JP2832448B2 - Secret communication control device - Google Patents

Description

DETAILED DESCRIPTION OF THE INVENTION [Object of the Invention] [Industrial Application Field] The present invention relates to a communication apparatus such as a facsimile apparatus for transmitting image information using a public communication line, for performing confidential communication. The present invention relates to a secret communication control device to be used.

[Prior Art] Various means for encrypting / decrypting communication information have been conventionally proposed. In a facsimile apparatus, for example, Japanese Patent Application Laid-Open No. 59-221167 discloses a facsimile apparatus having a concealment function. No. technology is known.

When performing this type of confidential communication, key information is used for encrypting and decrypting (decrypting) a message. For this type of key, Japanese Patent Application Laid-Open No. 60-62252,
And Japanese Patent Application Laid-Open No. 61-166240 are known.

[Problems to be Solved by the Invention] Conventionally, key information in confidential communication has been stored in an IC card or the like that is removable from an apparatus. Therefore, the transmitted message cannot be decrypted on the receiving side unless between the operators possessing the IC cards with the same key information.

By the way, the degree of confidentiality of information varies depending on the type of the information. For example, some information may be disclosed only to a specific individual, and some information may be disclosed only to a specific group. Therefore, in order to perform confidential communication both between a specific individual and between individuals in a group, a card storing a first key assigned to each personal communication and a card in the group It is necessary for an operator to use two cards in accordance with the confidentiality of information at that time, possessing two of the cards in which the second key assigned to the communication is stored.

However, it is very troublesome to always have two cards. Further, even in the case of performing confidential communication in a group with relatively low secrecy, a communication operation is troublesome because a card is always required and a card selecting operation is also required.

An object of the present invention is to make it possible to use keys in accordance with the confidentiality of information to be transmitted by communication and to reduce the troublesomeness of an operator involved in confidential communication.

[Configuration of the Invention] [Means for Solving the Problems] In order to solve the above problems, in the present invention, message information to be transmitted is encrypted based on specific key information, and encrypted message information to be received is decrypted. A secure communication control device: first key means holding first key information; supporting means for detachably supporting the first key means on the device body; fixedly arranged inside the device body; First
A second key unit holding second key information different from the key information of the first key unit; and identifying whether or not the first key unit is attached to the apparatus main body. The message is encrypted and decrypted based on the first key information stored in the key means, and when not mounted, the message is encrypted and decrypted based on the second key information stored in the second key means. Electronic control means;

According to the present invention, the key information used in the confidential communication includes the first key information held in the first key means (for example, a memory card) detachable from the device main body and the key information stored in the device main body. It is possible to use two types of second key information stored in the obtained second key means (for example, ROM). Of course, if a plurality of first key means are prepared, a plurality of types of first key information can be used. As the key information actually used for the confidential communication, the first key information is automatically selected when the first key means is mounted on the apparatus main body, and the first key information is selected when the first key means is not mounted. 2 is automatically selected.

The second key means is built in the apparatus main body, and holds a fixed key assigned to the apparatus in advance.

In general, information confidentiality can be classified into two types, one that allows disclosure at the level of an individual unit or a small group, and one that allows disclosure within a relatively large number of groups. As for the latter, for example, groups such as business units, floors, and laboratories can be considered. Therefore, in the latter case, it is very difficult for a person other than the group to enter the location where the communication device (for example, facsimile) assigned to the group exists and operate the device, and the key information is transmitted to the secret device. Even if it is stored, the risk that the key information is leaked to a third party is small. Further, since information such as a message appearing on the communication line is encrypted, there is no risk of information leakage from the communication line.

In other words, according to the present invention, when performing highly confidential communication, the first key means (for example, a memory card) possessed by each individual or the like is used to inform a third party who does not possess the information. Can be prevented from leaking. Further, in the case of information having relatively low confidentiality in which disclosure of information is permitted within the group, if communication is performed with the first key means removed from the apparatus main body, the second key information is automatically obtained. When selected, confidential communication limited to a group previously assigned to the device is performed. Therefore, when performing confidential communication within a group, there is no need for an individual to possess a key such as a card, and there is no need to perform a switch operation for switching keys. Moreover, if the first key unit is used in accordance with the confidentiality of information, it is possible to perform highly confidential confidential communication in which an operator is limited on an individual basis.

Other objects and features of the present invention will become apparent from the following description of embodiments with reference to the drawings.

[Embodiment] Fig. 1 shows the configuration of the entire communication system when facsimile communication is performed using the concealing device of the embodiment.

Referring to FIG. 1, facsimile apparatuses (FAX) for communicating with each other are connected to a public telephone line connected to an exchange, and each of the facsimile machines connected to the telephone line is connected to the exchange. , A concealment device is inserted. Each of the facsimile devices shown here is a commercially available device having a G3 mode defined by CCITT, and has not been modified at all. In other words, only by inserting the concealment device of the embodiment on the telephone line,
Secret communication can be performed using an existing facsimile machine.

FIG. 2 shows an outline of the configuration of the concealment device provided on each of the transmission side and the reception side. Referring to FIG. 2, the concealment devices on the transmission side and the reception side have the same configuration. That is,
Each concealment device includes two modems (modulation / demodulation devices), a control device (CPU), and a unit having functions of signal bypass, encryption, and decryption.

When performing confidential communication, on the transmission side, the image information transmitted by the facsimile to the line is input via a modem, and the encrypted information is transmitted to the line via another modem. On the receiving side, the encrypted information appearing on the line is input via a modem, decrypted to reproduce the transmitted image information, and the reproduced information is connected to the facsimile via another modem. On the line. Therefore, each facsimile performs only a normal operation, but the signal is encrypted on the line between the two concealment devices, and confidential communication is performed.

FIG. 13 shows the appearance of one concealment device shown in FIG. Referring to FIG. 13, on the upper surface of the security device 50,
Numeric keypad ST having 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, ♯ and * keys, mode switches SA, SB, SC, SD, SE, and numeric display DP
1, and indicator DP2. Mode switch S
Each of A to SE has a display lamp (light emitting diode)
Is built-in. In addition, a switch SCH, a buzzer BZ, and two insertion ports J1 and J2 are provided on the front surface of the apparatus. J1 is connected to a public telephone line, and J2 is connected to a facsimile. A connector 51 is provided on a side surface of the device. The memory card 130 is detachable from the connector 51.

Next, the configuration of the security device shown in FIG. 3 will be described. Public telephone lines LN1 and LN2 connected to the exchange via the outlet J1, and lines LF1 and L connected to the local office facsimile
A relay RY2 is interposed between F2 and F2. Lines LF1 and LF2 on the facsimile side are connected to a common contact of relay RY2, and telephone lines LN1 and LN2 are connected to one contact of RY2. Further, a line LiB inside the concealment device is connected to the other contact of the relay RY2. In this example, when the relay RY2 is off, the lines LN1 and LN2 are connected to the lines LF1 and LF2, and RY
When 2 is on, the lines LF1 and LF2 are connected to the line LiB.

Further, the telephone lines LN1 and LN2 are connected to the line LiA inside the concealment device via the normally open contact of the relay RY1. The telephone lines LN1 and LN2 have a polarity reversal detection circuit 2
10 and the call detection circuit 220 are connected, and a current supply circuit 230 is connected to the line LiB inside the security device.

Other components of the security device include a microcomputer (CPU) 100, ROM 110, RAM 120, memory card 130, R
An OM (built-in key) 130B, power supply 140, random number generation circuit 150, input / output interface (I / O) 180, modems 300 and 400, buffer circuit 500, and encryption / decryption processing circuit 600 are provided.

The two modems 300 and 400 are each CCITT V27ter or G3
It has a communication function that complies with the standard.

The data bus of microcomputer 100 has buffer 5
It is connected to the data bus DBM1 of the modem 300 and the data bus DBM2 of the modem 400 via 00. Therefore, the microcomputer 100 can communicate with the facsimile of the local station via the modem 300 and can communicate with the facsimile of the other party via the modem 400. The buffer 500 and the encryption / decryption processing circuit 600 are connected by the internal data bus (2). By controlling the buffer circuit 500, the data bus (2) can be connected to the data bus DBM1 of the modem 300 or the data bus DBM2 of the modem 400.

Therefore, for example, when a facsimile on the local station side performs transmission, image information to be encrypted is input to the modem 300 from the line LiB and demodulated, and is transmitted from the data bus DBM1 to the buffer 500.
And appears on the data bus of the microcomputer 100, and is applied to the terminals of the X group of the encryption / decryption processing circuit 600. The circuit 600 encrypts data applied to the terminals of the X group and outputs the data to the data bus (2) via the terminals of the Y group. This encrypted data is
The data is output to the data bus DBM2 through the buffer 500. Then, it is modulated by the modem 400 and sent out from the line LiA to the telephone lines LN1 and LN2.

Conversely, when the facsimile of the local station performs reception, the encrypted image information to be decrypted is input to the modem 400 from the line LiA, demodulated, and transmitted from the data bus DBM2 through the buffer 500 to the data bus ( Appears in 2) and is applied to terminals of the Y group of the encryption / decryption processing circuit 600. The circuit 600 decodes or decrypts the information and outputs the decrypted information to the terminals of group X. This information
The data is applied to the modem 300 through the data bus of the microcomputer 100, through the buffer 500, and through the data bus DBM1. The modem 300 modulates the information and sends it out to the local station's facsimile lines LF1 and LF2 via the line LiB.

The memory card 130 and the ROM 130B are each used as a kind of key in confidential communication, and hold mutually different information as keys. As described later, in this embodiment, the memory card 130 is connected to the connector 51 of the secret device.
When the memory card 130 is inserted into the device, the information stored in the memory card 130 is automatically selected as a communication key. When the memory card 130 is not inserted, the information stored in the ROM 130B built in the device is used as the communication key. Is automatically selected as A normal message can be reproduced on the receiving side only when the keys in the concealing devices on both the transmitting side and the receiving side match.

Subsequently, the configuration of each circuit will be described in more detail. Details of each circuit in FIG. 3 are shown in FIGS. 5a, 5b, 5c, 5d,
6a, 6b, 7a, 7b, 8 and 9 are shown.

First, a description will be given with reference to FIG. 5a. This circuit includes a microcomputer 100 and its peripheral circuit elements. The microcomputer 100 used here is H
D63B03R. Latch LT1 microcomputer 10
It functions as an address latch that extracts the lower 8 bits of address information (A7-A0) superimposed as a data bus signal of 0. The address bus contains a microcomputer
The upper 8 bits (AD15-AD8) directly output by 100 and the lower 8 bits (AD7-AD0) output by address latch LT1
A 6-bit signal appears.

Various chip select signals selected by various peripheral circuits connected to the microcomputer 100 are supplied to a decoder.
It is generated by an address decoder composed of DE2 and various logic gates (G5, G6, G7, G8, G9). That is, when an address previously assigned to each of the peripheral circuits appears on the address bus, the corresponding chip select signal is decoded and the signal becomes active.

FIG. 5b shows the ROM 110, the RAM 120, and the memory card 130. These circuits are connected to the microcomputer 100 via an address bus, a data bus, and a control bus. DE1 is a decoder.

FIG. 5c shows the input / output interface 180. This circuit includes an integrated circuit 181 connected to an address bus, a data bus, and a control bus of the microcomputer 100, and a switch SW1 connected to its port.
−SW6, light emitting diode LED1−LED7, buzzer BZ, numeric keypad ST
And the display DP1 are connected. Switches SW1 to SW
6 corresponds to the switches SA, SB, SC, SD, SE and SCH in FIG.

FIG. 5d shows a power supply circuit 140 and a random number generation circuit 150. The power supply circuit 140 has a function of converting the power of the commercial AC power supply (AC100V) into various DC voltages, and does not have a particularly new configuration.

On the other hand, the random number generation circuit 150 forms an analog voltage comparison circuit. The voltage of one of the two comparison input terminals is stabilized, and the pulsating voltage output from the power supply circuit 140 is applied to the other input terminal. This pulsating voltage is obtained by smoothing a full-wave rectified AC (50 Hz) waveform, and the voltage constantly changes slightly and contains various noises mixed in the power supply line. . The threshold level of the analog voltage comparison circuit is set to an intermediate level in a range where the level of the pulsating signal changes.

Therefore, a pulse signal RMD having a small periodicity appears at the output terminal of the comparison circuit. By sampling the signal RMD sequentially, random random data can be obtained, depending on the sampling period. In this embodiment, the random number data generated in this manner is used as a key code for performing confidential communication.

Next, refer to FIG. 6a. This circuit includes a polarity inversion detection circuit 210, a call detection circuit 220, and relays RY1 and RY2. Relays RY1 and RY2 are connected to signals NCU-RL1 and NCU-RL output from microcomputer 100, respectively.
On / off control by 2

The polarity reversal detection circuit 210 determines the presence or absence of a current flowing through the telephone lines LN1 and LN2 and identifies the direction of the current. In order to detect the current of the line LN1, photocouplers PC1 and PC2 each composed of a light emitting diode and a phototransistor are provided.
Is provided. Since the light emitting diodes of each photocoupler are interposed on the line LN1 with opposite polarities, when a current flows in one direction, PC1 turns on and PC2 turns off, and when a current flows in the other direction, PC1 turns off. And PC2 turns on. When no current flows, two photocouplers PC1, PC2
Are both turned off.

In a telephone line, no current flows through the line when the line is on-hook, that is, when the line is opened, and a current flows when the line goes off-hook. Therefore, in this embodiment, the off-hook signal is activated when a current flows in any direction. The two signals POL1 and POL2 are turned on / off according to the direction of the current. Since the polarity of the voltage on the telephone lines LN1 and LN2 is inverted by the exchange, this function is provided to check the polarity of the line at that time. This function disconnects the local station facsimile from the lines LN1 and LN2 and connects it to the secret device.
1, used to match the polarity of the voltage supplied to LF2 with the telephone lines LN1 and LN2.

The call detection circuit 220 has a function of detecting a call signal appearing on the telephone lines LN1 and LN2. Since the call signal is an AC signal, in this circuit, the signal whose DC component is cut off by the capacitor is passed through a full-wave rectifier circuit to be rectified, and when a signal of a predetermined level or more appears on the rectified output, the incoming call signal is turned on. It is configured in.

FIG. 6b shows the current supply circuit 230. This circuit has a function of supplying a voltage to the lines LF1 and LF2 of the facsimile apparatus of the own station side when the facsimile of the own station side is disconnected from the telephone lines LN1 and LN2 and connected to the line LiB on the concealment mounting side. The polarity of the voltage is determined by the telephone line LN1, LN2 at that time.
The polarity signals POL1 and POL2 output from the polarity inversion detection circuit 210 described above are used in order to make the polarities coincide with each other.

Therefore, even if the existing facsimile apparatus monitors the voltage and current of the line to which it is connected and performs control according to the state, the connection of the facsimile line is kept secret from the telephone line. Switching to the device does not cause any problem. In addition, a voltage of 48 V normally appears on the telephone lines LN1 and LN2,
The current supply circuit 230 supplies a voltage of 28V.

FIG. 7a shows the modem 300. Most of the circuitry of this modem is a single-chip integrated circuit (R48PC
J) 310. This integrated circuit 310 is a CCITT
It has a function conforming to V27ter. Basically, as a function of the integrated circuit 310, a function of converting a digital signal applied to its data terminal (D7-D0) into a serial signal, performing modulation, and outputting it to a serial transmission output terminal TXOUT,
Data signal (D7-D0) by demodulating the serial signal applied to serial reception input terminal RXIN and converting it to parallel data
There is a function to output.

The signal output from the serial transmission output terminal TXOUT of the integrated circuit 310 passes through the signal processing circuit 320, passes through the transformer 330, and is output to the line LiB. The signal input from the line LiB passes through the transformer 330, passes through the signal processing circuit 320, and is applied to the serial reception signal input terminal RXIN of the integrated circuit 310. The data terminals (D7-D0) of the integrated circuit 310 are connected to the data bus DBM1.

FIG. 7b shows the modem 400. Most of the circuits of this modem are constituted by a single-chip integrated circuit 410. The integrated circuit 410 is the same as the integrated circuit 310. Serial transmission output terminal T of integrated circuit 410
The signal output from XOUT passes through the signal processing circuit 420,
Output to the line LiA through the transformer 430. Also, track
The signal input to the LiA passes through the transformer 430, passes through the signal processing circuit 420, and passes through the serial reception input terminal of the integrated circuit 410.
Applied to RXIN. Data terminal of integrated circuit 410 (D7-D
0) is connected to the data bus DBM2.

The logical sum of the interrupt request signal IRQ1 output by the modem 300 shown in FIG. 7a and the interrupt request signal IRQ2 output by the modem 400 shown in FIG. 7b is output from the logic gate G15. Is applied to the interrupt request input terminal INT of the microcomputer 100.

FIG. 8 shows the buffer circuit 500. Referring to FIG. 8, each of these circuits functions as a bidirectional three-state bus buffer. Integrated circuits (74HC245) 510,520 and
530. A group A terminal of the integrated circuit 510 is connected to the data bus DBM2 of the modem 400,
The terminal of group A is connected to the data bus DBM1 of the modem 300, and the terminal of group A of the integrated circuit 530 is connected to the data bus of the microcomputer 100. Also,
The terminals of each B group of the integrated circuits 510, 520, 530 are commonly connected to the internal data bus (2).

Therefore, by controlling the integrated circuits 510 and 530, data can be transmitted in any direction between the data bus of the microcomputer 100, the internal data bus (2), and the data bus DBM2 of the modem 400. By controlling the integrated circuits 520 and 530, the data bus of the microcomputer 100, the internal data bus (2),
And data bus DBM1 of modem 300, data can be transmitted in any direction.

FIG. 9 shows a specific configuration of the encryption / decryption processing circuit 600. Referring to FIG. 9, this circuit is roughly divided into a key code holding circuit 610, an encryption circuit 620, and a decryption circuit 630.

First, the key code holding circuit 610 will be described. This circuit comprises a PROM (programmable ROM) 611 and two latches 612,
It consists of 613. Address terminals of PROM611 (A0 to A
7), the information of the master key is applied from the microcomputer 100. In the PROM 611, different key codes are stored in advance at each address, and by giving address information, an 8-bit key code existing at the address is output to the data terminals (D0 to D7).

By controlling the latch control signals KLT1 and KLT2,
The information output by PROM 611 is stored in latches 612 and 61, respectively.
3 can be held. By changing the master key given to the PROM 611 between when the latch control signal KLT1 is output and when the KLT2 is output, the data held in the latch 612 and the data held in the latch 613 have different values. The 8-bit data held in the latch 612 is applied as a key code KA, and the 8-bit data held in the latch 613 is applied as a key code KB to the encryption circuit 620 and the decryption circuit 630, respectively.

Next, the encryption circuit 620 will be described. This circuit includes a 4-bit full adder 621,622, an exclusive OR (exclusive-or-OR) circuit 623,624, and a three-state output buffer 62.
Consists of five. Information (X0-X3) of the lower 4 bits of the information X to be encrypted is applied to the input terminal of group A of the full adder 621 via the data bus, and the key code KA is applied to the input terminal of group B. The lower 4 bits (K0-K3) are applied. The upper 4 bits (X4-X7) of the information X to be encrypted are applied to the input terminal of the group A of the full adder 622 via the data bus, and the key code KA is applied to the input terminal of the group B. The upper 4 bits (K4−K7) are applied. The carry output of full adder 621 is applied to the input terminal of full adder 622.

The output terminal of each E group of the full adders 621 and 622 is applied to the input terminal of the A group of the exclusive OR circuits 623 and 624, respectively. Also, the exclusive OR circuit 623 B
The lower 4 bits (K8
−K11) is applied, and the upper 4 bits (K12−K15) of the key code KB are applied to the input terminal of the B group of the exclusive OR circuit 624.
Is applied.

4 output from the output terminal Y of the exclusive OR circuit 623
The bit signal and the 4-bit signal output from the output terminal Y of 624 pass through the buffer 625 and are output to the internal data bus (2) as 8-bit encrypted information Y.

Next, the decoding circuit 630 will be described. This circuit includes 4-bit full adders 633 and 634, exclusive OR circuits 631 and 632, a three-state output buffer 635, and an inverter group. The lower 4 bits (Y0-Y3) of the encrypted information Y are input to the input terminal of the group A of the exclusive ethics sum circuit 631.
Is applied from the internal data bus (2), and the lower 4 bits (K8-K11) of the key code KB are applied to the input terminal of group B.
Is applied. The upper 4 bits (Y4-Y7) of the encrypted information Y are applied to the input terminal of the group A of the exclusive OR circuit 632 from the internal data bus (2).
The upper 4 bits (K12-K15) of the key code KB are applied to the input terminals of the group.

The signals output from the output terminals of the respective E groups of the exclusive OR circuits 631 and 632 are supplied to the full adders 633 and 6 respectively.
It is applied to the input terminal of the 34 B group. Full adder 633
A signal obtained by inverting the lower 4 bits (K0-K3) of the key code KA is applied to the input terminal of the group A of FIG.
The 634 A group input terminals have the top 4 key codes KA.
Signals obtained by inverting the bits (K4-K7) are applied.

4-bit information output by full adder 633 and full adder 634
Outputs the 4-bit information via the buffer 635,
The information is output to the data bus of the microcomputer 100 as the decoded 8-bit information X.

Note that the method of the encryption process performed by the encryption circuit 620 and the decryption circuit 630 is basically known in the related art, and therefore a description thereof will not be necessary. FIG. 4 shows a simplified version of the processing of the encryption / decryption processing circuit 600 shown in FIG.

FIG. 10 shows the internal structure of the memory card 130 used in this embodiment. Referring to FIG. 10, the memory card includes a read / write memory (RAM), a battery, a control circuit, and a connector 134. The connector 134 allows the memory card to be detachably attached to the main body (connector 51) of the concealment device. I have. Each terminal of the connector 134 has a power line (Vc
c), card set signal terminal (CST), chip select signal terminal (CS), write control output (WPOUT), write control input (WE), output enable input (OE), address bus (A0-
A12) and a data bus (D0-D7). R
An ID code (pre-assigned) unique to the memory card is written in AM131. In this embodiment, one of the ID code stored in the memory card 130 and the ID code stored in the ROM 130B is selectively used. The selection is automatically determined according to whether or not the memory card 130 is mounted on the apparatus main body.

Next, an actual communication operation will be described. 11a, 11b, 11
c, 11d, 11e, 11f and 11g,
12a, 12b, 12c, 12d show the operation of the security device.
Figure, Figure 12e, Figure 12f, Figure 12g, Figure 12h, Figure 12i,
This is shown in FIGS. 12j and 12k. Note that the processing of the facsimile apparatus itself is the same as that of the conventional apparatus, and therefore, its portion will be briefly described.

Hereinafter, the contents of the processing will be described with reference to the drawings. In the description, it is assumed that a communication system is configured as shown in FIG. In the following description, the symbols (indicated in parentheses) of the signals transmitted in the communication processing use the abbreviations defined by the CCITT recommendation. Further, the facsimile is described assuming that both the calling side and the called side operate in the automatic mode.

In the calling facsimile, the hook is turned off (corresponding to the operation of lifting the handset), and upon detecting a dial tone from the exchange, the number of the partner station is dialed (No. 11a).
See figure).

When the called side detects a ringing tone (ring tone) from the exchange, the hook is turned off, and then a called station identification signal (CED) indicating that it is a facsimile is transmitted to the line. The calling side continues to transmit a calling tone (CNG) indicating that the calling side is a facsimile to the line until this signal (CED) is detected.

After detecting the signal (CED), the calling side enters a facsimile communication mode. After sending the signal (CED), the called party indicates that the called device has the standard capability of CCITT.
Transmits a digital identification signal (DIS). That is, the signal (D
IS) determines which mode (G
1, G2, G3, etc.) Inform the calling side whether communication capability exists.

The calling side checks from the contents of the digital identification signal (DIS) transmitted from the called side whether or not it matches the communication capability of its own facsimile, determines a communication mode that matches both communication capabilities, and A digital command signal (DCS) responsive to the signal is returned to the called party. Following that, a training check signal (TC
F) Send. After receiving the signal (DCS), the called party
A signal (TCF) is received in a specified mode, and a signal (CFR or FTT) indicating the reception result is returned.

On the calling side, according to the returned reception result, if the communication condition is good, the process proceeds to the next message transmission step. If the condition is not good, the communication mode is changed (generally, the communication speed is reduced), and the signal (TCF) is again transmitted. ) Is sent.

When the calling side receives the signal (CFR), it sends a training signal, synchronizes the called side, and then sends a message. The called side receives the message after synchronizing with the training signal.

On the called side, after the calling side transmits the one-page document, it continues to receive the signal until it detects a signal (RTC) to be transmitted to indicate the end.

When the original of one page is transmitted, the calling side detects whether or not the original is the final original. If the original is not the final original, the multi-page signal (MPS) is transmitted, and then the reception confirmation signal (MCF) transmitted from the receiving side Or, it receives a retraining signal (RTP, RTN). Then, based on the received signal, the transmission mode is changed, the training is transmitted, or the line is disconnected.

If it is the last document, the procedure is interrupted by an interrupt, and it is determined whether or not the mode is changed. If the mode is not changed, a procedure end signal (EOP) is transmitted, and then the circuit disconnection operation is started. To change the mode, use signals (MCF, RTP, RT
N), the digital identification signal (DIS)
Wait until you receive.

On the called side, signals (MPS), (EOP),
(EOM: message end), and responds with one of signals (MCF), (RTP), and (RTN).
Return to the command receiving state. Otherwise, a circuit disconnection operation is started.

 Next, the operation of the secret device will be described.

First, it is determined whether the facsimile of the own station belongs to the calling side or the called side. That is, in FIG. 12a, in step A52, the signal output from the call detection circuit 220 (incoming call) is checked, and in step A55, the hook signal output from the polarity detection circuit 210 is checked, and the incoming call detection and hook-off detection are performed. , The caller or the called party is detected. If the called side, firstly because the first incoming call signal is detected, stores the 1 to the register C ₁ in step A53. If the caller, and stores 0 in the register C ₁ in step A54 when the incoming call signal is not detected, since hooking off is detected, the processing proceeds to the next step. Accordingly, in the subsequent processing, by referring to the register C _1, a facsimile of the own station can identify whether the calling or called party.

Next, in step A58, the state of the switch SW4 is referred to.
The switch SW4 is operated according to the intention of the operator for confidential communication. If the switch SW4 is on, it is considered that there is a will of the confidential communication, and then the process proceeds to step 72.
If SW4 is off, the process returns to step A55. If the switch SW4 remains off, the process will not proceed to step 72 and subsequent steps.
This device does not perform a concealment operation, and normal communication is performed between facsimile machines.

In the next step A72, the card mounting signal CST output from the memory card 130 is referenced via the input port P16,
It is determined whether or not the memory card 130 is mounted on the secret device. The signal CST becomes H (high level) when the card 130 is attached to the connector of the concealment device, and otherwise becomes L (low level). Detect presence / absence.

If the card insertion is detected in step A72, the key information written in the memory card 130 is read out in step A73 and held as a master key. Since the memory card 130 is arranged at a predetermined memory address of the microprocessor 100, the operation of reading the key information in the card 130 is the same as the operation of accessing a general memory.

If it is determined in step A72 that the card is not inserted, in step A74, the key information written in the ROM 130B is read, and the data is held as a master key.

Different key information is stored in the memory card 130 and the ROM 130B in advance. Therefore, the master key to be used is automatically switched depending on whether or not the memory card 130 is attached to the secret device. The key information of the ROM 130B is set to the same content for all concealment devices assigned to the same group (for each business unit, each floor, each laboratory, etc.), and the content differs between devices of different groups. It is set as follows. That is, when using the key of the ROM 130B, the master keys match in the same group, but the master keys do not match between devices in different groups. If the master keys do not match, the encryption cannot be decrypted, and there is no risk that the encrypted transmission information will leak to devices in different groups.

After deciding the master key, go to step A59
The Y1 on, check the value of the register C ₁ in step A60, performing the processing of the calling or called party.

If the own station is the called side, in step A69, the switch (FAX
-SW: SW1) is checked to determine whether the facsimile mode of the own station is manual or automatic. If it is manual, proceed to step A70, turn on the relay RY2, connect the lines LF1 and LF2 of the own station facsimile to the line LiB in the secret device, and step A7
In step 1, a signal (CED) is sent to the other party, that is, the calling station.

If the facsimile of the own station is in the automatic mode, the process proceeds to step G51 in FIG. 12g. Then, when detecting the signal (CED) from the facsimile of the own station, after a predetermined time T _x2, relay RY
2 is turned on, and the lines LF1 and LF2 of the own station facsimile are connected to the line LiB in the concealment device.

Next, the state of the secret switch (SW2) is checked.
If the switch is on, it is regarded as secret
Store the ACTC, otherwise store the NACTC in Mr. Next, the process proceeds to step G61 to set a state in which the signal (DIS) can be received.

Next, the process proceeds to step H51 in FIG. 12h to send the contents of the register Mr to the partner station.

Here, a case where the own station is the calling side will be described. In that case,
The process proceeds to step B51 shown in FIG. 12b, and first waits until a signal (CED) is detected. When this signal (CED) is detected, the process proceeds to step B56. If the called station is a normal facsimile, DIS or DTC is sent here. However, if the concealment device of the called station is operating, D (Following the signal (CED))
Instead of IS or DTC, the contents of Mr are sent in step H51 in FIG. 12h. In this case, when the predetermined time _Tx2 has elapsed, the process proceeds from step B57 to step B58, where the relay RY2 is turned on to switch the connection of the line, and in step B59, the state of the secret switch (SW2) is identified, and according to the result, Set the contents of register Mt. Then, since the content of the register Mr is received, the process proceeds from step B66 to step C5 in FIG. 12c.
Proceed to 1. Then, one of the registers Mr and Mt is ACTC,
That is, if the request is for secrecy, the process proceeds to step C55.

In step C55, the level of the signal RDM output from the random number generation circuit is repeatedly sampled, thereby generating a random number code R. In step C56, the generated random number code R is provided as an input X of the encryption / decryption processing circuit 600, and the master key obtained from the memory card 130 or the ROM 130B is provided to the encryption / decryption processing circuit 600. It generates key codes KA and KB corresponding to the master key, and generates information Ct obtained by encrypting the random number R. In the next step C57,
The information Xt obtained by adding the code Ct to the code ACTC is transmitted to the called station.

The called station receives the information Xt from the calling station in step H52 of FIG. 12h. If Xt is not NACTC, the process proceeds to step H56. In step H56, the master key obtained from the memory card 130 or ROM 130B of the called station is supplied to the encryption / decryption processing circuit 600, and key codes KA and KB corresponding to the master key are generated. Then, the received encryption is given to the encryption input Y of the encryption / decryption processing circuit 600, and the encryption is decrypted. The decrypted information R 'is output to the data bus. In the next step H57, the decrypted information R 'is used as a master key, and the encryption / decryption processing circuit 600
To generate a key code KA, KB corresponding to the master key. Then, the information R 'is input to the encryption / decryption processing circuit 600 as input information X, which is encrypted, and the obtained encryption Xr is sent to the calling station.

Upon receiving the encryption Xr in step C58, the calling station proceeds to step C59. In Step C59, the encryption Xr is
The data is input to the encryption input Y of the encryption / decryption processing circuit 600, and is given to the encryption / decryption processing circuit 600 as the master key with the same value as the initially transmitted random number to decrypt the encryption Xr. The information R ″ to be decrypted in this manner is: R ″ = Dr (Er ′ (R ′)) (1) where R ′: Re ′ decrypted by the called side Er ′: encryption of the called side Since the function Dr is a function of decryption on the calling side, if all the encryption and decryption conditions on the calling side and the called side match, R ″ becomes equal to the random number R sent first. If the ID codes stored in the memory card of the calling party and the memory card of the called party are different, R
Does not match R ". The calling station compares R and R" in step C60, and if they match, the process proceeds to step C62, where 1 is stored in the register Rf and transmitted to the called side. I do. If they do not match, the sending of the cipher and the checking of the returned cipher are repeated three times. If there is no match in the three checks, the operation of the confidential communication is prohibited.

On receiving the Rf at step H58 in FIG. 12h, the called side proceeds to the processing after step H61.

Until the confidential communication is enabled as described above, the facsimile of the called station continues to transmit the digital identification signal (DIS), and the facsimile of the calling station continues to wait for the signal. ing. When the concealment device on the called station side proceeds to step H65, it has already received the digital identification signal (DIS) from its own facsimile, and transmits the signal to the station on the other side (calling side). I do.

When the confidential communication is enabled in this manner, the information is transmitted in the same procedure as in the normal facsimile communication. In this case, the confidential device is connected to the facsimile of its own station and the counterpart station (the confidential device). ), The information transmitted by the facsimile of the local station is transmitted to the partner station via the concealment device, and the information transmitted from the partner station is transmitted to the partner station via the concealment device. Sent to the office facsimile. When mediating, the image information is encrypted or decrypted. In that case, the information to be encrypted is applied to the input terminal X of the encryption / decryption processing circuit 600, and the information to be decrypted is applied to the input terminal Y. Further, as a master key code of the encryption / decryption processing circuit 600, a random number which has already been transferred between the own station and the other station, confirmed and collated, is used in any station. That is, different values are used for the key used in the confidential communication, that is, the session key every time the communication is performed. Therefore,
Extremely safe.

In the above embodiment, the encryption / decryption is performed by the arithmetic addition and the exclusive OR operation. However, the encryption method may be modified by using various other conventionally known methods. The invention can be implemented as well. For example, a method of successively updating by a method such as counting up the value of a key, such as a stream cipher, or a method of using data immediately before encryption as a key may be used.

Further, in the embodiment, the confidential communication in the case of performing communication between facsimile devices has been described. However, as long as the device performs communication in the same communication procedure, not only the facsimile but also the confidential communication using the device of the present invention is used. It is possible to do.

[Effects] As described above, according to the present invention, the key information used in the concealment device is the same as the first key information held in the first key means (memory card 130) detachable from the device main body. Two types of second key information stored in second key means (ROM 130B) built in the apparatus main body can be used. Of course, if a plurality of first key means are prepared, a plurality of types of first key information can be used. As the key information actually used for the confidential communication, the first key information is automatically selected when the first key means is mounted on the apparatus main body, and the first key information is selected when the first key means is not mounted. Since the key information of No. 2 is automatically selected, a switch operation for key selection is unnecessary.

When performing confidential communication with high secrecy, it is possible to completely prevent information from leaking to a third party who does not have the first key means possessed by each individual or the like. Further, in the case of information having relatively low confidentiality in which disclosure of information is permitted within the group, if communication is performed with the first key means removed from the apparatus main body, the second key information is automatically obtained. When selected, confidential communication limited to a group previously assigned to the device is performed. Therefore, when performing confidential communication within a group, there is no need for an individual to possess a key such as a card, and there is no need to perform a switch operation for switching keys. Moreover, if the first key unit is used in accordance with the confidentiality of information, it is possible to perform highly confidential confidential communication in which an operator is limited in individual units.

[Brief description of the drawings]

FIG. 1 is a block diagram showing the configuration of the entire communication system using the concealment device of the embodiment. FIG. 2 is a block diagram showing an outline of a configuration of a concealment device provided on each of a transmission side and a reception side. FIG. 3 is a block diagram showing a configuration of one concealment device of the embodiment. FIG. 4 is a block diagram schematically showing functions of the encryption / decryption processing circuit 600. 5a, 5b, 5c, 5d, 6a, 6b,
7a, 7b, 8, 9, and 10 are block diagrams showing the detailed configuration of each unit shown in FIG. 11a, 11b, 11c, 11d, 11e, 11f
FIG. 11 and FIG. 11g are flowcharts showing the contents of the facsimile communication process. 12a, 12b, 12c, 12d, 12e, 12f
FIG. 12, FIG. 12g, FIG. 12h, FIG. 12i, FIG. 12j, and FIG. 12k are flowcharts showing the operation of the security device. FIG. 13 is a perspective view showing the appearance of the security device of the embodiment. 51: connector (support means) 100: microcomputer (electronic control means) 110: ROM, 120: RAM 130: memory card (first key means) 130B: ROM (second key means) 134: connector, 140: Power supply 150: random number generation circuit 180: input / output interface 210: polarity reversal detection circuit 220: call detection circuit 230: current supply circuit, 300,400: modem 310, 410: integrated circuit 320, 420: signal processing circuit 330, 430: transformer 500: buffer circuit 600: encryption Encryption / decryption processing circuit 610: key code holding circuit 611: PROM, 612,613: latch 620: encryption circuit, 621,622: full adder 623,624: exclusive OR circuit 625: buffer, 630: decryption circuit 631,632: exclusive OR circuit 633,634: Full adder 635: Buffer, RY1, RY2: Relay LN1, LN2: Public telephone line LF1, LF2: Line, LiA, LiB: Line LT1: Latch, DE1, DE2: Decoder SW1-SW6: Switch LED1 −LED7: Light emitting diode BZ: Buzzer PC1, PC2: Photo coupler

──────────────────────────────────────────────────続 き Continuation of the front page (56) References JP-A-1-189246 (JP, A) JP-A-1-246696 (JP, A) JP-A-59-224965 (JP, A) JP-A-60-1985 62252 (JP, A) JP-A-61-166240 (JP, A) JP-A-61-270940 (JP, A) (58) Fields investigated (Int. Cl. ⁶ , DB name) H04K 1/00-3 / 00 H04L 9/00-9/38 G09C 1/00-5/00 H04N 1/38-1/44 H04M 1/00-1/78

Claims (1)

(57) [Claims] 1. A secret communication control device for encrypting message information to be transmitted and decrypting encrypted message information to be received based on specific key information: first key means holding first key information Supporting means for detachably supporting the first key means on the apparatus main body; second key fixedly disposed inside the apparatus main body and holding second key information different from the first key information Means; and identifying whether or not the first key means is attached to the apparatus main body;
When it is mounted, the message is encrypted and decrypted based on the first key information held in the first key means, and when it is not mounted, the second key held in the second key means is encrypted.
Electronic control means for encrypting and decrypting a message based on the key information of the secret communication control device.