JPH08107409A - Communication equipment - Google Patents

Abstract

PURPOSE: To provide a communication equipment for reinforcing cipher strength in the communication equipment consisting of a communication system to perform cipher communication. CONSTITUTION: Inside a control part 1, a data table for diffusion incommmon for the transmission side and reception side is provided, a random number R is generated at every time of communication, communication data are diffused by reading a value from this table corresponding to that value R, transmitting data are transmitted, and the random number R is added to an NSS signal and transmitted. At the time of reception, the diffusion of communication data is canceled by using the value of the random number R added to the NSS signal, and data are outputted from a recording part 15.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a communication device having a cryptographic communication function, and more particularly to a communication device suitable for a facsimile or the like using a telephone line.

[0002]

2. Description of the Related Art In facsimile communication, various special communication can be performed as an additional function in communication between facsimiles of the same manufacturer. Cryptographic communication is one of such special communications.

FIG. 5 shows a general cryptographic communication procedure of such a facsimile communication apparatus. In the path (A) of FIG. 5, 91 to 94 are signal processing procedures on the transmission side. The original to be transmitted is first read by the scanner 91, and the image data of the read original is
At 92, data compression, that is, encoding processing is performed by an algorithm such as MH (Modified Hoffman) or MR (Modified Read). Next, in order to perform secret communication on this compressed image data, 93
In FIG. 5, encryption processing is performed using the encryption key, and the encrypted data is sent from the facsimile communication device as the transmission side modem 94 to the telephone line.

As described above, in the conventional case, when performing the encrypted communication using the facsimile communication device, the scanner 91 is used.
The image data read in step 1 was encrypted and transmitted in the same order as it was read by the scanner 91 without any processing.

Blocks 95 to 98 shown in the path (B) of FIG. 5 are signal processing procedures on the receiving side. Receiving modem 9
The encrypted encrypted data of the original received by the facsimile communication apparatus 5 as the telephone from the telephone line is subjected to plain culture processing (decryption of ciphertext) at 96 using the same encryption key as the sender.
The image data which has been flat-cultured is decompressed in 97,
That is, it is decrypted, restored to the original image data, and printed by the printer 98. Through this series of processes, the document is taken out on the receiving side. Here, the encryption key is a kind of numerical data.

FIG. 6 shows an example of a typical transmission original. The illustrated manuscript is a standard manuscript defined by CCITT (International Telegraph and Telephone Consultative Committee). As is clear from the manuscript M, most of the normal transmission manuscript is occupied by "white", that is, a white background portion in which characters and patterns are not written.

Now, in the conventional facsimile communication apparatus, considering the portion first scanned by the scanner 91, in other words, the first portion of the communication data or the first encrypted portion, the manuscript M is first scanned. It is the leading portion H that is present. Usually, this head portion H is often entirely white. For this reason, if a conventional facsimile communication apparatus tries to send out some original, it can be said that the first part of the sent data is very likely to correspond to data for all white.

FIG. 7 shows a typical example of a general encryption processing unit in a facsimile communication apparatus, which is shown in FIG.
An example using an ECB (Electric CodeBook) mode is shown in FIG. 7, and a CBC (Cipher Blook Cha) is shown in FIG. 7B.
ining) mode is used. Both (A) and (B) of FIG. 7 normally output the ciphertext C using the cipher key K for the plaintext P as described above.

In the ECB mode, as shown in FIG. 7A, the image data to be encrypted and the encryption are one-to-one.
Corresponding to. On the other hand, as in the CBC mode shown in FIG. 7 (B), for example, n-th when encrypting plaintext P _n, EOR between ciphertext C _n-1 and the plaintext P _n of one time before the ( Exclusive-or) and encrypt the result. In this case, since the ciphertext does not exist in the first image data, the initial value IV secretly set in advance is used, and the initial value IV and the plaintext P ₁ are EORed.

As described above, when performing cipher communication, only the ciphertext C is usually exposed to the public, and the possibility that the ciphertext C is deciphered is considerably low.

[0011]

However, since the first scanned portion of the transmission data is often data corresponding to "all white" as described above, there is a pair of image data and encryption. In the ECB mode corresponding to 1, when the document M is read by the scanner 91, it is easily found that the first part of the received encrypted data is the encrypted image data corresponding to "white". However, there is a problem that the strength of the encryption algorithm is insufficient.

In the CBC mode, the initial value I
Since V is not known, the intensity of the first even image data is "white", for scrambling to the plaintext P ₁ representing the "white" is trained, encryption algorithm than in the ECB mode Is high, but is the same as the ECB mode in that the first part of the transmitted data is "white". Therefore, in both modes, plaintext P (all white data)
However, there is a problem in that the ciphertext C corresponding to it is virtually open to the public.

That is, as described above, in the conventional communication device,
Since the specific plaintext and the ciphertext corresponding thereto become known, there is a problem that the strength of the cipher decreases considerably.

The present invention has been made in view of the above problems, and it is an object of the present invention to provide a communication device which strengthens the encryption strength in a communication device which constitutes a communication system for performing encrypted communication.

[0015]

In order to achieve the above object, the communication device of the present invention has a function of encrypting communication data as described in claim 1, and a plurality of values are recorded. In a transmission / reception-capable communication device having a table, a plurality of counting means assigned corresponding to a communication partner, a reading means for selectively reading one of the values from the table according to the output of the coefficient means, A transmission means for diffusing and transmitting the communication data based on the output value of the reading means; and means for changing the count value of the assigned counting means by a predetermined value every time communication with the communication partner is performed. Is.

Further, as in claim 2, it has a function of encrypting communication data and a function of previously transmitting and receiving procedure information indicating a communication procedure, and has a table in which a plurality of values are recorded. In the communication device, a random number generating means for generating a random number in accordance with a predetermined rule, a reading means for selectively reading one of the values from the above table according to the random number, and the communication data spreading based on this value. And a transmission means for transmitting the output of the diffusion means together with the value of the random number on the procedure information.

[0017]

According to the structure of claim 1, the spread data is read from the table by the read means based on the output of the counting means provided according to the communication partner, and the communication data is spread and transmitted / received by the communication means. The encryption strength is strengthened by incrementing the value of the counting means for each communication.

According to the second aspect of the invention, based on the random number generated by the random number generating means, the reading means reads the spread data from the table, the communication means spreads the communication data, and the random number is used as a procedure. The encryption strength is strengthened by transmitting the information on the information.

[0019]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An example in which the communication device of the present invention is applied to a facsimile communication device for performing encrypted communication in the CBC mode will be described below with reference to the drawings. FIG. 1 is a block diagram showing the overall configuration of a facsimile communication apparatus according to the first embodiment of the communication apparatus of the present invention. In the figure, reference numeral 1 is a control unit composed of a microcomputer or the like, and controls the entire control.

As shown in FIG. 2, the control unit 1 includes a central processing unit (hereinafter abbreviated as "CPU") 2, a program read-only storage element (hereinafter abbreviated as "ROM") 3, and a random access memory. (Hereinafter abbreviated as “RAM”) 4. As shown in FIG. 2, the RAM 4 is used as an initial value (IV) storage area in the CBC mode, a work area as one form of the storage area, a storage area for the encryption key K, a diffusion data table, a counter, and the like. To be done.

Returning to FIG. 1, reference numeral 5 denotes an operation unit having a key array operated by the user. Reference numeral 6 is an encoding / decoding circuit, which is a circuit for performing compression / expansion and the like as described above. Reference numeral 7 denotes an encryption / plain culture circuit, which performs encryption in the CBC mode when the facsimile communication device operates as a transmitting side, and performs plain culture when it operates as a receiving side. Reference numeral 8 is a modem unit, 9 is an NCU (network control unit), and 10 is a telephone line.

A reading unit 11 has a scanner 11a for reading a document. An image processing unit 12 performs processing such as shading correction on the read image data.
Reference numeral 13 is a transmission function unit, 14 is a reception function unit, 15 is a recording unit having a printing unit 15a and the like, and 16 is a real time clock (RTC). The operation unit 5, the modem unit 8, the NCU 9, the scanner 11a, and the printing unit 15a described above.
The CPU 2 and the CPU 2 are connected via a data bus 17, as shown in FIG.

FIG. 3 is a flow chart showing the operation of this embodiment. The operation of this embodiment configured as described above will be described with reference to FIG. First, the operation of the transmitting side will be described first. FIG. 3A shows the main operation on the transmitting side.

First, when the user sets an original on the reading unit 11 and inputs the telephone number of the other party from the operation unit 5,
In step 301, the transmission operation such as making a call to the transmission partner via the NCU 9 is started, the original is read by the scanner 11a, and in step 302, the encoding circuit 6 encodes MH, MR, etc., while the work area of the RAM 4 is processed. Accumulate in.

Then, in step 303, the RAM
4 work area reads the counter value C _B for destination B, the counter value C _B in step 304
The spread data D of 2 bytes is read from the spread data D table of the RAM 4. Here, this value C _B indicates the number of times communication has been performed with a specific receiver, and the table of the spread data D has the contents shown in Table 1 below. Shared with.

[0026]

[Table 1]

In step 305, the first 2 bytes of the coded data are read from the work area of the RAM 4, and the EOR with the 2-byte spread data D read from Table 1 above is used as the counter value C _B as an index. Then, the encoded data is spread.

Thereafter, in step 306, the counter value C _B is incremented by 1, and if the counter value C _B
Is determined to be 10 or more in step 307, and if 10 or less, step 309 is executed and vice versa.
If it is above, at step 308, 10 is subtracted from the counter value C _B to obtain a new counter value C _B. After such processing of steps 307 to 309, step 30
In 9, the counter value C _B is stored in the RAM 4 again.

In step 310, the encryption key K is RA
The encoded data, which is read from the encryption key storage area of M4 and which has been diffused, is encrypted and transmitted to the telephone line 10 via the modem 8 and the NCU 9 in step 311. This completes a series of transmission operations.

Now, the operation of the receiving side will be described. FIG. 3B shows the main operation on the receiving side. First, in step 351, when the transmission data from the outside is received and the telephone number of the other party is known, the image data is read and stored in the work area of the RAM 4. Next, at step 352, the encryption key K is read out from the encryption key storage area of the RAM 4 and the image data is plain-printed.

At step 353, the counter value C _A corresponding to the transmission partner A is read from the RAM 4, and at step 354, the spread data D for this counter value C _{A is} read from the table of the spread data D of the RAM 4. The table of the spread data D is shared with the transmitting side as described above.

In step 355, the first 2 bytes of the data after the plain culture are read from the work area of the RAM 4, and the result of performing the EOR operation twice as is well known is the same as the original value. C _a taken EOR of the diffusion data D 2 bytes read from Table 1 above as an index back to the data after original coding by solving the diffusion.

Thereafter, in step 356, the counter value C _A is incremented by 1, and steps 357-
The processing of 359 is performed. The processing of these steps 357 to 358 is the same as the processing of steps 307 to 309 on the transmitting side, and the description thereof is omitted.

In step 360, the encoded data that has been despread is decoded in the decoding circuit 6, and is output from the printing section 15a of the recording section 15 in step 361. This completes a series of receiving operations.

In this embodiment, the counter value C _B is 1
However, any value may be incremented. At this time, the counter value C _A may be similarly incremented. Also, the counter values C _A and C _B are
The same operation is possible even if the value is decremented by a predetermined value.

Further, the counter values C _A and C _B are, for example, 4 bits long, the number of tables of the spread data D is 16, and any one of the values 0 to 15 is set to the step 307. 308 may be omitted. In this case, even if the exceptional processing such as steps 307 and 308 is not performed, it is 1 to 15 in the operation of a normal microcomputer or the like.
Even if you add and overflow, the value of the counter becomes 0 again.
It is common to return to the value of. Therefore, the counter as described above can be naturally and easily realized without performing special processing. Further, at the time of decrementing, the counter values C _A and C _B may be decremented from 15 by 1, for example, and when it becomes 0, the counter values may be returned to 15.

As described above, according to the present embodiment, the data to be communicated is spread and transmitted as in steps 303 to 305, and the counter value C _B is incremented for each communication in step 306 according to the communication partner. Since the plaintext and ciphertext pairs are not known because they are changed, even if the same original is repeatedly sent, the image data at the beginning is always different and the CBC mode is used, so not only the beginning but also all The effect is obtained that the data is different and the encryption strength does not decrease.

Since the data is diffused after encoding, the amount of transmitted data does not change, and the data to be diffused is also encrypted, so that the data itself is rarely decrypted. can get.

FIG. 4 is a flow chart showing the operation of the communication device in the second embodiment of the present invention. The hardware configuration is the same as that of the first embodiment, and the description is omitted. First, the operation on the transmitting side will be described. FIG. 4A is a flowchart showing the main operation on the transmitting side. In the figure, steps 401 and 402 are the same as steps 301 and 302 in the first embodiment, and a description thereof will be omitted.

In step 403, a random number generation routine is called to create a random number R having an average value of 5 and a value of 0-10. As a method of generating the random number R, a uniform random number or a pseudo random number that becomes a normal random number may be used. The date / time read from the RTC 16 may be used as the core of the random number.

In step 404, the random number R is used as an index to read the spread data from the table 1 of the spread data D in the RAM 4, and in step 405, the EOR with the previously encoded data is calculated, Spread.

Thereafter, at step 406, the "NSS" signal (CCI) for sending this random number R as a pre-procedure for communication.
TT Recommendation T. Signal which gives the non-standard function setting at 30). Next, in step 407, the encryption key K is read from the encryption key storage area of the RAM 4, and the encoded data that has been diffused is encrypted, and step 40
In step 8, the "NSS" signal is transmitted together with this data to the telephone line 10 via the modem 8 and the NCU 9. This completes a series of transmission operations.

Now, the operation of the receiving side will be described. FIG. 4B shows the main operation on the receiving side. First, in step 451, when the transmission data from the outside is received and the telephone number of the other party is known, "NS
The S "signal is read and the random number R used on the transmitting side is read. The operations of the following steps 452 and 453 are the same as the steps 351 and 352 in the first embodiment, and the description thereof will be omitted.

In step 454, the diffusion data D is read from the diffusion data table of the RAM 4 using the random number R as an index. Subsequent processing steps 455-
457 is steps 355 and 360 in the first embodiment.
The processing is the same as that of steps 361 to 361 and will not be described. This completes a series of receiving operations.

As described above, according to this embodiment, the random number R is generated for each communication in step 403, and steps 404-
Since the data is diffused and transmitted at 405, the pair of plaintext and ciphertext is not known, so even if the same document is repeatedly transmitted, the first image data is always different and CB
Since the C mode is used, not only the beginning but also all the data are different, so that there is an effect that the encryption strength is not lowered.

Further, since the data is diffused after encoding, the amount of transmitted data does not change, and the diffused data is also encrypted, so that the data itself is rarely decrypted. can get.

In the above embodiment, the diffused data D
Has been stored in the RAM 4, but may be preset in the ROM 3. Also, it may be fixed at the time of manufacture,
It may be settable by the user. The numerical value and the data length may be arbitrary.

Further, although the encoded data is diffused, the image data immediately after reading the original document or the encrypted communication data may be diffused, and these are performed a plurality of times with different diffusion data. Alternatively, it may be diffused during each process. Besides, the present invention can be variously modified.

[0049]

As described above, in the communication device of the present invention, according to the structure of claim 1, the data to be communicated is spread with the value read from the table by the reading means, and is transmitted by the transmitting means, and the counting means. Since the count value is incremented and changed for each communication depending on the communication partner, the pair of plaintext and ciphertext is not known, so even if the same original is repeatedly sent, the first image data will always be different, It is possible to obtain the effect that the strength of encryption does not decrease.

According to the second aspect of the present invention, the random number generating means generates a random number for each communication, the reading means responds to the random number to spread the data with the value read from the table, and the transmitting means transmits the data. Therefore, the pair of plaintext and ciphertext is not known, so that even if the same original is repeatedly transmitted, the image data at the beginning is always different, and the strength of encryption does not decrease.

[Brief description of drawings]

FIG. 1 is a block diagram showing an overall configuration of a facsimile communication apparatus according to a first embodiment of a communication apparatus of the present invention.

FIG. 2 is a block diagram showing a specific configuration of a control unit and other peripheral components in the embodiment.

FIG. 3 is a flowchart showing an operation of transmission / reception in the embodiment.

FIG. 4 is a flowchart showing a transmitting / receiving operation of a communication device according to a second embodiment of the present invention.

FIG. 5 is a block diagram showing a procedure of normal cipher transmission / reception in a general facsimile communication apparatus.

FIG. 6 is a diagram showing an example of a transmission document.

FIG. 7 is a block diagram showing an example of an encryption processing unit in a general facsimile communication apparatus.

[Explanation of symbols]

 1 Control Section 5 Operation Section 6 Encoding / Decoding Circuit 7 Encryption / Plain Culture Circuit 8 Modulation / Demodulation Section Modem 9 NCU 10 Telephone Line 11 Reading Section 12 Image Processing Section 13 Transmission Function Section 14 Reception Function Section 15 Recording Section 16 RTC

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁶ Identification code Internal reference number FI Technical indication H04N 1/44

Claims (2)

[Claims] 1. A communication device having a function of encrypting communication data and having a table in which a plurality of values are recorded, capable of transmission and reception, and a plurality of counting means assigned corresponding to a communication partner, Reading means for selectively reading one of the values from the table according to the output of the coefficient means, transmitting means for diffusing and transmitting the communication data based on the output value of the reading means, and communication with the communication partner. And a means for changing the count value of the allocated counting means by a predetermined value each time. 2. A communication device which has a function of encrypting communication data and a function of transmitting and receiving procedure information indicating a communication procedure in advance, and which has a table in which a plurality of values are recorded. A random number generating means for generating a random number according to the above, a reading means for selectively reading one of the values from the table according to the random number, a diffusing means for diffusing the communication data based on this value, and a diffusing means for diffusing the communication data. And a transmission means for transmitting the value of the random number on the procedure information together with the output of the means.