JPH10341223A - Encryption communication system and encryption communication repeater - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide the encryption communication system and encryption communication repeater where troublesome processing of keys for a transmitter computer conducting encryption communication is not required, consumption of a memory capacity for storing the keys is avoided, and key management required for encryption communication among lots of computers is conducted efficiently. SOLUTION: A repeater 7 is introduced between computers 1, 14 that conduct mutual encryption communication, the repeater 7 stores a common key between the transmitter computer 1 and the receiver computer 4, an encrypted message from the transmitter computer 1 is decoded and encrypted with a common key to the receiver computer 4 and the encrypted message is sent to the receiver computer 4. Thus, the transmitter computer 1 manages only the common key to the repeater 7 to make the encryption communication with lots of destination computers 4-7 thereby facilitating the key management.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an encryption communication technology for encrypting a message using an encryption key such as a common key or a public key and performing communication between computers, and more particularly, to an encryption communication between a large number of computers. The present invention relates to a cryptographic communication system and a cryptographic communication relay device suitable for efficiently performing communication.

[0002]

2. Description of the Related Art When a message is encrypted and communicated between computers (computers), for example, see "Electronic Information and Communication Handbook" edited by the Institute of Electronics, Information and Communication Engineers (1988, Ohmsha), pages 1944 and 1945. As described, an encryption key such as a common key or a public key is used. When a common key is used, the same encryption key (common key) is held in both the transmitting and receiving computers, and the message is encrypted and decrypted using the common key. When a public key is used, the transmitting computer encrypts the message with the public key, and the receiving computer decrypts the received encrypted message with the secret key paired with the public key.

In the conventional encryption communication technology, a transmitting computer previously acquires a common key with a receiving computer or a public key of a receiving computer, and uses the common key and the public key to obtain data ( Message) and sent it to the receiving computer. However, in this technique, it is necessary to hold a common key with a large number of receiving computers or a public key of a large number of receiving computers. There is a problem that a large capacity is required. For example, when realizing electronic commerce (electronic commerce) using an IC card,
General users who have little knowledge of computer security by encryption need to handle encryption keys.However, conventional encryption communication systems require many encryption keys and may not be able to manage them securely enough. The memory of the IC card is wasted.

[0004] In order to cope with such a problem, for example, a technology for sharing a common key by communicating according to a handshake protocol of the "Secure Socket Layer" protocol, or a transmitting computer requests a public key from a receiving computer. Thus, a technique for acquiring a public key when it becomes necessary to communicate, such as a technique for a transmitting computer to obtain a public key, is disclosed. However, this technique has a problem that it takes a long time to complete the encrypted communication because the transmitting computer obtains the encryption key when communication is required.

[0005]

The problem to be solved is that, in the prior art, the transmitting-side computer performing cryptographic communication requires a common key with a number of receiving-side computers or the disclosure of a number of receiving-side computers. It is necessary to hold the key, and it takes time to complete the cryptographic communication. An object of the present invention is to solve the problems of the related art, and eliminate the need for complicated key handling in a transmitting computer that performs encrypted communication.
In addition, by providing a cryptographic communication system and a cryptographic communication relay device capable of avoiding consumption of memory capacity for key storage and efficiently performing key management required for cryptographic communication between a large number of computers. is there.

[0006]

In order to achieve the above object, the cryptographic communication system and the cryptographic communication relay device of the present invention perform cryptographic communication between computers via the relay device. That is, the relay device holds the public key of the communication partner or the common key with the communication partner in advance, decrypts the encrypted message from the transmitting computer, and encrypts the decrypted message with the encryption key of the receiving computer. By transmitting the data to the receiving computer, the transmitting computer only needs to have a common key with the relay device or only the public key of the relay device. In addition, the time until the completion of the encryption communication is shorter than the technique for obtaining the encryption key when the communication is required.

[0007]

Embodiments of the present invention will be described below in detail with reference to the drawings. FIG. 1 is a block diagram showing one embodiment of the configuration according to the present invention of the cryptographic communication system and the cryptographic communication relay device of the present invention. In FIG. 1, reference numerals 1 to 6 denote computers that mutually perform cryptographic communication, reference numeral 7 denotes a relay device as a cryptographic communication relay device that mediates cryptographic communication between the computers 1 to 6, and reference numeral 8 denotes each of the computers 1 to 6 and the relay device. Reference numeral 7 denotes a third party organization as a key management center that issues a common key for performing cryptographic communication. In each of the computers 1 to 6 and the relay device 7,
There are provided display devices 1a to 7a made of a CRT (Cathode Ray Tube) or the like for displaying a screen, and input devices 1b to 7b made of a keyboard or the like for inputting data.

Hereinafter, an outline of the processing according to the present invention in such a configuration will be described by taking communication between the computer 1 and the computer 4 as an example. First, a procedure for distributing a common key for each of the computers 1 and 4 to perform cryptographic communication with the relay device 7 from the third party organization 8 to the computers 1 and 4 and the relay device 7 will be described. This procedure is called "Keroberos". The key may be distributed immediately when the computers 1 and 4 are connected to the cryptographic communication system, or immediately when the necessity of the transaction arises.

The third party organization 8 has a ticket encrypted with a common key between itself (the third party organization 8) and the relay apparatus 7 and a common key between the computer 1 and the relay apparatus 7 inside. Certificate
The data is encrypted with a common key between the computer 1 and the third party organization 8 and sent to the computer 1. The computer 1 decrypts the certificate sent from the third party organization 8 with the common key with the third party organization 8, extracts the ticket and the common key, and sends the ticket to the relay device 7.
The relay device 7 sends the ticket sent from the computer 1
The decryption is performed using the common key with the third party organization 8 sent from the third party organization 8, and the user name of the computer 1, the login name of the user, and the common key with the computer 1 are extracted therefrom.

Next, a procedure for obtaining a common key for the computer 4 and the relay device 7 to perform cryptographic communication with each other will be described. The third party organization 8 stores therein a ticket encrypted with a common key between itself (the third party organization 8) and the relay apparatus 7 and a certificate containing a common key between the computer 4 and the relay apparatus 7. , Encrypted with the encryption key between the computer 4 and the third party organization 8, and sent to the computer 4. Calculator 4
Decrypts the certificate sent from the third party organization 8 with the common key with the third party organization 8, extracts the ticket and the common key, and sends the ticket to the relay device 7. The relay device 7 decrypts the ticket sent from the computer 4 with the common key with the third party organization 8 sent from the third party organization 8, and selects the merchant name and merchant And the common key with the computer 4 are extracted. By the above procedure, the computer 1 and the relay device 7 and the relay device 7 and the computer 4 share a common key.

Next, the computer 1 and the computer 4 are connected to the relay device 7
The following describes a procedure for performing encrypted communication by relaying a message. First, the computer 1 encrypts data with a common key with the relay device 7 and sends the data to the relay device 7. The relay device 7 decrypts the received data using the common key with the computer 1, encrypts the received data with the common key with the computer 4, and sends the data to the computer 4. The computer 4 decrypts the received data with a common key with the relay device 7 and processes the data. In this way, encrypted communication is performed via the relay device 7. Note that the reverse communication is also possible. Further, here, a common key is described as an example of an encryption key for encrypting data, but a public key may be used instead of the common key. In this case, a secret key is used for decryption. And when using a public key as an encryption key like this,
The public key of the relay device 7 is notified to the computer 1 or the computer 4 in advance.

Next, the configuration of the cryptographic communication system and the cryptographic communication relay device in FIG. 1 according to the present invention and the processing operation thereof will be described in detail with reference to FIG. FIG. 2 is a block diagram showing an example of the internal configuration of each of the computer, the relay device, and the third party in FIG. First, a procedure in which the computer 1 and the relay device 7 and the relay device 7 and the computer 4 share a common key will be described.

The certificate creation unit 8b in the third party organization 8 uses the key management table 8a to generate a common key for the third party organization 8 and a certain user of the computer 1, a certain user of the computer 1 and the relay device 7
, The common key between the third party organization 8 and the relay device 7, the user name, the user's login name, and the user's mail address, and read out these user name, user's login name, A ticket is created from the common key between the user and the relay device 7, and this ticket is
And the common key of the relay device 7. Next, the certificate creation unit 8b creates a certificate from the encrypted ticket and the common key of a certain user of the computer 1 and the relay device 7, and sends the certificate to the third party 8 and the computer 1 Is encrypted with a common key with a certain user. And, based on the operation of the operator,
The third party organization 8 sends the encrypted certificate to the mail processing unit 1c of the computer 1 by the mail processing unit 8c.

In the computer 1, the common key between itself (a certain user) and the third party organization 8 in the key management table 1h is determined based on the user's operation of the OS (operation system) 1j using an editor or the like. The user reads his or her login ID as a key and inputs it to the decryption unit 1g. Decoding unit 1g
Decrypts the certificate received by the mail processing unit 1c from the third party organization 8 using the input common key. Then, Calculator 1 obtains a ticket from the decrypted certificate,
The relay device 7 and its own common key are extracted, the extracted common key and its own login ID are registered in the key management table 1h, and the ticket is transmitted to the relay device 7 by the mail processing unit 1c based on an operation from the user. Send to the mail processing unit 7c.

In the relay device 7, the OS 7
Based on the operation using the editor j or the like, the common key between the user and the third party organization 8 in the key management table 7h is read out using the login ID of the operator as a key and input to the decryption unit 7g. The decryption unit 7g uses the input common key to
The mail processing unit 7c decrypts the ticket received from the third party organization 8. Then, the relay device 7 extracts the user name, the login ID of the user, and the common key between a certain user of the computer 1 and the relay device 7 from the decrypted ticket, and logs out the extracted common key and the login of the operator of the relay device 7. I
D is registered in the key management table 7h. Further, a set of the user name and the login ID of the user is registered in the user name / merchant name conversion table 7k.

Similarly, the relay device 7 obtains a common key with the merchant using the computer 4, the merchant name and the login ID, and the merchant using the computer 4 communicates with the relay device 7. Obtain a common key. Then, the merchant of Calculator 4 has his / her login ID
And a common key with the relay device 7 is registered in the key management table 4h. Further, in the relay device 7, based on the operation of the operator, the combination of the merchant name and the merchant login ID is registered in the user name / merchant name conversion table 7k, and the merchant part is encrypted with the transmitted key. Send it to Calculator 4. The computer 4 decrypts the sent merchant part, and stores it in the merchant name table 4.
k, and the merchant's login ID,
The common key with the merchant is registered in the key management table 7h.

The procedure in which the computer 1 performs the cryptographic communication with the computer 4 via the relay device 7 in such a state will be described below. The user of Computer 1 logs in to Computer 1
Enter D and log in. Next, the business processing unit 1d is started, and a user name and a merchant name to be traded are input. Based on this, the business processing unit 1d issues a connection establishment request with the relay device 7 to the encryption communication processing unit 1e. Upon receiving the connection establishment request, the cryptographic communication processing unit 1e reads out the user's login ID from the system file, generates a connection ID, and uses the read-out user's login ID as a key from the key management table 1h to communicate with the relay device 7. The common key is read, and a connection management table 1i is created. Further, the computer 1 sets a parameter in the connection establishment request, encrypts the parameter in the encryption unit 1f, and then transmits the request to the relay device 7 via the encryption communication processing unit 1e. This connection request includes the username,
It contains the user's login ID, connection ID, and merchant name.

When receiving the connection establishment request from the computer 1, the relay device 7 searches the user name / merchant name conversion table 7k for the login ID using the user name as a key, and further receives the connection ID. The decryption unit 7g decrypts the connection establishment request message by obtaining the common key. After searching for the merchant's login ID in the user name / merchant name conversion table 7k, a merchant-side connection ID is generated,
Create a connection management table 7i. Then, a parameter is set in the connection establishment request, encrypted by the encryption unit 7f, and sent to the merchant of the computer 4.
In addition, the connection establishment response which is similarly encrypted is sent to the computer 1. The connection establishment request sent to the computer 4 includes:
The merchant-side connection ID, the merchant name, and the login ID are included, and the connection establishment response sent to the computer 1 includes the user-side connection ID.

When the connection establishment request sent from the relay device 7 is received by the cryptographic communication processing unit 4e, the computer 4 sets the merchant name conversion table 4k
From the login ID, a common key is searched from the login ID, and the common key is decrypted by the decryption unit 4f. Then, a connection management table 4i is created,
The connection establishment response is encrypted by the encryption unit 4f and returned to the relay device 7. The connection establishment response includes
The merchant-side connection ID is included. Thus, the connection between the computers 1 and 4 via the relay device 7 is established.

Hereinafter, normal data communication between the computers 1 and 4 in which the connection has been established as described above will be described. The message input by the user of Calculator 1 includes:
The connection ID is added, the data is encrypted by the encryption unit 7f, and sent to the encryption communication processing unit 7e of the relay device 7. In the relay device 7, after the received message is decrypted by the decryption unit 7g based on the connection management table 7i, the merchant-side connection ID is added, and the message is encrypted by the encryption unit 7f. 4 to the encrypted communication processing unit 4e.

In the computer 4, the message sent from the relay device 7 is decoded by the decoding unit 4f based on the connection management table 4i, and then passed to the business processing unit 4d. The same applies to the return message. That is, computer 1
The user-side connection ID is added to the message between the communication device and the relay device 7, and the merchant-side connection ID is added to the message between the computer 4 and the relay device 7.
These IDs and connection management tables 1i, 4i,
The message is controlled by collating 7i.

Next, the connection management tables 1i, 4i, 7i and the key management table 1 will be described with reference to FIGS.
h, 4h, 7h, the structure of the merchant name conversion table 4k and the structure of the user name / merchant name conversion table 7 will be described, and then the relay device 7 will be used in accordance with the flowcharts of FIGS. The detailed operation of the encrypted communication will be described.

FIG. 3 is an explanatory diagram showing a detailed configuration example of the key management table of the originating computer in FIG. The key management table 1h of the computer 1 in FIG. 2 stores user (1) key information, user (2) key information, user (3) key information,... Key information areas (areas) 1h1 to 1hn in which a login ID and a common key are registered for each user are provided.

FIG. 4 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary user in the key management table of FIG. One key information area 1hx includes item fields 1hx1 to 1hx3 in which the login ID of the user (x), the common key of the user (x) and the third party, and the common key of the user (x) and the relay device are registered. It is composed of

FIG. 5 is an explanatory diagram showing a detailed configuration example of the key management table of the relay device in FIG. The key management table 8a of the relay device 7 in FIG. 2 includes a key information area 8a1 in which key information of the relay device is registered, and a user (1).
Key information areas 8a2a to 8a2n in which the respective key information items (1) to (n) are registered, and merchant (1)
Key information area 8 in which each key information of (m) is registered
a3a to 8a3m are provided.

FIG. 6 is an explanatory diagram showing a detailed configuration example of the key information area of the relay device in the key management table of FIG. The key information area 8a1 of the relay device is composed of item columns 8a1a and 8a1b in which the login ID of the relay device administrator and the common key between the relay device and the third party are registered.

FIG. 7 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary user in the key management table of FIG. Key information area 8a2x of arbitrary user (x)
Is an item field 8a2 in which the login ID of the user (x) and the common key between the user (x) and the relay device are registered.
x1, 8a2x2.

FIG. 8 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary merchant in the key management table of FIG. The key information area 8a3x of an arbitrary merchant (x) includes an entry column 8a3x1 and 8a3x2 in which a login ID of the merchant (x) and a common key between the merchant (x) and the relay device are registered.

FIG. 9 is an explanatory diagram showing a detailed configuration example of the key management table of the receiving computer in FIG. The key management table 4h of the computer 4 in FIG. 2 stores merchant (1) key information, merchant (2) key information, merchant (3) key information,..., Merchant (m) key information, and the like. Key information areas (areas) 4h1 to 4h in which login IDs and common keys for each merchant are registered
m is provided.

FIG. 10 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary merchant in the key management table of FIG. One key information area 4hx is an item field 4hx1 to 4hx3 in which a merchant (x) login ID, a merchant (x) and a common key of a third party institution, and a merchant (x) and a common key of a relay device are registered.
It is composed of

FIG. 11 is a diagram showing a detailed configuration example of the connection management table of the transmitting computer in FIG. The connection management table 1i of the computer 1 in FIG. 2 includes user-side connection (1) information, user-side connection (2) information, and user-side connection (3).
Information,..., User connection (i) information, etc.
For each connection of each user of the computer 1, information areas 1i1 to 1ij in which respective information shown in the following FIG. 12 are registered are provided.

FIG. 12 is an explanatory diagram showing a detailed configuration example of an information area of an arbitrary user side connection in the connection management table of FIG. In one information area 1ix, the connection ID of the user, the login ID of the user (x), the common key between the user (x) and the relay device, the name of the merchant (y), and the state of the state transition table are registered. It consists of item columns 1ix1 to 1ix5. In this example, the service access point of the communication entity of each layer of the communication partner (here, the relay device) and the communication partner is omitted. This is the same in FIGS. 14 and 16 described below.

FIG. 13 is an explanatory diagram showing a detailed configuration example of the connection management table of the receiving computer in FIG. The connection management table 4i of the computer 4 in FIG. 2 includes merchant-side connection (1) information,
The following information shown in FIG. 14 is registered for each merchant connection of the computer 4, such as merchant-side connection (2) information, merchant-side connection (3) information,..., Merchant-side connection (j) information. Provided information areas 4i1 to 4ij are provided.

FIG. 14 is an explanatory diagram showing a detailed configuration example of an information area of an arbitrary merchant-side connection in the connection management table of FIG. One information area 4ix is a merchant connection ID.
And a login ID of the merchant (x), a common key between the merchant (x) and the relay device, and item columns 4ix1 to 4ix4 in which states of the state transition table are registered.

FIG. 15 is an explanatory diagram showing a detailed configuration example of the connection management table of the relay device in FIG. In the connection management table 7i of the relay device 7 in FIG. 2, each relay information (1) to
Information areas 7i1 to 7ij in which (j) is registered are provided.

FIG. 16 is an explanatory diagram showing a detailed configuration example of an arbitrary information area in the connection management table of FIG. One information area 7ix includes a user-side connection ID, a user (x) login ID, a common key between the user (x) and the relay device, a merchant-side connection ID, a merchant (y) login ID, and a merchant (y). It is composed of item columns 7ix1 to 7ix7 in which the common key of the relay device and the state of the state transition table are registered.

FIG. 17 is an explanatory diagram showing a detailed configuration example of the user name / merchant name conversion table of the relay device in FIG. The user name / merchant name conversion table 7k of the relay device 7 in FIG. 2 includes the names and login IDs of the merchants (1) to (m), and the names and login IDs of the users (1) to (n). Information areas 7k1a to 7k1m, 7k2a to
7k2n are provided.

Next, the operation of the cryptographic communication in the cryptographic communication system using the relay device 7 in FIG. 2 will be described with reference to the flowcharts of FIGS. 18 to 20.
Each of the flowcharts is based on the assumption that a connection establishment request is made from the computer 1 to the relay device 7 and from the relay device 7 to the computer 4 in FIG. FIG. 18 is a flowchart showing an operation example by the encryption communication processing unit of the transmitting computer in FIG. First, it waits for the occurrence of an event (step 1802). If there is an external event (step 1803), the message is decrypted (step 1).
810), an event is determined (step 1811).
Thereafter, it is determined whether or not there is still processing (step 181).
2).

If the event in step 1803 is an internal event, the event is determined first (step 1804). If the event is a connection establishment request from the business processing unit 1d in FIG. 2 (step 1805), the login ID of the user is read from the system file (step 1806), and the same user login ID and merchant name as the connection to be established now are read. It is determined whether there is a connection having the attribute (step 1807). If it exists, the existing connection management table 1i in FIG. 2 is used (step 180).
8) If not, a new connection ID is generated, a user-side connection information area 1ix shown in FIG. 12 is newly generated in the connection management table 1i in FIG. 2, and a value corresponding to this area is set (FIG. 12). Step 1809).

Thereafter, it is determined whether or not there is still a process in step 1812. In step 1805, if the event is not a connection establishment request from the business processing unit 1d in FIG.
It is determined whether there is still a process in 812. As a result of the determination in step 1812 after the processing in each of steps 1805, 1808, 1809, and 1811, if there is still a processing and the result is a connection establishment request transmission (step 1814), the user name is included in the message. , Connection ID and merchant name are set (step 1815). If it is determined in step 1814 that a message other than a connection establishment request is to be transmitted, a connection ID is set in the message (step 1816).

After steps 1815 and 1816, the message is encrypted (step 1817) and transmitted (step 1818). Thereafter, the process returns to step 1812, and it is determined whether or not there is still a process. If it is determined in step 1812 that there is no next process, the state transition destination is set to the state area 1i in the state transition table of FIG.
x5 (step 1813) and step 180
The process returns to the process of waiting for the occurrence of event 2. In this way,
The encryption communication processing unit 1e of the computer 1 in FIG. 2 performs encryption and transmission of the message.

FIG. 19 is a flowchart showing an operation example of the encryption communication processing unit of the relay device in FIG. First, the process waits for the occurrence of an event (step 1902). If there is an internal event (step 1903), the event is determined (step 1904), and thereafter, it is determined whether or not there is still a process (step 1911). If an external event is determined in step 1903, the message is decrypted (step 1905), and what the event is is determined (step 1906).

If the event is a connection establishment request from the user (step 1907), the same connection ID as the connection ID in the message is stored in the user side connection ID area 7ix1 shown in FIG. 16 of the connection management table 7i in FIG. It is determined whether or not there is (Step 1908). If not, a merchant-side connection ID is newly generated, and the relay information area 7 shown in FIG.
ix is newly generated, and a corresponding value is set (step 1909). Thereafter, it is determined whether or not there is any processing (step 1911).

In step 1908, if the same connection ID as the connection ID in the message exists in the user-side connection ID area 1601, FIG.
Is used (step 1910). Thereafter, it is determined whether or not there is still a process in step 1911. If it is determined in step 1907 that the event is not a connection establishment request from the user, the process immediately proceeds to the process in step 1911 to determine whether there is still a process.

Each step 1904, 1907, 190
As a result of the determination in step 1911 after the processes in steps 9 and 1910, if there is still a process, it is determined whether or not the process is a connection establishment request transmission (step 191).
3). If it is a connection establishment request transmission, the merchant-side connection ID and the merchant name are set in the message (step 1914), the message is encrypted (step 1916), and transmitted (step 191).
7). Thereafter, the process returns to the determination as to whether or not there is still processing (step 1911).

If the result of determination in step 1913 is that the transmission is other than a connection establishment request, the merchant-side connection ID is set in the message (step 1915), and the message is encrypted (step 1).
916) and transmit (step 1917). As a result of the determination in step 1911, if there is no more processing, the state transition destination is set to the state area 7ix of the state transition table shown in FIG.
7 (step 1912) and step 1902
It returns to the process of waiting for the occurrence of an event in. In this manner, the encryption communication processing unit 1e of the relay device 7 in FIG. 2 performs encryption and transmission of the message.

FIG. 20 is a flowchart showing an operation example of the encryption communication processing unit of the receiving computer in FIG. First, wait for an event to occur (step 200).
2). If the event is an internal event (step 20
03), an event is determined (step 2004), and it is determined whether or not there is still a process (step 2013). If it is determined in step 2003 that the event is an external event, the message is decrypted (step 200).
5), determine what the event is (step 200)
6).

If the event is a connection establishment request from the relay device 7 in FIG. 2 (step 200)
7), merchant connection ID in the message
It is determined whether the same connection ID is in the merchant-side connection ID area 4ix1 shown in FIG. 14 (step 2008). If so, it is determined whether or not the merchant is logged in (step 2009). If so, the existing connection management table 4i in FIG. 2 is used (step 2011) and it is determined whether or not there is still a process (step 2013). ). Step 2
In 009, if the user has not logged in, the connection establishment request is discarded (step 2010), and the process returns to step 2002 to wait for an event to occur.

In step 2008, if there is no connection ID identical to the merchant-side connection ID in the message, a new merchant-side connection information area 4ix shown in FIG. 14 is generated in the connection management table 4i of FIG. Is set (step 2012). Thereafter, it is determined whether or not there is still a process (step 2013). Step 2
In 007, if the event is not a connection establishment request, it is immediately determined whether or not there is any processing yet (step 2013).

Each step 2004, 2007, 201
As a result of the determination in step 2013 after the processing in step 1, 2012, if there is still processing, the merchant-side connection ID is set in the message (step 201).
5) The message is encrypted (step 2016) and transmitted (step 2017). Then, step 201
Returning to step 3, it is determined whether there is still a process. Step 2
As a result of the determination at 013, if there is no more processing, the state transition destination is set in the state area 4ix4 of the state transition table shown in FIG. Thus, the encryption communication processing unit 4e of the computer 4 of FIG.
It performs message encryption and transmission.

Next, a configuration example and a processing operation example of the cryptographic communication system according to the present invention when a plurality of relay devices are provided will be described with reference to FIG. FIG. 21 is a block diagram showing a configuration example of the cryptographic communication system of the present invention provided with a plurality of relay devices. In this example, the two relay devices 7A and 7B
Is provided, and each of the relay devices 7A and 7B is operated by one service provider. Each of the relay devices 7A and 7B is connected to a shared memory 9, and a common key of all users and merchants is set in the shared memory 9 and used by each of the relay devices 7A and 7B. Thus, any of the relay devices 7A and 7B can relay the encrypted communication between the computers 1 to 6.

In this embodiment, a connection management device 10 is provided for managing the connection between each of the relay devices 7A and 7B with the receiving computers 4 to 6. The connection management device 10 switches the connection combinations based on the traffic of the relay devices 7A and 7B with the computers 4 to 6 so that the traffic of each of the relay devices 7A and 7B is equalized. For example, in this example, the relay device 7A and the computers 4 and 5
B and the computer 6 are connected, and each of the relay devices 7A and 7B
If the computer 4 has 1000 bps, the computer 5 has 200 bps, and the computer 6 has 500 bps, the line of the computer 5 having the least communication amount is connected to the relay device 7B. As described above, when the connection of the line is switched, the processing load required for the switching can be reduced by preferentially selecting the line with the small traffic. At this time, the computers 1 to 3 that communicate with the computer 5 are connected to the relay device 7B.

The connection management device 10 is connected to the relay device 7
Since the connection status between A and 7B and the computers 4 to 6 is managed, the relay devices 7A and 7A to which the reception side computers 4 to 6 to which the transmission side computers 1 to 3 want to connect are connected based on the connection status. Computers 1 to 3 can be correctly connected to 7B. The computer 1 on the transmitting side has a card reader 12 for reading the IC card 11, and the user of the computer 1 inserts a common key into the IC card 11. Then, the common key is read from the IC card 11 by the card reader 12 and input to the computer 1. As a result, key management on the user side can be further facilitated.

As described above with reference to FIGS. 1 to 21, in the cryptographic communication system according to the present embodiment, the cryptographic communication relay device that relays the communication between the computers 1 and 4 that perform the cryptographic communication with each other. , The relay device 7 holds the common key, decrypts the encrypted message from the transmitting computer 1, encrypts the encrypted message with the common key with the receiving computer 4, and sends it to the receiving computer 4. Send. As a result, each of the computers 1 and 4 (the user and the merchant)
It is only necessary to have a common key with the relay device 7, and the handling of the key by the user becomes easy and quick. Also, the memory capacity for key storage is reduced. Furthermore, when communication is required, the time until the completion of encrypted communication can be shortened as compared with the technique of obtaining an encryption key.

The present invention is not limited to the embodiment described with reference to FIGS. 1 to 21 and can be variously modified without departing from the gist thereof. For example, FIG.
In the configuration of No. 1, all the key information is centrally managed in the shared memory. However, by having each computer hold the same encryption key, the encryption communication between the computers can be performed by an arbitrary relay device. You can also relay.

[0056]

According to the present invention, it is not necessary to use a complicated key in a transmitting-side computer which performs high-speed encryption communication, and it is possible to avoid consumption of memory capacity for storing a key. It is possible to efficiently manage the keys required for the cryptographic communication in the system, and to improve the total performance including the convenience of the cryptographic communication system.

[Brief description of the drawings]

FIG. 1 is a block diagram showing an embodiment of a configuration according to the present invention of a cryptographic communication system and a cryptographic communication relay device of the present invention.

FIG. 2 is a block diagram showing an example of an internal configuration of each of a computer, a relay device, and a third party in FIG. 1;

FIG. 3 is an explanatory diagram showing a detailed configuration example of a key management table of an originating computer in FIG. 2;

FIG. 4 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary user in the key management table of FIG. 3;

FIG. 5 is an explanatory diagram illustrating a detailed configuration example of a key management table of the relay device in FIG. 2;

FIG. 6 is an explanatory diagram showing a detailed configuration example of a key information area of the relay device in the key management table of FIG. 5;

FIG. 7 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary user in the key management table of FIG. 5;

8 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary merchant in the key management table of FIG. 5;

9 is an explanatory diagram showing a detailed configuration example of a key management table of the receiving computer in FIG. 2;

FIG. 10 is an explanatory diagram showing a detailed configuration example of a key information area of an arbitrary merchant in the key management table of FIG. 9;

FIG. 11 is an explanatory diagram showing a detailed configuration example of a connection management table of the transmission-side computer in FIG. 2;

12 is an explanatory diagram showing a detailed configuration example of an information area of an arbitrary user-side connection in the connection management table of FIG. 11;

FIG. 13 is an explanatory diagram showing a detailed configuration example of a connection management table of the receiving computer in FIG. 2;

14 is an explanatory diagram showing a detailed configuration example of an information area of an arbitrary merchant-side connection in the connection management table of FIG. 13;

FIG. 15 is an explanatory diagram showing a detailed configuration example of a connection management table of the relay device in FIG. 2;

FIG. 16 is an explanatory diagram showing a detailed configuration example of an arbitrary information area in the connection management table of FIG. 15;

17 is an explanatory diagram illustrating a detailed configuration example of a user name / merchant name conversion table of the relay device in FIG. 2;

FIG. 18 is a flowchart illustrating an operation example of the encryption communication processing unit of the transmission-side computer in FIG. 2;

FIG. 19 is a flowchart illustrating an operation example of an encryption communication processing unit of the relay device in FIG. 2;

FIG. 20 is a flowchart showing an operation example of the encryption communication processing unit of the receiving computer in FIG. 2;

FIG. 21 is a block diagram showing a configuration example of a cryptographic communication system of the present invention provided with a plurality of relay devices.

[Explanation of symbols]

1 to 6: computer, 1a, 2a to 6a, 7a: display device,
1b, 2b to 6b, 7b: input device, 1c: mail processing unit, 1d: business processing unit, 1e: encrypted communication processing unit, 1f:
Encryption unit, 1g: decryption unit, 1h: key management table, 1
i: connection management table, 1j: OS, 4c: mail processing unit, 4d: business processing unit, 4e: encryption communication processing unit, 4f: decryption unit, 4g: decryption unit, 4h: key management table, 4i: connection Management table, 4j: O
S, 4k: merchant name conversion table, 7, 7A, 7
B: relay device, 7c: mail processing unit, 7e: encrypted communication processing unit, 7f: encryption unit, 7g: decryption unit, 7h: key management table, 7i: connection management table, 7j: O
S, 7k: user name / merchant name conversion table,
8: Third party organization, 8a: Key management table, 8b: Certificate creation unit, 8c: Mail processing unit, 9: Shared memory, 10:
Connection management device, 11: IC card, 12: card reader, 1h1 to 1hn, 1hx: key information area, 1hx1
To 1hx3: item fields, 1i1 to 1ij, 1ix: information area, 1ix1 to 1ix5: item fields, 4h1 to 4hm,
4hx: key information area, 4hx1 to 4hx3: item column,
4i1 to 4ij, 4ix: information area, 4ix1 to 4i
x4: item column, 7i1 to 7ij, 7ix: information area,
7ix1 to 7ix7: Item column, 7k1a to 7k1m, 7
k2a to 7k2n: information area, 8a1, 8a2a to 8
a2n, 8a3a to 8a3m, 8a2x, 8a3x: key information area, 8a1a, 8a1b, 8a2x1, 8a2
x2, 8a3x1, 8a3x2: Item column.

Claims (12)

[Claims] In an encryption communication system for encrypting a message and performing communication between computers, an encryption message from a transmission side computer is received and decrypted, and the decrypted message is encrypted by a reception side computer. An encryption communication system comprising a relay device for transmitting. 2. The cryptographic communication system according to claim 1, wherein the relay device holds a common key between the transmitting computer and the receiving computer, and transmits the encrypted message received from the transmitting computer. An encryption communication system, wherein the encrypted message is decrypted with a common key with the transmitting computer, and the decrypted message is encrypted with the common key with the receiving computer and transmitted to the receiving computer. 3. The cryptographic communication system according to claim 2, wherein each time a computer for performing cryptographic communication is added, the shared key used by the added computer and the relay device is added to the added computer and the relay device. 3. A cryptographic communication system, comprising: a third party for notifying the third party. 4. The cryptographic communication system according to claim 2, further comprising a third party that notifies the common key to the requesting computer and the relay device based on a request from the computer and the relay device. An encryption communication system, comprising: 5. The cryptographic communication system according to claim 1, wherein the relay device holds a pair of a public key and a secret key, and a public key of the receiving computer, and transmits the one key to the transmitting computer. Receiving the message encrypted with the pair of public keys and decrypting the message using the pair of secret keys; encrypting the decrypted message using the public key of the receiving computer; A cryptographic communication system for transmitting to a user. 6. The cryptographic communication system according to claim 5, further comprising a third party for notifying said pair of public keys to said transmitting computer based on a request from said transmitting computer. A cryptographic communication system, wherein the computer encrypts the message using the pair of public keys notified from the third party and sends the message to the relay device. 7. The cryptographic communication system according to claim 1, wherein the plurality of relay devices are configured to equalize a communication amount of each of the plurality of relay devices with each of the receiving computers. A connection management means for controlling a connection combination with the receiving computer. 8. The cryptographic communication system according to claim 1, wherein a connection having a small communication volume with each of said plurality of relay devices and said receiving computer is preferentially selected. A cryptographic communication system, comprising: connection switching means for switching the selected receiving destination computer to a connection with another relay device. 9. The cryptographic communication system according to claim 1, wherein the plurality of relay devices are connected to the transmitting computer based on a connection status of each of the plurality of relay devices to the receiving computer. An encryption communication system, comprising: connection control means for determining a relay device. 10. The encryption communication system according to claim 1, wherein the same encryption key used for encryption communication between the transmitting computer and the receiving computer is transmitted to each of the plurality of relay devices. And an arbitrary relay device for relaying encrypted communication between the transmitting computer and the receiving computer. 11. The cryptographic communication system according to claim 1, wherein a memory shared by the plurality of relay devices stores all of the information used for the cryptographic communication between the transmitting computer and the receiving computer. And a relay device for relaying encrypted communication between the transmission-side computer and the reception-side computer at an arbitrary relay device. 12. An encryption communication relay device for encrypting a message and relaying communication between computers, comprising: means for receiving and decrypting an encrypted message from a transmitting computer; Means for encrypting and transmitting to the receiving computer.