JPH02281838A - Cryptographic communication system - Google Patents

Cryptographic communication system

Info

Publication number
JPH02281838A
JPH02281838A JP1102314A JP10231489A JPH02281838A JP H02281838 A JPH02281838 A JP H02281838A JP 1102314 A JP1102314 A JP 1102314A JP 10231489 A JP10231489 A JP 10231489A JP H02281838 A JPH02281838 A JP H02281838A
Authority
JP
Japan
Prior art keywords
station
information
value
center
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP1102314A
Other languages
Japanese (ja)
Other versions
JP2808651B2 (en
Inventor
Hatsuichi Tanaka
初一 田中
Takeshi Chikasawa
武 近澤
Toru Inoue
徹 井上
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mitsubishi Electric Corp
Original Assignee
Mitsubishi Electric Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitsubishi Electric Corp filed Critical Mitsubishi Electric Corp
Priority to JP1102314A priority Critical patent/JP2808651B2/en
Publication of JPH02281838A publication Critical patent/JPH02281838A/en
Application granted granted Critical
Publication of JP2808651B2 publication Critical patent/JP2808651B2/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Abstract

PURPOSE:To prevent a fact that a third station is impersonated and shares illegally a key by confirming the propriety of one disclosed open value of an opposite station, and thereafter, calculating its open vale and a prescribed store value stored in a secret information storing memory of the own station and generating a key being common to each other. CONSTITUTION:When each station registers the ID information of its own station to the center 1, the center 1 calculates one open value from this ID information, and discloses it together with this ID information to each station. Also, the center 1 calculates one storing value from the ID information, and sends it out to secret information storing memories 3, 6 in the station. After each station confirms a fact that open information of the opposite station has the propriety by utilizing the ID information, a key being common to each other is generated by calculating its open value and the storing value stored in the secret information storing memories 3, 6 of its own station. In such a manner, it is prevented that a third station is impersonated and shares illegally the key without requiring mutual communication between communication stations.

Description

【発明の詳細な説明】 〔産業上の利用分野〕 この発明は1通信局間で秘密鍵を共有して秘密通信を行
う際の暗号通信方式に関するものである。DETAILED DESCRIPTION OF THE INVENTION [Field of Industrial Application] The present invention relates to an encrypted communication system for performing secret communication by sharing a secret key between one communication station.

〔従来の技術〕[Conventional technology]

第2図は例えばDH方式(W、Diffis and 
M、 E。Figure 2 shows, for example, the DH method (W, Diffis and
M,E.

H@11man 、 N@w Dir@ctions 
in Cryptography 、”IEEE Tr
ans、 Inform、 Theory、 vol、
 IT−22゜No、 6. pp、 644−654
. Nov、 (1976))と呼ばれる従来の暗号通
信方式を示す図であシ2図において、  (1oi)は
通信局A、  (102)は通信局B。H@11man, N@w Dir@ctions
in Cryptography,” IEEE Tr.
ans, Inform, Theory, vol.
IT-22°No, 6. pp, 644-654
.. In Figure 2, (1oi) is communication station A, and (102) is communication station B.

(i a5)は上記通信局A (101)内の秘密情報
格納メモIJ、  (104)は上記通信局B (10
2)内の秘密情報格納メモリ、  (1os)は通信路
である。(i a5) is the secret information storage memo IJ in the communication station A (101), (104) is the communication station B (10)
2) is a secret information storage memory, (1os) is a communication path.

次に動作について説明する。Next, the operation will be explained.

秘密通信を行うネットワークあるいはシステムの構築時
に、素数pとGF(p)の原始光gを公開しておく。局
A (101)と局B (102)との間で共通の鍵を
持ちたい場合、まず局A(10りはCO,p−1〕の間
の整数Xムをランダムに選び9局内の秘密情報格納メモ
リ(103) K秘密に保持しておく。When constructing a network or system for secret communication, the prime number p and the primitive light g of GF(p) are made public. If you want to have a common key between station A (101) and station B (102), first randomly select an integer Information storage memory (103) K kept secret.

局B (102)も(0,p−1)の間の整数xBをラ
ンダムに選び1局内の秘密情報格納メモ!J (104
)に秘密に保持しておく。Station B (102) also randomly selects an integer xB between (0, p-1) and stores secret information within one station! J (104
) will be kept secret.

そして1局A(101)は秘密情報格納メモ!j (1
03)の情報よシ YA=gxAnod p、  l≦Xh≦P−1を計算
し1通信路(105)を介して局B (102)へ送る
。同様に2局B (102)も秘密情報格納メモリ(1
04)の情報によシ ya = gxBmod p、  l≦MB≦1)−1
を計算し2通信路(105)を介して局A (101)
 へ送る。このようにYAとYB を交換してから1局
A(101)は鍵KABを次のように計算する。And 1st station A (101) is a secret information storage memo! j (1
03), YA=gxAnod p, l≦Xh≦P-1 is calculated and sent to station B (102) via one communication path (105). Similarly, 2nd station B (102) also has secret information storage memory (1
According to the information of 04), ya = gxBmod p, l≦MB≦1)-1
is calculated and sent to station A (101) via two communication paths (105).
send to After exchanging YA and YB in this way, one station A (101) calculates the key KAB as follows.

KU2=(YB) Amodp =(gBnod p)  Amod p(A) =gxAxBmOdp、1≦KAB≦p−1局B (1
02)も鍵KABを次のように計算する〇に思= (Y
A) ” mad p ” (g  Amodp )  Bmod p(B) =gxAxBmOdp、1≦KAB≦p−1以上の方法
で局A (101)と局B (102)は鍵KAB=K
(A)=K(B)xAXBoodpを秘密に共有でAB
    AB =g き、この鍵で暗号化/復号化を行うことができる。KU2=(YB) Amodp=(gBnod p) Amod p(A) =gxAxBmOdp, 1≦KAB≦p−1 station B (1
02) also calculates the key KAB as follows = (Y
A) “mad p” (g Amodp) Bmod p(B) = gxAxBmOdp, 1≦KAB≦p−1 Station A (101) and station B (102) use the key KAB=K
(A) = K (B) x AX Boodp secretly shared AB
AB =g, and encryption/decryption can be performed using this key.

〔発明が解決しようとする課題〕[Problem to be solved by the invention]

従来の暗号通信方式は以上のように構成されているので
、秘密通信を行う時の鍵を共有する場合。Conventional encrypted communication systems are configured as described above, so when keys are shared during secret communication.

相手局との通信が必要で、また、第三の局がなシすまし
て不正に鍵を共有できてしまうなどの問題点があった。It requires communication with the other station, and there are also problems such as a third station being able to spoof and share the key illegally.

この発明は上記のような問題点を解消するためになされ
念もので1通信局間の相互通信を必要とせず、*三の局
がなシすまして不正に鍵を共有できない暗号通信方式を
得ることを目的とする。This invention was made in order to solve the above-mentioned problems, and it provides an encrypted communication method that does not require mutual communication between one communication station and prevents three stations from fraudulently sharing keys. The purpose is to

〔課題を解決するための手段〕[Means to solve the problem]

この発明に係る暗号通信方式は、各局を統括するセンタ
(1)を設け、各局がセンタ(1)に自己のID情報を
登録し、センタ(1)が上記より情報に基づいて所定の
計算機で計算される所定の格納値を各局の秘密情報格納
メモIJ +31. (61に送出するとともに。In the encrypted communication system according to the present invention, a center (1) that supervises each station is provided, each station registers its own ID information in the center (1), and the center (1) uses a predetermined computer based on the above information. The calculated predetermined stored value is stored in each station's secret information storage memo IJ +31. (Also sent to 61.

上記ID情報に基づいて他の計算機で計算される所定の
公開値と上記より情報を各局に公開し、各局が相手局の
公開情報をより情報を利用して正当であることを確認し
てから、その公開値と自局の秘密情報格納メモ1月3)
、 +61に格納された格納値とを演算して互いに共通
の鍵を生成することを特徴とするものである。The predetermined public value calculated by another computer based on the above ID information and the above information are disclosed to each station, and each station uses the public information of the other station to confirm that it is legitimate. , its public value and my own secret information storage memo January 3)
, +61 to generate a mutually common key.

〔作用〕[Effect]

各局はセンタ+11に自局のより情報を登録すると。 Each station registers its own information at the center +11.

センタ+1+はこのより情報から一つの公開値を計算し
、上記より情報と共に各局に公開する◎またセンタ(1
)は上記より情報から一つの格納値を計算し1局内の秘
密情報格納メモリ(31,+61に送出する。Center +1+ calculates one public value from this information and releases it to each station along with the information from above.
) calculates one stored value from the above information and sends it to the secret information storage memory (31, +61) within one station.

各局間で通信を行う場合、相手局の公開された一つの公
開値の正当性を確認してから、その公開値と自局の秘密
情報格納メモリに格納された格納値とを演算して互いに
共通の鍵を生成する。When communicating between stations, after confirming the validity of one public value published by the other station, the public value and the stored value stored in the confidential information storage memory of the own station are calculated to communicate with each other. Generate a common key.

〔発明の実施例〕[Embodiments of the invention]

以下、この発明の実施例を図について説明する。 Embodiments of the present invention will be described below with reference to the drawings.

第1図(a)、 (b)は本発明の一実施例による暗号
通信方式を示す図であシ1図において、(1)はセンタ
FIGS. 1(a) and 1(b) are diagrams showing an encrypted communication system according to an embodiment of the present invention. In FIG. 1, (1) is a center.

(2)は通信局A、(31はこの通信局A(2)内の秘
密情報格納メモリ、t4+は公開リス)、+51は通信
局B、(6)はこの通信局B(5)内の秘密情報格納メ
モリ、(7)は通信路である。(2) is communication station A, (31 is secret information storage memory in this communication station A (2), t4+ is public list), +51 is communication station B, (6) is in this communication station B (5) Secret information storage memory, (7) is a communication path.

次に動作について説明する・ 秘密通信を行うネットワークあるいはシステムの構築時
に、2つの大きな素数p、qを選び、それらの積をn”
Pa  q、  Hのオイラー関数(nと互いに素なる
数の個数をオイラー関数と呼びφ(n)で表す)をφ(
n)”(p−1)・(q−1)とする。Next, I will explain the operation. When building a network or system for secret communication, choose two large prime numbers p and q, and calculate their product as n"
The Euler function of Pa q, H (the number of numbers coprime to n is called the Euler function and is expressed as φ(n)) is φ(
n)”(p-1)・(q-1).

次にgcd(θ、φ(N))=1  を満たす整数eを
選ぶ。Next, select an integer e that satisfies gcd(θ, φ(N))=1.

さらに、GF(p)およびGIF(q)の原始元をgと
する・ここで、n、θをセンタ(凰)の公開情報、  
p、  q。Furthermore, let g be the primitive element of GF(p) and GIF(q). Here, n and θ are the public information of the center (凰),
p, q.

gをセンタ(11の秘密情報とする。Let g be the secret information of the center (11).

さて2局A(2)がこのネットワークあるいはシステム
に加入する際1局A(2)はより情報よりA をセンタ
(1〉へ送る。センタ(11は。Now, when two stations A (2) join this network or system, one station A (2) sends A to the center (1) based on the information.The center (11) is.

IDA =8Aθ (moan) θ・RA QA=g     (modn) αa =(mo dφ(n)) β人= 8A、gui (mod n)を計算し、GA
を格納値として局ム(2)内の秘密情報格納メモ1月3
)へ送’in GAとAA を公開値として公開リスト
(4)により情報よりA とともに載せる。IDA = 8Aθ (moan) θ・RA QA=g (modn) αa = (modφ(n)) β person = 8A, calculate gui (mod n), GA
Confidential information storage memo in station (2) as stored value January 3
) and put GA and AA as public values along with A from the public list (4).

局B(5)も加入する際に、より情報よりB をセンタ
(りへ送り0局B(5)内の秘密情報格納メモ1月6)
に格納値αBを送ってもらい、公開リスト(4)にはよ
り情報よりB とともに公開値GBとβBを載せてもら
う。以下同様に、加入するすべての局に対して以上のよ
うな処理をする。When station B (5) also joins, send B to the center with more information 0 Confidential information storage memo in station B (5) January 6)
The stored value αB is sent to the public list (4), and the public values GB and βB are listed along with B from the information. Similarly, the above process is performed for all participating stations.

局ム(21と局B (5)が鍵を共有したい場合を考え
る。Consider a case where station B (21) and station B (5) want to share a key.

局ム(2)は公開値eと共通鍵を生成したー相手局B(
5)のより情報よりB  と公開された公開値GB、β
Bを用いて。Station (2) has generated a public value e and a common key - partner station B (
From the information in 5), B and the published value GB, β
Using B.

βB(nod H)=GB・よりB(mocl c)=
sB−g  (modn)をチエツクし、公開値GBが
改ざんされていないことを確認し、その公開値Gaと秘
密情報格納メモリ(3)内に格納されている局ム(2)
自身の秘密情報である格納値6人を用いて。βB (nod H) = GB・B (mocl c) =
Check sB-g (modn), confirm that the public value GB has not been tampered with, and check the public value Ga and the modn (2) stored in the secret information storage memory (3).
Using the stored value of 6 people, which is their own secret information.

ic A a =GB  (moa n )を生成する
。ここで局B(5)が局A(2)と同様に、相手局A(
2)の公開値GAが改ざんされていなりことを確認して
から、その公開値GA秘密情報格納メモリ(6)内に格
納されている局B(5)自身の秘密情報である格納値α
Bを用いて。ic A a =GB (moan) is generated. Here, station B (5) is similar to station A (2), and the other station A (
After confirming that the public value GA in 2) has not been tampered with, the stored value α, which is the secret information of station B (5) itself, stored in the public value GA secret information storage memory (6).
Using B.

K AB =GA” B(nod n )二gθ2・R
A−RB (mod n )(A)    (B) を生成する。’AB とKABは一致するので、共通鍵 KAB ” KAi” ”AA ” g e2°”’ 
” (nod n )を通信路Cγ)を介さずに共有で
き、この鍵で暗号化/復号化を行うことができる。K AB = GA” B (nod n ) 2gθ2・R
A-RB (mod n) (A) (B) is generated. 'AB and KAB match, so the common key KAB "KAi""AA" g e2°"'
” (nod n ) can be shared without going through the communication path Cγ), and encryption/decryption can be performed using this key.

〔発明の効果〕〔Effect of the invention〕

このようにこの発明によれば、各局がセンタに自己のよ
り情報を登録し、センタが上記より情報に基づbて計算
される格納値を各局の秘密情報格納メモリに送出すると
ともに、上記ID情報に計算される公開値と上記より情
報を一般に公開し。As described above, according to the present invention, each station registers its own information in the center, and the center sends the stored value calculated based on the above information to the secret information storage memory of each station. The public value calculated on the information and the above information will be made available to the public.

各局が公開された相手局の公開値が改ざんされていない
かをチエツクしてから、その公開値と自局の秘密情報格
納メモリに格納された格納値を演算して互すに共通の鍵
を生成するようにしたので。Each station checks whether the published value of the other station has been tampered with, and then calculates the published value and the stored value stored in its own secret information storage memory to find a common key. I made it to generate.

通信局間の相互通信が不要だけでなく、不正ななシすま
しで第三の局が共通鍵を得ることができな込効来がある
This not only eliminates the need for mutual communication between communication stations, but also prevents a third station from obtaining the common key through fraudulent spoofing.

【図面の簡単な説明】[Brief explanation of drawings]

第1図(a)、 (b)はこの発明の一実施例による暗
号通信方式を示す図、第2図は従来の暗号通信方式を示
す図である。 (1)はセンタ、(2)は通信局ム、(3)は秘密情報
格納メモリ、(4)は公開リス)、(S)は通信局B、
(61は秘密情報格納メモ!J、(71は通信路、(1
0っけ通信局ムj(102)は通信局B、  (105
)、 (10っけ秘密情報格納メモy 、  (105
)は通信路である。 なお1図中、同一符号は同一、又は相当部分を示す。 代理人 大 岩 増 雄(ほか2名) 第 図 第 図 3.6;枕占情幸臣昶祷角メtす 4:仏間リスト ピ 通話1各 1o3:局A(101)内のka’fi報、格m、)’
!(’]104゛局B(102)由の梳Z情報格納メモ
リ、=Qe”−R^””(mad n) =(1”A=”(modn) 補正の対象 平成1年6 月、6 日 #4#1書中発明の詳細な説明の欄FIGS. 1(a) and 1(b) are diagrams showing an encrypted communication system according to an embodiment of the present invention, and FIG. 2 is a diagram showing a conventional encrypted communication system. (1) is the center, (2) is the communication station B, (3) is the secret information storage memory, (4) is the public list), (S) is the communication station B,
(61 is a secret information storage memo!J, (71 is a communication path, (1
Communication station Mj (102) is communication station B, (105
), (10 pieces of secret information storage memo y, (105
) is a communication channel. In addition, in FIG. 1, the same reference numerals indicate the same or equivalent parts. Agent: Masuo Oiwa (and 2 others) Figure Figure 3.6; Makura Sanjo Yukiomi Akiyoshi Kakumetsu 4: Butsuma listi call 1 each 1 o 3: Ka'fi information in station A (101), case m, )'
! (']104゛Station B (102)'s comb Z information storage memory, =Qe"-R^"" (mad n) = (1"A="(modn) Target of correction June 1999, 6 Day #4 #1 Detailed explanation of the invention in the book

Claims (1)

【特許請求の範囲】[Claims] 各局が秘密情報格納メモリを有し、局間で通信を行う場
合、上記秘密情報格納メモリ内に格納された情報から暗
号化して上記通信を行うための共通の暗号鍵を生成する
暗号通信方式において、各局を統括するセンタを設け、
各局がセンタに自己のID情報を登録し、センタが上記
ID情報に基づいて所定の計算機で計算される所定の格
納値を各局の秘密情報格納メモリに送出するとともに、
上記ID情報に基づいて他の計算機で計算される所定の
公開値と上記ID情報とを各局に公開し、各局が相手局
の公開情報をID情報を利用して正当であることを確認
してから、その公開値と自局の秘密情報格納メモリに格
納された格納値とを演算して互いに共通の鍵を生成する
ことを特徴とする暗号通信方式。When each station has a secret information storage memory and communication is performed between the stations, an encrypted communication method that generates a common encryption key for the communication by encrypting the information stored in the secret information storage memory. , established a center to supervise each station,
Each station registers its own ID information in the center, and the center sends a predetermined stored value calculated by a predetermined computer based on the ID information to the secret information storage memory of each station,
A predetermined public value calculated by another computer based on the above ID information and the above ID information are disclosed to each station, and each station confirms that the public information of the other station is legitimate using the ID information. A cryptographic communication method characterized in that a public value is calculated from a public value and a stored value stored in a secret information storage memory of the own station to generate a mutually common key.
JP1102314A 1989-04-22 1989-04-22 Encryption communication method Expired - Lifetime JP2808651B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP1102314A JP2808651B2 (en) 1989-04-22 1989-04-22 Encryption communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP1102314A JP2808651B2 (en) 1989-04-22 1989-04-22 Encryption communication method

Publications (2)

Publication Number Publication Date
JPH02281838A true JPH02281838A (en) 1990-11-19
JP2808651B2 JP2808651B2 (en) 1998-10-08

Family

ID=14324131

Family Applications (1)

Application Number Title Priority Date Filing Date
JP1102314A Expired - Lifetime JP2808651B2 (en) 1989-04-22 1989-04-22 Encryption communication method

Country Status (1)

Country Link
JP (1) JP2808651B2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07307733A (en) * 1994-05-11 1995-11-21 Nec Corp Scrambled communication system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07307733A (en) * 1994-05-11 1995-11-21 Nec Corp Scrambled communication system

Also Published As

Publication number Publication date
JP2808651B2 (en) 1998-10-08

Similar Documents

Publication Publication Date Title
Merkle Protocols for public key cryptosystems
US20230231727A1 (en) Computer implemented method and system for transferring access to a digital asset
Jakobsson et al. An optimally robust hybrid mix network
Diffie et al. Multiuser cryptographic techniques
Beller et al. Privacy and authentication on a portable communications system
Diffie et al. Authentication and authenticated key exchanges
EP2182671B1 (en) System, apparatus and method for replacing a cryptographic key
JP2606419B2 (en) Cryptographic communication system and cryptographic communication method
KR20180115701A (en) Secure manifold loss prevention of cryptographic keys for block-chain-based systems associated with wallet management systems Storage and transmission
JP2000502553A (en) Key agreement and transport protocol using intrinsic signature
JPH04117826A (en) Key-delivery system with verification function
EP3529948B1 (en) Composite digital signatures
CN114467280A (en) Generating digital signatures using cold purses
JP2862141B2 (en) Identification number-based key management device using conventional encryption
JP4750274B2 (en) Key sharing attack defense method
Nakkar et al. Gase: A lightweight group authentication scheme with key agreement for edge computing applications
Kerschbaum et al. RFID-based supply chain partner authentication and key agreement
Hazay et al. Adaptively secure computation with partial erasures
Zheng Shortened digital signature, signcryption and compact and unforgeable key agreement schemes
WO2021064043A1 (en) A method for secure transferring of information through a network between an origin virtual asset service provider and a destination virtual asset service provider
CN112819465B (en) Homomorphic encryption method and application system based on Elgamal
JPH02281838A (en) Cryptographic communication system
JP2831685B2 (en) Encryption communication method
Yang et al. Efficient anonymous roaming and its security analysis
CN115378640B (en) Cross-chain data security sharing method based on alliance chain