JPH0983512A - Ciphering system and optical exclusive or arithmetic unit used for the same - Google Patents

Abstract

PROBLEM TO BE SOLVED: To process a Vernam cipher at a high speed with pseudo random numbers setting data of a picture to be a seed signal as a ciphering key. SOLUTION: Polarizing plates 381 and 382, liquid crystal panels (LCP) 401-403 and diffraction elements(DE) 561-564 in a ciphering key generation part 44 constitute an optical exclusive OR arithmetic unit calculating three bits of respective pixels in LCP. DE guide the correspondence of the respective picture elements, which is to be calculated. A pattern corresponding to an initial value vector (seed signal at first) is displayed on LCP 401. Random bit strings corresponding to the pixels of LCP can be obtained as the ciphering keys by image- picking up output light from the polarizing plate 388 and A/D-converting it. The keys are displayed on LCP 404 of the optical exclusive OR arithmetic unit consisting of the polarizing plates 383 and 384 and LCP 404 and 405 in a ciphering part 46, and digital data which is to be ciphered is displayed on LCP 405. Output light from the polarizing plate 384 is image-picked up, is A/D- converted and is outputted as the Vernam cipher.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an encryption system for digital communication and the like, and an optical exclusive OR operation device usable therefor.

[0002]

2. Description of the Related Art In digital communication networks in an advanced information society, various encryption methods have become important in order to ensure the security of information.

The encryption methods are roughly classified into two types, one using a public key and the other using a secret key (also called a common key). In particular, the latter secret key also has a role as a seal in a communication network, and is considered to be used more and more in the future.

As a method of using a secret key, a Vernam (hereinafter referred to as Vernam) which performs an exclusive OR (hereinafter, referred to as XOR) of a random key and a plaintext (data to be encrypted) and performs encryption The code is known. This Vern
In the am cipher, a pseudo-random number that uses an initial value of a certain length as a seed is generally used as an encryption key.

FIG. 8B shows the generation of pseudo-random numbers.
Vern using maximum length sequence code (hereinafter referred to as M sequence)
It is a figure which shows the algorithm of am encryption.

In the figure, reference numeral 1A is digital data to be encrypted (corresponding to plaintext), which is given to the encryption unit 2A. The encryption unit 2A performs an XOR operation of the encryption key generation unit 4A that generates an M-sequence random number as an encryption key with the seed signal 3A as an initial value, and the generated encryption key and the digital data 1A. It is composed of an XOR circuit 5A and outputs the XOR operation result as Vernam encryption.

The Vernam cipher output from the encryption unit 2A is sent to the decryption unit 2B via the transmission line 6.

The decryption unit 2B has the same configuration as that of the encryption unit 2A, and includes an encryption key generation unit 4B for generating an M-sequence random number from the seed signal 3B as an encryption key, and the generated encryption. And an XOR circuit 5B that performs an XOR operation on the Vernam cipher that has been transmitted, and outputs the XOR operation result as decrypted digital data 1B.

Since this Vernam encryption is a secret key system,
The seed signal 3A and the seed signal 3B are the same signal.

[0010]

It has been clarified that the Vernam cipher is a highly secure encryption method when a long encryption key is used. In this Vernam cipher,
As described above, a pseudo random number using an initial value of a certain length as a seed is used as an encryption key, but the cycle of such a random number depends on the size of the signal (signal type) used as the seed. Therefore, in order to ensure high security with Vernam encryption, it is necessary to generate a long pseudo-random number as an encryption key.

However, in order to maintain sufficient security for encrypting a large amount of data such as an image, it takes a very large amount of calculation to generate such a long pseudo random number. However, when a large amount of data is encrypted or decrypted by a computer such as a personal computer (hereinafter abbreviated as a personal computer), it takes a very long time.

The present invention has been made in view of the above points, and it is an object of the present invention to provide an encryption system capable of processing Vernam encryption at a high speed and an optical exclusive OR operation device usable therefor. To aim.

[0013]

In order to achieve the above object, an encryption system according to the present invention comprises an encryption key generation unit for receiving an seed key and generating an encryption key, and a digital data to be encrypted or Receiving encrypted digital data, performing an exclusive OR operation of the digital data and the encryption key generated by the encryption key generation unit to output encrypted digital data or decrypted digital data An encryption system including an encryption / decryption unit including an exclusive-OR operation unit, wherein at least one of the encryption key generation unit and the exclusive-OR operation unit is a spatial modulation element. It is characterized in that it includes an optical exclusive OR operation device utilizing.

That is, according to the encryption system of the present invention,
In order to encrypt a large amount of data, a pseudo random number using a relatively large amount of data such as an image as a seed signal is generated as an encryption key. At this time, paying attention to the fact that light can handle a large amount of information in parallel, using an optical exclusive OR operation device using a spatial modulation element as an optical parallel operation system, Generation or digital data encryption and decryption are performed.

Further, the optical exclusive OR operation apparatus according to the present invention comprises two polarizing plates and a plurality of spatial modulation elements arranged between the polarizing plates and aligned with the polarizing plates. It is characterized by being provided.

That is, according to the optical exclusive OR operation device of the present invention, the polarization direction of the polarizing plate is adjusted, and the area corresponding to each digital data of each spatial modulation element arranged between them is adjusted. By controlling the modulation state of, the exclusive OR operation for the number of areas can be performed in parallel.

[0017]

Embodiments of the present invention will be described below with reference to the drawings.

[First Embodiment] FIG. 2 is a diagram showing the configuration of an encryption system according to the first embodiment of the present invention. In FIG. 2, reference numerals 10A and 10B are communication terminals such as personal computers. Is. Reference numerals 12A and 12B are storage media such as hard disks and magneto-optical disks. The storage media 12A and 12B store digital data 14A and 14B that are data to be encrypted or decrypted data. The digital data 14A, 14B may be any data such as image, voice, text data and the like. Further, the storage mediums 12A and 12B have the seed signal a16.
A, 16B, seed signal b18A, 18B, seed signal c20
It stores A and 20B. Here, it is assumed that the seed signals a to c as seeds for generating a long key are image data, but of course, any digital data such as text may be used.

The storage media 12A and 12B are connected to the encryption / decryption units 24A and 24B and the RAMs 26A and 26B via the data buses 22A and 22B. The encryption / decryption units 24A and 24B have a function of encrypting digital data into Vernam encryption and vice versa, as will be described later in detail. In addition, RAM26A, 26B
Is a control program 28A, 28 for controlling encryption, decryption, and communication by a CPU (not shown).
B is read.

Further, the data buses 22A and 22B are further provided.
Is connected to communication controllers 30A and 30B such as a modem, and between them via a transmission line 32 for communication.
Encrypted by the encryption / decryption units 24A and 24B
Vernam cipher is being transmitted.

Here, the encryption / decryption units 24A, 2
4B will be described, but in order to help understanding thereof, first, the description starts with generation of pseudo random numbers.

The M sequence is a code word generated by using a linear shift register circuit (hereinafter referred to as LSR),
It is a pseudo-random sequence. It is known that a shift register having n stages can be used to generate a sequence having a period of 2 ⁿ -1. When this n is appropriately selected, (A) of FIG. 3 based on the primitive polynomial V (x) represented by V (x) = 1 + x ^k + x ⁿ (n, k: positive integer)
A circuit as shown in (1) generates a 1-bit sequence per clock. Here, x ^k means that feedback is applied from the k-th stage register in the LSR 34. In the figure, for each bit of the LSR 34, from 1 (bit generated last time) to n (bit generated n times before)
Numbers up to and are represented by a1 to an, and a new bit is generated in a0. In this example of the primitive polynomial, the nth bit and the kth bit are XOR circuit 3
The result of the XOR operation in 6 becomes a0. Thus a0
After this is generated, this a0 is set as a1 and all bits are shifted, so that the old an is lost. By repeating this operation, a pseudo random bit string is generated.

The M sequence can generate n sequences at a time for n initial inputs by using a conversion from a certain state to a state after n clock shifts. Further, focusing on the case of n>k> n / 2, it is possible to generate n series at the same time by combining bit replacement and XOR of maximum 3 bits.

Here, the case of n = 10 and k = 7 will be specifically described with reference to FIG. The number in each column in this figure corresponds to the bit value of the initial value, and the symbol "^" represents the XOR operation. Each row shows the state of each bit when a random number sequence is generated bit by bit from the initial value. From this figure, it can be seen that each bit state after 10 clock shifts corresponds to 10 random number sequences. Further, it can be seen that the state after 10 clock shifts is realized by the maximum 3-bit XOR.

FIG. 3C is a conceptual diagram of a connection that can generate an n-bit random number sequence at once as described above. This connection consists of three layers. The input (first layer) of the connection is an initial value vector a, the inputs to the second and third layers are b and c, and the outputs are b _out and c _out . Also, c _out is the output of this connection,
It becomes an n-bit random number sequence. b _out is the result of the XOR operation of a and b, and c _out is the result of the XOR operation of a'and c.

Here, if a = (a1, a2, ..., An), then b is expressed as follows: bi = ai + nk (i≤k), bi = ai-k (i> k) (1) Then, c is expressed as follows: ci = bi + nk _out (i≤k), ci = bi-k _out (i> k) (2). Further, a'is expressed as a'i = ai (2k-n <i≤k), a'i = 0 (2k-n≥i, i> k) (3).

Here, a'i = 0 means that there are two XORs and three XORs in the row after 10 clocks in FIG. 3B, and the two XORs are taken. Shows. That is, this part can be regarded as being XORed with “0”.

The output c of this connection
_{By making out the} initial value vector a again, the next n
Bit random numbers can be generated. Even if the connection of each layer is reversed, the order of the random number sequence changes, but the same effect can be obtained.

If the parallel XOR operation of a plurality of bits performed in the second layer, the third layer, etc. can be realized, the encryption can be performed at high speed.

In the present embodiment, such parallel X
The OR operation is realized by an optical system using a spatial modulation element, that is, an optical exclusive OR operation device, as shown in FIG. In the present embodiment, a liquid crystal panel will be described as an example of the spatial modulation element, but it goes without saying that the present invention is not limited thereto.

In the figure, reference numerals 38A and 38B are used.
Is a polarizing plate and is arranged so that the planes of polarization of the polarizing plates are perpendicular to each other. Then, between these, homogeneously aligned liquid crystal panels (hereinafter referred to as LCP) 40A and 40B are arranged. Reference numeral 42 represents an output surface. Note that this figure shows only four pixels for the LCPs 40A and 40B and the output surface 42 for simplification.

In such an optical system, the LCP 40A, 4
XOR operation becomes possible by controlling 0B as a half-wave plate on a pixel-by-pixel basis. That is, LCP40A, 4
0B is in the ON state (white pixels a, b, c,
In d), since it functions as a half-wave plate, it is possible to change the polarization direction by 90 degrees with respect to the incident light, as indicated by a double-headed arrow in the figure. When it is off (black pixels a ', b', c ', d'in the figure), the polarization direction of the incident light does not change. Therefore, LCP40A and LCP40B
When both are on (pixel e) and both are off (pixel f), the output surface 42 is off, but LCP 40A and LCP 40A
When only one of CP40B is on (pixel g,
In h), the output surface 42 is turned on and the XOR operation can be realized.

In this operation, each pixel of the LCP corresponds to 1 bit, and XOR operations for the number of pixels of the LCP can be simultaneously executed. The XOR operation of 3 bits or more can be performed by increasing the number of LCPs provided between the polarizing plates 38A and 38B and appropriately changing the polarization direction of the polarizing plates.

By using such an optical system, the above-mentioned encryption /
The decoding units 24A and 24B are configured, for example, as shown in FIG.

That is, the encryption / decryption unit 24A,
The encryption / decryption unit 24 as 24B includes an encryption key generation unit 44 and an encryption unit 46, each of which is realized by an optical system 48. For example, coherent light from a light source 50 such as a laser is split by a half mirror 52 and guided to an encryption key generation unit 44 and an encryption unit 46.

In the encryption key generator 44, after the incident coherent light is made parallel by the lens system 541,
It is guided to the polarizing plate 381. This polarizing plate 381 is an LCP
401, 402, 403, diffractive elements (hereinafter referred to as "deflection element: DE") 561, 562, 5
63, 564, and the polarizing plate 382 realize the above-mentioned connection. Where DE561,
Reference numerals 562, 563 and 564 bend the light in a desired direction, and this is realized by, for example, a hologram or the like. That is, DE561 and 563 are LCP401 and 40
The light parallel to the optical axis emitted through each pixel of 2 is bent and emitted in a desired direction for each pixel, and DE562 and 564 are DE
The light from 561 and 563 is returned to the direction parallel to the optical axis and L
It plays the role of making it enter the CP 402 and 403.

Here, the LCP 401 has an image memory 5
The pattern corresponding to the initial value vector stored in 8 is displayed. This initial value vector is initially
The seed signal is read from the storage medium 12A or 12B and temporarily stored in the image memory 58. And the polarizing plate 3
The output light from 81 is imaged by CCD camera 601, and A /
By performing an appropriate threshold value processing through the D conversion unit 621,
A random bit string corresponding to the pixels of LCP is obtained. The threshold processing circuit is not shown. This bit string is stored in the image memory 58, fed back again to generate the next random bit string, and is input to the encryption unit 46 as an encryption key.

The encryption unit 46 displays the input encryption key on the LCP 404. On the other hand, the digital data to be encrypted is the storage medium 12A or 12B.
Is read from and stored in the data memory 64,
This is displayed on the LCP405. On the polarizing plate 383,
The light split by the half mirror 52 is reflected by the lens system 54.
The light is collimated by 2 and is incident on it.
As described above, the XOR operation is performed by 4, 405 and the polarizing plates 383, 384. The output light from the polarizing plate 384 is imaged by the CCD camera 602, converted into digital data by the A / D converter 622, and output as Vernam code. Also in this case, threshold processing is performed and the bit string is output.

If the total number of bits (M) of the digital data to be encrypted matches the total number of bits (N) of the seed signal or the seed signal is larger (M ≦ N), feedback is performed. Although it is not necessary to do so, in general, since M> N, feedback is performed.

When the Vernam cipher is decrypted by the encryption / decryption unit 24 having such a configuration, the Vernam encryption is performed through the data memory 64 instead of the digital data.
The code may be displayed on the LCP405. As a result, the decoded digital data is obtained at the output of the A / D converter 62 2.

In the encryption system having the above configuration,
It works as follows. It should be noted that the communication terminals 10A and 10B can perform bidirectional encrypted communication, but here, the communication terminal 1
A case of transmitting encrypted Vernam communication from 0A to the communication terminal 10B will be described.

First, in the communication terminal 10A, a control program for communication is activated, which is the RAM 26A.
Read in. Next, the digital data 14 that you want to send
In addition to designating A, the seed signal used for encryption is designated. Here, for example, it is assumed that the seed signal b18A is selected. The digital data 14A and the seed signal b18A are sent to the encryption / decryption unit 24A and are subjected to the above-mentioned processing.
Vernam signal is generated. This Vernam signal passes through the transmission path 32 via the communication controller 30A, and the communication terminal 10
Sent to B. In the communication terminal 10B, the communication controller 30
The input Vernam signal is sent to the encryption / decryption unit 24B via B, and the seed signal b18B is read and sent to the encryption / decryption unit 24B. Then, it is decrypted as the original digital data. Of course, at the time of decoding, the seed signal a other than the seed signal b is obtained.
The seed signal c cannot be decrypted to the original digital data, and the same seed signal b as that used for encryption must be used.

As described above, in the present embodiment, by using the optical exclusive OR operation device in the encryption / decryption unit, the encryption / decryption processing using a long key can be performed at a very high speed. Can be done. Moreover, if the LCD or the like has 400,000 pixels, it is possible to encrypt 400,000 bits at one time.

In the configuration of FIG. 1, the DE (diffraction element) is used.
Is arranged in-line, but it is also possible to arrange it offset from the optical axis.

Further, as shown in FIG. 5, instead of the diffraction element, optical fibers (indicated as OF in the figure) 661 and 662 are provided.
Units connected by can also be realized. In this case,
The light source 50 does not have to generate coherent light as long as it has a sufficiently narrow wavelength range.

Further, as shown in FIG.
The decoding unit 24 may be incorporated in the communication controller 30.

In this embodiment, CC is used for signal reading.
I'm using D cameras 601 and 602, but LCLV
(Liquid Crystal Light Valve) can also be used. In this case, the output light on the side of the encryption key generation unit 44 can be directly input to the XOR operation portion of the encryption unit 46 via the optical system.

Further, as a method for optically realizing the XOR operation, a method called spatial coding can be used.

[Second Embodiment] Next, a second embodiment of the present invention in which the transmission speed and safety are further improved will be described with reference to FIG.

In the first embodiment, the Vernam cipher is transmitted through the transmission line 32. For example, 2
Use a 400 BPS telephone line to obtain 512 lines each
When sending Vernam encryption of RGB color image data of pixels, (512 * 512 * 3 * 8) / (2400 * 60) = 4
It takes 3.69 minutes. When there are multiple pieces of data to be processed, current transmission over telephone lines is not practical.

Therefore, in the present embodiment, Vernam
The code is stored in an external storage medium so that it can be transported offline.

That is, in FIG. 6, reference numerals 68A, 6
The first data input / output device 8B is, for example, a floppy disk drive or a magneto-optical disk drive. The Vernam cipher is stored in a storage medium 70 such as a floppy disk or a magneto-optical disk and is transported off-line.

In the first embodiment, the seed signal is stored in advance in the communication terminal. In this case, however, decoding can be tried on all seed signals, which is further improved in terms of safety. There is room for improvement.

Therefore, in this embodiment, it is proposed to store the seed signal in a medium other than the communication terminal. That is, in the figure, reference numerals 72A and 72B are second data input / output devices, such as IC card reader / writers and optical card drives. The seed signal is stored in a portable storage medium 74 such as an IC card or an optical card,
Transported offline. Here, the seed signal may be stored in a floppy disk, a magneto-optical disk, or the like, but in order to maintain the safety of information, it is better for an individual who uses the data to carry it, which is convenient for carrying. IC card (CP
U is particularly confidential because it includes U) and optical cards are effective. Further, in this case, only a plurality of members who share the secret have the storage medium of the same seed signal, so that the safety of information can be ensured higher.

[Third Embodiment] The encryption / decryption unit 24 having the above-mentioned configuration is not necessarily used in each terminal 1.
Not required for zero. In recent years, as shown in FIG.
Opportunities to network each terminal by the AN are increasing, and at that time, a protective wall called a gateway 78 may be installed in a portion connected to the external communication network 76. Therefore, the encrypted data can be used only when the encryption / decryption unit 24 is not provided in each terminal 10 but is installed in the gateway 78 and the data is exchanged with the outside.

With such a configuration, it is effective, for example, in using medical data. That is, when a certain patient is transported to a hospital other than the family (for example, an emergency hospital; LAN2 in FIG. 7 is operated), the doctor of the transported hospital wants to know the past state of the patient. In this case, using a card that stores the seed signal that the patient wears, the database of the hospital at a remote place (LAN1 in FIG. 7 is operated)
You can access to and get the data you want safely. This patient's data is invisible without a card that stores the seed signal and is completely private.

Of course, as shown in FIG. 7, the encryption / decryption unit 24 may be installed in the gateway / terminal 80 at the entrance of the subnet. By doing this, it is possible to apply multiple layers of encryption. For example,
If subnets are constructed for each of a plurality of departments in a building connected by a LAN, data is transmitted in plain text within the department, and when passing the data to other departments, the encryption / installation of the gateway / terminal 80 is performed. Decoding unit 2
4 can be encrypted and passed, and when it is transmitted to the outside of the building through the external communication network 76, it can be encrypted again by the encryption / decryption unit 24 installed in the gateway 78. It is possible to further improve the confidentiality of the transmitted data.

[Fourth Embodiment] In this embodiment, a seed signal is used as a seal stamp in digital data. That is, in the current official seal registration, the stamped shadow and the registered shadow are printed out for verification. However, for digital data, what corresponds to a seal has not been put to practical use until now.

Therefore, as shown in FIG. 8A, if the data obtained by capturing the publicly certified or registered shadow with a scanner is used as a seed signal for key generation and the data to be certified is encrypted, , The data cannot be decrypted and used unless the shadow is certified by official registration. As described in the second embodiment, the seed signal is stored in an IC card and encrypted / decrypted, so that the seed signal can be used as a seal stamp. .

In this case, the seed signal to be registered is the seal stamp,
Of course, any publicly certified data such as a signature may be used.

[Fifth Embodiment] An image can be used as a seed signal for generating the encryption key described in the first to fourth embodiments. In general, since image data has a large capacity, it is suitable as a seed signal for generating a long key. Further, in general, the image data has one pixel 8
Since it is represented as grayscale data having a gradation of bits, a bit slice of each pixel value can be used as a seed signal, for example, the upper 3rd bit of each pixel. Alternatively, it is possible to select a bit string of an image obtained by thinning out the original image data as a seed signal.

Of course, in the present embodiment, two kinds of methods are selected as the method of selecting the seed signal from the image data, but the encryption / decryption according to the present invention may use the same seed signal on the sending / receiving side of the encrypted data. It is natural that it is possible to select seed signals other than those listed here, since it is sufficient.

Although the present invention has been described based on the above embodiments, the present invention is not limited to the above-described embodiments, and various modifications and applications are possible within the scope of the gist of the present invention. . Here, the summary of the present invention is as follows.

(1) An encryption key generation unit for receiving an seed signal and generating an encryption key, and digital data to be encrypted or encrypted digital data, and the digital data and the encryption key generation unit. A cipher including an encryption / decryption unit including an exclusive OR operation unit that performs an exclusive OR operation with the generated encryption key to output encrypted digital data or decrypted digital data In the encryption system, at least one of the encryption key generation unit and the exclusive OR calculation unit includes an optical exclusive OR calculation device using a spatial modulation element.

That is, in order to encrypt a large amount of data,
While generating pseudo-random numbers that use relatively large data such as images as seed signals as encryption keys, at this time, paying attention to the fact that light can handle a large amount of information in parallel, as an optical parallel computing system, Since the encryption key is generated or the digital data is encrypted by using the optical exclusive OR operation device using the spatial modulation element, the encryption and the decryption using the long key are performed. The process of can be performed very fast.

(2) The optical exclusive OR operation device of the encryption key generating section is: V (x) = 1 + x ^k + x ⁿ (where n>k> n /
(2) The encryption system according to (1), which is configured to generate a pseudo-random number by an n-bit maximum length sequence code based on a primitive polynomial represented by (2).

That is, by constructing the optical exclusive OR calculation device based on the primitive polynomial, the number of spatial modulation elements used in the optical exclusive OR calculation device can be minimized. it can.

(3) An optical exclusive device characterized by comprising two polarizing plates and a plurality of spatial modulation elements arranged between the polarizing plates in alignment with the polarizing plates. OR operation device.

That is, by adjusting the polarization direction of the polarizing plate and controlling the modulation state of the area corresponding to each digital data of each spatial modulation element arranged between them, exclusion of the number of areas is performed. The logical OR operation can be performed in parallel.

(4) The seed signal is stored in a storage medium detachable from the main body of the apparatus that houses the encryption / decryption unit, and the encryption / decryption unit stores the seed signal from the storage medium. The encryption system according to (1), further comprising means for reading and supplying the read key to the encryption key generation unit.

That is, the seed signal is not stored in the device body that houses the encryption / decryption unit, but is stored in a storage medium that can be formed by a specific person, so that the confidentiality of digital data or encryption can be kept. It can be improved.

(5) The encryption system according to (1), wherein the seed signal is publicly certified data.

That is, the seed signal can be used instead of the seal stamp.

(6) The encryption system according to (1), wherein the seed signal is an image signal having gradation.

That is, since the image data has a large capacity, it is suitable as a seed signal for generating a long key. It is also possible to use only part of the image data for the seed signal, so unless you know which part of the image data is selected as the seed signal, it will be encrypted even if the image data is obtained illegally. Since the data cannot be decrypted, the confidentiality of digital data or encryption can be improved.

(7) The encryption / decryption unit is located in the input / output unit of the information in a predetermined grouped area in the information network. System.

That is, since encryption / decryption may be performed within a predetermined grouped area in the information network, even if each terminal does not have an encryption / decryption unit, any terminal can It becomes possible to exchange encrypted data with the outside of the area, which simplifies the overall configuration and improves the confidentiality of information.

[0078]

As described in detail above, according to the present invention,
It is possible to provide an encryption system capable of processing Vernam encryption at high speed and an optical exclusive OR operation device that can be used for the encryption system.

[Brief description of drawings]

FIG. 1 is a block configuration diagram of an encryption / decryption unit according to a first embodiment.

FIG. 2 is a block configuration diagram of an encryption system according to the first embodiment.

FIG. 3A is a diagram showing a pseudo random number generation circuit using an n-bit maximum length sequence code (M sequence) using a linear shift register circuit, and FIG. 3B is a diagram showing n = 10 and k = 7 in FIG. 3A. It is a figure which shows the bit state at the time of doing, (C) is a conceptual diagram of the connection which can generate a random number sequence of n bits at once.

FIG. 4A is a diagram for explaining the principle of the optical exclusive OR device in the first embodiment, and FIG.
FIG. 7 is a block configuration diagram showing a modified example of the encryption system according to the first exemplary embodiment.

FIG. 5 is a block configuration diagram showing a modification of the encryption / decryption unit according to the first embodiment.

FIG. 6 is a block configuration diagram of an encryption system according to a second embodiment.

FIG. 7 is a diagram showing a configuration of an encryption system according to a third exemplary embodiment.

FIG. 8A is a diagram for explaining a fourth embodiment in which a seed signal is used as a digital seal stamp, and FIG. 8B is a block configuration diagram of a conventional encryption system.

[Explanation of symbols]

10, 10A, 10B ... Communication terminal, 14A, 14B ...
Digital data, 16A, 16B ... Seed signal a, 18
A, 18B ... Seed signal b, 20A, 20B ... Seed signal c,
24, 24A, 24B ... Encryption / decryption unit, 3
0, 30A, 30B ... communication controller, 32 ... transmission path,
38A, 38B, 381 to 384 ... Polarizing plate, 40A,
40B, 401 to 405 ... Liquid crystal panel (LCP), 4
4 ... Encryption key generation unit, 46 ... Encryption unit, 561
564 ... Diffraction element (DE), 661, 662 ... Optical fiber (OF), 68A, 68B, 72A, 72B ... Data input / output device, 70, 74 ... Storage medium, 78 ... Gateway, 80 ... Gateway / terminal.

 ─────────────────────────────────────────────────── ─── Continuation of the front page (72) Masaki Higurashi Masaki Higurashi 2-43-2 Hatagaya, Shibuya-ku, Tokyo Olympus Optical Industry Co., Ltd. (72) Inventor Masahiro Yamaguchi 4259 Nagatsuta-cho, Midori-ku, Yokohama-shi, Kanagawa Tokyo Institute of Technology (72) Inventor Takashi Obi 4259 Nagatsuta-cho, Midori-ku, Yokohama-shi, Kanagawa Tokyo Institute of Technology

Claims (3)

[Claims] 1. An encryption key generation unit that receives a seed signal to generate an encryption key, and digital data to be encrypted or encrypted digital data, and the digital data and the encryption key generation unit generate the encryption data. Encryption including an encryption / decryption unit including an exclusive OR calculation unit that outputs an encrypted digital data or a decrypted digital data by performing an exclusive OR operation with the encrypted key In the system, at least one of the encryption key generation unit and the exclusive OR calculation unit includes an optical exclusive OR calculation device using a spatial modulation element. 2. The optical exclusive OR operation device of the encryption key generation unit is: V (x) = 1 + x ^k + x ⁿ (where n>k> n /
The encryption system according to claim 1, wherein the encryption system is configured to generate a pseudo random number by an n-bit maximum length sequence code based on a primitive polynomial represented by (2). 3. An optical exclusive logic device comprising: two polarizing plates; and a plurality of spatial modulation elements arranged between the polarizing plates in alignment with the polarizing plates. Sum operation device.