JPH11239127A - Group cryptocommunication equipment - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enable group cryptocommunication equipment which make simultaneously communication to many mobile terminal equipment to update the cryptographic key of terminal equipment in a short time when the equipment is lost. SOLUTION: A communications group for managing cipher is divided into (n) subgroups. Each terminal equipment is made to have a first cryptographic key K(i1 )-K(i4 ) which is changed for each terminal equipment, a second cryptographic key K for transmitting application information which are the same for all terminal equipment in a communications group, and (n) places of third cryptographic keys K1 -Kn used for updating the cryptographic keys at every management subgroup. However, for the j-th (j=i-n) management subgroup, an invalid cryptographic key Kz is stored instead of the key Kj only among the third cryptographic keys k1 -Kn . When, for example, one of terminal equipment in the second management subgroup is lost, the allotment to the lost terminal equipment is made by enciphering the second cryptographic key K with the third cryptographic key K2 and the allotment to the remaining terminal equipment in the subgroup is individually made by enciphering the second cryptographic keys K with the first cryptographic key K(i2 ). For the other management subgroups not containing the lost terminal equipment, the cryptographic keys can be updated in a short time and the security of the keys can be secured, because the keys are simultaneously updated one subgroup by one subgroup unit.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a group cryptographic communication apparatus, and more particularly to a group cryptographic communication apparatus that updates a cryptographic key at high speed while excluding only a specific terminal.

[0002]

2. Description of the Related Art In wireless communication, especially in mobile wireless communication, communication from a base station can be received by all terminals in the communication zone. Therefore, simultaneous notification and simultaneous command can be easily performed. In addition, terminals can be divided into communication groups, and simultaneous notification and simultaneous instruction can be performed for each communication group.

In recent years, communication has been digitized, and all application information such as character information, voice, images, and moving images (hereinafter, such application information is referred to as application information) can be digitized and communicated. for that reason,
Communication is encrypted over a wide area, and confidentiality can be maintained.

FIG. 14 is a diagram showing a configuration of a communication group in a conventional group communication system. Many terminals are divided into a group S or a group T, and each terminal belongs to one of the groups. The base station
For each group, information can be sent to all terminals belonging to the group at once. Each terminal belonging to the group stores an encryption key unique to the group, and only terminals in that group can decrypt cipher text, and terminals belonging to other groups use an encryption key that can be decrypted. It is assumed that the ciphertext cannot be decrypted because it is not possessed.

In such a group communication, when a terminal belonging to the group is lost or one of the terminals is stolen, all the terminals except the lost or stolen terminal are lost. The encryption key unique to the communication group will be changed. Each terminal is individually encrypted from the base station with the encryption key unique to the terminal, the encryption key is transmitted (the encryption key is distributed), and the encryption key stored in the terminal is sequentially changed. This is the simplest method.

[0006]

However, this method has a disadvantage that the time for changing the encryption key is long. Normally, since a wireless line has only one channel, an encryption key change command is sent to each terminal in a time-division manner using one channel.

[0007] In group communication using encryption, when a small portion of terminals belonging to a group are lost or stolen, it is necessary to change the encryption of group communication. In modern cryptography, it is common to change the encryption key when changing the encryption. Also, when a new terminal joins the group, it is necessary to give the information related to encryption (usually an encryption key) to the terminal.

According to the present invention, in a cryptographic communication apparatus which constitutes a communication group in a field adopting such a communication mode such as a broadcast message and a broadcast command, a change of a cryptographic key is speeded up in order to keep a secret of group communication. (Change time is shortened).

The present invention is not an invention of a cryptographic algorithm itself, nor does it presuppose a specific cipher. The encryption used in the present invention may be a secret key encryption (common key encryption) such as DES or a public key encryption such as RSA. However, the use of the secret key cryptosystem in which the bit length of the cryptographic key is short has a more effective effect of reducing the cryptographic key change time.

[0010]

According to the present invention, in order to solve the above-mentioned problems, a plurality of management subgroups are provided in a communication group, and a base station is deleted by a third encryption key different for each management subgroup. Means for simultaneously encrypting and transmitting the second encryption key to terminals in a management subgroup different from the target terminal, and individually transmitting the first encryption key to terminals in the same management subgroup as the terminal to be deleted; Means for encrypting and transmitting the second encryption key by means of the third terminal, wherein the terminal stores all the third encryption keys corresponding to the other management subgroups and an invalid encryption key in place of its own third encryption key. A storage means is provided so that the individual change of the encryption key for each terminal and the simultaneous change of the encryption key for each management subgroup are simultaneously used.

[0011] With this configuration, it is possible to perform simultaneous change for each management subgroup while minimizing the change of individual encryption keys for each terminal, and to shorten the time for changing encryption keys.

[0012]

BEST MODE FOR CARRYING OUT THE INVENTION
In a group cryptographic communication apparatus comprising a base station and terminals divided into a plurality of communication groups, and capable of broadcasting from the base station to terminals in the communication group, n (n is 2) in the communication group Means for performing encrypted transmission of arbitrary information individually for each of the terminals using a first encryption key that is different for each of the terminals in the base station, and different for each of the communication groups. Means for encrypting and transmitting application information using a common second encryption key in the communication group, and a third encryption key (n-1 keys that are different for each management subgroup and are common in the management subgroup) And all of them are common to all the terminals except for the terminals belonging to the management subgroup to which the terminal to be deleted belongs. Means for updating the second encryption key by transmitting the second encryption key to the terminal belonging to the management subgroup to which the terminal to be deleted belongs, by encrypting and transmitting the second encryption key using the first encryption key individually for each terminal. Means for updating the second encryption key by means of a first storage means for storing the first encryption key; a second storage means for storing the second encryption key; (N
-1) a group encryption communication device including three third encryption keys and a third storage unit for storing an invalid encryption key in place of the third encryption key corresponding to the management subgroup to which the third encryption key belongs; The second cryptographic key is simultaneously updated for terminals belonging to a different management subgroup.

[0013] The second aspect of the present invention is the first aspect.
In the group cryptographic communication device described above, a plurality of different second encryption keys are stored in the second storage means, and a plurality of sets of different third encryption keys are stored in the third storage means. The terminal has a function of belonging to a plurality of communication groups and performing encryption key management in the plurality of communication groups.

According to a third aspect of the present invention, in the group cryptographic communication apparatus according to the first or second aspect, means for storing, in the base station, first encryption keys equal to or more than the number of the terminals, A means for storing a second encryption key equal to or more than the number of communication groups; a means for storing n or more third encryption keys; and a means for storing one or more invalid encryption keys. This has the effect of preparing a spare encryption key at the station and quickly updating the encryption key.

According to a fourth aspect of the present invention, in the group encryption communication apparatus of the first and second aspects, the base station encrypts each new third encryption key with a corresponding previous third encryption key. Further, means for distributing the data after being double-encrypted with the third encryption key corresponding to the management subgroup of the terminal to be deleted is provided, and the third encryption key is updated. This has the effect of simultaneously updating the encryption key only for the terminals of the group.

According to a fifth aspect of the present invention, in the group cryptographic communication apparatus according to the first or second aspect, means for encrypting the temporary encryption key with the first encryption key and distributing the encrypted temporary encryption key to the base station, Third with the new provisional encryption key delivered
Means for simultaneously distributing the encryption keys (plurality), and has the effect of efficiently updating the simultaneous encryption key using the provisional encryption key.

The invention according to claim 6 of the present invention is the invention according to claim 1.
In the group encrypted communication device according to the above,
means for storing n (n-1) / 2 third encryption keys is provided;
By changing the combination of management subgroups for distributing the invalid encryption key for each of the third encryption keys to the base station, (n-
2) means for distributing a valid third encryption key to terminals belonging to the two management subgroups and distributing an invalid encryption key to terminals belonging to the remaining two management subgroups; This has the effect of performing a simultaneous second encryption key update that excludes two terminals at the same time.

According to a seventh aspect of the present invention, there is provided a group communication apparatus comprising a base station and a plurality of terminals divided into one or a plurality of communication groups, wherein n (n) Is a large management subgroup of 2 or more), and m (m is an integer of 2 or more) small management subgroups are provided in the large management subgroup, and the base station is different for each terminal. Means for encrypting and transmitting arbitrary information individually to the terminals using a first encryption key;
Means for performing encrypted transmission of application information using a second encryption key that is different for each communication group and common to the communication group, and a third encryption key that is different for each large management subgroup and common to the large management subgroup Of 1
Means for simultaneously encrypting and transmitting the second encryption key to terminals other than terminals belonging to the large management subgroup to which the terminal to be deleted belongs, and updating the second encryption key; Means for encrypting and transmitting the second encryption key with the first encryption key individually to the terminals belonging to the small management subgroup to which the terminal belongs, and updating the second encryption key; For each terminal except for the terminals belonging to the small management subgroup to which the terminal to be deleted belongs, the second encryption key is encrypted by one of the fourth encryption keys common to the large management subgroup and different for each group. Means for simultaneously performing encrypted transmission of the second encryption key and updating the second encryption key, wherein the terminal has a first storage means for storing the first encryption key, and a second encryption key. Second note to memorize the key Means for storing (n-1) third encryption keys corresponding to the other large management subgroups and an invalid encryption key that replaces the third encryption key corresponding to the large management subgroup to which the self belongs. And fourth storage means for storing (m-1) fourth encryption keys corresponding to the other small management subgroups and an invalid encryption key in place of the fourth encryption key corresponding to the small management subgroup to which the subgroup belongs. Is a group encryption communication device having the function of efficiently updating encryption keys by combining three update methods.

The invention according to claim 8 of the present invention is the invention according to claim 2.
In the group cryptographic communication device according to the above, the base station,
When updating the second encryption key and the third encryption key stored in the deletion target terminal, the new second encryption key is encrypted with the second encryption key not stored in the deletion target terminal, and the second encryption key is updated. 2
Means for delivering to a terminal having an encryption key, means for encrypting a new third encryption key with a second encryption key not stored in the terminal to be deleted and delivering to a terminal having the second encryption key And has an effect of updating the encryption key using an encryption key of a communication group different from that of the exclusion target terminal.

FIG. 1 shows an embodiment of the present invention.
This will be described in detail with reference to FIG.

(First Embodiment) In a first embodiment of the present invention, a subgroup for encryption management is provided in a communication group, and individual encryption key change for each terminal and encryption for each management subgroup are performed. This is a group encryption communication device that shortens the encryption key change time by using simultaneous change of keys.

FIG. 1 shows a model of a communication group in group communication to which the group encryption communication device according to the first embodiment of the present invention is applied. In FIG. 1, a base station 1
Encrypts and transmits application information for each communication group to terminals in the communication zone, and manages and distributes encryption keys. The terminal 2 performs encrypted communication with the base station 1. In the model shown in FIG.
Many terminals are divided into a group S and a group T and belong to one of them. Each terminal belonging to the group stores an encryption key unique to the group, and only terminals in that group can decrypt cipher text, and terminals belonging to other groups use an encryption key that can be decrypted. The ciphertext cannot be decrypted because it is not possessed.

FIG. 2 is a diagram showing a configuration of a subgroup for encryption management (hereinafter, referred to as "management subgroup") according to the first embodiment of the present invention. Each terminal belonging to the communication group S belongs to any of the management subgroups A, B, C, and D. That is, each terminal is made to belong to a special management subgroup provided for distributing the encryption key.

In such group communication, when a terminal belonging to the group is lost or stolen,
The encryption key unique to the communication group of all terminals except for the lost / stolen terminal will be changed. First
In the embodiment, a subgroup for encryption management is provided,
The change time of the encryption key is shortened by using both the change of the encryption key of the terminal alone and the simultaneous change of the encryption key to the terminals excluding the terminals belonging to the specific subgroup.

FIG. 2 shows the configuration of a subgroup for encryption management (hereinafter referred to as "management subgroup") according to the first embodiment of the present invention. The terminals belonging to the communication group S are respectively managed subgroups A, B, C, and D.
Belong to any of That is, each terminal is made to belong to a special management subgroup provided for distribution of the encryption key by the base station 1.

FIG. 3 is a diagram showing the contents stored in the memory of each terminal according to the first embodiment. Each terminal stores three types of encryption keys in its memory. The first encryption key K (i
₁ ), K (i ₂ ), K (i ₃ ), K (i ₄ ) (where i ₁ , i ₂ , i ₃ , i ₄ are terminal numbers of the management subgroups A, B, C, D, respectively) Generally, the first encryption key of the i-th terminal is expressed as K (i).) Is a different encryption key for each terminal. Each management subgroup has multiple terminals, but for simplicity, FIG.
Are shown only one at a time. Even when terminals belonging to different communication groups do not use two identical first encryption keys. Usually, this encryption key should be stored as a device-specific encryption key before the terminal is shipped. If the encryption key is strong in tamper resistance (it is difficult to open the device / part and decrypt the code from the internal structure), security can be improved.

The second encryption key K is the same encryption key (the same encryption key) for terminals belonging to the same communication group (terminals belonging to group S in the first embodiment). This is used for transmission. Character information,
All application information of voice, image, and moving image is encrypted with the second encryption key K and transmitted. Since the second encryption key is changed after shipment, it is stored in a rewritable memory. Second
When the encryption key is changed, the new encryption key is usually replaced with the third encryption key K1, K2, K3, K4 or the first encryption key K.
(i) (i is the terminal number), which is encrypted and sent from the base station and updated.

Each terminal has the same number of third encryption keys as the number of management subgroups. In the first embodiment, each terminal has a memory for storing the third encryption keys K1, K2, K3, and K4, but lacks one of the third encryption keys K1, K2, K3, and K4. Instead, the missing memory stores the invalid encryption key Kz. Third encryption keys K1, K2, K3, K4
The cryptographic keys stored in the sub-groups differ between the management sub-groups A, B, C, and D to which the terminal belongs, and lack the third crypto-key specific to the management sub-group to which the terminal belongs. I have.

For example, a terminal belonging to the management subgroup A lacks the encryption key K1 and stores an invalid encryption key Kz instead. The terminal belonging to the management subgroup B lacks the encryption key K2 and stores an invalid encryption key Kz instead.
In the following, each terminal stores an encryption key unique to the management subgroup based on this concept. As a result of this storage method, 1
Except for terminals belonging to one management subgroup, all terminals belonging to other management subgroups have the same encryption key. For example, all the terminals belonging to all the management subgroups B, C, and D except the management subgroup A have the third encryption key K1. All terminals belonging to all management subgroups A, C, and D except management subgroup B
It has a third encryption key K2. Similarly, except for the terminals belonging to one management sub-group, all terminals belonging to other management sub-groups have the same third encryption key.

As a general theory, it is assumed that n management subgroups are provided, and numbers 1 to n are assigned to the respective management subgroups as management subgroup numbers. In such a case, it is assumed that n encryption keys are required as the third encryption key, and the n encryption keys are referred to as K1 to Kn. Taking the j-th key Kj as an example, in the terminal belonging to the j-th management sub-group, the base station stores the invalid encryption key Kz, and the terminal belonging to the management sub-group other than the j-th management sub-group. On the machine,
The base station stores one Kj of the third encryption key. Since the third encryption key is changed after shipment, it is stored in a rewritable memory. The third encryption keys K1 to K4 are
Normally, the data is encrypted with the first encryption key K (i), sent from the base station, and updated. The invalid encryption key Kz does not hinder any data. Normally, encryption keys are generated by random numbers,
An invalid encryption key Kz is also generated by a random number, and the third encryption key K1
If the delivery is made from the base station in the same manner as the delivery of ~ K4, the terminal cannot easily determine which is the invalid encryption key Kz.

FIG. 4 shows a main part of the device of the base station 1 according to the first embodiment. Both are realized by electronic circuits. The application information (before encryption) such as character information, voice, image, and moving image is input to the “information input” as a digital signal. The encrypted character information, application information such as voice, image, and moving image and the encrypted encryption key are output as digital signals from the “transmission output”. This signal is usually converted into a high-frequency analog signal by a modulator, amplified, sent to an antenna, and transmitted as a radio wave to space.

The transmission selection section 4 is a section for selecting information to be transmitted. The information to be transmitted includes application information such as character information, voice, image, and moving image and an encryption key to be delivered to the terminal device 2. One of them is selected and passed to the encryption unit 5 described later. What to select is specified by the key distribution control unit 6 described later.

The encryption section 5 is a section for converting plaintext into ciphertext. The encryption unit 5 encrypts the input plaintext digital signal with the encryption key selected and supplied by the key selection unit 7 and outputs the digital signal to the “transmission output”. The encryption unit 5 is a calculation processing device for a secret key encryption such as DES or a cryptographic algorithm of a public key such as RSA, and is generally realized by hardware and software of a microcomputer.

The key temporary memory 13 temporarily stores the data encrypted with the first encryption key when the data encrypted with the first encryption key is further double-encrypted with another encryption key. This can be stored using a memory unit 8 described below.

The memory section 8 is composed of a semiconductor memory or the like.
The first encryption key, the second encryption key, the plurality of third encryption keys, the invalid encryption key, and other information described above are stored. It also stores unused encryption keys (plural) generated and stored by devices other than this device.

The "group control input" is an input for instructing the configuration of a communication group, and inputs information relating to the configuration of terminals forming the communication group and the increase / decrease thereof.

The key distribution control section 6 controls each section of the apparatus, and operates according to input information of "group control input". The main functions are as follows.

(1) When transmitting application information, the transmission selection unit 4 is instructed to select information input as an input, and the encryption unit 5 transmits an application information transmission encryption key (the above-described second encryption key). )give.

(2) When adding / deleting a terminal to / from a communication group in response to an input signal from the “group control input”, an encryption key (in this case, the second An encryption key or a third encryption key is selected, and an encryption key (third encryption key or first encryption key) to be used for transmission of the encryption key is selected by the key selection unit 7.

(3) When deleting a terminal, (2)
At the same time, select a new encryption key from unused encryption keys,
An encryption key for transmitting new application information.

The key selection unit 7 selects an encryption key for transmission (two types of transmission of application information and an encryption key) and an encryption key to be sent to the terminal for updating.

FIG. 5 shows a main part of the device of the terminal 2 according to the first embodiment. Both are realized by electronic circuits. A signal that has propagated in space as a radio wave is received by an antenna, amplified as an analog signal, demodulated by a demodulator, and input as a digital signal from a “receive input”. The digital signal of the reception input includes application information such as character information, voice, image, and moving image and an encryption key, and these digital signals are usually encrypted.

The encryption / decryption unit 9 is for decrypting the digital signal of “reception input” from ciphertext to plaintext, and an encryption key used for decryption is given by the key selection unit 12. The encryption / decryption unit 9
This is a calculation processing device for an encryption / decryption algorithm corresponding to the encryption method of the base station 1, and is usually realized by hardware and software of a microcomputer.

The key temporary memory 14 is a memory for temporarily storing, when decrypting a double-encrypted one, decryption with the first encryption key until decryption with another encryption key. It can also be stored using the memory unit 3 described below.

The data selecting section 10 is a section for selecting an output destination of the received data. If the received data is application information such as character information, voice, image, or moving image, the data is output from the "information output" as a digital signal, and the received data is an encryption key delivered to the terminal 2. In this case, the encryption key is sent to the memory 3 for storing the encryption key. Which one to select is specified by the key reception control unit 11 described later.

The memory unit 3 is composed of a semiconductor memory or the like.
An encryption key and other information described later are stored. As described above, the third encryption key K1, stored in the memory unit 3,
One of K2, K3, and K4 has been replaced with an invalid encryption key Kz, but the terminal 2 cannot identify it.

The key selection unit 12 selects an encryption key to be used when the encryption / decryption unit 9 decrypts an encrypted text into a plain text, takes out the encryption key from the memory 3, and gives it to the encryption / decryption unit 9.

The key reception control section 11 controls each section of the apparatus, knows the type of the received data from the input data of "reception input", and operates according to the type. The main functions are as follows.

(1) When the application information is received, the key selection unit 12 selects an encryption key for transmitting the application information (a second encryption key described later), and the data selection unit 10 outputs “information Specify to select "Output".

(2) When the distribution of the encryption key is received, the key selection unit 12 selects the encryption key for receiving the key (the third encryption key or the first encryption key described above), and the data selection unit Ten
Specifies that the memory unit 3 is selected as the output destination.

Hereinafter, the operation of the group cryptographic communication apparatus according to the first embodiment of the present invention will be described. First, a normal operation of transmitting application information will be described. Text information, audio, images,
All the application information of the moving image is transmitted after being encrypted with the second encryption key K. A terminal that stores the encryption key K (a terminal that belongs to the communication group) can decrypt the encrypted application information, but a terminal that does not store the encryption key K (a terminal that does not belong to the communication group). ) Cannot decrypt the encrypted application information.

Next, the operation of adding a terminal to a communication group will be described. When newly adding a terminal to the communication group, the first encryption key K unique to the terminal is used.
According to (i), the second encryption key K is encrypted, and the second encryption key K is transmitted from the base station 1 to the terminal 2. The terminal 2 decrypts the received second encryption key K using the first encryption key K (i) stored in the memory 3 and stores it in the memory 3. The information of this process cannot be decrypted (decrypted) by another terminal that does not have the first encryption key K (i). In this way, the terminal receiving the second encryption key K can thereafter decrypt the encrypted application information for the communication group. Further, the base station apparatus determines a management subgroup to which the terminal belongs, and the third base station corresponding to the terminal from the base station.
The encryption keys K1, K2, K3, and K4 are encrypted with the first encryption key K (i) unique to the terminal and transmitted. One of the third encryption keys K1, K2, K3, K4 to be transmitted (third encryption key corresponding to the management subgroup to which the terminal belongs)
Is transmitted by the base station device after changing to an invalid encryption key. By updating the third encryption key, it becomes possible to change the second encryption key K of this terminal in group units at the time of the next encryption key change. When there are two or more terminals to be newly added, any number of terminals can be added by repeating the same operation described above for each terminal.

Next, the operation of deleting a terminal from a communication group will be described. When a terminal is lost, it is necessary to delete the lost terminal from the communication group.
At this time, the encryption keys K of all the terminals belonging to the communication group except for the lost terminal are changed to new encryption keys. The terminal to be deleted is specified from a device other than this device.

An example of the operation of changing the encryption key when one terminal is lost will be described using the encryption key storage of FIG. 3 as an example. For the sake of concreteness, it is assumed that one terminal has been lost and that the terminal belongs to the management subgroup B. First, the base station 1 transmits a new second encryption key K encrypted with one of the third encryption keys K2. Subsequently, the first encryption key K (i) is transmitted to the terminals belonging to the management subgroup B excluding the lost terminal.
And transmits a new second encryption key K. In this way, the second terminal of all terminals except the lost terminal
Can be updated, and a new communication group excluding the lost terminal can be reconfigured.

Next, the operation of updating the third encryption key will be described. Since the third encryption key that can change the second encryption key K for the deleted terminal at the same time cannot be used after the terminal is deleted, in order to maintain the function / performance of the system, It is necessary to update the third encryption key with a new encryption key. For example, the deleted terminal is in the management subgroup B
, The third encryption keys K1, K3, and K4 held by the deleted terminal are all updated. One of the third encryption keys K2 does not need to be changed because the deleted terminal did not have it.

It is possible to encrypt all the terminals except the deleted terminal with the first encryption key K (i) and update the terminals one by one in order. Has the disadvantage of being longer. Therefore, the base station 1 sends a new third encryption key to the terminals of the management subgroup (A, C, D in this example) excluding the management subgroup (B in this example) to which the deleted terminal belongs. K1, K3, K4 are replaced with the previous third
The encryption key K1, K3, and K4 are used, and the encryption key is double-encrypted with K2 in the third encryption key and sent all at once to update the third encryption key. Specifically, the new K1 is encrypted with the old K1, the new K3 is encrypted with the old K3, and the new K4 is converted into the old K4.
, And the three encrypted ones are double-encrypted with one K2 in the third encryption key.
All terminals can receive radio waves, but can decrypt ciphertexts because of the management subgroups A, C,
D terminal only.

The terminal 2 first decrypts the received data for updating the encryption key with K2 in the third encryption key.
The data is decrypted with the third encryption keys K1, K3, and K4 to obtain new third encryption keys K1, K3, and K4. The deleted terminal and the terminal belonging to the management subgroup B cannot be decrypted with one K2 of the third encryption key, and therefore cannot update the encryption key to a new one. In a terminal that does not know which of the invalid encryption keys, it is actually decrypted with the invalid encryption key Kz, so that all the third encryption keys K1, K3, and K4 become new invalid encryption keys. In addition, the terminal having the invalid encryption key Kz with respect to the previous third encryption keys K1, K3, K4, converts one of the corresponding third encryption keys K1, K3, K4 into a new encryption key. Cannot update to key. For example, in a terminal belonging to the management subgroup A, instead of K1, Kz
Therefore, if the received new K1 is decrypted with Kz, it becomes a new invalid encryption key.
The user will continue to have an invalid encryption key as the equivalent encryption key.
Similarly, for terminals belonging to the management subgroup C,
Since it has Kz instead of K3, the new K3
Is decrypted with Kz, it becomes a new invalid encryption key, and the invalid encryption key is kept as a K3 equivalent encryption key as before. Note that the third encryption keys K1, K
3, K4 may be encrypted and transmitted collectively, or may be encrypted and transmitted one by one.

Among the terminals belonging to the management subgroup (B in this example) to which the deleted terminal belongs, other terminals except for the deleted terminal are sent to the first encryption key K different from terminal to terminal. (i) Encrypted and new encryption keys K1, K3,
Send K4 to update the third encryption key.

One K2 in the third encryption key irrelevant to the deleted terminal does not need to be updated because the terminal to be deleted does not store it. After all the terminals to be updated have been updated, the new third encryption key can be used. The update of the third encryption key may be performed until the next update of the second encryption key K, and usually, there will be sufficient time.

Next, the operation of deleting two or more terminals from a communication group will be described. Simply, corresponding to the first terminal, after updating the second encryption key described in the third operation description, the third encryption key described in the fourth operation description is updated. Then, the second encryption key described in the third operation description may be updated for the second terminal. However, in this method, since the change time is long, it is conceivable to change the encryption key by the following method.

It is assumed that the terminal to be deleted belongs to the management subgroups B and C. The base station, to all terminals,
The new third encryption key K3 is encrypted with the previous third encryption key K3, further encrypted with K2 in the third encryption key, and sent all at once to update the third encryption key. The terminal transmits the received encryption key update data to K2 in the third encryption key first.
, And further decrypted with the previous third encryption key K3 to obtain a new third encryption key K3. The first terminal to be deleted and the terminals belonging to the management subgroup (management subgroup B in this example) are one K in the third encryption key.
Since 2 cannot be decrypted, the encryption key cannot be updated to a new one. Also, the second terminal to be deleted and the terminals belonging to the management subgroup (in this example, the management subgroup C) have an invalid encryption key Kz with respect to the previous third encryption key K3. , The corresponding third encryption key K3 cannot be updated to a new encryption key. As a result, only the terminals belonging to the management subgroups A and D can receive the new third encryption key correctly. With the new third encryption key K3 updated in this way, a new second encryption key K is transmitted all at once. Only the terminals belonging to the management subgroups A and D storing the valid new third encryption key K3 can receive the new second encryption key K, and can correctly decrypt the ciphertext. Then, for the terminals belonging to the management subgroups B and C to which the terminal to be deleted belongs, the first encryption key K is divided into as many times as the number of terminals.
A new second encryption key K is transmitted after being encrypted in (i). In this way, the second encryption keys K of all the terminals except for the deleted terminal can be updated in a short time. Depending on the encryption algorithm, the encryption key may not be able to be double-encrypted. In order to update the encryption key by this method using double encryption, the encryption algorithm to be used is limited.

The change time of the encryption key will be described. In the method described here, the change time of the second encryption key is
It is usually proportional to the number of encryption keys to be transmitted. Therefore, the change time is compared with the number of transmitted encryption keys.

When there are 10,000 terminals in a communication group, it is assumed that the terminals are divided into 100 management subgroups and 100 terminals belong to each management subgroup. When one terminal is lost, the terminals belonging to the 99 management subgroups except the management subgroup to which the lost terminal belonged are simultaneously and simultaneously subjected to the third encryption key by the third encryption key. The second encryption key K is updated. Therefore, the encryption key is transmitted only once. Also, for the terminals belonging to the management subgroup to which the lost terminal belongs, the first encryption key K is applied to 99 terminals excluding the lost terminal.
According to (i), a new second encryption key K is individually sent. The number of transmissions of the encryption key is 99 times. Combining the simultaneous transmission and the two encryption key transmissions for individual terminal transmission, 100
(1 + 99) encryption key transmissions are required. When a 40-bit encryption key is used, 4,000 (40 × 100) bits are passed, and when a 64-bit encryption key is used, 6,400 (64 × 100) bits of information (net information excluding accompanying information) is passed. Can be changed.

When two terminals are lost, the third encryption key is transmitted once to 98 management subgroups except for the two to which the terminal to be deleted belongs, to update the third encryption key. , Transmitted once to update the second encryption key. next,
For terminals belonging to the two management subgroups to be deleted, and for 99 terminals excluding the terminal to be deleted, the first
New encryption key K (i)
Send. The number of transmissions of the encryption key is 99 times × 2 management subgroups = 198 times. This is twice as long as deleting one terminal.

As described above, according to the first embodiment, the number of transmissions of the encryption key is significantly reduced as compared with the case where a new encryption key is individually transmitted to 10,000 terminals.

The update time of the third encryption key described in the fourth operation will be described for reference. The new third encryption key is encrypted 99 times using the old third encryption key and transmitted 99 times to be updated using the management subgroup. Updating the encryption key to another terminal in the management subgroup to which the deleted terminal belonged, the new third encryption key was 99,
Since there are 99 terminals, 99 × 99 = 9,801. Combined, 99 + 9,801 = 9,900.

As described above, in the first embodiment of the present invention, a subgroup for encryption management is provided in the communication group of the group encryption communication device, and individual changes of the encryption key for each terminal and for each management subgroup are performed. And the simultaneous change of the encryption key, it is possible to shorten the time for changing the encryption key.

(Second Embodiment) In a second embodiment of the present invention, any two sets of management subgroups have two invalid encryption keys corresponding to different third encryption keys. Thus, the present invention is a group encryption communication device that can simultaneously update an encryption key when two terminals having different management subgroups are lost. The difference of the second embodiment from the first embodiment is that terminals of two management subgroups have invalid encryption keys corresponding to the third encryption key.

FIG. 6 is a diagram showing the contents of the memory of the terminal of the group cryptographic communication apparatus according to the second embodiment of the present invention. The first encryption key K (i ₁ ) to K (i ₄ ) and the second encryption key K are
This is the same as that described in the description of FIG. 3 of the first embodiment.

The number of third encryption keys is n × (n−1) / 2, where n is the number of management subgroups. This number is the number _n C ₂ = n of combinations taken out of n.
× (n-1) / 2. In the second embodiment, since the number of management subgroups is 4, the third encryption key is 4 ×
It has only (4-1) / 2 = 6. These six are K1, K2,
Named K3, K4, K5, K6. Each terminal has a memory for storing the third encryption key K1, K2, K3, K4, K5, K6, but according to the management subgroup to which the terminal belongs,
Part of the third encryption key is an invalid encryption key Kz. That is, which third of K1, K2, K3, K4, K5, and K6
The corresponding invalid encryption key Kz is also given by the base station, and the invalid key is stored in place of the regular encryption key in the two management subgroups. K1 is the management subgroups A and B, K2 is the management subgroups A and C,
K3 is the management subgroups A and D, K4 is the management subgroups B and C, K5 is the management subgroups B and D, K6 is the management subgroups C and D, and the regular encryption key is an invalid encryption key Kz. Has been replaced by

In general, when the number of management subgroups increases, the number of third encryption keys increases. However, any of the increased encryption keys corresponds to the encryption keys in the terminals of the two management subgroups. An invalid encryption key Kz to be executed is stored. As a result of this storage method, all terminals belonging to other management subgroups can have the same encryption key except for terminals belonging to any two management subgroups. For example, all the terminals belonging to all the management subgroups A and D except the management subgroups B and D have the third encryption key K4. Since the third encryption key is changed after shipment, it is stored in a rewritable memory. Third encryption key K1, K2, K
3, K4, K5, K6 encrypts update sent from the base station in the first encryption key _{K (i 1) ~K (i} 4). The invalid encryption key Kz has no problem with any data. Normally, the encryption key is generated by a random number, but the invalid encryption key Kz is also generated by a random number, and is delivered from the base station in the same manner as the delivery of the third encryption keys K1, K2, K3, K4, K5, and K6. However, the terminal cannot easily determine which is the invalid encryption key Kz.

The operation of the group cryptographic communication device according to the second embodiment of the present invention will be described below. First, an operation of deleting two or more terminals from a communication group will be described. 2
The operation of changing the encryption key when more than one terminal is lost,
The storage of the encryption key shown in FIG. 6 will be described as an example. For the sake of specificity, it is assumed that there are two terminals to be deleted and the terminals to be deleted belong to the management subgroups B and C, respectively.

The base station 1 transmits the new second encryption key K to the third
, And sends it to all the terminals 2 all at once to update the second encryption key K. The terminals belonging to the management subgroups B and C have one of the third encryption keys.
Since the two K4s are not stored, the second encryption key cannot be decrypted from the ciphertext and updated to a new encryption key.
Terminals belonging to other management subgroups can update to the new second encryption key K. Next, for the terminals belonging to the management subgroups B and C to which the terminal to be deleted belongs, the first encryption key K (i ₂ ) or K A new second encryption key K is transmitted after being encrypted in (i ₃ ). In this way, the terminals to be deleted can be removed, and the second encryption keys K of all the terminals can be updated in a short time.

When only one terminal is to be deleted, the first encryption key K (i ₂₎ is assigned to the terminals belonging to the management subgroups B and C except for one terminal to be deleted. ) Or K (i ₃ ) and transmitting a new second encryption key K.

Next, the operation of updating the third encryption key will be described. In order to maintain the performance of the system, after deleting a terminal, it is necessary to update the third encryption key in preparation for the deletion of the next terminal. The third encryption key to be updated is all the encryption keys except for one encryption key which is a deletion target and has two invalid terminals Kz. The changing method employs the changing method of the first embodiment.

Next, the change time of the encryption key will be described. When there are 10,000 terminals in the communication group, it is assumed that the terminal is divided into 100 management subgroups and 100 terminals belong to the management subgroup. To delete two terminals, one of the third encryption keys is used for terminals belonging to another management subgroup except for the management subgroup to which the terminal to be deleted belongs. The second encryption key K is updated all at once. Further, for the terminals belonging to the two management subgroups to which the lost terminal belongs, for the 99 terminals excluding the terminal to be deleted, the first encryption key K (i)
(I is a terminal number excluding the terminal to be deleted), and a new encryption key is sent individually. Therefore, if the encryption key transmission of the two methods of transmission by the management subgroup and transmission by terminal individually is combined, 199 times (1 + 99 × 2)
= 199) is required. Thus, 10,00
When transmitting an encryption key to zero terminals, according to the second embodiment, the number of transmissions of the encryption key is reduced, though slightly, as compared with the first embodiment.

As described above, according to the second embodiment of the present invention, when the group encryption communication device has the invalid encryption key in the terminals of the two management subgroups and the two terminals are lost. Since the configuration is such that the encryption key is updated all at once, the deletion of two terminals can be performed at high speed.

(Third Embodiment) In a third embodiment of the present invention, a temporary encryption key is encrypted by a first encryption key from a base station and distributed, and a plurality of third encryption keys are distributed by the temporary encryption key.
By encrypting the encryption key and distributing it all at once,
Is a group encryption communication device that updates the encryption key at high speed. The third embodiment differs from the first and second embodiments in that the provisional encryption key is used to reduce the time for updating the third encryption key.

FIG. 7 is a diagram showing the contents of the memory of the terminal of the group cryptographic communication apparatus according to the third embodiment of the present invention. The temporary encryption key Ktp is added to the memory of each terminal. First encryption keys K (i ₁ ) to K (i ₄ ) in FIG.
The second encryption key K and the third encryption keys K1, K2, K3, K4 are
This is the same as that shown in FIG. 3 in the first embodiment. The provisional encryption key Ktp is an encryption key temporarily used for encryption key distribution. As for the provisional encryption key Ktp, a new encryption key is distributed by the base station apparatus whenever necessary. During temporary use, one encryption key is commonly distributed to the target terminal. The base station apparatus encrypts the provisional encryption key Ktp with the first encryption key K (i) and distributes it in order for each terminal. Terminals to be distributed are limited to terminals other than the terminal to be deleted among the terminals belonging to the management subgroup to which the terminal to be deleted belongs.

Hereinafter, the operation of the group cryptographic communication apparatus according to the third embodiment of the present invention will be described. First, the basic operation will be described. Operations such as normal application information transmission, addition of a terminal to a communication group, and deletion of a terminal from a communication group are the same as those in the first embodiment.

Next, updating of the third encryption key will be described. As described in the first embodiment, after the terminal is deleted, the third encryption key can no longer be used. Therefore, it is necessary to update the third encryption key with a new encryption key. For example, when the deleted terminal belongs to the management subgroup B, the third terminal held by the deleted terminal
Will be updated.
The base station sends a new third encryption key K to the terminals in the management subgroups (A, C, and D in this example) excluding the management subgroup (B in this example) to which the deleted terminal belongs.
1, K3 and K4 are encrypted with the conventional third encryption keys K1, K3 and K4, further double-encrypted with K2 in the third encryption key, and sent all at once. Update. The terminal first decrypts the received encryption key update data with K2 in the third encryption key, and further decrypts the third encryption keys K1, K
3. Decrypt with K4 to obtain new third encryption keys K1, K3, K4. The above points (in this example, management subgroup A,
Updating of the third encryption key for C and D) is the same as in the first embodiment.

Subsequently, among the terminals belonging to the management subgroup (B in this example) to which the deleted terminal belongs, other terminals except the deleted terminal are sent to the first terminal, which is different for each terminal. A provisional encryption key Ktp is transmitted after encrypting with the encryption key K (i ₂ ). When the provisional encryption keys have been sent to the necessary terminals, the new encryption keys K1, K3, and K4 are encrypted with the provisional encryption key Ktp and sent all at once to update the third encryption key. (Here, among the terminals having the provisional encryption key Ktp, that is, the terminals belonging to the management subgroup to which the deleted terminal belongs, only the terminals other than the deleted terminal have the third encryption key of the new encryption key. Updated to key.)

Next, the change time of the encryption key will be described. When there are 10,000 terminals in the communication group, it is assumed that the terminal is divided into 100 management subgroups and 100 terminals belong to the management subgroup. Replace the new third encryption key with the old third key
It is encrypted 99 times and transmitted 99 times to be updated using the management subgroup. Since the number of terminals is 99 for sending the provisional encryption key Ktp to another terminal of the management subgroup to which the deleted terminal belongs, the encryption key is sent 99 times. Furthermore, since the number of new third encryption keys sent using the provisional encryption key is 99, transmission is performed 99 times. The sum of the three types of transmission is 99 + 99 + 99 = 297 times. As described above, when transmitting the encryption key to 10,000 terminals, updating the third encryption key according to the third embodiment significantly increases the number of transmissions of the encryption key as compared with the first embodiment. decrease.

As described above, according to the third embodiment of the present invention, a group encryption communication device is transmitted from a base station by encrypting a provisional encryption key with a first encryption key and distributing the group encryption communication device. Since the third encryption key is encrypted and distributed all at once, the third encryption key can be updated at high speed, and the update time is reduced.

(Fourth Embodiment) In a fourth embodiment of the present invention, n large management subgroups are provided in a communication group, and m small management subgroups are included in a large management subgroup. The second encryption key is encrypted with the fourth encryption key of the large management subgroup, and is simultaneously transmitted to terminals of the large management subgroup to which the terminal to be deleted does not belong, and the third encryption key of the small management subgroup is encrypted. The second encryption key is encrypted with the key and transmitted simultaneously to the terminals of the small management subgroup to which the terminal to be deleted does not belong, and individually transmitted to terminals of the same small management subgroup as the terminal to be deleted. A group encryption communication device that encrypts and transmits a second encryption key using a first encryption key. The fourth embodiment is different from the first to third embodiments in that a small management subgroup is provided in a large management subgroup, and the update method of the first embodiment is applied in two stages. The point is that the update time is shortened.

FIG. 8 is a diagram showing the concept of the management subgroup according to the fourth embodiment of the present invention. The terminal belonging to the management subgroup (hereinafter, referred to as a large management subgroup) described with reference to FIG. 3 of the first embodiment is divided into smaller management subgroups (hereinafter, referred to as small management subgroups). Then, they belong. According to FIG. 8, a large management subgroup of α, β, γ, δ is provided in the communication group S, the small management subgroups E and F are included in the large management subgroup α, and the large management subgroup β is included in the large management subgroup β. Inside, small management subgroups A, B, C, D,... Are provided.

FIGS. 9 and 10 are diagrams showing the storage contents of the encryption key of each terminal. Each terminal has a first encryption key K (i)
(I is a terminal number), a second encryption key K, a plurality of third encryption keys K1, K2, K3, K4, and a plurality of fourth encryption keys. The first encryption key K (i) and the second encryption key K are as shown in FIG.
Are the same as those described in the description. Each terminal stores, in principle, all of the third encryption keys K1, K2, K3, and K4, except that one of the third encryption keys that differs depending on the large management subgroup to which the terminal belongs belongs to an invalid encryption key Kz. Is stored in place of. That is, an invalid encryption key is stored by the base station. For example, as shown in FIG. 9, a terminal belonging to the large management subgroup α has an invalid encryption key Kz instead of the third key K1, and a terminal belonging to the large management subgroup β has the third key K1. It has an invalid encryption key Kz instead of the key K2. As a general theory, n large management subgroups are provided, and each large management subgroup is assigned a large management subgroup number of 1, 2, 3,..., J,.
It is assumed that numbers of n are assigned. In such a case, n encryption keys are required as the third encryption key, and the n encryption keys are denoted by K1, K2, K3,..., Kj,.
.., Kn. Taking Kj as an example,
In the terminal belonging to the j-th management subgroup, the invalid encryption key Kz is stored by the base station instead of Kj, and in the terminal belonging to the management subgroup other than the j-th management subgroup, the invalid encryption key Kz is stored by the base station. 1 of 3 encryption keys
Are stored. In other words, each terminal is basically composed of K1, K2, K3,..., Kj,.
Is stored in the terminal belonging to the j-th management subgroup, K1, K2, K3,
, Kj,..., Kn, instead of storing all n third encryption keys, exceptionally, only the j-th encryption key is invalid encryption instead of the third encryption key Kj. The key Kz is stored.

Each terminal has as many fourth encryption keys as the number of small management subgroups in the large management subgroup to which it belongs. If the large management subgroup to which the terminal belongs, the fourth encryption key of the terminal device is different. One of the fourth encryption keys of each terminal stores an invalid encryption key Kz by the base station. For example, as shown in FIG. 10, a terminal belonging to the large management subgroup α is in principle a fourth encryption key K.
Terminals having 11, K12, K13, and K14 and belonging to the large management subgroup β are in principle configured as fourth encryption keys K21, K22, K
Terminals belonging to the large management subgroup δ have, in principle, fourth encryption keys K41, K42, K43,.
It has K44, but part of it has been replaced with an invalid encryption key. Taking the large management subgroup β as an example, a terminal belonging to the small management subgroup A has an invalid encryption key Kz instead of the fourth encryption key K21, and a terminal belonging to the small management subgroup B has the fourth encryption key Kz. Invalid encryption key K instead of the encryption key K22
It has z and has an invalid encryption key such as. In general terms, one, two,
.., J,..., N are provided with n large management subgroups, and m is assigned to each large management subgroup.
, Sub-management sub-groups, 1, 2, ...,
When numbers are assigned as k,..., m, the number of small management subgroups is n × m. As a whole, n × m fourth encryption keys are prepared. In the small management subgroup jk (meaning the kth small management subgroup in the jth large management subgroup), an invalid encryption key is used instead of the fourth encryption key Kjk (j × kth encryption key). Kj, but with this exception, the normal fourth encryption keys Kj1, Kj2, ..., Kj (k-
1), Kj (k + 1),..., Kjk. (Precisely, it is provided by the base station.)

The operation of the group cryptographic communication device according to the fourth embodiment of the present invention will be described below. Regarding the transmission of the application information and the addition of the terminal, the transmission of the application information and the addition of the terminal are performed in the same manner as in the first embodiment.

Next, the operation of deleting a terminal from a communication group will be described. An operation example of changing the encryption key when one terminal is deleted will be described with reference to FIGS.
For the sake of specific description, it is assumed that one terminal is lost and that the terminal belongs to the small management subgroup B of the large management subgroup β. First, the base station
The new second encryption key K is encrypted with one of the third encryption keys K2 and transmitted. A terminal belonging to the large management subgroup of α, γ, and δ can decrypt the new second encryption key K encrypted with the encryption key K2. (A terminal belonging to the large management subgroup of β cannot decrypt the new second encryption key K encrypted with the encryption key K2.)

Subsequently, the base station transmits a new second encryption key K
Is encrypted with one of the fourth encryption keys K22 and transmitted. A terminal belonging to the small management subgroup of A, C, and D in the large management subgroup of β can decrypt the new second encryption key K encrypted with the encryption key K22. (Β
A terminal belonging to the small management subgroup B in the large management subgroup B cannot decrypt the new second encryption key K encrypted with the encryption key K2. )

Further, the terminal belonging to the small management subgroup B in the large management subgroup of β excluding the terminal to be deleted is encrypted with the first encryption key K (i) and newly encrypted. The second encryption key K is transmitted. In this manner, the second encryption keys K of all the terminals except for the terminal to be deleted can be updated, and a new communication group excluding the terminal to be deleted can be reconfigured.

Third, the operation of updating the third and fourth encryption keys for updating the encryption key will be described. The third encryption key and the fourth encryption key held by the terminal to be deleted need to be updated to a new encryption key in order to efficiently delete the next terminal. However, the fourth encryption key that needs to be updated is the fourth encryption key related to the small management subgroup to which the terminal to be deleted belongs.
It is sufficient to limit to the encryption key of. By the way, the method of the present embodiment is a method in which the method of the first embodiment is superimposed and executed, and the method of updating the third encryption key described in the first embodiment and other embodiments. If the method is performed in two steps, the encryption key can be updated in the same manner. That is,
The third encryption key correctly stored in the terminal to be deleted is:
As described in the description of the updating of the third encryption key in the first embodiment, the new third encryption key is encrypted with the old third encryption key, and the third terminal not to be deleted does not have the third encryption key. Then, the data is encrypted with the encryption key 3 and transmitted twice, and the terminal decrypts the data in the reverse procedure. Thus, the third encryption key of the terminal of the large management subgroup to which the terminal to be deleted belongs is updated. Similarly, terminals in the small management subgroup to which the terminal to be deleted does not belong in the large management subgroup to which the terminal to be deleted belongs belong to the old fourth encryption key. After encrypting with the key, the terminal to be deleted double-encrypts with the fourth encryption key that the terminal does not have and sends it, and the terminal decrypts in the reverse procedure. Thus, the fourth terminal of the small management subgroup to which the terminal to be deleted does not belong in the large management subgroup to which the terminal to be deleted belongs.
Update the encryption key of.

The third encryption key of the terminal of the small management subgroup to which the terminal to be deleted does not belong in the large management subgroup to which the terminal to be deleted belongs belongs to the above description of the operation. The second encryption key can be updated in the same manner as when the second encryption key is encrypted with the fourth encryption key and distributed.

Further, for the terminals of the small management subgroup to which the terminal to be deleted belongs in the large management subgroup to which the terminal to be deleted belongs, the third terminal is individually assigned to the terminal.
In this case, the temporary encryption key described in the third embodiment is distributed first, and then the new third encryption key and the new fourth encryption key are updated. By distributing the key after encrypting it with the provisional encryption key, the update time of the encryption key can be reduced.

[0096] The change time of the encryption key will be described. When there are 10,000 terminals in the communication group, 22 large management subgroups are provided in one communication group, each large management subgroup is divided into 22 small management subgroups, and 22 small management subgroups are assigned to each small management subgroup. Assume that a terminal is assigned. In this way, the encryption keys of 22 × 22 × 22 = 10,648 terminals can be managed.

When the second encryption key K is encrypted with the third encryption key and transmitted once, the second encryption key of the terminals belonging to the 21 large management subgroups can be updated. Next, it is transmitted once to update using the small management subgroup. It is individually encrypted with the first encryption key K (i) and transmitted to the other terminals of the small management subgroup except for the terminal to be deleted, and the encryption key is updated 21 times (excluding the terminal to be deleted). Therefore, only one is reduced from 22). 1 + 1 +
21 = 23 times. As described above, when transmitting the encryption key to 10,000 terminals, updating the second encryption key according to the fourth embodiment significantly increases the number of transmissions of the encryption key as compared with the first embodiment. decrease.

As described above, in the fourth embodiment of the present invention, a large management subgroup and a small management subgroup are provided in a communication group, and the group encryption communication device is connected to the terminal to be deleted by the third encryption key. The second encryption keys of the terminals other than the large management subgroup are simultaneously updated, and the second encryption keys of the terminals other than the small management subgroup of the terminal to be deleted are simultaneously updated with the fourth encryption key. Since the second encryption keys of the terminals in the small management sub-group of the terminal to be deleted are individually updated using the encryption keys, the time for updating the second encryption keys can be reduced.

Note that the terminal addition / deletion method described in the first to fourth embodiments, that is, the encryption using the third encryption key and the first The second encryption key used for transmitting the application information can be periodically changed using the method of transmitting the second encryption key in combination with the encryption using the encryption key of (i). In this case, the terminal does not need to be modified, but the base station apparatus needs additional functions.

(Fifth Embodiment) In a fifth embodiment of the present invention, a plurality of different second encryption keys are stored in a terminal.
A group encryption communication device that stores a plurality of different third encryption keys so that a terminal can belong to a plurality of communication groups. The fifth embodiment differs from the first to fourth embodiments in that a terminal stores a plurality of encryption keys and can belong to a plurality of communication groups.

FIGS. 11 and 12 are diagrams showing a form of a communication group to which the group encryption communication device according to the fifth embodiment of the present invention is applied. FIG. 11 shows a model in which some terminals overlap and belong to two communication groups. In FIG. 11, terminal t belongs only to communication group T, but terminal u belongs to both communication group S and communication group T. The terminal u can receive the broadcast of the base station for both the S and T communication groups, but the terminal t can receive only the broadcast of the base station for the communication group T.

FIG. 12 shows a model in which a communication group to which a terminal belongs belongs to a larger communication group as a whole, that is, a model of a hierarchical structure of communication groups. FIG.
, The terminal t belongs to the communication group T and also belongs to the larger communication group U together with all the other terminals belonging to the communication group T. The terminal device t can receive both the broadcast message of the base station for the small communication group T and the broadcast message of the base station for the larger communication group U.

In the form of the communication group of FIG.
In the form of the communication group, since the terminals belong to a plurality of communication groups, each terminal can have a second encryption key K different for each communication group, and the secret management of communication can be separately performed for each group.

FIG. 13 is a diagram showing an encryption key stored in the memory of the terminal. In the memory of the terminal, one first encryption key K (i), a plurality of second encryption keys K (p), and a plurality of third encryption keys K1 (p), K2 (p),. .., Kn (p) are stored. The second encryption key K (p) and the third encryption keys K1 (p), K2
(p),..., Kn (p) are normally stored in pairs, and the number of pairs is the same as the number of communication groups to which the terminal belongs. There is no problem even if there are a plurality of first encryption keys K (i), but one is sufficient. With such a configuration,
The management of the encryption key described in the first embodiment can be performed for each communication group, and can be applied to a plurality of communication groups. One terminal can receive application information for two or more communication groups. Further, also in the method of the second embodiment, it is possible to apply to a plurality of communication groups by having (storing) a plurality of pairs of the second encryption key and the third encryption key.

First, the addition of a communication group will be described. The terminal has a plurality of storage spaces for a plurality of second and third encryption keys, and encrypts the storage space with the first encryption key and transmits new second and third encryption keys. And
By storing the information, a new communication group can be formed.

Next, change of communication group (addition and deletion)
Will be described. A new communication group is formed in the manner described above, and the communication group that has been used conventionally is deleted (usually, the second / third encryption key that has been used conventionally is deleted. The communication group can be changed.

Next, the second and third steps when deleting a terminal are described.
Will be described. In order for the terminal described in FIG. 13 to belong to a plurality of communication groups, the second encryption key K
And two or more third encryption keys, the second
It is possible to update the second and third encryption keys related to terminal deletion by using the encryption key.

For example, in FIG. 12, when a terminal belonging to the communication group S is to be deleted, the second encryption key and the third encryption key for receiving the information of the communication group U of the terminal belonging to the communication group T are: , Can be distributed using the second encryption key that receives the broadcast message of the communication group T. Second cryptographic key used in the communication group S is K (p _2), a third encryption _{key, K1 (p 2), K2} (p 2), K3 (p 2), K4 (p 2), communication The second encryption key used in group T is K (p ₃ ), the third encryption key is K 1 (p ₃ ), K 2 (p ₃ ), K ₃ (p ₃ ), K 4 (p ₃ ), communication group The second encryption key used in U was K (p ₄ ), and the third encryption key was K 1 (p ₄ ), K 2 (p ₄ ), K 3 (p ₄ ), K ₄ (p ₄ ) When deleting a terminal belonging to the communication group S, a new second encryption key K ′ (p ₄ ) of the communication group U and a new third key for the terminal belonging to the communication group T are deleted.
Encryption key _{K1 '(p 4), K2} ' (p 4), K3 '(p 4), K4' (p 4) encrypted by a second encryption key K used in the communication group T (p ₃₎ , And the time for distributing the encryption key can be shortened.

However, unlike the management subgroup virtually provided for distributing the encryption key in the communication system, the configuration of the communication group may be freely determined by the user of the communication system. The use of the above configuration for encryption key distribution does not necessarily have only merit.

As described above, according to the fifth embodiment of the present invention, the group encryption communication device stores a plurality of different second encryption keys and a plurality of sets of different third encryption keys in a terminal,
Since the terminals are configured to belong to a plurality of communication groups, the encryption keys can be managed in a plurality of communication groups for one terminal, and the encryption key can be updated at a high speed.

[0111]

As described above, according to the present invention, a subgroup for encryption management is provided in a communication group, and the individual change of the encryption key for each terminal and the simultaneous change of the encryption key for each subgroup are used together. Therefore, an effect is obtained that the encryption key for deleting the lost terminal can be updated at a high speed.

In the present invention, the third encryption key is used to update the encryption keys of the terminals of the management subgroup to which the lost terminal does not belong. Therefore, the first encryption key K ( There is an effect that the frequency of using i) is reduced, and the risk of interception of communication and the risk of decrypting encryption (encryption key) are reduced.

Further, in the present invention, a plurality of management sub-groups are provided in the communication group, and a different third encryption key is used for each management sub-group. Even if the information of the terminal is collected, the decryption of the encryption of the other terminal is not easily performed, and the effect that the decryption by collusion becomes difficult is obtained.

[Brief description of the drawings]

FIG. 1 is a conceptual diagram of a group communication system according to a first embodiment of the present invention;

FIG. 2 is an explanatory diagram of a management subgroup according to the first embodiment of the present invention;

FIG. 3 is a diagram showing a structure of an encryption key memory of the terminal according to the first embodiment of the present invention;

FIG. 4 is a diagram showing a structure of a base station device according to the first embodiment of the present invention;

FIG. 5 is a diagram showing a structure of a terminal according to the first embodiment of the present invention;

FIG. 6 is a diagram showing a structure of an encryption key memory of the terminal according to the second embodiment of the present invention;

FIG. 7 is a diagram showing a structure of an encryption key memory of the terminal according to the third embodiment of the present invention;

FIG. 8 is an explanatory diagram of a size management subgroup according to the fourth embodiment of the present invention;

FIG. 9 is a diagram showing a structure of an encryption key memory of a terminal according to a fourth embodiment of the present invention;

FIG. 10 is a diagram showing a structure of an encryption key memory of a terminal according to a fourth embodiment of the present invention;

FIG. 11 is an explanatory diagram of a collocated multiple communication group according to a fifth embodiment of the present invention;

FIG. 12 is an explanatory diagram of a hierarchical multiple communication group according to a fifth embodiment of the present invention;

FIG. 13 is a diagram showing a structure of an encryption key memory of a terminal according to a fifth embodiment of the present invention;

FIG. 14 is a conceptual diagram of a conventional group communication system.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Base station 2 Terminal 3 Terminal memory unit 4 Transmission selection unit 5 Encryption unit 6 Key distribution control unit 7 Base station key selection unit 8 Base station memory unit 9 Encryption / decryption unit 10 Data selection unit 11 Key reception control unit 12 Terminal Machine key selection section 13 Base station key temporary memory 14 Terminal machine key temporary memory

Claims (8)

[Claims] 1. A group cryptographic communication apparatus comprising a base station and terminals divided into a plurality of communication groups, and capable of simultaneously broadcasting from the base station to terminals in the communication group. Means (n is an integer of 2 or more) for providing management subgroups, wherein the base station encrypts and transmits arbitrary information individually to the terminals using a first encryption key different for each terminal; Means for performing encrypted transmission of application information using a common second encryption key in the communication group, different for each communication group, and deletion target using a third encryption key common in the management subgroup, different for each management subgroup The second encryption key is simultaneously transmitted to the terminals except for the terminals belonging to the management subgroup to which the terminal belongs, and the second encryption key is Updating means for updating the second encryption key by encrypting and transmitting the second encryption key using the first encryption key individually to the terminals belonging to the management subgroup to which the terminal to be deleted belongs; Means for storing the first encryption key in the terminal,
A second storage unit for storing the second encryption key, and (n-1) third encryption keys corresponding to the other management subgroups and invalidity replacing the third encryption key corresponding to the management subgroup to which the self belongs. A group encryption communication device comprising: a third storage unit that stores an encryption key. 2. The apparatus according to claim 1, wherein said second storage means includes a plurality of different second memories.
2. The group according to claim 1, wherein an encryption key is stored, and a plurality of sets of different third encryption keys are stored in the third storage means, so that the terminal can belong to a plurality of communication groups. Cryptographic communication device. 3. A means for storing, in the base station, first encryption keys equal to or greater than the number of the terminals, means for storing second encryption keys equal to or greater than the number of communication groups, and n or more third encryption keys. 3. The apparatus according to claim 1, further comprising means for storing an encryption key and means for storing one or more invalid encryption keys. 4. The base station encrypts each new third encryption key with a corresponding previous third encryption key, and further encrypts each new third encryption key with a third encryption key corresponding to a management subgroup of the terminal to be deleted.
3. The group encryption communication apparatus according to claim 1, further comprising means for distributing the data after being heavily encrypted, and updating the third encryption key. 5. A means for encrypting a temporary encryption key with a first encryption key for distribution to said base station, and means for simultaneously distributing third encryption keys (plurality) with a new temporary encryption key distributed. 3. The group encryption communication device according to claim 1, further comprising: 6. The terminal device includes n (n-1) / 2 third third terminals.
Means for storing an encryption key, wherein the third
By changing the combination of the management subgroups for distributing the invalid encryption key for each encryption key, a valid third encryption key is distributed to the terminals belonging to the (n−2) management subgroups, and the remaining two encryption keys are distributed.
2. The group encryption communication device according to claim 1, wherein a means for distributing an invalid encryption key is provided to terminals belonging to one management subgroup. 7. A group communication apparatus comprising a base station and a plurality of terminals divided into one or more communication groups, wherein n (n is an integer of 2 or more) large management in said communication group. A sub-group is provided, and m (m is an integer of 2 or more) small management sub-groups are provided in the large management sub-group, and each of the terminals is individually assigned to the base station by a first encryption key different for each of the terminals. Means for performing encrypted transmission of arbitrary information, means for performing encryption transmission of application information using a second encryption key that is different for each communication group, and common to the communication group, and for each of the large management sub-groups. The second encryption key is simultaneously sent to terminals other than terminals belonging to the small management subgroup to which the terminal to be deleted belongs by the third encryption key common to the large management subgroup. Means for performing encrypted transmission of the second encryption key and updating the second encryption key with the first encryption key for each of the terminals belonging to the small management subgroup to which the terminal to be deleted belongs. Means for encrypting and transmitting the second encryption key and updating the second encryption key with a fourth encryption key that is different for each of the small management subgroups and is common within the small management subgroup and that is to be deleted Means for simultaneously performing encryption transmission of the second encryption key and updating the second encryption key to the terminals except for the terminals belonging to the small management subgroup to which the terminal belongs. First storage means for storing the first encryption key, second storage means for storing the second encryption key, and (n-1) third encryption keys corresponding to the other large management subgroups, No. corresponding to the large management subgroup Third storage means for storing an invalid encryption key in place of the encryption key, and (m-1) fourth encryption keys corresponding to the other small management subgroups and a fourth encryption key corresponding to the small management subgroup to which the self belongs. And a fourth storage means for storing an invalid encryption key in place of the key. 8. When the base station updates a second encryption key and a third encryption key stored in a terminal to be deleted, the terminal to be deleted does not store a new second encryption key. Means for encrypting with the second encryption key and delivering it to the terminal having the second encryption key, and encrypting the new third encryption key with the second encryption key not stored in the terminal to be deleted, and 3. The group encryption communication device according to claim 2, further comprising means for distributing to a terminal having an encryption key.