JPH02256343A - Privacy communication controller - Google Patents

Abstract

PURPOSE:To surely prevent leakage of important information to a 3rd party, to minimize useless communication and to eliminate a troublesome communication control by reflecting the will of privacy communication of the operator onto communication depending on ON/OFF of a privacy switch means. CONSTITUTION:When a facsimile equipment of its own station makes transmission, picture information to be ciphered is inputted from a line LiB to a MO DEM 300 and demodulated, the information appears on a data bus of a microcomputer 100 through a buffer 500 from a data bus DBM 1 and is fed to a terminal of an X group of a cyphering/decyphering processing circuit 600. The circuit 600 ciphers the data applied to the terminal of the X group and outputs it to a data bus 2 via a Y group terminal. The cryptographic data is outputted through the buffer 500 to a data bus DMB 2. Then the data is modulated by a MODEM 400 and sent to the telephone lines LN1, LN2 via the line LiA.

Description

[Detailed Description of the Invention] [Object of the Invention] [Industrial Field of Application] The present invention is applicable to communication devices such as facsimile machines that transmit image information using public communication lines, for example, in order to perform confidential communication. The present invention relates to a confidential communication control device used.

[Prior Art] Various means for encrypting/decoding communication information have been proposed in the past, and for facsimile machines, for example, one with a secret function is disclosed in Japanese Patent Laid-Open No. 59-221167. The technique disclosed in the publication is known.

[When carrying out the secret communication that the invention aims to solve, the transmitted image cannot be reproduced on the receiving side unless the encryption on the sending side and the decoding on the receiving side are correctly matched. For this reason, JP-A-59-22
In the technique disclosed in Japanese Patent No. 1167, if the ciphering device of the transmitting station and the ciphering device of the receiving station do not match, the ciphering operation is prohibited and communication is performed in normal mode.

However, as a matter of course, prohibiting confidential operation will not prevent communication contents from being leaked to a third party.Even if there is no third party eavesdropping on the communication line, the receiving side Since it is often possible for a third party to operate a specific communication device (for example, a facsimile), there is a possibility that communication contents may be leaked to a third party.

However, if the sender's secrecy function and the receiver's secrecy function do not match, sending encrypted information using secrecy mode will reproduce meaningless information on the receiving side, resulting in unnecessary communication. I will do it.

Also, if you disable communication other than in secret mode.

Even when communicating unimportant information, communication is not possible unless a special operator is in possession of a key such as a card, making operations cumbersome.

An object of the present invention is to reliably prevent leakage of important information to a third party, minimize unnecessary communication, and eliminate troublesome communication operations.

[Structure of the Invention] [Means for Solving the Problems] In order to achieve the above object, in the present invention, in a secure communication control device including a confidential information processing means for encrypting transmitted information and decoding received information: Concealing switch means for switching on/off operation; code input means for inputting a predetermined code; and when the concealment switch means of at least one communication station on the transmitting side and the receiving side is in the ON state of the confidential operation, the above-mentioned Check whether or not the secrecy functions of the transmitting station and the receiving station match, including the cipher input by the cipher input means, and if they match, secret communication is executed, and if they do not match, communication operation is prohibited and the communication system is connected. Electronic control means is provided for blocking the communication and for communicating with unencrypted information when the concealment switch means of both communication stations on the transmitting side and the receiving side are in the OFF state of concealment operation.

[Operation] In the present invention, by turning on/off the concealment switch means,
The operator's intention for confidential communication can be reflected in the communication. That is, if the secrecy switch means is turned on in at least one of the transmitting station and the receiving station, it is assumed that the operator has the intention of secrecy communication.In that case, r
It is checked whether or not the secrecy functions of the transmitting station and the receiving station, including the cipher (for example, the operator's ID code) inputted by the e-code input means, match, and if they match, the secrecy communication is executed. If they do not match, for example, if the codes input by the code input means do not match between the transmitting station and the receiving station, one communication operation is prohibited.

Cut off communication connections.

Therefore, if the operator of at least one of the transmitting station and the receiving station has the intention of secret communication, there is no fear that unencrypted information will be leaked to a third party.

Furthermore, if the cipher input at the transmitting station and the cipher input at the receiving station do not match, the communication system connection is cut off without transmitting information.

It is possible to prevent wasteful communication in which information cannot be reproduced at the receiving station, and to minimize wasteful communication costs.

Furthermore, if the secrecy switch means at both the transmitting station and the receiving station are turned off, it is assumed that the operator has no intention of secrecy communication, and normal unencrypted communication is performed. In this case, since a key for verifying the operator is not required, communication can be performed even if the operator does not have a special key. Therefore, when carrying out unimportant communications, there is no need for any troublesome operations.6 Other objects and features of the present invention will become clear from the following description of an embodiment with reference to a drawing.

[Embodiment] FIG. 1 shows the overall configuration of one communication system when performing facsimile communication using a secret device according to an embodiment.

Referring to Figure 1, facsimile machines (FAX) that communicate with each other are connected to a public exchange
A security device is inserted between each facsimile machine connected to the telephone line and the exchange. Each facsimile shown here is
This is a generally commercially available device equipped with G3 mode specified by CCITT, and has not been modified in any way.

That is, by simply inserting the security device of the embodiment onto a telephone line, secure communication can be performed using an existing facsimile device.

FIG. 2 shows an outline of the configuration of the secret devices provided on the transmitting side and the receiving side, respectively. Referring to FIG. 2, the concealment devices on the transmitting side and the receiving side have the same configuration. That is, each secret device includes two modems (modems), a control device (CPU), and a unit having signal bypass, encryption, and decryption functions.

When performing confidential communication, the sending side inputs the image information sent over the line by the facsimile via the modem, and the encrypted information is sent out over the line via another modem 11. inputs cursed encrypted information onto the line through a modem, decrypts it and reproduces the transmitted image information, and transmits the reproduced information to the line connected to the facsimile machine via another modem. over the line, so each facsimile only performs normal operations, but on the line between the two secure devices.

The signal is encrypted and secret communication is performed.

Next, the configuration of the secret device shown in FIG. 3 will be explained. A relay RY2 is interposed between the public telephone lines LNI and LN2 connected to the exchange and the lines LFI and LF2 connected to the local facsimile. Line LFI on the facsimile side.

LF2 is connected to the common contact of relay RY2.

Telephone lines LNI and LN2 are connected to one contact point of R'Y2. Moreover, the line LiB inside the concealment device is connected to the other contact point of the relay RY2. In this example, when relay RY2 is off, lines LNI and LN2 are connected to lines LFI and LF2, and when RY2 is on, lines LFI and LF2 are connected to line LiB.

Furthermore, the telephone lines LNI and LN2 are connected to a line LiA inside the concealed device via a normally open contact of a relay RYL. In addition, for telephone lines LNI and LN2,
A polarity reversal detection circuit 210 and a call detection circuit 220 are connected, and a current supply circuit 230 is connected to a line LiB inside the secret device.

Other components of the secret device include a microcomputer (CPU) 100. ROMI 10°RAM12
0. Memory card 130. Power supply 140° random number generation circuit 1
50. Input/output interface (Ilo) 180. Modem 300, 400. Buffer circuit 500. An encryption/decryption processing circuit 600 is provided.

The two modems 300 and 400 each have a CCITT V
27 tar, that is, it is equipped with a communication function compliant with the G3 standard.

The data bus of the microcomputer 100 is connected to the data bus DBMI of the modem 300 and the data bus DBM2 of the modem 400 via a buffer 500. Therefore, the microcomputer 100 can communicate with its own facsimile machine via the modem 300 or use the modem 40 to
You can communicate with the other party's facsimile machine via 0. Further, the buffer 500 and the encryption/decryption processing circuit 600 are connected by an internal data bus (2). By controlling the buffer circuit 500, the data bus (2) becomes the data bus DBM1 of the modem 300.
．． Alternatively, it can be connected to the data bus DBM2 of the modem 400.

Therefore, for example, when a facsimile on the own side transmits, the image information to be encrypted is transferred from the line LiB to the modem 30.
0 and is demodulated, passed from the data bus DBMl to the buffer 500, transferred to the data bus of the microcomputer 100, and transmitted to the
The 0 circuit 600 applied to the terminals of the group encrypts the data applied to the terminals of the X group and outputs it to the data bus (2) via the terminals of the Y group. This encrypted data is passed through the buffer 500 to the data bus D.
It is output to BM2. The signal is then modulated by modem 400 and sent from line LiA to telephone lines LNI and LN2.

Conversely, when the local facsimile receives data,
The encrypted image information to be encoded is input from the line LiA to the modem 400 and demodulated, passes through the buffer 500 from the data bus DBM2, appears on the data bus (2), and is sent to the Y of the encryption/decryption processing circuit 600. The 0 circuit 600 applied to the terminals of the group decodes or decodes the information and outputs the decoded information to the terminals of the X group. This information is applied to the modem 300 through the data bus of the microcomputer 100, through the buffer 500, and through the data bus DBM1. The modem 300 modulates the information and sends it to the local facsimile lines LFI and LF2 via the line LiB.

The memory card 130 is used as a kind of key in secure communication, and is detachable from the secure device using a predetermined connector. This memory card 130 is internally equipped with a battery for holding stored contents and a read/write memory that stores the ID code of the card. In other words.

Normal secure communication is possible only when memory cards having the same ID code are installed in each secure device placed near the facsimile on the sending and receiving sides.

Next, the configuration of each circuit will be explained in more detail.

Details of each circuit in FIG. 3 are shown in FIGS. 5a and 5b.

Figure 5c, Figure 5d, Figure 6a, Figure 6b, Figure 7a,
It is shown in FIGS. 7b, 8 and 9.

First, explanation will be given with reference to FIG. 5a. This circuit includes a microcomputer 100 and its peripheral circuit elements. Microcomputer 100 used here
is HD63BO3R. Latch LTI functions as an address latch that extracts the lower 8 bits of address information (A7-AO) superimposed as a signal on the data bus of microcomputer 100. The address bus contains the upper 8
Bits (ADl5-AD8) A 16-bit signal with the lower 8 bits (AD7-ADO) output from the address latch LTI appears.

Various chip select signals selected by each of the various peripheral circuits connected to the microcomputer 100 are sent to the decoder DE2 and various logic gates (G5°G6.G7.G8.G
9) is generated by an address decoder consisting of: That is, when an address previously assigned to each peripheral circuit appears on the address bus, the corresponding chip select signal is decoded and becomes active.

FIG. 5b shows ROMI 10. RAM 120 and memory card 130 are shown. These circuits are connected via address bus, data bus and control bus.
It is connected to a microcomputer 100. DEL
is a decoder. Note that the memory card 130 is detachably connected to the circuit by a connector (not shown).

In Figure 5c, an input/output interface 180 is shown. This circuit includes an integrated circuit 131 connected to the address bus, data bus, and control bus of the microcomputer 100, and switches 5WI-8W6° and light-emitting diodes LEDI-LED connected to the ports of the integrated circuit 131.
7. Buzzer BZ.

Equipped with buffers and drivers.

FIG. 5d shows a power supply circuit 140 and a random number generation circuit 150.
It is shown. The Wi source circuit 140 is a commercial AC power source (
It has the function of converting AC 100 V) power into various DC voltages, and does not have a particularly new configuration.

On the other hand, the random number generation circuit 150 constitutes an analog voltage comparison circuit. The voltage of one of the two comparison input terminals is stabilized, and the ripple voltage output from the power supply circuit 140 is applied to the other input terminal. This pulsating voltage is a smoothed full-wave rectified alternating current (50 Hz) waveform, and this voltage is constantly changing slightly and contains various noises that have entered the power line. . The threshold level of the analog voltage comparison circuit is set to an intermediate level in the range in which the level of the ripple signal changes.

Therefore, a pulse signal RMD with small periodicity appears at the output terminal of the comparison circuit. By sequentially sampling this signal RMD, nearly random random number data can be obtained, although it depends on the sampling period. In this embodiment, the random number data generated in this manner is used as a key code when performing secret communication.

Reference is now made to Figure 6a. This circuit includes a polarity reversal detection circuit 21O2 call detection circuit 220 and a relay RY
I,RY2 is shown. Relays RYI and RY2 are controlled on/off by signals NCU-RL 1 and NCU-RL2 output from microcomputer 100, respectively.

The polarity reversal detection circuit 210 is a telephone line LNI.

In order to detect the current in the line LNI to identify the presence or absence of a current flowing through LN2 and the direction of the current, photocouplers PCI and PO2 each consisting of one light emitting diode and a phototransistor are provided. The light emitting diodes of each photocoupler are interposed on the line LNI with opposite polarity, so when current flows in one direction, Pct is turned on and PO2 is turned off, and when current flows in the other direction, PCI is turned off. and PO
2 turns on. When no current flows, both photocouplers Pct and PC2 are turned off.

In a telephone line, when the receiver is on the hook, no current flows through the line, and when the hook is off, current flows through the line.

Therefore, in this embodiment, the hook-off signal is configured to become active when current is flowing in either direction. The two signals POL1 and POL2 are turned on/off depending on the direction of the current. Telephone line LNI, LN2
Since the polarity of the above voltage is reversed by the switch, this function is provided to check the polarity of the line at that time. This function is available for one line LN1. When the local facsimile is disconnected from LN2 and connected to the secret device, it is used to match the polarity of the voltage supplied to the lines LFI and LF2 on the facsimile side with those of the telephone lines LNI and LN2.

The call detection circuit 220 is a telephone line LNI.

It has the function of detecting the ringing signal appearing on LN2. Since the calling signal is an alternating current signal, in this circuit, the signal whose direct current component is blocked by a capacitor is passed through a rectifier circuit to be rectified, and when a signal of a predetermined level or higher appears at the rectified output, the incoming call signal is turned on. It is composed.

In FIG. 6b, a current supply circuit 230 is shown. This circuit connects the local facsimile to the telephone line LNI, L
When disconnected from line LF1.N2 and connected to line LiB on the concealed side, line LF1. LF2
It has the function of supplying voltage to In order to match the polarity of the voltage with the polarity of the telephone lines LN1 and LN2 at that time, the polarity signals POLI and POL2 output from the polarity reversal detection circuit 210 described above are used.

Therefore, even if an existing facsimile machine monitors the voltage and current of the line connected to it and performs control according to its status, the connection of the facsimile line can be hidden from the telephone line. There is no fear that any problems will occur by switching to the new device. Note that although a voltage of 48V normally appears on the telephone lines LNI and LN2, the current supply circuit 230 supplies a voltage of 28V.

In Figure 7a, a modem 300 is shown.

Most of the circuitry of this modem is composed of a single-chip integrated circuit (R48PCJ) 310, and the integrated circuit 310 has functions compliant with CC:ITT V27ER. Basically.

As a function of the integrated circuit 310, its data terminal (D7-
(Do) converts the digital signal applied to the serial signal into a serial signal, modulates it, and outputs it to the serial transmission output terminal TXOUT, and demodulates the serial signal applied to the serial reception input terminal RXIN, converts it to parallel data, and outputs the data. There is a function to output to the terminal (D7-D O).

The signal output from the serial transmission output terminal TXOUT of the integrated circuit 310 passes through the signal processing circuit 320, passes through the transformer 330, and is output to the line LiB. Further, the signal input from the line LiB passes through the transformer 330, passes through the signal processing circuit 320, and is applied to the serial reception signal input terminal RXIN of the integrated circuit 310. integrated circuit 31
0 data terminal (D7-DO) is the data bus DBM.
Connected to 1.

In Figure 7b, modem 400 is shown.

Most of the circuitry of this modem is comprised of a single-chip integrated circuit 410. This integrated circuit 410 is the same as the integrated circuit 310 described above.

The signal output from the serial transmission output terminal TXOUT of the integrated circuit 410 passes through the signal processing circuit 420, passes through the transformer 430, and is output to the line LiA. Further, the signal input to the line LiA passes through the transformer 430, the signal processing circuit 420, and is applied to the serial reception input terminal RXIN of the integrated circuit 410. A data terminal (D7-DO) of integrated circuit 410 is connected to data bus DBM2.

Furthermore, the interrupt request signal I RQ 1 outputted by the modem 300 shown in FIG. 7a and the modem 400 shown in FIG.
The logical OR with the interrupt request signal IRQ2 outputted by the logic gate G15 is outputted from the logic gate G15, and is applied to the interrupt request input terminal INT of the microcomputer 100.

FIG. 8 shows a buffer circuit 500. Referring to FIG. 8, this circuit includes integrated circuits (7411C245) 5, each functioning as a bidirectional three-state bus buffer.
10, 520 and 530. integrated circuit 5
The A group terminal of 1O is the data bus D of the modem 400.
BM2, the A group terminal of the integrated circuit 520 is connected to the data bus DBM1 of the modem 300, and the A group terminal of the integrated circuit 530 is connected to the data bus of the microcomputer 100. Furthermore, the terminals of each group B of the integrated circuits 510, 520, and 530 are commonly connected to the internal data bus (2).

Therefore, by controlling the integrated circuits 510 and 530, the data bus of the microcomputer 100, the internal data bus (2), and the data bus DBM2 of the modem 400 are
By controlling the integrated circuits 520 and 530, data can be transmitted between the data bus (2) of the microcomputer 100, the internal data bus (2), and the modem 300. data bus D
Data can be transmitted in either direction between the three parties with the BMI.

FIG. 9 shows a specific configuration of the encryption/decryption processing circuit 600. Referring to FIG. 9, this circuit is roughly divided into a key code holding circuit 610, an encryption circuit 6
20 and a decoding circuit 630.

First, the key code holding circuit 610 will be explained. This circuit is composed of a FROM (programmable ROM) 611 and two latches 612 and 613. FROM61
Master key information is applied from the microcomputer 100 to the address terminals (AO to A7) of No. 1. F.R.O.
In the M611, different key codes are stored in advance for each address, and by giving address information, the 8-bit key code existing at that address can be determined.

Output to data terminals (Do to D7).

By controlling the latch control signals KLTI and KLT2, the information output from the FROM 611 can be held in the latches 612 and 613, respectively. By changing the master key given to FROM611 when outputting latch control signal KLTI and when outputting KLT2, data held in latch 612 and latch 613 can be changed.
The data held in the file will have a different value. latch 612
The 8-bit data held in the key code KA is
The 8-bit data held in the latch 613 is the key code K
B are applied to the encryption circuit 620 and the decryption circuit 630, respectively.

Next, the encryption circuit 620 will be explained. This circuit is.

4-bit full adders 621, 622. Exclusive OR circuits 623, 624° and a three-state output buffer 625. It consists of The input terminal of group A of the full adder 621 receives the lower 4 bits of information (X
O-X3) is applied, and the lower 4 bits of the key code KA (3 to KO-) are applied to the input terminal of the B group. Also, at the input terminal of group A of full adder 622.

The upper 4 bits (X4-X7) of the information X to be encrypted are applied via the data bus, and the upper 4 bits (7 to K4-) of the key code KA are applied to the input terminal of the B group. The carry output of the full adder 621 is the carry output of the full adder 621.
22 input terminals.

The output terminals of each group E of full adders 621 and 622 are applied to the input terminals of group A of exclusive OR circuits 623 and 624, respectively.

Furthermore, the lower 4 bits (K8-Kll) of the key code KB are applied to the input terminal of the B group of the exclusive OR circuit 623, and the lower 4 bits (K8-Kll) of the key code KB are applied to the input terminal of the B group of the exclusive OR circuit 624. Upper 4 bits (K12-K1
5) is applied.

4 output from the output terminal Y of the exclusive OR circuit 623
The signal of the bit and output from the output terminal Y of 624.
The bit signal passes through the buffer 625 and is output as 8-bit encrypted information Y to the internal data bus (2).

Next, the decoding circuit 630 will be explained. This circuit consists of 4-bit full adders 633, 634 . exclusive disjunction g631,
632. It consists of a three-state output buffer 635 and a group of inverters.

The input terminal of the A group of the exclusive OR circuit 631 is
The lower 4 bits (YO-Y3) of the encrypted information Y are applied from the internal data bus (2), and the lower 4 bits (K8-Kl) of the key code KB are applied to the input terminal of the B group.
l) is applied. Also, A of the exclusive OR circuit 632
The input terminal of the group contains the top four pieces of encrypted information Y.
Bits (Y4-Y7) are applied from the internal data bus (2), and the upper 4 bits (15 to K12-) of the e-code KB are applied to the input terminal of the B group.

The signals output from the output terminals of each group E of exclusive OR circuits 631 and 632 are as follows.

It is applied to the B group input terminals of full adders 633 and 634. A signal obtained by inverting the lower 4 bits (3 to KO-) of the key code KA is applied to the input terminal of the A group of the full adder 633, and a signal obtained by inverting the lower 4 bits (3 to KO-) of the key code KA is applied to the input terminal of the A group of the full adder 634. Signals obtained by inverting the upper four bits of KA (7 to K4-) are applied.

The 4-bit information output by the full adder 633 and the full adder 6
The 4-bit information outputted by the microcomputer 34 is outputted to the data bus of the microcomputer 100 via the buffer 635 as decoded 8-bit information lx.

It should be noted that the encryption processing method performed by the encryption circuit 620 and the decryption circuit 630 is basically known in the past, so there is no need to explain it.
Note that FIG. 4 shows a simplified version of the processing of the encryption/decryption processing circuit 600 shown in FIG. 9, so please refer to it.

Referring to FIG. 10, which shows the internal structure of the memory card 130 used in this embodiment.

This memory card is equipped with a read/write memory (RAM), a battery, a control circuit, and a connector 134, and is detachable from the main body of the concealed device. Each terminal of the connector 134 includes a power line (Vcc) and a card set signal terminal (C3T).
, chip select signal terminal (C5), ! Writing control output (WPOUT).

Write control input (WE), output permission input (OE).

Address bus (AO-A12) and data bus (Do-
D7) is assigned. An ID code unique to this memory card (allocated in advance) is written in the RAM 131. In this embodiment, in order to perform secure communication, memory cards on which the same ID code is written are required for both the transmitter and receiver secure devices.

Next, the operation of a facsimile machine that performs one communication will be explained with reference to FIG. 11a.

The operation of the concealment device is shown in FIGS. 11b, 11c, 1id, 1ie, 11f, and 11g.
Figure 2a, Figure 12b, Figure 12c.

12d, 12e, 12f, 12g, 12h, 12i, 12j, and 12. The processing of the facsimile machine itself is different from that of conventional equipment. Since they are the same, that part will be briefly explained.

The contents of the processing will be explained below with reference to each episode, but in the explanation, it is assumed that the communication system is configured as shown in FIG. In addition, in the following explanation,
Symbols for signals transmitted in communication processing (shown in parentheses) include:
Abbreviations established by CCITT recommendations are used. Furthermore, the facsimile will be described as operating in automatic mode on both the calling and called sides.

On the calling side's facsimile, when it detects a dial tone from the exchange, it dials the number of the other party (equivalent to going off the hook and picking up the handset).
(see figure).

When the called party detects a ring tone from the exchange, it goes off the hook and then sends out a called station identification signal (CED) on the line indicating that it is a facsimile. Then, until this signal (CE D) is detected, a calling tone (CNG) indicating that the R calling party is a facsimile machine continues to be sent to the line.

After detecting the signal (CED), the calling side enters facsimile communication mode. After sending the signal (CE D), the called side sends a digital identification signal (D I S) indicating that the called device has CCITT standard capabilities. That is, the signal (DIS) notifies the calling party of which mode (Gl, G2, 03, etc.) the called party's facsimile is capable of communicating.

The calling party receives the digital identification signal (
Based on the content of the DIS, it checks whether it matches the communication capabilities of the June facsimile, determines the communication mode that matches the communication capabilities of both parties, and returns a digital command signal (DO8) in response to the DIS signal to the called party. do. Following this, a training check signal (
TCP). After receiving the signal (DO5), the called side receives the signal (TCP) in the specified mode,
A signal (CFR or FTT) indicating the reception result is returned.

Based on the received reception result, the calling side moves to the first message sending step if the communication condition is good, or changes the communication mode (generally lowers the communication speed) and sends the signal again if the communication condition is bad. (TCP).

When the calling party receives the signal (CFR), it sends out a training signal to synchronize the called party, and then sends a message. The called side receives the message after synchronizing with the training signal.

On the called side, after the calling side sends a one-page document, reception continues until it detects a signal (RTC) sent to indicate the end of the document.

When a one-page document is sent, the calling side detects whether it is the final document, and if it is not the final document, a multi-page signal (
After sending the MPS), the reception confirmation signal (MCF) or retraining signal (RTP, RTN) is sent from the receiving side.
). Then, depending on the received signal, the user selects whether to change the transmission mode, send training, or disconnect the line.

If it is the final document, the procedure is interrupted by an interrupt, and it is determined whether or not to change the mode. If the mode is not to be changed, a procedure end signal (EOP) is sent and a circuit disconnection operation is started. When changing the mode, the signals (MCF, R
TP or RTN), it waits until it receives a digital identification signal (DIS).

On the called side, the signal (MPS) from the calling side.

When either (EOP) or (EOM: : End of Ay Sage 7) is received, the signal (MCF) or (RTP) is received.

After responding with either (RT'N), return to the command bone m state. Otherwise, the circuit will be disconnected.

Next, the operation of the concealment device will be explained.

First, it is determined whether the local facsimile belongs to the calling party or the called party. That is, in FIG. 12a, in step A52, the (incoming call) signal output from the call detection circuit 220 is checked, and in step A55, the hook signal output from the polarity detection circuit 210 is checked,
The calling party or the called party is detected by identifying which one comes first: incoming call detection or hook-off detection. If it is the called side, the incoming call signal is detected first, so 1 is stored in register C1 in step A53.If it is the calling side, when no incoming call signal is detected, 1 is stored in register C1 in step Δ54. 0, and since a hook-off is detected, proceed to the first-order processing, therefore.

In subsequent processing, by referring to register C1, it is possible to identify whether the local facsimile is the calling party or the called party.

Next, it is determined whether the memory card 130 is attached to the secret device. This can be identified by referring to the card installation signal C8T output from the memory card 130.1 When the memory card 130 is installed in the secure device of at least one of the calling side and the called side, the secure communication It is assumed that there is a will.

When the memory card 130 is inserted, the process advances to step A59 to turn on relay RYI, and in step 860 the value of register C1 is checked to perform processing on the calling or called side.

If the local station is the called party, in step A69, the switch (F
AX-3W: Check 5WI) and identify whether the local facsimile mode is manual or automatic 0 If manual, proceed to step A70, turn on relay RY2, and conceal the local facsimile lines LF1 and LF2. It is connected to the line LiB in the device, and in step A71, a signal (CHD) is sent to the other party's station, that is, the calling party's station.

If the facsimile of the own station is in the automatic mode, the process advances to step G51 in FIG.
Turn on relay RY2 and connect your own facsimile line LFI.
, LF2 are connected to the line Lil3 in the covert device.

Next, check the status of the secret switch (SW2).

If the switch is on, it is assumed that you wish to remain confidential, and register M
Store ACTC in r, otherwise NA in Mr.
0th order to store CTC.

Proceeding to step G61, a state is set in which the signal (Dis) can be received.

Next, the process proceeds to step H51 in FIG. 12h, where the register M
``Sends the contents of `` to the other station.

Here, a case where the local station is the calling side will be explained. In that case, the process proceeds to step B51 shown in FIG. 12b, and first the signal (CE
Wait until D) is detected. When this signal (CED) is detected, the process proceeds to step B56. If the called station is a normal facsimile, a DIS or DTC is sent here, but if the called station's security device is operating, a signal (
CHD) followed by <, instead of DIS or DTC, the 12th
At step H51 in figure h, the contents of Mr are sent.

In that case, when the predetermined time Tx2 has elapsed, step B57
Proceeding to step B58, relay RY2 is turned on to switch the line connection, and in step B59, the concealment switch (SW
2), and set the contents of register Mt according to the result. Then, since the contents of the register Mr are received, the process proceeds from step B66 to step C51 in FIG. .

In step C55, the signal RO output from the random number generation circuit is
Repeatedly sample the level of M.

A random number code R is thereby generated. Step C56
Now, let's write the generated random number code R as Il! lf is given as input X to the encryption/decryption processing circuit 600, and the ID code obtained from the memory card 130 is given to the encryption/decryption processing circuit 600 as a master key, and the key codes KA and KI3 corresponding to the master key are given as input X. In the 0th-order step C57, which generates information Ct obtained by encrypting the random number R,
Information Xt obtained by adding a code Ct to the code ACTC is sent to the called station.

The called station receives information Xt from one calling station in step H52 of FIG. 12h. and.

If Xt is not NACTC, proceed to Step I (56). In Step H56, the ID code obtained from the memory card 130 of the called station is given to the encryption/decryption processing circuit 600 as a master key, and the ID code corresponding to the master key is given. key code KA
and generate KB. Then, encrypt the received code/
It is applied to the cipher input Y of the decryption processing circuit 600, and the cipher is decoded.

The decoded information R' is output to the data bus.

In the next step 1157, the decrypted information R' is given to the encryption/decryption processing circuit 600 as a master key, and the key code KA corresponding to the master key is given.

Generate KI3. Information R' is then input as input information X to the encryption/decryption processing circuit 600, which encrypts it and sends the obtained code Xr to the calling station.

When the calling station receives the code Xr in step C58, the process proceeds to step C59. In step C59, the code Xr is input to the code input Y of the encryption/decryption processing circuit 600, and at the same time, the code The same value as the random number is given to the encryption/decryption processing circuit 600 as a master key, and the code Xr is decrypted. Information R decoded in this way
I 1 is R''=D r (E r'(R') )
”・(1) However, R”: R decrypted by the called side. If the conditions for encoding and decoding all match, R'' will be equal to the random number R sent first. If the ID code stored in the memory card on the first call side and the memory card on the called side are different, R and R'' do not match.

The calling station side compares R and Rty in step C60,
If they match, the process advances to step C62, stores 1 in register Rf, and sends it to the called party. If they do not match, the transmission of the cipher and the comparison with the returned cipher are repeated three times. If there is no match after 3 checks,
Confidential communication operations are prohibited.

When the called side receives Rf in step 858 of FIG. 12h, the process proceeds to step H61 and subsequent steps.

Until secure communication becomes possible as described above, the facsimile at the called station transmits a digital identification signal (D
IS) continues to be sent9, and the calling facsimile continues to wait for that signal.

Then, when the called station side security device proceeds to step H65, it has already received the digital identification signal (D
IS) is being received, so the signal is transmitted to the other party's (calling) station.

In this way, confidential communication becomes possible.

After that, information is transmitted using the same procedure as normal facsimile communication, but in that case, the secure device mediates data transmission between the facsimile on the local station's side and the other station's side (secure device). Information transmitted by the facsimile at the local station is sent to the other party's station via the secret device, and information sent from the other party's station is sent to the facsimile at the own station via the secret device.

Image information is encrypted or decrypted during mediation. In that case, the information to be encrypted is applied to the input terminal X of the encryption/decryption processing circuit 600, and the information to be decrypted is applied to the input terminal Y. In addition, the mask key code of the encryption/decryption processing circuit 600 is a mask key code that has already been transferred, confirmed and collated between the local station and the other station.
Random numbers are used at both stations. In other words, a different value is used for the key used in secure communication, that is, the session key, each time the communication occurs. Therefore, it is extremely safe.

Note that in the above embodiment, encryption/decryption is performed by arithmetic addition and exclusive OR operations, but the encryption method may also be implemented using various other conventionally known methods. The invention may be implemented in a similar manner, for example, as in the Stosor 11 cipher.

You may use a method of sequentially updating the key value by counting up the value, or you may use a method of using the most recently encrypted data as the key.

Further, in the embodiment, confidential communication was explained when facsimile machines communicate with each other. However, the device of the present invention can be used not only for facsimiles but also for any device that communicates using the same communication procedure. It is possible to do so.

Further, in the embodiment, a memory card in which a code is stored in advance is used as the code input means, but the ID code may be directly input manually by the operator using a numeric keypad or the like.

[Effect] As described above, in the present invention, the secret switch means (SW2
), the operator's intention for confidential communication can be reflected in the communication.

That is, if the ciphering switch means is turned on in at least one of the transmitting station and the receiving station, it is assumed that the operator has the intention of ciphering communication. In that case, it is checked whether or not the secrecy functions of the transmitting station and the receiving station, including the cipher input by the cipher input means (130), match, and if they match, the secret communication is executed. If they do not match, for example, if the codes input by the code input means do not match between the transmitting station and the receiving station, operation of one transmitting station is prohibited and the communication system connection is cut off.

Therefore, if the operator of at least one of the transmitting station and the receiving station has the intention of secret communication, there is no possibility that unencrypted information will be leaked to a third party.

Furthermore, if the cipher input at the transmitting station and the cipher input at the receiving station do not match, the connection of one communication system is cut off without transmitting information.

It is possible to prevent wasteful communication in which the information cannot be reproduced at the receiving station, and to minimize unnecessary communication costs6.Furthermore, the secrecy switch means is turned off at both the transmitting station and the receiving station. If so, it is assumed that the operator has no intention of secret communication, and normal communication without encryption is performed. In this case, since a key for verifying the operator is not required, communication can be performed even if the operator does not have a special key. Therefore, when performing unimportant communications, no troublesome operations are required.

[Brief explanation of drawings]

FIG. 1 is a block diagram showing the configuration of the entire communication system using the security device of the embodiment. FIG. 2 is a block diagram showing the outline of the configuration of the secret devices provided on the transmitting side and the receiving side, respectively. FIG. 3 is a block diagram showing the configuration of one secret device of the embodiment. FIG. 4 is a block diagram schematically showing the functions of the encryption/decryption processing circuit 600. Figure 5a, Figure 5b, Figure 5C, Figure 5d, Figure 6a,
Figures 6b, 7a, 7b, and 8. FIGS. 9 and 10 are block diagrams showing the detailed configuration of each part shown in FIG. 4. FIG. 11a, 11b, 1ie, 11d, 1ie, 11f, and 11g. 3 is a flowchart showing the contents of facsimile communication processing. Figures 12a, 12b, 12c, 12d, 12e, 12f, 12g, 12h, 1
Figures 2i, 12j, and 12 are flowcharts showing the operation of the concealment device. 100: Microcomputer (ffi child control means) 1
10: ROM 120: RAM1
30: Memory card (re number input means) 134: Connector 140: Power supply 150: Random number generation circuit 180: Input/output interface 210: M-reversal detection circuit 220: Call detection circuit 230: Current supply circuit 300, 400: Modem 3
10.410: Integrated circuit 320.420: Signal processing circuit 330.430 Nidorance 500: Buffer circuit 60
0: Encryption/decryption processing circuit (secret information processing means) 61
0: Key code holding circuit 611: FROM612.61
3: Latch 620: Encryption circuit 621. 622: Full adder 623. 824: Exclusive OR circuit 625: Buffer 630: Decryption circuit 631
．． 632: Exclusive OR circuit 633.634: Full adder 635: Buffer RYI, RY2: Relay L
NI, LN2: Public telephone line LFI, LF2: Line LiA, LiB: Line LT
1: Latch DEI, DE2: Decoder 5w
t-5w5: Switch SW2: (Secret switch means) LEDI-LED7: Light emitting diode BZ: Buzzer r'c1. PO2: Photo coupler

Claims (2)

[Claims] (1) In a secure communication control device equipped with a confidential information processing means for encrypting transmitted information and decrypting received information: Concealment switch means for switching on/off of concealment operation; Encryption input means for inputting a predetermined code; and when the secrecy switch means of at least one of the communication stations on the transmitting side and the receiving side is in the ON state of the secrecy operation, whether or not the secrecy functions of the transmitting station and the receiving station match, including the cipher input by the cipher input means. If they match, secure communication is executed, and if they do not match, communication operation is prohibited and the communication system connection is cut off, and the security switch means of both communication stations on the transmitting side and the receiving side turn off the secure operation. 1. A secure communication control device comprising: electronic control means for communicating with unencrypted information when in the state. (2) The code input means has a specific code stored in advance,
The secure communication control device according to claim 1, further comprising a card that is removably attached to the main body of the device.