WO2021029173A1 - 通信システム - Google Patents

通信システム Download PDF

Info

Publication number
WO2021029173A1
WO2021029173A1 PCT/JP2020/027295 JP2020027295W WO2021029173A1 WO 2021029173 A1 WO2021029173 A1 WO 2021029173A1 JP 2020027295 W JP2020027295 W JP 2020027295W WO 2021029173 A1 WO2021029173 A1 WO 2021029173A1
Authority
WO
WIPO (PCT)
Prior art keywords
host device
key
host
public key
secret data
Prior art date
Application number
PCT/JP2020/027295
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
宏一良 石井
Original Assignee
株式会社村田製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社村田製作所 filed Critical 株式会社村田製作所
Priority to JP2021539172A priority Critical patent/JPWO2021029173A1/ja
Publication of WO2021029173A1 publication Critical patent/WO2021029173A1/ja

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to a communication system provided with a host device and a security device and performing encrypted communication of confidential data between these devices via a network.
  • Patent Document 1 Conventionally, as this communication system, for example, there is one disclosed in Patent Document 1.
  • a common key is exchanged after both the host device and the security device are authenticated by communication using a public key cryptosystem. That is, the host device generates a public key and a private key by cryptographic IP (Crypt IP), and transmits the generated public key to the HSM (hardware security module) which is a security device.
  • the HSM generates a random number by a random number generation circuit, encrypts the generated random number by a cryptographic IP using the received public key, and transmits the generated random number as challenge data to the host device.
  • the host device decrypts the received challenge data by the encrypted IP using the private key, generates the response data, and transmits it to the HSM.
  • the HSM verifies the received response data and confirms that the host device is a genuine communication device. After that, the HSM generates a random number by the random number generation circuit, encrypts the random number by the cryptographic IP using the common key, and transmits the random number to the host device. The host device decrypts the received encrypted random number using the common key shared with the HSM in advance.
  • the security device in order to conceal the encrypted key to be stored, it was necessary to configure one chip so as not to expose the encrypted key to the outside of the device. Therefore, the security device configured on one chip must redesign the internal memory that stores the confidential data peculiar to the device for each device to which the communication system is applied, and apply it. It becomes a custom product for each product to be manufactured, and the product cost of the communication system becomes high. Therefore, it is conceivable that the security device is provided with an external memory and the stored contents that change depending on the device to which the communication system is applied are stored in the external memory, but there is a risk of eavesdropping in the communication path between the security device and the external memory. There is.
  • the present invention has been made to solve such a problem, and it is possible to perform communication while maintaining confidentiality even if the memory capacity on the host device side is small, and a security device depending on the device to which the communication system is applied.
  • the purpose is to provide a communication system that does not require redesigning the internal memory on the side.
  • the present invention It is equipped with a host device that has confidential data and a security device that is connected to the host device via a network and generates and stores a public key and a private key used for encrypted communication with the host device by a random number generator.
  • the host device When storing the confidential data on the security device side, the host device encrypts the confidential data using the public key received from the security device and sends it to the security device, and the security device receives the encrypted data from the host device.
  • Confidential data is stored in an external memory and stored, When reading the confidential data stored in the external memory to the host device side, the host device encrypts the generated or acquired one-time pad key with the public key and sends it to the security device, and the security device sends it to the security device from the host device. Communication that decrypts the received one-time pad key with the private key, reads the secret data from the external memory, decrypts it with the private key, encrypts the decrypted secret data with the decrypted one-time pad key, and sends it to the host device. I configured the system.
  • the public key and private key used for encrypted communication between the host device and the security device are stored in the security device instead of being stored in the host device. Therefore, the memory capacity required for the host device is suppressed by the amount of the encryption key. Further, the secret data possessed by the host device is transmitted to the security device by encrypting the secret data with the public key. In addition, the confidential data stored in the external memory of the security device is encrypted by the one-time pad key supplied from the host device, transmitted from the security device side to the host device, and decrypted by the host device using the one-time pad key. Will be done.
  • the communication between the host device and the security device in the network is performed in a confidential state, and the communication between the security device and the external memory is not performed in the network, so that it is exposed to the threat of eavesdropping from the outside. Will not be.
  • the internal memory of the security device is redesigned to an appropriate one for each device to which the communication system is applied. The need is eliminated, the versatility of the security device is increased, and the product cost of the communication system is reduced.
  • the present invention It is equipped with a host device that has confidential data and a security device that is connected to the host device via a network and generates and stores a public key and a private key used for encrypted communication with the host device by a random number generator.
  • the security device stores the public key in external memory When storing the secret data on the security device side, the host device directly accesses the public key stored in the external memory, reads it from the external memory, and directly accesses the confidential data encrypted by the read public key. And store it in external memory When reading the confidential data stored in the external memory to the host device side, the host device directly accesses the external memory and encrypts the generated or acquired one-time pad key with the public key read from the external memory for security.
  • the security device decrypts the one-time pad key received from the host device with the private key, reads the secret data from the external memory, decrypts it with the private key, and decrypts the decrypted secret data.
  • a communication system that is encrypted with a pad key and transmitted to the host device is configured.
  • the public key and private key used for encrypted communication between the host device and the security device are stored in the security device instead of being stored in the host device. Therefore, the memory capacity required for the host device is suppressed by the amount of the encryption key.
  • the secret data of the host device is transmitted to the security device side
  • the public key stored in the external memory of the security device is directly read by the host device, and the secret data is encrypted by the public key in the host device. , It is done by writing directly to the external memory.
  • the encrypted secret data stored in the external memory is decrypted by the security device and then encrypted with the one-time pad key sent from the host device after being encrypted with the public key for security. It is transmitted from the device side to the host device, and is decrypted by the host device using the one-time pad key.
  • FIG. 5 is an operation sequence diagram when the secret data of the host device is directly written to the external memory of the security device in the communication system according to the third embodiment.
  • FIG. 1 is a block diagram showing a schematic configuration of a communication system 1A according to the first embodiment of the present invention.
  • the communication system 1A includes a host device (hereinafter referred to as HOST) 2 having confidential data D, and a hardware security module (hereinafter referred to as HSM) 4 which is interconnected with HOST 2 via a network 3.
  • HOST 2 is a personal computer (PC), a microcomputer (commonly known as a microcomputer), or the like, and is a main control device in a system such as communication processing or sensor processing via a network 3 or the like.
  • the HSM4 is a security device configured by aggregating security-related components among the components of HOST2, and generally, in a communication system interconnected by a network, concealment of data and packets transferred on the network. It establishes sex and safety.
  • the HSM4 is also called a security unit, a security module, or a hardware security unit.
  • HOST2 includes a device that controls HSM4, such as HSM that becomes HOST.
  • HOST 2 has a CPU 2a which is an arithmetic unit, a read-only memory (ROM) 2b, a temporary storage memory (RAM) 2c, a communication processing circuit 2d, and an OTP encryption function block 2e.
  • the secret data D is stored in the temporary storage memory 2c.
  • the OTP encryption function block 2e includes a public key encryption IP and a simple OTP encryption IP, and in the OTP encryption IP, a random number used in an encryption method called One Time Pad is generated by software as an OTP key.
  • the OTP encryption function block 2e does not necessarily have to include the OTP encryption IP, and may be configured to acquire an OTP key from another device. After using the public key and OTP key in HOST2, they can be deleted without saving.
  • the communication processing circuit 2d includes a transmission circuit and a reception circuit for communicating with other devices via the network 3.
  • the communication standard of the network 3 is SPI, CAN, I2C, UART, USB, Ethernet, Bluetooth (registered trademark), etc., and the type thereof does not matter.
  • the HSM 4 includes an internal memory 4a, a cryptographic processing IP (Crypto IP: encryption / decryption function) 4b, and a random number generator 4c inside, and has an external memory 5 outside.
  • the internal memory 4a includes a RAM and a ROM.
  • the external memory 5 is composed of an EEPROM called a programmable ROM, a flash ROM, a DDR used as a temporary storage memory and called a RAM, an RDRAM, a DRAM, an asynchronous DRAM, a SRAM, and the like.
  • the network 3 interposed between the HOST 2 and the HSM 4 has a risk of eavesdropping, but the HSM 4 and the external memory 5 are connected by a communication path other than the network 3 that is not available to the public.
  • Cryptographic processing IP4b is a functional block having a data encryption function and a decryption function necessary for encrypting communication in network 3, and uses random numbers generated by the random number generator 4c for encrypted communication with HOST2. Generate a public and private key to be used. The generated public key is stored and stored in the internal memory 4a or the external memory 5, and the private key is stored and stored in the internal memory 4a.
  • the cryptographic processing IP4b is composed of software or hardware, but in the present embodiment, the cryptographic processing IP4b is composed of hardware together with the random number generator 4c. Therefore, the HSM 4 is not provided with an arithmetic unit such as the CPU 2a in the HOST 2. Therefore, the HSM 4 is configured to be compact.
  • the random number generator 4c is composed of a physical random number source, and generates physical random numbers by heat-induced white noise, photon / electron shot noise, quantum noise, fan noise, and the like.
  • HOST2 When storing the secret data D on the HSM4 side, HOST2 requests the generation of the encryption key required for encrypted communication in step s1. This key generation request step s1 is not always necessary, and is not necessary when the key is automatically generated when the HSM 4 is started.
  • the HSM4 generates the public key and the private key in step s2 before receiving the secret data D from HOST2.
  • HOST2 requests HSM4 to transmit the public key generated by HSM4 in step s3.
  • the HSM 4 transmits the public key stored in the internal memory 4a or the external memory 5 to the HOST 2 via the network 3 in step s4. At this time, the public key may be eavesdropped on the network 3.
  • the HOST 2 that has received the public key encrypts the secret data D with the received public key in step s5, and transmits the encrypted secret data D as encrypted data to the HSM 4 via the network 3 in step s6.
  • the HSM 4 that has received the encrypted secret data D stores the received secret data D in the internal memory 4a or the external memory 5 in step s7 in a state of being encrypted with the public key.
  • HSM4 When HOST2 sends a memory selection command to HSM4 at the same time as transmission of secret data D in step s6 or in advance, HSM4 sends the received secret data D to either the internal memory 4a or the external memory 5. You can choose to save.
  • the secret data D is usually stored in the external memory 5.
  • the HSM 4 decrypts the received secret data D with the private key and then separately generates the decrypted secret data D. It may be re-encrypted with the public key, or the received secret data D may be further encrypted by using an encryption mode and stored in the internal memory 4a or the external memory 5.
  • FIG. 3 is an operation sequence diagram of a read process performed by transmitting the secret data D stored in the HSM 4 from the HSM 4 to the HOST 2.
  • the HOST2 When reading the secret data D stored in the internal memory 4a or the external memory 5 to the HOST2 side, the HOST2 generates an OTP key in step S11 by the OTP encryption function block 2e, or acquires an OTP key from another device. To do. The HOST2 then encrypts the generated or acquired OTP key in step s12 with the public key received from the HSM4. Then, the encrypted OTP key is transmitted to the HSM 4 in step s13 via the network 3. The HSM 4 reads the secret data D from the internal memory 4a or the external memory 5 in step s14, and decodes the secret data D in step s15 with the stored private key.
  • the OTP key received from HOST2 encrypted by the public key is decrypted in step s15 by the stored private key.
  • the HSM4 encrypts the decrypted secret data D with the decrypted OTP key to obtain OTP encrypted data, and transmits the OTP encrypted data to HOST2 in step s17.
  • the HOST 2 decrypts the OTP encrypted data received from the HSM 4 with the temporarily stored OTP key and reads out the secret data D.
  • the HOST 2 uses the public key received from the HSM 4 to store the secret data.
  • D is encrypted and transmitted to HSM4, and HSM4 stores and stores the encrypted secret data D received from HOST2 in the external memory 5.
  • the HOST2 when reading the secret data D stored in the external memory 5 to the HOST2 side, the HOST2 receives the generated or acquired OTP key from the HSM4 side as a public key. Encrypted by and transmitted to HSM4. The HSM4 decrypts the OTP key received from HOST2 with the private key, reads the secret data D from the external memory 5, decrypts it with the secret key, encrypts the decrypted secret data D with the decrypted OTP key, and transfers it to HOST2. Send.
  • the public key and the private key used for the encrypted communication between HOST 2 and HSM 4 are stored in HSM 4 instead of being stored in HOST 2. Therefore, the memory capacity of the memories 2b, 2c, etc. required for HOST 2 is suppressed by the amount of the encryption key. Further, although the encryption key generation process generally takes time, the HOST2 process is reduced by having the HSM4 take charge of this generation process. Further, HOST2 performs encryption processing of the secret data D in step s5 using the public key received from HSM4, but even if the public key is deleted after this encryption processing, it can be obtained from HSM4 again, so that the memory It is not necessary to save it in 2c or the like. If HOST2 saves the public key, it is not necessary to reacquire it from HSM4. Therefore, HOST2 may save the public key in order to increase the communication processing speed.
  • the transmission of the secret data D possessed by HOST2 to HSM4 is performed by transmitting the public key stored in HSM4 to HOST2 and encrypting the secret data D in HOST2 with the public key.
  • the secret data D stored in the external memory 5 of the HSM4 is encrypted by the OTP key supplied from the HOST2, transmitted from the HSM4 side to the HOST2, and decrypted by the OTP key in the HOST2.
  • the communication between the HOST 2 and the HSM 4 in the network 3 is performed in a secret state, and the communication between the HSM 4 and the external memory 5 is performed in the network 3. Because it is not done in, it is not exposed to the threat of eavesdropping from the outside. Further, by storing the stored contents of the confidential data D, which changes depending on the device to which the communication system 1A is applied, in the external memory 5, the internal memory 4a of the HSM4 is appropriately set for each device to which the communication system 1A is applied. It is no longer necessary to redesign the HSM4, the versatility of the HSM4 is increased, and the product cost of the communication system 1A is reduced.
  • the HSM 4 can store the secret data D received from the HOST 2 in the encrypted state in the external memory 5, so that the secret data D can be saved while maintaining the communication processing speed.
  • the private key when public key cryptography is used, the private key must be stored and managed in order to be decrypted, but when the private key is stored and managed in HOST2, the memory area of HOST2 is occupied. It will be.
  • the HOST2 only needs to temporarily store the OTP key. Therefore, it is not necessary to store and manage the OTP key in HOST2 and HSM4, and the encryption key only needs to be stored and managed in HSM4 for the public key and the private key. For this reason, the demand for security measures taken on the HOST2 side is reduced, and the security measures need to be focused on the HSM4 side, so that the development cost of the communication system 1A can be reduced.
  • the random number generator 4c in HSM4 is composed of a physical random number source called QRNG or TRNG.
  • QRNG physical random number source
  • the internal memory 4a of HSM4 needs a storage capacity to store the software, but when random numbers are generated by a physical random number source, a physical phenomenon occurs. Is used and the software is not used, so that the capacity for storing the software in the internal memory 4a of the HSM4 is not required.
  • an arithmetic unit such as a CPU for executing software is not required for the HSM4.
  • the random number generator 4c since the calculation time is not required to generate the random number by the physical random number source, the random number generator 4c generates the random number at a higher speed than the case where the random number is generated by software.
  • the random numbers generated by the software are related to each other, and it is easy to infer another random number from one random number, but the random numbers generated by the physical random number source are generated without mutual relation. , It is difficult to guess other random numbers from one random number, and the independence is high. Therefore, according to the random number generator 4c of the present embodiment, a high-quality private key and public key can be generated at high speed and with low power consumption without increasing the memory capacity of the internal memory 4a of the HSM4. Further, since the private key and the public key are generated and stored and managed inside the HSM4, the confidentiality of the data communication can be improved.
  • FIG. 4 is a block diagram showing a schematic configuration of the communication system 1B according to the second embodiment of the present invention.
  • the same or corresponding parts as those in FIG. 1 are designated by the same reference numerals, and the description thereof will be omitted.
  • Communication system 1B differs from communication system 1A according to the first embodiment only in that HOST 2 includes a second HOST 6 that is network-connected to each other via HOST 2.
  • the second HOST 6 is connected to the HOST 2 via a network 7 similar to the network 3.
  • Other configurations are the same as those of the communication system 1A according to the first embodiment.
  • the second HOST6 is a HOST that is different from the HOST2 and the HSM4 and is not directly connected to the HSM4, such as a server, a cloud, a PC different from the one constituting the HOST2, and an HSM different from the HSM4.
  • the secret data D possessed by HOST 2 is written from HOST 2 to the HSM 4 side as shown in the operation sequence diagram of FIG. 2, and HSM 4 is also written in the same manner as in the first embodiment.
  • the secret data D stored in is read from HSM4 to HOST2 as shown in the operation sequence diagram of FIG.
  • the secret data D possessed by HOST 2 is further transmitted to the second HOST 6.
  • the HOST2 When the secret data D is transmitted to the second HOST6, the HOST2 requests the generation of the encryption key required for the encrypted communication in step s21.
  • This key generation request step s21 is not always necessary, and is not necessary when the key is automatically generated when the HSM4 is started.
  • the HSM 4 generates the public key and the private key in step s22 before receiving the secret data D from the HOST 2.
  • the second HOST 6 has a second public key S and a second private key used for encrypted communication with the HOST 2, and transmits the second public key S to the HOST 2 in step s23 via the network 7.
  • the HOST 2 that has received the second public key S from the second HOST 6 transmits the received second public key S to the HSM 4 in step s24 via the network 3.
  • the second public key S may be eavesdropped on the networks 3 and 7.
  • the HSM 4 stores the received second public key S in the internal memory 4a or the external memory 5 in step s25.
  • HOST2 requests HSM4 to send the public key M generated and stored by HSM4.
  • the HSM 4 transmits the public key M stored in the internal memory 4a or the external memory 5 to the HOST 2 via the network 3 in step s26.
  • the HOST 2 that has received the public key M from the HSM 4 transmits the received public key M to the second HOST 6 in step s27 via the network 7.
  • the public key M may be eavesdropped on the networks 3 and 7.
  • the second HOST 6 stores the received public key M.
  • the key exchange between the public key M and the second public key S is performed between HOST 2 and the second HOST 6.
  • HOST2 does not store and manage the public key M and the second public key S
  • HSM4 does this.
  • the HOST2 When transmitting the secret data D to the second HOST6, the HOST2 requests the transmission of the public key M stored in the HSM4 in step s28.
  • the HSM 4 transmits the public key M to be stored in response to this request to the HOST 2 in step s29.
  • HOST2 Upon receiving the public key M, HOST2 encrypts the held secret data D with the public key M in step s30.
  • the HOST 2 may temporarily store one or both of the public key M and the second public key S in order to speed up the communication process.
  • the processing of steps s28 and s29 is arbitrary, and HOST2 encrypts the held secret data D with the stored public key M in step s30.
  • HOST2 transmits the secret data D encrypted with the public key M as the encrypted data M to the HSM 4 in step s31.
  • the HSM 4 decrypts the received encrypted data M with a private key stored as a pair with the public key M, and encrypts the decrypted secret data D with the second public key S received from the second HOST 6 and stored in step s32.
  • the secret data D encrypted with the second public key S is transmitted to HOST2 in step s33 as encrypted data S.
  • HOST 2 transmits the received encrypted data S as encrypted data to the second HOST 6 in step s34.
  • HOST2 When HOST2 temporarily stores the second public key S, HOST2 encrypts the secret data D held by the second public key S in step s30, and encrypts the data D without performing steps s31 to s33.
  • the data is immediately transmitted to the second HOST 6 in step s34.
  • steps s31 to s33 are arbitrary.
  • the second HOST 6 that has received the encrypted data is decrypted with the second private key stored in pairs with the second public key S, and the secret data D is acquired.
  • the HOST 2 receives the second public key S used for the encrypted communication with the second HOST 6 from the second HOST 6 and HSM4. Receives the public key M stored by the HSM 4 from the HSM 4 and transmits it to the second HOST 6. Then, when the secret data D is transmitted to the second HOST 6, the HOST 2 encrypts the secret data D with the second public key S and transmits it to the second HOST 6, or encrypts the secret data D with the public key M and sends it to the HSM 4. The data is transmitted, and the secret data D decrypted by the HSM 4 with the private key and encrypted with the second public key S is transmitted to the second HOST 6.
  • the same operation and effect as that of the communication system 1A according to the first embodiment is exhibited.
  • the public key M and the private key used for the encrypted communication between HSM4 and HOST2, and the second public key S used for the encrypted communication between HOST2 and the second HOST6 Is stored in HSM4 instead of being stored in HOST2. Therefore, the memory capacity required for HOST 2 is suppressed by the amount of these encryption keys.
  • the transmission of the secret data D possessed by the HOST 2 to the second HOST 6 is performed by the HOST 2 encrypting the secret data D with the second public key S.
  • the secret data D is once encrypted and transmitted from the HOST 2 to the HSM 4 by the public key M, decrypted by the HSM 4, and then the secret data D is encrypted by the second public key S. Therefore, according to the communication system 1B of the second embodiment, the communication in the networks 3 and 7 between the HOST 2 and the HSM 4 and the second HOST 6 is performed in a secret state. Therefore, according to the communication system 1B of the second embodiment, even if the memory capacity of the HOST 2 is small, the confidential data D of the HOST 2 can be transmitted to the second HOST 6 while maintaining the confidentiality.
  • the HSM 4 can directly read the secret data D from the external memory 5 and transmit it to the second HOST 6.
  • the HSM 4 is a private key that is stored as a pair with the public key M, and is a second public key that decodes the secret data D read from the external memory 5 and receives and stores the decoded secret data D from the second HOST 6.
  • the encryption is performed in step s32.
  • the secret data D encrypted with the second public key S is transmitted to HOST2 in step s33, and HOST2 transmits it to the second HOST6 in step s34.
  • HOST2 transmits it to the second HOST6 in step s34.
  • FIG. 6 is an operation sequence diagram when transmitting the secret data D possessed by the second HOST 6 to the HOST 2 in the above communication system 1B.
  • steps s21 to s27 are the same as those in the operation sequence diagram shown in FIG. 5, and in these processes, the public key M and the second public key S are exchanged between the HOST 2 and the second HOST 6.
  • the second HOST 6 encrypts the secret data D held by the exchanged public key M in step s41 and transmits the encrypted data to HOST2 in step s42.
  • the HOST 2 that has received the encrypted data transmits the received encrypted data to the HSM 4 in step s43.
  • HOST2 generates an OTP key in step S44 by the OTP encryption function block 2e, or acquires an OTP key from another device. Then, HOST2 requests the transmission of the public key M stored in HSM4 in step s45. The HSM 4 transmits the public key M to be stored in response to this request to the HOST 2 in step s46. Upon receiving the public key M, HOST2 encrypts the generated or acquired OTP key with the public key M in step s47. The HOST 2 may temporarily store the public key M in order to speed up the communication process. When the public key M is stored, the processing of steps s45 and s46 is arbitrary, and HOST2 encrypts the OTP key with the stored public key M in step s47.
  • HOST2 transmits the OTP key encrypted with the public key M to HSM4 in step s48.
  • the HSM4 decrypts the encrypted data received in step s43 and the encrypted OTP key received in step 48 with the private key stored in pair with the public key M in step s49, respectively.
  • the decrypted encrypted data is encrypted in step s50 with the decrypted OTP key.
  • the secret data D encrypted with the OTP key is transmitted to HOST2 in step s51 as OTP encrypted data.
  • the HOST 2 decrypts the OTP encrypted data received from the HSM 4 with the temporarily stored OTP key and reads out the secret data D.
  • the HOST 2 receives the second public key S used for the encrypted communication with the second HOST 6 from the second HOST 6 and HSM4. Receives the public key M stored by the HSM 4 from the HSM 4 and transmits it to the second HOST 6.
  • the HOST 2 receives the secret data D encrypted by the public key M from the second HOST 6 and transmits the secret data D to the HSM4, and the generated or acquired OTP key is transmitted from the HSM4. It is encrypted by the received public key M and transmitted to HSM4.
  • the HSM4 decrypts the secret data D and the OTP key received from HOST2 by the secret key, respectively, and transmits the secret data D encrypted by the decrypted OTP key to HOST2.
  • the transmission of the secret data possessed by the second HOST 6 to the HOST 2 is transmitted from the second HOST 6 to the HSM 4 via the HOST 2 after the secret data D is encrypted by the public key M.
  • the secret data D decrypted by HSM4 is encrypted by the OTP key received from HOST2 and transmitted from HSM4 to HOST2. Therefore, according to the communication system 1B of the second embodiment, even when the secret data D possessed by the second HOST 6 is transmitted to the HOST 2, the communication in the networks 3 and 7 between the HOST 2 and the HSM 4 and the second HOST 6 is in a secret state. It is done in.
  • the second HOST 6 maintains the confidentiality.
  • the secret data D to be possessed can be transmitted to HOST2.
  • FIG. 7 is a block diagram showing a schematic configuration of the communication system 1C according to the third embodiment of the present invention.
  • the same or corresponding parts as those in FIG. 1 are designated by the same reference numerals, and the description thereof will be omitted.
  • Communication system 1C differs from communication system 1A according to the first embodiment only in that HOST 2 is directly connected to the external memory 5 via a network 8 similar to network 3. Other configurations are the same as those of the communication system 1A according to the first embodiment.
  • the secret data D held by HOST 2 is directly transmitted and written to the external memory 5 of the HSM 4. That is, when the confidential data D held by HOST2 is stored on the HSM4 side, HOST2 requests the generation of the key required for encrypted communication in step s61.
  • This key generation request step s61 is not always necessary, and is not necessary when the key is automatically generated when the HSM 4 is started.
  • the HSM4 performs key generation of the public key and the private key in step s62. Then, the generated public key is saved in the external memory 5 in step s63.
  • HOST 2 directly accesses the public key stored in the external memory 5 and reads it from the external memory 5, and encrypts the secret data D in step s64 with the read public key. Then, the encrypted secret data D is directly accessed to the external memory 5 and saved in the external memory 5 in step s65.
  • the HOST 2 can also request in step s66 to transmit the public key generated by HSM4 to HSM4 after the key is generated in step s62 without reading the public key directly from the external memory 5.
  • the HSM 4 stores the public key in the external memory 5 in step s63, and transmits the public key to HOST 2 in step s67 via the network 3.
  • HOST2 encrypts the secret data D held by the public key received from HSM4 in step s64.
  • the HOST 2 can also transmit the encrypted secret data D as encrypted data to the HSM 4 in step s68 without directly storing the encrypted secret data D in the external memory 5.
  • the HSM 4 stores the received encrypted data in the external memory 5 or the internal memory 4a in step s69.
  • the reading of the encrypted data directly stored in the external memory 5 to HOST 2 is performed in the same manner as in the operation sequence diagram shown in FIG.
  • the HOST 2 directly accesses the external memory 5 in step s13 and directly transmits the OTP key encrypted in step s12 by the public key to the external memory 5 in step s13 instead of transmitting the OTP key encrypted in step s12 to the HSM 4 in step s13 via the network 3.
  • the OTP key encrypted in step s12 by the public key can be directly stored in the external memory 5.
  • the secret data D encrypted by the public key stored directly in the external memory 5 in step s65 is read from the external memory 5 by HSM4 in step s14 and decrypted in step s15 by the private key stored by HSM4.
  • the OTP key encrypted by the public key stored in the external memory 5 is read from the external memory 5 by the HSM 4 in step s15 and decrypted by the private key stored in the HSM 4.
  • the decrypted secret data D is encrypted by the decrypted OTP key to be OTP encrypted data, and the OTP encrypted data is transmitted to HOST 2 in step s17.
  • the HOST 2 decrypts the OTP encrypted data received from the HSM 4 with the temporarily stored OTP key and reads out the secret data D.
  • the HOST 2 is stored in the external memory 5 when the secret data D held by the HOST 2 is stored on the HSM4 side as shown in the operation sequence diagram shown in FIG.
  • the public key is directly accessed to the external memory 5 and read from the external memory 5, and the secret data D encrypted by the read public key is directly accessed to the external memory 5 and stored in the external memory 5.
  • the HOST2 directly accesses the external memory 5 and encrypts the generated or acquired OTP key with the public key read from the external memory 5.
  • the HSM4 decrypts the OTP key received from HOST2 with the private key, reads the secret data D from the external memory 5, decodes it with the private key, and decodes the decrypted secret data D with the OTP key. It is encrypted by and sent to HOST2.
  • the public key and the private key used for the encrypted communication between HOST2 and HSM4 are stored in HSM4 without being stored in HOST2. Therefore, the memory capacity required for HOST 2 is suppressed by the amount of the encryption key.
  • the public key stored in the external memory 5 of the HSM4 is directly read by the HOST2, and the secret data D is encrypted by the public key in the HOST2 to the outside. This is done by writing directly to memory 5. Further, the encrypted secret data D stored in the external memory 5 is decrypted by the HSM4, then encrypted with the OTP key sent from the HOST2 after being encrypted with the public key, and is encrypted from the HSM4 side. It is transmitted to HOST2 and decrypted by the OTP key in HOST2.
  • the communication between the HOST 2 and the external memory 5 in the network 8 is performed in a secret state, and the communication between the HSM 4 and the external memory 5 is not performed in the networks 3 and 8, so that the communication from the outside is performed. You are not exposed to the threat of eavesdropping. Further, by storing the storage contents that change depending on the device to which the communication system 1C is applied in the external memory 5, the internal memory 4a of the HSM 4 is redesigned to be appropriate for each device to which the communication system 1C is applied. The need is eliminated, the versatility of the HSM4 is increased, and the product cost of the communication system 1C is reduced.
  • the communication system 1C according to the third embodiment communication can be performed while maintaining confidentiality even if the memory capacity of HOST2 is small, and the internal memory 4a of the HSM4 is used by the device to which the communication system 1C is applied. It is possible to provide a communication system 1C that does not need to be redesigned, has high versatility, and reduces product cost. Further, unlike the communication system 1A according to the first embodiment, according to the communication system 1C according to the third embodiment, the encrypted secret data D can be stored in the external memory 5 without going through the HSM 4. Communication processing can be performed at high speed and with low power consumption.
  • the HOST 2 may be configured to encrypt the secret data D into homomorphic encryption by the public key read from the external memory 5.
  • Homomorphic encryption can perform a predetermined analysis such as AI (artificial intelligence) analysis in a state of being encrypted with a public key without performing decryption processing. Therefore, in this case, HOST2 eliminates the OTP encryption / decryption sequence without accessing HSM4, reads the confidential data D directly from the external memory 5 while maintaining confidentiality, and encrypts it with homomorphic encryption.
  • Predetermined analysis of the secret data D can be performed in a short time, that is, at high speed and with low power consumption.
  • the true data value of the secret data D requires an OTP encryption / decryption sequence as shown in the operation sequence diagram shown in FIG. 3, and the data read processing from the HSM 4 in the communication system 1A according to the first embodiment. It will follow the same sequence.
  • the HOST 2 and the external memory 5 are directly connected by the network 8 as in the communication system 1C according to the third embodiment.
  • encrypted data such as homomorphic encryption can be stored directly from HOST 2 via network 8 in external memory 5, or from external memory 5 directly to HOST 2 via network 8. It is possible to read encrypted data such as homomorphic encryption and perform a predetermined analysis at high speed and with low power consumption without using HSM4. Further, as shown in the operation sequence diagram shown in FIG. 3, the confidential data D stored in the external memory 5 can be read out to HOST 2 while maintaining confidentiality.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
PCT/JP2020/027295 2019-08-09 2020-07-13 通信システム WO2021029173A1 (ja)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2021539172A JPWO2021029173A1 (enrdf_load_stackoverflow) 2019-08-09 2020-07-13

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2019148153 2019-08-09
JP2019-148153 2019-08-09

Publications (1)

Publication Number Publication Date
WO2021029173A1 true WO2021029173A1 (ja) 2021-02-18

Family

ID=74569408

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/027295 WO2021029173A1 (ja) 2019-08-09 2020-07-13 通信システム

Country Status (2)

Country Link
JP (1) JPWO2021029173A1 (enrdf_load_stackoverflow)
WO (1) WO2021029173A1 (enrdf_load_stackoverflow)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116055207A (zh) * 2023-01-31 2023-05-02 深圳市圣驼储能技术有限公司 一种物联网通讯数据的加密方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000050363A (ja) * 1998-07-28 2000-02-18 Kodo Ido Tsushin Security Gijutsu Kenkyusho:Kk 暗号通信装置
JP2004341502A (ja) * 2003-04-24 2004-12-02 Matsushita Electric Ind Co Ltd パラメータ生成装置、暗号化システム、復号化システム、暗号装置、復号装置、暗号化方法、復号化方法、およびプログラム
JP2007085009A (ja) * 2005-09-20 2007-04-05 Connect Technologies Corp キー開閉システム
US20180332011A1 (en) * 2017-05-11 2018-11-15 Microsoft Technology Licensing, Llc Secure cryptlet tunnel
JP2019036903A (ja) * 2017-08-21 2019-03-07 三菱電機株式会社 送信装置、受信装置、地図編集装置及び車両制御装置

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017061024A1 (ja) * 2015-10-09 2017-04-13 三菱電機株式会社 秘匿検索システム、管理装置、秘匿検索方法及び秘匿検索プログラム
JP6894678B2 (ja) * 2016-08-02 2021-06-30 キヤノン株式会社 情報処理装置とその制御方法、及びプログラム

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000050363A (ja) * 1998-07-28 2000-02-18 Kodo Ido Tsushin Security Gijutsu Kenkyusho:Kk 暗号通信装置
JP2004341502A (ja) * 2003-04-24 2004-12-02 Matsushita Electric Ind Co Ltd パラメータ生成装置、暗号化システム、復号化システム、暗号装置、復号装置、暗号化方法、復号化方法、およびプログラム
JP2007085009A (ja) * 2005-09-20 2007-04-05 Connect Technologies Corp キー開閉システム
US20180332011A1 (en) * 2017-05-11 2018-11-15 Microsoft Technology Licensing, Llc Secure cryptlet tunnel
JP2019036903A (ja) * 2017-08-21 2019-03-07 三菱電機株式会社 送信装置、受信装置、地図編集装置及び車両制御装置

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116055207A (zh) * 2023-01-31 2023-05-02 深圳市圣驼储能技术有限公司 一种物联网通讯数据的加密方法及系统
CN116055207B (zh) * 2023-01-31 2023-10-03 深圳市圣驼储能技术有限公司 一种物联网通讯数据的加密方法及系统

Also Published As

Publication number Publication date
JPWO2021029173A1 (enrdf_load_stackoverflow) 2021-02-18

Similar Documents

Publication Publication Date Title
CN107070657B (zh) 安全芯片和应用处理器及其操作方法
JP3999655B2 (ja) レベル化された機密保護があるアクセス制御のための方法及び装置
US12284270B2 (en) Systems and methods for providing signatureless, confidential and authentication of data during handshake for classical and quantum computing environments
CN107659406B (zh) 一种资源操作方法及装置
US7424615B1 (en) Mutually authenticated secure key exchange (MASKE)
EP2923458B1 (en) Method, system and device for securely transferring content between devices within a network
KR102364652B1 (ko) 화이트박스 암호화를 이용한 puf 기반 사물인터넷 디바이스 인증 장치 및 방법
CN111464564B (zh) 一种基于对称密码算法的数据高速加解密方法及装置
CN110138772A (zh) 一种通信方法、装置、系统、设备和存储介质
JP5047638B2 (ja) 暗号文復号権委譲システム
JP2018093456A (ja) セキュアネットワーク通信方法
Hathaliya et al. A smart contract-based secure data sharing scheme in healthcare 5.0
KR101246818B1 (ko) 금융 거래데이터의 암호화 방법
WO2021029173A1 (ja) 通信システム
Hall-Andersen et al. nQUIC: Noise-based QUIC packet protection
CN110381067B (zh) Ip包加密方法、解密方法及其装置
JP2001111539A (ja) 暗号鍵生成装置および暗号鍵伝送方法
CN108075896A (zh) 使用基于标识的密码学构建自认证消息的系统和方法
JP4794970B2 (ja) 秘密情報の保護方法及び通信装置
WO2020144758A1 (ja) 秘密計算装置及びクライアント装置
KR20240045557A (ko) 타원 곡선 암호를 이용한 키 유도함수 기반의 이중 암호화 장치 및 방법
KR20040097717A (ko) 세션키 전송 방법 및 시스템
US12255992B2 (en) System and method for decrypting encrypted secret data items without master password
CN115664646B (zh) 一种数据备份方法及装置
CN118488443B (zh) 一种用于无人机的加密通信方法及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20851436

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2021539172

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20851436

Country of ref document: EP

Kind code of ref document: A1