JPH02281838A - Cryptographic communication system - Google Patents
Cryptographic communication systemInfo
- Publication number
- JPH02281838A JPH02281838A JP1102314A JP10231489A JPH02281838A JP H02281838 A JPH02281838 A JP H02281838A JP 1102314 A JP1102314 A JP 1102314A JP 10231489 A JP10231489 A JP 10231489A JP H02281838 A JPH02281838 A JP H02281838A
- Authority
- JP
- Japan
- Prior art keywords
- station
- information
- value
- center
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 43
- 230000015654 memory Effects 0.000 claims abstract description 20
- 238000000034 method Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
Abstract
Description
【発明の詳細な説明】
〔産業上の利用分野〕
この発明は1通信局間で秘密鍵を共有して秘密通信を行
う際の暗号通信方式に関するものである。DETAILED DESCRIPTION OF THE INVENTION [Field of Industrial Application] The present invention relates to an encrypted communication system for performing secret communication by sharing a secret key between one communication station.
第2図は例えばDH方式(W、Diffis and
M、 E。Figure 2 shows, for example, the DH method (W, Diffis and
M,E.
H@11man 、 N@w Dir@ctions
in Cryptography 、”IEEE Tr
ans、 Inform、 Theory、 vol、
IT−22゜No、 6. pp、 644−654
. Nov、 (1976))と呼ばれる従来の暗号通
信方式を示す図であシ2図において、 (1oi)は
通信局A、 (102)は通信局B。H@11man, N@w Dir@ctions
in Cryptography,” IEEE Tr.
ans, Inform, Theory, vol.
IT-22°No, 6. pp, 644-654
.. In Figure 2, (1oi) is communication station A, and (102) is communication station B.
(i a5)は上記通信局A (101)内の秘密情報
格納メモIJ、 (104)は上記通信局B (10
2)内の秘密情報格納メモリ、 (1os)は通信路
である。(i a5) is the secret information storage memo IJ in the communication station A (101), (104) is the communication station B (10)
2) is a secret information storage memory, (1os) is a communication path.
次に動作について説明する。Next, the operation will be explained.
秘密通信を行うネットワークあるいはシステムの構築時
に、素数pとGF(p)の原始光gを公開しておく。局
A (101)と局B (102)との間で共通の鍵を
持ちたい場合、まず局A(10りはCO,p−1〕の間
の整数Xムをランダムに選び9局内の秘密情報格納メモ
リ(103) K秘密に保持しておく。When constructing a network or system for secret communication, the prime number p and the primitive light g of GF(p) are made public. If you want to have a common key between station A (101) and station B (102), first randomly select an integer Information storage memory (103) K kept secret.
局B (102)も(0,p−1)の間の整数xBをラ
ンダムに選び1局内の秘密情報格納メモ!J (104
)に秘密に保持しておく。Station B (102) also randomly selects an integer xB between (0, p-1) and stores secret information within one station! J (104
) will be kept secret.
そして1局A(101)は秘密情報格納メモ!j (1
03)の情報よシ
YA=gxAnod p、 l≦Xh≦P−1を計算
し1通信路(105)を介して局B (102)へ送る
。同様に2局B (102)も秘密情報格納メモリ(1
04)の情報によシ
ya = gxBmod p、 l≦MB≦1)−1
を計算し2通信路(105)を介して局A (101)
へ送る。このようにYAとYB を交換してから1局
A(101)は鍵KABを次のように計算する。And 1st station A (101) is a secret information storage memo! j (1
03), YA=gxAnod p, l≦Xh≦P-1 is calculated and sent to station B (102) via one communication path (105). Similarly, 2nd station B (102) also has secret information storage memory (1
According to the information of 04), ya = gxBmod p, l≦MB≦1)-1
is calculated and sent to station A (101) via two communication paths (105).
send to After exchanging YA and YB in this way, one station A (101) calculates the key KAB as follows.
KU2=(YB) Amodp
=(gBnod p) Amod p(A)
=gxAxBmOdp、1≦KAB≦p−1局B (1
02)も鍵KABを次のように計算する〇に思= (Y
A) ” mad p
” (g Amodp ) Bmod p(B)
=gxAxBmOdp、1≦KAB≦p−1以上の方法
で局A (101)と局B (102)は鍵KAB=K
(A)=K(B)xAXBoodpを秘密に共有でAB
AB =g
き、この鍵で暗号化/復号化を行うことができる。KU2=(YB) Amodp=(gBnod p) Amod p(A) =gxAxBmOdp, 1≦KAB≦p−1 station B (1
02) also calculates the key KAB as follows = (Y
A) “mad p” (g Amodp) Bmod p(B) = gxAxBmOdp, 1≦KAB≦p−1 Station A (101) and station B (102) use the key KAB=K
(A) = K (B) x AX Boodp secretly shared AB
AB =g, and encryption/decryption can be performed using this key.
従来の暗号通信方式は以上のように構成されているので
、秘密通信を行う時の鍵を共有する場合。Conventional encrypted communication systems are configured as described above, so when keys are shared during secret communication.
相手局との通信が必要で、また、第三の局がなシすまし
て不正に鍵を共有できてしまうなどの問題点があった。It requires communication with the other station, and there are also problems such as a third station being able to spoof and share the key illegally.
この発明は上記のような問題点を解消するためになされ
念もので1通信局間の相互通信を必要とせず、*三の局
がなシすまして不正に鍵を共有できない暗号通信方式を
得ることを目的とする。This invention was made in order to solve the above-mentioned problems, and it provides an encrypted communication method that does not require mutual communication between one communication station and prevents three stations from fraudulently sharing keys. The purpose is to
この発明に係る暗号通信方式は、各局を統括するセンタ
(1)を設け、各局がセンタ(1)に自己のID情報を
登録し、センタ(1)が上記より情報に基づいて所定の
計算機で計算される所定の格納値を各局の秘密情報格納
メモIJ +31. (61に送出するとともに。In the encrypted communication system according to the present invention, a center (1) that supervises each station is provided, each station registers its own ID information in the center (1), and the center (1) uses a predetermined computer based on the above information. The calculated predetermined stored value is stored in each station's secret information storage memo IJ +31. (Also sent to 61.
上記ID情報に基づいて他の計算機で計算される所定の
公開値と上記より情報を各局に公開し、各局が相手局の
公開情報をより情報を利用して正当であることを確認し
てから、その公開値と自局の秘密情報格納メモ1月3)
、 +61に格納された格納値とを演算して互いに共通
の鍵を生成することを特徴とするものである。The predetermined public value calculated by another computer based on the above ID information and the above information are disclosed to each station, and each station uses the public information of the other station to confirm that it is legitimate. , its public value and my own secret information storage memo January 3)
, +61 to generate a mutually common key.
各局はセンタ+11に自局のより情報を登録すると。 Each station registers its own information at the center +11.
センタ+1+はこのより情報から一つの公開値を計算し
、上記より情報と共に各局に公開する◎またセンタ(1
)は上記より情報から一つの格納値を計算し1局内の秘
密情報格納メモリ(31,+61に送出する。Center +1+ calculates one public value from this information and releases it to each station along with the information from above.
) calculates one stored value from the above information and sends it to the secret information storage memory (31, +61) within one station.
各局間で通信を行う場合、相手局の公開された一つの公
開値の正当性を確認してから、その公開値と自局の秘密
情報格納メモリに格納された格納値とを演算して互いに
共通の鍵を生成する。When communicating between stations, after confirming the validity of one public value published by the other station, the public value and the stored value stored in the confidential information storage memory of the own station are calculated to communicate with each other. Generate a common key.
以下、この発明の実施例を図について説明する。 Embodiments of the present invention will be described below with reference to the drawings.
第1図(a)、 (b)は本発明の一実施例による暗号
通信方式を示す図であシ1図において、(1)はセンタ
。FIGS. 1(a) and 1(b) are diagrams showing an encrypted communication system according to an embodiment of the present invention. In FIG. 1, (1) is a center.
(2)は通信局A、(31はこの通信局A(2)内の秘
密情報格納メモリ、t4+は公開リス)、+51は通信
局B、(6)はこの通信局B(5)内の秘密情報格納メ
モリ、(7)は通信路である。(2) is communication station A, (31 is secret information storage memory in this communication station A (2), t4+ is public list), +51 is communication station B, (6) is in this communication station B (5) Secret information storage memory, (7) is a communication path.
次に動作について説明する・
秘密通信を行うネットワークあるいはシステムの構築時
に、2つの大きな素数p、qを選び、それらの積をn”
Pa q、 Hのオイラー関数(nと互いに素なる
数の個数をオイラー関数と呼びφ(n)で表す)をφ(
n)”(p−1)・(q−1)とする。Next, I will explain the operation. When building a network or system for secret communication, choose two large prime numbers p and q, and calculate their product as n"
The Euler function of Pa q, H (the number of numbers coprime to n is called the Euler function and is expressed as φ(n)) is φ(
n)”(p-1)・(q-1).
次にgcd(θ、φ(N))=1 を満たす整数eを
選ぶ。Next, select an integer e that satisfies gcd(θ, φ(N))=1.
さらに、GF(p)およびGIF(q)の原始元をgと
する・ここで、n、θをセンタ(凰)の公開情報、
p、 q。Furthermore, let g be the primitive element of GF(p) and GIF(q). Here, n and θ are the public information of the center (凰),
p, q.
gをセンタ(11の秘密情報とする。Let g be the secret information of the center (11).
さて2局A(2)がこのネットワークあるいはシステム
に加入する際1局A(2)はより情報よりA をセンタ
(1〉へ送る。センタ(11は。Now, when two stations A (2) join this network or system, one station A (2) sends A to the center (1) based on the information.The center (11) is.
IDA =8Aθ (moan)
θ・RA
QA=g (modn)
αa =(mo dφ(n))
β人= 8A、gui (mod n)を計算し、GA
を格納値として局ム(2)内の秘密情報格納メモ1月3
)へ送’in GAとAA を公開値として公開リスト
(4)により情報よりA とともに載せる。IDA = 8Aθ (moan) θ・RA QA=g (modn) αa = (modφ(n)) β person = 8A, calculate gui (mod n), GA
Confidential information storage memo in station (2) as stored value January 3
) and put GA and AA as public values along with A from the public list (4).
局B(5)も加入する際に、より情報よりB をセンタ
(りへ送り0局B(5)内の秘密情報格納メモ1月6)
に格納値αBを送ってもらい、公開リスト(4)にはよ
り情報よりB とともに公開値GBとβBを載せてもら
う。以下同様に、加入するすべての局に対して以上のよ
うな処理をする。When station B (5) also joins, send B to the center with more information 0 Confidential information storage memo in station B (5) January 6)
The stored value αB is sent to the public list (4), and the public values GB and βB are listed along with B from the information. Similarly, the above process is performed for all participating stations.
局ム(21と局B (5)が鍵を共有したい場合を考え
る。Consider a case where station B (21) and station B (5) want to share a key.
局ム(2)は公開値eと共通鍵を生成したー相手局B(
5)のより情報よりB と公開された公開値GB、β
Bを用いて。Station (2) has generated a public value e and a common key - partner station B (
From the information in 5), B and the published value GB, β
Using B.
βB(nod H)=GB・よりB(mocl c)=
sB−g (modn)をチエツクし、公開値GBが
改ざんされていないことを確認し、その公開値Gaと秘
密情報格納メモリ(3)内に格納されている局ム(2)
自身の秘密情報である格納値6人を用いて。βB (nod H) = GB・B (mocl c) =
Check sB-g (modn), confirm that the public value GB has not been tampered with, and check the public value Ga and the modn (2) stored in the secret information storage memory (3).
Using the stored value of 6 people, which is their own secret information.
ic A a =GB (moa n )を生成する
。ここで局B(5)が局A(2)と同様に、相手局A(
2)の公開値GAが改ざんされていなりことを確認して
から、その公開値GA秘密情報格納メモリ(6)内に格
納されている局B(5)自身の秘密情報である格納値α
Bを用いて。ic A a =GB (moan) is generated. Here, station B (5) is similar to station A (2), and the other station A (
After confirming that the public value GA in 2) has not been tampered with, the stored value α, which is the secret information of station B (5) itself, stored in the public value GA secret information storage memory (6).
Using B.
K AB =GA” B(nod n )二gθ2・R
A−RB (mod n )(A) (B)
を生成する。’AB とKABは一致するので、共通鍵
KAB ” KAi” ”AA ” g e2°”’
” (nod n )を通信路Cγ)を介さずに共有で
き、この鍵で暗号化/復号化を行うことができる。K AB = GA” B (nod n ) 2gθ2・R
A-RB (mod n) (A) (B) is generated. 'AB and KAB match, so the common key KAB "KAi""AA" g e2°"'
” (nod n ) can be shared without going through the communication path Cγ), and encryption/decryption can be performed using this key.
このようにこの発明によれば、各局がセンタに自己のよ
り情報を登録し、センタが上記より情報に基づbて計算
される格納値を各局の秘密情報格納メモリに送出すると
ともに、上記ID情報に計算される公開値と上記より情
報を一般に公開し。As described above, according to the present invention, each station registers its own information in the center, and the center sends the stored value calculated based on the above information to the secret information storage memory of each station. The public value calculated on the information and the above information will be made available to the public.
各局が公開された相手局の公開値が改ざんされていない
かをチエツクしてから、その公開値と自局の秘密情報格
納メモリに格納された格納値を演算して互すに共通の鍵
を生成するようにしたので。Each station checks whether the published value of the other station has been tampered with, and then calculates the published value and the stored value stored in its own secret information storage memory to find a common key. I made it to generate.
通信局間の相互通信が不要だけでなく、不正ななシすま
しで第三の局が共通鍵を得ることができな込効来がある
。This not only eliminates the need for mutual communication between communication stations, but also prevents a third station from obtaining the common key through fraudulent spoofing.
第1図(a)、 (b)はこの発明の一実施例による暗
号通信方式を示す図、第2図は従来の暗号通信方式を示
す図である。
(1)はセンタ、(2)は通信局ム、(3)は秘密情報
格納メモリ、(4)は公開リス)、(S)は通信局B、
(61は秘密情報格納メモ!J、(71は通信路、(1
0っけ通信局ムj(102)は通信局B、 (105
)、 (10っけ秘密情報格納メモy 、 (105
)は通信路である。
なお1図中、同一符号は同一、又は相当部分を示す。
代理人 大 岩 増 雄(ほか2名)
第
図
第
図
3.6;枕占情幸臣昶祷角メtす
4:仏間リスト
ピ
通話1各
1o3:局A(101)内のka’fi報、格m、)’
!(’]104゛局B(102)由の梳Z情報格納メモ
リ、=Qe”−R^””(mad n)
=(1”A=”(modn)
補正の対象
平成1年6 月、6 日
#4#1書中発明の詳細な説明の欄FIGS. 1(a) and 1(b) are diagrams showing an encrypted communication system according to an embodiment of the present invention, and FIG. 2 is a diagram showing a conventional encrypted communication system. (1) is the center, (2) is the communication station B, (3) is the secret information storage memory, (4) is the public list), (S) is the communication station B,
(61 is a secret information storage memo!J, (71 is a communication path, (1
Communication station Mj (102) is communication station B, (105
), (10 pieces of secret information storage memo y, (105
) is a communication channel. In addition, in FIG. 1, the same reference numerals indicate the same or equivalent parts. Agent: Masuo Oiwa (and 2 others) Figure Figure 3.6; Makura Sanjo Yukiomi Akiyoshi Kakumetsu 4: Butsuma listi call 1 each 1 o 3: Ka'fi information in station A (101), case m, )'
! (']104゛Station B (102)'s comb Z information storage memory, =Qe"-R^"" (mad n) = (1"A="(modn) Target of correction June 1999, 6 Day #4 #1 Detailed explanation of the invention in the book
Claims (1)
合、上記秘密情報格納メモリ内に格納された情報から暗
号化して上記通信を行うための共通の暗号鍵を生成する
暗号通信方式において、各局を統括するセンタを設け、
各局がセンタに自己のID情報を登録し、センタが上記
ID情報に基づいて所定の計算機で計算される所定の格
納値を各局の秘密情報格納メモリに送出するとともに、
上記ID情報に基づいて他の計算機で計算される所定の
公開値と上記ID情報とを各局に公開し、各局が相手局
の公開情報をID情報を利用して正当であることを確認
してから、その公開値と自局の秘密情報格納メモリに格
納された格納値とを演算して互いに共通の鍵を生成する
ことを特徴とする暗号通信方式。When each station has a secret information storage memory and communication is performed between the stations, an encrypted communication method that generates a common encryption key for the communication by encrypting the information stored in the secret information storage memory. , established a center to supervise each station,
Each station registers its own ID information in the center, and the center sends a predetermined stored value calculated by a predetermined computer based on the ID information to the secret information storage memory of each station,
A predetermined public value calculated by another computer based on the above ID information and the above ID information are disclosed to each station, and each station confirms that the public information of the other station is legitimate using the ID information. A cryptographic communication method characterized in that a public value is calculated from a public value and a stored value stored in a secret information storage memory of the own station to generate a mutually common key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP1102314A JP2808651B2 (en) | 1989-04-22 | 1989-04-22 | Encryption communication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP1102314A JP2808651B2 (en) | 1989-04-22 | 1989-04-22 | Encryption communication method |
Publications (2)
Publication Number | Publication Date |
---|---|
JPH02281838A true JPH02281838A (en) | 1990-11-19 |
JP2808651B2 JP2808651B2 (en) | 1998-10-08 |
Family
ID=14324131
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP1102314A Expired - Lifetime JP2808651B2 (en) | 1989-04-22 | 1989-04-22 | Encryption communication method |
Country Status (1)
Country | Link |
---|---|
JP (1) | JP2808651B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH07307733A (en) * | 1994-05-11 | 1995-11-21 | Nec Corp | Scrambled communication system |
-
1989
- 1989-04-22 JP JP1102314A patent/JP2808651B2/en not_active Expired - Lifetime
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH07307733A (en) * | 1994-05-11 | 1995-11-21 | Nec Corp | Scrambled communication system |
Also Published As
Publication number | Publication date |
---|---|
JP2808651B2 (en) | 1998-10-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Merkle | Protocols for public key cryptosystems | |
US20230231727A1 (en) | Computer implemented method and system for transferring access to a digital asset | |
Jakobsson et al. | An optimally robust hybrid mix network | |
Diffie et al. | Multiuser cryptographic techniques | |
Beller et al. | Privacy and authentication on a portable communications system | |
Diffie et al. | Authentication and authenticated key exchanges | |
EP2182671B1 (en) | System, apparatus and method for replacing a cryptographic key | |
JP2606419B2 (en) | Cryptographic communication system and cryptographic communication method | |
KR20180115701A (en) | Secure manifold loss prevention of cryptographic keys for block-chain-based systems associated with wallet management systems Storage and transmission | |
JP2000502553A (en) | Key agreement and transport protocol using intrinsic signature | |
JPH04117826A (en) | Key-delivery system with verification function | |
EP3529948B1 (en) | Composite digital signatures | |
CN114467280A (en) | Generating digital signatures using cold purses | |
JP2862141B2 (en) | Identification number-based key management device using conventional encryption | |
JP4750274B2 (en) | Key sharing attack defense method | |
Nakkar et al. | Gase: A lightweight group authentication scheme with key agreement for edge computing applications | |
Kerschbaum et al. | RFID-based supply chain partner authentication and key agreement | |
Hazay et al. | Adaptively secure computation with partial erasures | |
Zheng | Shortened digital signature, signcryption and compact and unforgeable key agreement schemes | |
WO2021064043A1 (en) | A method for secure transferring of information through a network between an origin virtual asset service provider and a destination virtual asset service provider | |
CN112819465B (en) | Homomorphic encryption method and application system based on Elgamal | |
JPH02281838A (en) | Cryptographic communication system | |
JP2831685B2 (en) | Encryption communication method | |
Yang et al. | Efficient anonymous roaming and its security analysis | |
CN115378640B (en) | Cross-chain data security sharing method based on alliance chain |