WO2011099325A1 - 暗号通信システム及びそれに用いる送信機及び受信機 - Google Patents
暗号通信システム及びそれに用いる送信機及び受信機 Download PDFInfo
- Publication number
- WO2011099325A1 WO2011099325A1 PCT/JP2011/050668 JP2011050668W WO2011099325A1 WO 2011099325 A1 WO2011099325 A1 WO 2011099325A1 JP 2011050668 W JP2011050668 W JP 2011050668W WO 2011099325 A1 WO2011099325 A1 WO 2011099325A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- random number
- signal
- base
- basis
- transmitter
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0858—Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
Definitions
- the present invention relates to an encryption communication system and a transmitter and a receiver used therefor, and more particularly to an encryption communication system improved in safety in optical communication and a transmitter and a receiver used therefor.
- Ciphers can be broadly divided into common key systems and public key systems.
- the reason for security is that the common key method cannot be easily deciphered even if it is eavesdropped, and the reason for safety is that the public key method requires an unrealistic time to decipher although the decryption algorithm is known .
- Quantum cryptography uses a quantum mechanical property to try to guarantee security in terms of physical laws. Quantum ciphers provide security based on the laws of physics, while security is based on the fact that even if ordinary ciphers can be eavesdropped, it is difficult to decipher with current computer capabilities. There is no worry that the safety will be threatened even if there is progress (Non-patent Document 1).
- Quantum cryptography has many problems to use the quantum mechanical state. The quantum mechanical state is easily changed from the original state by interaction with the environment (decoherence). A transmission path such as an optical fiber always has a loss. Since the loss changes the quantum state, the quantum cryptography is first limited in distance. For example, the maximum transmission distance is about 100 km.
- quantum cryptography If there is a loss, it is normal communication to amplify to compensate for that, but amplification is also not allowed in quantum cryptography because it decoherens the original state. In addition, it is necessary to use ultra-weak light in quantum cryptography. Furthermore, in order to operate quantum cryptography under these restrictions, there is a problem that the current optical communication system must be reconstructed. As seen above, there are many restrictions on the operation of quantum cryptography.
- Non-patent Document 2 A method called the ⁇ scheme was proposed with the aim of solving the above problems in quantum cryptography, and wiretapping was performed by setting signal bases to be multivalued in phase space and setting adjacent bases within the range of quantum fluctuations. In such a case, accurate information is not given to a person (Non-patent Document 2). Since this scheme uses quantum fluctuations as a basis for safety, if the signal light intensity is too large, the effect of quantum fluctuations can be ignored, and sufficient safety cannot be obtained. Light intensity greater than that of quantum cryptography can be used, but the intensity needs to be sufficiently weaker than that in normal optical communication. Therefore, a method using anti-squeeze has been proposed as being applicable even with light intensity comparable to that of normal optical communication (Patent Document 1).
- Patent Document 2 discloses the generation of anti-squeezed light using only components for optical communication with long-term reliability. An example of building a vessel is disclosed.
- Non-Patent Document 5 discloses a secret key generation method using a privacy amplifier.
- the safe amount of information is obtained by using the mutual information I (X; Y) between the sender and the regular receiver and the mutual information I (X; Z) between the sender and the illegal receiver, and C s ⁇ max [I (X; Y) -I (X; Z)].
- the mutual information amount I is a function of the bit error rate (BER). When there is no bit error, the mutual information amount I coincides with the information source entropy H (A) of the sender and decreases as the BER increases. If the BER (p E ) of the unauthorized recipient is larger than the BER (p B ) of the regular recipient, a safe amount of information (C s > 0) is secured, and information-safe communication is possible.
- An important point in realizing information security is how to form a difference between an authorized recipient and an unauthorized recipient to achieve p E > p B. If the quantum mechanical property is used, a legitimate sender / receiver can detect it when eavesdropped, and quantum cryptography uses this property to realize p E > p B. The quantum mechanical properties are not used in other parts of the quantum cryptography. As is clear from the above discussion, secure communication is possible if there is a method that can realize p E > p B without using quantum mechanical properties.
- Quantum cryptography theoretically improves security dramatically, but has a limited transmission distance because it does not have sufficient resistance to loss and amplification.
- transmission loss increases as the transmission distance increases, the probability that a photon cannot reach the receiver increases in quantum cryptography using ultra-weak light.
- the normal quantum cryptography protocol discards half of the received random number signals without using them, the reception rate further decreases.
- one method for solving these problems is to realize safe optical communication using classical light, which is an unsolved problem.
- This problem is not limited to optical communication, but can also be said for general communication using electromagnetic waves, such as normal electrical communication and wireless communication.
- An object of the present invention is to provide a secure cryptographic communication system using classical fluctuations and a transmitter and a receiver used therefor that are resistant to loss and amplification and have a sufficiently high transmission rate.
- the cryptographic communication system of the present invention comprises a transmitter and a receiver connected via a communication network
- the transmitter is A shared basis shared between the transmitter and the receiver, and information on a random number basis held or generated only by the transmitter, and the first random number and the second random number generated by the random number generator
- a random number signal is generated by superimposing the random number data on the random number basis on the output from the electromagnetic wave source with fluctuation, and a function for generating cryptographic data from the random number of the random number, the shared basis and the random number basis A function of transmitting the random number signal to the receiver via the first transmission path of the communication network, and generating a secret key from the first random number and the second random number, and using the secret key
- the random number data is When the random number basis and the shared basis match, the first random number is a signal, and when the random number basis and
- a function for determining the random number signal in the case as the first random number a function for determining the random number signal in the case of not being matched as the second random number, a function for extracting a secret key from the determined first and second random numbers, And a function of decrypting the actual data body received via the second transmission path into the actual data body before encryption using the secret key.
- the present invention uses a seed key, but the origin of a newly generated secret key is fluctuation of carrier light (electromagnetic wave). That is, the newly generated secret key is generated in terms of information theory under the condition of using the seed key. Therefore, it exceeds the computational security, and it is expected that there is no effective attack method other than an exhaustive search attack on the seed key. If there is no more effective attack method than an exhaustive search attack on the seed key in cryptography, it is considered sufficiently secure. In that sense, the present invention realizes a sufficiently secure communication system. Furthermore, since the fluctuations used in the present invention are classical, they are resistant to loss and amplification, and are not subject to transmission distance limitations as in the case of transmitting quantum states.
- the present invention it is possible to perform safe communication over a long distance using an existing optical fiber network. Further, in the present invention, there is no signal loss on the communication path that can occur in normal quantum cryptography, and 1 ⁇ 2 of the received random number sequence is not discarded, leading to an improvement in bit rate.
- phase fluctuations will be mainly shown as an example. Since the phase fluctuation is used, the modulation method is a phase modulation type. Either phase-shift keying (PSK) requiring reference light or differential type differential-phase-shift keying may be used.
- PSK phase-shift keying
- differential type differential-phase-shift keying may be used.
- the signal is binary and the basis number is 2.
- the signal appears to have four values.
- the present invention can be easily extended to an n-value signal and a base number m, where n and m are positive integers, in which case the signal appears to have an n ⁇ m value.
- FIG. 1 shows the main points of the principle adopted in the present invention to realize this. It is assumed that legitimate transceivers share a seed key in advance, and the seed key is used to determine whether it is a q-axis basis or a p-axis basis.
- FIG. 1 is a binary signal in the case of the q-axis basis, and the shape of the crescent moon represents fluctuation in the phase space of each signal state “0” and “1”.
- E absolute value of the amplitude of the signal light
- E absolute value of the amplitude of the signal light
- the signal light is measured due to the fluctuation of the carrier light
- ⁇ q and ⁇ p are fluctuations.
- the crescent moon in FIG. 1 represents this fluctuation range, and the measured value is approximately one point within the fluctuation range.
- FIG. 1B shows a binary signal in the case of a p-axi
- the binary determination may be performed in the binary state of FIG. 1 (a) or (b).
- the signal state looks four-valued as shown in FIG. 1C, and it must be binary-determined.
- the quaternary signal fluctuates, the overlap between adjacent ones increases, and the BER of unauthorized recipients increases. Bit errors also occur in legitimate receivers, but the difference from unauthorized receivers is clear. This difference in bit error rate ensures a safe amount of information.
- the important point here is that an authorized receiver needs to make a binary decision from a quaternary signal, while an authorized recipient should make a binary decision from a binary signal. This difference forms a bit error rate difference.
- simply using the same key allows unauthorized recipients to estimate the basis, so it is a problem to devise a protocol that does not allow the basis estimation, and the present invention provides a solution to this.
- the sender transmits a random number signal on a random number basis using electromagnetic waves (light, etc.) with fluctuations (net four values). Allocation of the quaternary signal is as shown in FIG. 1C, where the signal “0” is the signal “0” on the q-axis basis (base “0”), and the signal “1” is the p-axis basis (base “1”). ”) Signal” 0 “, signal” 2 “is signal” 1 "on q-axis basis (base” 0 "), signal” 3 "is signal” 1 "on p-axis basis (base” 1 ”) It is.
- the random number signal is composed of two sequences, and each is subjected to error correction coding (code 1 and code 2).
- the random number signal superimposed on each bit is either code 1 or code 2, and the shared basis and the random number basis are collated for each bit, and code 1 is superimposed if they match, and code 2 is superimposed if they do not match Is done.
- the regular receiver makes a quaternary determination, determines a random number basis, and collates with a shared basis.
- the random number signal is treated as code 1 if the matching is matched, and is treated as code 2 if it is not matched.
- the amount of information of code 1 and code 2 shared between the sender and the receiver is reduced by a privacy amplifier described in Non-Patent Document 5, for example, as a secret key, and actual data to be actually transmitted using the secret key Is encrypted using a general transmission line.
- the seed key (shared base) is shared between the sender and receiver, but is not reflected in the information sent and received. For this reason, the random receiver can see only random numbers on the random basis, but the regular receiver has a regularity of whether the random number signal is code 1 or code 2 based on the shared basis information. Looks like.
- a legitimate recipient must first make a four-value decision. Therefore, although there are many basis determination errors, the regular receiver can generally separate the code into code 1 and code 2 although there is a basis determination error in order to know the shared basis. If a parity check is performed on each code string at that stage, it is possible to estimate a region including a bit having a base determination error. The correct code sequence is obtained by correcting the bases of the respective bits in the area estimated to have errors in order and repeating the parity check.
- the present invention is applicable to electromagnetic waves in general, and can be applied to communication using ordinary electric signals and wireless communication. is there.
- a high-frequency oscillator or the like can also be used as an electromagnetic wave source with fluctuation.
- the cryptographic communication system of the present invention includes a transmitter 100, a receiver 300, and first and second transmission paths 201 and 202 that connect these transmitter and receiver. .
- first and second transmission paths 201 and 202 that connect these transmitter and receiver.
- the present invention can also be applied to communication between a plurality of transmitters and receivers connected via a communication network.
- the transmitter 100 includes a random number generator 101 including a first random number generator, a second random number generator, and a third random number generator, a seed key (shared base) shared between the transmitter and the receiver, and a third random number generator.
- Storage device 102 for storing the output (random base information) of the random number generator, the seed key (shared base), the random number base, the output of the first random number generator (symbol 1), and the second random number generator
- the random number data generation unit 103 that generates a random number data sequence for transmission from the output (reference numeral 2) and the output from the electromagnetic wave source (light source) with fluctuation are superimposed on the random number basis on the basis of the random number, and the first transmission line 201
- a random number signal transmission unit 104 that transmits a random number signal (a signal that has been substantially analogized due to fluctuations) to the receiver 300, and outputs (reference numerals 1 and 2) of the first and second random number generators.
- the receiver 300 obtains code 1 and code 2 from the signal detector 311 that detects the random number signal transmitted through the first transmission path 201, and the received random number signal and the shared basis information in the storage device 303.
- a random number code reproduction unit 302 that performs separate reproduction, a secret key generation unit 304 that generates a secret key based on the reproduced codes 1 and 2, and a second transmission path 202 using the generated secret key.
- an encryption / decryption device 305 for decoding the actual data body transmitted.
- the random number data generation unit 103 of the transmitter 100 outputs the first code as random number data when the random number basis and the shared basis match, and outputs the second code as random number data when the random number basis and the shared basis do not match. .
- the random number data is obtained by selecting either code 1 or code 2 in bit units.
- the random number signal transmission unit 104 superimposes random number data on an output wave (output light) from an electromagnetic wave source such as a fluctuation light source using a modulator, and transmits the data to the first transmission line 201 as a random number signal.
- the output signal from the random number signal transmission unit 104 is fluctuated, and the fluctuation source is the electromagnetic wave source (light source) itself, or the thermal fluctuation intentionally superimposed on the drive current of the modulator or the electromagnetic wave source (light source).
- the secret key generation unit 105 generates a secret key by reducing the number of bits of the first and second codes which are the outputs of the first and second random number generators in the random number generator 101.
- the encryptor 106 encrypts the actual data body using the secret key output from the secret key generation unit 105 and outputs the encrypted data to the second transmission path 202.
- a signal detector 311 in the receiver 300 receives a random number signal transmitted via the first transmission path 201.
- the random number code reproduction unit 302 first demodulates the random number signal by the demodulator 312 and determines the random number base (0 or 1). Next, the random number base (digital value) and the shared base in the storage device 303 are collated, and if the two match, the random number signal of the bit is set to code 1, and if they do not match, it is determined to be code 2.
- the secret key generation unit 304 generates a secret key by reducing the number of bits of the code 1 and the code 2 obtained by the random number code reproduction unit 302. This secret key is the same secret key obtained in the secret key generation unit 105 in the transmitter.
- the encryption decoder 305 converts the encrypted real data body transmitted via the second transmission path 202 into actual data before encryption using the secret key generated in the secret key generation unit 304. Decrypt.
- the present invention has one feature in that one random number data string is formed from two random number code strings of code 1 and code 2. This point will be described with reference to FIGS. 2B and 2C.
- FIG. 2B shows an outline of the processing for random number data on the transmitter side
- FIG. 2C shows random number data on the receiver side.
- the random number data generation unit 103 has four types: (a) shared basis, (b) random number basis, (c) random number code 1 (code 1), and (d) random number code 2 (code 2).
- the eight patterns of information (1) to (8) are generated using the binary signal.
- the shared base is the base “0” in the patterns (1), (3), (5), and (7), and the base “1” in the patterns (2), (4), (6), and (8). is there.
- the random number base is “0” in the patterns (1) to (4) and “1” in the patterns (5) to (8).
- the transmission basis is determined only by the random number basis, and becomes the q-axis basis when the random number basis is “0”, and becomes the p-axis basis when the random number basis is “1”.
- code 1 or code 2 is selected depending on whether or not the shared basis and the random number basis match. If both bases match, code 1 is selected, and if they do not match, code 2 is selected. Therefore, in each of the patterns (1) to (8), only the code 1 or the code 2 is selected. In patterns (1), (3), (5), and (7), code 1 is selected because the values of the shared basis and random number basis of each bit match.
- the value 2 is selected because the values of the shared basis and the random number basis do not match. Therefore, the generated random number data is 0, 0, 1, 1, q-axis basis, 0, 0, 1, 1 of p-axis basis in the order of patterns (1) to (8).
- a quaternary signal (signal “0” to signal “3”), it becomes 0, 0, 2, 2, 1, 1, 3, 3 in the order of patterns (1) to (8).
- the apparently quaternary random number data is transmitted from the random number signal transmission unit 104 as a random number signal with a crescent-shaped fluctuation distribution as shown at the bottom of FIG. 2B.
- the secret key generation unit 105 a secret key for cryptographically communicating the actual data body is generated based on the codes 1 and 2.
- Patterns (1) to (8) correspond to patterns (1) to (8) in FIG. 2B, respectively.
- the measured value of the quaternary random number signal received by the signal detector 311 is one point within the range of the crescent-shaped fluctuation distribution as shown at the top of FIG. 2C.
- the demodulator the four values of “0”, “1”, “2”, and “3” are determined from the measured values.
- the determination of the random number base is made from the determination result of the four values.
- the quaternary signal is “0” or “2”, it is a q-axis basis (base “0”), and patterns (1) to (4) correspond to this.
- the quaternary signal When the quaternary signal is “1” or “3”, it is a p-axis basis (base “1”), and patterns (5) to (8) correspond to this.
- the determined random number base is collated with the information of the shared base held in the storage device 303, and it is determined whether the random number signal belongs to code 1 or code 2 for each bit based on the collation result.
- both the random number base and the shared base are q-axis bases (base “0”), and are determined to be code 1.
- a random number code value can also be determined from the quaternary determination result.
- the q-axis base code “0” is determined based on the quaternary determination result “0”.
- Patterns (2) to (8) can be interpreted based on the above determination method.
- the pattern (2) since the random number basis and the shared basis are different, it is determined as the code 2 and becomes the code value “0” of the q-axis base based on “0” of the quaternary determination result.
- the pattern (3) since the random number basis and the shared basis are the same, it is determined as the code 1 and becomes the code value “1” of the q-axis base based on “4” of the quaternary determination result.
- the pattern (4) since the random number basis and the shared basis are different, it is determined as the code 2 and based on the quaternary determination result “2”, the code value of the q-axis base is “1”.
- Patterns (5) to (8) are obtained by changing the quaternary signal from “0” to “1” from “2” to “3” in patterns (1) to (4). Based on this change, the random number base is changed from the q-axis base to the p-axis base. If the same determination is made, the pattern (5) is “0” of the code 2, the pattern (6) is “0” of the code 1, the pattern (7) is “1” of the code 2, and the pattern (8) is the code 1 It becomes “1”.
- the secret key generation unit 304 generates a secret key based on the reproduced code 1 and code 2.
- the random number signal actually transmitted through the transmission path 201 has four values, there are eight data patterns as described above.
- FIGS. 2B and 2C there are two patterns for each of the four signal values.
- the pattern (1) and the pattern (2) have the same four-value signal state “0”, and the patterns (1) and (2) cannot be distinguished without shared base information. This represents the position of an unauthorized recipient.
- the patterns (1) and (2) can be distinguished, and the code string 1 and the code string 2 can be reproduced. As a result, it is possible to generate a secret key for decrypting the encrypted signal of the actual data body.
- the bit sequence for determining the shared basis, the random number basis, and the random number code is an 8-bit random number data sequence arranged in the order of the patterns (1) to (8).
- the shared basis is 01010101
- the random number basis is 00001111
- the random number code string is 00110011.
- the shared basis is used only in the transceiver, and is not reflected in the transmitted / received random number signal. Since the authorized receiver knows the shared basis, it can collate it with the random number basis and separate 0101 of the code string 1 and 0101 of the code string 2. On the other hand, since the illegal receiver does not have the shared basis information, the code string 1 and the code string 2 cannot be separated.
- code 1 and code 2 are mixed randomly, and the generated random number data is composed of code 1 only or code 2 only. It is not desirable. Therefore, it is needless to say that the random number bases are completely the same as the shared bases, and those having certain conditions such as a bit string representing the shared bases are simply inverted.
- safe optical communication is based on the basic configuration of using light (electromagnetic waves) with classical fluctuation (may be quantum fluctuation) in carrier light and sharing a seed key between the transmitter and the receiver.
- Real communication Using carrier light with classical fluctuations, the sender uses a binary (generally n value where n is a positive integer) random number signal and two types of bases (generally m is positive) determined by random numbers. It is transmitted as one of m types of bases as an integer. Since it is a random number-based random signal, in principle, an unauthorized recipient cannot obtain any information. The legitimate sender / receiver determines the shared base using the shared seed key.
- the sender / receiver compares the random number base and the shared base for each bit, and separates the random number sequence superimposed thereon into two sequences when they match and when they do not match (code 1 and code 2). Since the legitimate sender / receiver shares the seed key, the two random number signal sequences match between the sender / receiver if there is no bit error.
- a regular receiver collates a random number basis and a shared basis, a determination error occurs due to fluctuation of the carrier light, but it is corrected by using an error correction code.
- the method for correcting the basis decision error is described in the following examples. In principle, a legitimate receiver only needs to make a binary decision on one known basis by the error correction function of the seed key and the error correction code.
- FIG. 3 shows a configuration example of a cryptographic communication system according to the present invention.
- the transmitter 100 three random number generators 1, 2, 3 (111, 112, 113. These are collectively referred to as the random number generator 101 in FIG. 2A), and three kinds of seed keys 1, 2 consisting of random numbers. , 3 (121, 122, 123; FIG. 2A shows the storage device 102 holding these data).
- Three random number generators and three types of seed keys can be divided into one each if the output from one random number generator is divided into three and one type of seed key is divided into three. You can also.
- the output of the random number generators 1 (111) and 2 (112) is a random number that becomes a signal for generating a secret key, and is encrypted using the seed keys 2 (122) and 3 (123), respectively, and an error correction code Encoders 141 and 142 respectively encode.
- error correction coding an information symbol portion and a parity check symbol portion are separated, and the former is called a random number code and the latter is called a check symbol.
- the random number code is prepared for transmission in buffers 131 and 132.
- the random number generator 3 (113) converts the base into a random number, and a random number code is transmitted based on the random number base.
- a base shared between legitimate senders and receivers must be used.
- the seed key 1 (121) is used.
- the bases are completely randomized by the random number generator 3 (113), but the seed keys 1 (121) are used to make regular bases visible to regular receivers.
- FIG. 4 shows specific processing of the encrypted data generation unit 103 that realizes this.
- the case of the q-axis base in FIG. 1A is set to “0”
- the case of the p-axis base in FIG. 1B is set to “1”.
- the random number base determined by the output of the random number generator 3 (113) is 010011101000100 as shown in FIG.
- the base shared in advance between the sender and the receiver is 110100001101100.
- the comparison unit 130 compares and determines the shared basis and the random number basis. In the example of FIG. 4, the first base of the shared base is “1”, but the first random base determined by the random number generator 3 (113) is “0”, which is inconsistent.
- the buffer is stored in the base “0”.
- the standby random number code 2 is superimposed and a signal is transmitted. Signal superimposition is performed by the random number signal transmission unit 104 through the modulator 161 to the output light from the fluctuation light source 151.
- the second output of the random number base (random number generator 3 (113)) is “1”.
- the standby random number code 1 is superimposed on the buffer 131 and transmitted. To do. Since the next shared basis and random number basis are both “0”, the random number code 1 is continuously superimposed and transmitted. Thereafter, the same is repeated.
- the timing at which the random numbers 1 and 2 are superimposed is determined depending on the output of the random number base (random number generator 3 (113)), and therefore, as shown in FIG. And wait for random numbers 1 and 2. Since the random number code is binary and the base is also binary, the signal to be transmitted is apparently four values.
- the column of “Transmission signal” in FIG. 4 signal values at the time of allocation in the phase space as shown in the lower left diagram are described.
- the random numbers in the “Code 1” and “Code 2” columns represent the random number codes 1 and 2
- the “Parity 1” and “Parity 2” columns represent the parity check symbols of the random number codes 1 and 2, respectively.
- the parity for every 5 bits of the random number code is treated as a check symbol.
- the parity check symbols generated by the error correction encoders 141 and 142 are multiplexed with other signals sent through the normal transmission path by the signal multiplexing unit 183 in order to be transmitted through the normal optical transmission path 202.
- This multiplexing is a method performed in normal communication such as packetization or time multiplexing. Thereafter, the light is guided to the optical transmitter 182 and transmitted to the receiver 300 through the optical transmission path 202. Light is received by the photodetector 381, converted into an electrical signal, and sent to the demultiplexer 383.
- the demultiplexing unit 383 separates the multiplexed signal sequence into a state before multiplexing, and the check symbol is separated from other signals here.
- the random numbers 1 and 2 are transmitted through the optical transmission line 201 and received by the detector 311 in the receiver 300. With respect to the output signal from the detector 311, the demodulator 312 performs quaternary determination and binary determination simultaneously. This process is easy. Two quadrature components (q-axis component and p-axis component) are measured by two sets of homodyne detectors in the detector 311. A binary determination result for each base is obtained by performing binary determination (each component is positive or negative) on the output values I q and I p of each homodyne detector.
- phase ⁇ is determined by arctan (I p / I q ) from the output values I q and I p of the two sets of homodyne detection results, four-value determination (“0”, “1”, “2”, “3”: (See FIG. 4). Since the base is randomized, the signal state appears to be four values even for a legitimate receiver. Therefore, first, it is determined which base is used by determining four values. If the quaternary determination result is “0” or “2”, the base “0” is determined, and if the quaternary determination result is “1” or “3”, the base “1” and the random number base are determined.
- This determination result is collated with the shared base determined by the seed key 1 (321) (the same as the seed key 1 (121) in the transmitter) in the base collation unit 313, and if they match, the superimposed signal is used as the random number code 1 If there is no match, the random number code 2 is determined.
- An example of the above processing on the receiving side is shown on the right side of FIG. However, since the base is determined based on the quaternary determination, there are many base determination errors, that is, collation determination errors with the shared base.
- a parity check symbol transmitted through the optical transmission line 202 in the parity check unit 315 is used. If there is no error in collation between the random basis and the shared basis, the BER of the random number data is a small value that is estimated in advance. However, as shown in the following paragraph, if there is an error in the collation, probability 1 after the bit in which there was an error A bit error occurs at / 2. Therefore, if a parity check is performed, an area where a bit error has started can be specified. The position where the bit error starts, that is, the position of the base determination error is a position where the determination of whether the random number code 1 or the random number code 2 is wrong. Therefore, the parity check is performed by correcting the basis determination for each bit in the area specified that the bit error has started, and a bit string almost free of bit errors is searched.
- FIG. 1 A specific example of what happens when there is a bit error is also shown in FIG.
- error correction encoding with an elementary parity check function is performed in the error correction encoders 141 and 142.
- Random number data is divided every 5 bits. If the number of “1” is odd, “1” is used, and if it is even, “0” is used as a check symbol.
- the random number code 1 is shown in the “Code 1” column on the transmission side in FIG.
- the parity for 5 bits from the left is 1 and is shown in the “Parity 1” column. If there is no bit error at the time of reception, the calculated parity of the received random number code 1 matches the value of the check symbol.
- the bit with the underline added is a determination error.
- the bit of the random number code 2 is originally handled as the random number code 1, and the random number code 1 is increased by 1 bit.
- the receiver performs a parity check without noticing that one bit has been increased, the parity will not match with a probability of 1/2 after the bit in which the base decision error has occurred. Thereby, it is possible to roughly determine where the basis determination error has occurred.
- the determination of the random number base of the bit that seems to be a base determination error is changed, and the processing of the receiver is repeated again to search for a bit string whose parity is almost normal.
- the underlined bit is an error, and this bit is moved from the random number code 1 to the random number code 2 to complete the classification of the random number codes 1 and 2. At this time, the base of this bit is determined at the same time.
- the bit initially determined to be the random number code 2 is moved to the random number code 1, and the base determination error is corrected and fixed through this process.
- the process in the receiver of this system is temporarily determined in four values, but is reduced to the determination of binary signals in the process of correcting the base error.
- Binary determination of a binary signal has a smaller BER than binary determination of a quaternary signal. This is a factor in which the legitimate receiver becomes informationally advantageous to the illegal receiver, and is brought about by the seed key 1 (121 and 321) shared in advance between the sender and the receiver. That is, an authorized recipient who knows the seed key may make a binary decision on the binary signal, but an unauthorized recipient must make a binary decision on the quaternary signal.
- the error correction code is decoded and the seed keys 2 (322) and 3 (323) are decoded.
- the outputs of the random number generator 1 (111) and the random number generator 2 (112) in the transmitter can be reproduced in the receiver.
- the difference in information amount determined by the BER between the case of 1-base binary determination (regular receiver) and the case of 2-base binary determination (illegal receiver) And the information amount of the random number signal shared between the sender and the receiver is reduced to the corrected information amount.
- the privacy amplifier algorithm is common to the transmitter and the receiver, and is executed in the privacy amplifier implementers 171, 172, 371, and 372 in the secret key generation units 105 and 304.
- the privacy amplifier can be realized through logical operations, for example. It is assumed that 20% of the random numbers shared between the sender and the receiver is a safe information amount and the shared random number is ‘01001 01110’. If an exclusive OR is performed every 5 bits, it becomes “01”. In this process, all data are handled equally and the amount of information is reduced to 20%. This is an example of a privacy amplifier. Since the privacy amplifier algorithm is common to the transmitter and the receiver, the sender and the authorized receiver obtain a common secret key.
- privacy amplifier implementers 171 and 172 are used for the outputs of the random number generators 1 (111) and 2 (112), respectively. If the output of the random number generator 2 (112) is combined before the privacy amplifier is implemented, a single privacy amplifier implementer can be used.
- An arrangement in which two privacy amplifier implementers are used in the transmitter corresponds to parallel processing of random numbers. When one privacy amplifier implementer is used, serial processing is performed. Similarly, two privacy amplifier implements 371 and 372 can be used in the receiver.
- the actual data body to be actually sent is encrypted by the encryptor 181 using the privately amplified secret key, multiplexed with other signals by the signal multiplexer 183, and the optical transmitter 182 comprising a light source and a modulator. Is superimposed on the carrier light and transmitted to the receiver 300 through the optical transmission path 202.
- the receiver 300 receives the transmitted signal light by the photodetector 381 and converts it into an electrical signal.
- the electrical signal is returned to the state of the signal before multiplexing by the demultiplexing unit 383 and is encrypted.
- the signal of the data body is separated, and the encrypted signal of the actual data body is cleared using the secret key in the encryption / decryption device 382. This completes a series of secure cryptographic communication processes.
- the communication performed on the optical transmission line 202 does not need to use carrier light with fluctuation, and may be normal optical communication.
- the optical transmission lines 202 and 201 may be physically different, or wavelength multiplexing may be performed using the same optical transmission line.
- the present invention secures a safe amount of information by the following two features.
- the first point is that the seed key is used only in the transceiver. Since transmission and reception are determined not only by signals but also by a random number, even if an eavesdropper can eavesdrop on all information, information on the seed key cannot be obtained at the key distribution stage.
- the second point is that a reception base is determined through a parity check. This allows the legitimate recipient to create a more favorable situation regarding the BER than the unauthorized recipient. By establishing the basis, the stochastic nature of phase fluctuations works favorably for legitimate receivers. This probabilistic property and privacy amplifier enables new secret key generation. If the privacy amplifier is sufficient, the information amount of the eavesdropper asymptotically approaches zero.
- the sender / receiver performs encrypted communication using the general transmission path (202) using the obtained secret key, but for the first time at this stage, information related to the seed key is exposed to the unauthorized receiver.
- information related to the seed key is exposed to the unauthorized receiver.
- an unauthorized receiver performs a selected plaintext attack and learns a secret key. It is assumed that all information at the time of key distribution (communication on the transmission path 201) that is the source of the secret key can be obtained. Even in such a case, if the privacy amplifier is sufficient, the unauthorized receiver cannot find the correlation between the secret key and the random number code, and the seed key information cannot be obtained. Therefore, the seed key can be used repeatedly.
- a secret key is generated in an information-theoretic process with a condition that a seed key is used.
- the safe amount of information can be formulated as follows: In the transmission / reception of the random number code, an apparent four-value signal is processed in order to use the random number base. However, although apparently is 4 value, actually a binary signal, if a transmission path capacity of the case and C f, the mutual information I between sender and unauthorized recipients (X; Z) is the formula (1)
- the safe amount of information is generally given by C s ⁇ max [I (X; Y
- the basis correction by the parity check is performed using a parity check symbol included in the error correction code itself. No special information is used for base correction, and ⁇ C can be zero. Therefore, the safe amount of information is given by equation (5)
- the secure information amount C s of Equation (5) is generated using the seed key K. Therefore, if the seed key K is a protocol that directly determines the basis, the seed key K can be used only once. However, in this protocol, the base is determined by a random number, and the seed key K is used only in the transceiver. Seed keys are only used to make mutual information conditional, and are not the origin of secure information. It is the fluctuation of the signal light that generates the safe amount of information of Equation (5). This is why the seed key can be used repeatedly.
- the bit error rates p b and p f can be specifically estimated by assuming a distribution function P ( ⁇ ) of phase fluctuation. As shown in FIG.
- the signal is “0” on the q-axis basis.
- the area of the crescent moon shown in gray in FIG. 5 is the range of fluctuation of the signal light. “0” and “1” represent allocation of signal values in the phase space. If the fluctuation is sufficiently larger than the quantum fluctuation, the measurement can be treated classically.
- the BER p b for the binary signal is expressed by the equation (6).
- FIG. 7 is a plot of BER (p b and p f ) converted into information entropy (ambiguity) h (p b ) and h (p f ).
- C s h (p f )-h (p b ) gives a safe amount of information. That is, FIG. 7 is a diagram illustrating an example of a plot indicating the degree of ambiguity between a regular recipient and an unauthorized recipient and the amount of safe information obtained from the difference between them. From FIG. 7, it can be seen that the safe amount of information is determined approximately by h (p f ).
- An error correction code is indispensable to make a safe amount of information practically usable. However, if an error can be corrected even for an unauthorized recipient, a safe amount of information cannot be used effectively. Therefore, if the error-correctable BER threshold of the adopted error correction code is p t , it is necessary to satisfy the relationship p b ⁇ p t ⁇ p f . The safe amount of information when this condition is satisfied is h (p f ) ⁇ h (p t ).
- the legitimate sender and receiver use the seed key, but the origin of the newly generated secret key is fluctuation of the carrier light or the like. That is, the newly generated secret key is generated in terms of information theory under the condition of using the seed key. Therefore, it exceeds the computational security, and it is expected that there is no effective attack method other than an exhaustive search attack on the seed key. If there is no more effective attack method than an exhaustive search attack on the seed key in cryptography, it is considered sufficiently secure. Therefore, a sufficiently safe communication system can be realized. Furthermore, since the fluctuations used in this embodiment are classical, they are resistant to loss and amplification, and are not subject to transmission distance limitations as in the case of transmitting quantum states.
- the present embodiment it is possible to perform safe communication over a long distance using an existing communication network such as an optical fiber. Further, in this embodiment, there is no signal loss on the communication path that can occur in normal quantum cryptography, and 1 ⁇ 2 of the received random number sequence is not discarded, leading to an improvement in bit rate.
- the error correction coding (141 and 142)
- the information symbol portion and the parity check symbol portion are separated, and the former random number code is transmitted by the optical transmission line 201 and the latter is transmitted by the optical transmission line 202.
- the bit error rate is low, and there is an advantage that the check symbol can be delivered reliably.
- a signal transmitted through the optical transmission line 201 is guaranteed to be completely random.
- some information symbols and check symbols cannot be separated. In this case, it is effective to send both the information symbol and the inspection symbol through the optical transmission line 201.
- FIG. 8 is a block diagram showing an embodiment in that case, that is, Example 2.
- FIG. 8 Compared with the first embodiment of FIG. 3, in FIG. 8, since the check symbol is transmitted through the optical transmission line 201, the multiplexer 183 and the demultiplexer 383 required in FIG. 3 are omitted. Specific signal processing is shown in FIG.
- the parity check symbols are included in the columns “Code 1” and “Code 2”.
- the italicized bit represents the parity of the random number of the previous 5 bits.
- the random codes 1 and 2 can be reproduced in the same manner as in the first embodiment. If there is a base determination error, additional bits are added to or removed from the bit strings of the random numbers 1 and 2.
- the underlined bits in FIG. 9 are examples when there is a base determination error.
- the regular receiver can specify the region including the position where the base determination error is present.
- the base determination is corrected in order for the bits in the area estimated to have a base determination error, and a parity check is repeated to recover a correct bit string.
- the difference from the case of the first embodiment is that the position of the inspection symbol changes when there is a base determination error. Therefore, each time the basis determination is corrected, the value of the inspection symbol changes.
- the present invention can be realized by sending both of the error correction code that cannot separate the information symbol and the check symbol through the optical transmission line 201.
- Other effects are the same as those of the first embodiment.
- FIGS. 10 and 12 show configuration examples of the cryptographic communication system for realizing the method.
- FIG. 10 shows a first method of the third embodiment obtained by improving the first embodiment (FIG. 3)
- FIG. 12 shows a second method of the third embodiment obtained by improving the second embodiment (FIG. 8).
- the present embodiment is similar to the scheme of the first and second embodiments in that the shared basis and the random number basis are collated to determine which of the random number codes 1 and 2 is transmitted. is there. However, when the shared basis and the random number basis do not match, the point of determining whether to transmit the random number code 1 or 2 by collating the rejected shared basis with the random number basis again with the next bit is implemented. Different from Examples 1 and 2.
- the shared basis is repeated until it matches the random number basis. In other words, it is operated so that the base sequence on which the random number code 1 is superposed coincides with the shared base.
- FIG. 11 shows an example in which the above mechanism is processed by the configuration example (first method) of FIG.
- the random number base determined by the output of the random number generator 3 (113) is 010011101000100, which is the same as in the first and second embodiments.
- the shared base shared in advance between the sender and receiver by the seed key 1 (121, 321) made up of random numbers is 1011000000, which is different from the examples of the first and second embodiments.
- the transmitter side first prepares for transmission of random number codes 1 and 2.
- the first base of the shared base is “1”, but the first of the random base determined by the random number generator 3 (113) is “0” and does not match, so in this case the base is “0”.
- a signal is transmitted by superimposing the random number code 2 (the encoded output of 112).
- the shared basis “1” that was not matched is checked again with the next random number basis.
- the second output of the random number base (random number generator 3 (113)) is “1”. In this case, since it coincides with the first base “1” of the shared base, the random number code 1 is superimposed and transmitted.
- the random number signals 1 and 2 are subjected to error correction coding in the same manner as in the first embodiment, and are separated into random code for information symbols and parity check symbols for redundancy by error correction encoders 141 and 142.
- error correction encoders 141 and 142 For simplification, the parity for every 5 bits is a check symbol as in the first embodiment.
- the processing on the receiver 300 side is also modified from the processing in the first embodiment based on the modification of the processing on the transmitter 100 side.
- quaternary determination is performed to determine which base is used in the same manner as in the first embodiment. This is compared with the shared base, and if it matches, the signal of that bit is adopted as the random number code 1, and if it does not match, it is determined as the random number code 2.
- the shared basis that did not match is checked again with the random number basis determined from the received signal next, and if it matches, the signal of that bit is treated as the random number code 1 and proceeds to the next shared basis. If there is a base determination error, the parity after that position becomes an error with a probability of 1/2, and an area including the position where the determination error is present is specified.
- the basis correction process is the same as in the first embodiment. Examples of cases where there is no basis determination error and cases where there is no basis determination are shown on the right side of FIG.
- the base collation of the second bit from the left results in a determination error (indicated by an underline on the receiving side), and the signal that should originally be the random number code 1 is determined as the random number code 2. For this reason, the number of bits for the random number code 1 is reduced, which is completely different from the original bit string.
- FIG. 11 it can be seen that the bit positions of the random numbers 1 and 2 change so as not to retain the original pattern when there is a base determination error.
- the subsequent parity check is erroneous with a probability of 1/2, and an area including a bit having a base determination error is known. If the determination error area can be identified, the correction of the base of each bit in the area and the parity check are repeated in order, and the random codes 1 and 2 are restored until the bit error is almost eliminated and the error correction code can be decoded. To do.
- FIG. 12 and FIG. 13 show details of the second method of the third embodiment.
- parity check symbols are included in random number codes 1 and 2.
- the italic font represents the inspection symbol.
- the underlined bit on the receiving side is the base determination error location.
- the random number code strings 1 and 2 are greatly different from the original bit string.
- the parity bit accidentally shows a correct value, but this is erroneous with a probability of 1/2.
- the present invention can be realized even for an error correction code in which an information symbol and a check symbol cannot be separated. Other effects of the invention are the same as those of the first method.
- Example 3 a phase modulation method using two types of bases for a binary signal has been shown.
- the method of the present invention can operate an n-value signal with m types of bases with n and m being positive integers (denoted as an n-value m-base).
- FIG. 14 shows a signal state on the phase space in the case of a binary 4-basis phase modulation scheme.
- FIG. 14A shows a binary signal based on the q-axis
- FIG. 14B shows a binary signal based on 45 ° rotated from the q-axis.
- FIG. 14 (c) shows a p-axis base binary signal
- FIG. 14 (d) shows a base binary signal rotated ⁇ 45 ° from the q-axis.
- the random number signal is binary and the base is quaternary, the signal to be transmitted is apparently 8 values.
- the combination of random number data is 32 patterns of 4 ⁇ 4 ⁇ 2.
- the four types of bases (a) to (d) are expressed in 2-bit units, and code 1 and code 2 constituting the binary random number signal are expressed in 1-bit units.
- 15 shows a signal state on the phase space in the case of the quaternary two-basis phase modulation method.
- 15A shows a quaternary signal based on the q-axis and the p-axis
- FIG. 15B shows a quaternary signal rotated by 45 ° from the case of FIG. 15A.
- the combination of random number data is 16 patterns of 2 ⁇ 2 ⁇ 4.
- the two bases (a) and (b) are expressed in units of 1 bit, and the codes 1 and 2 constituting the quaternary random number signal are expressed in units of 2 bits.
- FIG. 16 is a block diagram illustrating a configuration example of a fluctuation light source for generating fluctuation light.
- Output light from the laser light source 1510 is amplified by the optical amplifier 1521 in the fluctuation generator 1520, passes through the band filter 1522, and propagates through the optical fiber 1523. At this time, phase fluctuation is applied through the Kerr effect of the optical fiber.
- the laser output light can be described relatively well in the coherent state, and the shape of the fluctuation in the phase space is circular, but it becomes elliptical through the Kerr effect of the optical fiber, and further progresses into a crescent shape.
- Such light with an elliptical or crescent shape is called anti-squeezed light (T. Tomaru, and M. Ban, “Secure optical communication using antisqueezing,” Phys. Rev. A 74, 032312 (2006 ), And T. Tomaru, “LD light antisqueezing through fiber propagation in reflection-type interferometer,” Opt. Exp. 15, 11241 (2007)).
- the Kerr effect increases in proportion to the light intensity, it is effective to increase the peak intensity using pulsed light. In this case, it is effective to suppress the pulse spread accompanying the fiber propagation, and it is preferable to select the pulse width, the light intensity, and the fiber dispersion value so as to satisfy the soliton condition (see Patent Document 2). Further, if the light intensity is increased further than the above-mentioned soliton condition, the higher-order soliton condition can be satisfied (see Patent Document 2), and the pulse width reduction effect works and the Kerr effect can be enhanced. Further, at that time, the spectrum width is expanded, and the spectrum expansion exhibits an effect similar to the phase fluctuation in phase detection, so that the effect of the fluctuation is further enhanced.
- the Raman effect is also effective in expanding phase fluctuations.
- FIG. 17 is a block diagram showing another configuration example of the fluctuation light source 151 for generating fluctuation light. That is, FIG. 17 shows an embodiment in which the fiber propagation part is reciprocated using the optical circulator 1524 and the Faraday mirror 1525. This embodiment has an advantage that the fiber length can be halved. In addition, the polarization rotates exactly 90 degrees when the optical fiber 1523 is reciprocated once regardless of the polarization state during fiber propagation, which is effective when it is desired to stabilize the polarization at the time of fluctuation generator output. It is also effective to increase the effect of phase fluctuation by incorporating a fiber interferometer in fluctuation generator 1520 and increasing the ratio of phase fluctuation to amplitude (T. Tomaru, “LD light antisqueezing through fiber propagation in reflection-type interferometer, ”Opt. Exp. 15, 11241 (2007)).
- the above has been one that causes phase fluctuations due to the Kerr effect or Raman effect of optical fibers. It is also possible to output light accompanied by phase fluctuation directly from a laser diode (LD). If the LD is operated near the oscillation threshold, the phase fluctuation is large. It is one method to use this property as it is.
- LD laser diode
- FIG. 18 shows an example of such a fluctuation light source 151. That is, FIG. 18 is a block diagram showing an example of the configuration of a fluctuation light source 151 that superimposes fluctuation on the laser 1510 and equivalently realizes a fluctuation light source.
- the fluctuation generation source 1530 for example, it is conceivable to use thermal fluctuation.
- the output of the random number generator can be multivalued to make it equivalent to fluctuation.
- the superimposition of fluctuation can also be performed in the modulator 161.
- the modulator 161 is installed for signal superimposition. If the fluctuation is superimposed simultaneously with the signal superimposition, the modulator 161 works equivalent to the case where the light source fluctuates (FIG. 19). That is, FIG. 19 is a block diagram illustrating an example of a configuration in which fluctuation is superimposed on the modulator 161 to equivalently realize a fluctuation light source.
- the fluctuation generation source 1630 of the fluctuation light source it is conceivable to use thermal fluctuation, to make the output of the random number generator multivalued, and to make it equivalent to fluctuation.
- FIG. 20 shows the state of the intensity distribution function when operating on a binary base.
- the signal intensity of “0” and “1” varies depending on the base.
- FIG. 20A and FIG. 20B are binary signals when the bases are different from each other. Due to the difference in base, "0" is different from "1" threshold of FIG. 20 (a) in a th, and FIG. 20 (b) in b th. Since the illegal recipient does not know the basis, in this case, the signal state has a total of four values as shown in FIG. Bit errors increase due to overlap in probability distributions.
- the regular receiver who knows the base temporarily determines four values in the determination process as in the first to third embodiments, but in principle, binary determination can be made based on the information on the threshold values a th and b th , and FIG. ), Binary determination can be performed in a state where there is almost no overlapping of probability distributions.
- Binary decision and quaternary decision are the same for the phase modulation method and the intensity modulation method. Therefore, the signal processing for the phase modulation method shown in the first to fourth embodiments can be similarly performed for the intensity modulation method of the sixth embodiment.
- the embodiments of the present invention have been described above using the phase modulation method as a main example. However, as mentioned in the sixth embodiment, the present invention is established without distinction between the phase modulation method and the intensity modulation method. Although the embodiment has been described mainly using the binary binary basis as an example, as described with reference to FIGS. 14 and 15, the present invention can be applied to a case of a multi-value multi-base.
- a new secure secret key can be generated using the fluctuation of the seed key and the carrier light.
- the present invention uses a seed key, the secret key generation process is performed in information theory, and the origin of the safe information amount is the fluctuation of carrier light.
- the level of security exceeds computational security, freeing you from the threat that efficient ciphertext decryption may be discovered.
- the system according to the present invention can use the current optical communication network as it is, and is a realistic and highly applicable system. Also, half of the transmission signal normally performed in quantum cryptography is not discarded. For these three reasons, the present invention has high industrial applicability.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Optical Communication System (AREA)
Abstract
Description
前記送信機は、
該送信機と前記受信機間で共有される共有基底、及び該送信機のみで保有あるいは生成される乱数基底の情報を保有しており、乱数発生器で生成された第1の乱数および第2の乱数と前記共有基底及び前記乱数基底の4つの情報から暗号データを生成する機能と、揺らぎを伴った電磁波源からの出力に、前記乱数基底で前記乱数データを重畳して乱数信号を生成し、前記通信ネットワークの第1の伝送路を介して前記受信機に前記乱数信号を送信する機能と、前記第1の乱数及び前記第2の乱数から秘密鍵を生成し、該秘密鍵を用いて送信すべき実データ本体を暗号化し、前記通信ネットワークの第2の伝送路を介して前記暗号化された実データ本体を前記受信機に送信する機能とを備えており、
前記乱数データは、
前記乱数基底と前記共有基底が一致した場合には前記第1の乱数を信号とし、前記乱数基底と前記共有基底が一致しない場合には前記第2の乱数を信号とするものであり、
前記受信機は、
前記共有基底の情報を記憶しており、前記第1の伝送路を介して受信した前記乱数信号から前記乱数基底及び乱数値を判定し、該乱数基底と前記共有基底とを照合し、一致した場合の乱数信号を前記第1の乱数、一致しなかった場合の乱数信号を前記第2の乱数と判定する機能と、該判定された第1及び第2の乱数から秘密鍵を取り出す機能と、前記第2の伝送路を介して受信した前記実データ本体を、前記秘密鍵を用いて暗号化前の前記実データ本体に復号する機能とを備えていることを特徴とする。
(4)照合が一致すれば乱数信号を符号1として扱い、一致しなければ符号2として扱う。
(5)送受信者間で共有した符号1及び符号2の情報量を、例えば非特許文献5に記載のプライバシアンプにより縮小して秘密鍵とし、その秘密鍵を用いて実際に送信するべき実データを一般の伝送路を用いて暗号通信する。
図2Aに示すように、本発明の暗号通信システムは、送信機100と、受信機300と、これらの送信機と受信機をつなぐ第1及び第2の伝送路201、202とを備えている。以下の例では送信機及び受信機が各1個の場合について説明するが、通信ネットワークを介して接続された複数の送信機と受信機間での通信においても本発明を適用できることは言うまでもない。
乱数符号再生ユニット302はまず乱数信号を復調器312で復調し、乱数基底(0又は1)を判定する。次に、その乱数基底(デジタル値)と記憶装置303にある共有基底を照合し、両者が一致した場合にそのビットの乱数信号を符号1とし、一致しなかった場合に符号2と判定する。
秘密鍵生成ユニット105では、符号1と符号2を基に、実データ本体を暗号通信するための秘密鍵が生成される。
信号検出器311において受信される4値の乱数信号の測定値は、図2Cの最上段に示したような三日月形の揺らぎ分布の範囲内の一点になる。復調器ではその測定値から“0”、“1”、“2”、“3”の4値に判定する。この4値の判定結果からはまず乱数基底の判定がなされる。4値信号が“0”あるいは“2”の場合はq軸基底(基底“0”)であり、パターン(1)~(4)がこれに相当する。4値信号が“1”あるいは“3”の場合はp軸基底(基底“1”)であり、パターン(5)~(8)がこれに相当する。
判定された乱数基底は記憶装置303に保持する共有基底の情報と照合され、その照合結果に基づいてビット毎に乱数信号が符号1に所属するのか符号2に所属するのかが判定される。 例えば、パターン(1)では乱数基底と共有基底が共にq軸基底(基底“0”)であり、符号1と判定される。4値判定結果からはさらに乱数符号値も判定でき、パターン(1)では4値判定結果“0”に基づきq軸基底の符号“0”と判定される。
以上の判定法に基づきパターン(2)~(8)を解釈することができる。パターン(2)では乱数基底と共有基底が異なるので符号2と判定され、4値判定結果の“0”に基づき、q軸基底の符号値“0”になる。パターン(3)では乱数基底と共有基底が同じなので符号1と判定され、4値判定結果の“2”に基づき、q軸基底の符号値“1”になる。パターン(4)では乱数基底と共有基底が異なるので符号2と判定され、4値判定結果の “2”に基づき、q軸基底の符号値“1”になる。
パターン(5)~(8)は、パターン(1)~(4)において4値信号を“0”から“1”に“2”から“3”に変更したものである。この変更に基づき、乱数基底がq軸基底からp軸基底になる。同様な判定を行えば、パターン(5)は符号2の“0”、パターン(6)は符号1の“0”、パターン(7)は符号2の“1”、パターン(8)は符号1の “1”になる。
ビット誤り率pbとpfは、位相揺らぎの分布関数P(θ)を仮定することにより具体的に見積もることができる。図5に示すように信号をq軸基底の“0”であるとする。図5の灰色で示した三日月の領域が信号光の揺らぎの範囲である。“0”及び“1”は位相空間上の信号値の割り振りを表す。揺らぎの大きさが量子揺らぎに比べて十分に大きい場合は測定を古典的に扱うことができ、q軸基底の信号“0”に対して、2値信号に対するBER pbは式(6)
実施例1においては、誤り訂正符号化(141及び142)において情報記号の部分とパリティ検査記号の部分を分離し、前者の乱数符号は光伝送路201により、後者は光伝送路202により伝送した。光伝送路202による通信は通常のものなのでビット誤り率が低く、検査記号が確実に届く長所があった。また、光伝送路201で伝送られる信号が完全に乱数になることが保証される長所もあった。しかし、誤り訂正符号の種類によっては情報記号と検査記号を分離できないものもある。この場合は、情報記号と検査記号の両者を光伝送路201で送るのが有効である。
実施例1及び2では、乱数基底と共有基底を1ビットごとに対にして比較し、乱数符号1を送信するか乱数符号2を送信するか決定した。乱数基底の中から共有基底を選ぶ方法は実施例1及び2以外の方法も可能であり、それを実現する暗号通信システムの構成例が図10及び図12である。図10は実施例1(図3)を改良した実施例3の第一の方式であり、図12は実施例2(図8)を改良した実施例3の第二の方式である。
レーザー光源1510からの出力光は、揺らぎ生成器1520内の光アンプ1521により増幅され、帯域フィルタ1522を通過して光ファイバ1523を伝播する。この際、光ファイバのカー効果を通して位相揺らぎが加わる。レーザー出力光はコヒーレント状態で比較的よく記述でき、位相空間上の揺らぎの形が円形であるが、光ファイバのカー効果を通して楕円形、またさらに進んで三日月形になる。このように揺らぎの形が楕円形や三日月形になった光をアンチスクイズド光と呼ぶ(T. Tomaru, and M. Ban, “Secure optical communication using antisqueezing,” Phys. Rev. A 74, 032312 (2006), 及び、T. Tomaru, “LD light antisqueezing through fiber propagation in reflection-type interferometer,” Opt. Exp. 15, 11241 (2007) 参照)。
不正受信者は基底を知らないので、この場合、図20(d)に示すように信号状態は合計4値になり、4値判定が必要になる。確率分布に重なりがあるためにビット誤りが多くなる。基底を知る正規受信者は、実施例1~3のように判定過程において一旦4値判定するが、閾値ath、bthの情報に基づき原理的に2値判定可能になり、図20(c)に示すように、確率分布の重なりがほとんど無い状態で2値判定できる。
101 乱数発生器
102 記憶装置
103 乱数データ生成ユニット
104 乱数信号送信ユニット
105 秘密鍵生成ユニット
106 暗号器
111~113 乱数発生器
121~123 種鍵
130 比較部
131,132 バッファ
141,142 誤り訂正符号器
151 揺らぎ光源
161 変調器
171、172 プライバシアンプ実施器
181 暗号器
182 光送信部
183 多重化部
201 第1の光伝送路
202 第2の光伝送路
300 受信機
302 乱数符号再生ユニット
303 記憶装置
304 秘密鍵生成ユニット
305 暗号復号化器
311 光検出器
312 復調器
313 基底照合部
314 2値判定処理部
315 パリティ検査部
316 パリティの一致度のチェック部
321~323 種鍵
341,342 誤り訂正復号器
371,372 プライバシアンプ実施器
381 光検出器
382 暗号復号器
383 逆多重化部
1510 レーザー
1520 揺らぎ生成器
1521 光アンプ
1522 帯域透過フィルタ
1523 光ファイバ
1524 サーキュレータ
1525 ファラデーミラー
1530 揺らぎ発生源
1630 揺らぎ発生源。
Claims (20)
- 通信ネットワークを介して接続された送信機と受信機とを備え、
前記送信機は、
該送信機と前記受信機間で共有される共有基底、及び該送信機のみで保有または生成する乱数基底の情報を保有しており、
乱数発生器で生成された第1の乱数および第2の乱数と、前記共有基底及び前記乱数基底の情報から乱数データを生成する機能と、
電磁波源からの出力に前記乱数基底で前記乱数データを重畳して乱数信号を生成し、前記通信ネットワークの第1の伝送路を介して前記受信機に送信する機能と、
前記第1の乱数及び前記第2の乱数から秘密鍵を生成し、該秘密鍵を用いて送信すべき実データ本体を暗号化し、前記通信ネットワークの第2の伝送路を介して前記受信機に送信する機能とを備えており、
前記乱数データは、
前記乱数基底と前記共有基底が一致した場合には前記第1の乱数を信号とし、前記乱数基底と前記共有基底が一致しない場合には前記第2の乱数を信号とするものであり、
前記受信機は、
前記共有基底の情報を記憶しており、
前記送信機から伝送されてきて受信した前記乱数信号の前記乱数基底及び乱数値を判定し、該乱数基底と前記共有基底とを照合し、一致した場合の乱数信号を前記第1の乱数、一致しなかった場合の乱数信号を前記第2の乱数と判定する機能と、
該判定結果に基づいて前記第1及び第2の乱数を分別し、該分別された前記第1及び第2の乱数から前記秘密鍵を取り出す機能と、
前記第2の伝送路を介して受信した前記実データ本体を、前記秘密鍵を用いて暗号化前の前記実データ本体に復号する機能とを備えている
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記送信機は、
前記共有基底及び前記乱数基底の情報を記憶した記憶装置と、乱数データ生成ユニットと、乱数信号送信ユニットと、秘密鍵生成ユニット、及び暗号器を有して成り、
乱数信号送信ユニットは揺らぎを伴う電磁波源と変調器とを有し、該揺らぎを伴う電磁波源の出力に前記乱数データに応じた変調を与えて前記乱数信号を生成し、前記受信機に送信するユニットであり、
秘密鍵生成ユニットは、前記第1の乱数及び前記第2の乱数から前記秘密鍵を生成するユニットであり、
暗号器は、前記秘密鍵を用いて送信すべき実データ本体を暗号化し、前記通信ネットワークの第2の伝送路に出力するものであり、
前記受信機は、
前記共有基底の情報を記憶した記憶装置と、
前記第1の伝送路の信号波を受信する検出器と、
前記受信した乱数信号の乱数基底及び乱数値を判定し、前記共有基底と比較して前記第1の乱数及び前記第2の乱数の判定・分離を行う乱数符号再生ユニットと、
前記秘密鍵を取り出す秘密鍵生成ユニットと、
前記暗号化された実データ本体を、前記秘密鍵を用いて、暗号化前の前記実データ本体に復号する暗号復号化器とを備えている
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記電磁波源は光源であり、
前記第1及び第2の伝送路は光伝送路である
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記電磁波源は高周波発生器であり、
前記第1及び第2の伝送路は電気信号線あるいは空気中である
ことを特徴とする暗号通信システム。 - 請求項2記載の暗号通信システムにおいて、
送信機内の前記秘密鍵生成ユニットは、プライバシアンプ用手段で構成されており、
前記乱数発生器の出力である前記第1及び前記第2の乱数のビット数を減らして前記秘密鍵を生成する
ことを特徴とする暗号通信システム。 - 請求項2記載の暗号通信システムにおいて、
受信機内の前記秘密鍵生成ユニットは、プライバシアンプ用手段で構成されており、
前記第1及び第2の乱数のビット数を減らして前記秘密鍵として取り出す
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
誤り訂正符号化手段を有し、
前記第1の乱数及び第2の乱数を誤り訂正符号化し、情報記号の部分とパリティ検査記号の部分を分離し、情報記号である乱数符号は前記第1の伝送路を介して前記受信機に送信され、前記パリティ検査記号の部分は前記第2の伝送路を介して前記受信機に送信される
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記第1の乱数及び第2の乱数を誤り訂正符号化し、情報記号の部分とパリティ検査記号の部分の両者を、前記第1の伝送路を介して前記受信機に送信する
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記乱数基底と前記共有基底を1ビットごとに対にして比較し、一致、不一致により、前記第1の乱数を送信するか前記第2の乱数を送信するかを決定する
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記乱数基底と前記共有基底を1ビットごとに対にして比較し、一致した場合は前記第1の乱数を送信し、一致しなかった場合は前記第2の乱数を送信し、
さらに前記共有基底と前記乱数基底が不一致の場合は、該共有基底が前記乱数基底と一致するまで同じ共有基底で照合を繰り返す
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記送信機からの出力信号は位相揺らぎあるいは強度揺らぎを伴い、
前記電磁波源の出力に揺らぎが伴っているか、あるいは前記電磁波源又は前記変調器を通して揺らぎが重畳されている
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記送信機と前記受信機は予め第1及び第2の種鍵を共有し、
前記送信機は、第1の誤り訂正符号器及び第2の誤り訂正符号器を有し、
前記受信機は、第1の誤り訂正復号器及び第2の誤り訂正復号器を有し、
前記送信機では、前記第1の乱数を前記第1の種鍵により暗号化したのちに前記第1の誤り訂正符号器によって誤り訂正符号化し、前記第2の乱数を前記第2の種鍵により暗号化したのちに前記第2の誤り訂正符号器によって誤り訂正符号化し、
前記受信機では、前記第1の誤り訂正復号器で復号された信号を第1の種鍵を用いて前記第1の乱数を復号し、前記第2の誤り訂正復号器で復号された信号を前記第2の種鍵を用いて前記第2の乱数を復号する
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記第1及び第2の乱数は2値とし、前記乱数基底は2基底とし、正味4値の状態で信号が伝送される
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記第1及び第2の乱数はn値とし、前記乱数基底はm基底とし、正味n×m値の状態で信号が伝送される
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記送信機内で前記乱数基底と前記共有基底の照合を1ビットずつ行い、照合が一致した場合には前記第1の乱数を信号とし、照合が一致しなかった場合には前記第2の乱数を信号とし、さらに照合が一致しなかった場合はそのビットの共有基底を次のビットの乱数基底と照合し、一致すれば前記第1の乱数を信号とし、照合が一致しなかった場合には前記第2の乱数を信号とし、前記共有基底の各ビットは乱数基底と一致するまで照合を繰り返し、
前記受信機内でも、前記乱数基底と前記共有基底の照合を行い、照合が一致した場合にはそのビットの信号を第1の乱数とし、照合が一致しなかった場合にはそのビットの信号を第2の乱数とし、さらに照合が一致しなかった場合はそのビットの共有基底を次のビットの乱数基底と照合し、一致すればそのビットの信号を第1の乱数とし、照合が一致しなかった場合にはそのビットの信号を第2の乱数とし、前記共有基底の各ビットは乱数基底と一致するまで照合を繰り返す
ことを特徴とする暗号通信システム。 - 請求項1記載の暗号通信システムにおいて、
前記送信機は、第1の乱数発生器、第1の誤り訂正符号器、第2の乱数発生器、第2の誤り訂正符号器、第3の乱数発生器、第1の光源、第1の変調器、第1のプライバシアンプ用手段、第2のプライバシアンプ用手段、暗号器、並びに第2の光源及び第2の変調器を有する光送信部を具備し、
前記受信機は、第1の光検出器、第1の誤り訂正復号器、第2の誤り訂正符号器、第1のプライバシアンプ用手段、第2のプライバシアンプ用手段、第2の光検出器、及び暗号復号器を具備し、
前記送信機と前記受信機は予め乱数からなる種鍵を共有し、前記種鍵は前記送信機と前記受信機に共有基底を与え、
前記送信機は、前記第1の乱数発生器の出力を第1の乱数信号として前記第1の誤り訂正符号器によって誤り訂正符合化し、前記第1の乱数信号の情報分と冗長分を分離し、前者を第1の乱数符号、後者を第1の検査記号とし、
前記第2の乱数発生器の出力を第2の乱数信号として前記第2の誤り訂正符号器によって誤り訂正符合化し、前記第2の乱数信号の情報分と冗長分を分離し、前者を第2の乱数符号、後者を第2の検査記号とし、
前記第3の乱数発生器の出力を前記第1及び第2の乱数符号送信のための乱数基底とし、前記乱数基底と前記共有基底が一致した場合には前記第1の乱数符号を信号とし、前記乱数基底と前記共有基底が一致しない場合には前記第2の乱数符号を信号とし、
前記第1の光源からの出力光に前記第1の変調器により、前記乱数基底で前記信号を重畳して第1の信号光とし、かつ、前記第1の光源からの出力光は揺らぎを伴うか、あるいは前記第1の光源又は前記第1の変調器において揺らぎが重畳されており、該第1の信号光を前記第1の光伝送路に出力し、
前記第1のプライバシアンプ用手段は、前記第1の乱数発生器の出力である乱数信号のビット数を減らし、前記第2のプライバシアンプ用手段は前記第2の乱数発生器の出力である乱数信号のビット数を減らし、
前記第1及び第2のプライバシアンプ用手段の出力を秘密鍵として、前記暗号器は実データを暗号化し、
前記暗号化した実データと前記第1及び第2の検査記号が多重化され、前記多重化された実データによって変調した第2の信号光が前記光送信部から前記第2の光伝送路に出力され、
前記受信機は、前記第2の光検出器で前記第2の信号光を受信し、該受信信号から前記暗号化した実データと前記第1及び第2の検査記号を分離し、
前記受信機は前記第1の光検出器で前記第1の信号光を受信し、
乱数基底及び信号の値を判定し、該受信した乱数基底と前記共有基底とを照合し、一致した場合の信号を第1の乱数符号とし、一致しなかった場合の信号を第2の乱数符号とし、前記第1の検査記号を用いて前記第1の乱数符号を検査し、それにより基底の照合誤りを検査し、照合誤りがあった場合は基底を訂正し、それに伴い前記第1の乱数符号であるか前記第2の乱数符号であるかの判定及び各符号の値の判定を訂正し、
前記第1の検査記号を用いて、前記判定訂正後の前記第1の乱数符号を前記第1の誤り訂正復号器で復号し、前記第1のプライバシアンプ用手段によってビット数を減らし、
前記第2の検査記号を用いて、前記判定訂正後の前記第2の乱数符号を前記第2の誤り訂正復号器で復号し、前記第2のプライバシアンプ用手段によってビット数を減らし、
前記第1及び第2のプライバシアンプ用手段の出力を秘密鍵として取り出し、
前記取り出した秘密鍵を用いて、前記暗号復号器で前記暗号化した実データを暗号化前のデータに復号する
ことを特徴とする暗号通信システム。 - 通信ネットワークを介して受信機と接続される暗号通信システムの送信機であって、
乱数発生器及び電磁波源を備えており、かつ、
該送信機と前記受信機間で共有される共有基底、及び該送信機のみで保有あるいは生成する乱数基底の情報を保有しており、
前記乱数発生器は、少なくとも、第1の乱数および第2の乱数を発生する機能を有しており、
前記送信機は、
前記乱数基底と前記共有基底が一致した場合には前記第1の乱数を信号とし、前記乱数基底と前記共有基底が一致しない場合には前記第2の乱数を信号とする乱数データを生成する機能と、
前記電磁波源からの出力に、前記乱数基底で前記乱数データを重畳して乱数信号を生成し、前記通信ネットワークの第1の伝送路を介して前記受信機に送信する機能と、
前記第1の乱数及び前記第2の乱数から秘密鍵を生成し、該秘密鍵を用いて送信すべき実データ本体を暗号化し、前記通信ネットワークの第2の伝送路を介して前記受信機に送信する機能とを備えている
ことを特徴とする送信機。 - 請求項17記載の送信機において、
前記電磁波源は光源であり、
前記第1及び第2の伝送路は光伝送路である
ことを特徴とする送信機。 - 請求項17載の送信機において、
前記第1及び第2の乱数はn値とし、前記乱数基底はm基底とし、正味n×m値の状態で信号が伝送される
ことを特徴とする送信機。 - 第1、第2の伝送路を有する通信ネットワークを介して送信機と接続される暗号通信システムの受信機であって、
前記送信機との間で共有される共有基底の情報を記憶しており、
前記第1の伝送路を介して前記送信機から伝送されてきて受信した乱数信号の乱数基底及び乱数値を判定し、該乱数基底と前記共有基底とを照合し、一致した場合にそのビットの乱数値を第1の乱数、一致しなかった場合にそのビットの乱数値を第2の乱数と判定する機能と、
前記第1及び前記第2の乱数の判定結果に基づいて、前記送信機で生成された秘密鍵に等しい秘密鍵を取り出す機能と、
前記第2の伝送路を介して前記送信機から伝送されてきた実データ本体を、前記秘密鍵を用いて、暗号化前の実データ本体に復号する機能とを備えている
ことを特徴とする受信機。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/578,016 US8934633B2 (en) | 2010-02-15 | 2011-01-17 | Encrypted communication system, transmitter and receiver using same |
JP2011553777A JP5282147B2 (ja) | 2010-02-15 | 2011-01-17 | 暗号通信システム及びそれに用いる送信機及び受信機 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2010-029894 | 2010-02-15 | ||
JP2010029894 | 2010-02-15 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2011099325A1 true WO2011099325A1 (ja) | 2011-08-18 |
Family
ID=44367611
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2011/050668 WO2011099325A1 (ja) | 2010-02-15 | 2011-01-17 | 暗号通信システム及びそれに用いる送信機及び受信機 |
Country Status (3)
Country | Link |
---|---|
US (1) | US8934633B2 (ja) |
JP (1) | JP5282147B2 (ja) |
WO (1) | WO2011099325A1 (ja) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2010035072A (ja) * | 2008-07-31 | 2010-02-12 | Hitachi Ltd | 光通信システム |
US20100172496A1 (en) * | 2007-05-25 | 2010-07-08 | Nec Corporation | Key generating apparatus, encrypting apparatus and decrypting apparatus |
CN102315944A (zh) * | 2011-09-29 | 2012-01-11 | 上海动联信息技术有限公司 | 种子密钥分次注入的动态令牌、动态密码认证系统及方法 |
JP2015032862A (ja) * | 2013-07-31 | 2015-02-16 | 株式会社東芝 | 送信機、受信機、量子鍵配送(QKD;QuantumKeyDistribution)システム及び量子鍵配送方法 |
US10305681B2 (en) | 2013-06-12 | 2019-05-28 | Hitachi, Ltd. | High-security communication system, and transmitter and receiver both used therein |
CN113890735A (zh) * | 2021-11-10 | 2022-01-04 | 天宇鸿图应用技术研究院(重庆)有限公司 | 基于量子密钥分发的大质数累乘对称加密方法 |
Families Citing this family (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010016097A1 (ja) | 2008-08-08 | 2010-02-11 | 富士通株式会社 | 演算処理装置 |
US8693691B2 (en) * | 2012-05-25 | 2014-04-08 | The Johns Hopkins University | Embedded authentication protocol for quantum key distribution systems |
WO2014164180A2 (en) * | 2013-03-11 | 2014-10-09 | Quantum Advance Technology, Inc. | Decoy bits method for direct encryption and key generation |
CN104506319B (zh) * | 2014-12-15 | 2017-11-28 | 飞天诚信科技股份有限公司 | 一种多种子动态令牌的工作方法 |
DE102015220081A1 (de) * | 2015-10-15 | 2017-04-20 | Robert Bosch Gmbh | Verfahren zur Erzeugung eines Schlüssels in einer Schaltungsanordnung |
US10763962B2 (en) * | 2016-02-18 | 2020-09-01 | Apriori Network Systems, Llc. | Secured fiber link system |
US10284288B2 (en) * | 2016-02-18 | 2019-05-07 | Apriori Network Systems, Llc | Secured fiber link system |
US10784969B2 (en) * | 2016-02-18 | 2020-09-22 | Apriori Network Systems, Llc. | Secured fiber link system |
WO2017204440A1 (ko) * | 2016-05-25 | 2017-11-30 | 한국과학기술원 | 코드 기반 양자 암호 키 분배 방법, 장치 및 시스템 |
US10320559B2 (en) | 2017-03-30 | 2019-06-11 | Bank Of America Corporation | Network communication encoder using key pattern encryption |
US10333906B2 (en) | 2017-03-30 | 2019-06-25 | Bank Of America Corporation | Network communication decoder using key pattern encryption |
US10154015B1 (en) * | 2017-06-12 | 2018-12-11 | Ironclad Encryption Corporation | Executable coded cipher keys |
US10171444B1 (en) * | 2017-06-12 | 2019-01-01 | Ironclad Encryption Corporation | Securitization of temporal digital communications via authentication and validation for wireless user and access devices |
WO2018231697A1 (en) * | 2017-06-12 | 2018-12-20 | Daniel Maurice Lerner | Securitization of temporal digital communications with authentication and validation of user and access devices |
US10616192B2 (en) * | 2017-06-12 | 2020-04-07 | Daniel Maurice Lerner | Devices that utilize random tokens which direct dynamic random access |
US10645070B2 (en) * | 2017-06-12 | 2020-05-05 | Daniel Maurice Lerner | Securitization of temporal digital communications via authentication and validation for wireless user and access devices |
US10171435B1 (en) * | 2017-06-12 | 2019-01-01 | Ironclad Encryption Corporation | Devices that utilize random tokens which direct dynamic random access |
WO2019195691A1 (en) * | 2018-04-05 | 2019-10-10 | Daniel Maurice Lerner | Discrete blockchain and blockchain communications |
KR102510077B1 (ko) * | 2018-04-24 | 2023-03-14 | 삼성에스디에스 주식회사 | 부채널 공격에 안전한 연산 장치 및 방법 |
JP6963182B2 (ja) * | 2018-05-22 | 2021-11-05 | 日本電信電話株式会社 | 光通信システム、光送信機及び光受信機 |
GB2582300A (en) * | 2019-03-14 | 2020-09-23 | Univ York | Methods and apparatus for coherent signal amplification and detection |
US11194933B2 (en) * | 2019-06-04 | 2021-12-07 | Intel Corporation | Circuits supporting improved side channel and fault injection attack resistance |
US11334447B2 (en) | 2020-08-27 | 2022-05-17 | Nuvoton Technology Corporation | Integrated circuit facilitating subsequent failure analysis and methods useful in conjunction therewith |
CN112332815B (zh) * | 2020-11-03 | 2024-04-02 | 国网四川省电力公司经济技术研究院 | 基于掺杂增益光纤随机激光器的高速随机码发生器 |
WO2024101470A1 (ko) * | 2022-11-09 | 2024-05-16 | 엘지전자 주식회사 | 양자 통신 시스템에서 양자 보안 직접 통신에 기반하여 양자 상태 변조를 수행하기 위한 장치 및 방법 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007129386A (ja) * | 2005-11-02 | 2007-05-24 | Hitachi Ltd | 光通信装置 |
JP2009296217A (ja) * | 2008-06-04 | 2009-12-17 | Hitachi Ltd | 暗号通信装置 |
JP2010035072A (ja) * | 2008-07-31 | 2010-02-12 | Hitachi Ltd | 光通信システム |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5206905A (en) * | 1989-05-15 | 1993-04-27 | Dallas Semiconductor Corp. | Password protected device using incorrect passwords as seed values for pseudo-random number generator for outputting random data to thwart unauthorized accesses |
JP3646561B2 (ja) * | 1999-05-12 | 2005-05-11 | 日本電気株式会社 | 量子暗号を用いた鍵配布方法 |
US7181011B2 (en) * | 2004-05-24 | 2007-02-20 | Magiq Technologies, Inc. | Key bank systems and methods for QKD |
JP4654649B2 (ja) * | 2004-10-07 | 2011-03-23 | ソニー株式会社 | 量子暗号通信方法、および量子暗号通信装置、並びに量子暗号通信システム |
JP4124194B2 (ja) * | 2004-11-01 | 2008-07-23 | 日本電気株式会社 | 共有情報生成方法およびシステム |
JP4800674B2 (ja) * | 2005-06-10 | 2011-10-26 | 株式会社日立製作所 | 通信方法および通信システム |
JP4662040B2 (ja) * | 2005-07-08 | 2011-03-30 | 日本電気株式会社 | 通信システムおよびその同期制御方法 |
GB2430124B (en) * | 2005-09-09 | 2008-01-09 | Toshiba Res Europ Ltd | Quantum communication system |
US7831049B1 (en) * | 2006-05-10 | 2010-11-09 | Nucrypt, LLC | Enhanced encryption method and system for ultra secure applications |
JP5023575B2 (ja) | 2006-06-23 | 2012-09-12 | 株式会社日立製作所 | アンチスクイズド光生成器 |
JP4983193B2 (ja) * | 2006-10-05 | 2012-07-25 | 株式会社日立製作所 | セキュアな光通信用中継機および光の2つの直交位相成分の測定器 |
JP5074823B2 (ja) * | 2007-05-29 | 2012-11-14 | パナソニック株式会社 | データ送信装置及びデータ受信装置 |
JP5013521B2 (ja) * | 2007-09-05 | 2012-08-29 | 独立行政法人情報通信研究機構 | 量子暗号通信装置及び方法 |
WO2010103628A1 (ja) * | 2009-03-11 | 2010-09-16 | 株式会社日立製作所 | 暗号通信システム |
JP5472850B2 (ja) * | 2009-09-07 | 2014-04-16 | 独立行政法人情報通信研究機構 | パルスポジション変調雑音秘匿通信方式 |
-
2011
- 2011-01-17 JP JP2011553777A patent/JP5282147B2/ja not_active Expired - Fee Related
- 2011-01-17 WO PCT/JP2011/050668 patent/WO2011099325A1/ja active Application Filing
- 2011-01-17 US US13/578,016 patent/US8934633B2/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007129386A (ja) * | 2005-11-02 | 2007-05-24 | Hitachi Ltd | 光通信装置 |
JP2009296217A (ja) * | 2008-06-04 | 2009-12-17 | Hitachi Ltd | 暗号通信装置 |
JP2010035072A (ja) * | 2008-07-31 | 2010-02-12 | Hitachi Ltd | 光通信システム |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100172496A1 (en) * | 2007-05-25 | 2010-07-08 | Nec Corporation | Key generating apparatus, encrypting apparatus and decrypting apparatus |
US8594332B2 (en) * | 2007-05-25 | 2013-11-26 | Nec Corporation | Key generating apparatus, encrypting apparatus and decrypting appatatus |
JP2010035072A (ja) * | 2008-07-31 | 2010-02-12 | Hitachi Ltd | 光通信システム |
CN102315944A (zh) * | 2011-09-29 | 2012-01-11 | 上海动联信息技术有限公司 | 种子密钥分次注入的动态令牌、动态密码认证系统及方法 |
US10305681B2 (en) | 2013-06-12 | 2019-05-28 | Hitachi, Ltd. | High-security communication system, and transmitter and receiver both used therein |
JP2015032862A (ja) * | 2013-07-31 | 2015-02-16 | 株式会社東芝 | 送信機、受信機、量子鍵配送(QKD;QuantumKeyDistribution)システム及び量子鍵配送方法 |
CN113890735A (zh) * | 2021-11-10 | 2022-01-04 | 天宇鸿图应用技术研究院(重庆)有限公司 | 基于量子密钥分发的大质数累乘对称加密方法 |
Also Published As
Publication number | Publication date |
---|---|
JP5282147B2 (ja) | 2013-09-04 |
US8934633B2 (en) | 2015-01-13 |
JPWO2011099325A1 (ja) | 2013-06-13 |
US20120314867A1 (en) | 2012-12-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5282147B2 (ja) | 暗号通信システム及びそれに用いる送信機及び受信機 | |
WO2010103628A1 (ja) | 暗号通信システム | |
US10305681B2 (en) | High-security communication system, and transmitter and receiver both used therein | |
JP4398374B2 (ja) | 暗号通信装置 | |
US20100239250A1 (en) | Two non-orthogonal states quantum cryptography method and apparatus with intra- and inter-qubit interference for eavesdropper detection | |
US20120328100A1 (en) | Optical transmission device and reception device for yuen encryption, optical transmission method and reception method for yuen encryption, and encrypted communication system | |
CA2506516C (en) | Quantum cryptography protocol | |
JP2017050678A (ja) | 光秘匿通信システム | |
Lo et al. | Quantum cryptography: from theory to practice | |
JP5260171B2 (ja) | 光通信システム | |
JP5189900B2 (ja) | 暗号通信装置 | |
JP4889630B2 (ja) | 暗号文伝送のための光送信装置及び方法 | |
Li et al. | The improvement of QKD scheme based on BB84 protocol | |
JP5280518B2 (ja) | 暗号通信システム | |
JP5472850B2 (ja) | パルスポジション変調雑音秘匿通信方式 | |
JP2013021422A (ja) | 暗号送信装置 | |
Yamamura et al. | Error detection and authentication in quantum key distribution | |
Lizama et al. | Enhancing quantum key distribution (QKD) to address quantum hacking | |
US7606367B2 (en) | Quantum cryptography with fewer random numbers | |
Jin et al. | Low transmission overhead for polar coding physical-layer encryption | |
JP5710521B2 (ja) | 高セキュリティ通信システム、並びにそれに用いる送信機及び受信機 | |
Qamar et al. | First tour to quantum cryptography | |
Cincotti | On the security of spectrally encoded quantum-encryption protocols | |
Tomaru | Secret key distribution protocol for practical optical channels using a preshared key and phase fluctuations | |
JP2007020159A (ja) | データ送信装置、及びデータ受信装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11742074 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2011553777 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 13578016 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 11742074 Country of ref document: EP Kind code of ref document: A1 |