JP2022031361A - Communication apparatus, communication method, program and communication system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a communication apparatus capable of providing an encryption key to a request source for an application etc. with little delay.

SOLUTION: The communication apparatus includes: a sharing processing section; a storage section; and a control unit. The sharing processing section shares an encryption key with one or more external units. The storage section stores the encryption key. The control unit compares a present amount which represents the amount of the stored encryption keys and a specified reference amount to control the sharing processing section to continue or to terminate the share processing of the encryption key based on the comparison result.

SELECTED DRAWING: Figure 4

COPYRIGHT: (C)2022,JPO&INPIT

Description

Embodiments of the present invention relate to communication devices, communication methods, programs and communication systems.

Quantum key distribution technology (QKD) securely shares an encryption key between a transmitting node that continuously transmits a single photon and a receiving node that receives a single photon, which are connected by an optical fiber. It is a method. A technique is also known in which a node generates a random number (encryption key) independently of the encryption key shared by QKD, and transmits the generated random number to another node for sharing.

Japanese Patent No. 5634427

Kollmitzer C., Pivk M. (Eds.), Applied Quantum Cryptography, Lect. Notes Phys. 797 (Springer, Berlin Heidelberg 2010), Chapter 8, QKD Networks Based on Q3P, pp.151-171, DOI 10.1007 / 978- 3-642-04831-9 Dianati, M., Alleaume, R., Gagnaire, M. and Shen, X. (2008), Architecture and protocols of the future European quantum key distribution network. Security and Communication Networks, 1: 57-74. DOI: 10.1002 / sec.13

However, in the prior art, the encryption key sharing process is executed after the encryption key is requested by the application or the like. Therefore, there is a problem that a processing delay occurs before the requesting application or the like uses the encryption key.

The communication device of the embodiment includes a shared processing unit, a storage unit, and a control unit. The shared processing unit shares the encryption key with one or more external devices. The storage unit stores the encryption key. The control unit compares the current amount representing the amount of stored encryption key with the designated reference amount, and controls the continuation or stop of the encryption key sharing process by the sharing processing unit based on the comparison result.

The figure which shows the configuration example of the quantum key distribution system. The figure which shows the configuration example of the QKD network. A sequence diagram showing an example of encryption key sharing processing. The functional block diagram of the node of the 1st Embodiment. The figure which shows an example of the key information table of a node. The sequence diagram of the encryption key sharing process of 1st Embodiment. The figure which shows the example of the application key information table. The sequence diagram of the application key provision control procedure of 1st Embodiment. The functional block diagram of the node of the 2nd Embodiment. The figure which shows the specific example of the change process of the maximum amount. The figure which shows the specific example of the change process of the maximum amount. The sequence diagram of the shared amount control processing in 2nd Embodiment. The functional block diagram of the node of the 3rd Embodiment. The figure which shows an example of the link key information table. The sequence diagram of the encryption key sharing process of 3rd Embodiment. The sequence diagram of the provision control procedure of 3rd Embodiment. The figure which shows an example of the link key information table. The sequence diagram of the common amount control process of 3rd Embodiment. The figure which shows the example of the link key information table. The functional block diagram of the node of the 4th Embodiment. The figure which shows an example of the key information table. The hardware diagram of the communication device which concerns on embodiment.

Hereinafter, preferred embodiments of the communication device according to the present invention will be described in detail with reference to the accompanying drawings.

(First Embodiment)
The cryptographic key shared by QKD is guaranteed not to be eavesdropped on the basis of quantum mechanics principles. Information theory guarantees that when encrypted data communication is performed using a cryptographic communication method called one-time pad using a shared encryption key, the data sent and received cannot be decrypted by an eavesdropper with any knowledge. Has been done.

FIG. 1 is a diagram showing a configuration example of a quantum key distribution system. As shown in FIG. 1, the quantum key distribution system includes applications 20a, 20b and nodes 10a, 10b. The node 10a and the node 10b are connected by, for example, an optical fiber 30. The nodes 10a and 10b correspond to at least one of the transmitting node and the receiving node. In the following, a transmitting node and a receiving node may be collectively referred to as a node. The applications 20a and 20b are functions for performing encrypted data communication using a shared encryption key. The applications 20a and 20b may be realized integrally with the nodes 10a and 10b, respectively.

The encryption key shared between the node 10a and the node 10b is provided to the application 20a and the application 20b, respectively. The application 10a and the application 10b encrypt data using the acquired encryption key and perform encrypted data communication. However, the method of sharing the encryption key by the QKD technology has a limitation of the distance that the encryption key can be shared due to the use of a single photon as a medium.

Next, a quantum key distribution network (QKD network), which is an example of a communication system, will be described. FIG. 2 is a diagram showing a configuration example of a QKD network. As shown in FIG. 2, the QKD network includes a key sharing network 301 and a cryptographic data communication network 302. Note that FIG. 2 is an example of a case where the node and the application are realized independently. The key sharing network 301 includes nodes 100a to 100e as communication devices and applications 200a and 200b. The nodes 100a to 100e share the link key by the key sharing network 301.

When it is not necessary to distinguish between the nodes 100a to 100e, it may be simply referred to as the node 100. When it is not necessary to distinguish between applications 200a and 200b, it may be simply referred to as application 200. The number of nodes 100 is not limited to five. Further, the number of applications 200 is not limited to two.

The key sharing network 301 is a network in which a plurality of nodes 100 are connected by links (links 401 to 406) such as optical fibers.

Note that FIG. 2 illustrates a configuration in which one node 100 has a plurality of functions of a transmitting node or a receiving node (for example, two nodes 100a, 100c, 100d, and three nodes 100b, 100e). ). Each node 100 may be configured to have a function of integrating a transmitting node and a receiving node. In the following, the latter configuration will be mainly described as an example.

Each node 100 shares an encryption key by QKD with a node 100 (adjacent node) connected by a link. The encryption key shared by QKD between the nodes 100 connected by the link corresponds to the link key (first encryption key). Further, the node 100 has a function of separately generating another encryption key (app key, second encryption key) from random number information and the like, encrypting the encryption key with the link key, and transferring the encryption key to the adjacent node regardless of the QKD. Have.

By repeating the process of encrypting the application key with the link key and transferring the application key, the node 100 can share the application key with any node 100 on the key sharing network 301. At this time, the application key is transferred on the link in a state of being encrypted by the link key shared by QKD. Therefore, assuming the security of the node 100 itself, it can be said that the security of the application key is guaranteed in the same way as the link key.

On the other hand, the application 200 is housed in the encrypted data communication network 302. Here, it is assumed that the application 200a performs encrypted data communication with the application 200b. Hereinafter, an example of a sequence in which the application 200 acquires and shares an encryption key using the key sharing network 301 and performs encrypted data communication will be described. FIG. 3 is a sequence diagram showing an example of the encryption key sharing process when the application key is shared via the three nodes 100.

The nodes 100a, 100b, and 100c share the link key in advance (step S101, step S102). The link key sharing operation may be repeated thereafter. The application 200 that wants to perform encrypted communication connects to the node 100 on the key sharing network 301. For example, in the example of FIG. 3, the application 200a is connected to the node 100a, and the application 200b is connected to the node 100c.

The application 200a notifies the node 100a that the encryption key wants to be used for communicating with the application 200b (step S103). Upon receiving this notification, the node 100a identifies the node 100c to which the application 200b with which the application 200a wants to communicate is connected (step S104), and shares the application key with the node 100c.

Specifically, the node 100a notifies the node 100c that he / she wants to share the application key, and starts the sharing control of the application key (step S105). The node 100a generates an application key by a random number generator or the like, and encrypts the generated application key with a link key (link key shared with the node 100b) (step S106). Node 100a transfers the encrypted application key to node 100b (step S107).

The node 100b receives the encrypted application key and decrypts the application key by the link key shared with the node 100a. Then, the node 100b encrypts the decrypted application key with the link key shared with the node 100c (step S108). The node 100b transfers the encrypted application key to the node 100c (step S109).

The node 100c receives the encrypted application key and decrypts it with the link key shared with the node 100b (step S110). The node 100c stores the decrypted application key in a storage unit or the like (step S111). The node 100c notifies the node 100a that the storage of the application key is completed (step S112). By the above processing procedure, the node 100a and the node 100c can share the application key.

The node 100a provides the shared application key to the application 200a (step S115). The node 100c receives the request from the application 200b (step S113) and provides the shared application key to the application 200b (step S114). As a result, the application 200a and the application 200b can share the same encryption key (application key). After that, the application 200a and the application 200b can perform secure encrypted data communication via the encrypted data communication network 302.

The encryption key sharing method that combines the application key and the link key as described above can overcome the limitation of the distance that the encryption key can be shared due to the use of QKD. Further, this method in which the node 100 connected from the application 200 controls the generation, sharing, and routing of the encryption key (application key) can be realized by utilizing the existing network technology and using simple components. Is. Here, a scenario in which the node 100a generates an encryption key (application key) by a random number or the like and shares the encryption key has been described. The information to be shared is not limited to this. This method can be used as a mechanism for the node 100a to share arbitrary secret information such as an encryption key, a digital certificate, and a private key in the public key method generated by another system.

By constructing a quantum key distribution network (QKD network), it becomes possible to share an encryption key with any node 100 on the network. Further, for example, using the technology of Patent Document 1, the session state of the application key can be managed on the node side, and the node, frequency, timing, etc. to share the application key can be determined by using the state information. become able to.

On the other hand, in the method in which the encryption key sharing process is executed after the encryption key is requested as shown in FIG. 3 (step S103), a processing delay occurs before the requesting application or the like uses the encryption key. there is a possibility.

Therefore, the communication device (node) according to the first embodiment provides the application key to the application with low delay. By using the method of the present embodiment, each node can share the application key to be provided to the application in advance before receiving the request from the application. This allows the node to provide the application key immediately upon receiving a request from the application. That is, according to the method of the present embodiment, the application key can be provided to the application with low delay.

FIG. 4 is a block diagram showing a functional configuration example of the node 100 in the present embodiment. The node 100 includes a shared processing unit 110, a providing unit 120, a control unit 130, a platform unit 140, and a storage unit 150.

The platform unit 140 provides an OS (operating system) function, a network function, a security function, and the like that manage the basic computer system of the node 100.

The storage unit 150 stores the encryption key. The storage unit 150 can be configured by a file system, a database, or the like. Further, the storage unit 150 stores information indicating a predetermined reference amount and the amount of the currently shared encryption key (current amount) for each of the shared destination nodes 100 (shared destination node). The information that associates the standard amount of the encryption key with the current amount is referred to as a key information table below.

The reference amount represents a reference amount of the amount of the encryption key, and is used for comparison with the current amount. The reference amount may be set as, for example, an amount corresponding to the maximum amount of the shared encryption key. The reference amount is not limited to this, and any information may be used as long as it is a reference amount for the amount of the encryption key. For example, an amount representing the lower limit of the encryption key may be used as a reference amount. The reference amount may be a different value for each shared destination node, or may be the same value for some or all shared destination nodes. In the following, a case where the maximum amount is used as the reference amount will be described as an example.

The sharing processing unit 110 performs sharing processing for sharing an encryption key with one or more other nodes 100 (an example of an external device). The shared processing unit 110 includes a generation unit 111 and a monitoring unit 112.

The generation unit 111 generates an encryption key. The generation unit 111 uses, for example, quantum cryptography when generating a link key, and uses, for example, a random number generator when generating an application key. The monitoring unit 112 monitors the amount of decrease in the encryption key stored in the storage unit 150 and the like.

The control unit 130 controls the entire node. For example, the control unit 130 executes an encryption key sharing control procedure (encryption key sharing process), a provision control procedure, and the like. For example, the control unit 130 compares the current amount with the reference amount, and controls the continuation (start) or stop of the encryption key sharing process by the shared processing unit 110 based on the comparison result (encryption key sharing process). Details of control by the control unit 130 will be described later.

The providing unit 120 provides the application 200 with the encryption key stored in the storage unit 150. The providing unit 120 may delete the encryption key provided to the application 200 from the storage unit 150.

The shared processing unit 110, the providing unit 120, the control unit 130, and the platform unit 140 may be realized by, for example, causing a processing device such as a CPU (Central Processing Unit) to execute a program, that is, by software. It may be realized by hardware such as an IC (Integrated Circuit), or may be realized by using software and hardware together.

The storage unit 150 can be configured by any commonly used storage medium such as an HDD (Hard Disk Drive), an optical disk, a memory card, and a RAM (Random Access Memory).

Next, a specific example of the key information table will be described. FIG. 5 is a diagram showing an example of the key information table of each node 100 shown in FIG. Each node 100 is, for example, a key information table in which the maximum amount of app keys to be shared between the shared destination node and the shared destination node and the amount of currently shared app keys (current amount) are associated with each other. Is stored in the storage unit 150. The storage units 150a to 150e indicate the storage units 150 included in the nodes 100a to 100e, respectively. Hereinafter, the key information table of the application key is referred to as an application key information table.

The application key information table will be described using the node 100a of FIG. 5 as an example. As shown in FIG. 5, the application key information table stores information of "maximum amount" and "current amount" for each node (shared destination node) of "shared destination". For example, the identification information (ID) of the node 100 is set in the "sharing destination". A to E in FIG. 5 represent, for example, the identification information of the nodes 100a to 100e.

The "maximum amount" of the application key information table is, for example, how much application key the node 100a has with other nodes 100 (shared destination node: node 100b, node 100c, node 100d, node 100e). Information indicating whether it is desirable to share it. The amount of app keys may be, for example, the number of app keys or the total size of shared app keys. The "maximum amount" information may be set by the system administrator at the time of system construction, operation start, maintenance, and the like.

The "current amount" of the application key information table indicates the amount of the application key currently held in the node 100a and shared with each "shared destination node". The "current amount" is a value acquired by monitoring the amount of the application key currently available on the node 100a. When a new application key is shared, the "current amount" may be increased, and when the application key is used by providing the application key to the application 200a, the "current amount" may be decreased. The monitoring of the current amount and the update of the key information table by the current amount obtained by monitoring are executed by, for example, the monitoring unit 112.

Each node 100 refers to the application key information table at the time of startup, and executes the application key sharing control procedure in order to share the application key by the amount of the "maximum amount" set for each "sharing destination node". You may. By doing so, each node 100 can provide the application key to the application 200 with a low delay as compared with the conventional method of executing the sharing control procedure after receiving the connection from the application 200.

It should be noted that each node 100 may execute the application key sharing control procedure not only at the time of activation but also at an arbitrary timing. For example, even if the shared control procedure is executed at the timing of periodic maintenance, for example, when the node 100 periodically detects that the amount is decreasing by referring to the "current amount" with each "shared destination node". good.

FIG. 6 is a sequence diagram showing an example of the encryption key sharing process of the present embodiment. Note that FIGS. 6 also show applications 200a and 200b, but these applications 200 are not concerned with the encryption key sharing process.

The nodes 100a, 100b, and 100c share the link key in advance (step S201, step S202). The control unit 130 of the node 100a detects the application key replenishment event independently of the request from the application 200 or the like (step S203).

The replenishment event is an event indicating that the application key should be shared with a certain sharing destination node. The control unit 130 may detect the replenishment event by comparing the current amount of the shared destination node with the reference amount. The control unit 130 may control the start (continuation) and stop of the sharing of the application key according to the detection result of the replenishment event.

For example, the control unit 130 refers to the application key information table and shares the application key with a certain sharing destination node (here, node 100c) when the reduction status of the current amount of the application key satisfies a predetermined condition. Detect that it is time to do it. The predetermined conditions are, for example, the following conditions:
・ "Current amount" is smaller than "Maximum amount" ・ Difference between "Maximum amount" and "Current amount" is equal to or more than the threshold value (first threshold value) ・ Difference between "Maximum amount" and "Current amount" and "Maximum amount" The ratio with is less than or equal to the threshold value (second threshold value), and the value of "current amount" is less than or equal to the lower limit value.

The control unit 130 may detect the event and further determine the amount of the application key to be shared from the difference between the "maximum amount" and the "current amount".

When the replenishment event is detected, the control unit 130 notifies the sharing destination node with which the application key should be shared of information (such as an application key sharing control message) indicating that the application key is to be shared (step S204). After that, a process for sharing the application key between the shared processing unit 110 of the node 100a and the shared processing unit 110 of the node 100c is executed. The protocol or the like executed in this process may be the same as in the prior art. For example, steps S205 to S211 in FIG. 6 may be executed in the same procedure as steps S106 to S112 in FIG.

In the above description, the node 100 (node 100a in the example of FIG. 6) that detects that it is time to share the application key generates the application key and transfers the generated application key to the node 100c. The method of sharing the application key is not limited to this.

For example, all or part of the shared application key may be controlled to be generated by the node 100c and transferred to the node 100a. For this purpose, for example, the application key sharing control message transmitted from the node 100a to the node 100c contains information for determining which node 100 should generate the application key, or information for negotiating it. It may be included. The app key sharing control message may also contain information about the amount to generate the app key.

The application 200 may distinguish the type (key type) of the application key, such as when the application 200 communicates with the one-time pad using the application key. That is, it may be distinguished whether the application key is a transmission key (transmission application key) or a reception key (reception application key). The transmission application key is an application key used when transmitting information. The receiving application key is an application key used when receiving information.

In this case, for example, the node 100 that generates the transmission application key and the node 100 that generates the reception application key may be specified. For example, each node 100 may refer to the application key information table to determine the timing at which the application key should be shared, and generate and share the application key only for the transmission application key. That is, in this case, the transmission application key is generated and replenished by the node 100 itself (for example, the node 100a). On the other hand, the receiving application key is generated by the sharing destination node 100 (for example, node 100c), and is replenished by receiving by the node 100 (node 100a).

FIG. 7 is a diagram showing an example of an application key information table stored in the storage unit 150 of the node 100a when distinguishing a key type (sending key and receiving key). As shown in FIG. 7, the application key information table in this case stores the current amount and the maximum amount for each key type of the shared destination node.

Next, a procedure (procedure for controlling the provision of the application key) when the node 100 provides the application key to the application 200 will be described. FIG. 8 is a sequence diagram showing an example of the application key provision control procedure of the present embodiment.

The nodes 100a, 100b, and 100c share the link key in advance (step S301, step S302). When the application key is required for performing encrypted communication or the like, the application 200a notifies the node 100a of a request for the application key (application key request) (step S303).

The node 100a that has received the application key request identifies the sharing destination node (step S304). For example, it is assumed that the node 100a detects that the application 200a wants to communicate with the application 200b from the message of the application key request or the like. The node 100a refers to, for example, information that defines the connection relationship between the application 200 and the node 100, and specifies that the application 200b is connected to the node 100c. In this way, the node 100a specifies that the node to share the application key to be provided to the application 200a is the node 100c.

If the application key has already been shared with the specified sharing destination node by the encryption key sharing process of FIG. 6, the provider 120 of the node 100 may provide the shared application key to the application 200. can. That is, the providing unit 120 of the node 100a provides the application key to the application 200a (step S308). The node 100c receives the request from the application 200b (step S306) and provides the application key to the application 200b (step S307).

In this way, the node 100 immediately reaches the application 200 without performing the application key generation process by the random number generator and the application key encryption and transfer process by the link key after receiving the application key request. Can provide the app key. That is, the node 100 can execute the provision of the application key with low delay.

The node 100a and the node 100c do not need to perform the application key sharing control procedure (FIG. 6), but simply exchange control messages (application key provision control) before providing the application key to the application 200. It may be done (step S305 in FIG. 8). The control message contains, for example, the following information in order to determine and notify which of the application keys already shared between the node 100a and the node 100c should be provided to the application 200a. May include:
-Information related to the identification information (ID) of the application key-Information on how to determine the application key provided to the application 200a (assigned on the assumption that the application 200a will use it)

After the application key is provided to the application 200a and the application 200c, the node 100a and the node 100c reduce the value corresponding to the amount of the provided application key from the "current amount" in the application key information table stored by the node 100a and the node 100c.

In the key sharing network 301 described above, the number of nodes is 5, but the number of nodes is not limited to 5. The number of nodes may be any number of 2 or more. When the number of nodes is large (for example, 100 or more), it is the control that each node 100 shares the application key with all the other nodes 100 in advance by using the application key information table. It may not be desirable from the viewpoint of the storage capacity of the application key. In such a case, the app key information is not shared in advance with all the nodes 100, but the app key can be shared in advance only with some nodes 100. You may use a table. In this case, if the application key to be shared with the sharing destination node that does not share the application key is requested in advance, the application key can be shared by the method shown in FIG. 3, for example, as in the conventional technology. good.

(Second embodiment)
In the first embodiment, the reference amount such as the "maximum amount" in the application key information table is set in advance by the administrator or the like. In the second embodiment, the reference amount is dynamically changed during operation.

FIG. 9 is a block diagram showing an example of the configuration of the node 100-2 according to the second embodiment. As shown in FIG. 9, the node 100-2 includes a shared processing unit 110, a providing unit 120, a control unit 130-2, a platform unit 140, and a storage unit 150.

In the second embodiment, the function of the control unit 130-2 is different from that of the first embodiment. Other configurations and functions are the same as those in FIG. 4, which is a block diagram of the node 100 according to the first embodiment, and thus the same reference numerals are given, and the description thereof is omitted here.

The control unit 130-2 is different from the control unit 130 of the first embodiment in that a control function (shared amount control procedure) for dynamically changing the reference amount is added. For example, the control unit 130-2 changes the reference amount according to the decrease frequency of the current amount of the application key. The control unit 130-2 controls the monitoring unit 112 so as to monitor the decrease frequency of the application key for each “shared destination node”, for example. The frequency of decrease of the application key corresponds to the frequency of use (frequency of use) of the application key. The control unit 130-2 controls the application key having a high usage frequency (decrease frequency) so as to increase the "maximum amount" as the reference amount.

The control method of the reference amount is not limited to this. For example, the reference amount may be changed according to at least one of the number of applications, the amount of encryption key requested by the application, the storage capacity of the storage unit 150, and the free capacity of the storage unit 150.

10 and 11 are diagrams showing specific examples of the maximum amount of change processing. Here, it is assumed that the application key shared between the node 100-2a and the node 100-2c is frequently reduced (used). The values 901 and 902 in FIG. 10 show an example in which the current amount of app keys shared between node 100-2a and node 100-2c is reduced to 500. The reduced amount of the application key is replenished according to, for example, the encryption key sharing process described with reference to FIG. 6 of the first embodiment.

In addition to this, in the second embodiment, for example, depending on the information of the decrease frequency of the application key, as shown in the value 1001 and the value 1002 in FIG. 11, between the node 100-2a and the node 100-2c. Increase the "maximum amount" of app key information to share.

For example, the control unit 130-2 of the node 100-2 controls the monitoring unit 112 so as to monitor the decrease amount of the "current amount" of the application key per unit time for each shared destination node, and the decrease amount is a certain threshold value ( When it becomes equal to or more than the third threshold value, the "maximum amount" may be controlled to be increased. Instead of comparing the absolute value of the amount of decrease with the threshold, the "maximum amount" may be changed according to the relative change of the other node 100-2 with respect to the amount of decrease. For example, the control unit 130-2 controls the monitoring unit 112 so as to monitor the decrease amount of the "current amount" of the application key for each "shared destination node", and controls a certain "shared destination node" (for example, node 100-2a). When the decrease amount of () is larger than a certain threshold value (fourth threshold value) as compared with the decrease amount of other "shared destination nodes", the "most" with the corresponding shared destination node (node 100-2a). It may be controlled to increase "a large amount".

So far, we have described a method based on the amount of change in the "current amount" of the app key when changing the "maximum amount" of the app key. When changing the "maximum amount" of the application key, other values may be referred to. For example, each node 100-2 monitors information such as the number of applications 200 connected to each node 100-2 and the amount or size of the application key requested by each node 100-2 per unit time. However, you may refer to this information.

For example, in node 100-2a, it is assumed that the number of applications 200 connected to node 100-2a and communicating with the application 200 connected to node 100-2c has changed from two to three. At this time, the control unit 130-2 of the node 100-2a may control to increase the "maximum amount" of the application key shared with the node 100-2c.

An application 200 that communicates with an application 200 connected to the node 100-2c, and a certain application 200 connected to the node 100-2a requests the node 100-2a for the amount of the application key per unit time. You may notify. In such a case, and when the required amount of the application key per unit time increases, the control unit 130-2 of the node 100-2a shares the application key with the node 100-2c. It may be controlled to increase the "maximum amount" of.

The total amount of application keys that can be held in advance by a certain node 100-2 has an upper limit depending on the capacity of the storage device (storage unit 150) to be used. Therefore, the "maximum amount" of the application key to be shared with the "shared destination node" in advance cannot be increased indefinitely. Therefore, the control unit 130-2 may execute the control to increase the "maximum amount" in consideration of the storage capacity or the free capacity of the storage unit 150 currently available in the corresponding node 100-2.

When the control unit 130-2 increases the "maximum amount" of the application key to be shared with a certain sharing destination node, the "maximum amount" of the application key to be shared with another sharing destination node. May be reduced. The control unit 130-2 controls the monitoring unit 112 so as to monitor the decrease amount of the "current amount" of the application key per unit time for each shared destination node, and the decrease amount is a certain threshold value (fifth threshold value). It may be controlled to reduce the "maximum amount" of the sharing destination node below.

Instead of comparing the absolute value of the amount of decrease with the threshold, the "maximum amount" may be changed according to the relative change of the other node 100-2 with respect to the amount of decrease. For example, the control unit 130-2 controls the monitoring unit 112 so as to monitor the decrease amount of the "current amount" of the application key for each "shared destination node", and controls a certain "shared destination node" (for example, node 100-2a). When the decrease amount of) is smaller than a certain threshold value (sixth threshold value) as compared with the decrease amount of other "shared destination nodes", the "maximum amount" with the corresponding shared destination node (node 100-2a). May be controlled to decrease.

Further, the control unit 130-2 may determine the shared destination node for reducing the "maximum amount" based on the current size of the "maximum amount". That is, the control unit 130-2 may preferentially reduce the "maximum amount" of the shared destination node having a larger "maximum amount".

Further, the control unit 130-2 may be executed at the same time as the decrease of the maximum amount and the increase of the maximum amount. The control unit 130-2 may decrease the maximum amount only when the storage capacity is insufficient when the maximum amount is increased. As a result, the finite storage capacity of the storage unit 150 for storing the application key can be efficiently used.

Next, the shared amount control process (shared amount control procedure) by the node 100-2 according to the second embodiment configured in this way will be described with reference to FIG. FIG. 12 is a sequence diagram showing an example of the shared amount control process in the second embodiment.

Nodes 100-2a, 100-2b, and 100-2c share a link key in advance (step S401, step S402).

The node 100-2a transmits a control message notifying the node 100-2c that the control for increasing the "maximum amount" (application key sharing amount control) is performed (step S403). This control message may be independently transferred between the nodes 100-2, or may be transferred integrally with the application key sharing control message in the sharing control process shown in FIG. 6, for example. Alternatively, it may be transferred together with the message of the application key provision control in the application key provision control procedure shown in FIG.

The control message of the app key sharing amount control contains at least information about the size of the maximum amount to be increased or the maximum amount after the increase.

The size of the available storage capacity may differ between the node 100-2a and the node 100-2c. Therefore, even if the node 100-2a requests the node 100-2c to increase the maximum amount, it may not be possible to increase the node 100-2c. Therefore, a response message (from node 100-2c to node 100-2a) may be required for the control message for controlling the application key sharing amount. The response message may contain information about whether the maximum amount of increase may actually be made, and if so, how large it is. The maximum amount of change may actually be made after sending this response message.

On the other hand, in FIG. 10, the node 100-2a also exchanges a control message for controlling the application key sharing amount with the node 100-2b. This control message is, for example, a message notifying the maximum amount of reduction. Generally, the application key is not shared with the node 100-2 that reduces the maximum amount at the same time. Therefore, the control message for reducing the maximum amount does not need to be forwarded together with the message of the application key sharing control.

Similarly, it is considered that the control message for reducing the maximum amount is rarely transferred together with the control message of the application key provision control (FIG. 8 or the like). The control message for maximum amount reduction contains at least information about the size of the maximum amount to be reduced or the size of the maximum amount after reduction.

In some cases, the current amount must be reduced by reducing the maximum amount. Reducing the current amount is equivalent to destroying (deleting) the currently held application key. In this case, information regarding which of the currently held application keys should be destroyed may be included in the application key sharing amount control message. For example, the provider 120 may determine the application key to be destroyed according to a predetermined rule. For example, among the application keys, the oldest shared application key should be deleted, the identification information (ID) given to the application key should be deleted in order from the youngest application key, and the ID should be specified and deleted. There are methods such as determining the application key.

As described above, in the communication device according to the second embodiment, the reference amount can be dynamically changed.

(Third embodiment)
In the above embodiment, the node uses the application key information table to hold the current amount and the maximum amount of the application key. One of the effects of such a configuration is that the key can be provided immediately in response to the key request from the application. In addition, as a side effect, in a situation where a key is shared with multiple nodes, the limited capacity of the storage device can be effectively utilized, and the key most likely to be used is retained and accumulated. It has the effect of improving the efficiency of storage capacity utilization.

The same control as the control for the application key described in the above embodiment may be performed for the link key. The communication device according to the third embodiment executes the same processing as in the above embodiment for the link key instead of the application key.

FIG. 13 is a block diagram showing an example of the configuration of the node 100-3 according to the third embodiment. As shown in FIG. 13, the node 100-3 includes a shared processing unit 110, a providing unit 120-3, a control unit 130-3, a platform unit 140, and a storage unit 150.

In the third embodiment, the functions of the providing unit 120-3 and the control unit 130-2 are different from those of the first embodiment. Other configurations and functions are the same as those in FIG. 4, which is a block diagram of the node 100 according to the first embodiment, and thus the same reference numerals are given, and the description thereof is omitted here.

The providing unit 120-3 is different from the providing unit 120 of the above embodiment in that the link key is provided as an encryption key instead of the application key. The control unit 130-3 executes a sharing control procedure (encryption key sharing process), a provision control procedure, and the like using a link key as an encryption key instead of the application key.

The storage unit 150 of the present embodiment stores the key information table of the link key. Hereinafter, the key information table of the link key is referred to as a link key information table. FIG. 14 is a diagram showing an example of the link key information table of each node 100-3 shown in FIG.

FIG. 15 is a sequence diagram showing an example of the encryption key sharing process (sharing control procedure) of the present embodiment. The link key sharing control procedure corresponds to the generation of the link key in quantum cryptography. Therefore, the control unit 130-3 constantly generates and shares the link key, and controls the sharing processing unit 110 so as to generate and share the link key by quantum cryptography until the current amount reaches the maximum amount (the control unit 130-3). Step S501).

The control unit 130-3 may stop the generation or storage of the link key when the current amount reaches the maximum amount. For example, the control unit 130-3 performs an operation of stopping the link key generation by the quantum cryptography, or an operation of continuing the generation of the link key by the quantum cryptography but discarding the generated link key without storing it. When the generation or storage of the link key is stopped, the control unit 130-3 of each node 100-3 exchanges the control message of the link key sharing (step S502, step S503). When stopping the generation of the link key, this control message may include, for example, information about which identification information (ID) is assigned to stop the key generation after the linked key. When stopping the memory of the link key, this control message may include information about which ID is to stop the key storage after the assigned link key, or for each ID of the link key, the key. May include information as to whether or not to memorize.

FIG. 16 is a sequence diagram showing an example of the link key provision control procedure of the present embodiment. When the node 100-3 receives the request for providing the link key from the application 200, the node 100-3 provides the requested link key as it is.

Nodes 100-3a and 100-3b share a link key in advance (step S601). When the application 200a needs a link key for performing encrypted communication or the like, the application 200a notifies the node 100-3a of a request for the link key (link key request) (step S602).

The node 100-3a that has received the link key request transmits a control message for link key provision control to the node 100-3b as needed (step S603). For example, when it is necessary to determine the link key to be provided to the application 200, a control message including information for determining the link key (for example, identification information) may be exchanged.

Node 100-3a provides the requested link key to application 200a (step S604). Similarly, when the node 100-3b receives the link key provision request from the application 200b (step S605), the node 100-3b provides the link key to the application 200b in response to the request (step S606).

Further, the control unit 130-3 may execute a control (shared amount control procedure) for dynamically changing the reference amount, as in the second embodiment. For example, when the current holding amount (current amount) of the link key reaches the maximum amount, the control unit 130-3 uses the same method as the method described in the second embodiment to increase the maximum amount of the link key. It may be increased or decreased.

FIG. 17 is a diagram showing an example of a link key information table after executing the shared amount control procedure. The shaded area of the table shows the data with the maximum amount changed.

For example, in FIG. 17, node 100-3a shares a link key with a plurality of nodes 100-3 (nodes 100-3b and 100-3d).

For example, when the link key shared with the node 100-3b is decreased more frequently than the link key shared with the node 100-3d, the node 100-3a with the node 100-3b. You may increase the maximum amount of link keys shared between. FIG. 17 shows an example in which the maximum amount of link keys shared with nodes 100-3b has been increased from 100 to 500.

At the same time, node 100-3a may reduce the maximum amount of link keys shared with node 100-3d. FIG. 17 shows an example in which the maximum amount of link keys shared with nodes 100-3d has been reduced from 300 to 200.

FIG. 18 is a sequence diagram showing an example of the shared amount control process (shared amount control procedure) of the link key of the present embodiment.

Nodes 100-3a and 100-3b share a link key in advance (step S701).

The node 100-3a transmits a control message notifying the node 100-3b that the control for increasing the "maximum amount" (application key sharing amount control) is performed (step S702). Node 1003-b sends a response message to node 100-3a as needed (step S703). The information contained in the control message and the response message may be the same as in the second embodiment.

With this configuration, the nodes 100-3a can effectively utilize the storage capacity of the finite storage device (storage unit 150). In addition, when the application 200 requests a link key, but the maximum amount of the link key shared with the corresponding node 100-3 is small and the stored encryption key is small, a sufficient amount of the link key is used. It is possible to avoid an increase in delay by waiting for the link key to be generated in order to provide it. That is, a sufficient amount of link keys can be provided with low latency.

Further, the link key information table shown in FIGS. 14 and 17 stores the maximum amount and the current amount for each node 100-3 to which the link is connected. Similar to FIG. 7, the transmission link key and the reception link key may be separately stored in the link key information table for each node 100-3. FIG. 19 is a diagram showing an example of a link key information table stored in the storage unit 150 of the node 100-3a when the key type is distinguished.

The control unit 130-3 controls the monitoring unit 112 so as to monitor the reduction amount of the "current amount" of the link key (sending key or receiving key) per unit time, and the one having a larger reduction amount per unit time. It may be controlled to increase the "maximum amount" of the key. Alternatively, for example, the control unit 130-3 of the node 100-3a determines the amount of decrease per unit time between the transmission link key shared with the node 100-3b and the reception link key shared with the node 100-3d. They may be compared to determine which "maximum amount" should be set higher. As a method of determining whether the encryption key shared by the quantum key distribution technology is used as the transmission link key or the reception link key, a technology such as Q3P (Quantum Point to Point Protocol) may be used. ..

(Fourth Embodiment)
The node may store a key information table for both the app key and the link key. The key information table may be separate for the application key and the link key, or information on both keys may be stored in one table. Further, the node may be configured to manage the application key and the link key separately.

FIG. 20 is a block diagram showing a functional configuration example of the node 100-4 in the fourth embodiment configured in this way. Nodes 100-4 include a shared processing unit 110-4, a providing unit 120-4, a control unit 130-4, a platform unit 140, a storage unit 150, a shared processing unit 160-4, and a providing unit 170-. 4 and.

In the fourth embodiment, the functions of the shared processing unit 110-4, the providing unit 120-4, and the control unit 130-4, and the shared processing unit 160-4 and the providing unit 170-4 are added. It is different from the embodiment. Other configurations and functions are the same as those in FIG. 4, which is a block diagram of the node 100 according to the first embodiment, and thus the same reference numerals are given, and the description thereof is omitted here.

The sharing processing unit 110-4 performs sharing processing for sharing the application key with other nodes 100-4. The shared processing unit 110-4 includes a generation unit 111-4 and a monitoring unit 112-4. The generation unit 111-4 generates an application key by using, for example, a random number generator. The monitoring unit 112-4 monitors the amount of decrease in the application key stored in the storage unit 150 and the like.

On the other hand, the sharing processing unit 160-4 performs sharing processing for sharing the link key with other nodes 100-4. The shared processing unit 160-4 includes a generation unit 161-4 and a monitoring unit 162-4. The generation unit 161-4 generates a link key by using, for example, quantum cryptography. The generation unit 161-4 may have a function of holding the shared link key. The monitoring unit 162-4 monitors the amount of decrease in the link key stored in the storage unit 150 and the like.

The providing unit 120-4 provides the application 200 with the application key stored in the storage unit 150. On the other hand, the providing unit 170-4 provides the application 200 with the link key stored in the storage unit 150. Further, the providing unit 170-4 provides a basic function (link control function) for interlink communication necessary for the cryptographic transfer function of the application key and the like.

The control unit 130-4 controls the operation of each unit such as the shared processing unit 110-4, the providing unit 120-4, the shared processing unit 160-4, and the providing unit 170-4. The control unit 130-4 may dynamically change the reference amount of the key information table as in the second embodiment.

In this case, the control unit 130-4 compares the amount of decrease per unit time between the application key shared with one node 100-4 and the link key shared with another node 100-4, and whichever "most". You may decide whether to set "Large" to a larger value. With this configuration, the storage capacity of the finite storage device (storage unit 150) can be effectively utilized. Further, it is sufficient when the application 200 requests an encryption key (app key or link key), but the maximum amount of keys shared with the corresponding node 100-4 is small and the amount of stored encryption keys is small. It is possible to avoid the situation where the delay is increased by waiting for the generation of the link key or the sharing of the application key in order to provide a large amount of keys. That is, it is possible to provide a sufficient amount of the requested type of encryption key with low latency.

FIG. 21 is a diagram showing an example of a key information table when both an application key and a link key are held. For example, when the current amount of all application keys has reached the maximum amount and the control unit 130-4 does not need to generate and transfer the application key any more, the control unit 130-4 generates a new application key and transfers the encryption. Since it is not necessary, the generation and accumulation of the link key may be stopped.

(Modification example)
So far, a communication system including a plurality of nodes (for example, five in FIG. 2) has been described. The communication system may include two nodes, that is, a pair. In this case, the system configuration is as shown in FIG. In this configuration, as the encryption key provided to the application, the application key generated and shared by the random number generator as described above may be used, or the link key generated by quantum cryptography may be used. When the application key is used, both the application key information table and the link key information table may be provided, or only the application key information table may be provided. In the case of a system using a link key, only the link key information table needs to be provided.

As described above, according to the first to fourth embodiments, it is possible to provide the encryption key to the request source (application or the like) of the encryption key with low delay.

Next, the hardware configuration of the communication device according to the first to fourth embodiments will be described with reference to FIG. 22. FIG. 22 is an explanatory diagram showing a hardware configuration example of the communication device according to the first to fourth embodiments.

The communication device according to the first to fourth embodiments includes a control device such as a CPU (Central Processing Unit) 51, a storage device such as a ROM (Read Only Memory) 52 and a RAM (Random Access Memory) 53, and a network. It is provided with a communication I / F 54 for connecting and communicating, and a bus 61 for connecting each part.

The program executed by the communication device according to the first to fourth embodiments is provided by being incorporated in the ROM 52 or the like in advance.

The programs executed by the communication devices according to the first to fourth embodiments are files in an installable format or an executable format, such as a CD-ROM (Compact Disk Read Only Memory), a flexible disk (FD), and a CD-. It may be configured to be provided as a computer program product by recording on a computer-readable recording medium such as R (Compact Disk Recordable) or DVD (Digital Versatile Disk).

Further, the program executed by the communication device according to the first to fourth embodiments may be stored on a computer connected to a network such as the Internet and provided by downloading via the network. good. Further, the program executed by the communication device according to the first to fourth embodiments may be configured to be provided or distributed via a network such as the Internet.

The program executed by the communication device according to the first to fourth embodiments can make a computer function as each part of the above-mentioned communication device. This computer can read a program from a computer-readable storage medium onto the main storage device and execute the program by the CPU 51.

Although some embodiments of the present invention have been described, these embodiments are presented as examples and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other embodiments, and various omissions, replacements, and changes can be made without departing from the gist of the invention. These embodiments and variations thereof are included in the scope and gist of the invention, and are also included in the scope of the invention described in the claims and the equivalent scope thereof.

100 Nodes 110 Shared processing unit 111 Generation unit 112 Monitoring unit 120 Providing unit 130 Control unit 140 Platform unit 150 Storage unit 160 Shared processing unit 200 Application 301 Key shared network 302 Cryptographic data communication network

Claims (11)

A sharing processing unit that shares a transmission application key used when transmitting information with one or more external devices and a reception application key used when receiving information.
A first current amount representing the amount of the transmission application key shared with some of the external devices for some of the external devices, and a preset first. The reception that is shared with some of the external devices by comparing with the maximum amount and controlling the continuation or stop of the sharing process of the transmission application key by the sharing processing unit based on the comparison result. The second current amount representing the amount of the application key for use is compared with the second maximum amount set in advance, and based on the comparison result, the sharing process unit continues or stops the sharing process of the reception application key. The control unit to control and
A communication device equipped with. The control unit continues the sharing process of the transmission application key when the first current amount is smaller than the first maximum amount, and when the first current amount is equal to or more than the first maximum amount. When the sharing process of the transmission application key is stopped and the second current amount is smaller than the second maximum amount, the sharing process of the receiving application key is continued, and the second current amount is the second maximum amount. 2 When the maximum amount or more, the sharing process of the receiving application key is stopped.
The communication device according to claim 1. Further, a storage unit for storing the shared transmission application key and the shared reception application key is provided.
A provider that provides the transmission application key and the reception application key stored in the storage unit to one or more applications, and deletes the provided transmission application key and the reception application key from the storage unit. Further prepare
The communication device according to claim 1. The control unit compares the first current amount and the first maximum amount for each of the external devices, compares the second current amount with the second maximum amount, and based on the comparison result, said. Controlling the continuation or stop of the sharing process of the sending application key and the receiving application key by the sharing processing unit.
The communication device according to claim 1. The sharing processing unit shares the link key with the first external device among the external devices, and the transmission application key and the reception application key encrypted by the link key are used among the external devices. By transferring to the second external device via the first external device, the transmission application key and the reception application key are shared with the second external device.
The control unit controls the continuation or stop of at least one sharing process of the link key, the transmission application key, and the reception application key by the sharing processing unit.
The communication device according to claim 1. The sharing processing unit shares the transmission application key and the reception application key with the external device by quantum key distribution.
The communication device according to claim 1. A storage unit for storing the shared transmission application key and the shared reception application key is further provided.
The communication device according to claim 1. For the first maximum amount and the second maximum amount, common values are used with the external device.
The communication device according to claim 1. A sharing processing step for sharing a transmission application key used when transmitting information with one or more external devices and a reception application key used when receiving information.
A first current amount representing the amount of the transmission application key shared with some of the external devices for some of the external devices, and a preset first. The amount of the receiving application key that is compared with the maximum amount, controls the continuation or stop of the sharing process of the transmitting application key based on the comparison result, and is shared with some of the external devices. A control step that compares the second current amount representing the above and the preset second maximum amount, and controls the continuation or stop of the sharing process of the receiving application key based on the comparison result.
Communication methods including. Computer,
A sharing processing unit that shares a transmission application key used when transmitting information with one or more external devices and a reception application key used when receiving information.
A first current amount representing the amount of the transmission application key shared with some of the external devices for some of the external devices, and a preset first. The reception that is shared with some of the external devices by comparing with the maximum amount and controlling the continuation or stop of the sharing process of the transmission application key by the sharing processing unit based on the comparison result. The second current amount representing the amount of the application key for use is compared with the second maximum amount set in advance, and based on the comparison result, the sharing process unit continues or stops the sharing process of the reception application key. Control unit to control,
A program to function as. A communication system equipped with multiple communication devices.
Each of the communication devices
A sharing processing unit that shares a transmission application key used when transmitting information with one or more other communication devices and a reception application key used when receiving information.
A first current amount representing the amount of the transmission application key shared with some of the communication devices for some of the other communication devices, and preset. It is compared with the first maximum amount, and based on the comparison result, the continuation or stop of the sharing process of the transmission application key by the sharing processing unit is controlled and shared with some of the communication devices. The second current amount representing the amount of the receiving application key is compared with the preset second maximum amount, and based on the comparison result, the sharing processing unit continues or continues the sharing processing of the receiving application key. The control unit that controls the stop and
Communication system with.

Images