JPH09307547A - Ciphering system and information providing device and information using side device in the ciphering system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To update a scramble key with a simple configuration by allowing each randomizer provided to the information providing device and the information using side device to update the scramble key. SOLUTION: After transmission of a scramble key Ks1 as an initial value from a ciphering means 5 of the information providing device 1 to a decoding means 8 of the information using side device 2, the information server device 1 generates a scramble key Ks2 updated by a randomizer 6 itself. Furthermore, the information using side device 2 generates the scramble key Ks2 updated by a randomizer 10 itself. Thus, a multiplexer to send an update key and a demultiplexer for a multiplexed update key are not required by allowing the randomizers 6, 10 in the devices 1, 2 themselves to update the scramble key independently in this way, and the transmission of the update key through other path is not required and then the scramble key is updated with a simple configuration.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an encryption system in which information is scrambled, encrypted and distributed, and more particularly to a technique for updating a scramble key. Further, the present invention relates to an information providing device and an information using side device in the encryption system.

[0002]

2. Description of the Related Art Conventionally, a technique for updating an encryption key in an encryption system for data communication is disclosed in Japanese Patent Laid-Open No. 61-2923.
The one described in Japanese Patent No. 3 is known. The technology described in this publication uses the name "encryption method" to update the encryption / decryption key in a short time, and randomly generate key data independently of the plaintext data to be transmitted. By distributing and incorporating data into transmission data to perform encryption, it is possible to perform encryption and key update that are difficult to decipher without using a complicated encryption algorithm.

FIG. 6 is a block diagram showing the configuration of the encryption system described in the above publication. As shown in FIG. 6, an initial key K ₁ common to the transmitting side and the receiving side is stored in advance in the encryption key buffer 116 and the decryption key buffer 124.

On the transmitting side, first, the switch 118 is closed, the key K ₁ is input to the encryption algorithm 117, the encryption key buffer 116 is emptied, and the switch 118 is opened. next,
By appropriately switching the switch 114 between the terminal 111 side and the terminal 113 side, the key data 127 which is the next encryption key K ₂ generated by the random key generator 115 is dispersedly incorporated into the transmission data 126, and the encryption algorithm 117 is used.
Input data 128 to the. Key data 12 at the same time
7 is stored in the encryption key buffer 116. The encryption algorithm 117 encrypts the input data 128 with the key K ₁ and sends it to the transmission path 119. When the storage amount of the key data 127 in the encryption key buffer 116 becomes maximum, the switch 1
18, and the key data 12 in the encryption key buffer 116 is closed.
7 as a new key K ₂ into the encryption algorithm 117, empty the encryption key buffer 116, and then switch 1
Open eighteen. The encryption algorithm 117 uses a new key K
_{In step 2} , the input data 128 is encrypted.

On the receiving side, first, the switch 125 is closed, the key K ₁ is input to the decryption algorithm 120, the decryption key buffer 124 is emptied, and the switch 125 is opened. That is, the decryption algorithm 120 decrypts the encrypted data input from the transmission path 119 with the key K ₁ to obtain the decrypted data 1
You get 29. Next, the decrypted data 129 is converted into the output data (plaintext data) 131 and the key data 1 by appropriately switching the switch 121 to the terminal 122 side and the terminal 123 side.
Decomposes to 30. The output data 131 is output from the output terminal 122, and the key data 130 is stored in the decryption key buffer 124. When the amount of storage in the decryption key buffer 124 becomes maximum as in the case of the transmitting side, the switch 125 is closed and the key data 130 in the decryption key buffer 124 is input to the decryption algorithm 120 as a new key K ₂ , and the decryption key buffer 1
After emptying 24, switch 125 is opened. The decryption algorithm 120 decrypts the encrypted data with the new key K ₂ .

As described above, the transmission data (plaintext data) is generated while the encryption key is generated by the random key generator 115.
The encryption key is multiplexed on 126, and when the transmission of the key data is completed, the encryption key is updated by performing encryption and decryption with a new encryption key.

[0007]

In the conventional configuration as described above, when the encryption key is updated, new key data is sequentially generated by the random key generator, and the generated key data is generated. It is configured to be multiplexed with encrypted data for transmission. In other words, in order to transmit the updated key data to the receiving side, it is necessary to superimpose the key data on the encrypted data for transmission, the transmitting side requires a key data multiplexing device, and the receiving side needs the key data. However, there is a problem in that the configuration as a whole is complicated due to the update of the encryption key.

In view of the above problems, the present invention does not multiplex the updated cryptographic key with the information when the encrypted information is provided, and does not separate the multiplexed cryptographic key. An object of the present invention is to provide an encryption system and its peripheral device that realize the update of an encryption key without performing distribution using another path.

[0009]

An encryption system according to the present invention is a scramble key generating means for generating an initial scramble key, and scrambles the input information with the scramble key, and sends the scrambled key to an information utilization side device. In the information providing apparatus including the scrambling means for encrypting, and the encrypting means for encrypting the initial scramble key from the scramble key generating means and transmitting the encrypted scramble key to the information using side apparatus, after inputting the initial scramble key, A first randomizer is provided for generating a new scramble key, giving it to the scramble means, inputting the scramble key to itself, and randomizing the scramble key to update the scramble key, and the encrypted data sent from the encrypting means. Decrypting means for decrypting the scramble key to obtain an initial scramble key; In the information use side device provided with the descramble means for decoding the scrambled information sent from the scramble means of the information providing device to obtain plaintext data, further, after inputting the initial scramble key, the new scramble key Second, the scramble key is generated and is given to the descramble means, and the scramble key is input and randomized to update the scramble key.
It is characterized by having a randomizer. The first randomizer included in the information providing apparatus and the second randomizer included in the information-using-side apparatus update the scramble key within each apparatus by themselves. Therefore, multiplexing for sending an update key as in the conventional technique is performed. A device and a device for separating the multiplexed update key are not required, and it is not necessary to send the update key through another route, and the scramble key can be updated with a simple configuration.

[0010]

BEST MODE FOR CARRYING OUT THE INVENTION The encryption system of claim 1 according to the present invention is an encryption system for scrambling information, encrypting and distributing the information, and the information providing apparatus scrambles for generating an initial scramble key. Key generating means, scrambling means for scrambling the input information with a scramble key and sending it to the information utilizing side apparatus, and initial scramble key from the scramble key generating means is encrypted and sent to the information utilizing side apparatus. The information-using-side device includes a decrypting unit that decrypts the encrypted scramble key sent from the encrypting unit to obtain an initial scramble key, and a scramble unit of the information providing device. And a descramble means for obtaining plaintext data by decoding the sent scrambled information, and further, In the information providing device, after inputting the initial scramble key, a first scramble key is generated and a new scramble key is given to the scramble means, and the scramble key is input and randomized to update the scramble key. In the information-using-side device, after the initial scramble key is input, a new scramble key is generated and given to the descramble means, and the scramble key is input and randomized to update the scramble key. It is characterized by having two randomizers.

In the encryption system according to the first aspect, after the initial scramble key is encrypted and sent from the information providing apparatus to the information utilizing side apparatus, the first randomizer and the information utilizing side apparatus possessed by the information providing apparatus are Since the second randomizer has the scramble key updated within each device by itself, a multiplexing device for sending the update key and a device for separating the multiplexed update key as in the prior art are not required, and , It is not necessary to send the update key using another route, and the scramble key can be updated with a simple configuration.

According to a second aspect of the present invention, the encryption system according to the first aspect is new after the first randomizer is removed from the information providing apparatus and the initial scramble key is input by the encryption means itself. While the scramble key is generated and given to the scramble means, the scramble key is input to itself and encrypted to update the scramble key, on the other hand, in the information use side device,
The second randomizer is removed, and an encryption means having the same function as the encryption means of the information providing device is added. Since the information providing device naturally generates the updated scramble key in the encryption means itself, and the information use side device generates the updated scramble key in the added encryption means itself,
In other words, since it is configured to update the scramble key by the internal processing, there is no need for a multiplexing device for transmitting the update key and a device for separating the multiplexed update key as in the prior art, Further, it is not necessary to send the update key by using another route, and in particular, comparing with claim 1, the first and second randomizers are omitted, and the information providing apparatus naturally includes the necessary encryption means. Since the device also serves as the scramble key updating means, and the information using side device only adds the encrypting means having the same structure and function as the encrypting means of the information providing device, the scramble key updating is more effective than the encrypting means of claim 1. It can be realized with a simple configuration.

According to a third aspect of the encryption system of the present invention, in the first aspect, the information providing apparatus removes the first randomizer, and after the initial scramble key is input by the encryption means itself, the encryption system is new. While the scramble key is generated and given to the scramble means, the scramble key is input to itself and encrypted to update the scramble key, on the other hand, in the information use side device,
After removing the second randomizer and reversing the execution order of the decryption means itself from that of the encryption means of the information providing apparatus, a new scramble key is generated and decrypted by the descramble means. It is characterized in that the scramble key is given to itself and decrypted by inputting it to update the scramble key. The decryption means is basically the same as the encryption means in that the execution order is reversed. Therefore, instead of using the encryption means, the execution order is reversed from that of the encryption means. It is also possible to generate and update the scramble key by using the decryption means in this state. In this case, since the encryption means can be omitted in the information use side device, the configuration is further simplified.

An information providing apparatus in an encryption system according to a fourth aspect of the present invention comprises a scramble key generating means for generating an initial scramble key, and an information utilization side apparatus by scrambling the input information with the scramble key. And an encryption means for encrypting the initial scramble key from the scramble key generating means and sending it to the information use side device, and after inputting the initial scramble key, a new scramble key Is generated and given to the scramble means, and the scramble key is input to the scramble key to randomize the scramble key to update the scramble key. Since the first randomizer of the information providing device updates the scramble key by itself inside the device, there is no need for a multiplexing device or the like for transmitting the update key as in the conventional technique, and another route is used. It is not necessary to send the update key of, and the scramble key can be updated with a simple configuration.

The information providing device in the encryption system according to claim 5 of the present invention is the information providing device according to claim 4, in which the first randomizer is removed and a new scramble is performed after the initial scrambling key is input by the encryption means itself. It is characterized in that the key is generated and given to the scramble means, and the scramble key is inputted into the scramble key to be encrypted and the scramble key is updated. Since the first randomizer is omitted and the information providing apparatus also uses the necessary encryption means also as the scramble key update means, the scramble key update can be realized with a simpler configuration compared to claim 4. Becomes

In the encryption system according to claim 6 of the present invention, the information use side apparatus decrypts the encrypted scramble key sent from the encryption section of the information providing apparatus to obtain an initial scramble key. And descrambling means for decrypting the scrambled information sent from the scrambling means of the information providing device to obtain plaintext data, and further generating a new scramble key after inputting the initial scramble key. Secondly, the scramble key is given to the descrambling means, and the scramble key is input to itself and randomized to update the scramble key.
It is characterized by having a randomizer. Since the second randomizer of the information use side device updates the scramble key by itself inside the device, there is no need for a multiplexing update key separation device as in the conventional technique, and the scramble key can be updated with a simple configuration. It will be possible.

According to a seventh aspect of the present invention, there is provided the information-using-side device in the encryption system according to the second aspect of the present invention.
The randomizer is removed, and an encryption means having the same function as the encryption means of the information providing device is added. Since the second randomizer is omitted and only the encryption means having the same configuration and the same function as the encryption means of the information providing device is added, the scramble key can be updated with a simpler configuration compared to the sixth aspect. Becomes

According to the eighth aspect of the present invention, there is provided the information-using-side device in the encryption system according to the second aspect.
The randomizer is removed, and the decryption means itself reverses the execution order from the encryption means of the information providing device to decrypt the initial scramble key, then generates a new scramble key and gives it to the descramble means. It is characterized in that the scramble key is input to and decrypted to update the scramble key.
The decryption means is basically the same as the encryption means in that the execution order is reversed. Therefore, instead of using the encryption means, the execution order is reversed from that of the encryption means. It is also possible to generate and update the scramble key by using the decryption means in this state. In this case, since the encryption means can be omitted in the information use side device, the configuration is further improved compared to claim 6. It will be easy.

Embodiments of an encryption system according to the present invention will be described below in detail with reference to the drawings.

(Embodiment 1) FIG. 1 is a block diagram showing a configuration of an encryption system according to Embodiment 1 of the present invention. In FIG. 1, 1 is an information providing device, 2 is an information utilizing side device, and the information providing device 1 includes a scramble key generating means 3, a scramble means 4, an encrypting means 5, a first randomizer 6 and a first switch. 7, the output terminal of the scramble key generation means 3 is connected to the terminal a of the first switch 7 and also to the input terminal of the encryption means 5, and the scramble means 4 is used for video, audio, data, etc. While inputting information (plain text), it is connected to the common terminal of the first switch 7, the input terminal of the first randomizer 6 is connected to the common terminal of the first switch 7, and the output terminal of the first switch 7 Is the terminal b of the first switch 7.
It is connected to the. The output terminal of the scramble means 4 is connected to the input terminal of the descramble means 9 of the information use side device 2 to send out the scrambled data (ciphertext) Dsc, and the output terminal of the encryption means 5. Is connected to the input terminal of the decoding means 8. The information use side device 2 is composed of a decoding means 8, a descrambling means 9, a second randomizer 10 and a second switch 11, and an output terminal of the decoding means 8 is connected to a terminal c of the second switch 11, The input terminal of the second randomizer 10 is connected to the common terminal of the second switch 11, the output terminal of the second randomizer 10 is connected to the terminal d of the second switch 11, and the descrambling means 9 is scrambled. The data (ciphertext) Dsc is input and is connected to the common terminal of the second switch 11. The scramble key generating means 3 is composed of, for example, a random number generator or the like.

The scramble means 4 scrambles the input information with a scramble key.
When the input information is treated as a digital signal, a stream cipher that adds an M-sequence code to the input data, or a block cipher that encrypts the input data in units of, for example, 64 bits, is a DES type block of the US federal standard cipher. There are ciphers and FEAL ciphers developed in Japan.

When the input information is treated as an analog signal, there are various scrambling methods such as inversion of video signal, scan line transition, suppression of synchronization signal, frequency inversion and the like.

The descrambling means 9 operates the scrambling means 4 in reverse, and when the information is treated as a digital signal, the descrambling means 9 performs decoding by adding an M sequence code, DES type or FEAL encryption, etc. Decrypt the information in a flat culture.

When the information is an analog signal, there are methods such as reverse inversion of a video signal, reverse transition of a scanning line, extension of a sync signal, and frequency inversion.

FIG. 2 is a block diagram showing a configuration example of the encryption means 5. In the encryption means 5, 4 is an initial scramble key Ks generated by the scramble key generation means 3 for decrypting the scrambled information in the decryption means 8.
1 is encrypted based on an encryption key. That is, the input scramble key Ks1 is disturbed with the encryption key. In FIG. 2, 5i is a perturbation unit for inputting a scramble key Ks1 and an encryption key and perturbing each, and 5i1 constituting this perturbation unit 5i is obtained by the key perturbation unit 5i1 of the cryptographic key. Intermediate key K
Reference numerals 5i and 5i3 are data disturbing parts i of the scramble key Ks1. The encryption means 5 has n stages (51, 52 ...) Of the disturbing unit 5i including the key disturbing unit 5i1, the intermediate key 5i2, and the data disturbing unit 5i3.
5i ... 5n). The key perturbation unit expands the key so that the encryption key can be used for perturbing data in n stages. The intermediate key K5i obtained by the expansion is used to scramble the data scrambling section to scramble the scramble key Ks1 of the input data.

FIG. 3 is a block diagram showing a configuration example of the decoding means 8. The decryption means 8 is for decrypting the scramble key Ks1 'encrypted by the encryption means 5.

The basic structure of the decrypting means 8 is almost the same as that of the encrypting means 5 shown in FIG. 2, but the order of execution is reversed. In FIG. 3, reference numeral 8i denotes a disturbing unit for inputting the encrypted scramble key Ks1 'which is the input data and disturbing each of them, and 8i1 constituting the disturbing unit 8i is the disturbing unit i of the encryption key, 8i2
Is the intermediate key K8i obtained from the key disturbing unit 8i1 and 8i3 is the data disturbing unit i of the encrypted scramble key Ks1 'which is the input data. The decryption unit 8 is configured by using n stages (8n ... 8i ... 82, 81) of a disturbing unit 8i including a key disturbing unit 8i1, an intermediate key 8i2, and a data disturbing unit 8i3. The disturbing unit 8i in the decrypting means 8 has the same function as the disturbing unit 5i in the encrypting means 5, and the process is performed in the reverse direction (n → 1).
Is what you do.

The output of the disturbance unit 5n at the bottom of FIG.
Is input to the destabilizing unit 8n at the uppermost stage, and the destructing unit 5n and the destructing unit 8n cancel each other. By repeating such a canceling process over n stages, the enciphering unit 5 encrypts it. The scramble key Ks1 'is restored to the initial scramble key Ks1 by the decryption means 8.

FIG. 4 is a block diagram showing a configuration example of the first randomizer 6 in the information providing apparatus 1. This first
The randomizer 6 is composed of, for example, a pseudo random sequence generator. In FIG. 4, 61 is a data input section, 62 is a shift register, and 63 is an exclusive OR element. The input terminal of the data input section 61 is the first switch 7
, And the initial scramble key Ks1 is input from the scramble key generation means 3 via the terminal a. The input terminal of the data input section 61 is also connected to the input terminal of the scramble means 4. Each data output terminal of the data input section 61 has a shift register 6
2 is connected to each register unit. Shift register 6
Pseudo-random series data is output from the second output terminal. The pseudo-random series data is exclusive ORed with the data in the middle of the shift register 62 by the exclusive OR element 63, It is adapted to be guided to the shift input terminal 62. Shift register 62
The pseudo-random sequence data output from is input to the scramble means 4 via the terminal b of the first switch 7 as the next scramble key Ks2 and also to the input terminal of the data input unit 61. It has become.

The configuration of the second randomizer 10 in the information use side device 2 is completely the same as that of FIG. 4, and both randomizers 6 and 10 exhibit the same function. However, in the second randomizer 10, the input terminal of the data input unit 61 is connected to the common terminal of the second switch 11, and the terminal c
The initial scramble key Ks1 is input from the decryption means 8 via. The input terminal of the data input section 61 is also connected to the input terminal of the descramble means 9. The pseudo random sequence data output from the shift register 62 is used as the second scramble key Ks2 for the second data.
Descrambling means 9 via terminal d of switch 11
Is input to the input terminal of the data input unit 61 as well.

The operation of the encryption system according to the first embodiment configured as described above will be described below with reference to FIGS. 1 to 4.

The scramble means 4 receives the input information (plain text) such as video, audio, data, characters, etc.
Scrambling is performed using the scrambling key Ks1 randomly generated by the scrambling key generation means 3 and input through the terminal a of the first switch 7,
The scrambled data (ciphertext) Dsc is sent to the descramble means 9 of the information use side device 2. At the start of scrambling, the terminal a of the first switch 7 is connected to the output terminal of the scramble key generation means 3, and the scramble key Ks1 generated by the scramble key generation means 3 is passed through the terminal a of the first switch 7. Scramble means 4
Give to.

The scramble key Ks1 reaching the common terminal of the first switch 7 is also given to the first randomizer 6 at the same time to disturb the scramble key Ks1 to generate a new scramble key Ks2. That is, the first
The randomizer 6 of FIG. 4 inputs the data of the scramble key to the shift register 62 from the data input unit 61 as shown in the configuration example of the pseudo random sequence generator in FIG.
The data is rotated a predetermined number of times, the data is randomized by the exclusive OR 63 to generate a new scramble key, which is output to the scramble means 4 via the terminal b of the first switch 7. It is something to do. That is, the first randomizer 6 serves as a scramble key updating means.

On the other hand, the information providing device 1 outputs the scramble key Ks1 generated by the scramble key generating means 3 to the encrypting means 5. The encryption means 5 uses the encryption key to encrypt the input scramble key Ks1 and sends the encrypted scramble key Ks1 'to the decryption means 8 of the information use side device 2.

As shown in FIG. 2, the encryption means 5 performs the processing of the scramble key Ks1 which is the input data by the disturbing section 5i (i = 1, 2 ... i ... n) n times to perform the encryption. ing. That is, the key perturbation unit 5i1 inputs an encryption key to generate an intermediate key K5i, and the data perturbation unit 5i3 uses the intermediate key K5i to perturb the scramble key Ks1 which is input data.

The data disturbing unit 5i3 uses the scramble key Ks1.
The encrypted scramble key Ks1 'generated by disturbing is transmitted to the decryption means 8 of the information use side device 2.

The descramble means 9 of the information use side apparatus 2 includes the scramble means 4 of the information providing apparatus 1.
The scrambled data (ciphertext) Dsc is received, and the decryption means 8 receives the scramble key Ks1 'encrypted by the encryption means 5 of the information providing apparatus 1. The decryption means 8 obtains a scramble key Ks1 by decrypting the scramble key Ks1 'encrypted based on the encryption key. As shown in FIG. 3, the decryption means 8 performs the reverse operation (n → 1) of the encryption means 5 of FIG.
The descrambling unit 8i (i = n ... i ... 2, 1) processes the encrypted scramble key Ks1 ', which is input data, n times for decryption. That is, the key disturbing unit 8i1
Input an encryption key to generate an intermediate key K8i, and the data perturbation unit 8i3 uses the intermediate key K8i to perturb the encrypted scramble key Ks1 ', which is the input data, and decrypts the initial scramble key Ks1. To get

That is, the output of the lowermost disturbing unit 5n in FIG. 2 is input to the uppermost disturbing unit 8n in FIG.
The canceling process between the n and the perturbing unit 8n is performed, and the scrambling key Ks1 encrypted by the encrypting means 5 is performed by repeatedly performing such canceling process over n stages.
'Is restored to the initial scramble key Ks1 by the decryption means 8.

The scramble key Ks1 thus transmitted to the information use side device 2 becomes the initial value of the scramble key. The scramble key Ks1 is the second switch 11
Is given to the descramble means 9 via the terminal c.
The descrambling means 9 has a terminal c of the second switch 11.
The scrambled data (ciphertext) Dsc from the information providing apparatus 1 is descrambled on the basis of the scramble key Ks1 (initial value) provided via the, and plaintext data is output as the decrypted information.

The initial scramble key Ks1 input to the terminal c of the second switch 11 is the second randomizer 10
The scramble key Ks1 is also disturbed as in the first randomizer 6, and a new scramble key Ks is input.
Generates 2. That is, the second randomizer 10
As shown in the configuration example of the pseudo-random sequence generator in FIG. 4, the data of the scramble key is input from the data input unit 61 to the shift register 62, the data is rotated a predetermined number of times, and the exclusive OR operation is performed. The data is randomized by 63 to generate a new scramble key, and the new scramble key is output to the descramble means 9 via the terminal d of the second randomizer 10. In other words, the second randomizer 10 serves as a scramble key updating means.

In the information providing apparatus 1 as well, in the information utilizing side apparatus 2, in order to update the scramble key independently inside each apparatus itself, in the information providing apparatus 1, the terminal b of the first switch 7 is set to the first position. The output terminal of the first randomizer 6 is connected to the output terminal of the second randomizer 10, and the terminal d of the second switch 11 is connected to the output terminal of the second randomizer 10.

When updating the scramble key, a new scramble key K generated by each of the randomizers 6 and 10 is generated.
s2 is a scramble means 4 and a descramble means 9
The encrypted transmission of information is performed.

The new scramble key Ks2 is simultaneously input to the respective randomizers 6 and 10 to generate the next scramble key Ks3. These are given as the scramble keys of the scramble means 4 and the descramble means 9 and the inputs of the respective randomizers 6 and 10 at the time of the next update.

By repeating these steps, the scramble key for encrypting information can be updated.

According to the first embodiment, the information providing device 1
After sending the scramble key Ks1 as the initial value from the encrypting means 5 to the decrypting means 8 of the information use side device 2, the information providing device 1 side sends the scramble key updated in the first randomizer 6 itself. Since the information use side apparatus 2 generates the scramble key updated in the second randomizer 10 itself, in other words, the scramble key Ks is configured to be updated by the internal process. A multiplexing device for transmitting the updated scramble key Ks and a demultiplexing device for the multiplexed renewal key, which are required in the conventional technique, are not required, and the scramble key can be updated with a simple configuration.

(Embodiment 2) Next, Embodiment 2 of the encryption system according to the present invention will be described in detail with reference to the drawings.

FIG. 5 is a block diagram showing the configuration of the encryption system according to the second embodiment of the present invention. Here, the same components as those in the block diagram of FIG. 1 showing the configuration of the encryption system according to the first embodiment are designated by the same reference numerals. That is, 1 is an information providing device, 2 is an information use side device, 3 is a scramble key generation means, 4 is a scramble means, 5 is an encryption means, 8 is a decryption means, and 9 is a descramble means. The randomizers 6 and 10 are not used.

In FIG. 5, 20 in the information providing apparatus 1 is a first switch, 21 in the information utilizing side apparatus 2 is a second switch, and 22 is the same algorithm as the encryption means 5 of the information providing apparatus 1. The encryption means which it has are shown. In the information providing device 1, the output terminal of the scramble key generation means 3 is connected to the terminal e of the first switch 20, and the common terminal of the first switch 20 is the input terminal of the scramble means 4 and the input terminal of the encryption means 5. The output terminal of the encryption means 5 is connected to the input terminal of the decryption means 8 and the terminal f of the first switch 20. In the information use side device 2, the output terminal of the decryption means 8 is connected to the terminal g of the second switch 21, and the common terminal of the second switch 21 is the input terminal of the descramble means 9 and the encryption means 22.
Of the encryption means 22 and the output terminal of the encryption means 22 is connected to the terminal h of the second switch 21.

The operation of the encryption system of the second embodiment configured as described above will be described below mainly with reference to FIG. 5, focusing on the differences from the first embodiment.

At the start of scrambling, the first switch 20 of the information providing apparatus 1 is connected to the terminal e and is connected to the output terminal of the scramble key generating means 3 to output the initial scramble key output from the scramble key generating means 3. Ks1 is given to the scramble means 4 and the encryption means 5.

The encryption means 5 performs encryption of the scramble key Ks1 input using the encryption key, and the encrypted scramble key Ks1 'is decrypted by the decryption means 8 of the information use side device 2.
Send to

In the information use side device 2, the second switch 2
1 is connected to the terminal g and is connected to the output terminal of the decoding means 8. The decrypting means 8 decrypts the encrypted scramble key Ks1 'input by using the encryption key, obtains the initial scramble key Ks1 and gives it to the descramble means 9 via the second switch 21 to give the descramble means. The scrambled data (ciphertext) Dsc input in 9
Descrambling to get plaintext data,
The same scramble key Ks1 is also given to the encryption means 22.

Next, in order to update the scramble key in both the information providing apparatus 1 and the information use side apparatus 2, the first switch 20 is connected to the terminal f and connected to the output terminal of the encryption means 5, The second switch 21 is connected to the terminal h and connected to the output terminal of the encryption means 22. The data generated by the respective encryption means 5 and 22 being disturbed based on the encryption key is given to the scramble means 4 and the descramble means 9 as the next scramble key Ks2, and the information is encrypted and transmitted.

Further, the scramble key Ks2 is simultaneously input to the respective encryption means 5 and 22 and is encrypted to generate the next scramble key Ks3. These are given as the scramble keys of the scramble means 4 and the descramble means 9 and the inputs of the respective encryption means 5 and 22 at the time of the next update.

In this way, the new scramble key generated by the encryption means 5 and 22 itself is scrambled by the scramble means 4.
And the descrambling means 9 and re-inputting them to the encrypting means 5 and 22 themselves to generate a new scramble key, and scramble and descramble the information to perform encrypted transmission.

By repeating these operations, the scramble key for encrypting information can be updated.

According to the second embodiment, the information providing device 1
After sending the scramble key Ks1 as the initial value from the encryption means 5 of the above to the decryption means 8 of the information use side apparatus 2, the information providing apparatus 1 side generates the updated scramble key in the encryption means 5 itself. In addition, since the information use side apparatus 2 generates the updated scramble key in the encryption means 22 itself, in other words, the scramble key Ks is configured to be updated by the internal process. The multiplexing device for transmitting the updated scramble key Ks and the demultiplexing device for the multiplexed update key, which are required in the technology, are not required, and the scramble key can be updated with a simple configuration. In particular, as compared with the first embodiment, the first and second randomizers 6 and 10 are omitted, and in the information providing apparatus 1, the encryption means 5 that is naturally necessary is also used as the scramble key update means, and Since the device 2 only adds the encryption means 22 having the same configuration and function as the encryption means 5, the scramble key can be updated with a simpler configuration as compared with the first embodiment.

By the way, as shown in FIG. 3, the decrypting means 8 is basically the same as the encrypting means 5 and 22 shown in FIG. 2, but the order of execution is reversed.

Therefore, instead of using the encryption means 22, it is possible to generate and update the scramble key by using the decryption means 8 in a state in which the execution order is reversed from that of the encryption means 22. is there. In this case, since the encryption means 22 can be omitted, the configuration becomes simpler.

[0060]

According to the encryption system of the present invention,
After the initial scramble key is encrypted and sent from the information providing device to the information using side device, the first
The randomizer and the second randomizer of the information-using side device respectively update the scramble key within each device, so that the multiplexing device and the multiplexing update key for transmitting the update key as in the conventional technique are A separating device or the like is not required, and it is not necessary to send an update key using another route, so that the scramble key can be updated with a simple configuration.

[Brief description of drawings]

FIG. 1 is a block diagram showing a configuration of an encryption system according to a first embodiment of the present invention.

FIG. 2 is a block diagram showing a configuration example of an encryption unit according to the first embodiment.

FIG. 3 is a block diagram showing a configuration example of a decoding means in the first embodiment.

FIG. 4 is a block diagram showing a configuration example of first and second randomizers in the first embodiment.

FIG. 5 is a block diagram showing a configuration of an encryption system according to a second embodiment of the present invention.

FIG. 6 is a block diagram showing a configuration of an encryption method according to a conventional technique.

[Explanation of symbols]

 1 ... Information providing device 2 ... Information use side device 3 ... Scramble key generating means 4 ... Scramble means 5 ... Encryption means 6 ... First randomizer 7 ... First switch 8 ... Decryption means 9 ... descramble means 10 ... second randomizer 11 ... second switch 20 ... first switch 21 ... second switch 22 ... encryption means 61 ... data input section 62 ... shift Register 63 ... Exclusive OR element

Claims (8)

[Claims] 1. An encryption system that scrambles information, encrypts the information, and distributes the information, wherein the information providing apparatus scrambles the input information with a scramble key for generating an initial scramble key. And an encryption means for encrypting the initial scramble key from the scramble key generating means and sending the encrypted scramble key to the information use side apparatus. Decrypting means for decrypting the encrypted scramble key sent from the encrypting means to obtain an initial scramble key, and decrypting the scrambled information sent from the scramble means of the information providing device to obtain plaintext data. And an initial scramble key in the information providing device. After the input, a new scramble key is generated and given to the scramble means, and a first randomizer that randomizes the scramble key by inputting the scramble key and updates the scramble key is provided. After the scramble key is input, a second scramble key is generated and given to the descramble means, and a second randomizer for randomizing the scramble key by inputting the scramble key to update the scramble key is provided. Encryption system. 2. In the information providing apparatus, after removing the first randomizer and inputting an initial scramble key by the encryption means itself, a new scramble key is generated and given to the scramble means, and the scramble key is given to itself. While configuring to input and encrypt to update the scramble key, the second randomizer is removed in the information utilization side device, and an encryption means having the same function as the encryption means of the information providing device is added. The encryption system according to claim 1, wherein: 3. In the information providing apparatus, the first randomizer is removed, and after the initial scramble key is input by the encryption means itself, a new scramble key is generated and given to the scramble means, and the scramble key is given to itself. On the other hand, in the information-using side device, the second randomizer is removed and the decryption means reverses the execution order from the encryption means of the information providing device. After the initial scramble key is decrypted by doing so, a new scramble key is generated and given to the descrambling means, and the scramble key is input and decrypted by itself to update the scramble key. The encryption system according to claim 1, characterized in that 4. A scramble key generating means for generating an initial scramble key, a scramble means for scrambling the input information with a scramble key and transmitting the scrambled key to the information utilizing side device, and an initial scramble key generating means for the scramble key generating means. Encryption means for encrypting the scramble key of and sending it to the information-using side device. Furthermore, after inputting the initial scramble key, a new scramble key is generated and given to the scramble means, and the scramble key is given to itself. An information providing apparatus in an encryption system, wherein a first randomizer for updating the scramble key by inputting the random number is provided. 5. The first randomizer is removed, and after inputting an initial scramble key by the encryption means itself, a new scramble key is generated and given to the scramble means, and the scramble key is input by itself and encrypted. The information providing apparatus in the encryption system according to claim 4, wherein the information providing apparatus is configured to update the scramble key. 6. Decryption means for decrypting the encrypted scramble key sent from the encryption means of the information providing device to obtain an initial scramble key, and scrambled sent from the scramble means of the information providing device. And a descramble means for decrypting the obtained information to obtain plaintext data, and further, after inputting the initial scramble key, a new scramble key is generated and given to the descramble means, and the scramble key is input to itself. An information use side apparatus in an encryption system, characterized in that a second randomizer for randomizing and updating a scramble key is provided. 7. The information use side apparatus in the encryption system according to claim 6, wherein the second randomizer is removed and an encryption means having the same function as the encryption means of the information providing apparatus is added. . 8. The second randomizer is removed, and the decryption means itself reverses the execution order of the encryption means of the information providing apparatus to decrypt the initial scramble key and then generate a new scramble key. 7. The information utilization side device in the encryption system according to claim 6, wherein the device is provided with the descrambling means, and the scramble key is input to itself to be decrypted to update the scramble key.