JPH01119144A - Universal key enciphering communication system - Google Patents

Abstract

PURPOSE:To secure the safety of information by holding a master decoding key only by a receiver in secrecy, and holding an enciphering key only by a transmitter that is an owner in secrecy. CONSTITUTION:The safety can be maintained even when the length of a key is compressed by keeping both individual enciphering key and decoding key in secrecy from a person other than the transmitter and the receiver. In other words, in case of constituting a master key of 10 prime numbers of binary 20 bits and an individual key of 5 prime numbers out of them, no master key can be estimated until all of the remaining 5 prime numbers except for 5 prime numbers of the individual key are found. Around 2<16> prime numbers exist within the integer of binary 20 bits, and a combination in which five of them are taken goes to 2<16>C5, and it is impossible to calculate all of the cases judging from calculation amount point of view. Furthermore, even if all of the prime numbers are known, it is hard to know the master key judging from the calculation amount point of view without recognizing respective individual key.

Description

DETAILED DESCRIPTION OF THE INVENTION [Field of Industrial Application] The present invention relates to an encryption method using a master key in a communication network, and particularly relates to an encryption method using a master key in a communication network, and in particular to an encryption method using a master key in a communication network.
The present invention relates to encrypted communication suitable for rea network) and broadcast communication.

[Conventional technology]

The existence of a master key in the R8A open public system.

The method for generating a master key from individual keys is described in Japanese Patent Application Laid-open No. 58-7.
It is described in No. 174. Furthermore, when communicating via a communication network such as a LAN, it is considered necessary to encrypt data due to the need for information security.

[Problem that the invention seeks to solve]

For example, in a LAN that connects a research institution or an in-house LAN that connects multiple departments, a situation arises where important data is not wanted to be viewed by other terminals. Also.

In a LAN spread within one building, there are many LAs.
If you connect a commercially available terminal to one of the N plugs,
Since it is easy to peek into data within the LAN,
Data on a LAN is usually not secure. For these reasons, it is considered that data protection will become necessary as LAN expands in the near future.

However, the following problems arose when encrypting a single piece of communication data in a LAN.

1. It takes too much time to set the decryption key compared to the data transmission speed.

If a decryption key corresponding to the encryption key used by the sender is set each time data is decrypted, efficient processing cannot be performed when data is concentrated.

2. Furthermore, there is a limit to the amount of buffer, and it is costly to prepare a sufficiently large buffer.

3. Traditional master key encryption takes too much time.

This was not a practical method for dealing with problems 1 and 2 above.

Conventionally, there have been the following methods as examples of implementing master key encryption.

Step 1゜If the number of individual keys is m, select 1m sets of different large prime numbers Pi+qt (1≦i≦m).

Here, from a safety point of view, each PIP q is binary 20.
A size of 0 digits or more is desirable.

Step 2゜ Set et, di, and dM so that

Step 3 Set nH=n PlI qt@i=1 The resulting (dM, n) is the master decryption key, (
et+ n+) (1≦i≦m) as an individual encryption key.

Then, encrypted communication is performed as follows.

Send encrypted C=M'' (modni) and receive decrypted C, M=C'' (modrz), since dM is generally very large.

The decryption process took a long time and was not practical.

4. Conventional master keys that are generated from multiple individual keys must be regenerated in response to changes in individual keys.

[Means for solving problems]

To address this problem, the present invention proposes an efficient cryptographic key management method using a master key. The key is generated by the person who holds the mask key.

1. Introduction of a new master key encryption method In order to realize high-speed master key encryption, a first-order method is used.

step], a set of relatively small prime numbers of about 20 binary digits (
Prepare PlIP2...pn). Then, create a master key as follows.

d+raM=1+od(LCM((pt x)t(p
z z)s -1))) nM= pl”p2°1p n Master encryption @ (eM, nM) Master decryption # (dM, n bound) Step 2. Any from the set of prime numbers (pi1p2...pn) Select a prime number (qz+qz...qt) on the side and create an individual key as follows.

dI=dM(IIIodLI) Lt=LCM ((qt-tL (q2 tL (qj
-z))et 11d +=1modL1 nt = qI X q 2 X ”' X q 7
Individual time code tlP (dI, ni) Individual decryption key (eI, nt) Step 3. Encrypted communication is performed as follows.

Individual encryption key → master decryption key Encryption C=M” (modnt), communicate C.

Decryption M = C” (fflodnt) Master encryption key → Individual decryption key encryption C = M6M (modnt), communicate C.

Decryption M = C” (rRod n suck) Now, since a relatively small prime number is used, encryption,
Decoding speed can be increased.

[Effect]

The technical measures described above result in effects of the first order.

1. Reduction of decryption key setting time In an information network such as a LAM, it is possible to realize data protection by encryption, and the setting of a decryption key can be omitted, so that the time required for a recipient to set a decryption key can be shortened.

2. Improving decryption processing speed By keeping both the individual encryption key and decryption key secret from anyone other than the sender and receiver, security can be maintained even if the number of managers is shortened.

Assume now that the master key is composed of 10 prime numbers of 20 binary bits, and that the individual key is composed of 5 of these prime numbers. At this time.

The steps involved in estimating the master key from the individual key information are as follows.

(1) Unless all five prime numbers remaining except for the five prime numbers of the individual key can be found, the master key cannot be estimated.

(2) Within a 20-bit binary integer, there are approximately 216 og n prime numbers, according to De Barrepsin's formula □, and the combination that takes 5 of them is 21BC.
B, and it is computationally impossible to check all these cases.

(3) Furthermore, even if you know all the prime numbers, if you do not know each individual key, it is computationally difficult to know the master key.

(4) According to (1) to (3) above, the master key is safe.

3. Authentication of the sender using the master key Since the receiver sets the master decryption key and n corresponding to the sender to perform decryption, it is possible to authenticate the sender using ni. In other words, the other party is confirmed based on the fact that the decryption was possible using the set ni. If it is encrypted using a false eI or n+, the decrypted text will be a random bit string.

4. Easy to modify when the sender/receiver changes Based on the conventional master key generation method, if the sender who has an individual key changes, the master key needs to be regenerated.
Requires changes and modifications to secret areas. In contrast, in this method, there is no need to change the master key of the secret area when the sender changes. In other words, the sender can be easily changed by generating a new individual key based on the master key.

〔Example〕

An embodiment of the present invention is shown in FIG. 1.
cal Area Network), and 1
01-104 are communication terminals, 105-108 are entrance points to the secret area, 109 are entrance points to the normal area, 1
10 to 112 are individual encryption keys stored in the secret area, 113 is a master decryption 111j stored in the secret area, and 114 is an individual key decryption parameter stored in the normal area. Secret area entrance point 105~
Access to 108 takes one hour because of strict management, whereas access to entrance point 114 of the 1 normal area takes less time because of less strict management.

In FIG. 1, for example, encrypted communication from communication terminal 102 to communication terminal 105 is performed according to the flow shown in FIG. This figure describes the operations of a sender and a receiver using a Petri net.

Here, the Petri net is a place (plac
This is a directed graph consisting of two types of nodes: a node e) and a transition node indicated by a vertical or horizontal bar, and one type of link indicated by an arrow. A token indicated by a black circle moves on the graph.

When a token moves into a place, the action described in that place is activated.

A transition is considered as one AND gate, and when there are tokens in all places on the entrance side of the transition and all operations in each place are completed, all tokens move to places on the exit side across the transition.

201.202: Sender inputs message M.

(0≦M≦ni L) 203: Individual keys (sl, nt) are read from secret areas 106, 107, and 108.

2o4: Ciphertext C is created. In other words, C=M” (
mad n i ) 205: Ciphertext C is sent to the receiver.

206.207.208: On the recipient side, the system is started up in advance and the master decryption key dM is sent to the secret area 10.
5 and stores it in the buffer of the communication terminal 101.

209.210: Upon receiving the ciphertext C, confirm the communication source and read the corresponding parameter n1 from the normal area 109.

211: Decrypt.

M=C'' (modnt) 212: End In addition, in 203 and 206 to 208 of the above flow, one individual key and the master key are generated as follows.

(However, the numbers used in this example have a short number of digits for ease of explanation, but when actually used.

Use one with a larger number of digits. ) Step 100: Set the set of six prime numbers, for example (pxpzpnpnpspe)
= Prepare (7, 11, 13, 17, 19, 23). °Then, generate the master key as follows:

That is, dx, e+=1+od(LCM ((pz-t)r(p
LM=LCM(6,10,12,16,18,22)=
7920dM=517609 es=4249, and n5=pl・pz・ps・pn−ps@pe=
7436429 Master Encryption Key (115M, nM)
= (4249, 7436429) Master decoding 1m! (, dM, nH) = (517
609,7436429) Step 200: Select an arbitrary prime number from the set of prime numbers (7, 11, 13, 17, 19, 23) and generate an individual key.

■(cil, qi qll) = (17, 19, 23
)Lz=LCM (16,18,22)=1584d
l = dM (modLt) = 1225e 1・d
81=1081 nt=17X19X23==7429 Individual encryption key (1081,7429) Individual decryption 1m (1225,7429) (qty
'l? qs)=(IL 1a, 17)Lz=I,C
M (10,12,16)=240dz=dM(mo
dLt) = 169az=169 nz=lIX13X17=2431 Individual encryption key (169,2431) Individual decryption a (169,2431) ■ (qx・qx,qa)=(11,19,23
)La=LCM (10,18,22)=990d
s=dM(modLa)=829ea:28
9 ns=1 1X19X23=4807 Individual encryption @ (289,480?) Individual decryption key (829,4807) Step 3 Encrypted communication is performed as follows. Let plaintext M=7.

Individual encryption key → master decryption key encryption C=M” (mod nt)=710
81 (mad7 4 2 9) = 2781 = C decryption M = C” (modrz) = 27816”” (mad 7429) = 7 = M master encryption key → individual decryption key encryption C = M” = 7”4g ( load7429 ) =2781=C decoding M =C41 =2781”! 1 (n1=7429) =7=M It was shown that the encryption and decryption power was 1 using the individual key and the master key.

Furthermore, as shown in this embodiment, the ciphertext created with the individual encryption key is master decrypted by meM and n.

=7429, the source is n1.
It was confirmed that the user is the owner of the individual key ei=1081 having the key ei=7429.

Furthermore, since it was possible to arbitrarily generate a fixed number of individual keys after generating the master key, it was shown that it was not necessary to change the master key when the sender changed.

〔Effect of the invention〕

The following effects can be obtained from the present invention.

1. Improved decryption key setting time and processing speed To set the decryption key for each communication partner, it is necessary to set a common master decryption key from the secret area and a parameter n1 corresponding to the communication partner from the normal area. In Although,
Actually, after setting master decoding a, only parameter n+ needs to be set. Parameter n1 is installed in the normal area, so the access time is short, and the key setting is 1.
Since the decryption key setting time can be reduced, it is possible to shorten the decryption key setting time.

Furthermore, since the length of nl can be safely shortened, processing speed can be improved.

2. Ensuring key security Many senders each have their own individual encryption 5et,
Since l is generated based on each Ll, the security of the key is ensured by keeping each individual encryption key and decryption key secret from people other than the sender and receiver, and one set of e, Ll is generated. It is not possible to estimate the mask key from information alone, and estimation of other individual keys and master keys by bulldozer attack is computationally impossible.

Furthermore, even if you know all the prime numbers in the normal area, it is generally difficult to know the master key unless you know all the information about eI.

3. Authentication of the sender using the master key The receiver who owns the master key can authenticate the sender based on the fact that he set nl corresponding to the sender and was able to decrypt using ni. If it is encrypted using false ei and nl, the decrypted text will be a random bit string.

4. Easy to modify when the sender/receiver changes It is not necessary to change the master key of the secret area when the sender changes. In other words, by generating a new individual key based on the master key, it is possible to easily change the sender.

[Brief explanation of the drawing]

Claims (1)

[Claims] 1. In a cryptographic communication system including multiple senders and one receiver, each sender has a different encryption key, and the receiver has one master decryption key. A universal key encryption communication system characterized in that the master decryption key is kept secret only by the receiver, and the encryption key is kept secret only by the sender who is the owner of the encryption key. 2. The communication method described in paragraph 1 includes a master key and individual key generation method, in which firstly the master key is generated, and secondly, individual keys are generated based on the generated master key. Universal key cryptographic communication method. 3. The cipher having the master key is a power cipher,
and 2 or 3 or more prime numbers p_1p_2...p
If the method uses the product of _n as the modulus, that is, the power for encryption is d, the plaintext is M, and the ciphertext is C, then C=M^emod
(p_1・p_2...p_n) (encryption) M=C
^dmod(p_1・p_2...p_n) (decoding), and e・d=1mod(LCM(p_1-1), (p_2-
1)...(p_n_-_1))) The universal key cryptographic communication system according to item 1. 4. In the master key generation, generally n prime numbers p
_1p_2...p_n are selected, and in the generation of the individual key, among the prime numbers p_1p_2...p_n,
By randomly selecting and using an arbitrary number smaller than n, it is characterized by making it computationally difficult to estimate a master key from an individual key and to estimate another individual key from one individual key. The universal key cryptographic communication method according to paragraph 3.