means for generating a plurality of relatively small random numbers. And key generation means for generating an encryption key by combining a plurality of remainders obtained by dividing the large prime number by the plurality of small prime numbers.

  The system for generating an encryption key according to claim 2 includes means for holding a relatively large prime number secretly shared by the sender and the receiver, and the sender and receiver secretly exceeding the large prime number. A bit pointer by combining a large random number sharing unit, a random number generating unit for generating a plurality of relatively small random numbers, and a plurality of remainders obtained by dividing the large prime numbers by the plurality of small prime numbers, respectively. And a key generation means for generating an encryption key by extracting a plurality of numbers from the large random number using the bit pointer and combining them.

  An encryption key generation system according to claim 3 is the encryption key generation system according to claim 1 or 2, wherein one of the large prime number and the large random number as a key space is obtained by an encryption instruction. It is characterized by encryption.

  The method for generating an encryption key according to claim 4, wherein the sender and the receiver secretly share a relatively large prime number, generate a plurality of relatively small random numbers, and generate the large prime number as the plurality of small A cryptographic key is generated by combining a plurality of remainders obtained by dividing each by a prime number.

  In the method for generating an encryption key according to claim 5, the sender and the receiver secretly share a relatively large prime number and a random number larger than the large prime number, and generate a plurality of relatively small random numbers. A bit pointer is generated by combining a plurality of remainders obtained by dividing the large prime number by the plurality of small prime numbers, and a plurality of numbers are extracted from the large random number by the bit pointer and combined to generate an encryption key. It is characterized by occurring.

  An encryption key generation method according to claim 6 is the encryption key generation method according to claim 4 or 5, wherein one of the large prime number and the large random number as a key space is obtained by an encryption instruction. It is characterized by encryption.

The encryption authentication system according to claim 7 is:
In an encryption authentication system used for mutual authentication in two communication subjects that communicate with each other after authenticating each other,
Means for maintaining a relatively large prime number secretly shared by two communicating entities;
Random number generating means for generating a random number for authentication and a plurality of relatively small random numbers transmitted to the other party;
Key generation means for generating an encryption key by combining a plurality of remainders obtained by dividing the large prime number by the plurality of small prime numbers, respectively.
An encryption means for making the authentication random number an encrypted random number by the encryption key;
After the encrypted random number sent to the other party is decrypted, it is encrypted with the other party's encryption key, and the other party's encrypted random number sent from the other party is used when the other party's encryption key is generated. Decryption means for decrypting with the other party's encryption key generated by the key generation means using a plurality of small prime numbers transmitted from the other party;
Authentication for authenticating the other party as a legitimate counterpart who shares the large prime number when the random number obtained by decrypting the other party's encrypted random number matches the random number for authentication generated by the random number generating means. Means,
It is characterized by comprising.

The encryption authentication system according to claim 8 is:
In an encryption authentication system used for mutual authentication in two communication subjects that communicate with each other after authenticating each other,
Means for maintaining a relatively large prime number secretly shared by two communicating entities;
Means for holding a large random number that is secretly shared by two communicating entities larger than the large prime number;
Random number generating means for generating a random number for authentication and a plurality of relatively small random numbers transmitted to the other party;
A bit pointer is generated by combining a plurality of remainders obtained by dividing the large prime number by the plurality of small prime numbers, and an encryption key is generated by extracting and combining a plurality of numbers from the large random number using the bit pointer Key generation means for
An encryption means for making the authentication random number an encrypted random number by the encryption key;
After the encrypted random number sent to the other party is decrypted, it is encrypted with the other party's encryption key, and the other party's encrypted random number sent from the other party is used when the other party's encryption key is generated. Decryption means for decrypting with the other party's encryption key generated by the key generation means using a plurality of small prime numbers transmitted from the other party;
When the random number obtained by decrypting the encrypted random number of the other party by the decryption means matches the authentication random number generated by the random number generating means, the other party is a legitimate counterpart sharing the large prime number and the large random number. Authentication means for authenticating as,
It is characterized by comprising.

  The encryption authentication system according to claim 9 is the encryption authentication system according to claim 7 or 8, wherein one of the large prime number and the large random number as a key space is encrypted by an encryption instruction. It is characterized by doing.

An encrypted communication system according to claim 10 is an encrypted communication system using the encryption authentication system according to any one of claims 7 to 9,
After each of the two communication entities authenticates each other as a legitimate partner, in each of the communication entities, the information to be sent to the other party is converted into encrypted information by the encryption means using the encryption key. It is characterized by transmitting.

  According to the encryption key generation system described in claim 1 or the encryption key generation method described in claim 4, an eavesdropper obtains a ciphertext and a plurality of small random numbers transmitted on a normal communication line. However, since a large prime number cannot be obtained, the encryption key can only be estimated by a brute force method for decryption. However, in the present invention, since the size of the prime number that becomes the key space is large, and a small random number changes every time communication is performed, the key is changed. The encryption key generation system and method according to the present invention are extremely secure. Further, the generation of the encryption key according to the present invention can be performed in such a short time that the real time can be ignored.

  According to the encryption key generation system described in claim 2 or the encryption key generation method described in claim 5, an eavesdropper obtains a ciphertext and a plurality of small random numbers transmitted on a normal communication line. However, since a large prime number and a large random number cannot be obtained, the encryption key can only be estimated by a brute force method for decryption. However, in the present invention, the size of the prime number that becomes the space of the bit pointer is large, the size of the large random number that becomes the key space is larger, and the key is changed by changing the small random number every time communication is performed. It is extremely difficult for an eavesdropper to estimate an encryption key using the brute force method. For example, when a large random number reaches several thousand to several tens of thousands of bits, it cannot be decrypted. On the other hand, a recipient who knows a large random number and a bit pointer can generate an encryption key in a very short time (for example, several milliseconds or less). As described above, the encryption key generation system and method according to the present invention that generates an encryption key by extracting and combining a part of extremely large random numbers is extremely secure because it cannot be estimated, and the key generation is also possible. Can be done in such a short time that real time can be ignored.

  According to the encryption key generation system described in claim 3 or the encryption key generation method described in claim 6, in the encryption key generation system and method described above, a large prime number and a large random number as a key space Any one of these can be encrypted by an encryption command and rewritten to another prime number or random number, so that the security as an encryption method is further enhanced.

  According to the encryption authentication system according to any one of claims 7 to 10, for example, in the mutual authentication before the communication between the controller and the card reader, the encryption key generation system or method according to any one of claims 1 to 6. , Encrypts a random number for authentication generated on each side and sends it to the other side, decrypts it on the other side, encrypts it again, sends it to the other side, and decrypts it on one side If it matches with the first authentication random number, it can authenticate that the other side has a legitimate title, and the other side can also perform authentication by executing the same procedure for one side. . This authentication operation is extremely secure, as in the above-described encryption key generation system or method, and can be performed in such a short time that real time can be ignored.

  Embodiments of an encryption key generation system and method, an encryption authentication system, and an encryption communication system according to the present invention, which are considered best at the time of application, will be described below with reference to the drawings. Naturally, the technical scope of the present invention is not limited only to these embodiments, but includes the concept of the claims described by way of example of the disclosed embodiment as long as it is included in the concept of the present invention. The present invention extends to a configuration obtained by combining some or all of the embodiments.

1. First embodiment (FIG. 7)
<< Encryption System and Method Using Encryption Key Generation System and Method >>
Sender 7-1 (which also means the sender's encryption system) and Recipient 7-10 (which also means the receiver's encryption system) are large prime numbers with a secure delivery method 7-15 in advance Replace YRAN7-9 and hold each with holding means.

  The sender 7-1 generates a plurality of random numbers (xRAN (i), i = 1` n) 7-2 using a random number generation tool 7-11 as a random number generation means. At that time, the size of the encryption key used in the common key encryption method is divided by the number of generated random numbers n to determine the size of one random number. For example, when a 256-bit key is used for encryption, if the number of random numbers n is 16, the size of the random numbers is 16 bits or less.

Key component K using Eq. (71) from large prime YRAN7-9 and small multiple random numbers (xRAN (i), i = 1` n) 7-2 by key generation tool 7-12 as key generation means (i), i = 1` n is generated.
K (i) = YRANmod (xRAN (i)), i = 1` n (71)

  The obtained key elements are combined into an encryption key (also simply referred to as a key or a disposable encryption key K (i), i = 1`n) 7-3. Using this key 7-3, the information 7-4 to be sent is encrypted by the common key encryption tool 7-5 to obtain the ciphertext 7-6. The ciphertext 7-6 and the random number 7-2 are sent to the receiver 7-10 through the normal communication line 7-7.

  The recipient 7-10 uses the received random number (xRAN (i), i = 1`n) and the large prime number YRAN7-9 to generate the encryption key K (i), i = 1` n is generated, and these are combined to generate a single-use encryption key (K (i), i = 1` n) 7-3 encryption key, and the received ciphertext 7-6 is under this key. Then, decryption is performed using decryption tool 7-14 to obtain information 7-4.

  The eavesdropper 7-8 can obtain the ciphertext 7-6 and the random number 7-2, but since there is no large prime number YRAN7-9, the encryption key K (i), i = 1` n is a brute force method. There is no choice but to estimate. This estimation is extremely difficult because the random number changes every time and the key is changed. That is, the encryption system according to the key generation system and method of this example is very secure.

  Furthermore, in this example, if the key size is changed by changing the size or number of a plurality of random numbers, the security is further enhanced. Furthermore, as described in detail in the fourth embodiment, by adding command information for rewriting the key space to a part of a plurality of random numbers, the large prime number 7-9 can be changed to a different prime number for each communication. It is possible, and it is possible to increase the security and allow flexible handling as an encryption key.

2. Second Embodiment (FIG. 8)
<< Encryption System and Method Using Encryption Key Generation System and Method >>
This system and method is based on a large prime number YRAN8-9 and a plurality of random numbers 8-2 (xRAN (i), i = 1`n) generated for each communication. A bit pointer (bit address) of ZRAN8-14 is created, and a part of a large random number is taken out from the position and used as a key component (K (i), i = 1`n).

  The sender 8-1 distributes a large prime number YRAN8-9 and a random number ZRAN8-14 much larger than the large prime number YRAN8-9 in advance by the secure distribution method 8-16, and shares them with the holding means.

  When transmitting information 8-4, the sender 8-1 generates a plurality of random numbers 8-2 (xRAN (i), i = 1`n) from the random number generation tool 8-11 as a random number generation means. . Using the key generation tool 8-12 as a key generation means, the disposable encryption key K8-3 is obtained from the random number 8-2 (xRAN (i), i = 1`n) and the large prime numbers YRAN8-9 and ZRAN8-14. Generate.

  An example of the key generation will be described more specifically. First, the remainder is obtained with Kadd (i) = YRANmod (xRAN (i), i = 1`n), and the value Kadd (i), i = 1`n is regarded as a bit pointer of ZRAN8-14, and the bit A required number of ZRAN bit values are extracted from the position indicated by the pointer, and the extracted bit values are combined to form a disposable key K8-3.

  The information 8-4 to be sent is encrypted by the encryption tool 8-5 under the disposable key K8-3 to create encrypted information 8-6. The sender 8-1 sends the encrypted information 8-6 and a plurality of random numbers 8-2 to the receiver 8-10 through the normal communication line 8-7.

  The recipient 8-10 receives the disposable encryption key K8-3 from the received multiple random numbers 8-2, the large prime number YRAN8-9, and the large random number 8-14 with the same key generation tool 8-12 as the sender 8-1. And decrypting the encrypted information 8-6 using the decryption tool 8-15 to obtain information 8-4.

  An eavesdropper can obtain a plurality of random numbers xRAN8-2 and encrypted information 8-6, but does not know the large prime number YRAN8-9 and the large random number ZRAN8-14, so it must be estimated. However, such estimation is impossible when a large random number ZRAN is several thousand to several tens of thousands of bits. However, the recipient 8-10 who knows the large random number ZRAN and the bit pointer can generate the encryption key K8-3 in a very short time (several milliseconds or less).

  Thus, by generating a cryptographic key K by extracting and combining a part of an extremely large random number ZRAN, it becomes possible to generate a key that cannot be estimated at high speed.

3. Third Embodiment (FIGS. 9 and 10)
<< Encryption authentication system and encryption communication system for mutual authentication >>
The present embodiment relates to an encryption authentication system and an encryption communication system for mutual authentication applied to the controller 9-1 and the card reader 9-20 as shown in FIG. 9 and FIG. The application range of the example is not limited only to the controller and the card reader, but can be widely applied when it is necessary to authenticate a communication partner between a plurality of communication subjects that communicate with each other.

(1) Authentication procedure (Fig. 9)
As shown in FIG. 9, the controller 9-1 that is one communication entity and the card reader 9-20 that is the other communication entity are a large prime number YRAN9-2 and a random number ZRAN9-3 that is much larger than the prime number YRAN9-2. Are shared in advance and each is held by holding means.

  Controller 9-1 authenticates card reader 9-20 when card reader 9-20 requests transmission of information 9-22. At the same time, card reader 9-20 also authenticates controller 9-1. Thereafter, the encrypted information is transmitted.

  First, the controller 9-1 generates a plurality of random numbers x1RAN (i), i = 1` n using a random number generation tool 9-4 as a random number generation means. At the same time, a random number t1RAN9-6 (hereinafter also referred to as an authentication random number) of an appropriate size for authenticating the card reader 9-20 is generated. Disposable encryption key from multiple random numbers (x1RAN (i), i = 1` n) 9-5, large prime number YRAN9-2, and large random number ZRAN9-3 with encryption key generation tool 9-7 as key generation means Generate Ka9-8.

  Under this disposable encryption key Ka9-8, the encryption random number 9-6 is encrypted using the encryption tool 9-9 to generate an encrypted random number E1RAN9-10.

  The controller 9-1 transmits the encrypted random number E1RAN9-10 and a plurality of random numbers (x1RAN (i), i = 1`n) 9-5 to the card reader 9-20 through the normal communication line 9-21. . Upon receiving these, the card reader 9-20 is disposable from the key generation tool 9-7 using a plurality of random numbers (x1RAN (i), i = 1`n) 9-5 in the same manner as the controller 9-1. Generate the key Ka9-8.

  Further, the card reader 9-20 decrypts the encrypted random number 9-10 using the decryption tool 9-11 under the disposable key Ka9-8 to obtain an authentication random number t1RAN9-6.

  Next, the card reader 9-20 generates a plurality of new random numbers (x2RAN (i), i = 1`n) 9-12 using the random number generation tool 9-4, and the large prime number YRAN9-2 The single-use encryption key Kb9-15 is generated from the large random number ZRAN9-3 by the encryption key generation tool 9-7.

  Under the disposable encryption key Kb9-15, the encrypted random number t1RAN9-6 is encrypted using the encryption tool 9-9 to create an encrypted random number E2RAN9-16.

  The card reader 9-20 generates a controller authentication random number t2RAN9-14 by the random number generation tool 9-4 to authenticate the controller 9-1 and encrypts it under the disposable encryption key Kb9-15. Using the tool 9-9, the controller authentication random number t2RAN9-14 is encrypted to generate an encrypted random number E3RAN9-17.

  The card reader 9-20 includes a plurality of random numbers x2RAN9-12, an encrypted random number E2RAN9-16 that decrypts the encrypted authentication random number sent from the controller 9-1, and the controller 9 In order to authenticate −1, an encrypted random number 9-17 obtained by encrypting an authentication random number generated by the card reader 9-20 is transmitted using a normal communication line 9-21.

  The controller 9-1 generates a disposable encryption key Kb9-15 from the received plurality of random numbers x2RAN9-12, the large prime number YRAN9-2, and the large random number ZRAN9-3 by the encryption key generation tool 9-7. Under the generated disposable encryption key Kb9-15, the encrypted random number E2RAN9-16 and the encrypted random number 9-17 are decrypted by the decryption tool 9-11, and the decrypted random number t1RAN9-6 and the authentication random number t2RAN 9- Get 14.

  The controller 9-1 uses the authentication tool 9-13 to confirm that the decrypted random number t1RAN9-6 matches the card reader authentication random number t1RAN9-6 that was first generated. 20 authenticates that it shares the same prime YRAN9-2 and random number ZRAN9-3.

  The controller 9-1 that has authenticated the card reader 9-20 encrypts the decrypted authentication random number t2RAN9-14 with the encryption tool 9-9 under the disposable encryption key Ka9-8 and encrypts the random number E4RAN9- 18 is generated and transmitted to the card reader 9-20 through the normal communication line 9-21.

  Upon receiving the encrypted random number E4RAN9-18, the card reader 9-20 decrypts it with the decryption tool 9-11 under the encryption key Ka9-8 to obtain the authentication random number t2RAN9-14. Using the authentication tool 9-13, the card reader 9-20 performs authentication by confirming that the authentication random number t2RAN9-14 matches the previously generated controller authentication random number t2RAN9-14. .

(2) Information communication (Figure 10)
Exchange information after mutual authentication is complete.
As shown in FIG. 10, the controller 9-1 encrypts the information (inf1) 9-22 by the encryption tool 9-9 using the disposable encryption key Ka9-8 and encrypts the information (E1inf) 9-23. Is transmitted to the card reader 9-20 through the communication line 9-21.

  Receiving this, the card reader 9-20 decrypts the encrypted information (E1inf) 9-23 with the decryption tool 9-11 under the disposable encryption key Ka9-8 to obtain information 9-22.

  The card reader 9-1 encrypts the information (inf2) 9-24 with the encryption tool 9-9 under the disposable key Kb9-15 to generate encrypted information (E2inf) 9-25. It is sent to the controller 9-1 via the normal communication line 9-21.

  Receiving this, the controller 9-1 decrypts the encrypted information (E2inf) 9-25 with the decryption tool 9-11 under the disposable encryption key Kb9-15 to obtain information 9-24.

  According to this example, a key can be changed at high speed by generating a random number for each communication, and secure authentication and information communication can be performed with different encryption keys each time.

  In this example, as in the second embodiment, a plurality of random numbers, a large prime number, and a larger random number are used to generate a key. Encrypted. However, the key can also be generated using a plurality of random numbers and a large prime number as in the first embodiment.

4). Fourth Embodiment (FIG. 11)
<< Encryption Authentication System and Key Space Rewriting System and Method in Encrypted Communication System >>
This example is an embodiment relating to rewriting of a key space.
The controller 10-1 and the card reader 10-10 share a large prime number YRAN10-2 and a random number ZRAN10-3 larger than the large prime number YRAN in the secure distribution line 10-11, and hold them respectively by holding means.

  The controller 10-1 generates a plurality of random numbers (xRAN (i), i = 1`n) 10-5 using a random number generation tool 10-4 as a random number generation means, together with an instruction code 10-6. The data is sent to the card reader 10-10 using a normal communication line.

  The card reader 10-10 that receives the instruction code 10-6 and the plurality of random numbers 10-5 uses the key generation tool 10-7 from the plurality of random numbers 10-5, the large prime number YRAN10-2, and the large random number ZRAN10-3. The disposable key 10-8 is generated. The instruction code 10-6 is executed using the disposable key 10-8. This instruction code 10-6 is an instruction for encrypting a large random number ZRAN10-3 with the encryption tool 10-9 under the disposable key 10-8. When the encryption is completed and the encrypted random number EZRAN10-14 is obtained, the card reader 10-10 returns an instruction code 10-15 to the controller 10-1.

  Upon receiving this instruction code 10-15, the controller 10-1 generates a key from a plurality of random numbers (xRAN (i), i = 1`n) 10-5, a large prime number YRAN10-2, and a large random number ZRAN10-3. A disposable key 10-8 is generated using the tool 10-7. A large random number ZRAN10-3 is encrypted under the disposable key 10-8 to obtain an encrypted random number EZRAN10-14. Thereafter, a disposable encryption key is generated using the encrypted random number EZRAN10-14 instead of the random number ZRAN10-3.

5). Specific Effects of Each Embodiment In the embodiments of the present invention, the time required to generate a key by variously changing a large prime number YRAN was measured.

  Even if a large prime number of 1024 bits is used, a key can be generated in 1 millisecond or less and the mutual authentication can be completed in about 5 milliseconds. Such high-speed key generation cannot be achieved by key distribution using a public key (RSA encryption) and a common key. In authentication between a controller and a card reader, a plurality of card readers are connected to the controller. Therefore, if authentication takes time, card readers that can be connected to the controller are limited, and use of the card is restricted. However, in this example, since the real time of key generation can be ignored, a plurality of card readers can be connected to the controller as in the case where there is no encryption or mutual authentication.

  Further, if the key size is changed by changing the size of a plurality of random numbers, the security is further enhanced. In addition, it is possible to encrypt a large prime number or a large random number into another different random number by adding information including an instruction to rewrite the key space to a part of a plurality of random numbers. It becomes possible.

6). Definition of terms in this specification Cryptography: The conversion of information so that only the parties understand the meaning of the information.
Plaintext: Original information, encrypted text before encryption (ciphertext): Information encrypted by converting plaintext not to be understood by a third party: Making plaintext from plaintext.
Decryption: Making plaintext from plaintext.
Encryption key: Parameters required for encryption. In some cases, the encryption key and the decryption key are the same. Also, depending on the encryption method, there may be no key.
Decryption key: A parameter required for decryption. In some cases, the encryption key and the decryption key are the same. Also, depending on the encryption method, there may be no key.
Encryption key: Also called encryption key, decryption key, and key.
Plaintext space: Collective ciphertext space of the entire plaintext: Collective keyspace of the entire ciphertext: Collective attack of the entire key: The act of searching for the key used for encryption. Also called deciphering.
Decryption: The third party decrypts the ciphertext.
Wiretapping: A third party intercepts communications.
Common key: A key used for both encryption and decryption. The encryption method using the same key is called a common key encryption method.
Public key: Encryption key used for encryption with public key encryption. Also called encryption key. It is paired with the private key that the decryption side has. Since the decryption side discloses its own encryption key in advance, it is called a public key.
Private key: A key used for decryption in public key cryptography. Since only the decryption side has this key and keeps it secret, it is called a secret key. It is necessary to employ an encryption method in which it is practically difficult to guess the secret key from the public key.
DES: (Data Encryption Standard):
FEAL: (Fast Encryption Algorithm):
AES: (Advanced Encryption Standard):
RC4: (Rivest's Cipher 4):
RSA cipher: A public key cipher devised by Rivest, Shamir, and Adleman.

It is explanatory drawing of a common key encryption system. It is explanatory drawing of a public key encryption system (RSA encryption system). It is further detailed explanatory drawing of a public key encryption system (RSA encryption system). It is explanatory drawing of the encryption system which made the common key encryption system and the public key encryption system (RSA encryption system) cooperate. It is explanatory drawing of the delivery method of the key using a common key encryption system and a public key encryption system (RSA encryption system). It is explanatory drawing of the mutual authentication system using a common key encryption system. It is explanatory drawing of the system and method of 1st Embodiment of this invention. It is explanatory drawing of the system and method of 2nd Embodiment of this invention. It is explanatory drawing of the encryption authentication system and method in 3rd Embodiment of this invention. It is explanatory drawing of the encryption communication system and method in 3rd Embodiment of this invention. It is explanatory drawing of the system and method of 4th Embodiment of this invention.

Explanation of symbols

Explanation of reference numerals in FIG.
7-1: Sender of information 7-4
7-2: Multiple (n) random numbers (xRAN (i), i = 1 to n)
7-3: Disposable encryption key
7-4: Information you want to send (plain text)
7-5 ： Common key encryption tool
7-6: Ciphertext. The information (plain text) 7-4 encrypted using the common key encryption tool 7-5 under the disposable key K (i), i = 1 to n.
7-7: Normal communication line
7-8: Eavesdropper
7-9: Large prime number YRAN
7-10: Recipient
7-11: Random number generator
7-12: Key generation tool. A key is generated by joining the results calculated in (71).
K (i) = YRANmod (xRAN (i)), i = 1 to n (71)
7-14: Decryption tool
7-15: Safe delivery method

Explanation of reference numerals in FIG.
8-1: Sender of information 8-4
8-2: Multiple random numbers (xRAN (i), i = 1 to n)
8-3: Disposable encryption key
8-4: Information you want to send (plain text)
8-5: Encryption tool
8-6: Ciphertext; information (plaintext) 8-4 encrypted using encryption tool 8-5 under the single-use encryption key K.
8-7: Normal communication line
8-8: Eavesdropper
8-9: Large prime number YRAN
8-10: Recipient
8-11: Random number generator
8-12: Key generation tool. Calculation is performed using Equation (81).
K (i) = YRANmod (xRAN (i)) i = 1 to n (81)
8-14: Random number group ZRAN larger than YRAN
8-15: Decryption tool
8-16: Safe delivery method

Explanation of reference numerals in FIG.
9-1: Controller
9-2: Large prime number YRAN
9-3: random number ZRAN much larger than prime YRAN 9-2
9-4: Random number generation tool in controller 9-1 and card reader 9-20
9-5: Random number group x1RAN generated by the random number generator tool 9-4
9-6 ： Authentication random number t1RAN for authenticating the card reader generated by the random number generation tool 9-4 by the controller
9-7: The encryption key Ka is generated using the encryption key generation tool in the controller 9-1 and the card reader 9-20, the random number group x1RAN, the prime number YRAN, and the large random number ZRAN.
9-8: Disposable encryption key Ka generated by encryption key generation tool 9-7 in Controller 9-1
9-9: Encryption tool in controller 9-1 and card reader 9-20
9-10: An encrypted random number (E1RAN) in which the controller 9-1 encrypts the authentication random number t1RAN using the encryption tool 9-9 under the disposable encryption key Ka9-8.
9-11: It has a function for restoring the encrypted text using the decryption tool and the encryption tool 9-9 in the controller 9-1 and the card reader 9-20.
9-12: Random number group x2RAN newly generated by the card reader 9-20
9-13: Authentication tool in controller 9-1 and card reader 9-20
9-14: Authentication random number t2RAN generated by card reader 9-20 to authenticate the controller using random number generation tool 9-4
9-15: Large prime number YRAN9-2, larger random number ZRAN9-3 and random number group x2RAN in card reader 9-20
The disposable key Kb generated by the encryption key generation tool 9-7 using 9-5
9-16: A random number (E2RAN) obtained by encrypting the card reader authentication random number t1RAN9-6 with the encryption tool 9-9 under the disposable encryption key Kb9-15 by the card reader 9-20.
9-17: A random number (E3RAN) obtained by the card reader encrypting the controller authentication random number t2RAN9-14 with the encryption tool 9-8 under the disposable encryption key Kb9-15.
9-18: A random number obtained by encrypting the controller authentication random number t2RAN9-14 decrypted by the controller using the encryption tool 9-9 under the disposable encryption key Ka9-8. (E4RAN)
9-19: Safe delivery method
9-20: Card reader
9-21: Normal communication line
9-22: Information inf1 sent by controller 9-1
9-23: Encryption information E1inf obtained by encrypting the information 9-22 sent by the controller in the controller 9-1 with the encryption tool 9-9 under the disposable encryption key Ka9-8.
9-24: Information inf2 sent by card reader
9-25: Encryption information E2inf obtained by encrypting the information 9-24 sent by the card reader in the card reader with the encryption tool 9-9 under the disposable encryption key Kb9-15.
9-26: Eavesdropper

Explanation of reference numerals in FIGS. 10 and 11
10-1: Controller
10-2: Large prime number YRAN
10-3: Random number ZRAN larger than YRAN
10-4: Random number generator
10-5: Multiple random numbers xRAN (i), i = 1 to n
10-6: Command code (key space ZRAN encryption command for card reader)
10-7: Key generation tool
10-8: Disposable key
10-9: Encryption tool
10-10: Card reader
10-11: Safe delivery line
10-12: Normal communication line
10-13: Eavesdropper
10-14: Encrypted random number (Large random number ZRAN encrypted under disposable key 10-8)
10-15: Instruction code (encryption instruction of key space ZRAN for the controller)

Claims (10)

Means for holding a relatively large prime number secretly shared by the sender and receiver, a random number generating means for generating a plurality of relatively small random numbers, and dividing the large prime number by the plurality of small prime numbers. And a key generation means for generating an encryption key by combining a plurality of remainders obtained in this manner. Means for holding a relatively large prime number secretly shared by the sender and receiver, and means for holding a large random number secretly shared by the sender and receiver larger than the large prime number, A bit pointer is generated by combining a random number generating means for generating a plurality of small random numbers and a plurality of remainders obtained by dividing the large prime numbers by the plurality of small prime numbers, respectively. And a key generation means for generating an encryption key by extracting and combining the numbers. The encryption key generation system according to claim 1 or 2, wherein either one of the large prime number and the large random number as a key space is encrypted by an encryption instruction. The sender and the receiver share a relatively large prime number in secret, generate a plurality of relatively small random numbers, and combine a plurality of remainders obtained by dividing the large prime number by the plurality of small prime numbers, respectively. And generating an encryption key. A method for generating an encryption key. The sender and the receiver secretly share a relatively large prime number and a random number larger than the large prime number, generate a plurality of relatively small random numbers, and divide the large prime number by the plurality of small prime numbers, respectively. A method for generating an encryption key, comprising: generating a bit pointer by combining a plurality of remainders obtained in the above; and generating an encryption key by extracting and combining a plurality of numbers from the large random number using the bit pointer. 6. The encryption key generation method according to claim 4, wherein either one of the large prime number and the large random number as a key space is encrypted by an encryption command. In an encryption authentication system used for mutual authentication in two communication subjects that communicate with each other after authenticating each other,
Means for maintaining a relatively large prime number secretly shared by two communicating entities;
Random number generating means for generating a random number for authentication and a plurality of relatively small random numbers transmitted to the other party;
Key generation means for generating an encryption key by combining a plurality of remainders obtained by dividing the large prime number by the plurality of small prime numbers, respectively.
An encryption means for making the authentication random number an encrypted random number by the encryption key;
After the encrypted random number sent to the other party is decrypted, it is encrypted with the other party's encryption key, and the other party's encrypted random number sent from the other party is used when the other party's encryption key is generated. Decryption means for decrypting with the other party's encryption key generated by the key generation means using a plurality of small prime numbers transmitted from the other party;
Authentication for authenticating the other party as a legitimate counterpart who shares the large prime number when the random number obtained by decrypting the other party's encrypted random number matches the random number for authentication generated by the random number generating means. Means,
An encryption authentication system comprising: In an encryption authentication system used for mutual authentication in two communication subjects that communicate with each other after authenticating each other,
Means for maintaining a relatively large prime number secretly shared by two communicating entities;
Means for holding a large random number that is secretly shared by two communicating entities larger than the large prime number;
Random number generating means for generating a random number for authentication and a plurality of relatively small random numbers transmitted to the other party;
A bit pointer is generated by combining a plurality of remainders obtained by dividing the large prime number by the plurality of small prime numbers, and an encryption key is generated by extracting and combining a plurality of numbers from the large random number using the bit pointer Key generation means for
An encryption means for making the authentication random number an encrypted random number by the encryption key;
After the encrypted random number sent to the other party is decrypted, it is encrypted with the other party's encryption key, and the other party's encrypted random number sent from the other party is used when the other party's encryption key is generated. Decryption means for decrypting with the other party's encryption key generated by the key generation means using a plurality of small prime numbers transmitted from the other party;
When the random number obtained by decrypting the encrypted random number of the other party by the decryption means matches the authentication random number generated by the random number generating means, the other party is a legitimate counterpart sharing the large prime number and the large random number. Authentication means for authenticating as,
An encryption authentication system comprising: 9. The encryption authentication system according to claim 7, wherein either one of the large prime number and the large random number as a key space is encrypted by an encryption command. After each of the two communication entities authenticates each other as a legitimate partner, in each communication entity, information to be sent to the other party is converted into encrypted information by the encryption means using the encryption key, and An encryption communication system using the encryption authentication system according to any one of claims 7 to 9, wherein the transmission is performed.

Images