JPH0973497A - Communication system for communication line transaction - Google Patents

Abstract

PROBLEM TO BE SOLVED: To secure safety by forming the same cipher key with a communication sentence by using 1st and 2nd fixed element arrays and a variable element array, and exclusively ORing it with the communication sentence, bit by bit, and generating a ciphered sentence. SOLUTION: An IC card adds the fixed element arrays FL1 and FL2 and variable element array VL, digit by digit, in order from the most significant digit to generate the cipher key CK. At this time, the 1st fixed element array FL1 is set as a 3-digit sequence and has the digits ended at 3rd addition, so circulation to the most significant digit bit is performed; and the 2nd fixed element array FL2 and variable element array VL are also circulated as well to obtain the cipher key CK which is at least as long as the communication sentence BM. In this case, when the 1st fixed element array FL1 has three digits, the 2nd fixed element array FL1 has 5 digits, and the variable element array has 4 digits, the cipher key CK is circulated in cycles of 60 digits as the least common multiple of the numbers of the digits of the respective element arrays.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention confirms the identity of a customer in place of a conventional seal or passbook when a financial institution and a customer make a financial transaction using a communication line, such as home banking. At the same time, the present invention relates to a communication system that prevents leakage of confidential information due to eavesdropping by an outsider by encrypting the communication text related to the financial transaction.

[0002]

2. Description of the Related Art As a conventional financial transaction using this type of communication line, there is, for example, an ATM (automatic teller machine) which can deal with a relatively small transaction. When the information is inserted, the recorded personal information, such as a name and an account number, is read, and the host computer recognizes the customer himself / herself.

When the customer inputs the personal identification number at the time when the identification of the person is performed on the host computer side,
The entered personal identification number is compared with the personal identification number that has been registered in advance and stored in the host computer, and if they match, it is confirmed with the customer himself and the host computer deposits, withdraws, It corresponds to transactions such as transfers.

[0004] Further, as a means for dealing with a relatively large-scale transaction, there is a means for lending a dedicated terminal to a customer.
The dedicated terminal uses a line such as a digital line that allows the host computer to confirm the telephone number of the dedicated terminal when a connection is made, or the dedicated terminal automatically transmits an ID number when connecting. As a special purpose terminal, that is, the customer himself / herself can be confirmed.

[0005]

However, in the above-mentioned conventional system in which the personal identification is performed by the magnetic card and the personal identification number, the magnetic card is relatively easy to read the recorded contents, and Since the personal identification number is a number sequence that is easy for the customer to remember, for example, there is a strong tendency to select one's birthday, so the confidentiality is low and it is easy for others to misuse it.
Transactions are not possible except in the place where the TM is installed, which causes a problem of poor mobility.

In addition, since the dedicated terminal device specifies the dedicated terminal device, it is not possible to specify even the person who is operating the dedicated terminal device. When it is performed, it cannot be eliminated, and like the magnetic card and the personal identification number, there is a problem that it is likely to be misused by another person.

In addition, by renting a dedicated terminal, the confirmation system itself becomes expensive, which causes a problem that the system operator side such as a financial institution has a heavy burden. For example, it has to be fixedly installed in an office, a home, or the like, and is subject to locational restrictions, which causes a problem that impairs mobility, and the solution of these points becomes an issue.

[0008]

The present invention is, as a concrete means for solving the above-mentioned conventional problems, when a system operator and a customer exchange a communication sentence through a communication line to conduct a transaction. It is a communication system, the system operator side is provided with a host computer connectable to the communication line, and the customer side is standardized to the personal computer connectable to the communication line and the personal computer. An IC card which can be connected by a terminal and which can be installed in a program is provided, and the host computer is composed of a plurality of variable element strings which are called by a name string having an arbitrary number of digits and having no correlation with each other. A variable element sequence table, a first fixed element sequence that is a sequence with an arbitrary number of digits and has a different number of digits from the variable element sequence, and a sequence with an arbitrary number of digits A plurality of table storage means for specifying and storing a customer table including a second fixed element row having a different number of digits from the element row and the first fixed element row, and the communication line with the IC card. When a connection is made, one variable element row is randomly selected from the variable element row table in the customer table to which this IC card is paid, and a name row corresponding to the variable element row is transmitted to the IC card. Variable element sequence transmitting means for performing an encryption key generating means for generating an encryption key from the first fixed element sequence and the second fixed element sequence in the same customer table as the selected variable element sequence, A ciphertext creation / decryption means for encrypting and decrypting the communication text by the encryption key created by the encryption key creation means is provided, and the IC card is provided before this IC card is paid. Table storage means for storing a customer table corresponding to a customer; variable element sequence receiving means for receiving a name sequence from the host computer and selecting a variable element sequence corresponding to the name sequence from the customer table; and the host The same encryption key creating means and ciphertext creating / decrypting means as those provided in the computer are provided, and the encryption key creating means is the selected variable element sequence, first fixed cryptographic element sequence, and second fixed cryptographic element. The column is sequentially added from the most significant digit for each digit, and the element sequence whose number of digits has ended is cycled to the most significant digit again to continue the addition to form an encryption key having at least the same digit as the communication text. The ciphertext creating / decrypting means creates a ciphertext by performing an exclusive OR for each digit of the encryption key and the communication text, and creates this ciphertext and the encryption key for each digit. Do an exclusive OR The problem is solved by providing a communication system in a communication line transaction characterized by deciphering by this.

[0009]

Next, the present invention will be described in detail based on an embodiment shown in the drawings. FIG. 1 shows the configuration of a communication system according to the present invention. A host computer 1 owned by a system operator S such as a financial institution and a personal computer 2 owned by a customer A are connected to a communication line 10 such as a telephone line. It is possible.

At this time, the computer network (hereinafter,
Network) may exist. In this case, the customer A connects to the network by inputting an ID number, a password, etc., and further performs an appropriate procedure to send a message to the system operator S. The BM can be delivered (e-mail), and the system operator S can also deliver the communication message to the customer A by the same procedure.

Here, in the present invention, the IC card 3 is added to the personal computer 2,
By adding this IC card, the system operator S described above
The communication text BM exchanged between the customer and the customer A is encrypted / decrypted to prevent the content of the communication text from being leaked to a third party even if eavesdropping or the like is performed. It is intended to enhance security in transactions.

FIG. 2 shows the IC card 3. The IC card 3 is provided with a standardized terminal 3a called a PCMCIA slot or the like, and is connected to the personal computer 2. It is possible to connect. Further, unlike the conventional magnetic card that stores only data, the IC card 3 can be loaded with a program. In addition, the IC card 3 is provided with a keyboard 3b, a display device 3c, etc., and the IC card 3 itself processes data and the like. Is also possible.

In the present invention, a program for encrypting / decrypting the customer table IT and the message BM specified for the customer A on the system operator S side is installed and provided to the customer A. For another customer, the customer table IT specified for that customer and the above encryption program are installed and provided.

Therefore, the host computer 1 provided on the system operator S side holds the above-mentioned encryption program and the customer table IT of the number corresponding to all the customers, and the customer who has made the connection. , The customer table IT corresponding to the customer A is extracted and the communication text BM is encrypted /
It will be decrypted.

FIG. 3 shows the structure of the customer table IT, and the description will be made assuming that the customer table IT is provided to the customer A. The customer table IT is composed of a first fixed element row FL1, a second fixed element row FL2, and a variable element row table VT.

At this time, the first fixed element array FL1
Is, for example, a sequence of three digits, and the numerical value (in this embodiment, the numerical value “578”) is a unique numerical value for the customer A, but the customer A does not necessarily need to know the numerical value. This also applies to the second fixed element row FL2 described below.

Further, the second fixed element row FL2 is, for example, a numerical sequence having five digits, and its numerical value (in this embodiment, the numerical value "01987") is the same as that of the first fixed element row FL1. When setting these fixed element strings FL1 and FL2, for example, a related numerical value such as the ID number of the customer A, the account number, or the personal identification number may be adopted, or a random number may be used. It may be completely unrelated.

The variable element sequence table VT is
For example, it is composed of a plurality of variable element sequences VL each of which is a four-digit number sequence, and its numerical value is set by an appropriate means such as a random number generator. In addition, the variable element row VL
The name sequence N, which is also a 4-digit sequence for each of the
L is combined, and the numerical value of the name sequence NL is also set by a random number generator or the like.
There is no correlation between the name sequence NL paired with.

Next, the procedure for encrypting the message BM will be described using the fixed element sequences FL1 and FL2 and the variable element sequence table VT. First, the customer A uses the personal computer 2 to host the transaction. When connecting to the computer 1, the host computer 1 selects the customer table IT corresponding to the customer A, and from the variable element row table VT in the customer table IT, the variable element row VL (eg, the variable element row VL used for this communication) is selected. , The numerical value “8” in FIG.
915 ") at random.

Then, the name sequence NL (for example, the numerical value "245 in FIG. 3" corresponding to the selected variable element sequence VL is selected.
8 ") is sent to the personal computer 2, that is, the IC card 3, and the IC card 3 that has received this finds the corresponding variable element row VL in the variable element row table VT held by itself. Even if the name sequence NL is eavesdropped on the line 10, the variable element sequence VL is not known.

Subsequently, as shown in FIG. 4, the IC card 3 includes the fixed element rows FL1 and FL2 and the variable element row V.
Each L is sequentially added digit by digit from the most significant digit to create the encryption key CK. At this time, in this embodiment, the first fixed element sequence FL1 is set as a three-digit number sequence, and the number of digits is ended by the third addition, so that the first fixed element sequence FL1 is circulated again to the most significant digit, and similarly the second fixed element sequence is used. The sequence FL2 and the variable element sequence VL are also circulated so that the encryption key CK has at least the same length as the communication text BM.

At this time, as described above, when the first fixed element sequence FL1 has three digits, the second fixed element sequence FL1 has five digits, and the variable element sequence VL has four digits, the encryption key C
K is cycled with a period of 60 digits, which is the least common multiple of the number of digits of each element sequence. Therefore, if the cycle is too short, the confidentiality when the message BM is encrypted may decrease, so the number of digits in each element string is the message BM.
It is desirable to set it as an appropriate number of digits in consideration of the length of.

In reality, the IC card 3 is operated in the binary system, so that, for example, 4 bits are allocated to one digit and the hexadecimal system is used when the decimal correction is not performed. Therefore, the result does not necessarily match the result of FIG. 4, but here, for the sake of easy understanding, in the example of performing the operation using the binary-coded decimal system, the same result as the decimal system is obtained. It is shown.

FIG. 5 shows a procedure for encrypting the communication text BM by using the encryption key CK obtained as described above. Here, the communication text BM is based on JIS code 16
It is assumed that the encryption key CK is a bit and the encryption key CK is 4 bits. Therefore, in this embodiment, one character of the communication text BM will be described as being encrypted using four digits of the encryption key CK.

Here, if the message BM is specifically "Tokyo", the character "east" is JIS code 456C in hexadecimal notation, and "Kyo" is 357E.
In the C card 3 (or host computer 1), FIG.
As shown in the figure, it exists in a binary state. Since the encryption key CK also exists in a binarized state, the IC card 3 performs an exclusive OR (XOR) operation for each bit of the communication text BM and the encryption key CK. , The output is used as the ciphertext CM.

On the side of the host computer 1 (or IC card 3) that has received the ciphertext CM, the encryption key CK is stored in the host computer 1 by the same procedure as above.
6 and, as shown in FIG. 6, the ciphertext C is calculated by performing an exclusive OR operation of the cipher key CK and the ciphertext CM.
The M communication message BM can be decrypted. At the same time, the coincidence of the encryption keys CK can be confirmed by the simultaneous decryption, so that the customer A can be confirmed.

In the above embodiment, the variable element number sequence VL is arbitrarily selected from the variable element table VT corresponding to the customer A and the corresponding name number sequence NL is transmitted only to the host computer 1 side. Although the description has been given assuming that the element sequence transmitting means is provided, this may be provided on the IC card 3 side, and in this case, the name sequence N from the IC card 3 side to the host computer 1 prior to communication.
L will be sent.

Furthermore, both parties exchange the name sequence NL, each other creates the encryption key CK with the variable element sequence VL corresponding to the name sequence NL transmitted from the other party, and sends itself with this encryption key CK. If the communication text BM is encrypted, a completely different encryption key CK is used for transmission and reception, and the confidentiality can be further improved.

Further, when conducting an actual transaction, data specific to the customer A, such as an account number, a name and an address, are to be entered in the communication message BM, and the decrypted communication message BM is entered.
If the customer A can be confirmed also by the above-mentioned data, the accuracy of the customer A confirmation can be further improved, and the reliability can be further improved.

Here, the variable element row VL will be described. A large number of variable element rows VL are provided in the IC card 3.
, The probability of becoming the same encryption key CK is low even if they are used alternately, and the confidentiality does not deteriorate so much. However, if the number is a small number due to the storage capacity of the IC card 3 or the like, the probability of the same encryption key CK is high and the confidentiality is lowered.

Therefore, in this case, the variable element sequence VL
Is preferably disposable including the name sequence NL, and rewritten at the end of use. At this time, the system operator S writes a new variable element sequence VL on an appropriate recording material such as a floppy desk and supplies it to the customer A. A may be written in the IC card 3 via the personal computer 2.

However, at this time, since the floppy desk or the like can be easily read by a third party, for example, the first fixed element row FL1, the second fixed element row FL2, the account number, the personal identification number, etc. of the customer A. Confidentiality can be maintained if at least one of the numerical values peculiar to is used as an encryption key and encrypted by the same means as above.

The present invention also provides a personal computer 2
Although the personal computer 2 can be implemented only by itself, since the personal computer 2 is generally installed in an office or the like and can be operated by anyone in many cases, in this case, the personal computer 2 is used. Can be specified, but it does not specify the person performing the operation.

Therefore, in the present invention, by using the IC card 3 having portability similar to that used for the conventional personal identification such as a seal stamp or a passbook, a person who possesses it can personally use the IC card 3. It is possible to confirm that the computer 2 is being operated, and to improve the accuracy of identification. Further, by having portability, it is possible to update with the system operator S if the personal computer 2 is installed even at a place where the user is on the road and the mobility is improved.

As explained above, according to the present invention, even if the same message BM is sent from the same customer A, different variable element sequences VL are used for each communication, so the ciphertext C is used.
M is different and cannot be decrypted by a third party. When the customer is different, the first fixed element row FL
Since the first fixed element sequence FL2 and the second fixed element sequence FL2 are also different from each other, there is no correlation between the respective customers, and therefore, even when a third party collects a large number of ciphertext CMs, a clue for decryption is given. It does not become a thing.

An encryption method using a long encryption key having the same length as the communication text BM as described above is called "Vernam encryption". The encryption key is a random number and the encryption key is used. It is said that you can obtain a complete cipher that cannot be deciphered by changing each time.

However, since the encryption key is too long, a huge memory capacity is required to prepare a plurality of encryption keys, which is considered to be impractical. According to the above method, it is possible to realize a practical application as a long encryption key that is different each time can be formed from a small amount of data of the first fixed element sequence FL1, the second fixed element sequence FL2, and the variable element sequence VL. .

[0038]

As described above, according to the present invention, by the first fixed element row, the second fixed element row and the variable element row which are values unique to the customer and which cannot be known to a third party,
By forming a long cryptographic key equivalent to the communication text and performing an exclusive OR of the cryptographic key and the communication text bit by bit, it becomes a ciphertext that is virtually impossible to decipher on the communication line. It secures confidentiality even when eavesdropping is performed, and has an extremely excellent effect of securing security in transactions of this kind.

Further, by causing the IC card having portability to perform the above-mentioned encryption and decryption, it is confirmed on the system operator side that the person who possesses this IC card, that is, the customer himself is communicating. As a thing that can be done, it is possible to prevent an illegal communication by a third party and to exert an excellent effect of further improving the reliability.

[Brief description of drawings]

FIG. 1 is a schematic connection diagram showing an embodiment of a communication system in a communication line transaction according to the present invention.

FIG. 2 is a perspective view showing a main part of the same embodiment.

FIG. 3 is an explanatory diagram showing a configuration of a customer table in the same embodiment.

FIG. 4 is an explanatory diagram showing a procedure for creating an encryption key.

FIG. 5 is an explanatory diagram showing a ciphertext creation procedure.

FIG. 6 is an explanatory diagram showing a decryption procedure of ciphertext.

[Explanation of symbols]

 1 ... Host computer 2 ... Personal computer 3 ... IC card 3a ... Terminal 10 ... Communication line A ... Customer S ... System operator FL1 ... First fixed element row FL2 ... Second fixed element row VL ... Variable element sequence NL ... Name sequence BM ... Communication text CK ... Encryption key CM ... Ciphertext TI ... Customer table VT ... Variable element sequence table

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁶ Identification code Office reference number FI technical display location H04L 9/00 673A 673E

Claims (3)

[Claims] 1. A communication system in which a system operator and a customer exchange transactions by exchanging communication texts through a communication line, and a host computer connectable to the communication line is provided on the system operator side. The customer side is provided with a personal computer that can be connected to the communication line and an IC card that can be connected to the personal computer with a standardized terminal and can be loaded with a program. , A variable element sequence table consisting of a plurality of variable element sequences, which are sequence numbers with an arbitrary number of digits and are referred to as name columns which do not correlate with each other, and the number of digits different from the variable element sequence, which is a sequence with an arbitrary number of digits And a second fixed element sequence that is a sequence of numbers with an arbitrary number of digits and that has a different number of digits from the variable element sequence and the first fixed element sequence. A plurality of table storage means for storing a specific bill for each customer, and the variable element row in the customer table to which the IC card is provided when the IC card is connected through the communication line. Variable element sequence transmitting means for randomly selecting one variable element sequence from the table and transmitting the name sequence corresponding to the variable element sequence to the IC card, and the same customer table as the selected variable element sequence. Encryption key creating means for creating an encryption key from the first fixed element sequence and the second fixed element sequence, and the encryption and decryption of the communication text by the encryption key created by the encryption key producing means. A ciphertext creating / decrypting means is provided, and the IC card has a table storing means for storing a customer table corresponding to the customer who received the IC card, and the host computer. A variable element string receiving means for selecting and receiving a name column from data variable element sequence corresponding to the name column from among the customer table, the same encryption key preparing means as provided in the host computer,
A ciphertext creating / decrypting means is provided, and the cipher key creating means sequentially adds the selected variable element sequence, first fixed cryptographic element sequence and second fixed cryptographic element sequence digit by digit from the most significant digit. The element string whose digit number has been completed is circulated again to the most significant digit and the addition is continued to form an encryption key having at least the same digit as the communication text. A ciphertext is created by performing an exclusive OR for each digit of the key and the communication text, and the ciphertext and the encryption key are decrypted by performing an exclusive OR for each digit. Communication system for communication line transactions. 2. The IC card is provided with the variable element sequence transmitting means, and when communicating with the host computer, the IC card side can also transmit the name sequence to the host computer if necessary. The communication system in the communication line transaction according to claim 1, wherein 3. It is assumed that at least the name sequence and the variable element sequence in the customer table stored in the IC card are not reused and are updated at the end of use, This update is performed by the recording of the recording material describing the name sequence and the variable element sequence from the system operator to the customer, and the description of the name sequence and the variable element sequence in the recording means is unique to the customer. The communication system in the communication line transaction according to claim 1 or 2, wherein encryption is performed by the encryption key formed in (3).