JP7120607B2 - Secret key sharing system and secret key sharing method - Google Patents

Description

The present invention relates to a secret key sharing system and a secret key sharing method for sharing a secret key between a sender device and a legitimate receiver device using optical space communication.

Toward the realization of quantum computers in recent years, research institutes not only in Japan but also overseas are proceeding with development, and it is expected that quantum bit computers that support large-capacity quantum bits will be realized in the future. Although this large-capacity qubit computer could be realized in principle, it was believed that it would take an enormous amount of processing time. Current encryption methods seek security in the mathematical difficulty of the discrete logarithm problem and prime factorization, but if this qubit computer is realized, such mathematical difficulty will be solved. Even if it is included in the encryption, it can be deciphered. Therefore, there is a threat such as eavesdropping of confidential information by a third party (eavesdropper). Furthermore, since the performance of computers is improving year by year, there is a fear that the safety of encryption technology and other security technologies will decrease due to advanced computing power and decryption algorithms.

Quantum Key Distribution (QKD) has been proposed as a technique for safely sharing an encryption key as an encryption method to counter threats such as those described above and eavesdropping by a third party. QKD is a quantum communication method that uses quantum states using quantum channels to decode encoded communication resources. A sender encodes information input by an encoder that performs QKD using quantum effects, and transmits the encoded information to a communication channel as a communication resource. The receiving party receives the communication resource transmitted to the communication channel and decodes it with a decoder to obtain the target information (see, for example, Patent Document 1). In QKD, it is possible to share information-theoretically secure random numbers between two distant parties.

However, current fiber-based QKD imposes strong restrictions on the distance and speed at which keys can be provided, so that the key generation rate is on the order of several k to 1 Mbps at transmission distances of the order of 50 to 100 Km. Therefore, QKD experiments using satellites are being conducted with the aim of extending the QKD key distribution distance. For example, in another country (China), there are reports of successful key generation between a satellite and a ground station over 1,200 km apart, but with QKD using satellites, the time available for satellite tracking at the ground station is limited. . Further, since it is difficult to increase the speed of the QKD device for satellite installation, the maximum key generation rate is about 1 kbps. Key security index values, which are security parameters, are also set at values lower than those used in terrestrial fiber-based QKD devices. Also, the information theory on which security is based is not the latest, and there is room for improvement in the security of keys.

Key security is information-theoretically secure, and there is a strong demand for a technology that can share secure keys throughout Japan or between continents. In recent years, physical layer cryptography, which enables secure key generation in terms of information processing even when the ability of an eavesdropper assumed in QKD can be limited, has been actively researched in recent years.

These studies, for example, do not assume the receive-retransmit attack that QKD assumes in the wire-tap model. Therefore, if it is possible to know what kind of signal has been passed to an eavesdropper in physical layer cryptography, a secure key can be generated using a public communication channel as well. In addition, if the unavoidable noise source can be set as an eavesdropper, a secret key sharing protocol that enables secure key generation based on the difference in signal-to-noise ratio between legitimate sender and receiver devices will lead to better communication performance than QKD. may be realized.

For example, a virtual eavesdropper with a strong reception ability is installed near the regular receiver device in the line-of-sight communication path of optical communication, and the amount of information leaked to the true eavesdropper is regarded as the maximum value, and a secure key is generated. A method has been proposed and proven (see, for example, Non-Patent Document 1 and Non-Patent Document 2). In these proposals and demonstrations, taking advantage of the characteristics of line-of-sight communication paths in optical communication, the security of the key was discussed under the assumption that there were no eavesdroppers on the line-of-sight communication paths while monitoring the communication paths with telescopes, cameras, etc. is doing. However, the ability to monitor line-of-sight communication paths with existing cameras can only identify objects as large as about 10 cm due to fluctuations in the image caused by the atmosphere. It is a level at which an object (such as a small photodetector) can be identified (see, for example, Non-Patent Document 3).

JP 2004-104345 A

M.Fujiwara, T.Ito, M.Kitamura, H.Endo, M.Toyoshima, H.Takanaka, Y.Takayama, R.Shimizu, M.Takeoka, and M.Sasaki, “Secret key agreement demonstration over 7.8 km free -space optical channel,” International Conference on Quantum Communication, Measurement and Computing 2016, July 2016. H.Endo, M.Fujiwara, M.Kitamura, T.Ito, M.Toyoshima, Y.Takayama, H.Takenaka, R.Shimizu, N.Laurenti, G.Villoresi, T.Aoki, and M.Sasaki, Free-space optical channel estimation for physical layer security,” Opt.Express, vol.24, no.8, August 2016, p.8940-8955. Ministry of Education, Culture, Sports, Science and Technology, Research and Development Bureau Counselor (in charge of aerospace policy), [online], "Information about the fall of the US satellite "UARS"", September 2011, [searched June 6, 2018], Internet , <URL: http://www.mext.go.jp/a_menu/kaihatu/satellite/detail/1311417.htm>

By the way, in the QKD technology including Patent Document 1 and Non-Patent Documents 1 to 3 mentioned above, there is an assumption that an eavesdropper in a line-of-sight communication channel can use quantum memory, quantum computer, and any other actions. For this reason, there is no choice but to strongly limit the key generation speed and service distance. In addition, even if an object (such as a small detector) with a size of 10 cm or less is installed in the line-of-sight communication path by an eavesdropper, it cannot be identified, so it is difficult to eliminate the danger or risk from eavesdropping. .

On the other hand, in the RF band (RF: Radio Frequency), considering the implementation of physical layer encryption using the RF band lower than 750 MHz, the antenna size must be at least equivalent to a wavelength of 10 cm. Therefore, miniaturization of the detection system as described above is difficult. If an eavesdropper installs a detection system in the line-of-sight communication path, an antenna with a size of at least 10 cm is required, which makes it easier for the eavesdropper to detect the wiretapping. However, RF band communication using an antenna is inferior to communication using light in band limitation and directivity.

SUMMARY OF THE INVENTION The present invention has been devised in view of the above-mentioned problems, and its object is to provide a secret key sharing system and a secret key sharing system that enable more secure key sharing in line-of-sight communication channels. It is to provide a method.

A secret key sharing system according to a first aspect of the invention is a secret key sharing system for sharing a secret key between a sender device and an authorized receiver device arranged in a line-of-sight communication channel, wherein the sender device comprises: A key distribution unit that modulates the registered random number sequence to generate private keys for free-space optical communication and RF-band communication, and distributes the generated private keys to authorized recipient devices via free-space optical communication and RF-band communication. and, based on the distribution of the key distribution unit, receive information about the secret key selected by the authorized receiver device, and generate the optical space communication secret key and the RF band communication secret key based on the received information. Based on the common random number sequence included in the key generation unit and the optical space communication secret key and the RF band communication secret key generated by the communication secret key generation unit, the final secret key to be shared with the authorized recipient device is determined. and a final secret key generation unit for generating the final secret key, and the authorized recipient device receives the secret key distributed via the optical space communication and the RF band communication by the key distribution unit, selects the secret key, and selects the sender device It is characterized by having a transmission unit for transmitting to.

A secret key sharing system according to a second invention is characterized in that, in the first invention, the final secret key generation unit matches the final secret key with the optical space communication secret key and the RF band communication secret key formed by random number sequences of the same length. It is characterized in that it is generated by

A secret key sharing method according to a third aspect of the present invention is a secret key sharing method for sharing a secret key between a sender device and an authorized receiver device arranged in a line-of-sight communication channel, wherein a random number sequence to be registered is a key distribution step of generating secret keys for free-space optical communication and RF-band communication by modulation, and distributing the generated secret keys from a sender device to an authorized receiver device via free-space optical communication and RF-band communication; a transmission step of receiving the secret key distributed via optical space communication and RF band communication by the key distribution step in the authorized recipient device, selecting it, and transmitting it to the sender device; a communication secret key generation step for receiving information related to the secret key received by the sender device, and generating an optical space communication secret key and an RF band communication secret key based on the received contents; and a communication secret key generation step a final secret key generating step of generating a final secret key to be shared between the sender device and the authorized receiver device based on a common random number sequence included in the optical space communication secret key and the RF band communication secret key; characterized by having

According to the first to third inventions, free-space optical communication and RF band communication are used for quantum cryptography communication between the sender device and the authorized receiver device. For this reason, it is possible to share a secret key even in RF communication with a frequency lower than 750 MHz, which cannot be easily received by an antenna of 10 cm or less in RF band communication, although it cannot detect a substance of 10 cm or less in optical space communication. As a result, by using the result of coding another key with one key as the final key common to the sender device and the legitimate receiver device, information to eavesdroppers accompanying the wide beam divergence angle of RF band communication can be obtained. It is possible to securely share a private key, which can eliminate the threat of leakage and the presence of an eavesdropper in the communication path of optical space communication.

In particular, according to the second invention, the final secret key is generated by matching the optical space communication secret key and the high frequency band communication secret key formed of random number sequences of the same length. Therefore, it is possible to limit the receiving capability of an eavesdropper compared to channel coding and secret key sharing only for free space optical communication or only for RF band communication. As a result, even if there is an eavesdropper in the communication channel, the sender device and the authorized receiver device can safely share the key.

In particular, according to the third invention, free-space optical communication and RF band communication are used for quantum cryptography communication between the sender device and the authorized receiver device. For this reason, it is possible to share a secret key even in RF communication with a frequency lower than 750 MHz, which cannot be easily received by an antenna of 10 cm or less in RF band communication, although it cannot detect a substance of 10 cm or less in optical space communication. As a result, by using the result of coding another key with one key as the final key, information leakage to eavesdroppers and communication paths in optical space communication due to the wide optical beam divergence angle of RF band communication It is possible to eliminate the threat posed by the presence of an eavesdropper, and to safely share the private key.

FIG. 1 is a schematic diagram showing an example of a secret key sharing system to which the present invention is applied. FIG. 2 is a block diagram showing an example of the configuration of the satellite 1 of the secret key sharing system to which the present invention is applied. FIG. 3 is a block diagram showing an example of a secret key sharing system according to the first embodiment. FIG. 4 is a schematic diagram showing an example of operation of sharing a secret key in the first embodiment. FIG. 5 is a schematic diagram showing an example of a secret key sharing system according to the second embodiment. FIG. 6 is a schematic diagram showing an example of operation of sharing a secret key in the second embodiment. FIG. 7 is a schematic diagram showing an example of operation of sharing a secret key in the second embodiment.

An example of a secret key sharing system according to an embodiment of the present invention will be described below with reference to the drawings.

First Embodiment FIG. 1 is a schematic diagram showing an example of a secret key sharing system 10 according to this embodiment.

As shown in FIG. 1, the secret key sharing system 10 of this embodiment is based on quantum key distribution using a satellite 1, two ground stations 2, and an antenna 3, enabling sharing of secret keys on a global scale. Become. Satellite 1 is a sender device 11 and ground station 2 and antenna 3 are legitimate receiver devices 14 . This authorized recipient device 14 is a device on the other side with which the sender device 11 truly desires to share the secret key.

The authorized receiver device 14 performs processing such as bit error correction and error correction according to the reception status, and selects the private key distributed from the sender device 11 . The ground station 2 in the authorized receiver device 14 performs optical space communication from the satellite 1, for example, with a telescope. Further, the antenna 3 in the regular receiver device 14 performs RF band communication with the satellite 1 using radio waves in the RF band.

FIG. 2 is a block diagram showing an example of the configuration of the satellite 1 of the secret key sharing system to which the present invention is applied.

The satellite 1 includes a key distribution unit 4, a communication secret key generation unit 5, and a final secret key generation unit 6, as shown in FIG. The key distribution unit 4 includes an optical space communication key distribution unit 41 and an RF band communication key distribution unit 42 . By modulating the random number sequence, the key distribution unit 4 generates respective secret keys in the optical space communication key distribution unit 41 and the RF band communication key distribution unit 42, and distributes the generated secret keys to the optical space communication and the RF communication. It is distributed to the ground station 2 and the antenna 3 via band communication.

The optical space communication key distribution unit 41 generates a random number sequence modulated by a physical random number generator mounted on the satellite 1 . This random number sequence may be registered in advance. The optical space communication key distribution unit 41 distributes the generated random number sequence to the ground station 2 by optical space communication using the quantum effect. This optical space communication may be transmitted by, for example, an optical beam system provided on the satellite 1 . In this case, the intensity of the light beam reaching the ground may be determined by the strength of the light beam, the diaphragm, and the like. The light beam may be distributed while being set so that the position of the ground station 2 is at the center of the light beam.

The RF band communication key distribution unit 42 distributes the random number sequence modulated by the physical random number generator to the antenna 3 by RF band communication. The communication secret key generation unit 5 receives the secret key selected by the authorized recipient device 14 based on the distribution of the key distribution unit 4, and matches the secret key.

The communication secret key generator 5 receives information about each secret key selected by the authorized recipient device 14 . The communication secret key generation unit 5 matches the selected result based on the information on the secret key. The communication secret key generator 5 generates the selected optical space communication secret key and RF band communication secret key.

The final secret key generation unit 6 is based on the common random number sequence included in the optical space communication secret key and the RF band communication secret key generated by the communication secret key generation unit 5. Generate the final private key. For example, the final secret key generator 6 may be provided in the authorized recipient device 14 .

FIG. 3 is a diagram showing the overall configuration when an eavesdropper device 15 intrudes into a secret key sharing system to which the present invention is applied. In FIG. 3, there are a plurality of ground stations 2 distributed from the sender device 11 (satellite 1) corresponding to the satellite 1 described above. is.

A regular receiver device 14 (ground station 2, antenna 3) performs free-space optical communication with a sender device 11 (satellite 1) via a main communication path 12. FIG. The eavesdropper device 15 has a configuration corresponding to at least the ground station 2 and may also have a configuration corresponding to the antenna 3 . The eavesdropper's device 15 is a device that does not want the sender's device 11 to share the secret key. and attempt to intercept RF band communications.

Next, the operation of the secret key sharing system 10 to which the present invention is applied will be explained.

The satellite 1 modulates a true random number generated by an on-board physical random number generator (not shown) into a quantum state of light and delivers it to the ground station 2 by optical space communication. The satellite 1 similarly modulates the intrinsic random number and transmits it to the antenna 3 by RF band communication. Before launching the satellite 1, the physical random number generator is shared with the regular receiver device 14 side.

The ground station 2 and the antenna 3 perform processing for correcting deterioration of the information distributed from the satellite 1 by optical space communication and RF band communication based on the intrinsic random numbers already held. This correction processing is, for example, bit error, error correction, and the like. As a result, the satellite 1 can generate the optical space communication secret key and the RF band communication secret key based on the information (correction information, etc.) related to the secret key transmitted from the authorized receiver device 14, and holds the common secret key. be able to.

The satellite 1 receives sorting result information from the ground station 2 and the antenna 3 through optical space communication and RF band communication. The communication secret key generation unit 5 in the satellite 1 matches the random number sequences distributed by the optical space communication and the RF band communication based on the selection result information. Then, based on the result of matching, an optical space communication secret key and an RF band communication secret key are generated.

The final secret key generator 6 prepares the same number of bits from the optical space communication secret key and the RF band communication secret key generated with different wavelengths in accordance with the above-described processing. As shown in FIG. 4, the final secret key generator 6 calculates, for example, an exclusive OR from the number of prepared bits for the optical space communication secret key and the RF band communication secret key, and uses the calculation result as the final secret key. do.

The final secret key is calculated, for example, by exclusive ORing each bit in both the secret key for optical space communication (Key1) and the secret key for RF band communication (Key2). As a result, a common random number is generated as the final secret key, and this common random number is shared between sender device 11 and authorized receiver device 14 .

As described above, according to the first embodiment, optical space communication and RF band communication are used between the sender device 11 and the authorized receiver device 14, and the final secret key is generated based on the selection results of separate communications. do. Therefore, even if either the optical space communication or the RF band communication is intercepted via the eavesdropper's device 15, the eavesdropper's device 15 cannot reproduce the final secret key. Therefore, the authorized recipient device 14 is not intercepted by the eavesdropper device 15, and can share the final secret key more securely.

Second Embodiment A second embodiment of the secret key sharing system 10 to which the present invention is applied will be described below. In the second embodiment, the same components and members as those of the first embodiment described above are denoted by the same reference numerals, and the description thereof will be omitted.

In this second embodiment, as shown in FIG. 5, only the satellite 1 is used as the sender device 11 and only the ground station 2 is used as the regular receiver device 14 . A configuration for generating the final key is pre-installed in the authorized recipient device 14 .

A satellite 1 as a transmitter device 11 modulates an intrinsic random number generated by an on-board physical random number generator (not shown) into a quantum state of light, and sends a regular receiver device as a ground station 2 by optical space communication. Delivered to 14. The authorized recipient device 14 generates a final secret key to be shared with the sender device 11 based on the secret key distributed through optical space communication.

Details of the optical space communication method according to the second embodiment will be described below.

The sender device 11 presets the center of the optical beam of the optical space communication for the authorized receiver device 14 . FIG. 6 shows a setting example of this light beam. When setting the light beams, the center of the light beam for optical space communication, the position of the authorized receiver device 14, and the position of the eavesdropper device 15 are considered. By the way, the eavesdropper device 15 may be set to be pseudo, so to speak fictitious.

In the following example, it is assumed that the detection capability of the eavesdropper device 15 is equivalent to that of the legitimate recipient device 14 . Also, the eavesdropper device 15 can receive one light beam from the sender device 11 with the same energy density as the eavesdropper device 15, and other light beams are assumed to be separated by 1σ or more. Assume.

Under this assumption, the range of beam wandering is set to include the center of the optical beam for optical space communication. Light beams 30 to 32 for beam wandering in FIG. 6 are examples in which the center of the light beam for optical space communication is set to the normal receiver device 14 and set so as to include the center. The light beams 30 to 32 are set so as not to completely overlap each other, and their centers are set so as to be shifted from the normal receiver device 14 .

In the second embodiment, the sender device 11 divides the actually registered random number sequence into a plurality of sequences. Then, a plurality of private keys are generated by superimposing the divided random number sequences. The key distribution unit 4 in the sender device 11 superimposes the secret key based on the divided random number sequence on each light beam to be beam-wandered, and distributes it to the authorized receiver device 14 .

For example, as shown in FIG. 7, when the random number sequence is divided into three of divided secret key A, divided secret key B, and divided secret key C, at least three light beams for beam wandering are set, A private key is superimposed on each light beam and distributed to the authorized receiver device 14 . In the example of FIG. 7, the split secret key A is superimposed on the light beam 30, the split secret key B is superimposed on the light beam 31, and the split secret key C is superimposed on the light beam 32, and distributed.

These split secret key A, split secret key B, and split secret key C are different between the sender device 11 and the regular receiver device 14 in optical space communication, due to differences in estimated values of the error rate and the amount of leaked information of each light beam. Private keys may have different key lengths. For this reason, the authorized receiver device 14 that has received these beam-wandered light beams, among the received divided secret key A, divided secret key B, and divided secret key C, has the smallest key length of the secret key, for example. is used as a reference, the key length obtained for each private key is set as the key length, and processing is performed such that keys longer than that are discarded.

After that, the authorized recipient device 14 extracts a common random number from each exclusive OR based on the divided secret key A, the divided secret key B, and the divided secret key C. Then, the extracted common random number is wandered via optical space communication and used as the final secret key shared by the authorized receiver device 14 .

As shown in FIG. 6, the amount of leaked information is detected through a simulated set of leaked information estimation required receivers centering on the authorized receiver device 14, and the maximum proximity distance of the actual eavesdropper device 15 is estimated. be able to. In order to generate the final secret key, it is necessary to obtain all of the divided secret keys accurately with high strength. In other words, if even one of the divided private keys is missing, the final private key cannot be generated.

In order for the eavesdropper device 15 to actually receive all the light beams that have undergone this beam wandering, it is necessary to be at the same position as the legitimate receiver device 14 or to be very close to it. difficult. Therefore, the reception of the light beam by the eavesdropper device 15 is incomplete, and it becomes practically difficult to obtain the final secret key.

Therefore, the legitimate recipient device 14 is not intercepted by the eavesdropper device 15, and can more safely share the final secret key.

Note that the key distribution unit 4 may narrow the beam diameter of the light beam that is actually distributed, and then perform beam wandering on the beam. As a result, it is possible to extremely efficiently reduce the information leakage due to beam spread.

Further, the secret key sharing method for sharing the secret key between the sender device and the authorized receiver device arranged in the line-of-sight communication path in the present embodiment includes the key distribution step in the secret key sharing system 10 described above, By having a transmission process, a communication secret key generation process, and a final secret key generation process, it is possible to share a secret key even in RF communication with a frequency lower than 750 MHz, which cannot be easily received with an antenna of 10 cm or less in RF band communication. becomes.

As a result, by using the result of coding another key with one key as the final key, information leakage to eavesdroppers and communication paths in optical space communication due to the wide optical beam divergence angle of RF band communication It is possible to eliminate the threat posed by the presence of an eavesdropper, and to safely share the private key.

While embodiments of the invention have been described, each embodiment is provided by way of example and is not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and modifications can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the scope of the invention described in the claims and equivalents thereof.

1 : Satellite 2 : Ground Station 3 : Antenna 4 : Key Distributor 5 : Communication Secret Key Generator 6 : Final Secret Key Generator 10 : Secret Key Sharing System 11 : Sender Device 12 : Main Communication Channel 13 : Eavesdropper Communication Path 14: Authorized receiver device 15: Eavesdropper devices 30, 31, 32: Light beam 41: Optical space communication key distribution unit 42: RF band communication key distribution units A to C: Divided private key

Claims (3)

A secret key sharing system for sharing a secret key between a sender device and an authorized receiver device arranged in a line-of-sight communication channel,
The sender device,
a key distribution unit that transmits a random number sequence using space optical communication and RF band communication, generates a secret key, and distributes the generated secret key to the authorized recipient device via space optical communication and RF band communication; ,
A communication secret key for receiving information about a secret key selected by the above-mentioned authorized recipient device based on the distribution of the above-mentioned key distribution unit, and generating an optical space communication secret key and an RF band communication secret key based on the received content. a generator;
final generating a final secret key to be shared with the authorized recipient device based on a common random number sequence included in the optical space communication secret key and the RF band communication secret key generated by the communication secret key generating unit; and a private key generation unit,
The legitimate recipient device is
having a transmission unit that receives the private key distributed by the key distribution unit via optical space communication and RF band communication, selects the private key, and transmits the private key to the sender device;
A secret key sharing system characterized by: The final secret key generation unit generates the final secret key by matching the optical space communication secret key and the RF band communication secret key formed of random number sequences of the same length;
The secret key sharing system according to claim 1, characterized by: A secret key sharing method for sharing a secret key between a sender device and an authorized receiver device arranged in a line-of-sight communication channel,
A secret key for free space optical communication and RF band communication is generated by modulating a random number sequence, and the generated secret key is distributed from the sender device to the authorized receiver device via free space optical communication and RF band communication. a key distribution process;
a transmitting step of receiving the secret key distributed via the optical space communication and the RF band communication in the key distribution step in the legitimate receiver device, selecting it and transmitting it to the sender device;
a communication secret key generation step of receiving information on the secret key selected by the authorized receiver device at the sender device and generating an optical space communication secret key and an RF band communication secret key based on the received content;
A final secret to be shared between the sender device and the authorized receiver device based on a common random number sequence included in the optical space communication secret key and the RF band communication secret key generated in the communication secret key generation step a final private key generation step for generating a key;
A private key sharing method characterized by:

Images