JP5387026B2 - COMMUNICATION DEVICE, COMMUNICATION SYSTEM, COMMUNICATION METHOD, AND PROGRAM - Google Patents

Description

  The present invention relates to a communication device, a communication system, a communication method, and a program for performing communication between communication terminals using a common key cryptosystem.

  In wireless communication systems that transmit large amounts of data at high speed, a common key encryption system is used as a high-speed encryption method for data concealment in order to secure a secure communication path between the transmission side and the reception side. ing. The common key used in this common key encryption method is exchanged by the public encryption method at the start of communication. A terminal that has obtained a common key of a communication partner using a public key method can perform encrypted communication using a common key encryption method.

  However, there is a possibility that the key may be stolen when exchanging the key in the public key cryptosystem, and in that case, there is a problem that important communication can be performed by impersonating the person himself / herself.

  To deal with such a problem, for example, Patent Document 1 discloses an invention in which a common encryption key is generated between communication apparatuses and a connection between communication apparatuses is time-constrained and spatially constrained.

  However, the method described in Patent Document 1 has a problem that important information may be stolen for exchanging information by a public key method for generating a common encryption key. Therefore, when performing communication using the common key cryptosystem, it is necessary to securely hold a common key between terminals. This is the problem of how the data sender and receiver have the same secret key.

  Therefore, the present invention has been made in view of the above problems, and an object of the present invention is to communicate without exchanging the common key itself so that the common key can be safely held between terminals.

In order to solve the above-described problems, a communication device according to the present invention includes a communication unit that transmits and receives data, a distance measurement unit that measures a distance from a communication partner during communication by the communication unit, and a distance measured by the distance measurement unit. A common key generating means for generating a common key based on the information; an encryption means for encrypting data communicated using the common key generated by the common key generating means; and an encryption encrypted by the encrypting means. A transmission means for transmitting the digitized data to the communication partner, a distance information storage means for storing the distance information measured by the distance measurement means a plurality of times, and determining a bias in the distribution of the plurality of distance information stored by the distance information storage means And a distance information selection means for selecting distance information with little bias, wherein the common key generation means adds the distance information selected by the distance information selection means to the distance information selected by the distance information selection means. And generates a common key Zui.

  According to the present invention, it is possible to communicate by a common key encryption method without transmitting and exchanging the common key itself at each terminal.

It is a conceptual diagram of the common key generation which concerns on embodiment of this invention. It is a figure of the structural example of the terminal which concerns on embodiment of this invention. It is an example of composition of distance measuring method 1 concerning an embodiment of the present invention. It is a structural example of the distance measurement system 2 which concerns on embodiment of this invention. It is a structural example of the distance measurement system 3 which concerns on embodiment of this invention. It is a flowchart which shows 1st Embodiment which concerns on embodiment of this invention. It is a flowchart which shows 2nd Embodiment which concerns on embodiment of this invention. It is a figure which shows the example of the mask of distance information which is 3rd Embodiment which concerns on embodiment of this invention. It is a flowchart which shows 3rd Embodiment which concerns on embodiment of this invention. It is a flowchart which shows 4th Embodiment which concerns on embodiment of this invention. It is a flowchart which shows 5th Embodiment which concerns on embodiment of this invention. It is the figure which showed distribution of the measured distance between the terminals which concerns on embodiment of this invention. It is a flowchart figure which shows the connection of the distance information which considered the deviation of distance of embodiment of this invention. It is a flowchart which shows 6th Embodiment which concerns on embodiment of this invention.

  FIG. 1 is a conceptual diagram of common key generation according to an embodiment of the present invention. In this communication apparatus, when the distance to the partner terminal is measured by both terminals, the distance between the terminals is the same regardless of which terminal is measured if the measurement has sufficient accuracy.

  If the common key source data used in the common key encryption is generated by both terminals based on this distance, the common key source data is shared (generation of the same common key) by both terminals without exchanging the common key itself. Therefore, communication can be performed using a common key encryption method using this common key. In the following description, the common key sharing means that both terminals generate the same common key and use that key as the shared key. For decrypting the communication data, a common key may be used, or a key for decrypting from the common key may be generated and used.

  FIG. 2 is a diagram of a configuration example of a terminal according to the embodiment of the present invention. The terminal of this communication apparatus includes a terminal control unit 1, a distance measurement unit 2, a wireless communication unit 3, an encryption unit 4, a decryption unit 5, a storage unit 6, an operation unit 7, and a display unit 8. And comprising.

  Next, a detailed description will be given regarding each component according to the embodiment of the present invention.

  The wireless communication unit 3 uses a known wireless communication technology. For example, communication is performed by a wireless communication technology such as IEEE802.11a, IEEE802.11b, IEEE802.11g, IEEE802.11n, Wireless-USB, WLP, and next-generation Bluetooth.

  When using Wireless-USB, WLP, or next-generation Bluetooth, the wireless communication unit 3 can include a distance measuring unit 2 described later because the WiMedia (registered trademark) used as the physical layer has a distance measuring function. .

  The encryption unit 4 and the decryption unit 5 use a known common key cryptosystem as means for encryption and decryption.

  The common key encryption method is a method in which the encryption key and the decryption key are the same, or a decryption key is derived from the encryption key and used. Typical common key encryption includes DES and AES.

  DES (which is an abbreviation for Data Encryption Standard, called Death or DIES) is the old national encryption standard of the United States of America or a common key encryption standardized by the standard. .

The AES encryption is a common key encryption method standardized as a new encryption standard (Advanced Encryption Standard) of the United States. Since the encryption standard DES issued in 1977 became obsolete due to technological advances, a new encryption method was solicited and published as FIPS PUB 197 in March 2001.

  Since several methods can be considered for the distance measurement unit 2, some examples of distance measurement will be shown below.

(Distance measurement method 1)
The distance between the terminals is calculated from the time until the response to the transmission of a specific communication is received. It is assumed that the response overhead is known in advance.

  FIG. 3 is a configuration example of the distance measurement method 1 according to the embodiment of the present invention.

  Transmission is instructed from the CPU of terminal A, and radio waves are transmitted from the antenna via wireless circuits such as MAC, PHY, and RF. The signal is received by the antenna of the terminal B and notified to the CPU via a radio circuit such as RF, PHY, or MAC. The CPU gives a response instruction and returns a response through the reverse route. Here, T1 represents transmission time and T2 represents reception time. The times a, c, d, e, and g do not become zero due to the influence of the circuit and protocol. Hereinafter, a, c, d, e, and g are described as overhead.

  All that is required to measure the distance D between the terminals is the required times b and f between the antennas in the solid line portion of FIG. 3, but the observed time is obtained by adding overhead. If this overhead is known in advance, the required time between the antennas can be determined by subtracting the overhead from all the required times, and the distance between the terminals can be calculated.

The distance D between terminals can be obtained by the following calculation formula.
D = c * ((T2-T1)-(a + c + d + e + g)) / 2
Here, c is the speed of light (about 300,000 kilometers per second).

  However, the overhead is not always the same for different models. In order to cope with this, overhead information is owned in advance between terminals. Alternatively, the terminal B responds after a time sufficiently longer than the predetermined overheads c, d, e of the terminal itself. At this time, it is assumed that terminal A knows the overhead of its own terminal.

  For example, if the maximum total of c, d, and e is 10 μs in all terminals, the overhead is determined to be 20 μs, for example, and the response is adjusted so that the response is transmitted from the antenna at this time. The instructions are given. If response time adjustment is performed even during normal communication, communication throughput decreases, so response time adjustment may be performed only during distance measurement.

(Distance measurement method 2)
Terminals A and B have time-synchronized clocks, add the transmission time to the communication, and calculate the distance between the terminals from the time at which they are received.

  FIG. 4 is a configuration example of the distance measurement method 2 according to the embodiment of the present invention.

  The distance D between terminals can be calculated from the speed of light and the time of transmission and reception.

The distance D between terminals can be obtained by the following calculation formula.
D = c × (T2-T1)
Here, D is the distance, c is the speed of light, and T1 and T2 are times common to the terminals A and B.

  In this description, the description of the overhead of the terminal described in the distance measurement method 1 is omitted, but since the overhead actually exists, it is necessary to subtract the overhead when calculating the distance D between the terminals. .

(Distance measurement method 3)
This is a case where the clock accuracy is the same, but the time is not synchronized between terminals. The transmission time and the reception time are added to the communication in both directions from the terminal A to B and from the terminal B to A, and the distance between the terminals is calculated from the time difference.

  FIG. 5 is a configuration example of the distance measurement method 3 according to the embodiment of the present invention.

The distance D between terminals can be obtained by the following calculation formula.
D = c * ((TB1-TA1)-(TB2-TA2)) / 2
Here, D is the distance, c is the speed of light, TA1 and TA2 are the time of terminal A, and TB1 and TB2 are the time of terminal B.

  In this description, the description of the overhead of the terminal described in the distance measurement method 1 is omitted, but since the overhead actually exists, it is necessary to subtract the overhead when calculating the distance D between the terminals. .

  The distance measurement means for communication using WiMedia as a physical layer, such as Wireless-USB, WLP, and next-generation Bluetooth, is basically the method of the distance measurement method 3 described above.

  Since the storage unit 6 is a normal ROM and RAM, the operation unit 7 is a normal keyboard, and the display unit 8 is a normal display, detailed description thereof is omitted.

  The terminal control unit 1 is specifically a CPU or the like, and its control method will be described in detail.

  FIG. 6 is a flowchart showing the first embodiment according to the embodiment of the present invention. This flowchart shows an example in which communication is started from the terminal A.

  Terminal A waits for the start of communication, determines whether communication has started (step S101), and repeats the determination if communication does not start (step S101, NO). When communication is started (step S101, YES), the distance to the partner terminal B is measured at the start of communication (step S102). This distance measurement is assumed to have sufficient accuracy.

Next, a common key is generated based on the measured distance between the partner terminals B (step S103). The distance information itself may be used as a common key as it is, but in that case, since the key may be estimated by observation from the outside, the distance information is converted to a value that is difficult to estimate from the distance by a hash function or the like.
Even when there is not a sufficient number of bits in the distance information, it can be converted into a bit string having a length necessary for the common key by a hash function.

  The terminal B waits for notification of completion of common key sharing, and determines whether key sharing is complete (step S104). If the key sharing is not completed (step S104, NO), the determination is repeated. When the key sharing is completed (step S104, YES), encrypted communication using the common key is started (step S105).

  Next, it is determined whether the encrypted communication is completed (step S106). If the communication is not completed (step S106, NO), the determination is repeated. If the communication is completed (YES in step S106), the encrypted communication routine using the common key based on the distance ends.

  Next, the operation of terminal B will be described. The terminal B measures the distance from the terminal A using the distance measurement from the terminal A as a trigger. It is determined whether distance measurement has been performed from the partner terminal A (step S107). If there is no distance measurement (step S107, NO), the determination is repeated. If there is a distance measurement (step S107, YES), the distance to the partner terminal A is measured (step S108).

  Based on the measured distance between the counterpart terminals A, a common key is generated (step S109). The common key is generated in the same manner as terminal A. When the generation of the common key is completed, a notification of completion of common key sharing is sent to terminal A (step S110). Subsequently, encrypted communication using the common key is started (step S111).

  Next, it is determined whether the encrypted communication is completed (step S112). If the communication is not completed (step S112, NO), the determination is repeated. When the communication is completed (step S112, YES), the encrypted communication routine using the common key based on the distance is ended.

  Here, the start of communication of terminal A is used as a trigger for starting distance measurement. However, since the purpose is to have a common key between a specific pair of terminals, distance measurement may be started from terminal B. In the flowchart of this embodiment, the distance is measured for each communication, and a common key is generated. However, when the first communication is performed, the distance is measured once and the common key is generated, and the common key is used permanently. You may do it.

  In addition, distance measurement is performed during communication and the common key is updated. If the terminal is moving, the common key is changed during communication and communication safety is increased.

  Further, distance measurement and generation of a common key may be performed at the end of communication, not at the start of communication, and encryption communication may be performed with the common key at the next communication. If the distance between the terminals is different at the end of communication and the next communication, a common key cannot be estimated from the distance even if a malicious third party monitors only at the time of communication.

  Further, the common key may be generated by measuring the distance asynchronously with the communication. If the distance between terminals differs during communication and distance measurement, a common key cannot be estimated from the distance even if a malicious third party monitors only during communication.

  As described above, various variations are conceivable in the example of the present embodiment. Moreover, you may make it use combining these.

  In the example of the embodiment other than the case where the distance measurement is performed only once when communicating for the first time, the common key is changed for each distance measurement. Even if it is leaked to a third party, it is automatically changed to a new common key at the next distance measurement, and the security is increased.

  FIG. 7 is a flowchart showing a second embodiment according to the embodiment of the present invention. The basic processing flow is the same as in the first embodiment. However, the only difference is that the time information is used in addition to the distance information in the part for generating the common key. Here, the time information uses the transmission time at the time of distance measurement from the terminal A, but is not limited to this. For example, if the common key is generated based on the time information, the common key is updated even if the terminal is not moving.

  The terminal A waits for the start of communication, determines whether the communication has started (step S201), and repeats the determination if the communication does not start (step S201, NO). When communication is started (step S201, YES), the distance to the partner terminal B is measured at the start of communication (step S202).

Next, a common key is generated based on the measured distance between the partner terminals B and the distance measurement transmission time of the terminal B (step S203). The distance information itself may be used as a common key as it is, but in that case, since the key may be estimated by observation from the outside, the distance information is converted to a value that is difficult to estimate from the distance by a hash function or the like.
Even when there is not a sufficient number of bits in the distance information, it can be converted into a bit string having a length necessary for the common key by a hash function.

  The terminal B waits for notification of completion of common key sharing, and determines whether key sharing is complete (step S204). If the key sharing is not completed (step S204, NO), the determination is repeated. When the key sharing is completed (step S204, YES), encrypted communication using the common key is started (step S205).

  Next, it is determined whether the encrypted communication is completed (step S206). If the communication is not completed (step S206, NO), the determination is repeated. When the communication is completed (step S206, YES), the encrypted communication routine using the common key based on the distance ends.

  Next, the operation of terminal B will be described. The terminal B measures the distance from the terminal A using the distance measurement from the terminal A as a trigger. It is determined whether distance measurement has been performed from the partner terminal A (step S207). If no distance measurement has been performed (step S207, NO), the determination is repeated. If there is a distance measurement (step S207, YES), the distance to the partner terminal A is measured (step S208).

  Based on the measured distance between the counterpart terminals A and the distance measurement transmission time of the terminal A, a common key is generated (step S209). The common key is generated in the same manner as terminal A. When the generation of the common key is finished, a notification of completion of common key sharing is sent to terminal A (step S210). Subsequently, encrypted communication using the common key is started (step S211).

  Next, it is determined whether the encrypted communication has ended (step S212). If the communication has not ended (step S212, NO), the determination is repeated. When the communication is completed (step S212, YES), the routine of the encrypted communication using the common key based on the distance is ended.

  FIG. 8 is a diagram illustrating an example of a distance information mask according to the third embodiment of the present invention. In the distance measurement, there is a possibility that an error may be introduced. When a common key is generated from a simply measured distance, a different common key is generated between terminals, and encryption communication fails. For this reason, by masking the distance measurement error determined by the distance measurement method with respect to the measured distance information, the same common key can be generated and shared with each other.

  For example, according to the WiMedia distance measurement method used for the physical layer in Wireless-USB, WLP, next-generation Bluetooth, and the like, the distance measurement error is “Devices that support not ranging with an accuracy of 60.60”. It is said that.

  If the measurement unit is cm, the lower 7 bits are masked, and information equal to or larger than 127 cm, which is twice the error, is cut off to generate a common key, whereby the same common key can be shared. .

  An example of masking the distance information in consideration of the distance measurement error in WiMedia described above will be described with reference to FIG.

  Assume that the distance information has been converted to 16-bit cm units. The value is an example. The mask data is data for masking the lower 7 bits. In the case of distance measurement methods with different errors, the number of effective digits of the data used as the basis of the key generation information can be changed by changing the mask data. Although the masking is simply performed in the present embodiment, an operation such as rounding off may be performed.

  FIG. 9 is a flowchart showing a third embodiment according to the embodiment of the present invention. This flowchart shows an example in which communication is started from the terminal A.

  Terminal A waits for the start of communication, determines whether communication has started (step S301), and repeats the determination if communication does not start (step S301, NO). When communication is started (step S301, YES), the distance to the partner terminal B is measured at the start of communication (step S302).

  The lower bits are masked so that the distance measurement result does not include the distance measurement error determined by the communication method (step S303). Next, a common key is generated based on the masked distance measurement result (step S304).

  The terminal B waits for notification of completion of common key sharing, and determines whether key sharing is complete (step S305). If the key sharing is not completed (step S305, NO), the determination is repeated. When the key sharing is completed (step S305, YES), encrypted communication using the common key is started (step S306).

  Next, it is determined whether the encrypted communication is completed (step S307). If the communication is not completed (step S307, NO), the determination is repeated. When the communication is completed (step S307, YES), the encrypted communication routine using the common key based on the distance is ended.

  Next, the operation of terminal B will be described. The terminal B measures the distance from the terminal A using the distance measurement from the terminal A as a trigger. It is determined whether distance measurement has been performed from the partner terminal A (step S308), and when there is no distance measurement (step S308, NO), the determination is repeated. If there is a distance measurement (step S308, YES), the distance to the partner terminal A is measured (step S309).

  The lower bits are masked so that the distance measurement result does not include the distance measurement error determined by the communication method (step S310). Next, a common key is generated based on the masked distance measurement result (step S311).

  When the generation of the common key is completed, a notification of completion of common key sharing is sent to terminal A (step S312). Subsequently, encrypted communication using the common key is started (step S313).

  Next, it is determined whether the encrypted communication is completed (step S314). If the communication is not completed (step S314, NO), the determination is repeated. When the communication is completed (step S314, YES), the encrypted communication routine using the common key based on the distance is ended.

  In the present embodiment, an example is shown in which only distance information is used to generate a common key. However, as shown in the second embodiment, a common key may be generated from distance information and time information.

  FIG. 10 is a flowchart showing the fourth embodiment according to the embodiment of the present invention. This flowchart shows an example in which communication is started from the terminal A.

  In the third embodiment, the distance measurement error is obtained based on the measurement method, but the error may vary depending not only on the measurement method but also on the measurement environment. Therefore, a specific code is exchanged after the key is shared, and it is confirmed whether the key is normally shared (generation of the same common key with each other) and can be normally shared (generation of the same common key with each other). If not, the common key is generated by masking from the lower bits of the distance measurement value. This operation is continued until the common key is normally shared. Here, the operation when the distance is measured every time communication is started will be described with reference to the flowchart of FIG.

  Terminal A waits for the start of communication, determines whether communication has started (step S401), and repeats the determination if communication does not start (step S401, NO). When communication is started (step S401, YES), the distance to the partner terminal B is measured at the start of communication (step S402).

  Next, a common key is generated based on the measured distance between the partner terminals B (step S403). Subsequently, an encrypted communication test is performed (step S404). Here, the encrypted communication test is to confirm whether or not the key can be normally shared and encrypted communication is performed by exchanging a specific code by encrypted communication in both directions with the generated common key. .

  Next, it is determined whether or not the key can be shared (step S405). If the key cannot be shared (NO in step S405), the encrypted communication cannot be normally exchanged, and the mask is sequentially performed from the lower bits of the distance information. Is performed (step S406). The mask method is that there is no mask for the first time, the lower 1 bit mask for the second time, the lower 2 bit mask for the third time, and so on. Repeat the judgment of whether or not. This is repeated until the encrypted communication test ends normally. Sharing of the common key between the terminals is finished when the confirmation of whether the encrypted communication test is normal (confirmation of whether the same common key is generated with each other) is completed.

  If the key is shared (step S405, YES), encrypted communication using the common key is started (step S407).

  Next, it is determined whether the encrypted communication has ended (step S408). If the communication has not ended (step S408, NO), the determination is repeated. If the communication is completed (step S408, YES), the encrypted communication routine using the common key based on the distance ends.

  Next, the operation of terminal B will be described. The terminal B measures the distance from the terminal A using the distance measurement from the terminal A as a trigger. It is determined whether or not a distance measurement has been made from the partner terminal A (step S409). If there is no distance measurement (step S409, NO), the determination is repeated. If there is a distance measurement (step S409, YES), the distance to the partner terminal A is measured (step S410).

  Based on the measured distance between the counterpart terminals A, a common key is generated (step S411). Subsequently, an encrypted communication test is performed (step S412).

  Next, it is determined whether or not the key is shared (step S413). If the key is not shared (NO in step S413), the encrypted communication cannot be normally exchanged, and the mask is sequentially performed from the lower bit of the distance information. Is performed (step S414). In the mask method, the first time is no mask, the second time is a lower 1 bit mask, the third time is a lower 2 bit mask,... The same common key is generated). This is repeated until the encrypted communication test ends normally. Sharing of the common key between terminals (generation of the same common key) is completed when the confirmation of whether the encrypted communication test is normal or not.

  If the key is shared (step S413, YES), encrypted communication using the common key is started (step S415).

  Next, it is determined whether the encrypted communication has ended (step S416). If the communication has not ended (step S416, NO), the determination is repeated. When the communication is completed (step S416, YES), the encrypted communication routine using the common key based on the distance is ended.

  In the present embodiment, an example is shown in which only distance information is used to generate a common key. However, as shown in the second embodiment, a common key may be generated from distance information and time information.

  FIG. 11 is a flowchart showing a fifth embodiment according to the embodiment of the present invention. This flowchart shows an example in which communication is started from the terminal A.

  For example, when the WiMedia distance measurement function is used, as described in the second embodiment, the error is about 60 cm, the communicable distance is about 10 m, and the effective distance information is about 16 levels (in terms of the number of bits). There are only 4 bits). Therefore, for example, by connecting the distance measurement information for the past n times, the amount of information on which the common key is based can be increased. The number of times n varies depending on the number of effective bits of the distance information that is the basis for generating the common key and the required encryption strength.

  The terminal A waits for the start of communication, determines whether the communication has started (step S501), and repeats the determination if the communication does not start (step S501, NO). When communication is started (step S501, YES), the distance to the partner terminal B is measured at the start of communication (step S502).

  Next, the distance measurement result is stored (step S503). The data of n times of the past distance measurement result and the latest distance measurement result are concatenated considering the bit string (step S504). Next, a common key is generated based on the connected distance measurement results (step S505).

  The terminal B waits for notification of completion of common key sharing, and determines whether key sharing is complete (step S506). If the key sharing is not completed (step S506, NO), the determination is repeated. When the key sharing is completed (step S506, YES), encrypted communication using the common key is started (step S507).

  Next, it is determined whether the encrypted communication is completed (step S508). If the communication is not completed (step S508, NO), the determination is repeated. When the communication is completed (step S508, YES), the routine of the encrypted communication using the common key based on the distance is ended.

  Next, the operation of terminal B will be described. The terminal B measures the distance from the terminal A using the distance measurement from the terminal A as a trigger. It is determined whether or not distance measurement has been performed from the partner terminal A (step S509). If there is no distance measurement (step S509, NO), the determination is repeated. If there is a distance measurement (step S509, YES), the distance to the partner terminal A is measured (step S510).

  Next, the distance measurement result is stored (step S511). The data of n times of the past distance measurement result and the latest distance measurement result are concatenated considering the bit string (step S512). Next, a common key is generated based on the connected distance measurement results (step S513).

  When the generation of the common key is completed, a notification of completion of common key sharing is sent to terminal A (step S4514). Subsequently, encrypted communication using the common key is started (step S515).

  Next, it is determined whether the encrypted communication has ended (step S516). If the communication has not ended (step S516, NO), the determination is repeated. When the communication is completed (step S516, YES), the encrypted communication routine using the common key based on the distance is ended.

Although the distance measuring function of WiMedia has been described here, other distance measuring techniques may be used.
Since the effective bits obtained by one distance measurement differ depending on the distance measurement error determined for each distance measurement method, the number of distance measurement information to be connected may be changed. Alternatively, how many times the distance information is connected may be fixed regardless of the distance measurement method.

  In this embodiment, the distance measurement is performed once at the start of communication. However, how to perform the distance measurement is not limited to this, and may be measured a plurality of times at the start of communication, and asynchronously with communication. Distance measurement may be performed, or distance measurement may be performed during communication, and the common key may be changed during communication.

  In this flowchart, the measurement error described in the third embodiment and the fourth embodiment is not taken into consideration. However, after the distance measurement, the measurement is performed in the same manner as the third embodiment and the fourth embodiment. You may make it perform the process which considers an error. Since the common key is changed every time the distance is measured, even if the common key leaks to a third party for some reason, it is automatically changed to a new common key in the next distance measurement.

  In the present embodiment, an example is shown in which only distance information is used to generate a common key. However, as shown in the second embodiment, a common key may be generated from distance information and time information.

  Wireless I / F is often used mainly in mobile terminals such as notebook PCs. For this reason, it can be expected that the distance information takes different values when the distance is measured a plurality of times.

  A sixth embodiment according to the embodiment of the present invention will be described. In the fifth embodiment, when a plurality of measurement distances are stored and a common key is generated from the plurality of measurement distances, if the place where the terminals are mainly used is determined, the distance between the terminals may be the same distance. The common key may be biased. In order to cope with this, the distance and the frequency of occurrence thereof are investigated, and the selection of information serving as a basis for generating the common key is changed according to the magnitude of the bias.

  FIG. 12 is a diagram showing a distribution of measured distances between terminals. For example, when the graph of distance and occurrence frequency is as shown in FIG. 12, the distance of the portion indicated by the hatched line with high occurrence frequency is avoided as much as possible. This can be expected to reduce the symmetric key bias.

  FIG. 13 is a flowchart showing the connection of distance information in consideration of the deviation in distance according to the fifth embodiment of the present invention.

  FIG. 13 is a subroutine, and it is assumed that the distance information itself has already been acquired. First, the deviation of distance information is calculated from the distance and frequency (step S601). And it will divide into three processes by the deviation of distance.

  It is determined whether the deviation in distance is small (step S602). If the deviation is small (YES in step S602), the past n times of distance information is selected and connected (step S603), and the process ends as distance information. If the deviation is not small (step S602, NO), it is determined whether the deviation of the distance is medium (step S604). If the deviation is medium (step S604, YES), the frequency is n times less frequently. The distance information is connected (step S605), and the process ends as distance information. If the bias is not moderate (NO in step S604), the bias is large, so the time information is added to the past n times of distance information and connected (step S606), and the process ends as distance information.

The actual processing using this subroutine is shown in the flowchart of FIG. This is the same as that of the fifth embodiment except that the deviation is taken into consideration in the portion where the distance information is connected.
In the present embodiment, the case where the common key is generated from the plurality of distance measurement results of the fifth embodiment has been described, but the case where the common key is generated from one distance measurement result as in the first to fourth embodiments. It can also be applied to.
In that case, as in the case of the fifth embodiment, the past distance measurement result is stored, the bias is determined in the same manner as described above, and one common distance is generated instead of n in the part for generating the common key. A common key may be generated from the measurement result.

  FIG. 14 is a flowchart showing a sixth embodiment according to the embodiment of the present invention. This flowchart shows an example in which communication is started from the terminal A.

  Terminal A waits for the start of communication, determines whether communication has started (step S701), and repeats the determination if communication does not start (step S701, NO). When communication is started (step S701, YES), the distance to the partner terminal B is measured at the start of communication (step S702).

  Next, the distance measurement result is stored (step S703). A distance information bias is calculated from the distance and frequency, and the distance information is linked based on the distance bias. (Step S704). And a common key is produced | generated based on the connected distance measurement result (step S705).

  The terminal B waits for a notification of completion of common key sharing, and determines whether key sharing is complete (step S706). If the key sharing is not completed (step S706, NO), the determination is repeated. When the key sharing is completed (step S706, YES), encrypted communication using the common key is started (step S707).

  Next, it is determined whether the encrypted communication has ended (step S708). If the communication has not ended (step S708, NO), the determination is repeated. When the communication is completed (step S708, YES), the routine of the encrypted communication using the common key based on the distance is ended.

  Next, the operation of terminal B will be described. The terminal B measures the distance from the terminal A using the distance measurement from the terminal A as a trigger. It is determined whether distance measurement has been performed from the partner terminal A (step S709). If there is no distance measurement (step S709, NO), the determination is repeated. If there is a distance measurement (step S709, YES), the distance to the counterpart terminal A is measured (step S710).

  Next, the distance measurement result is stored (step S711). A distance information bias is calculated from the distance and frequency, and the distance information is linked based on the distance bias. (Step S712). And a common key is produced | generated based on the connected distance measurement result (step S713).

  When the generation of the common key is completed, a notification of completion of common key sharing is sent to terminal A (step S4714). Subsequently, encrypted communication using the common key is started (step S715).

  Next, it is determined whether or not the encrypted communication has ended (step S716). If the communication has not ended (step S716, NO), the determination is repeated. If the communication is completed (step S716, YES), the encrypted communication routine using the common key based on the distance ends.

  In addition, the communication apparatus according to the present invention includes a decryption unit that decrypts the encrypted data transmitted by the transmission unit using a common key.

  The distance measuring means of the communication device according to the present invention has time measuring means for measuring the time during communication, and the common key generating means generates a common key based on the distance information and the time measured by the time measuring means. It is characterized by that.

  Further, the communication apparatus according to the present invention has data mask means for creating mask data in which measurement data is masked so as not to include a distance measurement error in the distance information measured by the distance measurement means, and is created by the data mask means. A common key is generated based on the masked data.

  The communication apparatus according to the present invention further includes a common key confirmation unit that confirms whether the common key generated by the common key generation unit is the same as the communication partner, and the common key is not the same by the common key confirmation unit. If confirmed, a common key is generated based on the mask data created by the data mask means.

  The communication apparatus according to the present invention further includes a distance information storage unit that stores the distance information measured by the distance measurement unit a plurality of times, and generates a common key based on the plurality of distance information stored in the distance information storage unit. It is characterized by that.

  The communication apparatus according to the present invention further includes a distance information selection unit that determines a bias of distribution of a plurality of distance information stored by the distance information storage unit and selects distance information with a small bias, and the distance information selection unit A common key is generated based on the selected distance information.

  According to the embodiment of the present invention, since the common key of the common key cryptosystem is generated based on the distance between the terminals, the common key can be shared without exchanging the common key itself.

  According to the embodiment of the present invention, since the common key of the common key cryptosystem is generated based on the time information in addition to the distance between the terminals, the common key is shared even when the distance between the terminals does not change. The key can be updated.

  Further, according to the embodiment of the present invention, since the common key is generated by masking the distance measurement error determined for each communication method, even if the distance measurement method does not have sufficient distance measurement accuracy, the common key is generated. You can share the key.

  Further, according to the embodiment of the present invention, since the distance measurement error is automatically determined and the common key is generated, even if the distance measurement method does not have sufficient distance measurement accuracy, the common key is Can be shared.

  In addition, according to the embodiment of the present invention, since the common key is generated based on the results of the multiple distance measurements, the common key is shared even if the distance measurement method does not have sufficient distance measurement accuracy. I can do it.

  In addition, according to the embodiment of the present invention, the distance is monitored, the common key is generated with priority given to the distance different from the normal, and the time information is automatically generated and used as the common key. Even if there is no terminal, the bias of the generated common key can be suppressed.

  The present invention can be applied to uses such as a communication device that performs communication between communication terminals.

DESCRIPTION OF SYMBOLS 1 Terminal control part 2 Distance measurement part 3 Wireless communication part 4 Encryption part 5 Decomposition part 6 Storage part 7 Operation part 8 Display part T1 Transmission time T2 Reception time TA1 Transmission time TA2 Reception time TB1 Reception time TB2 Transmission time a, b , C, d, e, f, g Overhead D Distance between terminals

JP 2005-51368 A

Claims (7)

A communication means for transmitting and receiving data;
Distance measuring means for measuring a distance with a communication partner during communication by the communication means;
A common key generating means for generating a common key based on distance information measured by the distance measuring means;
Encryption means for encrypting data to be communicated using the common key generated by the common key generation means;
Transmission means for transmitting the encrypted data encrypted by the encryption means to the communication partner;
Distance information storage means for storing the distance information measured by the distance measurement means a plurality of times;
A distance information selection unit that determines a bias in the distribution of the plurality of distance information stored by the distance information storage unit and selects distance information with a small bias;
The communication apparatus according to claim 1, wherein the common key generation unit generates the common key based on the distance information selected by the distance information selection unit. The distance measuring means has time measuring means for measuring time during communication,
The communication apparatus according to claim 1 , wherein the common key generation unit generates the common key based on the distance information and a measurement time measured by the time measurement unit. Data mask means for creating mask data by masking measurement data so as not to include a distance measurement error in the distance information measured by the distance measurement means;
The communication apparatus according to claim 1 or 2 , wherein a common key is generated based on the mask data created by the data masking means. A common key confirmation unit for confirming whether the common key generated by the common key generation unit is the same as the communication partner;
The common key if the common key by checking means that is not the same is confirmed according to claim 3, characterized in that to generate the common key based on the mask data created by the data mask means Communication device. A communication system comprising a plurality of communication devices,
The communication device includes communication means for communicating with another communication device;
Distance measuring means for measuring a distance from the other communication device during communication by the communication means;
A common key generating means for generating a common key based on distance information measured by the distance measuring means;
Encryption means for encrypting data to be communicated using the common key generated by the common key generation means;
Transmitting means for transmitting the encrypted data encrypted by the encryption means to the other communication device;
Distance information storage means for storing the distance information measured by the distance measurement means a plurality of times;
Distance information selection means for judging a bias in the distribution of the plurality of distance information stored by the distance information storage means and selecting distance information with a small bias;
The other communication device has a decryption unit that decrypts the encrypted data transmitted by the transmission unit using the common key,
The communication key characterized in that the common key generation means generates the common key based on the distance information selected by the distance information selection means. A communication step for transmitting and receiving data; and
A distance measuring step for measuring a distance to a communication partner during communication by the communication step;
A common key generation step for generating a common key based on the distance information measured by the distance measurement step;
An encryption step for encrypting data communicated using the common key generated by the common key generation step;
A transmission step of transmitting the encrypted data encrypted by the encryption step to the communication partner;
A distance information storing step for storing the distance information measured by the distance measuring step a plurality of times;
A distance information selection step of determining a bias in the distribution of the plurality of distance information stored in the distance information storage step and selecting distance information with a small bias,
The communication method, wherein the common key is generated based on the distance information selected in the distance information selection step. A communication process for sending and receiving data;
A distance measurement process for measuring a distance to a communication partner during communication by the communication process;
A common key generation process for generating a common key based on the distance information measured by the distance measurement process;
An encryption process for encrypting data to be communicated using the common key generated by the common key generation process;
A transmission process for transmitting the encrypted data encrypted by the encryption process to the communication partner;
A distance information storage process for storing the distance information measured by the distance measurement process a plurality of times;
A program for causing a computer to execute a distance information selection process for determining a bias in a distribution of the plurality of distance information stored by the distance information storage process and selecting distance information with a small bias,
The common key generation process includes a process of generating the common key based on the distance information selected by the distance information selection process.

Images