WO2022209503A1 - Physical distribution management apparatus and physical distribution management method - Google Patents

Physical distribution management apparatus and physical distribution management method Download PDF

Info

Publication number
WO2022209503A1
WO2022209503A1 PCT/JP2022/008090 JP2022008090W WO2022209503A1 WO 2022209503 A1 WO2022209503 A1 WO 2022209503A1 JP 2022008090 W JP2022008090 W JP 2022008090W WO 2022209503 A1 WO2022209503 A1 WO 2022209503A1
Authority
WO
WIPO (PCT)
Prior art keywords
node
terminal
code
seed value
physical distribution
Prior art date
Application number
PCT/JP2022/008090
Other languages
French (fr)
Japanese (ja)
Inventor
耕史 山▲崎▼
Original Assignee
耕史 山▲崎▼
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 耕史 山▲崎▼ filed Critical 耕史 山▲崎▼
Publication of WO2022209503A1 publication Critical patent/WO2022209503A1/en

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B65CONVEYING; PACKING; STORING; HANDLING THIN OR FILAMENTARY MATERIAL
    • B65GTRANSPORT OR STORAGE DEVICES, e.g. CONVEYORS FOR LOADING OR TIPPING, SHOP CONVEYOR SYSTEMS OR PNEUMATIC TUBE CONVEYORS
    • B65G61/00Use of pick-up or transfer devices or of manipulators for stacking or de-stacking articles not otherwise provided for
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/08Logistics, e.g. warehousing, loading or distribution; Inventory or stock management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present disclosure relates to a physical distribution management device and a physical distribution management method.
  • a logistics management system using blockchain is known (see Patent Document 1).
  • a computer system held by each person concerned a logistics block chain creation unit that builds a logistics block chain in common in a logistics management application, and an open PIN code and a closed PIN code are set for each block or data.
  • the logistics management application receives the input of the open PIN code to unlock the data in the logistics block, the data editing function to edit the data, and the input of the close PIN code to successfully open the edited data. a locking function that terminates and closes.
  • edited data and hash value data in logistics process blocks are exchanged between logistics process block chains.
  • each generated block is encrypted, and each encrypted block is linked in order. Therefore, data indicating that a transaction has occurred can be recorded.
  • blockchain technology does not determine whether transactions involving data are legitimate. For example, when a parcel is delivered between a sender and a recipient, it does not indicate that the sender or recipient is the legitimate sender or recipient.
  • transaction data is shared and held by a large number of participants, resulting in a very large-scale system.
  • transaction data records are bundled, encrypted, and chained, but the purpose is not to determine the situation at the moment of delivery of the package. After the delivery of the package, the main purpose is not whether the delivery of the package is valid, but whether or not the transaction data has been altered.
  • the present disclosure has been made in view of the above circumstances, and provides a physical distribution management device and a physical distribution management method that simplify the configuration of the system and can determine that the sending and receiving of parcels in the physical distribution process is valid.
  • One aspect of the present disclosure is a physical distribution management device that manages physical distribution, comprising a processor, a memory, and a communication device, wherein the processor controls the distribution of a package according to the order in which it is distributed through a plurality of physical distribution bases.
  • Flow information in which a plurality of nodes corresponding to a plurality of physical distribution bases are hierarchically arranged, wherein a node corresponding to the physical distribution start base is disposed at the top layer, and a node corresponding to the physical distribution completion base.
  • a first original code which is a code to be encrypted, is obtained, and the first original code is encrypted using a first function used in a decryptable encryption method to generate first encrypted data.
  • the communication device transmits the first n-dimensional code to a first terminal associated with a node of the first layer, and transmits the second n-dimensional code to the A logistics management device that transmits to a second terminal associated with a second layer node.
  • One aspect of the present disclosure is a physical distribution management device for managing physical distribution, comprising a processor and a memory, the memory holding a plurality of seed values, the processor providing a first terminal with obtaining a held first n-dimensional code and a second n-dimensional code held in a second terminal; obtaining said second n-dimensional code and a plurality of seed values held in said memory; A second seed value, which is a seed value of one of the , decoding the second original code to derive decoded data, wherein the decoded data is any seed value held in the memory, wherein the first seed value other than the second seed value and if the decoded data matches the first seed value, the delivery order of the package from the user of the first terminal to the user of the second terminal is valid. It is a physical distribution management device that determines that there is.
  • One aspect of the present disclosure is a physical distribution management method for managing physical distribution, wherein a plurality of nodes corresponding to the plurality of physical distribution bases are arranged hierarchically according to the order in which a package circulates through the multiple physical distribution bases. wherein a node corresponding to the start point of the physical distribution is arranged in the highest layer, a node corresponding to the completion point of the physical distribution is arranged in the lowest layer, and two adjacent nodes through which the goods are distributed are arranged.
  • Acquiring flow information in which two nodes in adjacent layers corresponding to a base are connected, acquiring a first original code that is a code to be encrypted corresponding to a node in the first layer in the flow information, Encrypting the first original code using a first function used in a decryptable encryption method to generate first encrypted data, dividing the first encrypted data, dividing the first n-dimensional data A code and a first seed value are derived, and based on the first seed value, a second code, which is a code to be encrypted corresponding to a node in a second layer that is one level lower than the first layer, is generated.
  • deriving an original code encrypting the second original code using the first function to generate second encrypted data; dividing the second encrypted data to obtain a second n-dimensional deriving a code and a second seed value; storing the first seed value and the second seed value in memory; and transmitting the second n-dimensional code to a second terminal associated with the node of the second layer.
  • One aspect of the present disclosure is a physical distribution management method for managing physical distribution, comprising: a first n-dimensional code held in a first terminal; a second n-dimensional code held in a second terminal; and combining the second n-dimensional code with a second seed value, which is one of a plurality of seed values held in memory, to obtain a code to be decoded, 2, and based on a first function used in a decryptable encryption scheme, the second original code is decrypted to derive decrypted data, and the decrypted data is held in the memory.
  • FIG. 1 A diagram showing an example of a physical distribution management system according to an embodiment of the present disclosure
  • Block diagram showing a configuration example of a terminal Block diagram showing an example of server configuration
  • a diagram showing an example of delivery information for delivering a package Flowchart showing an example of operation when a code is encrypted by a logistics management device Flowchart showing example of operation when code is encrypted by logistics management device (continuation of FIG.
  • a diagram showing an example of dividing encrypted data into two-dimensional codes and seed values A diagram showing an example of adding a branch number to a seed value Diagram for supplementary explanation of operations during encryption by the logistics management system Diagram for supplementary explanation of operations during encryption by the logistics management system Diagram for supplementary explanation of operations during encryption by the logistics management system Diagram for supplementary explanation of operations during encryption by the logistics management system Diagram for supplementary explanation of operations during encryption by the logistics management system Diagram for supplementary explanation of operations during encryption by the logistics management system Diagram for supplementary explanation of operations during encryption by the logistics management system Diagram Flowchart showing an example of the operation when the logistics management device decodes the code Flowchart (continuation of FIG.
  • FIG. 1 is a block diagram showing a configuration example of a physical distribution management system 5 according to an embodiment of the present disclosure.
  • a physical distribution management system 5 includes a plurality of terminals 10 and a physical distribution management device 20 .
  • the terminal 10 and the physical distribution management device 20 are connected via a network, for example.
  • This network may include the Internet, a public communication network (eg, a cellular network), a wired LAN (Local Area Network), a wireless LAN, and the like.
  • the terminal 10 is a smartphone, tablet terminal, or other mobile terminal, and may be a terminal other than a mobile terminal.
  • the terminal 10 may be carried by the user and be mobile.
  • the terminal 10 is a terminal 10A owned by a sender UA (delivery person) who sends (hands over) a parcel 50 to a recipient UB at a predetermined base, and a terminal 10A owned by a recipient UB who receives the parcel 50 from the sender UA at a predetermined base. may include terminals 10B, etc.
  • the physical distribution management device 20 is a server, a PC, or the like.
  • the physical distribution management device 20 manages physical distribution.
  • the physical distribution management device 20 may be located at the delivery point of the parcel 50 or other locations.
  • FIG. 2 is a block diagram showing a configuration example of the terminal 10. As shown in FIG. Terminal 10 comprises processor 11 , communication device 12 , memory 13 , operation device 14 and display device 15 .
  • the processor 11 is configured by, for example, a processor, and implements various functions by executing a program held in the memory 13 by the processor.
  • the processor may include an MPU (Micro processing Unit), a CPU (Central Processing Unit), a DSP (Digital Signal Processor), and the like.
  • the processor 11 controls the operation of each unit of the terminal 10 and performs various processes.
  • the communication device 12 communicates various data or information.
  • the communication method of the communication device 12 is WAN (Wide Area Network), LAN (Local Area Network), cellular communication for mobile phones (for example, LTE, 5G), or short-range communication (for example, infrared communication or Bluetooth (registered trademark ) communication) and the like.
  • the memory 13 includes a primary storage device (for example, RAM (Random Access Memory) or ROM (Read Only Memory)).
  • the memory 13 may include a secondary storage device (eg, HDD (Hard Disk Drive) or SSD (Solid State Drive)) and a tertiary storage device (eg, optical disk, SD card).
  • Memory 13 may include other storage devices.
  • the memory 13 stores various data, information, programs, and the like.
  • the memory 13 may hold, for example, an acquired two-dimensional code CD2, which will be described later.
  • the operation device 14 may include various buttons, keys, touch panels, microphones, or other input devices.
  • the operation device 14 receives input of various data and information.
  • the display device 15 may include a liquid crystal display device, an organic EL device, or other display devices.
  • the display device displays various data and information.
  • FIG. 3 is a block diagram showing a configuration example of the physical distribution management device 20.
  • a physical distribution management device 20 includes a processor 21 , a communication device 22 and a memory 23 .
  • the processor 21 is configured by, for example, a processor, and implements various functions by executing a program held in the memory 23 by the processor.
  • Processors may include MPUs, CPUs, DSPs, and the like.
  • the processor 21 controls the operation of each part of the physical distribution management device 20 and performs various processes.
  • the communication device 22 communicates various data and information.
  • the communication method by the communication device 22 may include, for example, communication methods such as WAN, LAN, power line communication, and cellular communication for mobile phones.
  • the memory 23 includes a primary storage device (for example, RAM or ROM).
  • the memory 23 may include a secondary storage device (eg, HDD or SSD) or a tertiary storage device (eg, optical disc, SD card).
  • Memory 23 may include other storage devices.
  • the memory 23 stores various data, information, programs, and the like.
  • the memory 23 may hold, for example, delivery information DI, derived seed values SD and hash values HS, etc., which will be described later.
  • the operation device 24 may include various buttons, keys, touch panels, microphones, or other input devices.
  • the operation device 24 receives input of various data and information.
  • the display device 25 may include a liquid crystal display device, an organic EL device, or other display devices.
  • the display device displays various data and information.
  • delivery (sending and receiving) of various packages 50 occurs at multiple bases.
  • Each location may include a distribution center, a destination customer's residence, and the like.
  • Distribution centers may include one or a few central distribution centers to multiple distribution center branches.
  • a plurality of bases for delivering the package 50 may exist hierarchically, and the package 50 may be delivered sequentially at each base.
  • the sender UA of the package 50 sends the package 50
  • the receiver UB of the package 50 receives the package 50.
  • the sender UA of the parcel 50 and the receiver UB of the parcel 50 at each base can possess the terminal 10 .
  • FIG. 4 is a diagram showing an example of delivery information DI for delivering the package 50.
  • the delivery information DI includes delivery flow information DF corresponding to the delivery route and delivery order, and delivery related information DR related to delivery.
  • the delivery information DI is held in the memory 23, for example. It should be noted that the delivery flow information DF does not particularly mean an instruction by a drawing as long as it is in the form of a flow.
  • the delivery flow information DF includes information in which a plurality of nodes ND corresponding to a plurality of distribution bases are hierarchically arranged according to the order in which the package 50 is distributed through the plurality of distribution bases.
  • a node ND corresponding to a distribution start point is arranged in the highest layer
  • a node ND corresponding to a distribution completion point is arranged in the lowest layer
  • a node ND corresponding to a distribution relay point is arranged.
  • ND contains information located in the middle layer.
  • the delivery flow information DF includes information in which two nodes ND in adjacent layers are connected corresponding to two adjacent bases through which the package 50 is distributed.
  • each node ND corresponding to each base to which packages are delivered is hierarchically arranged.
  • two nodes ND in adjacent layers corresponding to two adjacent bases through which the package 50 is distributed are connected by a connection line LN. That is, the connection line LN indicates a delivery route.
  • the node ND corresponding to the upstream (close to the delivery start point) base in delivery is indicated in the upper layer
  • the downstream (far from the delivery start point, that is, close to the delivery target point) node in delivery is indicated in the upper layer
  • a node ND corresponding to the base is shown in the lower layer.
  • the delivery of the parcel 50 repeats the start and end of delivery between two bases, and when the final delivery target base (delivery completion base, for example, the base where the orderer of the parcel 50 is located) is reached, the delivery is completed. do.
  • a connection line LN connects a node ND corresponding to a base from which a parcel departs and a node ND corresponding to a base to which a parcel arrives in adjacent layers.
  • the point where the package arrives here can be a relay point.
  • a node ND corresponding to a base from which a parcel departs is positioned one level higher than a node ND corresponding to a base to which a parcel arrives.
  • nodes ND may exist within the same hierarchy.
  • one node ND in a predetermined hierarchy is connected to a plurality of nodes ND one level lower than the predetermined hierarchy by connection lines LN.
  • the node ND on the upstream side of delivery is also called a "parent node”
  • the node ND on the downstream side of delivery is also called a "child node”. Therefore, the child node is arranged one step below the parent node.
  • One or more child nodes are connected to one parent node by connection lines LN.
  • each node ND corresponding to each base places the base where the delivery of the package 50 is started in the highest layer, taking into consideration the order of delivery of the package 50 or the branching of the delivery route.
  • Bases are arranged hierarchically, with bases that have completed delivery of packages as bases in the lowest layer.
  • the delivery-related information DR is associated with each node ND in the delivery flow information DF.
  • the delivery-related information DR may be held in association with each package 50 .
  • the delivery-related information DR includes, for example, a delivery person ID that identifies a delivery person, model number information of the product that is the package 50, information on the seller of the product that is the package 50, or information on the date of manufacture of the product that is the package 50. OK.
  • the delivery person here is the delivery person who delivers the package 50 from the base corresponding to the node ND associated with the delivery-related information DR to the base (next base) corresponding to the child node of this node ND. This deliverer becomes the recipient UB of the package 50 at the base corresponding to the node ND associated with the delivery-related information DR, and the sender UA of the package 50 at the base corresponding to the child node of this node ND.
  • the physical distribution management device 20 assigns a cryptographic source code CD, which is a code to be encrypted, in association with each node ND.
  • the physical distribution management device 20 encrypts the encryption source code CD to generate encrypted data CR, and conversely decrypts the encrypted data CR to generate decrypted data DD.
  • Each cryptographic code CD corresponding to each node ND is a different code for each node ND, and the node ND may be uniquely identified by the cryptographic code CD. Therefore, it may be possible to uniquely identify the site by the cryptographic code CD.
  • 5A and 5B are flowcharts showing an operation example when the distribution management device 20 encrypts a code (original code).
  • the processor 21 acquires the delivery information DI (S11).
  • the delivery information DI may be held in the memory 23 and the processor 21 may acquire the delivery information DI from the memory 23 .
  • Processor 21 may obtain delivery information DI from an external server via communication device 22 .
  • Processor 21 also sets variable n to the value one.
  • the delivery information DI includes delivery flow information DF and delivery related information DR.
  • the processor 21 encrypts the assigned cryptographic code CD using a decryptable encryption method function (eg, RSA, DES, AES, elliptic curve cryptography, hybrid cryptography) to obtain encrypted data CR (S13).
  • a decryptable encryption method function eg, RSA, DES, AES, elliptic curve cryptography, hybrid cryptography
  • the processor 21 divides the obtained encrypted data CR into a seed value SD and a two-dimensional code CD2 (eg, QR code (registered trademark)) (S14). In this case, the processor 21 sets one of two divided data (also referred to as first divided data) obtained by dividing the encrypted data CR into two as a seed value SD, and sets the other of the two divided data as a two-dimensional code CD2 (second (an example of divided data).
  • the processor 21 may divide the encrypted data CR into the two-dimensional code CD2 and the seed value SD by taking into consideration the number of digits of the encrypted data CR and dividing the encrypted data CR into two equal digits.
  • the processor 21 divides the encrypted data CR into the two-dimensional code CD2 and the seed value SD in such a way that the number of digits of the two-dimensional code CD2 and the seed value SD are different from each other. value SD.
  • FIG. 6 is a diagram showing an example of dividing the encrypted data CR of the node A into the two-dimensional code CD2 and the seed value SD. In FIG. 6, the left half obtained by dividing the encrypted data CR is the seed value SD, and the right half is the two-dimensional code CD2, but the present invention is not limited to this.
  • the processor 21 determines whether or not the variable n is equal to the variable k, that is, whether or not the layer to be encrypted is the lowest layer (S15). If the variable n is equal to the variable k, go to step S21 of FIG. 5B.
  • the processor 21 adds 1 to the variable n (S16). In other words, the layer to be encrypted is moved to a lower layer.
  • the processor 21 determines whether or not there are a plurality of nodes ND in the n-th layer (the n-th layer after the layer movement in step S16) based on the delivery flow information DF (S17).
  • the processor 21 selects the (n-)th (n ⁇ 1) Assign a seed value SD corresponding to the node ND of the layer (S18). That is, the processor 21 uses the seed value SD corresponding to the (n ⁇ 1)-th layer parent node as it is as the encryption code CD of the n-th layer child node.
  • the processor 21 selects the (n ⁇ 1)th ) layer with a branch number for identifying the node ND added to the seed value SD of the node ND of the layer (S19). That is, the processor 21 attaches a branch number to the seed value SD of the parent node of the (n ⁇ 1)-th layer as an example of node identification information capable of identifying each of the plurality of child nodes existing in the n-th layer. , generates the encryption source code CD of the child node.
  • the branch number can be added at any position with respect to the seed value SD, and may be added at any position before, during, or after the seed value SD.
  • a branch number is represented by a predetermined number of digits (for example, four digits). For example, if two child nodes exist for the same parent node, branch numbers "0001" and "0002" may be added immediately before the seed value SD. For example, when the branch number is attached to the seed value SD, it may be added inside a predetermined number of digits indicating the seed value SD (for example, at the beginning or at the end).
  • the number of digits to which the branch number is assigned and the position relative to the seed value SD are determined in advance and stored in the memory 23, for example, so that the processor 21 can recognize them.
  • FIG. 7 is a diagram showing an example of adding a branch number to the seed value SD of node A. In FIG.
  • the processor 21 may add information indicating that there is no branch (no-branch information) to the seed value SD instead of the branch number.
  • the no-branch information like the branch number, is represented by a predetermined number of digits (eg, 4 digits), and may be represented by "0000", for example.
  • the no-branch information may be added before, during, or after the seed value SD. When added in the seed value SD, it may be added inside a predetermined number of digits indicating the seed value SD (for example, at the beginning or at the end).
  • the number of digits to which the no-branch information is attached and the position with respect to the seed value SD are determined in advance and stored in the memory 23, so that the processor 21 can recognize them.
  • step S13 After the processing of step S18 or step S19, proceed to step S13.
  • the physical distribution management device 20 encrypts the original code CD (S13) and divides the encrypted data CR (S14) for each node ND in the n-th layer after the layer movement. Then, it moves to the next layer (one layer below) (S16), assigns the original code to each node ND of the n-th layer after the layer movement (S18, S19), encrypts the original code CD (S13) and The division of the encrypted data CR (S14) is repeated. This repetition is continued until encryption of the encryption original code CD corresponding to each node ND in the lowest layer (k-th layer) and division of the encryption data CR are performed.
  • step S15 if the variable n is equal to the variable k, that is, if the encryption of the original code CD corresponding to the lowest layer node NDE and the division of the encrypted data CR are completed, the process proceeds to step S21 in FIG. 5B.
  • the processor 21 calculates a hash value HS using a hash function (for example, SHA256) based on the encrypted data CR for each node ND in each layer (S21).
  • a hash function is an example of a one-way function, that is, a function of a cryptosystem that is difficult to decrypt, and other one-way functions may be used.
  • the hash value HS is an example of the value of the calculation result of the one-way function, and may be the value of the calculation result of another one-way function.
  • the processor 21 transmits the two-dimensional code CD2 corresponding to each node ND of each layer to each designated destination via the communication device 22 (S22).
  • the designated destination is determined for each node ND, and may be the terminal 10 possessed by the deliverer (sender UA of the parcel 50) identified by the above-described deliverer ID.
  • the designated destination may be included in the delivery-related information DR. That is, the communication device 22 may transmit the two-dimensional code CD2 corresponding to each node ND in each layer to the terminal 10 corresponding to each node ND.
  • the processor 11 receives the two-dimensional code CD2 corresponding to each node ND in each layer transmitted from the physical distribution management apparatus 20 in step S22 via the communication device 12. , this two-dimensional code CD2 is held in the memory 13 . This two-dimensional code CD2 is used when decrypting the encryption original code CD.
  • the processor 21 stores the seed value SD and hash value HS derived corresponding to each node ND in each layer in the memory 23 (S23).
  • the seed value SD and hash value HS are used when decrypting the original code CD.
  • the seed value SD and hash value HS are held in pairs.
  • the memory 23 does not hold information indicating which layer and which node ND the seed value SD and hash value HS are related to in the delivery flow information DF. In other words, the memory 23 holds pairs of the seed value SD and the hash value HS without consideration of the hierarchy and node positions in the delivery flow information DF.
  • the physical distribution management device 20 can greatly reduce the possibility that the encryption source code CD to be encrypted will be decrypted.
  • FIGS. 8 to 13 are diagrams for supplementary explanation of the encryption operation performed by the distribution management system 5.
  • FIG. 8 to 13 are arranged in chronological order when the encryption source code CD is encrypted by the physical distribution management system 5.
  • A, B, C, and D are added to the end of the code indicating each part from the 1st layer to the 4th layer so that the layers can be identified.
  • the node NDA is arranged in the first layer
  • the node NDB is arranged in the second layer
  • the nodes NDC are arranged in the third layer
  • the nodes NDD are arranged in the fourth layer.
  • an arbitrary cryptographic code CDA (an example of a cryptographic code CD) is assigned in association with the node NDA in the highest layer. This process corresponds to the process of step S12 in FIG. 5A.
  • the encrypted data CRA obtained by encrypting the encrypted original code CDA corresponding to the node NDA in the highest layer is divided into the seed value SDA and the two-dimensional code CD2A.
  • a cryptographic code CDB (an example of a cryptographic code CD) based on the seed value SDA of the node NDA of the first layer is assigned to the node ND of the second layer.
  • the encrypted data CR obtained by encrypting the original code CD corresponding to the node NDB of the second layer is divided into the seed value SD and the two-dimensional code CD2. there is This process corresponds to the process of step S14 in FIG. 5A.
  • the encrypted data CR obtained by encrypting the encrypted original code CD linked to the node ND is divided into the seed value SD and the two-dimensional code CD2. ing.
  • a plurality of nodes NDC exist in the third layer, and a connection line LN connected from one node NDB in the second layer is connected to the nodes NDC1 and NDC2. That is, the node NDB branches to the node NDC1 and the node NDC2.
  • the branch number is included in the encryption original code CD corresponding to the node NDC1 and the encryption original code CD corresponding to the node NDC2.
  • the branch number is added to the seed value SD corresponding to the node NDB as the parent node to form the encryption code CD corresponding to the nodes NDC1 and NDC2 as the child nodes.
  • a hash value HS is calculated for each pair of two-dimensional code CD2 and seed value SD corresponding to each node ND in each layer (that is, each encrypted data CR before division). This process corresponds to the process of step S21 in FIG. 5B.
  • the two-dimensional code CD2 corresponding to each node ND of each layer is transmitted to the specified destination associated with each node ND.
  • the transmitted two-dimensional code CD2 is excluded from being stored in the memory 23 .
  • the seed value SD and hash value HS corresponding to each node ND in each layer are held in the memory 23 . This processing corresponds to the processing of steps S22 and S23 in FIG. 5B.
  • the physical distribution management device 20 As described above, according to an example of operation at the time of code encryption, the physical distribution management device 20, according to the positional relationship and connection relationship of each node ND in the delivery flow information DF, encrypts the original code CD, the encrypted data CR, and the two A dimension code CD2 and a seed value SD can be derived sequentially. Since the child node generates the cryptographic original code CD to be encrypted based on the seed value SD of the parent node, the parent node and the child node are associated. The state in which the parent node and the child node are associated is inherited throughout the delivery flow information DF, thereby forming a series of connection relationships (chains) in which all nodes ND are associated based on the seed value SD. be.
  • the physical distribution management device 20 acquires the seed value SD and the two-dimensional code CD2 that are separately stored in the physical distribution management device 20 and the terminal 10, thereby obtaining encrypted data CR (to be described later) corresponding to the child node. It is possible to derive the original decryption code CD3) and decrypt the seed value SD corresponding to the parent node from the encrypted data CR.
  • the physical distribution management device 20 can easily generate an encrypted chain based on the seed value SD and can ensure security.
  • FIG. 5A and FIG. 5B exemplify deriving the hash value HS at the time of encryption, it is not limited to this.
  • the processor 21 may omit processing related to derivation and recording of the hash value HS. That is, the process of step S21 in FIG. 5B may be omitted, and the process of storing the hash value HS in the memory 23 in step S23 may be omitted.
  • the physical distribution management device 20 simplifies the processing related to the encryption of the encryption source code CD, shortens the processing time related to the encryption, and evaluates the validity of the delivery order of the packages 50. can. Also, when the physical distribution management apparatus 20 calculates the hash value HS and stores it in the memory 23, it can evaluate the legitimacy of the terminal 10 associated with the node ND corresponding to the hash value HS.
  • FIGS. 14A and 14B are sequence diagrams showing an operation example when the distribution management system 5 decrypts the code (decryption source code).
  • the terminal 10A is also simply referred to as terminal A
  • the terminal B is simply referred to as terminal B.
  • FIG. 14A and 14B are sequence diagrams showing an operation example when the distribution management system 5 decrypts the code (decryption source code).
  • the terminal 10A is also simply referred to as terminal A
  • terminal B is simply referred to as terminal B.
  • FIGS. 14A and 14B are implemented, for example, when the sender UA of the package 50 and the receiver UB of the package 50 deliver the package 50 at a predetermined base.
  • the sender UA of the package 50 at the same base is positioned upstream from the receiver UB of the package. Therefore, in the delivery flow information DF, the node ND corresponding to the base corresponding to the sender UA of the parcel 50 is located one level higher than the node ND corresponding to the base corresponding to the recipient UB of the parcel 50 .
  • FIGS. 14A and 14B are implemented, for example, when the sender UA of the package 50 and the receiver UB of the package 50 deliver the package 50 at a predetermined base.
  • the sender UA of the package 50 at the same base is positioned upstream from the receiver UB of the package. Therefore, in the delivery flow information DF, the node ND corresponding to the base corresponding to the sender UA of the parcel 50 is located one level higher than the node ND corresponding
  • the terminal 10A possessed by the package sender UA transmits the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20.
  • the terminal 10A possessed by the package sender UA transmits the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20.
  • the owner of the terminal 10 is the sender UA or the recipient UB of the parcel 50 at a predetermined base.
  • the delivery-related information DR included in the delivery flow information DF includes a delivery person ID.
  • the delivery person ID associated with each node ND in the delivery flow information DF is the identification ID of the recipient UB of the package 50 at the base corresponding to this node ND, for example, the ID of the terminal 10B possessed by the recipient UB. be. Therefore, this node ND is associated with the terminal 10B.
  • the parent node of this node ND is associated with terminal 10A.
  • the processor 11 stores the two-dimensional code CD2 (the two-dimensional code CD2TB of the terminal 10B) distributed from the physical distribution management device 20 and held in the memory 13. , is displayed on the display device 15 .
  • the processor 11 of the terminal 10A reads the two-dimensional code CD2TB of the terminal 10B via a two-dimensional code reader (hardware or software). Then, the terminal 10A distributes the read two-dimensional code CD2TB of the terminal 10B and the two-dimensional code CD2 held in the memory 13 of the terminal 10A (the two-dimensional code CD2TA of the terminal 10A). Send to the management device 20 .
  • the user of the terminal 10 (the sender UA or the recipient UB of the parcel 50) can easily enter the two-dimensional code CD2 of the other party to whom the parcel 50 is delivered. can be obtained.
  • the terminal 10A may transmit the two-dimensional code CD2TA of the terminal 10A to the physical distribution management apparatus 20 after the communication device 12 has transmitted the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20 .
  • the processor 11 may transmit to the physical distribution management device 20 order instruction information for maintaining the decoding order based on the two-dimensional code CD2TB.
  • the order instruction information includes information instructing decoding based on the two-dimensional code CD2TA of the terminal 10A after decoding based on the two-dimensional code CD2TB of the terminal 10B.
  • the communication device 22 acquires (receives) the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B from the terminal 10A (S31). In this case, the communication device 22 receives the two-dimensional code CD2TA of the terminal 10A after receiving the two-dimensional code CD2TB of the terminal 10B. Alternatively, the communication device 22 obtains the above order indication information.
  • the processor 21 determines to perform decoding based on the two-dimensional code CD2TB before decoding based on the two-dimensional code CD2TA, based on the order of reception of the two-dimensional codes CD2TA and CD2TB or the order indication information.
  • the processor 21 refers to the information held in the memory 23 and searches for a seed value SD that can be successfully decoded in combination with the obtained two-dimensional code CD2TB of the terminal 10B. That is, the processor 21 searches whether or not there is a seed value SD generated in association with the two-dimensional code CD2TB of the terminal 10B.
  • the memory 23 does not hold information indicating the order of the chain generated at the time of encryption. Therefore, the processor 21 cannot determine which seed value SD among the one or more stored seed values SD is associated with the two-dimensional code CD2TB of the terminal 10B.
  • the processor 21 combines an arbitrary seed value (a seed value that has not yet been combined with the two-dimensional code CD2TB of the terminal 10B) held in the memory 23 with the two-dimensional code CD2TB of the terminal 10B to perform decoding of the terminal 10B.
  • a target original code (decoded original code CD3) is generated (S32).
  • the decryption source code CD3 corresponds to the encrypted data CR generated during encryption.
  • the processor 21 attaches a flag indicating that the combination has been completed to the seed values SD that have been combined once, thereby determining whether or not the seed values have not yet been combined. It may be excluded from subsequent combination candidates.
  • the processor 21 performs back calculation using the decryptable encryption method function (for example, the RSA function) used at the time of encryption, decrypts the original decryption code CD3 of the terminal 10B, and obtains the decrypted data DC of the terminal 10B (S33). .
  • the decrypted data DC corresponds to the code source code CD which was the code to be encrypted at the time of encryption.
  • the processor 21 determines whether or not the branch number is included in the obtained decoded data DC of the terminal 10B (S34). At the time of encryption, assuming that a plurality of child nodes exist for the same parent node, if a branch number is added to the seed value SD of the parent node to generate the encryption code CD of the child node, this encryption code The branch number is included in the decoded data DC corresponding to CD. For example, the processor 21 may refer to a predetermined area (eg, the first four digits) in the decoded data DC to determine whether or not the decoded data DC of the terminal 10B includes the branch number.
  • a predetermined area eg, the first four digits
  • the processor 21 determines that the decoded data DC of the terminal 10B does not include a branch number. you can
  • the processor 21 deletes (excludes) the branch number from the decoded data DC of the terminal 10B (S35). Deleting (excluding) the branch number may include changing the branch number to no-branch information (for example, changing the area indicating whether or not there is a branch to "0000").
  • the processor 21 determines that the decoded data DC of the terminal 10B is , and other seed values SD held in the memory 23 (S36).
  • the other seed value SD here is any seed value SD held in the memory 23 and is a seed value SD other than the seed value SD of the decoding original code CD3 of the terminal 10B.
  • the decoded data DC of the terminal 10B matches another seed value SD held in the memory 23, it is determined that the delivery order of the package 50 is correct (S37).
  • Validity of the delivery order of the package 50 is an example of valid delivery of the package 50 .
  • the terminal 10A is the terminal of the sender UA who sends the parcel 50 at a predetermined base.
  • the terminal 10B is the terminal of the recipient UB who receives the parcel 50 at this base.
  • the decrypted data DC obtained by decrypting the original decryption code CD3 of the terminal 10B corresponds to a node (parent node) in the next higher layer where the connection line LN is connected to the node ND corresponding to the terminal 10B. It should contain the seed value SD.
  • the processor 21 can determine that the seed value SD corresponds to this parent node. Therefore, processor 21 can estimate that node ND corresponding to terminal 10A is a parent node, and node ND corresponding to terminal 10B is a child node of this parent node. Therefore, the processor 21 succeeds in decoding the decoding source code CD3 of the terminal 10B, and determines that the delivery order of the parcel 50 is valid.
  • step S36 it is determined whether or not all the seed values SD held in the memory 23 have been combined with the terminal 10B. (S38).
  • step S32 If there is a seed value SD that has not yet been combined with the two-dimensional code CD2TB of the terminal 10B in the memory 23 (No in S38), the processor 21 proceeds to step S32 and repeats the processing of steps S32 to S38. That is, the processor 21 combines the obtained two-dimensional code CD2TB of the terminal 10B and an arbitrary seed value SD among the plurality of seed values SD held in the memory 23 while changing the seed value SD, This is repeated until the decoded data DC of 10B matches another seed value SD held in the memory 23 (until the decoding is successful).
  • the sender UA of the package 50 possessing the terminal 10A possesses the terminal 10B. It is determined that the delivery of the package 50 to the recipient UB of the package 50 is not valid (S47 in FIG. 14B).
  • the processor 21 calculates the hash value HS' of the terminal 10B based on the decryption source code CD3 of the terminal 10B that has been successfully decrypted (S41).
  • the processor 21 combines the calculated hash value HS' of the terminal 10B and the hash value HS held in the memory 23 with the seed value SD of the decryption source code CD3 of the successfully decrypted terminal 10B. It is determined whether or not HS matches (S42).
  • the processor 21 determines that the terminal 10B is valid, that is, the recipient UB of the package 50 possessing the terminal 10B is valid. (S43). Validity of the terminal 10B is an example of validation of delivery of the parcel 50 . On the other hand, if the hash value HS' of the terminal 10B does not match the hash value HS (No in S42), the processor 21 receives the package 50 possessing the terminal 10B from the sender UA of the package 50 possessing the terminal 10A. It is determined that the delivery of the package 50 to the person UB is not valid (S47).
  • the processor 21 combines the two-dimensional code CD2TA obtained by the terminal 10A obtained in step S31 and the seed value SD of the terminal 10A searched from the memory 23, based on the decryption source code CD3 of the terminal 10A.
  • a hash value HS' of 10A is calculated (S44).
  • the seed value SD of the terminal 10A here is another seed value SD retrieved from the memory 23 when the decoding is successful in steps S36 and S37.
  • the processor 21 combines the calculated hash value HS' of the terminal 10A with the hash value HS held in the memory 23 and paired with the seed value SD of the decryption source code CD3 of the terminal 10A. It is determined whether or not they match (S45).
  • the processor 21 determines that the terminal 10A is valid, that is, the sender UA of the package 50 possessing the terminal 10A is valid. (S46). Validity of the terminal 10A is an example of validation of delivery of the package 50 . On the other hand, if the hash value HS' of the terminal 10A does not match the hash value HS (No in S45), the processor 21 receives the package 50 having the terminal 10B from the sender UA of the package 50 having the terminal 10A. It is determined that the delivery of the package 50 to the person UB is not valid (S47).
  • the processor 21 may use a hash function (an example of a one-way function) to calculate a hash value SDHS of the seed value SD from the seed value SD of the terminal 10A whose legitimacy is guaranteed.
  • Processor 21 may transmit hash value SDHS to terminal 10A via communication device 32 .
  • the processor 11 may receive the hash value SDHS of the terminal 10A via the communication device 12 and store it in the memory 13.
  • FIG. Since this hash value SDHS is based on the seed value SD forming part of the chain, it is highly reliable and can be used as an electronic seal stamp for the terminal 10A, for example.
  • the terminal 10A possessed by the package sender UA transmits the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20.
  • the terminal 10B possessed by the package recipient UB may transmit the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20. .
  • the terminal 10A causes the processor 11 to display on the display device 15 the two-dimensional code CD2 (the two-dimensional code CD2TA of the terminal 10A) distributed by the physical distribution management device 20 and held in the memory 13.
  • the processor 11 of the terminal 10B reads the two-dimensional code CD2TA of the terminal 10A via a two-dimensional code reader (hardware or software).
  • the communication device 12 distributes the read two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2 held in the memory 13 of the terminal 10B (the two-dimensional code CD2TB of the terminal 10B).
  • Send to the management device 20 Even in this case, code decoding is performed sequentially from downstream to upstream in the chain corresponding to downstream to upstream distribution. Therefore, decoding based on the two-dimensional code CD2TA of the terminal 10A is performed after decoding based on the two-dimensional code CD2TB of the terminal 10B.
  • the physical distribution management device 20 can transmit the two-dimensional codes CD2TA and CD2TB to the physical distribution management device 20 according to the operation examples of FIGS. Both the legitimacy and the legitimacy of the terminal 10B can be guaranteed.
  • steps S41 to S43 in FIG. 14B can be omitted. That is, steps S41 to S43 may be omitted.
  • the process of verifying the hash value regarding the terminal 10A in steps S44 to S46 of FIG. 14B can be omitted. That is, steps S44 to S46 may be omitted.
  • the physical distribution management device 20 can evaluate the validity of the delivery order of the parcels 50 while simplifying the processing related to the decoding of the decoding source code CD3 and shortening the processing time related to the decoding. . Further, when calculating the hash value HS, the physical distribution management device 20 can evaluate the legitimacy of the terminal 10 associated with the node ND corresponding to the hash value HS.
  • step S38 of FIG. 14A if the combination of the two-dimensional code CD2TB of the terminal 10B and any seed value SD held in the memory 23 does not succeed in decoding, the process proceeds to step S47 of FIG. 14B.
  • step S47 of FIG. 14B it is not limited to this. Even if the combination of the two-dimensional code CD2TB of the terminal 10B and any seed value SD held in the memory 23 does not succeed in decoding in step S38 of FIG. 14A, the hash value verification processing of steps S41 to S47 is performed. You may
  • the node ND corresponding to the terminal 10B is the highest layer node ND in the delivery flow information DF, there is no parent node having the node ND corresponding to the terminal 10B as a child node. Therefore, there is no seed value SD of the parent node corresponding to the decoded data DC obtained by decoding the original decoded code CD3 of the child node. Even in this case, the physical distribution management device 20 performs verification using the hash value HS of the terminal 10B, and finds that the delivery order is incorrect, but the terminal 10B is one of the terminals 10 forming the chain. At least the legitimacy of the terminal 10B can be guaranteed.
  • the physical distribution management device 20 performs verification using the hash value HS of the terminal 10A to confirm that the delivery order is invalid, but that the terminal 10A is one of the terminals 10 forming the chain. At least the legitimacy of the terminal 10A can be guaranteed.
  • the owner of the terminal 10 cannot send or receive the parcel 50 at a predetermined base, for example, the parcel 50 cannot be delivered from the previous base to the next base after passing through the predetermined base. It can be shipped.
  • the delivery order is determined by decoding based on the decoding source code CD3 of the terminal 10B possessed by the recipient UB of the parcel 50. is determined to be improper.
  • the physical distribution management device 20 performs verification using the hash value HS of the terminal 10A or the terminal 10B to confirm that the delivery order is incorrect, but the terminal 10A or 10B is one of the terminals 10 forming the chain. It is one and can at least guarantee the legitimacy of the terminal 10A or 10B. As a result, even if the delivery order is changed due to, for example, a sudden illness, it can be dealt with.
  • the physical distribution management device 20 verifies using the hash value that the two-dimensional codes CD2TA and CD2TB held by the terminal 10A or the terminal 10B have been tampered with or the two-dimensional codes held by other terminals 10 have been replaced. In this case, it can be determined that the terminal 10A or the terminal 10B is not legitimate. Therefore, the physical distribution management device 20 can detect fraud and spoofing.
  • the physical distribution management device 20 transmits information indicating that the delivery order and the terminal 10A or the terminal 10B are valid to the terminal 10A.
  • Terminal 10A may cause processor 11 to receive this information via communication device 12 and cause display device 15 to display information indicating the delivery order and the validity of terminal 10A or terminal 10B.
  • the sender UA of the package 50 possessing the terminal 10A can confirm that it is safe to deliver the package 50 to the recipient UB.
  • FIG. 15 to 18 are diagrams for supplementary explanation of the decoding operation by the distribution management system 5.
  • FIG. 15 to 18 are arranged in chronological order when the original decoding code CD3 is decoded by the distribution management system 5.
  • FIG. 15 to 18, for the sake of explanation, the seed value SD corresponding to the node ND hierarchically arranged corresponding to the delivery flow information DF at the time of encryption (that is, the seed value SD corresponding to the chain obtained by encryption Seed value SD), etc. are arranged, but the memory 23 does not hold information about this hierarchy.
  • the terminal 10A reads the two-dimensional code CD2TB displayed by the terminal 10B, and transmits the two-dimensional code CD2TB of the terminal 10A held by the terminal 10A and the two-dimensional code 2TB of the terminal 10B to the physical distribution management device 20.
  • These processes correspond to the process of step S31 in FIG. 14A.
  • FIG. 16 shows that the memory 23 holds a plurality of seed values SD.
  • An arbitrary seed value SD in the memory 23 and the two-dimensional code CD2TB of the terminal 10B obtained from the terminal 10A are combined to generate the decoding source code CD3 of the terminal 10B.
  • the decoded data DC of the terminal 10B matches another seed value SD held in the memory 23.
  • the seed value SD corresponding to the node NDC2 corresponding to the terminal 10B is the seed value SDC2
  • the seed value SD obtained by decoding is the seed value SDB corresponding to the node NDB one level above the node NDC2.
  • This node NDB is the node ND corresponding to the terminal 10A.
  • the two-dimensional code CD2TB of the terminal 10B is the two-dimensional code CD2C2.
  • the seed value SD (SDB) included in the decoded data DC of the terminal 10B and the two-dimensional code CD2TA of the terminal 10A obtained from the terminal 10A are combined to generate the decoding original code CD3 of the terminal 10A.
  • the two-dimensional code CD2TA of this terminal 10A is the two-dimensional code CD2B when the terminal 10A corresponds to the node NDB as in FIG.
  • the hash value HS'(HSB') of the terminal 10A is calculated based on the decryption source code CD3 of the terminal 10A. This hash value HSB' is compared with the hash value HS (HSB) of the terminal 10A held in the memory 23 to verify the legitimacy of the terminal 10A.
  • the seed value SDB corresponding to the node ND (NDB) corresponding to the terminal 10A is hashed to derive the hash value SDHS, and the hash value SDHS is transmitted to the terminal 10A. That is, the hash value SDHS is calculated from the seed value D paired with the two-dimensional code CD2TA transmitted by the terminal 10A, and transmitted to the terminal 10A. Accordingly, by acquiring the hash value SDHS, the terminal 10A can attach the hash value SDHS as a tag to data input via the operation device 14, for example. available for
  • the physical distribution management apparatus 20 holds the seed value SD and the hash value HS obtained at the time of encryption in the memory 23, By obtaining the two-dimensional code CD2 distributed at the time of encryption from 10, the decryption process can be performed.
  • the physical distribution management device 20 may delete the seed value SD or hash value HS held in the memory 23 from the memory 23. In this case, the capacity of the memory 23 can be used efficiently. .
  • the sender UA and the receiver UB of the package 50 can easily manage the package with high reliability simply by possessing the terminal 10. 50 deliveries can be performed.
  • the physical distribution management device 20 can simplify the system configuration and determine that the delivery and receipt of the parcel 50 in the physical distribution process are valid.
  • the carrier can use the terminal 10 (for example, a smartphone) , you can enjoy highly reliable logistics management services as described above.
  • the physical distribution management system 5 can improve the certainty of the delivery authentication of the package 50 compared to the case where the signature for the delivery of the package 50 is written by hand or the seal is pressed. The time required can be shortened.
  • the two-dimensional code of one terminal 10 can be read from the other terminal 10 when the package 50 is delivered, it is also useful from the viewpoint of preventing infectious diseases.
  • the physical distribution management system 5 confirms the validity of the delivery action by confirming the recipient UB by the sender UA, or confirming the sender UA by the recipient UB, or both, when the package 50 is delivered. It is possible to check when a problem occurs and determine the validity of the entire distribution process.
  • the parcel 50 may also include electronic data, and therefore physical distribution may also include electronic transactions.
  • the second divided data which is the other of the two divided data obtained by dividing the encrypted data CR, is exemplified as the two-dimensional code CD2, but it is not limited to this.
  • the second divided data may be a one-dimensional bar code, a multi-dimensional code of three or more dimensions, that is, an n-dimensional code (where n is an integer of 1 or more), or a readable code that can be read by another reader or the like. There may be.
  • the physical distribution management device 20 of this embodiment manages physical distribution and includes the processor 21 , the memory 23 and the communication device 22 .
  • the processor 21 acquires flow information (for example, delivery flow information DF).
  • flow information for example, delivery flow information DF
  • a plurality of nodes ND corresponding to a plurality of physical distribution bases are hierarchically arranged according to the order in which the package 50 circulates through the multiple physical distribution bases, and the node ND corresponding to the physical distribution starting base is the highest order.
  • a node ND corresponding to a physical distribution completion base is arranged in the lowest layer, and two nodes ND in adjacent layers corresponding to two adjacent bases through which the cargo 50 is distributed are connected.
  • the processor 21 acquires a first cryptographic original code CD (an example of a first original code), which is a code to be encrypted corresponding to the node ND of the first layer in the flow information.
  • the processor 21 encrypts the first cryptographic code CD using the first function (for example, the RSA function) used in the decryptable encryption method to generate the first encrypted data CR.
  • the processor 21 divides the first encrypted data CR to derive a first two-dimensional code CD2 (an example of a first n-dimensional code) and a first seed value SD. Based on the first seed value SD, the processor 21 generates a second cryptographic code CD (second An example of the original code) is derived.
  • the processor 21 encrypts the second cryptographic code CD using the first function to generate second encrypted data CR.
  • the processor 21 divides the second encrypted data CR to derive a second two-dimensional code CD2 (an example of a second n-dimensional code) and a second seed value SD.
  • Processor 21 stores first seed value SD and second seed value SD in memory 23 .
  • the communication device 22 transmits the first two-dimensional code CD2 to the first terminal associated with the first layer node, and transmits the second two-dimensional code CD2 to the second terminal associated with the second layer node. Send to terminal 2.
  • the physical distribution management apparatus 20 determines the node ND (child node) of the next lower layer (second layer) based on the seed value SD corresponding to the node ND (parent node) of the upper layer (first layer) in the adjacent layer. ) can be generated. Therefore, the physical distribution management device 20 stores the seed value SD of the parent node and the seed value SD derived based on the encryption code CD of the child node in the memory 23, so that the package 50 can be distributed. Information on distribution bases corresponding to the order can be associated and held. In addition, the physical distribution management device 20 transmits the first two-dimensional code CD2 and the second two-dimensional code CD2 to each terminal 10 associated with each node ND of each layer, thereby partially decoding the information. can be held in each terminal 10 . Therefore, even if the seed value SD held in the memory 23 were leaked, it would be difficult to obtain the encryption code CD through decryption, so the physical distribution management apparatus 20 can maintain high system reliability.
  • the first layer may be the highest layer.
  • the processor 21 may generate the first cryptographic code CD based on random numbers. After deriving the second cryptographic code CD, the second cryptographic data CR, the second two-dimensional code CD2, and the second seed value SD corresponding to the node ND of the second layer, the processor 21 derives The second seed value SD is set as the next first seed value SD, and the second cryptographic code CD, the second encrypted data CR, the second two-dimensional code CD2, and the second seed value SD , and each iteratively derived second seed value SD may be stored in the memory 23 .
  • the communication device 22 may transmit each iteratively derived second two-dimensional code CD2 to each second terminal associated with each layer 2 node ND.
  • the physical distribution management device 20 sets the derived second seed value SD as the next first seed value SD to obtain the second cryptographic code CD corresponding to the node in the second layer and the second seed value SD. 2, the derivation of the encrypted data CR, the second two-dimensional code CD2, and the second seed value SD is repeated while moving one step lower. Therefore, the physical distribution management device 20 generates the cryptographic original code CD based on the seed value SD corresponding to the node ND of each layer from the highest layer to the lowest layer in a large number of consecutive layers. Each cryptographic code CD corresponding to the node ND can be associated in order. Therefore, the physical distribution management device 20 can hold information on a large number of physical distribution bases corresponding to the flow information in association with each other in order.
  • the processor 21 may calculate the first one-way function value, which is the value of the calculation result using the one-way function, based on the first encrypted data CR.
  • the processor 21 may calculate the second one-way function value, which is the value of the calculation result using the one-way function, based on the second encrypted data CR.
  • the processor 21 pairs the first seed value SD and the first one-way function value, pairs the second seed value SD and the second one-way function value, and stores them in the memory 23. you can
  • the unidirectional function value is used to prove the legitimacy of the sender and recipient of the parcel 50 at each base corresponding to each node ND corresponding to the unidirectional function value.
  • the physical distribution management device 20 can prove the correctness of the delivery at the site at the time of decryption.
  • the processor 21 also determines whether or not there are a plurality of second nodes (child nodes) in the second layer connected to the first node (parent node) in the first layer, based on the flow information. you can When there are a plurality of second nodes, the processor 21 stores node identification information (for example, branch number) may be added to generate the second cryptographic code CD.
  • node identification information for example, branch number
  • the first node branches to a plurality of second nodes. , indicating that a parcel from a base corresponding to a first node is branched and delivered to a plurality of bases corresponding to a plurality of second nodes.
  • the seed value SD corresponding to the first node is inherited by the second cryptographic code CD corresponding to the plurality of second nodes.
  • the physical distribution management device 20 generates a plurality of second cryptographic codes CD corresponding to this first seed value SD. can.
  • the physical distribution management device 20 can sequentially generate different encryption original codes CD in each branch route, and each different encryption original code corresponding to each node ND in each hierarchy. Can generate CDs. Therefore, since the decoding is performed based on different codes to be decoded, the physical distribution management device 20 can suppress a decrease in reliability of the system even when there is a branch.
  • the physical distribution management device 20 of this embodiment manages physical distribution and includes a processor 21 and a memory 23 .
  • the memory 23 holds a plurality of seed values SD.
  • the processor 21 stores a first two-dimensional code CD2 (eg, two-dimensional code CD2TA) held in a first terminal (eg, terminal 10A) and a second two-dimensional code held in a second terminal (eg, terminal 10B).
  • a code CD2 (for example, a two-dimensional code CD2TB) is acquired.
  • the processor 21 combines the second two-dimensional code CD2 and the second seed value SD, which is one seed value SD among the plurality of seed values SD held in the memory 23, to generate a decoding target
  • a second decoded original code CD3 (an example of a second original code) is generated.
  • Processor 21 derives decrypted data DC by decrypting second original decryption code CD3 based on the first function used in the decryptable encryption method.
  • the processor 21 determines whether the decoded data DC matches any of the seed values SD held in the memory 23 and the first seed value SD other than the second seed value SD. If the decoded data DC matches the first seed value SD, the processor 21 transfers data from the user of the first terminal (the sender UA of the parcel 50) to the user of the second terminal (the recipient UB of the parcel 50, for example). It is determined that the delivery order of the parcels 50 is valid.
  • the first two-dimensional code CD2 and the second two-dimensional code previously held by the first terminal possessed by the sender UA of the parcel 50 and the second terminal possessed by the recipient UB of the parcel 50 are obtained.
  • a code CD2 is sent to the physical distribution management device 20 .
  • the decoding of the chain is performed from the lower layer code. In physical distribution, sending the package 50 is upstream of receiving the package 50 . Therefore, whether or not the second decoding original code CD3 is decoded based on the second two-dimensional code CD2 held by the terminal 10B, and the data related to the terminal 10A upstream of the terminal 10B is obtained. to confirm.
  • the physical distribution management device 20 determines that the node ND corresponding to the second seed value and the node ND corresponding to the first seed value are in adjacent layers in the delivery flow information DF, and the parent node and the child node are separated from each other. can be determined to be related. Therefore, the physical distribution management device 20 can recognize that the delivery (especially the delivery order) of the delivery and receipt of the package 50 is valid.
  • the processor 21 combines the decoded data DC with the second two-dimensional code CD2 until the decoded data DC matches any first seed value SD other than the second seed value SD held in the memory .
  • the seed value SD of is sequentially changed, the second original decoding code CD3 is generated sequentially, and the decoded data DC is sequentially derived.
  • the physical distribution management apparatus 20 can obtain the seed values stored in the memory 23 even if the information regarding the hierarchy such as the delivery flow information DF at the time of encryption is not stored for the plurality of seed values SD stored in the memory 23 . By sequentially searching SD, it is possible to successfully decode the second original decoding code CD3.
  • the memory 23 may hold a plurality of pairs of the seed value SD and the first one-way function value (for example, hash value HS) which is the value of the calculation result using the one-way function.
  • the processor 21 generates a first decoded original code CD3 (an example of a first original code) which is a code to be decoded by combining a first seed value SD matching the decoded data DC and a first two-dimensional code CD2. ), a second one-way function value (eg, hash value HS′ of terminal 10A) may be calculated using a one-way function.
  • Processor 21 may determine whether memory 23 holds a first one-way function value that matches the second one-way function value.
  • Processor 21 may determine that the first terminal is legitimate if the first one-way function value is retained that matches the second one-way function value.
  • the physical distribution management device 20 checks the first decryption original code CD3 using the one-way function, so that the first terminal corresponding to the first decryption original code CD3 is an authorized terminal. can determine whether there is In other words, the physical distribution management device 20 can recognize whether or not the sender UA of the package 50, who is the user of the first terminal, is a legitimate sender.
  • the memory 23 may hold a plurality of pairs of the seed value SD and the first one-way function value (for example, hash value HS) which is the value of the calculation result using the one-way function. .
  • the processor 21 uses a one-way function to generate a third one-way function value (for example, A hash value HS') of the terminal 10B may be calculated. It may be determined whether memory 23 holds a first one-way function value that matches the third one-way function value. Processor 21 may determine that the second terminal is legitimate if the first one-way function value is retained that matches the third one-way function value.
  • the physical distribution management device 20 checks the second decryption original code CD3 using the one-way function, thereby confirming that the second terminal corresponding to the second decryption original code CD3 is an authorized terminal. can determine whether there is In other words, the physical distribution management device 20 can recognize whether or not the recipient UB of the package 50, who is the user of the second terminal, is a valid recipient.
  • a plurality of nodes ND corresponding to a plurality of physical distribution bases are hierarchically arranged according to the order in which the package 50 circulates through the plurality of physical distribution bases, and the node ND corresponding to the physical distribution starting base is at the highest layer.
  • the processor 21 is a first node (parent node) in the second layer, one level above where the node ND corresponding to the second terminal is located, and a plurality of second nodes (child nodes) in the second layer.
  • the node identification information may be deleted from the decoded data DC.
  • the processor 21 may determine whether the decoded data DC from which the node identification information has been deleted matches the first seed value SD.
  • the physical distribution management device 20 can suppress the influence of the node identification information on decoding even when a plurality of child nodes exist for the same parent node.
  • the physical distribution management device 20 can derive information (here, first seed value) of the same parent node from information (here, decoded data DC) associated with a plurality of child nodes. Therefore, for example, even if the delivery flow information DF branches from a parent node to a plurality of child nodes and the code corresponding to each node ND is encrypted to form a chain, the code corresponding to each node ND is encrypted.
  • the seed value SD can be decoded sequentially.
  • the present disclosure is useful for a physical distribution management device, a physical distribution management method, etc. that can determine whether the sending and receiving of a package in a physical distribution process is valid.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Economics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Development Economics (AREA)
  • Operations Research (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • General Health & Medical Sciences (AREA)
  • Quality & Reliability (AREA)
  • Strategic Management (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

A physical distribution management apparatus (20) is configured such that a processor acquires a first original code corresponding to a first layer node in flow information, derives a first n-dimensional code and a first seed value on the basis of the first original code, derives a second original code corresponding to a second layer node on the basis of the first seed value, derives a second n-dimensional code and a second seed value on the basis of the second original code, and stores the first and second seed values in a memory, and a communication device transmits the first n-dimensional code to a first terminal and the second n-dimensional code to a second terminal.

Description

物流管理装置及び物流管理方法Physical distribution management device and physical distribution management method
 本開示は、物流管理装置及び物流管理方法に関する。 The present disclosure relates to a physical distribution management device and a physical distribution management method.
 従来、ブロックチェーンを用いた物流管理システムが知られている(特許文献1参照)。このシステムでは、関係者各人が保持するコンピュータシステムと、物流管理アプリケーションにおいて物流ブロックチェーンを共通に構築する物流ブロックチェーン作成部と、各々のブロック又はデータにオープン暗証コードとクローズ暗証コードが設定されている。このシステムは、物流管理アプリケーションがオープン暗証コードの入力を受けて物流ブロック内のデータを開く開錠機能と、データを編集するデータ編集機能と、クローズ暗証コードの入力を受けて編集済データを正常終了して閉じる閉錠機能と、を備える。このシステムでは、物流工程ブロック内の編集データとハッシュ値データが物流工程ブロックチェーン間でやり取りされる。 Conventionally, a logistics management system using blockchain is known (see Patent Document 1). In this system, a computer system held by each person concerned, a logistics block chain creation unit that builds a logistics block chain in common in a logistics management application, and an open PIN code and a closed PIN code are set for each block or data. ing. In this system, the logistics management application receives the input of the open PIN code to unlock the data in the logistics block, the data editing function to edit the data, and the input of the close PIN code to successfully open the edited data. a locking function that terminates and closes. In this system, edited data and hash value data in logistics process blocks are exchanged between logistics process block chains.
国際公開第2020/085348号WO2020/085348
 従来のブロックチェーンの技術では、一定時間内に発生した1セットの取引記録から1つのブロックが生成され、生成された各ブロックが暗号化され、暗号化された各ブロックが順に繋がれる。そのため、取引が発生したことを示すデータを記録しておくことができる。しかし、ブロックチェーンの技術では、データに係る取引が正当であるかどうかが判定されるものではない。例えば、送付人と受取人との間で荷物の受渡が発生する場面で、この送付人又は受取人が正当な送付人又は受取人であることを示すものではない。また、ブロックチェーンの技術では、多数の参加者により取引データを共有して保持するので、非常に大規模なシステムとなる。また、ブロックチェーンの技術では、取引データの記録を束ねて暗号化してチェーン化するが、荷物の受渡しの瞬間での状況を判別することを目的としない。荷物の受渡後には、荷物の受渡が正当であるかどうかではなく、取引データに対する改変の有無を主たる目的とする。 With conventional blockchain technology, one block is generated from a set of transaction records that occur within a certain period of time, each generated block is encrypted, and each encrypted block is linked in order. Therefore, data indicating that a transaction has occurred can be recorded. However, blockchain technology does not determine whether transactions involving data are legitimate. For example, when a parcel is delivered between a sender and a recipient, it does not indicate that the sender or recipient is the legitimate sender or recipient. Also, with blockchain technology, transaction data is shared and held by a large number of participants, resulting in a very large-scale system. Also, with blockchain technology, transaction data records are bundled, encrypted, and chained, but the purpose is not to determine the situation at the moment of delivery of the package. After the delivery of the package, the main purpose is not whether the delivery of the package is valid, but whether or not the transaction data has been altered.
 本開示は、上記事情に鑑みてなされたものであり、システムの構成を簡素化し、物流工程における荷物の送付及び受取が正当であることを判別できる物流管理装置及び物流管理方法を提供する。 The present disclosure has been made in view of the above circumstances, and provides a physical distribution management device and a physical distribution management method that simplify the configuration of the system and can determine that the sending and receiving of parcels in the physical distribution process is valid.
 本開示の一態様は、物流を管理する物流管理装置であって、プロセッサと、メモリと、通信デバイスと、を備え、前記プロセッサは、荷物が複数の物流の拠点を流通する順番に応じて前記複数の物流の拠点に対応する複数のノードが階層的に配置されたフロー情報であって、前記物流の開始拠点に対応するノードが最上位層に配置され、前記物流の完了拠点に対応するノードが最下位層に配置され、前記荷物が流通する2つの隣接する拠点に対応して隣接する階層の2つのノードが接続されたフロー情報を取得し、前記フロー情報における第1層のノードに対応する暗号化対象のコードである第1の元コードを取得し、復号可能な暗号方式に用いる第1の関数を用いて前記第1の元コードを暗号化して、第1の暗号データを生成し、前記第1の暗号データを分割して、第1のn次元コード(nは1以上の整数)と第1のシード値とを導出し、前記第1のシード値に基づいて、前記第1層よりも一段下層である第2層のノードに対応する暗号化対象のコードである第2の元コードを導出し、前記第2の元コードを前記第1の関数を用いて暗号化して、第2の暗号データを生成し、前記第2の暗号データを分割して、第2のn次元コードと第2のシード値とを導出し、前記第1のシード値と前記第2のシード値とを前記メモリに保存し、前記通信デバイスは、前記第1のn次元コードを、前記第1層のノードに関連付けられた第1の端末に送信し、前記第2のn次元コードを、前記第2層のノードに関連付けられた第2の端末に送信する、物流管理装置である。 One aspect of the present disclosure is a physical distribution management device that manages physical distribution, comprising a processor, a memory, and a communication device, wherein the processor controls the distribution of a package according to the order in which it is distributed through a plurality of physical distribution bases. Flow information in which a plurality of nodes corresponding to a plurality of physical distribution bases are hierarchically arranged, wherein a node corresponding to the physical distribution start base is disposed at the top layer, and a node corresponding to the physical distribution completion base. is arranged in the lowest layer, acquires flow information in which two nodes in adjacent layers are connected corresponding to two adjacent points where the cargo circulates, and corresponds to the first layer node in the flow information A first original code, which is a code to be encrypted, is obtained, and the first original code is encrypted using a first function used in a decryptable encryption method to generate first encrypted data. , dividing the first encrypted data to derive a first n-dimensional code (n is an integer of 1 or more) and a first seed value, and based on the first seed value, the first Deriving a second original code that is a code to be encrypted corresponding to a node in a second layer that is one level lower than the layer, encrypting the second original code using the first function, generating second encrypted data, dividing the second encrypted data to derive a second n-dimensional code and a second seed value, and obtaining the first seed value and the second seed value and in the memory, the communication device transmits the first n-dimensional code to a first terminal associated with a node of the first layer, and transmits the second n-dimensional code to the A logistics management device that transmits to a second terminal associated with a second layer node.
 本開示の一態様は、物流を管理する物流管理装置であって、プロセッサと、メモリと、を備え、前記メモリは、複数のシード値を保持しており、前記プロセッサは、第1の端末に保持された第1のn次元コードと、第2の端末に保持された第2のn次元コードと、を取得し、前記第2のn次元コードと、前記メモリに保持された複数のシード値のうちの1つのシード値である第2のシード値と、を組み合わせて、復号化対象のコードである第2の元コードを生成し、復号可能な暗号方式に用いる第1の関数に基づいて、前記第2の元コードを復号化して復号データを導出し、前記復号データが、前記メモリに保持されたいずれかのシード値であって、前記第2のシード値以外の第1のシード値と一致するか否かを判定し、前記復号データが前記第1のシード値と一致した場合、前記第1の端末のユーザから前記第2の端末のユーザへの荷物の受渡の順序が正当であると判定する、物流管理装置である。 One aspect of the present disclosure is a physical distribution management device for managing physical distribution, comprising a processor and a memory, the memory holding a plurality of seed values, the processor providing a first terminal with obtaining a held first n-dimensional code and a second n-dimensional code held in a second terminal; obtaining said second n-dimensional code and a plurality of seed values held in said memory; A second seed value, which is a seed value of one of the , decoding the second original code to derive decoded data, wherein the decoded data is any seed value held in the memory, wherein the first seed value other than the second seed value and if the decoded data matches the first seed value, the delivery order of the package from the user of the first terminal to the user of the second terminal is valid. It is a physical distribution management device that determines that there is.
 本開示の一態様は、物流を管理する物流管理方法であって、荷物が複数の物流の拠点を流通する順番に応じて前記複数の物流の拠点に対応する複数のノードが階層的に配置されたフロー情報であって、前記物流の開始拠点に対応するノードが最上位層に配置され、前記物流の完了拠点に対応するノードが最下位層に配置され、前記荷物が流通する2つの隣接する拠点に対応して隣接する階層の2つのノードが接続されたフロー情報を取得し、前記フロー情報における第1層のノードに対応する暗号化対象のコードである第1の元コードを取得し、復号可能な暗号方式に用いる第1の関数を用いて前記第1の元コードを暗号化して、第1の暗号データを生成し、前記第1の暗号データを分割して、第1のn次元コードと第1のシード値とを導出し、前記第1のシード値に基づいて、前記第1層よりも一段下層である第2層のノードに対応する暗号化対象のコードである第2の元コードを導出し、前記第2の元コードを前記第1の関数を用いて暗号化して、第2の暗号データを生成し、前記第2の暗号データを分割して、第2のn次元コードと第2のシード値とを導出し、前記第1のシード値と前記第2のシード値とをメモリに保存し、前記第1のn次元コードを、前記第1層のノードに関連付けられた第1の端末に送信し、前記第2のn次元コードを、前記第2層のノードに関連付けられた第2の端末に送信する、物流管理方法である。 One aspect of the present disclosure is a physical distribution management method for managing physical distribution, wherein a plurality of nodes corresponding to the plurality of physical distribution bases are arranged hierarchically according to the order in which a package circulates through the multiple physical distribution bases. wherein a node corresponding to the start point of the physical distribution is arranged in the highest layer, a node corresponding to the completion point of the physical distribution is arranged in the lowest layer, and two adjacent nodes through which the goods are distributed are arranged. Acquiring flow information in which two nodes in adjacent layers corresponding to a base are connected, acquiring a first original code that is a code to be encrypted corresponding to a node in the first layer in the flow information, Encrypting the first original code using a first function used in a decryptable encryption method to generate first encrypted data, dividing the first encrypted data, dividing the first n-dimensional data A code and a first seed value are derived, and based on the first seed value, a second code, which is a code to be encrypted corresponding to a node in a second layer that is one level lower than the first layer, is generated. deriving an original code; encrypting the second original code using the first function to generate second encrypted data; dividing the second encrypted data to obtain a second n-dimensional deriving a code and a second seed value; storing the first seed value and the second seed value in memory; and transmitting the second n-dimensional code to a second terminal associated with the node of the second layer.
 本開示の一態様は、物流を管理する物流管理方法であって、第1の端末に保持された第1のn次元コードと、第2の端末に保持された第2のn次元コードと、を取得し、前記第2のn次元コードと、メモリに保持された複数のシード値のうちの1つのシード値である第2のシード値と、を組み合わせて、復号化対象のコードである第2の元コードを生成し、復号可能な暗号方式に用いる第1の関数に基づいて、前記第2の元コードを復号化して復号データを導出し、前記復号データが、前記メモリに保持されたいずれかのシード値であって、前記第2のシード値以外の第1のシード値と一致するか否かを判定し、前記復号データが前記第1のシード値と一致した場合、前記第1の端末のユーザから前記第2の端末のユーザへの荷物の受渡の順序が正当であると判定する、物流管理方法である。 One aspect of the present disclosure is a physical distribution management method for managing physical distribution, comprising: a first n-dimensional code held in a first terminal; a second n-dimensional code held in a second terminal; and combining the second n-dimensional code with a second seed value, which is one of a plurality of seed values held in memory, to obtain a code to be decoded, 2, and based on a first function used in a decryptable encryption scheme, the second original code is decrypted to derive decrypted data, and the decrypted data is held in the memory. It is determined whether any seed value matches a first seed value other than the second seed value, and if the decoded data matches the first seed value, the first It is determined that the delivery order of the parcels from the user of the first terminal to the user of the second terminal is correct.
 本開示によれば、物流工程における荷物の送付及び受取が正当であることを判別できる。 According to this disclosure, it is possible to determine whether the sending and receiving of packages in the distribution process is valid.
本開示の実施形態における物流管理システムの一例を示す図A diagram showing an example of a physical distribution management system according to an embodiment of the present disclosure 端末の構成例を示すブロック図Block diagram showing a configuration example of a terminal サーバの構成例を示すブロック図Block diagram showing an example of server configuration 荷物を配送する配送情報の一例を示す図A diagram showing an example of delivery information for delivering a package 物流管理装置によるコードの暗号化時の動作例を示すフローチャートFlowchart showing an example of operation when a code is encrypted by a logistics management device 物流管理装置によるコードの暗号化時の動作例を示すフローチャート(図5Aの続き)Flowchart showing example of operation when code is encrypted by logistics management device (continuation of FIG. 5A) 暗号データから二次元コード及びシード値への分割例を示す図A diagram showing an example of dividing encrypted data into two-dimensional codes and seed values シード値に対する枝番号の付加例を示す図A diagram showing an example of adding a branch number to a seed value 物流管理システムによる暗号化時の動作を補足説明するための図Diagram for supplementary explanation of operations during encryption by the logistics management system 物流管理システムによる暗号化時の動作を補足説明するための図Diagram for supplementary explanation of operations during encryption by the logistics management system 物流管理システムによる暗号化時の動作を補足説明するための図Diagram for supplementary explanation of operations during encryption by the logistics management system 物流管理システムによる暗号化時の動作を補足説明するための図Diagram for supplementary explanation of operations during encryption by the logistics management system 物流管理システムによる暗号化時の動作を補足説明するための図Diagram for supplementary explanation of operations during encryption by the logistics management system 物流管理システムによる暗号化時の動作を補足説明するための図Diagram for supplementary explanation of operations during encryption by the logistics management system 物流管理装置によるコードの復号化時の動作例を示すフローチャートFlowchart showing an example of the operation when the logistics management device decodes the code 物流管理装置によるコードの復号化時の動作例を示すフローチャート(図14Aの続き)Flowchart (continuation of FIG. 14A) showing an example of the operation when the logistics management device decodes the code 物流管理システムによる復号化時の動作を補足説明するための図A diagram for supplementary explanation of the operation during decryption by the logistics management system 物流管理システムによる復号化時の動作を補足説明するための図A diagram for supplementary explanation of the operation during decryption by the logistics management system 物流管理システムによる復号化時の動作を補足説明するための図A diagram for supplementary explanation of the operation during decryption by the logistics management system 物流管理システムによる復号化時の動作を補足説明するための図A diagram for supplementary explanation of the operation during decryption by the logistics management system
 以下、適宜図面を参照しながら、実施形態を詳細に説明する。但し、必要以上に詳細な説明は省略する場合がある。例えば、既によく知られた事項の詳細説明や実質的に同一の構成に対する重複説明を省略する場合がある。これは、以下の説明が不必要に冗長になることを避け、当業者の理解を容易にするためである。尚、添付図面及び以下の説明は、当業者が本開示を十分に理解するために提供されるものであり、これらにより特許請求の範囲に記載の主題を限定することは意図されていない。 Hereinafter, embodiments will be described in detail with reference to the drawings as appropriate. However, more detailed description than necessary may be omitted. For example, detailed descriptions of well-known matters and redundant descriptions of substantially the same configurations may be omitted. This is to avoid unnecessary verbosity in the following description and to facilitate understanding by those skilled in the art. It should be noted that the accompanying drawings and the following description are provided to allow those skilled in the art to fully understand the present disclosure and are not intended to limit the claimed subject matter thereby.
<物流管理システムの構成>
 図1は、本開示の実施形態における物流管理システム5の構成例を示すブロック図である。物流管理システム5は、複数の端末10と物流管理装置20とを含む。端末10と物流管理装置20とは、例えばネットワークを介して接続される。このネットワークは、インターネット、公衆通信網(例えばセルラー網)、有線LAN(Local Area Network)、無線LAN、等を含んでよい。 <Configuration of logistics management system>
FIG. 1 is a block diagram showing a configuration example of a physical distribution management system 5 according to an embodiment of the present disclosure. A physical distribution management system 5 includes a plurality of terminals 10 and a physical distribution management device 20 . The terminal 10 and the physical distribution management device 20 are connected via a network, for example. This network may include the Internet, a public communication network (eg, a cellular network), a wired LAN (Local Area Network), a wireless LAN, and the like.
 端末10は、スマートフォン、タブレット端末、又はその他の携帯端末であり、携帯端末以外の端末であってもよい。端末10は、ユーザにより所持され、移動自在でよい。端末10は、所定の拠点において受取人UBに荷物50を送付する(渡す)送付人UA(引渡人)が所持する端末10A、所定の拠点において送付人UAから荷物50を受け取る受取人UBが所持する端末10B、等を含んでよい。物流管理装置20は、サーバ又はPC等である。物流管理装置20は、物流を管理する。物流管理装置20は、荷物50の配送拠点又はその他の場所に配置されてよい。 The terminal 10 is a smartphone, tablet terminal, or other mobile terminal, and may be a terminal other than a mobile terminal. The terminal 10 may be carried by the user and be mobile. The terminal 10 is a terminal 10A owned by a sender UA (delivery person) who sends (hands over) a parcel 50 to a recipient UB at a predetermined base, and a terminal 10A owned by a recipient UB who receives the parcel 50 from the sender UA at a predetermined base. may include terminals 10B, etc. that The physical distribution management device 20 is a server, a PC, or the like. The physical distribution management device 20 manages physical distribution. The physical distribution management device 20 may be located at the delivery point of the parcel 50 or other locations.
 図2は、端末10の構成例を示すブロック図である。端末10は、プロセッサ11、通信デバイス12、メモリ13、操作デバイス14、及び表示デバイス15を備える。 FIG. 2 is a block diagram showing a configuration example of the terminal 10. As shown in FIG. Terminal 10 comprises processor 11 , communication device 12 , memory 13 , operation device 14 and display device 15 .
 プロセッサ11は、例えば、プロセッサにより構成され、プロセッサがメモリ13に保持されたプログラムを実行することで、各種機能を実現する。プロセッサは、MPU(Micro processing Unit)、CPU(Central Processing Unit)、DSP(Digital Signal Processor)、等を含んでよい。プロセッサ11は、端末10の各部の動作を統括し、各種処理を行う。 The processor 11 is configured by, for example, a processor, and implements various functions by executing a program held in the memory 13 by the processor. The processor may include an MPU (Micro processing Unit), a CPU (Central Processing Unit), a DSP (Digital Signal Processor), and the like. The processor 11 controls the operation of each unit of the terminal 10 and performs various processes.
 通信デバイス12は、各種データ又は情報等を通信する。通信デバイス12による通信方式は、WAN(Wide Area Network)、LAN(Local Area Network)、又は携帯電話用のセルラー通信(例えばLTE、5G)、又は近距離通信(例えば、赤外線通信又はBluetooth(登録商標)通信)等であってもよい。 The communication device 12 communicates various data or information. The communication method of the communication device 12 is WAN (Wide Area Network), LAN (Local Area Network), cellular communication for mobile phones (for example, LTE, 5G), or short-range communication (for example, infrared communication or Bluetooth (registered trademark ) communication) and the like.
 メモリ13は、一次記憶装置(例えばRAM(Random Access Memory)やROM(Read Only Memory))を含む。メモリ13は、二次記憶装置(例えばHDD(Hard Disk Drive)やSSD(Solid State Drive))や三次記憶装置(例えば光ディスク、SDカード)を含んでよい。メモリ13は、その他の記憶装置を含んでよい。メモリ13は、各種データ、情報、プログラム等を記憶する。メモリ13は、例えば、後述する、取得された二次元コードCD2を保持してよい。 The memory 13 includes a primary storage device (for example, RAM (Random Access Memory) or ROM (Read Only Memory)). The memory 13 may include a secondary storage device (eg, HDD (Hard Disk Drive) or SSD (Solid State Drive)) and a tertiary storage device (eg, optical disk, SD card). Memory 13 may include other storage devices. The memory 13 stores various data, information, programs, and the like. The memory 13 may hold, for example, an acquired two-dimensional code CD2, which will be described later.
 操作デバイス14は、各種ボタン、キー、タッチパネル、マイクロホン、又はその他の入力デバイスを含んでよい。操作デバイス14は、各種データや情報の入力を受け付ける。 The operation device 14 may include various buttons, keys, touch panels, microphones, or other input devices. The operation device 14 receives input of various data and information.
 表示デバイス15は、液晶表示デバイス、有機ELデバイス、又はその他の表示デバイスを含んでよい。表示デバイスは、各種データや情報を表示する。 The display device 15 may include a liquid crystal display device, an organic EL device, or other display devices. The display device displays various data and information.
 図3は、物流管理装置20の構成例を示すブロック図である。物流管理装置20は、プロセッサ21、通信デバイス22、及びメモリ23を備える。 FIG. 3 is a block diagram showing a configuration example of the physical distribution management device 20. As shown in FIG. A physical distribution management device 20 includes a processor 21 , a communication device 22 and a memory 23 .
 プロセッサ21は、例えば、プロセッサにより構成され、プロセッサがメモリ23に保持されたプログラムを実行することで、各種機能を実現する。プロセッサは、MPU、CPU、DSP、等を含んでよい。プロセッサ21は、物流管理装置20の各部の動作を統括し、各種処理を行う。 The processor 21 is configured by, for example, a processor, and implements various functions by executing a program held in the memory 23 by the processor. Processors may include MPUs, CPUs, DSPs, and the like. The processor 21 controls the operation of each part of the physical distribution management device 20 and performs various processes.
 通信デバイス22は、各種データ、情報を通信する。通信デバイス22による通信方式は、例えば、WAN、LAN、電力線通信、携帯電話用のセルラー通信等の通信方式を含んでよい。 The communication device 22 communicates various data and information. The communication method by the communication device 22 may include, for example, communication methods such as WAN, LAN, power line communication, and cellular communication for mobile phones.
 メモリ23は、一次記憶装置(例えばRAMやROM)を含む。メモリ23は、二次記憶装置(例えばHDDやSSD)や三次記憶装置(例えば光ディスク、SDカード)を含んでよい。メモリ23は、その他の記憶装置を含んでよい。メモリ23は、各種データ、情報、プログラム等を記憶する。メモリ23は、例えば、後述する、配送情報DI、導出されたシード値SDやハッシュ値HS、等を保持してよい。 The memory 23 includes a primary storage device (for example, RAM or ROM). The memory 23 may include a secondary storage device (eg, HDD or SSD) or a tertiary storage device (eg, optical disc, SD card). Memory 23 may include other storage devices. The memory 23 stores various data, information, programs, and the like. The memory 23 may hold, for example, delivery information DI, derived seed values SD and hash values HS, etc., which will be described later.
 操作デバイス24は、各種ボタン、キー、タッチパネル、マイクロホン、又はその他の入力デバイスを含んでよい。操作デバイス24は、各種データや情報の入力を受け付ける。 The operation device 24 may include various buttons, keys, touch panels, microphones, or other input devices. The operation device 24 receives input of various data and information.
 表示デバイス25は、液晶表示デバイス、有機ELデバイス、又はその他の表示デバイスを含んでよい。表示デバイスは、各種データや情報を表示する。 The display device 25 may include a liquid crystal display device, an organic EL device, or other display devices. The display device displays various data and information.
<物流管理システムの動作>
 次に、物流管理システム5の動作について説明する。 <Operation of Logistics Management System>
Next, the operation of the physical distribution management system 5 will be explained.
 本実施形態では、複数の拠点において各種荷物50の受渡(送付及び受取)が発生する。各拠点は、配送センター、配送先の顧客の住居、等を含んでよい。配送センターは、1か所や数か所の中央配送センターから多数の配送センターの支部に至るまで含んでよい。つまり、荷物50の配送を行うための拠点は、階層的に複数存在し、各拠点で順次荷物50が受渡されてよい。荷物50の受渡では、荷物50の送付人UAが荷物50を送付し、荷物50の受取人UBが荷物50を受け取る。各拠点での荷物50の送付人UAと荷物の受取人UBとは、端末10を所持することが可能である。 In this embodiment, delivery (sending and receiving) of various packages 50 occurs at multiple bases. Each location may include a distribution center, a destination customer's residence, and the like. Distribution centers may include one or a few central distribution centers to multiple distribution center branches. In other words, a plurality of bases for delivering the package 50 may exist hierarchically, and the package 50 may be delivered sequentially at each base. In delivery of the package 50, the sender UA of the package 50 sends the package 50, and the receiver UB of the package 50 receives the package 50. - 特許庁The sender UA of the parcel 50 and the receiver UB of the parcel 50 at each base can possess the terminal 10 .
 図4は、荷物50を配送する配送情報DIの一例を示す図である。配送情報DIは、配送ルートや配送順序に対応する配送フロー情報DFと、配送に関する配送関連情報DRと、を含む。配送情報DIは、例えばメモリ23に保持されている。なお、配送フロー情報DFは、フローの形態であれば、特に図面による指示を意味するものではない。 FIG. 4 is a diagram showing an example of delivery information DI for delivering the package 50. FIG. The delivery information DI includes delivery flow information DF corresponding to the delivery route and delivery order, and delivery related information DR related to delivery. The delivery information DI is held in the memory 23, for example. It should be noted that the delivery flow information DF does not particularly mean an instruction by a drawing as long as it is in the form of a flow.
 配送フロー情報DFは、荷物50が複数の物流の拠点を流通する順番に応じて、複数の物流の拠点に対応する複数のノードNDが階層的に配置された情報を含む。また、配送フロー情報DFは、物流の開始拠点に対応するノードNDが最上位層に配置され、物流の完了拠点に対応するノードNDが最下位層に配置され、物流の中継拠点に対応するノードNDが中間層に配置された情報を含む。また、配送フロー情報DFは、荷物50が流通する2つの隣接する拠点に対応して、隣接する階層の2つのノードNDが接続された情報を含む。つまり、配送フロー情報DFでは、荷物が配送される各拠点に対応する各ノードNDが階層的に配置される。また、配送フロー情報DFでは、荷物50が流通する2つの隣接する拠点に対応する、隣接する階層の2つのノードNDが、接続ラインLNで接続される。つまり、接続ラインLNは、配送経路を示す。 The delivery flow information DF includes information in which a plurality of nodes ND corresponding to a plurality of distribution bases are hierarchically arranged according to the order in which the package 50 is distributed through the plurality of distribution bases. In addition, in the delivery flow information DF, a node ND corresponding to a distribution start point is arranged in the highest layer, a node ND corresponding to a distribution completion point is arranged in the lowest layer, and a node ND corresponding to a distribution relay point is arranged. ND contains information located in the middle layer. Further, the delivery flow information DF includes information in which two nodes ND in adjacent layers are connected corresponding to two adjacent bases through which the package 50 is distributed. In other words, in the delivery flow information DF, each node ND corresponding to each base to which packages are delivered is hierarchically arranged. Also, in the delivery flow information DF, two nodes ND in adjacent layers corresponding to two adjacent bases through which the package 50 is distributed are connected by a connection line LN. That is, the connection line LN indicates a delivery route.
 また、配送フロー情報DFでは、配送において上流の(配送開始地点に近い)拠点に対応するノードNDが上位層に示され、配送において下流の(配送開始地点から遠い、つまり配送目標地点に近い)拠点に対応するノードNDが下位層に示される。荷物50の配送は、2つの拠点間で配送の開始と配送の終了を繰り返し、最終的な配送目標拠点(配送完了拠点、例えば荷物50の注文者が所在する拠点)に到達すると、配送が完了する。接続ラインLNは、隣接する階層内において、荷物が出発する拠点に対応するノードNDと、荷物が到着する拠点に対応するノードNDと、を接続する。ここでの荷物が到着する拠点は、中継拠点であり得る。荷物が出発する拠点に対応するノードNDは、荷物が到着する拠点に対応するノードNDよりも一段上層に位置する。 In addition, in the delivery flow information DF, the node ND corresponding to the upstream (close to the delivery start point) base in delivery is indicated in the upper layer, and the downstream (far from the delivery start point, that is, close to the delivery target point) node in delivery is indicated in the upper layer. A node ND corresponding to the base is shown in the lower layer. The delivery of the parcel 50 repeats the start and end of delivery between two bases, and when the final delivery target base (delivery completion base, for example, the base where the orderer of the parcel 50 is located) is reached, the delivery is completed. do. A connection line LN connects a node ND corresponding to a base from which a parcel departs and a node ND corresponding to a base to which a parcel arrives in adjacent layers. The point where the package arrives here can be a relay point. A node ND corresponding to a base from which a parcel departs is positioned one level higher than a node ND corresponding to a base to which a parcel arrives.
 また、同じ階層内に、複数のノードNDが存在することもあり得る。この場合、所定の階層の1つのノードNDに対して、所定の階層よりも一段下層の複数のノードNDが接続ラインLNで接続される。このことは、1つの拠点から分岐して2つの拠点に荷物50が配送されることがあり得ることを示す。接続ラインLNで接続された2つのノードNDのうち、配送の上流側のノードNDを「親ノード」とも称し、配送の下流側のノードNDを「子ノード」とも称する。よって、子ノードは、親ノードの一段下層に配置される。1つの親ノードに対して、1つ以上の子ノードが接続ラインLNで接続される。 Also, multiple nodes ND may exist within the same hierarchy. In this case, one node ND in a predetermined hierarchy is connected to a plurality of nodes ND one level lower than the predetermined hierarchy by connection lines LN. This indicates that the parcel 50 may branch from one base and be delivered to two bases. Of the two nodes ND connected by the connection line LN, the node ND on the upstream side of delivery is also called a "parent node", and the node ND on the downstream side of delivery is also called a "child node". Therefore, the child node is arranged one step below the parent node. One or more child nodes are connected to one parent node by connection lines LN.
 このように、配送フロー情報DFでは、各拠点に対応する各ノードNDが、荷物50の配送順序又は配送経路の枝分かれ等を加味して、荷物50の配送が開始される拠点を最上位層の拠点とし、荷物の配送が完了する拠点を最下位層の拠点として、階層的に配置される。 In this way, in the delivery flow information DF, each node ND corresponding to each base places the base where the delivery of the package 50 is started in the highest layer, taking into consideration the order of delivery of the package 50 or the branching of the delivery route. Bases are arranged hierarchically, with bases that have completed delivery of packages as bases in the lowest layer.
 配送関連情報DRは、配送フロー情報DFにおける各ノードNDに関連付けられる。配送関連情報DRは、荷物50毎に、関連付けて保持されてよい。配送関連情報DRは、例えば、配送人を識別する配送人ID、荷物50である商品の型番情報、荷物50である商品の販売者の情報、又は荷物50である商品の製造日の情報を含んでよい。ここでの配送人は、配送関連情報DRが関連付けられたノードNDに対応する拠点から、このノードNDの子ノードに対応する拠点(次の拠点)まで荷物50を配送する配送人である。この配送人は、配送関連情報DRが関連付けられたノードNDに対応する拠点では、荷物50の受取人UBとなり、このノードNDの子ノードに対応する拠点では、荷物50の送付人UAとなる。 The delivery-related information DR is associated with each node ND in the delivery flow information DF. The delivery-related information DR may be held in association with each package 50 . The delivery-related information DR includes, for example, a delivery person ID that identifies a delivery person, model number information of the product that is the package 50, information on the seller of the product that is the package 50, or information on the date of manufacture of the product that is the package 50. OK. The delivery person here is the delivery person who delivers the package 50 from the base corresponding to the node ND associated with the delivery-related information DR to the base (next base) corresponding to the child node of this node ND. This deliverer becomes the recipient UB of the package 50 at the base corresponding to the node ND associated with the delivery-related information DR, and the sender UA of the package 50 at the base corresponding to the child node of this node ND.
 物流管理装置20は、各ノードNDに関連付けて、暗号化対象のコードである暗号元コードCDを割り当てる。物流管理装置20は、暗号元コードCDに対して暗号化して暗号データCRを生成したり、逆に暗号データCRを復号して復号データDDを生成したりする。各ノードNDに対応する各暗号元コードCDは、ノードND毎に異なるコードであり、暗号元コードCDによってノードNDを一意に識別可能であってよい。したがって、暗号元コードCDによって拠点を一意に識別可能であってよい。 The physical distribution management device 20 assigns a cryptographic source code CD, which is a code to be encrypted, in association with each node ND. The physical distribution management device 20 encrypts the encryption source code CD to generate encrypted data CR, and conversely decrypts the encrypted data CR to generate decrypted data DD. Each cryptographic code CD corresponding to each node ND is a different code for each node ND, and the node ND may be uniquely identified by the cryptographic code CD. Therefore, it may be possible to uniquely identify the site by the cryptographic code CD.
<暗号化時の動作>
 図5A及び図5Bは、物流管理装置20によるコード(元コード)の暗号化時の動作例を示すフローチャートである。なお、物流管理装置20のプロセッサ21は、階層的に配置されたノードNDの階層を識別する変数nを設定する。つまり、変数nは、第n階層であることを示す。変数nの取りうる値は、1以上の整数である。例えばn=1であることは、最上位層(第1層)であることを示す。例えば、n=2であることは、最上位層より一段下層である第2層であることを示す。また、変数kは、配送フロー情報DFにおけるノードNDが配置される階層数を示す。 <Operation during encryption>
5A and 5B are flowcharts showing an operation example when the distribution management device 20 encrypts a code (original code). Note that the processor 21 of the physical distribution management device 20 sets a variable n that identifies the hierarchy of the hierarchically arranged nodes ND. That is, the variable n indicates the n-th layer. Possible values of the variable n are integers of 1 or more. For example, n=1 indicates the highest layer (first layer). For example, n=2 indicates that the layer is the second layer, which is one step below the top layer. Also, the variable k indicates the number of layers in which the node ND is arranged in the delivery flow information DF.
 まず、物流管理装置20では、プロセッサ21は、配送情報DIを取得する(S11)。配送情報DIは、メモリ23に保持され、プロセッサ21がメモリ23から配送情報DIを取得してよい。プロセッサ21は、通信デバイス22を介して、外部サーバから配送情報DIを取得してもよい。プロセッサ21は、また、変数nを値1に設定する。配送情報DIには、配送フロー情報DFと配送関連情報DRとが含まれる。 First, in the physical distribution management device 20, the processor 21 acquires the delivery information DI (S11). The delivery information DI may be held in the memory 23 and the processor 21 may acquire the delivery information DI from the memory 23 . Processor 21 may obtain delivery information DI from an external server via communication device 22 . Processor 21 also sets variable n to the value one. The delivery information DI includes delivery flow information DF and delivery related information DR.
 プロセッサ21は、第n層(ここではn=1であるので、最上位層)のノードNDに、任意のコードを、暗号化対象の暗号元コードCDとして割り当てる(S12)。例えば、プロセッサ21は、乱数を生し、この乱数を暗号元コードCDとして割り当てる。 The processor 21 assigns an arbitrary code to the node ND of the n-th layer (here, n=1, so the highest layer) as the encryption original code CD (S12). For example, the processor 21 generates a random number and assigns this random number as the cryptographic code CD.
 プロセッサ21は、割り当てられた暗号元コードCDを、復号可能な暗号方式の関数(例えばRSA、DES、AES、楕円曲線暗号、ハイブリッド暗号)を用いて暗号化し、暗号データCRを得る(S13)。 The processor 21 encrypts the assigned cryptographic code CD using a decryptable encryption method function (eg, RSA, DES, AES, elliptic curve cryptography, hybrid cryptography) to obtain encrypted data CR (S13).
 プロセッサ21は、得られた暗号データCRを、シード値SDと二次元コードCD2(例えばQRコード(登録商標))とに分割する(S14)。この場合、プロセッサ21は、暗号データCRが2分割された2つの分割データの一方(第1の分割データとも称する)をシード値SDとし、2つの分割データの他方を二次元コードCD2(第2の分割データの一例)としてよい。プロセッサ21は、暗号データCRの桁数を加味して、同じ桁数となるように2等分して、暗号データCRを二次元コードCD2とシード値SDとに分割してよい。また、プロセッサ21は、2等分ではなく、二次元コードCD2の桁数とシード値SDとの桁数とが異なるように偏りを持たせた状態で、暗号データCRを二次元コードCD2とシード値SDとに分割してもよい。図6は、ノードAの暗号データCRから二次元コードCD2及びシード値SDへの分割例を示す図である。図6では、暗号データCRが分割された左半分をシード値SDとし、右半分を二次元コードCD2としているが、これに限られない。 The processor 21 divides the obtained encrypted data CR into a seed value SD and a two-dimensional code CD2 (eg, QR code (registered trademark)) (S14). In this case, the processor 21 sets one of two divided data (also referred to as first divided data) obtained by dividing the encrypted data CR into two as a seed value SD, and sets the other of the two divided data as a two-dimensional code CD2 (second (an example of divided data). The processor 21 may divide the encrypted data CR into the two-dimensional code CD2 and the seed value SD by taking into consideration the number of digits of the encrypted data CR and dividing the encrypted data CR into two equal digits. In addition, the processor 21 divides the encrypted data CR into the two-dimensional code CD2 and the seed value SD in such a way that the number of digits of the two-dimensional code CD2 and the seed value SD are different from each other. value SD. FIG. 6 is a diagram showing an example of dividing the encrypted data CR of the node A into the two-dimensional code CD2 and the seed value SD. In FIG. 6, the left half obtained by dividing the encrypted data CR is the seed value SD, and the right half is the two-dimensional code CD2, but the present invention is not limited to this.
 プロセッサ21は、変数nが変数kと等しいか否か、つまり、暗号化対象の階層が最下層であるか否かを判定する(S15)。変数nが変数kと等しい場合、図5BのステップS21に進む。 The processor 21 determines whether or not the variable n is equal to the variable k, that is, whether or not the layer to be encrypted is the lowest layer (S15). If the variable n is equal to the variable k, go to step S21 of FIG. 5B.
 一方、変数nが変数kと異なる場合、つまり、暗号化対象の階層が最下層でない場合、プロセッサ21は、変数nに1を加算する(S16)。つまり、暗号化対象の階層を一段下層に移動させる。プロセッサ21は、配送フロー情報DFに基づいて、第n層(ステップS16の階層移動後の第n層)のノードNDが複数存在するか否かを判定する(S17)。 On the other hand, if the variable n is different from the variable k, that is, if the layer to be encrypted is not the lowest layer, the processor 21 adds 1 to the variable n (S16). In other words, the layer to be encrypted is moved to a lower layer. The processor 21 determines whether or not there are a plurality of nodes ND in the n-th layer (the n-th layer after the layer movement in step S16) based on the delivery flow information DF (S17).
 第n層のノードNDが1つである場合(S17のNo)、プロセッサ21は、第n層のノードNDの暗号元コードCDとして、このノードNDに接続ラインLNで接続された第(n-1)層のノードNDに対応するシード値SDを割り当てる(S18)。つまり、プロセッサ21は、第(n-1)層の親ノードに対応するシード値SDを、そのまま第n層の子ノードの暗号元コードCDとする。 If there is only one node ND in the nth layer (No in S17), the processor 21 selects the (n-)th (n− 1) Assign a seed value SD corresponding to the node ND of the layer (S18). That is, the processor 21 uses the seed value SD corresponding to the (n−1)-th layer parent node as it is as the encryption code CD of the n-th layer child node.
 第n層のノードNDが複数ある場合(S17のNo)、プロセッサ21は、第n層の各ノードNDの暗号元コードCDとして、このノードNDに接続ラインLNで接続された第(n-1)層のノードNDのシード値SDに、ノードNDを識別する枝番号を付加したものを割り当てる(S19)。つまり、プロセッサ21は、第(n-1)層の親ノードのシード値SDに、第n層に存在する複数の子ノードのそれぞれを識別可能なノード識別情報の一例として枝番号を付して、子ノードの暗号元コードCDを生成している。 If there are a plurality of nodes ND in the nth layer (No in S17), the processor 21 selects the (n−1)th ) layer with a branch number for identifying the node ND added to the seed value SD of the node ND of the layer (S19). That is, the processor 21 attaches a branch number to the seed value SD of the parent node of the (n−1)-th layer as an example of node identification information capable of identifying each of the plurality of child nodes existing in the n-th layer. , generates the encryption source code CD of the child node.
 枝番号は、シード値SDに対して任意の位置に付加可能であり、シード値SDの前、中、後のいずれの位置に付加されてもよい。枝番号は所定の桁数(例えば4桁)で表される。例えば、同じ親ノードに対して2つの子ノードが存在する場合には、枝番号として「0001」、「0002」がシード値SDの直前に付加されてよい。例えば、枝番号は、シード値SDの中に付される場合、シード値SDを示す所定の桁数の内部(例えば冒頭又は末尾)に付加されていてもよい。なお、枝番号が付される桁数及びシード値SDに対する位置は、予め定められてメモリ23に保持される等により、プロセッサ21が認識可能である。図7は、ノードAのシード値SDに対する枝番号の付加例を示す図である。 The branch number can be added at any position with respect to the seed value SD, and may be added at any position before, during, or after the seed value SD. A branch number is represented by a predetermined number of digits (for example, four digits). For example, if two child nodes exist for the same parent node, branch numbers "0001" and "0002" may be added immediately before the seed value SD. For example, when the branch number is attached to the seed value SD, it may be added inside a predetermined number of digits indicating the seed value SD (for example, at the beginning or at the end). The number of digits to which the branch number is assigned and the position relative to the seed value SD are determined in advance and stored in the memory 23, for example, so that the processor 21 can recognize them. FIG. 7 is a diagram showing an example of adding a branch number to the seed value SD of node A. In FIG.
 なお、第n層のノードNDが1つである場合には、ステップS18に示すように枝番号の付与は不要である。なお、第n層のノードNDが1つである場合、このノードNDの親ノードが単一の子ノードを持つので、親ノードは複数の子ノードに分岐しない。この場合、プロセッサ21は、枝番号の代わりに、分岐を有しないことを示す情報(分岐無し情報)を、シード値SDに付加してもよい。 It should be noted that if there is only one node ND in the n-th layer, it is not necessary to assign branch numbers as shown in step S18. When there is one node ND in the n-th layer, the parent node of this node ND has a single child node, so the parent node does not branch into a plurality of child nodes. In this case, the processor 21 may add information indicating that there is no branch (no-branch information) to the seed value SD instead of the branch number.
 分岐無し情報は、枝番号と同様に、所定の桁数(例えば4桁)で表され、例えば「0000」で表されてよい。分岐無し情報は、シード値SDの前、中、後のいずれの位置に付加されてもよい。シード値SDの中に付加される場合、シード値SDを示す所定の桁数の内部(例えば冒頭又は末尾)に付加されていてもよい。なお、分岐無し情報が付される桁数及びシード値SDに対する位置は、予め定められてメモリ23に保持される等により、プロセッサ21が認識可能である。 The no-branch information, like the branch number, is represented by a predetermined number of digits (eg, 4 digits), and may be represented by "0000", for example. The no-branch information may be added before, during, or after the seed value SD. When added in the seed value SD, it may be added inside a predetermined number of digits indicating the seed value SD (for example, at the beginning or at the end). The number of digits to which the no-branch information is attached and the position with respect to the seed value SD are determined in advance and stored in the memory 23, so that the processor 21 can recognize them.
 ステップS18又はステップS19の処理後、ステップS13に進む。つまり、物流管理装置20は、階層移動後の第n層の各ノードNDに対応して、暗号元コードCDの暗号化(S13)及び暗号データCRの分割(S14)を行う。そして、更に次の階層(一段下層)に移動し(S16)、階層移動後の第n層の各ノードNDに元コードを割り当て(S18,S19)、暗号元コードCDの暗号化(S13)及び暗号データCRの分割(S14)を繰り返す。この繰り返しは、最下層(第k層)の各ノードNDに対応する暗号元コードCDの暗号化及び暗号データCRの分割が実施されるまで継続される。 After the processing of step S18 or step S19, proceed to step S13. In other words, the physical distribution management device 20 encrypts the original code CD (S13) and divides the encrypted data CR (S14) for each node ND in the n-th layer after the layer movement. Then, it moves to the next layer (one layer below) (S16), assigns the original code to each node ND of the n-th layer after the layer movement (S18, S19), encrypts the original code CD (S13) and The division of the encrypted data CR (S14) is repeated. This repetition is continued until encryption of the encryption original code CD corresponding to each node ND in the lowest layer (k-th layer) and division of the encryption data CR are performed.
 ステップS15において、変数nが変数kと等しい場合、つまり最下層のノードNDEに対応する暗号元コードCDの暗号化及び暗号データCRの分割が終了した場合、図5BのステップS21に進む。プロセッサ21は、各層のノードND毎に、暗号データCRに基づいてハッシュ関数(例えばSHA256)を用いてハッシュ値HSを算出する(S21)。ハッシュ関数は、一方向性関数つまり復号困難な暗号方式の関数の一例であり、他の一方性関数が用いられてもよい。ハッシュ値HSは、一方向性関数の演算結果の値の一例であり、他の一方向性関数の演算結果の値であってもよい。 In step S15, if the variable n is equal to the variable k, that is, if the encryption of the original code CD corresponding to the lowest layer node NDE and the division of the encrypted data CR are completed, the process proceeds to step S21 in FIG. 5B. The processor 21 calculates a hash value HS using a hash function (for example, SHA256) based on the encrypted data CR for each node ND in each layer (S21). A hash function is an example of a one-way function, that is, a function of a cryptosystem that is difficult to decrypt, and other one-way functions may be used. The hash value HS is an example of the value of the calculation result of the one-way function, and may be the value of the calculation result of another one-way function.
 プロセッサ21は、通信デバイス22を介して、各層の各ノードNDに対応する二次元コードCD2を、各指定送信先に送信する(S22)。指定送信先は、ノードND毎に定められており、上述の配送人IDで識別される配送人(荷物50の送付人UA)が所持する端末10でよい。指定送信先は、配送関連情報DRに含まれていてよい。つまり、通信デバイス22は、各層の各ノードNDに対応する二次元コードCD2を、各ノードNDに対応する端末10に送信してよい。 The processor 21 transmits the two-dimensional code CD2 corresponding to each node ND of each layer to each designated destination via the communication device 22 (S22). The designated destination is determined for each node ND, and may be the terminal 10 possessed by the deliverer (sender UA of the parcel 50) identified by the above-described deliverer ID. The designated destination may be included in the delivery-related information DR. That is, the communication device 22 may transmit the two-dimensional code CD2 corresponding to each node ND in each layer to the terminal 10 corresponding to each node ND.
 なお、各指定送信先である各端末10は、プロセッサ11が、通信デバイス12を介して、ステップS22で物流管理装置20から送信された各層の各ノードNDに対応する二次元コードCD2を受信し、この二次元コードCD2をメモリ13に保持する。この二次元コードCD2は、暗号化対象の暗号元コードCDを復号する際に使用される。 In each terminal 10 as each designated destination, the processor 11 receives the two-dimensional code CD2 corresponding to each node ND in each layer transmitted from the physical distribution management apparatus 20 in step S22 via the communication device 12. , this two-dimensional code CD2 is held in the memory 13 . This two-dimensional code CD2 is used when decrypting the encryption original code CD.
 プロセッサ21は、各層の各ノードNDに対応して導出されたシード値SDとハッシュ値HSとを、メモリ23に保持する(S23)。このシード値SDとハッシュ値HSとは、暗号元コードCDの復号時に使用される。シード値SDとハッシュ値HSとは、対になって保持される。一方、シード値SD及びハッシュ値HSが配送フロー情報DFにおいてどの階層やどのノードNDに関連するものであるかを示す情報は、メモリ23に保持されない。つまり、メモリ23では、配送フロー情報DFにおける階層やノードの位置が加味されない状態で、シード値SD及びハッシュ値HSの対が保持されている。よって、例えば、第三者によって一部のシード値SDやハッシュ値HSがメモリ23から取得されたとしても、どのシード値SDやハッシュ値HSがどの階層のノードNDと対応しているか不明であるので、どの拠点に関する情報であるかを把握することは非常に困難である。よって、物流管理装置20は、暗号化対象の暗号元コードCDが復号される可能性を極めて小さくできる。 The processor 21 stores the seed value SD and hash value HS derived corresponding to each node ND in each layer in the memory 23 (S23). The seed value SD and hash value HS are used when decrypting the original code CD. The seed value SD and hash value HS are held in pairs. On the other hand, the memory 23 does not hold information indicating which layer and which node ND the seed value SD and hash value HS are related to in the delivery flow information DF. In other words, the memory 23 holds pairs of the seed value SD and the hash value HS without consideration of the hierarchy and node positions in the delivery flow information DF. Therefore, for example, even if a third party obtains some of the seed values SD and hash values HS from the memory 23, it is unknown which seed values SD and hash values HS correspond to which hierarchical node ND. Therefore, it is very difficult to grasp which base the information is about. Therefore, the physical distribution management device 20 can greatly reduce the possibility that the encryption source code CD to be encrypted will be decrypted.
 図8~図13は、物流管理システム5による暗号化時の動作を補足説明するための図である。図8~図13は、物流管理システム5により暗号元コードCDを暗号化する際の時系列の順に並んでいる。図8~図13では、いずれも、配送フロー情報DFに対応して階層的にノードNDが配置されている。 8 to 13 are diagrams for supplementary explanation of the encryption operation performed by the distribution management system 5. FIG. 8 to 13 are arranged in chronological order when the encryption source code CD is encrypted by the physical distribution management system 5. FIG. In each of FIGS. 8 to 13, nodes ND are hierarchically arranged corresponding to the delivery flow information DF.
 ここでは、第1層から第4層に向かって、各部を示す符号の末尾に、A,B,C,Dを付して、階層を識別可能にしている。また、同じ階層に複数のノードNDが存在する場合、ノードNDに対応する各部を示す符号の末尾に、「1」、「2」、…を付して、同一階層の複数の部位を識別可能にしている。例えば、第1層にノードNDAが配置され、第2層にノードNDBが配置され、第3層にノードNDC(NDC1,NDC2)が配置され、第4層にノードNDD(NDD1,NDD2)が配置されている。 Here, A, B, C, and D are added to the end of the code indicating each part from the 1st layer to the 4th layer so that the layers can be identified. In addition, when there are multiple nodes ND in the same hierarchy, it is possible to identify multiple parts in the same hierarchy by adding "1", "2", . . . I have to. For example, the node NDA is arranged in the first layer, the node NDB is arranged in the second layer, the nodes NDC (NDC1, NDC2) are arranged in the third layer, and the nodes NDD (NDD1, NDD2) are arranged in the fourth layer. It is
 図8では、最上位層のノードNDAに関連付けて、任意の暗号元コードCDA(暗号元コードCDの一例)が割り当てられている。この処理は、図5AのステップS12の処理に相当する。 In FIG. 8, an arbitrary cryptographic code CDA (an example of a cryptographic code CD) is assigned in association with the node NDA in the highest layer. This process corresponds to the process of step S12 in FIG. 5A.
 図9では、最上位層のノードNDAに対応する暗号元コードCDAが暗号化された暗号データCRAが、シード値SDAと二次元コードCD2Aとに分割されている。また、第2層のノードNDに、第1層のノードNDAのシード値SDAに基づく暗号元コードCDB(暗号元コードCDの一例)が割り当てられている。これらの処理は、図5AのステップS14,S18,S19等の処理に相当する。 In FIG. 9, the encrypted data CRA obtained by encrypting the encrypted original code CDA corresponding to the node NDA in the highest layer is divided into the seed value SDA and the two-dimensional code CD2A. A cryptographic code CDB (an example of a cryptographic code CD) based on the seed value SDA of the node NDA of the first layer is assigned to the node ND of the second layer. These processes correspond to the processes of steps S14, S18, S19, etc. in FIG. 5A.
 図10では、第1層のノードNDAと同様に、第2層のノードNDBに対応する暗号元コードCDが暗号化された暗号データCRが、シード値SDと二次元コードCD2とに分割されている。この処理は、図5AのステップS14の処理に相当する。 In FIG. 10, similarly to the node NDA of the first layer, the encrypted data CR obtained by encrypting the original code CD corresponding to the node NDB of the second layer is divided into the seed value SD and the two-dimensional code CD2. there is This process corresponds to the process of step S14 in FIG. 5A.
 図11では、最上位層から最下位層までの全ノードNDについて、ノードNDに紐づいた暗号元コードCDが暗号化された暗号データCRが、シード値SDと二次元コードCD2とに分割されている。また、第3層ではノードNDCが複数存在し、第2層における1つのノードNDBから接続された接続ラインLNが、ノードNDC1及びノードNDC2に接続されている。つまり、ノードNDBからノードNDC1及びノードNDC2に分岐している。この場合、ノードNDC1に対応する暗号元コードCD及びノードNDC2に対応する暗号元コードCDには、枝番号が含まれる。つまり、親ノードとしてのノードNDBに対応するシード値SDに枝番号が付加されて、子ノードとしてのノードNDC1,NDC2に対応する暗号元コードCDとされている。これらの処理は、図5AのステップS13~S19の処理に相当する。 In FIG. 11, for all nodes ND from the highest layer to the lowest layer, the encrypted data CR obtained by encrypting the encrypted original code CD linked to the node ND is divided into the seed value SD and the two-dimensional code CD2. ing. A plurality of nodes NDC exist in the third layer, and a connection line LN connected from one node NDB in the second layer is connected to the nodes NDC1 and NDC2. That is, the node NDB branches to the node NDC1 and the node NDC2. In this case, the branch number is included in the encryption original code CD corresponding to the node NDC1 and the encryption original code CD corresponding to the node NDC2. In other words, the branch number is added to the seed value SD corresponding to the node NDB as the parent node to form the encryption code CD corresponding to the nodes NDC1 and NDC2 as the child nodes. These processes correspond to the processes of steps S13 to S19 in FIG. 5A.
 図12では、各層の各ノードNDに対応する二次元コードCD2及びシード値SDの各対(つまり分割前の各暗号データCR)に対して、ハッシュ値HSが算出されている。この処理は、図5BのステップS21の処理に相当する。 In FIG. 12, a hash value HS is calculated for each pair of two-dimensional code CD2 and seed value SD corresponding to each node ND in each layer (that is, each encrypted data CR before division). This process corresponds to the process of step S21 in FIG. 5B.
 図13では、各層の各ノードNDに対応する二次元コードCD2が、各ノードNDに関連付けられた指定送信先に送信されている。送信された二次元コードCD2は、メモリ23の保持対象から除外される。一方、各層の各ノードNDに対応するシード値SD及びハッシュ値HSは、メモリ23に保持される。この処理は、図5BのステップS22,S23の処理に相当する。 In FIG. 13, the two-dimensional code CD2 corresponding to each node ND of each layer is transmitted to the specified destination associated with each node ND. The transmitted two-dimensional code CD2 is excluded from being stored in the memory 23 . On the other hand, the seed value SD and hash value HS corresponding to each node ND in each layer are held in the memory 23 . This processing corresponds to the processing of steps S22 and S23 in FIG. 5B.
 このように、物流管理装置20は、コードの暗号化時の動作例によれば、配送フロー情報DFの各ノードNDの位置関係や接続関係に応じて、暗号元コードCD、暗号データCR、二次元コードCD2、及びシード値SDを順次導出できる。子ノードは、親ノードのシード値SDに基づいて暗号化対象の暗号元コードCDを生成するので、親ノードと子ノードとは関連付けられている。配送フロー情報DFの全体にわたって、親ノードと子ノードとが関連付けられた状態が引き継がれていることで、全ノードNDにおいてシード値SDを基準に関連付けされた一連の接続関係(チェーン)が形成される。したがって、復号時には、物流管理装置20は、物流管理装置20と端末10とで別々に保存されたシード値SD及び二次元コードCD2を取得することで、子ノードに対応する暗号データCR(後述する復号元コードCD3)を導出し、暗号データCRから親ノードに対応するシード値SDを復号可能である。 As described above, according to an example of operation at the time of code encryption, the physical distribution management device 20, according to the positional relationship and connection relationship of each node ND in the delivery flow information DF, encrypts the original code CD, the encrypted data CR, and the two A dimension code CD2 and a seed value SD can be derived sequentially. Since the child node generates the cryptographic original code CD to be encrypted based on the seed value SD of the parent node, the parent node and the child node are associated. The state in which the parent node and the child node are associated is inherited throughout the delivery flow information DF, thereby forming a series of connection relationships (chains) in which all nodes ND are associated based on the seed value SD. be. Therefore, at the time of decryption, the physical distribution management device 20 acquires the seed value SD and the two-dimensional code CD2 that are separately stored in the physical distribution management device 20 and the terminal 10, thereby obtaining encrypted data CR (to be described later) corresponding to the child node. It is possible to derive the original decryption code CD3) and decrypt the seed value SD corresponding to the parent node from the encrypted data CR.
 また、メモリ23にシード値SD及びハッシュ値HSが保存される際には、シード値SD及びハッシュ値HSに対応するノードNDの階層情報を保持しない。そのため、どの2つのノードNDが親ノード及び子ノードであるかを判別できないので、メモリ23に保持された一部のシード値SD及びハッシュ値HSが奪取されても、各ノードNDに対応する暗号元コードCDを取得することは非常に困難である。よって、物流管理装置20は、シード値SDを基準にした暗号化されたチェーンを容易に生成できるとともに、セキュリティを確保できる。 Also, when the seed value SD and hash value HS are stored in the memory 23, the hierarchical information of the node ND corresponding to the seed value SD and hash value HS is not retained. Therefore, since it is impossible to determine which two nodes ND are the parent node and the child node, even if some of the seed values SD and hash values HS held in the memory 23 are stolen, the encryption corresponding to each node ND It is very difficult to obtain the original code CD. Therefore, the physical distribution management device 20 can easily generate an encrypted chain based on the seed value SD and can ensure security.
 なお、図5A及び図5Bでは、暗号化時にハッシュ値HSを導出することを例示したが、これに限られない。プロセッサ21は、ハッシュ値HSの導出や記録に係る処理を省略してもよい。つまり、図5BのステップS21の処理を省略してよく、ステップS23におけるハッシュ値HSのメモリ23への保存の処理を省略してよい。 Although FIG. 5A and FIG. 5B exemplify deriving the hash value HS at the time of encryption, it is not limited to this. The processor 21 may omit processing related to derivation and recording of the hash value HS. That is, the process of step S21 in FIG. 5B may be omitted, and the process of storing the hash value HS in the memory 23 in step S23 may be omitted.
 物流管理装置20は、ハッシュ値HSを算出しない場合でも、暗号元コードCDの暗号化に係る処理を簡素化し、暗号化に係る処理時間を短縮しつつ、荷物50の配送順序の正当性を評価できる。また、物流管理装置20は、ハッシュ値HSを算出してメモリ23に保持する場合、ハッシュ値HSに対応するノードNDに関連付けられた端末10の正当性を評価できる。 Even if the hash value HS is not calculated, the physical distribution management device 20 simplifies the processing related to the encryption of the encryption source code CD, shortens the processing time related to the encryption, and evaluates the validity of the delivery order of the packages 50. can. Also, when the physical distribution management apparatus 20 calculates the hash value HS and stores it in the memory 23, it can evaluate the legitimacy of the terminal 10 associated with the node ND corresponding to the hash value HS.
<復号化時の動作>
 次に、物流管理システム5によるコードの復号化時の動作について説明する。
 コードの復号化時では、前述したコードの暗号化時の動作(例えば図5A及び図5Bに示した動作)が完了した状態である。よって、復号時には、配送フロー情報DFに含まれる情報が仮定され、各ノードNDに対応する暗号元コードCDの順次の暗号化が完了している。また、物流管理システム5による復号化の開始時には、物流管理装置20のメモリ23には、配送フロー情報DFの各ノードNDに関連付けて導出されたシード値SD及びハッシュ値HSが保持されている。なお、ハッシュ値HSがメモリ23に保持されていなくてもよい。 <Decryption operation>
Next, the operation at the time of code decoding by the distribution management system 5 will be described.
At the time of code decryption, the above-described operation at the time of code encryption (for example, the operation shown in FIGS. 5A and 5B) is completed. Therefore, at the time of decryption, the information contained in the delivery flow information DF is assumed, and the sequential encryption of the encryption source code CD corresponding to each node ND is completed. At the start of decoding by the physical distribution management system 5, the memory 23 of the physical distribution management device 20 holds the seed value SD and hash value HS derived in association with each node ND of the delivery flow information DF. Note that the hash value HS does not have to be held in the memory 23 .
 図14A及び図14Bは、物流管理システム5によるコード(復号元コード)の復号化時の動作例を示すシーケンス図である。図14A及び図14Bでは、端末10Aを単に端末Aとも記載し、端末Bを単に端末Bとも記載する。 FIGS. 14A and 14B are sequence diagrams showing an operation example when the distribution management system 5 decrypts the code (decryption source code). 14A and 14B, the terminal 10A is also simply referred to as terminal A, and the terminal B is simply referred to as terminal B. FIG.
 図14A及び図14Bは、例えば、所定の拠点において荷物50の送付人UAと荷物50の受取人UBとが荷物50の受渡を行う際に、実施される。荷物50の物流においては同じ拠点における荷物50の送付人UAの方が荷物の受取人UBよりも上流側に位置する。そのため、配送フロー情報DFにおいて、荷物50の送付人UAに対応する拠点に対応するノードNDは、この荷物50の受取人UBに対応する拠点に対応するノードNDよりも一段上層に位置する。図14A及び図14Bの動作例では、一例として、荷物の送付人UAが所持する端末10Aが、端末10Aの二次元コードCD2TA及び端末10Bの二次元コードCD2TBを物流管理装置20へ送信することを例示する。 FIGS. 14A and 14B are implemented, for example, when the sender UA of the package 50 and the receiver UB of the package 50 deliver the package 50 at a predetermined base. In the physical distribution of the package 50, the sender UA of the package 50 at the same base is positioned upstream from the receiver UB of the package. Therefore, in the delivery flow information DF, the node ND corresponding to the base corresponding to the sender UA of the parcel 50 is located one level higher than the node ND corresponding to the base corresponding to the recipient UB of the parcel 50 . In the operation examples of FIGS. 14A and 14B, as an example, the terminal 10A possessed by the package sender UA transmits the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20. Illustrate.
 端末10の所持者は、所定の拠点における荷物50の送付人UA又は受取人UBである。配送フロー情報DFに含まれる配送関連情報DRには、配送人IDが含まれる。配送フロー情報DFの各ノードNDに関連付けられた配送人IDは、このノードNDに対応する拠点での荷物50の受取人UBの識別IDであり、例えば受取人UBが所持する端末10BのIDである。よって、このノードNDは、端末10Bと関連付けられていることになる。同様に、このノードNDの親ノードは、端末10Aと関連付けられていることになる。 The owner of the terminal 10 is the sender UA or the recipient UB of the parcel 50 at a predetermined base. The delivery-related information DR included in the delivery flow information DF includes a delivery person ID. The delivery person ID associated with each node ND in the delivery flow information DF is the identification ID of the recipient UB of the package 50 at the base corresponding to this node ND, for example, the ID of the terminal 10B possessed by the recipient UB. be. Therefore, this node ND is associated with the terminal 10B. Similarly, the parent node of this node ND is associated with terminal 10A.
 まず、荷物50の送付時(引き渡し時)に、端末10Bは、プロセッサ11が、物流管理装置20から配布されてメモリ13に保持していた二次元コードCD2(端末10Bの二次元コードCD2TB)を、表示デバイス15に表示させる。端末10Aは、プロセッサ11が、二次元コードリーダ(ハードウェア又はソフトウェア)を介して端末10Bの二次元コードCD2TBを読み取る。そして、端末10Aは、通信デバイス12が、読み取られた端末10Bの二次元コードCD2TBと、端末10Aのメモリ13に保持されていた二次元コードCD2(端末10Aの二次元コードCD2TA)と、を物流管理装置20に送信する。暗号化時に二次元コードCD2が各端末10に配布されているので、端末10のユーザ(荷物50の送付人UA又は受取人UB)は、容易に荷物50の受渡の相手方の二次元コードCD2を取得できる。 First, at the time of sending (handing over) the package 50, the processor 11 stores the two-dimensional code CD2 (the two-dimensional code CD2TB of the terminal 10B) distributed from the physical distribution management device 20 and held in the memory 13. , is displayed on the display device 15 . The processor 11 of the terminal 10A reads the two-dimensional code CD2TB of the terminal 10B via a two-dimensional code reader (hardware or software). Then, the terminal 10A distributes the read two-dimensional code CD2TB of the terminal 10B and the two-dimensional code CD2 held in the memory 13 of the terminal 10A (the two-dimensional code CD2TA of the terminal 10A). Send to the management device 20 . Since the two-dimensional code CD2 is distributed to each terminal 10 at the time of encryption, the user of the terminal 10 (the sender UA or the recipient UB of the parcel 50) can easily enter the two-dimensional code CD2 of the other party to whom the parcel 50 is delivered. can be obtained.
 コードの復号時には、物流の下流から上流に対応するチェーンの下流から上流に向かって順番に行われる。そのため、端末10Bの二次元コードCD2TBに基づく復号の後に、端末10Aの二次元コードCD2TAに基づく復号が行われることを要する。そのため、端末10Aは、通信デバイス12が、端末10Bの二次元コードCD2TBを物流管理装置20に送信した後に、端末10Aの二次元コードCD2TAを物流管理装置20に送信してよい。または、プロセッサ11が、二次元コードCD2TBに基づく復号の順序を維持する順序指示情報を、物流管理装置20に送信してよい。ここでは、順序指示情報は、端末10Bの二次元コードCD2TBに基づく復号の後に、端末10Aの二次元コードCD2TAに基づく復号を行うことを指示する情報を含む。 When decoding the code, it is performed in order from downstream to upstream of the chain corresponding to the distribution from downstream to upstream. Therefore, decoding based on the two-dimensional code CD2TA of the terminal 10A must be performed after decoding based on the two-dimensional code CD2TB of the terminal 10B. Therefore, the terminal 10A may transmit the two-dimensional code CD2TA of the terminal 10A to the physical distribution management apparatus 20 after the communication device 12 has transmitted the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20 . Alternatively, the processor 11 may transmit to the physical distribution management device 20 order instruction information for maintaining the decoding order based on the two-dimensional code CD2TB. Here, the order instruction information includes information instructing decoding based on the two-dimensional code CD2TA of the terminal 10A after decoding based on the two-dimensional code CD2TB of the terminal 10B.
 物流管理装置20では、通信デバイス22が、端末10Aから、端末10Aの二次元コードCD2TAと端末10Bの二次元コードCD2TBとを取得(受信)する(S31)。この場合、通信デバイス22は、端末10Bの二次元コードCD2TBを受信した後に、端末10Aの二次元コードCD2TAを受信する。または、通信デバイス22、上記の順序指示情報を取得する。プロセッサ21は、二次元コードCD2TA,CD2TBの受信順序、又は順序指示情報に基づいて、二次元コードCD2TBに基づく復号化を二次元コードCD2TAに基づく復号化の前に行うことを決定する。 In the physical distribution management device 20, the communication device 22 acquires (receives) the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B from the terminal 10A (S31). In this case, the communication device 22 receives the two-dimensional code CD2TA of the terminal 10A after receiving the two-dimensional code CD2TB of the terminal 10B. Alternatively, the communication device 22 obtains the above order indication information. The processor 21 determines to perform decoding based on the two-dimensional code CD2TB before decoding based on the two-dimensional code CD2TA, based on the order of reception of the two-dimensional codes CD2TA and CD2TB or the order indication information.
 プロセッサ21は、メモリ23に保持された情報を参照し、取得された端末10Bの二次元コードCD2TBとの組み合わせで、復号に成功するシード値SDを探索する。つまり、プロセッサ21は、端末10Bの二次元コードCD2TBと関連付けて生成されたシード値SDが存在するか否かを探索する。ここで、メモリ23には、暗号化時に生成されたチェーンの順序を示す情報が保持されていない。そのため、プロセッサ21は、保存されている1つ以上のシード値SDのうちどのシード値SDが端末10Bの二次元コードCD2TBと関連付けられたものであるかを判別できない。 The processor 21 refers to the information held in the memory 23 and searches for a seed value SD that can be successfully decoded in combination with the obtained two-dimensional code CD2TB of the terminal 10B. That is, the processor 21 searches whether or not there is a seed value SD generated in association with the two-dimensional code CD2TB of the terminal 10B. Here, the memory 23 does not hold information indicating the order of the chain generated at the time of encryption. Therefore, the processor 21 cannot determine which seed value SD among the one or more stored seed values SD is associated with the two-dimensional code CD2TB of the terminal 10B.
 そこで、プロセッサ21、メモリ23に保持された任意のシード値(端末10Bの二次元コードCD2TBと未だ組み合わされていないシード値)と、端末10Bの二次元コードCD2TBと組み合わせて、端末10Bの復号化対象の元コード(復号元コードCD3)を生成する(S32)。復号元コードCD3は、暗号化時に生成された暗号データCRに対応する。この場合、プロセッサ21は、一度組み合されたシード値SDに対して、組み合わせ済みであることを示すフラグを付しておくことで、未だ組み合わされていないシード値か否かを判別し、次回以降の組み合わせ候補から除外してよい。 Therefore, the processor 21 combines an arbitrary seed value (a seed value that has not yet been combined with the two-dimensional code CD2TB of the terminal 10B) held in the memory 23 with the two-dimensional code CD2TB of the terminal 10B to perform decoding of the terminal 10B. A target original code (decoded original code CD3) is generated (S32). The decryption source code CD3 corresponds to the encrypted data CR generated during encryption. In this case, the processor 21 attaches a flag indicating that the combination has been completed to the seed values SD that have been combined once, thereby determining whether or not the seed values have not yet been combined. It may be excluded from subsequent combination candidates.
 プロセッサ21は、暗号化時に使用した復号可能な暗号方式の関数(例えばRSA関数)を用いて逆算して、端末10Bの復号元コードCD3を復号化し、端末10Bの復号データDCを得る(S33)。復号データDCは、暗号化時に暗号化対象のコードであった暗号元コードCDに対応する。 The processor 21 performs back calculation using the decryptable encryption method function (for example, the RSA function) used at the time of encryption, decrypts the original decryption code CD3 of the terminal 10B, and obtains the decrypted data DC of the terminal 10B (S33). . The decrypted data DC corresponds to the code source code CD which was the code to be encrypted at the time of encryption.
 プロセッサ21は、得られた端末10Bの復号データDCに枝番号が含まれているか否かを判定する(S34)。暗号化時に、同じ親ノードに対して複数の子ノードが存在するとして、親ノードのシード値SDに枝番号が付されて子ノードの暗号元コードCDが生成されていた場合、この暗号元コードCDに対応する復号データDCには枝番号が含まれていることになる。プロセッサ21は、例えば、復号データDCにおける所定の領域(例えば冒頭の4桁)を参照して、端末10Bの復号データDCに枝番号が含まれているか否かを判定してよい。プロセッサ21は、例えば、復号データDCにおける所定の領域(例えば冒頭の4桁)に分岐無し情報が含まれている場合には、端末10Bの復号データDCに枝番号が含まれていないと判定してよい。 The processor 21 determines whether or not the branch number is included in the obtained decoded data DC of the terminal 10B (S34). At the time of encryption, assuming that a plurality of child nodes exist for the same parent node, if a branch number is added to the seed value SD of the parent node to generate the encryption code CD of the child node, this encryption code The branch number is included in the decoded data DC corresponding to CD. For example, the processor 21 may refer to a predetermined area (eg, the first four digits) in the decoded data DC to determine whether or not the decoded data DC of the terminal 10B includes the branch number. For example, when the no-branch information is included in a predetermined area (for example, the first four digits) of the decoded data DC, the processor 21 determines that the decoded data DC of the terminal 10B does not include a branch number. you can
 端末10Bの復号データDCに枝番号が含まれている場合、プロセッサ21は、端末10Bの復号データDCから枝番号を削除(除外)する(S35)。枝番号を削除(除外)することには、枝番号を分岐無し情報に変更すること(例えば分岐の有無を示す領域を「0000」に変更すること)が含まれてよい。 When the branch number is included in the decoded data DC of the terminal 10B, the processor 21 deletes (excludes) the branch number from the decoded data DC of the terminal 10B (S35). Deleting (excluding) the branch number may include changing the branch number to no-branch information (for example, changing the area indicating whether or not there is a branch to "0000").
 ステップS34で端末10Bの復号データDCに枝番号が含まれていない場合、又は、ステップS35で端末10Bの復号データDCから枝番号が削除された後、プロセッサ21は、端末10Bの復号データDCが、メモリ23に保持された他のシード値SDと一致するか否かを判定する(S36)。ここでの他のシード値SDとは、メモリ23に保持されたいずれかのシード値SDであって、端末10Bの復号元コードCD3のシード値SD以外のシード値SDである。 If the branch number is not included in the decoded data DC of the terminal 10B in step S34, or after the branch number is deleted from the decoded data DC of the terminal 10B in step S35, the processor 21 determines that the decoded data DC of the terminal 10B is , and other seed values SD held in the memory 23 (S36). The other seed value SD here is any seed value SD held in the memory 23 and is a seed value SD other than the seed value SD of the decoding original code CD3 of the terminal 10B.
 端末10Bの復号データDCがメモリ23に保持された他のシード値SDと一致する場合、荷物50の配送順序が正当であると判別する(S37)。荷物50の配送順序が正当であることは、荷物50の受渡が正当であることの一例である。端末10Aは、所定の拠点において荷物50を送付する送付人UAの端末である。端末10Bは、この拠点において荷物50を受け取る受取人UBの端末である。暗号化時を考慮すると、端末10Bの復号元コードCD3が復号された復号データDCには、端末10Bに対応するノードNDに接続ラインLNが接続された一段上層のノード(親ノード)に対応するシード値SDが含まれているはずである。プロセッサ21は、端末10Bの復号データDCがメモリ23に保持された他のシード値SDと一致する場合には、この親ノードに対応するシード値SDであると判断できる。よって、プロセッサ21は、端末10Aに対応するノードNDが親ノードであり、端末10Bに対応するノードNDが、この親ノードに対する子ノードであると推定できる。よって、プロセッサ21は、端末10Bの復号元コードCD3の復号に成功し、荷物50の配送順序が正当であると判別する。 If the decoded data DC of the terminal 10B matches another seed value SD held in the memory 23, it is determined that the delivery order of the package 50 is correct (S37). Validity of the delivery order of the package 50 is an example of valid delivery of the package 50 . The terminal 10A is the terminal of the sender UA who sends the parcel 50 at a predetermined base. The terminal 10B is the terminal of the recipient UB who receives the parcel 50 at this base. Considering the time of encryption, the decrypted data DC obtained by decrypting the original decryption code CD3 of the terminal 10B corresponds to a node (parent node) in the next higher layer where the connection line LN is connected to the node ND corresponding to the terminal 10B. It should contain the seed value SD. If the decoded data DC of the terminal 10B matches another seed value SD held in the memory 23, the processor 21 can determine that the seed value SD corresponds to this parent node. Therefore, processor 21 can estimate that node ND corresponding to terminal 10A is a parent node, and node ND corresponding to terminal 10B is a child node of this parent node. Therefore, the processor 21 succeeds in decoding the decoding source code CD3 of the terminal 10B, and determines that the delivery order of the parcel 50 is valid.
 一方、ステップS36で端末10Bの復号データDCがメモリ23に保持された他のシード値SDと一致しない場合、メモリ23に保持された全てのシード値SDを端末10Bと組合せたか否かを判定する(S38)。 On the other hand, if the decoded data DC of the terminal 10B does not match the other seed values SD held in the memory 23 in step S36, it is determined whether or not all the seed values SD held in the memory 23 have been combined with the terminal 10B. (S38).
 メモリ23に、端末10Bの二次元コードCD2TBと未だ組合せていないシード値SDが存在する場合(S38のNo)、プロセッサ21は、ステップS32に進み、ステップS32~S38の処理を繰り返す。つまり、プロセッサ21は、取得された端末10Bの二次元コードCD2TBと、メモリ23に保持された複数のシード値SDのうちの任意のシード値SDとを、シード値SDを変更しながら組み合わせ、端末10Bの復号データDCがメモリ23に保持された他のシード値SDと一致するまで(復号に成功するまで)繰り返す。 If there is a seed value SD that has not yet been combined with the two-dimensional code CD2TB of the terminal 10B in the memory 23 (No in S38), the processor 21 proceeds to step S32 and repeats the processing of steps S32 to S38. That is, the processor 21 combines the obtained two-dimensional code CD2TB of the terminal 10B and an arbitrary seed value SD among the plurality of seed values SD held in the memory 23 while changing the seed value SD, This is repeated until the decoded data DC of 10B matches another seed value SD held in the memory 23 (until the decoding is successful).
 端末10Bの二次元コードCD2TBとメモリ23に保持されたどのシード値SDとを組み合わせても復号に成功しない場合(S38のNo)、端末10Aを所持する荷物50の送付人UAから端末10Bを所持する荷物50の受取人UBへの荷物50の受渡が正当でないと判別する(図14BのS47)。 If the combination of the two-dimensional code CD2TB of the terminal 10B and any seed value SD held in the memory 23 does not succeed in decoding (No in S38), the sender UA of the package 50 possessing the terminal 10A possesses the terminal 10B. It is determined that the delivery of the package 50 to the recipient UB of the package 50 is not valid (S47 in FIG. 14B).
 図14Bに進み、プロセッサ21は、復号に成功した端末10Bの復号元コードCD3を基に、端末10Bのハッシュ値HS’を算出する(S41)。 Proceeding to FIG. 14B, the processor 21 calculates the hash value HS' of the terminal 10B based on the decryption source code CD3 of the terminal 10B that has been successfully decrypted (S41).
 プロセッサ21は、算出された端末10Bのハッシュ値HS’と、メモリ23に保持されたハッシュ値HSであって、復号に成功した端末10Bの復号元コードCD3のシード値SDと対であるハッシュ値HSと、が一致するか否かを判定する(S42)。 The processor 21 combines the calculated hash value HS' of the terminal 10B and the hash value HS held in the memory 23 with the seed value SD of the decryption source code CD3 of the successfully decrypted terminal 10B. It is determined whether or not HS matches (S42).
 この端末10Bのハッシュ値HS’とハッシュ値HSとが一致する場合(S42のYes)、プロセッサ21は、端末10Bが正当である、つまり端末10Bを所持する荷物50の受取人UBが正当である、と判別する(S43)。端末10Bが正当であることは、荷物50の受渡が正当であることの一例である。一方、この端末10Bのハッシュ値HS’とハッシュ値HSとが一致しない場合(S42のNo)、プロセッサ21は、端末10Aを所持する荷物50の送付人UAから端末10Bを所持する荷物50の受取人UBへの荷物50の受渡が正当でないと判別する(S47)。 If the hash value HS' of the terminal 10B matches the hash value HS (Yes in S42), the processor 21 determines that the terminal 10B is valid, that is, the recipient UB of the package 50 possessing the terminal 10B is valid. (S43). Validity of the terminal 10B is an example of validation of delivery of the parcel 50 . On the other hand, if the hash value HS' of the terminal 10B does not match the hash value HS (No in S42), the processor 21 receives the package 50 possessing the terminal 10B from the sender UA of the package 50 possessing the terminal 10A. It is determined that the delivery of the package 50 to the person UB is not valid (S47).
 プロセッサ21は、ステップS31で取得された端末10Aで取得された二次元コードCD2TAと、メモリ23から探索された端末10Aのシード値SDとを組み合わせた端末10Aの復号元コードCD3を基に、端末10Aのハッシュ値HS’を算出する(S44)。ここでの端末10Aのシード値SDは、ステップS36,S37で復号に成功した際のメモリ23から探索された他のシード値SDである。 The processor 21 combines the two-dimensional code CD2TA obtained by the terminal 10A obtained in step S31 and the seed value SD of the terminal 10A searched from the memory 23, based on the decryption source code CD3 of the terminal 10A. A hash value HS' of 10A is calculated (S44). The seed value SD of the terminal 10A here is another seed value SD retrieved from the memory 23 when the decoding is successful in steps S36 and S37.
 プロセッサ21は、算出された端末10Aのハッシュ値HS’と、メモリ23に保持されたハッシュ値HSであって、端末10Aの復号元コードCD3のシード値SDと対であるハッシュ値HSと、が一致するか否かを判定する(S45)。 The processor 21 combines the calculated hash value HS' of the terminal 10A with the hash value HS held in the memory 23 and paired with the seed value SD of the decryption source code CD3 of the terminal 10A. It is determined whether or not they match (S45).
 この端末10Aのハッシュ値HS’とハッシュ値HSとが一致する場合(S45のYes)、プロセッサ21は、端末10Aが正当である、つまり端末10Aを所持する荷物50の送付人UAが正当である、と判別する(S46)。端末10Aが正当であることは、荷物50の受渡が正当であることの一例である。一方、この端末10Aのハッシュ値HS’とハッシュ値HSとが一致しない場合(S45のNo)、プロセッサ21は、端末10Aを所持する荷物50の送付人UAから端末10Bを所持する荷物50の受取人UBへの荷物50の受渡が正当でないと判別する(S47)。 If the hash value HS' of the terminal 10A matches the hash value HS (Yes in S45), the processor 21 determines that the terminal 10A is valid, that is, the sender UA of the package 50 possessing the terminal 10A is valid. (S46). Validity of the terminal 10A is an example of validation of delivery of the package 50 . On the other hand, if the hash value HS' of the terminal 10A does not match the hash value HS (No in S45), the processor 21 receives the package 50 having the terminal 10B from the sender UA of the package 50 having the terminal 10A. It is determined that the delivery of the package 50 to the person UB is not valid (S47).
 なお、プロセッサ21は、ハッシュ関数(一方向性関数の一例)を用いて、正当性が保証された端末10Aのシード値SDから、シード値SDのハッシュ値SDHSを算出してよい。プロセッサ21は、通信デバイス32を介して、ハッシュ値SDHSを端末10Aに送信してもよい。端末10Aは、プロセッサ11が、通信デバイス12を介して端末10Aのハッシュ値SDHSを受信し、メモリ13に保存してよい。このハッシュ値SDHSは、チェーンの一部を形成するシード値SDに基づく値であるので、信頼性が高く、例えば端末10Aの電子印鑑として活用可能である。 Note that the processor 21 may use a hash function (an example of a one-way function) to calculate a hash value SDHS of the seed value SD from the seed value SD of the terminal 10A whose legitimacy is guaranteed. Processor 21 may transmit hash value SDHS to terminal 10A via communication device 32 . In the terminal 10A, the processor 11 may receive the hash value SDHS of the terminal 10A via the communication device 12 and store it in the memory 13. FIG. Since this hash value SDHS is based on the seed value SD forming part of the chain, it is highly reliable and can be used as an electronic seal stamp for the terminal 10A, for example.
 なお、図14A及び図14Bの動作例では、一例として、荷物の送付人UAが所持する端末10Aが、端末10Aの二次元コードCD2TA及び端末10Bの二次元コードCD2TBを物流管理装置20へ送信することを例示したが、これに限られない。つまり、図14A及び図14Bの動作例では、荷物の受取人UBが所持する端末10Bが、端末10Aの二次元コードCD2TA及び端末10Bの二次元コードCD2TBを物流管理装置20へ送信してもよい。 14A and 14B, as an example, the terminal 10A possessed by the package sender UA transmits the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20. However, it is not limited to this. 14A and 14B, the terminal 10B possessed by the package recipient UB may transmit the two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2TB of the terminal 10B to the physical distribution management apparatus 20. .
 この場合、端末10Aは、プロセッサ11が、物流管理装置20から配布されてメモリ13に保持していた二次元コードCD2(端末10Aの二次元コードCD2TA)を、表示デバイス15に表示させる。端末10Bは、プロセッサ11が、二次元コードリーダ(ハードウェア又はソフトウェア)を介して端末10Aの二次元コードCD2TAを読み取る。そして、端末10Bは、通信デバイス12が、読み取られた端末10Aの二次元コードCD2TAと、端末10Bのメモリ13に保持されていた二次元コードCD2(端末10Bの二次元コードCD2TB)と、を物流管理装置20に送信する。この場合でも、コードの復号時には、物流の下流から上流に対応するチェーンの下流から上流に向かって順番に行われる。そのため、端末10Bの二次元コードCD2TBに基づく復号の後に、端末10Aの二次元コードCD2TAに基づく復号が行われる。 In this case, the terminal 10A causes the processor 11 to display on the display device 15 the two-dimensional code CD2 (the two-dimensional code CD2TA of the terminal 10A) distributed by the physical distribution management device 20 and held in the memory 13. The processor 11 of the terminal 10B reads the two-dimensional code CD2TA of the terminal 10A via a two-dimensional code reader (hardware or software). Then, the communication device 12 distributes the read two-dimensional code CD2TA of the terminal 10A and the two-dimensional code CD2 held in the memory 13 of the terminal 10B (the two-dimensional code CD2TB of the terminal 10B). Send to the management device 20 . Even in this case, code decoding is performed sequentially from downstream to upstream in the chain corresponding to downstream to upstream distribution. Therefore, decoding based on the two-dimensional code CD2TA of the terminal 10A is performed after decoding based on the two-dimensional code CD2TB of the terminal 10B.
 二次元コードCD2TA,CD2TBを物流管理装置20に送信する端末10が端末10A及び端末10Bのいずれであっても、図14A及び図14Bの動作例によれば、物流管理装置20は、端末10Aの正当性及び端末10Bの正当性の双方を保証することができる。 Regardless of whether the terminal 10 that transmits the two-dimensional codes CD2TA and CD2TB to the physical distribution management device 20 is either the terminal 10A or the terminal 10B, the physical distribution management device 20 can transmit the two-dimensional codes CD2TA and CD2TB to the physical distribution management device 20 according to the operation examples of FIGS. Both the legitimacy and the legitimacy of the terminal 10B can be guaranteed.
 なお、図14BのステップS41~S43における端末10Bに関するハッシュ値の検証の処理は省略可能である。つまり、ステップS41~S43が省略されてもよい。また、図14BのステップS44~S46における端末10Aに関するハッシュ値の検証の処理は省略可能である。つまり、ステップS44~S46が省略されてもよい。 It should be noted that the process of verifying the hash value for the terminal 10B in steps S41 to S43 in FIG. 14B can be omitted. That is, steps S41 to S43 may be omitted. Further, the process of verifying the hash value regarding the terminal 10A in steps S44 to S46 of FIG. 14B can be omitted. That is, steps S44 to S46 may be omitted.
 物流管理装置20は、ハッシュ値HSを算出しない場合、復号元コードCD3の復号化に係る処理を簡素化し、復号化に係る処理時間を短縮しつつ、荷物50の配送順序の正当性を評価できる。また、物流管理装置20は、ハッシュ値HSを算出する場合、ハッシュ値HSに対応するノードNDに関連付けられた端末10の正当性を評価できる。 When the hash value HS is not calculated, the physical distribution management device 20 can evaluate the validity of the delivery order of the parcels 50 while simplifying the processing related to the decoding of the decoding source code CD3 and shortening the processing time related to the decoding. . Further, when calculating the hash value HS, the physical distribution management device 20 can evaluate the legitimacy of the terminal 10 associated with the node ND corresponding to the hash value HS.
 また、図14AのステップS38において、端末10Bの二次元コードCD2TBとメモリ23に保持されたどのシード値SDとを組み合わせても復号に成功しない場合、図14BのステップS47に進むので、S41~S47のハッシュ値の検証の処理が実施されないが、これに限られない。図14AのステップS38において、端末10Bの二次元コードCD2TBとメモリ23に保持されたどのシード値SDとを組み合わせても復号に成功しない場合でも、ステップS41~S47のハッシュ値の検証の処理を実施してもよい。 Further, in step S38 of FIG. 14A, if the combination of the two-dimensional code CD2TB of the terminal 10B and any seed value SD held in the memory 23 does not succeed in decoding, the process proceeds to step S47 of FIG. 14B. However, it is not limited to this. Even if the combination of the two-dimensional code CD2TB of the terminal 10B and any seed value SD held in the memory 23 does not succeed in decoding in step S38 of FIG. 14A, the hash value verification processing of steps S41 to S47 is performed. You may
 例えば、端末10Bに対応するノードNDが、配送フロー情報DFにおける最上位層のノードNDである場合、端末10Bに対応するノードNDを子ノードとする親ノードは存在しない。そのため、子ノードの復号元コードCD3が復号された復号データDCに対応する親ノードのシード値SDも存在しない。この場合でも、物流管理装置20は、端末10Bのハッシュ値HSを用いた検証を行うことで、配送順序は不当であるが、端末10Bがチェーンを形成する端末10のうちの1つであり、端末10Bの正当性があることを少なくとも保証できる。 For example, if the node ND corresponding to the terminal 10B is the highest layer node ND in the delivery flow information DF, there is no parent node having the node ND corresponding to the terminal 10B as a child node. Therefore, there is no seed value SD of the parent node corresponding to the decoded data DC obtained by decoding the original decoded code CD3 of the child node. Even in this case, the physical distribution management device 20 performs verification using the hash value HS of the terminal 10B, and finds that the delivery order is incorrect, but the terminal 10B is one of the terminals 10 forming the chain. At least the legitimacy of the terminal 10B can be guaranteed.
 また、例えば、端末10Aに対応するノードNDが、配送フロー情報DFにおける最下位層のノードNDである場合、端末10Aに対応するノードNDを親ノードとする子ノードは存在しない。そのため、親ノードのシード値SDに対応する復号データDCが得られる復号化を行う子ノードが存在しない。この場合でも、物流管理装置20は、端末10Aのハッシュ値HSを用いた検証を行うことで、配送順序は不当であるが、端末10Aがチェーンを形成する端末10のうちの1つであり、端末10Aの正当性があることを少なくとも保証できる。 Also, for example, if the node ND corresponding to the terminal 10A is the lowest layer node ND in the delivery flow information DF, there is no child node whose parent node is the node ND corresponding to the terminal 10A. Therefore, there is no child node to be decoded to obtain the decoded data DC corresponding to the seed value SD of the parent node. Even in this case, the physical distribution management device 20 performs verification using the hash value HS of the terminal 10A to confirm that the delivery order is invalid, but that the terminal 10A is one of the terminals 10 forming the chain. At least the legitimacy of the terminal 10A can be guaranteed.
 また、所定の拠点において端末10の所持者が荷物50の送付又は受取を実施できない場合には、例えば、所定の拠点を通過して1つ前の拠点から1つ次の拠点までは荷物50が配送されることがあり得る。このように1つの拠点を通過して次の拠点の次の拠点で荷物50が受渡される場合、荷物50の受取人UBが所持する端末10Bの復号元コードCD3に基づく復号化により、配送順序が不当であると判別される。この場合でも、物流管理装置20は、端末10A又は端末10Bのハッシュ値HSを用いた検証を行うことで、配送順序は不当であるが、端末10A又は10Bがチェーンを形成する端末10のうちの1つであり、端末10A又は10Bの正当性があることを少なくとも保証できる。これにより、例えば急病等により配送順序が変更になった場合でも対応できる。 Further, when the owner of the terminal 10 cannot send or receive the parcel 50 at a predetermined base, for example, the parcel 50 cannot be delivered from the previous base to the next base after passing through the predetermined base. It can be shipped. When the parcel 50 passes through one base and is delivered at the next base of the next base in this way, the delivery order is determined by decoding based on the decoding source code CD3 of the terminal 10B possessed by the recipient UB of the parcel 50. is determined to be improper. Even in this case, the physical distribution management device 20 performs verification using the hash value HS of the terminal 10A or the terminal 10B to confirm that the delivery order is incorrect, but the terminal 10A or 10B is one of the terminals 10 forming the chain. It is one and can at least guarantee the legitimacy of the terminal 10A or 10B. As a result, even if the delivery order is changed due to, for example, a sudden illness, it can be dealt with.
 物流管理装置20は、ハッシュ値を用いた検証を行うことで、端末10A又は端末10Bが保持する二次元コードCD2TA,CD2TBが改ざんされたり他の端末10が保持する二次元コードが差し替えられたりした場合には、端末10A又は端末10Bに正当性がないことを判別できる。よって、物流管理装置20は、不正やなりすましを発見できる。 The physical distribution management device 20 verifies using the hash value that the two-dimensional codes CD2TA and CD2TB held by the terminal 10A or the terminal 10B have been tampered with or the two-dimensional codes held by other terminals 10 have been replaced. In this case, it can be determined that the terminal 10A or the terminal 10B is not legitimate. Therefore, the physical distribution management device 20 can detect fraud and spoofing.
 物流管理装置20は、プロセッサ21が、配送順序、端末10A、又は端末10Bが正当であると判別した場合、配送順序、端末10A、又は端末10Bが正当であることを示す情報を端末10Aに送信してよい。端末10Aは、プロセッサ11が、通信デバイス12を介してこの情報を受信し、配送順序、端末10A、又は端末10Bが正当であることを示す情報を表示デバイス15に表示させてよい。この場合、端末10Aを所持する荷物50の送付人UAは、荷物50を受取人UBに渡しても安全であることを確認できる。 When the processor 21 determines that the delivery order and the terminal 10A or the terminal 10B are valid, the physical distribution management device 20 transmits information indicating that the delivery order and the terminal 10A or the terminal 10B are valid to the terminal 10A. You can Terminal 10A may cause processor 11 to receive this information via communication device 12 and cause display device 15 to display information indicating the delivery order and the validity of terminal 10A or terminal 10B. In this case, the sender UA of the package 50 possessing the terminal 10A can confirm that it is safe to deliver the package 50 to the recipient UB.
 図15~図18は、物流管理システム5による復号化時の動作を補足説明するための図である。図15~図18は、物流管理システム5により復号元コードCD3を復号化する際の時系列の順に並んでいる。図15~図18では、説明のために、暗号化時の配送フロー情報DFに対応して階層的に配置されるノードNDに対応するシード値SD(つまり暗号化により得られたチェーンに対応するシード値SD)等が配置されているが、メモリ23には、この階層に関する情報は保持されていない。 15 to 18 are diagrams for supplementary explanation of the decoding operation by the distribution management system 5. FIG. 15 to 18 are arranged in chronological order when the original decoding code CD3 is decoded by the distribution management system 5. FIG. 15 to 18, for the sake of explanation, the seed value SD corresponding to the node ND hierarchically arranged corresponding to the delivery flow information DF at the time of encryption (that is, the seed value SD corresponding to the chain obtained by encryption Seed value SD), etc. are arranged, but the memory 23 does not hold information about this hierarchy.
 図15では、端末10Aが、端末10Bが表示する二次元コードCD2TBを読み取り、端末10Aが保持する端末10Aの二次元コードCD2TBと端末10Bの二次元コード2TBとを物流管理装置20に送信している。これらの処理は、図14AのステップS31の処理に相当する。 In FIG. 15, the terminal 10A reads the two-dimensional code CD2TB displayed by the terminal 10B, and transmits the two-dimensional code CD2TB of the terminal 10A held by the terminal 10A and the two-dimensional code 2TB of the terminal 10B to the physical distribution management device 20. there is These processes correspond to the process of step S31 in FIG. 14A.
 図16では、メモリ23に、複数のシード値SDが保持されていることを示している。また、メモリ23内の任意のシード値SDと端末10Aから取得された端末10Bの二次元コードCD2TBとが組み合わされて端末10Bの復号元コードCD3が生成されている。端末10Bの復号元コードCD3の復号に成功すると、端末10Bの復号データDCが、メモリ23内に保持された他のシード値SDと一致する。例えば、端末10Bに対応するノードNDが配送フロー情報DFのノードNDC2である場合、端末10Bに対応するノードNDC2に対応するシード値SDは、シード値SDC2であり、復号により得られたシード値SDは、ノードNDC2の一段上層にあるノードNDBに対応するシード値SDBである。このノードNDBは、端末10Aに対応するノードNDである。また、端末10Bに対応するノードNDが配送フロー情報DFのノードNDC2である場合、端末10Bの二次元コードCD2TBは、二次元コードCD2C2である。これらの処理は、図14AのステップS32,S33,S36,S37等の処理に相当する。 FIG. 16 shows that the memory 23 holds a plurality of seed values SD. An arbitrary seed value SD in the memory 23 and the two-dimensional code CD2TB of the terminal 10B obtained from the terminal 10A are combined to generate the decoding source code CD3 of the terminal 10B. When the decoding original code CD3 of the terminal 10B is successfully decoded, the decoded data DC of the terminal 10B matches another seed value SD held in the memory 23. FIG. For example, when the node ND corresponding to the terminal 10B is the node NDC2 of the delivery flow information DF, the seed value SD corresponding to the node NDC2 corresponding to the terminal 10B is the seed value SDC2, and the seed value SD obtained by decoding is the seed value SDB corresponding to the node NDB one level above the node NDC2. This node NDB is the node ND corresponding to the terminal 10A. Also, when the node ND corresponding to the terminal 10B is the node NDC2 of the delivery flow information DF, the two-dimensional code CD2TB of the terminal 10B is the two-dimensional code CD2C2. These processes correspond to the processes of steps S32, S33, S36, S37, etc. in FIG. 14A.
 図17では、端末10Bの復号データDCに含まれるシード値SD(SDB)と、端末10Aから取得された端末10Aの二次元コードCD2TAと、が組み合わされて、端末10Aの復号元コードCD3が生成されている。この端末10Aの二次元コードCD2TAは、図16と同様に端末10AがノードNDBに対応する場合、二次元コードCD2Bである。また、端末10Aの復号元コードCD3を基に、端末10Aのハッシュ値HS’(HSB’)が算出されている。このハッシュ値HSB’とメモリ23に保持された端末10Aのハッシュ値HS(HSB)とが比較されて、端末10Aの正当性が検証される。
これらの処理は、図14BのステップS44~S47等の処理に相当する。 In FIG. 17, the seed value SD (SDB) included in the decoded data DC of the terminal 10B and the two-dimensional code CD2TA of the terminal 10A obtained from the terminal 10A are combined to generate the decoding original code CD3 of the terminal 10A. It is The two-dimensional code CD2TA of this terminal 10A is the two-dimensional code CD2B when the terminal 10A corresponds to the node NDB as in FIG. Also, the hash value HS'(HSB') of the terminal 10A is calculated based on the decryption source code CD3 of the terminal 10A. This hash value HSB' is compared with the hash value HS (HSB) of the terminal 10A held in the memory 23 to verify the legitimacy of the terminal 10A.
These processes correspond to the processes such as steps S44 to S47 in FIG. 14B.
 図18では、端末10Aに対応するノードND(NDB)に対応するシード値SDBがハッシュ化されて、ハッシュ値SDHSが導出され、ハッシュ値SDHSが端末10Aに送信されている。つまり、端末10Aが送信した二次元コードCD2TAと対のシード値Dからハッシュ値SDHSが算出され、端末10Aに送信されている。これにより、端末10Aは、ハッシュ値SDHS取得することで、例えば操作デバイス14を介して入力されたデータに対してハッシュ値SDHSをタグとして貼り付けでき、ハッシュ値SDHSを識別子等や電子印鑑のように利用可能である。 In FIG. 18, the seed value SDB corresponding to the node ND (NDB) corresponding to the terminal 10A is hashed to derive the hash value SDHS, and the hash value SDHS is transmitted to the terminal 10A. That is, the hash value SDHS is calculated from the seed value D paired with the two-dimensional code CD2TA transmitted by the terminal 10A, and transmitted to the terminal 10A. Accordingly, by acquiring the hash value SDHS, the terminal 10A can attach the hash value SDHS as a tag to data input via the operation device 14, for example. available for
 このように、物流管理装置20は、コードの復号化時の動作例によれば、メモリ23に暗号化時に得られたシード値SD及びハッシュ値HSを保持しておき、復号化の際に端末10から暗号化時に配布されていた二次元コードCD2を取得することで、復号化の処理を実施できる。物流管理装置20は、復号化の処理が完了すると、メモリ23に保持していたシード値SD又はハッシュ値HSをメモリ23から削除してもよく、この場合、メモリ23の容量を効率良く使用できる。 In this way, according to an example of operation at the time of code decryption, the physical distribution management apparatus 20 holds the seed value SD and the hash value HS obtained at the time of encryption in the memory 23, By obtaining the two-dimensional code CD2 distributed at the time of encryption from 10, the decryption process can be performed. When the decryption process is completed, the physical distribution management device 20 may delete the seed value SD or hash value HS held in the memory 23 from the memory 23. In this case, the capacity of the memory 23 can be used efficiently. .
 このような物流管理システム5を用いた物流管理(荷物50の受渡管理)によれば、荷物50の送付人UA及び受取人UBは、端末10を所持するだけで、簡単に信頼性の高い荷物50の受渡を実施できる。また、ブロックチェーンを用いた物流管理のように、全ての受渡に関するデータをメモリ23に保持しておく必要はなく、メモリ23の記憶負荷を低減できる。したがって、物流管理装置20は、システムの構成を簡素化し、物流工程における荷物50の送付及び受取が正当であることを判別できる。 According to the physical distribution management (delivery management of the package 50) using such a physical distribution management system 5, the sender UA and the receiver UB of the package 50 can easily manage the package with high reliability simply by possessing the terminal 10. 50 deliveries can be performed. In addition, it is not necessary to hold all delivery-related data in the memory 23 as in physical distribution management using a block chain, and the storage load of the memory 23 can be reduced. Therefore, the physical distribution management device 20 can simplify the system configuration and determine that the delivery and receipt of the parcel 50 in the physical distribution process are valid.
 したがって、例えば中小規模の運送業者であって、物流管理システム5の全体を取り入れることが困難であっても、物流管理装置20を管理する外部組織があれば、運送業者は端末10(例えばスマートフォン)を準備すれば、上記のような信頼性の高い物流管理のサービスを享受可能である。また、物流管理システム5は、手書きで荷物50の受渡のサインを記入したり印鑑を押下したりする場合と比較して、荷物50の受渡の認証の確実性が向上でき、荷物50の受渡に要する時間を短縮できる。また、荷物50の受渡時に一方の端末10から他方の端末10の二次元コードを読み取ればよいので、感染症予防の観点からも有益である。 Therefore, for example, even if it is a small and medium-sized carrier and it is difficult to incorporate the entire logistics management system 5, if there is an external organization that manages the logistics management device 20, the carrier can use the terminal 10 (for example, a smartphone) , you can enjoy highly reliable logistics management services as described above. In addition, the physical distribution management system 5 can improve the certainty of the delivery authentication of the package 50 compared to the case where the signature for the delivery of the package 50 is written by hand or the seal is pressed. The time required can be shortened. In addition, since the two-dimensional code of one terminal 10 can be read from the other terminal 10 when the package 50 is delivered, it is also useful from the viewpoint of preventing infectious diseases.
 また、物流管理システム5は、荷物50の受渡時に送付人UAによる受取人UBの確認、あるいは、受取人UBによる送付人UAの確認、あるいはその両方を行うことによって、受渡行為の正当性を受け渡しの発生時に確認し、物流工程全体の正当性を判別できる。なお、荷物50には電子データも含まれてよく、したがって物流には電子的な取引も含まれてもよい。 In addition, the physical distribution management system 5 confirms the validity of the delivery action by confirming the recipient UB by the sender UA, or confirming the sender UA by the recipient UB, or both, when the package 50 is delivered. It is possible to check when a problem occurs and determine the validity of the entire distribution process. Note that the parcel 50 may also include electronic data, and therefore physical distribution may also include electronic transactions.
 なお、本実施形態では、暗号データCRの分割により得られた2つの分割データの他方である第2の分割データを、二次元コードCD2とすることを例示したが、これに限られない。例えば、第2の分割データは、1次元のバーコード、3次元以上の多次元のコード、つまりn次元コード(nは1以上の整数)、又はその他のリーダ等により読み取り可能な読取可能コードであってもよい。 In the present embodiment, the second divided data, which is the other of the two divided data obtained by dividing the encrypted data CR, is exemplified as the two-dimensional code CD2, but it is not limited to this. For example, the second divided data may be a one-dimensional bar code, a multi-dimensional code of three or more dimensions, that is, an n-dimensional code (where n is an integer of 1 or more), or a readable code that can be read by another reader or the like. There may be.
<実施形態の概要>
 以上のように、本実施形態の物流管理装置20は、物流を管理し、プロセッサ21と、メモリ23と、通信デバイス22と、を備える。プロセッサ21は、フロー情報(例えば配送フロー情報DF)を取得する。フロー情報は、荷物50が複数の物流の拠点を流通する順番に応じて複数の物流の拠点に対応する複数のノードNDが階層的に配置され、物流の開始拠点に対応するノードNDが最上位層に配置され、物流の完了拠点に対応するノードNDが最下位層に配置され、荷物50が流通する2つの隣接する拠点に対応して隣接する階層の2つのノードNDが接続されたことを示す情報を含む。プロセッサ21は、フロー情報における第1層のノードNDに対応する暗号化対象のコードである第1の暗号元コードCD(第1の元コードの一例)を取得する。プロセッサ21は、復号可能な暗号方式に用いる第1の関数(例えばRSA関数)を用いて第1の暗号元コードCDを暗号化して、第1の暗号データCRを生成する。プロセッサ21は、第1の暗号データCRを分割して、第1の二次元コードCD2(第1のn次元コードの一例)と第1のシード値SDとを導出する。プロセッサ21は、第1のシード値SDに基づいて、第1層よりも一段下層である第2層のノードNDに対応する暗号化対象のコードである第2の暗号元コードCD(第2の元コードの一例)を導出する。プロセッサ21は、第2の暗号元コードCDを第1の関数を用いて暗号化して、第2の暗号データCRを生成する。プロセッサ21は、第2の暗号データCRを分割して、第2の二次元コードCD2(第2のn次元コードの一例)と第2のシード値SDとを導出する。プロセッサ21は、第1のシード値SDと第2のシード値SDとをメモリ23に保存する。通信デバイス22は、第1の二次元コードCD2を、第1層のノードに関連付けられた第1の端末に送信し、第2の二次元コードCD2を、第2層のノードに関連付けられた第2の端末に送信する。 <Overview of Embodiment>
As described above, the physical distribution management device 20 of this embodiment manages physical distribution and includes the processor 21 , the memory 23 and the communication device 22 . The processor 21 acquires flow information (for example, delivery flow information DF). In the flow information, a plurality of nodes ND corresponding to a plurality of physical distribution bases are hierarchically arranged according to the order in which the package 50 circulates through the multiple physical distribution bases, and the node ND corresponding to the physical distribution starting base is the highest order. Arranged in layers, a node ND corresponding to a physical distribution completion base is arranged in the lowest layer, and two nodes ND in adjacent layers corresponding to two adjacent bases through which the cargo 50 is distributed are connected. including information to indicate The processor 21 acquires a first cryptographic original code CD (an example of a first original code), which is a code to be encrypted corresponding to the node ND of the first layer in the flow information. The processor 21 encrypts the first cryptographic code CD using the first function (for example, the RSA function) used in the decryptable encryption method to generate the first encrypted data CR. The processor 21 divides the first encrypted data CR to derive a first two-dimensional code CD2 (an example of a first n-dimensional code) and a first seed value SD. Based on the first seed value SD, the processor 21 generates a second cryptographic code CD (second An example of the original code) is derived. The processor 21 encrypts the second cryptographic code CD using the first function to generate second encrypted data CR. The processor 21 divides the second encrypted data CR to derive a second two-dimensional code CD2 (an example of a second n-dimensional code) and a second seed value SD. Processor 21 stores first seed value SD and second seed value SD in memory 23 . The communication device 22 transmits the first two-dimensional code CD2 to the first terminal associated with the first layer node, and transmits the second two-dimensional code CD2 to the second terminal associated with the second layer node. Send to terminal 2.
 これにより、物流管理装置20は、隣接する階層において、上層(第1層)のノードND(親ノード)に対応するシード値SDに基づいて、一段下層(第2層)のノードND(子ノード)に対応する暗号元コードCDを生成できる。よって、物流管理装置20は、親ノードのシード値SDと、子ノードの暗号元コードCDに基づいて導出あれたシード値SDと、をメモリ23に保持しておくことで、荷物50が流通する順番に対応した物流の拠点の情報を関連付けて保持することができる。また、物流管理装置20は、第1の二次元コードCD2と第2の二次元コードCD2とを各層の各ノードNDに関連付けられた各端末10に送信することで、復号用の情報の一部を各端末10に保持させることができる。よって、仮にメモリ23に保持されたシード値SDが漏洩しても、復号により暗号元コードCDを得ることは困難であるので、物流管理装置20は、システムの信頼性を高く維持できる。 As a result, the physical distribution management apparatus 20 determines the node ND (child node) of the next lower layer (second layer) based on the seed value SD corresponding to the node ND (parent node) of the upper layer (first layer) in the adjacent layer. ) can be generated. Therefore, the physical distribution management device 20 stores the seed value SD of the parent node and the seed value SD derived based on the encryption code CD of the child node in the memory 23, so that the package 50 can be distributed. Information on distribution bases corresponding to the order can be associated and held. In addition, the physical distribution management device 20 transmits the first two-dimensional code CD2 and the second two-dimensional code CD2 to each terminal 10 associated with each node ND of each layer, thereby partially decoding the information. can be held in each terminal 10 . Therefore, even if the seed value SD held in the memory 23 were leaked, it would be difficult to obtain the encryption code CD through decryption, so the physical distribution management apparatus 20 can maintain high system reliability.
 また、第1層が最上位層でよい。プロセッサ21は、乱数に基づいて第1の暗号元コードCDを生成してよい。プロセッサ21は、第2層のノードNDに対応する第2の暗号元コードCDと第2の暗号データCRと第2の二次元コードCD2と第2のシード値SDとを導出した後、導出された第2のシード値SDを次の第1のシード値SDとして設定し、第2の暗号元コードCDと第2の暗号データCRと第2の二次元コードCD2と第2のシード値SDとの導出を繰り返し、繰り返し導出された各第2のシード値SDをメモリ23に保存してよい。通信デバイス22は、繰り返し導出された各第2の二次元コードCD2を、各第2層のノードNDに関連付けられた各第2の端末に送信してよい。 Also, the first layer may be the highest layer. The processor 21 may generate the first cryptographic code CD based on random numbers. After deriving the second cryptographic code CD, the second cryptographic data CR, the second two-dimensional code CD2, and the second seed value SD corresponding to the node ND of the second layer, the processor 21 derives The second seed value SD is set as the next first seed value SD, and the second cryptographic code CD, the second encrypted data CR, the second two-dimensional code CD2, and the second seed value SD , and each iteratively derived second seed value SD may be stored in the memory 23 . The communication device 22 may transmit each iteratively derived second two-dimensional code CD2 to each second terminal associated with each layer 2 node ND.
 これにより、物流管理装置20は、導出された第2のシード値SDを次の第1のシード値SDとして設定することで、第2層のノードに対応する第2の暗号元コードCDと第2の暗号データCRと第2の二次元コードCD2と第2のシード値SDとの導出を、一段下層に移動しながら繰り返す。よって、物流管理装置20は、多数連続する階層において、最上位層から最下位層に至るまで各層のノードNDに対応するシード値SDに基づいて暗号元コードCDを生成するので、フロー情報の各ノードNDに対応する各暗号元コードCDを順番に関連付けられた状態とすることができる。よって、物流管理装置20は、フロー情報に対応する多数の物流の拠点の情報を順番に関連付けて保持することができる。 As a result, the physical distribution management device 20 sets the derived second seed value SD as the next first seed value SD to obtain the second cryptographic code CD corresponding to the node in the second layer and the second seed value SD. 2, the derivation of the encrypted data CR, the second two-dimensional code CD2, and the second seed value SD is repeated while moving one step lower. Therefore, the physical distribution management device 20 generates the cryptographic original code CD based on the seed value SD corresponding to the node ND of each layer from the highest layer to the lowest layer in a large number of consecutive layers. Each cryptographic code CD corresponding to the node ND can be associated in order. Therefore, the physical distribution management device 20 can hold information on a large number of physical distribution bases corresponding to the flow information in association with each other in order.
 また、プロセッサ21は、第1の暗号データCRに基づいて、一方向性関数を用いた演算結果の値である第1の一方向性関数値を算出してよい。プロセッサ21は、第2の暗号データCRに基づいて、一方向性関数を用いた演算結果の値である第2の一方向性関数値を算出してよい。プロセッサ21は、第1のシード値SDと第1の一方向性関数値とを対にし、第2のシード値SDと第2の一方向性関数値とを対にして、メモリ23に保持してよい。 Also, the processor 21 may calculate the first one-way function value, which is the value of the calculation result using the one-way function, based on the first encrypted data CR. The processor 21 may calculate the second one-way function value, which is the value of the calculation result using the one-way function, based on the second encrypted data CR. The processor 21 pairs the first seed value SD and the first one-way function value, pairs the second seed value SD and the second one-way function value, and stores them in the memory 23. you can
 一方向性関数値は、一方向性関数値に対応する各ノードNDに対応する各拠点での荷物50の送付人及び受取人の正当性を証明に用いられる。物流管理装置20は、暗号データに基づく一方向性関数値をメモリ23に保持しておくことで、復号時に拠点での受け渡しの正当性を証明可能にすることができる。 The unidirectional function value is used to prove the legitimacy of the sender and recipient of the parcel 50 at each base corresponding to each node ND corresponding to the unidirectional function value. By storing the one-way function value based on the encrypted data in the memory 23, the physical distribution management device 20 can prove the correctness of the delivery at the site at the time of decryption.
 また、プロセッサ21は、フロー情報に基づいて、第1層の第1のノード(親ノード)に接続された第2層の第2のノード(子ノード)が複数存在するか否かを判定してよい。プロセッサ21は、第2のノードが複数存在する場合、第2のノード毎に、第1のノードに対応する第1のシード値SDに、複数の第2のノードを識別するノード識別情報(例えば枝番号)を付加して、第2の暗号元コードCDを生成してよい。 The processor 21 also determines whether or not there are a plurality of second nodes (child nodes) in the second layer connected to the first node (parent node) in the first layer, based on the flow information. you can When there are a plurality of second nodes, the processor 21 stores node identification information (for example, branch number) may be added to generate the second cryptographic code CD.
 第1層の同じ第1のノード(親ノード)に第2層の複数の第2のノード(子ノード)が接続されている場合、第1のノードから複数の第2のノードに分岐しており、第1のノードに対応する拠点からの荷物が、複数の第2のノードに対応する複数の拠点に分岐して配送されることを示す。この場合、第1のノードに対応するシード値SDを複数の第2のノードに対応する第2の暗号元コードCDが引き継ぐ。この場合、第1のノードに対応する第1のシード値は1つであるが、物流管理装置20は、この第1のシード値SDに対応して複数の第2の暗号元コードCDを生成できる。よって、物流管理装置20は、ノードNDの分岐後において、それぞれの分岐経路において異なる暗号元コードCDを順次生成していくことができ、各階層の各ノードNDに対応してそれぞれ異なる暗号元コードCDを生成できる。よって、復号時には、異なる復号対象のコードを基に復号することになるので、物流管理装置20は、分岐がある場合でも、システムの信頼性の低下を抑制できる。 When a plurality of second nodes (child nodes) in the second layer are connected to the same first node (parent node) in the first layer, the first node branches to a plurality of second nodes. , indicating that a parcel from a base corresponding to a first node is branched and delivered to a plurality of bases corresponding to a plurality of second nodes. In this case, the seed value SD corresponding to the first node is inherited by the second cryptographic code CD corresponding to the plurality of second nodes. In this case, although there is one first seed value corresponding to the first node, the physical distribution management device 20 generates a plurality of second cryptographic codes CD corresponding to this first seed value SD. can. Therefore, after the node ND branches, the physical distribution management device 20 can sequentially generate different encryption original codes CD in each branch route, and each different encryption original code corresponding to each node ND in each hierarchy. Can generate CDs. Therefore, since the decoding is performed based on different codes to be decoded, the physical distribution management device 20 can suppress a decrease in reliability of the system even when there is a branch.
 本実施形態の物流管理装置20は、物流を管理し、プロセッサ21と、メモリ23と、を備える。メモリ23は、複数のシード値SDを保持している。プロセッサ21は、第1の端末(例えば端末10A)に保持され第1の二次元コードCD2(例えば二次元コードCD2TA)と、第2の端末(例えば端末10B)に保持された第2の二次元コードCD2(例えば二次元コードCD2TB)と、を取得する。プロセッサ21は、第2の二次元コードCD2と、メモリ23に保持された複数のシード値SDのうちの1つのシード値SDである第2のシード値SDと、を組み合わせて、復号化対象のコードである第2の復号元コードCD3(第2の元コードの一例)を生成する。プロセッサ21は、復号可能な暗号方式に用いる第1の関数に基づいて、第2の復号元コードCD3を復号化して復号データDCを導出する。プロセッサ21は、復号データDCが、メモリ23に保持されたいずれかのシード値SDであって、第2のシード値SD以外の第1のシード値SDと一致するか否かを判定する。プロセッサ21は、復号データDCが第1のシード値SDと一致した場合、第1の端末のユーザ(荷物50の送付人UA)から第2の端末のユーザ(例えば荷物50の受取人UB)への荷物50の受渡の順序が正当であると判定する。 The physical distribution management device 20 of this embodiment manages physical distribution and includes a processor 21 and a memory 23 . The memory 23 holds a plurality of seed values SD. The processor 21 stores a first two-dimensional code CD2 (eg, two-dimensional code CD2TA) held in a first terminal (eg, terminal 10A) and a second two-dimensional code held in a second terminal (eg, terminal 10B). A code CD2 (for example, a two-dimensional code CD2TB) is acquired. The processor 21 combines the second two-dimensional code CD2 and the second seed value SD, which is one seed value SD among the plurality of seed values SD held in the memory 23, to generate a decoding target A second decoded original code CD3 (an example of a second original code) is generated. Processor 21 derives decrypted data DC by decrypting second original decryption code CD3 based on the first function used in the decryptable encryption method. The processor 21 determines whether the decoded data DC matches any of the seed values SD held in the memory 23 and the first seed value SD other than the second seed value SD. If the decoded data DC matches the first seed value SD, the processor 21 transfers data from the user of the first terminal (the sender UA of the parcel 50) to the user of the second terminal (the recipient UB of the parcel 50, for example). It is determined that the delivery order of the parcels 50 is valid.
 これにより、荷物50の送付人UAが所持する第1の端末と荷物50の受取人UBが所持する第2の端末とが予め保持していた第1の二次元コードCD2と第2の二次元コードCD2とが物流管理装置20に送付される。チェーンの復号処理は、下層側のコードから実施される。物流では、荷物50の送付が荷物50の受取よりも上流である。そのため、端末10Bが保持していた第2の二次元コードCD2を基に第2の復号元コードCD3を復号し、端末10Bの上流側である端末10Aに関連するデータが得られているか否かを確認する。ここでは、復号データDCがメモリ23内の第1のシード値SDと一致する場合、第2の復号元コードCD3の第2のシード値SDとメモリ23内の第1のシード値SDとがチェーンを形成していることを判別できる。よって、物流管理装置20は、第2のシード値に対応するノードNDと第1のシード値に対応するノードNDとが、配送フロー情報DFにおける隣接する階層にあり、親ノードと子ノードとの関係にあると判別できる。よって、物流管理装置20は、荷物50の送付と受取との受渡(特に受渡順序)が正当であることを認識できる。 As a result, the first two-dimensional code CD2 and the second two-dimensional code previously held by the first terminal possessed by the sender UA of the parcel 50 and the second terminal possessed by the recipient UB of the parcel 50 are obtained. A code CD2 is sent to the physical distribution management device 20 . The decoding of the chain is performed from the lower layer code. In physical distribution, sending the package 50 is upstream of receiving the package 50 . Therefore, whether or not the second decoding original code CD3 is decoded based on the second two-dimensional code CD2 held by the terminal 10B, and the data related to the terminal 10A upstream of the terminal 10B is obtained. to confirm. Here, when the decoded data DC matches the first seed value SD in the memory 23, the second seed value SD of the second decoded original code CD3 and the first seed value SD in the memory 23 are chained together. can be determined to form Therefore, the physical distribution management device 20 determines that the node ND corresponding to the second seed value and the node ND corresponding to the first seed value are in adjacent layers in the delivery flow information DF, and the parent node and the child node are separated from each other. can be determined to be related. Therefore, the physical distribution management device 20 can recognize that the delivery (especially the delivery order) of the delivery and receipt of the package 50 is valid.
 また、プロセッサ21は、復号データDCが、メモリ23に保持された第2のシード値SD以外のいずれかの第1のシード値SDと一致するまで、第2の二次元コードCD2と組み合わせる第2のシード値SDを順次変更し、第2の復号元コードCD3を順次生成し、復号データDCを順次導出してよい。 Further, the processor 21 combines the decoded data DC with the second two-dimensional code CD2 until the decoded data DC matches any first seed value SD other than the second seed value SD held in the memory . The seed value SD of is sequentially changed, the second original decoding code CD3 is generated sequentially, and the decoded data DC is sequentially derived.
 これにより、物流管理装置20は、メモリ23に保持された複数のシード値SDについて、暗号化時の配送フロー情報DFのような階層に関する情報を保持してなくても、メモリ23内のシード値SDを順に探索することで、第2の復号元コードCD3の復号を成功に導くことができる。 As a result, the physical distribution management apparatus 20 can obtain the seed values stored in the memory 23 even if the information regarding the hierarchy such as the delivery flow information DF at the time of encryption is not stored for the plurality of seed values SD stored in the memory 23 . By sequentially searching SD, it is possible to successfully decode the second original decoding code CD3.
 また、メモリ23は、シード値SDと、一方向性関数を用いた演算結果の値である第1の一方向性関数値(例えばハッシュ値HS)と、を対にして複数保持していてよい。プロセッサ21は、復号データDCに一致した第1のシード値SDと第1の二次元コードCD2とを組み合わせた復号化対象のコードである第1の復号元コードCD3(第1の元コードの一例)に基づいて、一方向性関数を用いて第2の一方向性関数値(例えば端末10Aのハッシュ値HS’)を算出してよい。プロセッサ21は、メモリ23に、第2の一方向性関数値と一致する第1の一方向性関数値が保持されているか否かを判定してよい。プロセッサ21は、第2の一方向性関数値と一致する第1の一方向性関数値が保持されている場合、第1の端末が正当である判定してよい。 In addition, the memory 23 may hold a plurality of pairs of the seed value SD and the first one-way function value (for example, hash value HS) which is the value of the calculation result using the one-way function. . The processor 21 generates a first decoded original code CD3 (an example of a first original code) which is a code to be decoded by combining a first seed value SD matching the decoded data DC and a first two-dimensional code CD2. ), a second one-way function value (eg, hash value HS′ of terminal 10A) may be calculated using a one-way function. Processor 21 may determine whether memory 23 holds a first one-way function value that matches the second one-way function value. Processor 21 may determine that the first terminal is legitimate if the first one-way function value is retained that matches the second one-way function value.
 これにより、物流管理装置20は、第1の復号元コードCD3について一方向性関数を用いた照合を行うことで、第1の復号元コードCD3に対応する第1の端末が、正当な端末であるかどうかを判別できる。つまり、物流管理装置20は、第1の端末のユーザである荷物50の送付人UAが正当な送付人であるか否かを認識できる。 As a result, the physical distribution management device 20 checks the first decryption original code CD3 using the one-way function, so that the first terminal corresponding to the first decryption original code CD3 is an authorized terminal. can determine whether there is In other words, the physical distribution management device 20 can recognize whether or not the sender UA of the package 50, who is the user of the first terminal, is a legitimate sender.
 また、メモリ23は、シード値SDと、一方向性関数を用いた演算結果の値である第1の一方向性関数値(例えばハッシュ値HS)と、を対にして複数保持していてよい。プロセッサ21は、第2のシード値SDと第2の二次元コードCD2とを組み合わせた第2の復号元コードCD3に基づいて、一方向性関数を用いて第3の一方向性関数値(例えば端末10Bのハッシュ値HS’)を算出してよい。メモリ23に、第3の一方向性関数値と一致する第1の一方向性関数値が保持されているか否かを判定してよい。プロセッサ21は、第3の一方向性関数値と一致する第1の一方向性関数値が保持されている場合、第2の端末が正当であると判定してよい。 In addition, the memory 23 may hold a plurality of pairs of the seed value SD and the first one-way function value (for example, hash value HS) which is the value of the calculation result using the one-way function. . The processor 21 uses a one-way function to generate a third one-way function value (for example, A hash value HS') of the terminal 10B may be calculated. It may be determined whether memory 23 holds a first one-way function value that matches the third one-way function value. Processor 21 may determine that the second terminal is legitimate if the first one-way function value is retained that matches the third one-way function value.
 これにより、物流管理装置20は、第2の復号元コードCD3について一方向性関数を用いた照合を行うことで、第2の復号元コードCD3に対応する第2の端末が、正当な端末であるかどうかを判別できる。つまり、物流管理装置20は、第2の端末のユーザである荷物50の受取人UBが正当な受取人であるか否かを認識できる。 As a result, the physical distribution management device 20 checks the second decryption original code CD3 using the one-way function, thereby confirming that the second terminal corresponding to the second decryption original code CD3 is an authorized terminal. can determine whether there is In other words, the physical distribution management device 20 can recognize whether or not the recipient UB of the package 50, who is the user of the second terminal, is a valid recipient.
 また、荷物50が複数の物流の拠点を流通する順番に応じて複数の物流の拠点に対応する複数のノードNDが階層的に配置され、物流の開始拠点に対応するノードNDが最上位層に配置され、物流の完了拠点に対応するノードNDが最下位層に配置され、荷物50が流通する2つの隣接する拠点に対応して隣接する階層のノードNDが接続されている場合において、プロセッサ21は、復号データDCが、第2の端末に対応するノードNDが位置する第2層の一段上層の第1のノード(親ノード)に、第2層の第2のノード(子ノード)が複数接続されており、複数の第2のノードを識別するノード識別情報(例えば枝番号)を含む場合、復号データDCからノード識別情報を削除してよい。プロセッサ21は、ノード識別情報が削除された復号データDCが、第1のシード値SDと一致するか否かを判定してよい。 In addition, a plurality of nodes ND corresponding to a plurality of physical distribution bases are hierarchically arranged according to the order in which the package 50 circulates through the plurality of physical distribution bases, and the node ND corresponding to the physical distribution starting base is at the highest layer. In the case where the node ND corresponding to the physical distribution completion point is arranged in the lowest layer, and the node ND in the adjacent layer corresponding to the two adjacent points through which the package 50 is distributed is connected, the processor 21 is a first node (parent node) in the second layer, one level above where the node ND corresponding to the second terminal is located, and a plurality of second nodes (child nodes) in the second layer. If it is connected and includes node identification information (for example, branch numbers) identifying a plurality of second nodes, the node identification information may be deleted from the decoded data DC. The processor 21 may determine whether the decoded data DC from which the node identification information has been deleted matches the first seed value SD.
 これにより、物流管理装置20は、同じ親ノードに対して複数の子ノードが存在する場合であっても、ノード識別情報による復号への影響を抑制できる。この場合、物流管理装置20は、複数の子ノードに関連付けられた情報(ここでは復号データDC)から、同一の親ノードの情報(ここでは第1のシード値)を導出できる。よって、例えば配送フロー情報DFが親ノードから複数の子ノードへ分岐することを含み、各ノードNDに対応するコードが暗号化されてチェーンが形成された場合であっても、各ノードNDに対応するシード値SDを順次復号できる。 As a result, the physical distribution management device 20 can suppress the influence of the node identification information on decoding even when a plurality of child nodes exist for the same parent node. In this case, the physical distribution management device 20 can derive information (here, first seed value) of the same parent node from information (here, decoded data DC) associated with a plurality of child nodes. Therefore, for example, even if the delivery flow information DF branches from a parent node to a plurality of child nodes and the code corresponding to each node ND is encrypted to form a chain, the code corresponding to each node ND is encrypted. The seed value SD can be decoded sequentially.
 以上、図面を参照しながら各種の実施の形態について説明したが、本発明はかかる例に限定されないことは言うまでもない。当業者であれば、特許請求の範囲に記載された範疇内において、各種の変更例又は修正例に想到し得ることは明らかであり、それらについても当然に本発明の技術的範囲に属するものと了解される。また、発明の趣旨を逸脱しない範囲において、上記実施の形態における各構成要素を任意に組み合わせてもよい。 Various embodiments have been described above with reference to the drawings, but it goes without saying that the present invention is not limited to such examples. It is obvious that a person skilled in the art can conceive of various modifications or modifications within the scope described in the claims, and these also belong to the technical scope of the present invention. Understood. Moreover, each component in the above embodiments may be combined arbitrarily without departing from the gist of the invention.
 特許請求の範囲、明細書、及び図面中において示した装置、システム、プログラム、及び方法における動作、手順、ステップ、及び段階等の各処理の実行順序は、特段「より前に」、「先立って」等と明示しておらず、前の処理の出力を後の処理で用いるのでない限り、任意の順序で実現可能である。特許請求の範囲、明細書、及び図面中の動作フローに関して、便宜上「先ず、」、「次に」等を用いて説明したとしても、この順で実施することが必須であることを意味するものではない。 The execution order of each process such as actions, procedures, steps, and stages in the devices, systems, programs, and methods shown in the claims, the specification, and the drawings is , etc., and unless the output of the previous process is used in the subsequent process, it can be implemented in any order. Regarding the operation flow in the claims, the specification, and the drawings, even if the description is made using "first," "next," etc. for convenience, it means that it is essential to carry out in this order. is not.
 なお、本出願は、2021年3月31日出願の日本特許出願(特願2021-061714)に基づくものであり、その内容は本出願の中に参照として援用される。 This application is based on a Japanese patent application (Japanese Patent Application No. 2021-061714) filed on March 31, 2021, the content of which is incorporated herein by reference.
 本開示は、物流工程における荷物の送付及び受取が正当であることを判別できる物流管理装置及び物流管理方法等に有用である。 The present disclosure is useful for a physical distribution management device, a physical distribution management method, etc. that can determine whether the sending and receiving of a package in a physical distribution process is valid.
5 物流管理システム
10 端末
11 プロセッサ
12 通信デバイス
13 メモリ
14 操作デバイス
15 表示デバイス
20 物流管理装置
21 プロセッサ
22 通信デバイス
23 メモリ
24 操作デバイス
25 表示デバイス
CDA,CDB 暗号元コード
CD2,CD2TA,CD2TB 二次元コード
CD3 復号元コード
DF 配送フロー情報
HS ハッシュ値
ND ノード
SD シード値 5 Logistics management system 10 Terminal 11 Processor 12 Communication device 13 Memory 14 Operation device 15 Display device 20 Logistics management device 21 Processor 22 Communication device 23 Memory 24 Operation device 25 Display device CDA, CDB Encryption source code CD2, CD2TA, CD2TB Two-dimensional code CD3 Decryption source code DF Delivery flow information HS Hash value ND Node SD Seed value

Claims (11)

  1.  物流を管理する物流管理装置であって、
     プロセッサと、メモリと、通信デバイスと、を備え、
     前記プロセッサは、
     荷物が複数の物流の拠点を流通する順番に応じて前記複数の物流の拠点に対応する複数のノードが階層的に配置されたフロー情報であって、前記物流の開始拠点に対応するノードが最上位層に配置され前記物流の完了拠点に対応するノードが最下位層に配置されたフロー情報を取得し、
     前記フロー情報における第1層のノードに対応する暗号化対象のコードである第1の元コードを取得し、
     復号可能な暗号方式に用いる第1の関数を用いて前記第1の元コードを暗号化して、第1の暗号データを生成し、
     前記第1の暗号データを分割して、第1のn次元コード(nは1以上の整数)と第1のシード値とを導出し、
     前記第1のシード値に基づいて、前記第1層よりも一段下層である第2層のノードに対応する暗号化対象のコードである第2の元コードを導出し、
     前記第2の元コードを前記第1の関数を用いて暗号化して、第2の暗号データを生成し、
     前記第2の暗号データを分割して、第2のn次元コードと第2のシード値とを導出し、
     前記第1のシード値と前記第2のシード値とを前記メモリに保存し、
     前記通信デバイスは、
     前記第1のn次元コードを、前記第1層のノードに関連付けられた第1の端末に送信し、
     前記第2のn次元コードを、前記第2層のノードに関連付けられた第2の端末に送信する、
     物流管理装置。     A physical distribution management device for managing physical distribution,
    comprising a processor, a memory, and a communication device;
    The processor
    flow information in which a plurality of nodes corresponding to the plurality of physical distribution bases are hierarchically arranged according to the order in which a package circulates through the plurality of physical distribution bases, wherein the node corresponding to the physical distribution start base is the largest; Acquiring flow information in which a node arranged in an upper layer and corresponding to the distribution completion base is arranged in the lowest layer;
    obtaining a first original code, which is a code to be encrypted corresponding to a node of the first layer in the flow information;
    Encrypting the first original code using a first function used in a decryptable encryption method to generate first encrypted data;
    dividing the first encrypted data to derive a first n-dimensional code (n is an integer of 1 or more) and a first seed value;
    Based on the first seed value, deriving a second original code that is a code to be encrypted corresponding to a node in a second layer that is one level lower than the first layer,
    encrypting the second original code using the first function to generate second encrypted data;
    dividing the second encrypted data to derive a second n-dimensional code and a second seed value;
    storing the first seed value and the second seed value in the memory;
    The communication device is
    transmitting the first n-dimensional code to a first terminal associated with the first layer node;
    transmitting the second n-dimensional code to a second terminal associated with the layer 2 node;
    Logistics management device.
  2.  前記第1層は、最上位層であり、
     前記プロセッサは、
     乱数に基づいて前記第1の元コードを生成し、
     前記第2層のノードに対応する前記第2の元コードと前記第2の暗号データと前記第2のn次元コードと前記第2のシード値とを導出した後、導出された前記第2のシード値を次の第1のシード値として設定し、前記第2の元コードと前記第2の暗号データと前記第2のn次元コードと前記第2のシード値との導出を繰り返し、
     繰り返し導出された各前記第2のシード値を前記メモリに保存し、
     前記通信デバイスは、
     繰り返し導出された各前記第2のn次元コードを、各前記第2層のノードに関連付けられた各前記第2の端末に送信する、
     請求項1に記載の物流管理装置。     The first layer is the highest layer,
    The processor
    generating the first original code based on a random number;
    After deriving the second original code, the second encrypted data, the second n-dimensional code, and the second seed value corresponding to the node of the second layer, the derived second setting the seed value as the next first seed value, and repeating the derivation of the second original code, the second encrypted data, the second n-dimensional code, and the second seed value;
    storing each iteratively derived second seed value in the memory;
    The communication device is
    transmitting each of the iteratively derived second n-dimensional codes to each of the second terminals associated with each of the second layer nodes;
    The physical distribution management device according to claim 1.
  3.  前記プロセッサは、
     前記第1の暗号データに基づいて、一方向性関数を用いた演算結果の値である第1の一方向性関数値を算出し、
     前記第2の暗号データに基づいて、前記一方向性関数を用いた演算結果の値である第2の一方向性関数値を算出し、
     前記第1のシード値と前記第1の一方向性関数値とを対にし、前記第2のシード値と前記第2の一方向性関数値とを対にして、前記メモリに保存する、
     請求項1又は2に記載の物流管理装置。     The processor
    calculating a first one-way function value, which is a value of a calculation result using a one-way function, based on the first encrypted data;
    calculating a second one-way function value, which is a value of a calculation result using the one-way function, based on the second encrypted data;
    pairing the first seed value with the first one-way function value and pairing the second seed value with the second one-way function value and storing in the memory;
    The physical distribution management device according to claim 1 or 2.
  4.  前記フロー情報は、前記荷物が流通する2つの隣接する拠点に対応して隣接する階層のノードが接続された情報を含み、
     前記プロセッサは、
     前記フロー情報に基づいて、前記第1層の第1のノードに接続された前記第2層の第2のノードが複数存在するか否かを判定し、
     前記第2のノードが複数存在する場合、前記第2のノード毎に、前記第1のノードに対応する前記第1のシード値に、複数の前記第2のノードを識別するノード識別情報を付加して、前記第2の元コードを生成する、
     請求項1~3のいずれか1項に記載の物流管理装置。     The flow information includes information in which nodes in adjacent layers are connected corresponding to two adjacent bases through which the goods are distributed,
    The processor
    determining whether there are a plurality of second nodes of the second layer connected to the first node of the first layer based on the flow information;
    When there are a plurality of the second nodes, node identification information for identifying the plurality of second nodes is added to the first seed value corresponding to the first node for each of the second nodes. to generate the second original code;
    The physical distribution management device according to any one of claims 1 to 3.
  5.  物流を管理する物流管理装置であって、
     プロセッサと、メモリと、を備え、
     前記メモリは、複数のシード値を保持しており、
     前記プロセッサは、
     第1の端末に保持された第1のn次元コードと、第2の端末に保持された第2のn次元コードと、を取得し、
     前記第2のn次元コードと、前記メモリに保持された複数のシード値のうちの1つのシード値である第2のシード値と、を組み合わせて、復号化対象のコードである第2の元コードを生成し、
     復号可能な暗号方式に用いる第1の関数に基づいて、前記第2の元コードを復号化して復号データを導出し、
     前記復号データが、前記メモリに保持されたいずれかのシード値であって、前記第2のシード値以外の第1のシード値と一致するか否かを判定し、
     前記復号データが前記第1のシード値と一致した場合、前記第1の端末のユーザから前記第2の端末のユーザへの荷物の受渡の順序が正当であると判定する、
     物流管理装置。     A physical distribution management device for managing physical distribution,
    a processor, a memory, and
    The memory holds a plurality of seed values,
    The processor
    obtaining a first n-dimensional code held in a first terminal and a second n-dimensional code held in a second terminal;
    A second element that is a code to be decoded is obtained by combining the second n-dimensional code and a second seed value that is one of the plurality of seed values held in the memory. generate the code,
    Deriving decrypted data by decrypting the second original code based on a first function used in a decryptable encryption method,
    Determining whether the decoded data matches any of the seed values held in the memory and a first seed value other than the second seed value;
    If the decrypted data matches the first seed value, determining that the order of delivery of the package from the user of the first terminal to the user of the second terminal is correct;
    Logistics management device.
  6.  前記プロセッサは、
     前記復号データが、前記メモリに保持された前記第2のシード値以外のいずれかの前記第1のシード値と一致するまで、前記第2のn次元コードと組み合わせる前記第2のシード値を順次変更し、前記第2の元コードを順次生成し、前記復号データを順次導出する、
     請求項5に記載の物流管理装置。     The processor
    The second seed value combined with the second n-dimensional code is sequentially applied until the decoded data matches any one of the first seed values other than the second seed value held in the memory. changing, sequentially generating the second original code, and sequentially deriving the decoded data;
    The physical distribution management device according to claim 5.
  7.  前記メモリは、前記シード値と、一方向性関数を用いた演算結果の値である第1の一方向性関数値と、を対にして複数保持しており、
     前記プロセッサは、
     前記復号データに一致した前記第1のシード値と前記第1のn次元コードとを組み合わせた復号化対象のコードである第1の元コードに基づいて、前記一方向性関数を用いて第2の一方向性関数値を算出し、
     前記メモリに、前記第2の一方向性関数値と一致する前記第1の一方向性関数値が保持されているか否かを判定し、
     前記第2の一方向性関数値と一致する前記第1の一方向性関数値が保持されている場合、前記第1の端末が正当であると判定する、
     請求項5又は6に記載の物流管理装置。     The memory holds a plurality of pairs of the seed value and a first unidirectional function value that is a value of a calculation result using the unidirectional function,
    The processor
    Based on the first original code, which is the code to be decoded by combining the first seed value and the first n-dimensional code that match the decoded data, the one-way function is used to generate the second Calculate the one-way function value of
    determining whether the memory holds the first one-way function value that matches the second one-way function value;
    If the first one-way function value that matches the second one-way function value is held, determining that the first terminal is valid;
    The physical distribution management device according to claim 5 or 6.
  8.  前記メモリは、前記シード値と、一方向性関数を用いた演算結果の値である第1の一方向性関数値と、を対にして複数保持しており、
     前記プロセッサは、
     前記第2のシード値と前記第2のn次元コードとを組み合わせた前記第2の元コードに基づいて、前記一方向性関数を用いて第3の一方向性関数値を算出し、
     前記メモリに、前記第3の一方向性関数値と一致する前記第1の一方向性関数値が保持されているか否かを判定し、
     前記第3の一方向性関数値と一致する前記第1の一方向性関数値が保持されている場合、前記第2の端末が正当であると判定する、
     請求項5~7のいずれか1項に記載の物流管理装置。     The memory holds a plurality of pairs of the seed value and a first unidirectional function value that is a value of a calculation result using the unidirectional function,
    The processor
    calculating a third one-way function value using the one-way function based on the second original code obtained by combining the second seed value and the second n-dimensional code;
    determining whether the memory holds the first one-way function value that matches the third one-way function value;
    determining that the second terminal is valid if the first one-way function value that matches the third one-way function value is held;
    The physical distribution management device according to any one of claims 5 to 7.
  9.  前記荷物が複数の物流の拠点を流通する順番に応じて前記複数の物流の拠点に対応する複数のノードが階層的に配置され、前記物流の開始拠点に対応するノードが最上位層に配置され、前記物流の完了拠点に対応するノードが最下位層に配置され、且つ、前記荷物が流通する2つの隣接する拠点に対応して隣接する階層のノードが接続されている場合において、
     前記プロセッサは、
     前記復号データが、前記第2の端末に対応するノードが位置する第2層の一段上層の第1のノードに、前記第2層の第2のノードが複数接続されており、複数の前記第2のノードを識別するノード識別情報を含む場合、前記復号データから前記ノード識別情報を削除し、
     前記ノード識別情報が削除された前記復号データが、前記第1のシード値と一致するか否かを判定する、
     請求項5~8のいずれか1項に記載の物流管理装置。     A plurality of nodes corresponding to the plurality of distribution bases are hierarchically arranged according to the order in which the package is distributed through the plurality of distribution bases, and a node corresponding to the distribution starting base is arranged in the highest layer. , when the node corresponding to the physical distribution completion base is arranged in the lowest layer, and the nodes in the adjacent layers corresponding to the two adjacent bases through which the goods are distributed are connected,
    The processor
    A plurality of second nodes in the second layer are connected to a first node in a layer one level above where a node corresponding to the second terminal is located, and the decoded data is transmitted to a plurality of the second nodes in the second layer. 2, deleting the node identification information from the decrypted data;
    Determining whether the decrypted data from which the node identification information has been deleted matches the first seed value;
    The physical distribution management device according to any one of claims 5 to 8.
  10.  物流を管理する物流管理方法であって、
     荷物が複数の物流の拠点を流通する順番に応じて前記複数の物流の拠点に対応する複数のノードが階層的に配置されたフロー情報であって、前記物流の開始拠点に対応するノードが最上位層に配置され前記物流の完了拠点に対応するノードが最下位層に配置されたフロー情報を取得し、
     前記フロー情報における第1層のノードに対応する暗号化対象のコードである第1の元コードを取得し、
     復号可能な暗号方式に用いる第1の関数を用いて前記第1の元コードを暗号化して、第1の暗号データを生成し、
     前記第1の暗号データを分割して、第1のn次元コードと第1のシード値とを導出し、
     前記第1のシード値に基づいて、前記第1層よりも一段下層である第2層のノードに対応する暗号化対象のコードである第2の元コードを導出し、
     前記第2の元コードを前記第1の関数を用いて暗号化して、第2の暗号データを生成し、
     前記第2の暗号データを分割して、第2のn次元コードと第2のシード値とを導出し、
     前記第1のシード値と前記第2のシード値とをメモリに保存し、
     前記第1のn次元コードを、前記第1層のノードに関連付けられた第1の端末に送信し、
     前記第2のn次元コードを、前記第2層のノードに関連付けられた第2の端末に送信する、
     物流管理方法。     A physical distribution management method for managing physical distribution,
    flow information in which a plurality of nodes corresponding to the plurality of physical distribution bases are hierarchically arranged according to the order in which a package circulates through the plurality of physical distribution bases, wherein the node corresponding to the physical distribution start base is the largest; Acquiring flow information in which a node arranged in an upper layer and corresponding to the distribution completion base is arranged in the lowest layer;
    obtaining a first original code, which is a code to be encrypted corresponding to a node of the first layer in the flow information;
    Encrypting the first original code using a first function used in a decryptable encryption method to generate first encrypted data;
    dividing the first encrypted data to derive a first n-dimensional code and a first seed value;
    Based on the first seed value, deriving a second original code that is a code to be encrypted corresponding to a node in a second layer that is one level lower than the first layer,
    encrypting the second original code using the first function to generate second encrypted data;
    dividing the second encrypted data to derive a second n-dimensional code and a second seed value;
    storing the first seed value and the second seed value in memory;
    transmitting the first n-dimensional code to a first terminal associated with the first layer node;
    transmitting the second n-dimensional code to a second terminal associated with the layer 2 node;
    Logistics management method.
  11.  物流を管理する物流管理方法であって、
     第1の端末に保持された第1のn次元コードと、第2の端末に保持された第2のn次元コードと、を取得し、
     前記第2のn次元コードと、メモリに保持された複数のシード値のうちの1つのシード値である第2のシード値と、を組み合わせて、復号化対象のコードである第2の元コードを生成し、
     復号可能な暗号方式に用いる第1の関数に基づいて、前記第2の元コードを復号化して復号データを導出し、
     前記復号データが、前記メモリに保持されたいずれかのシード値であって、前記第2のシード値以外の第1のシード値と一致するか否かを判定し、
     前記復号データが前記第1のシード値と一致した場合、前記第1の端末のユーザから前記第2の端末のユーザへの荷物の受渡の順序が正当であると判定する、
     物流管理方法。     A physical distribution management method for managing physical distribution,
    obtaining a first n-dimensional code held in a first terminal and a second n-dimensional code held in a second terminal;
    A second original code that is a code to be decoded by combining the second n-dimensional code and a second seed value that is one of a plurality of seed values held in a memory to generate
    Deriving decrypted data by decrypting the second original code based on a first function used in a decryptable encryption method,
    Determining whether the decoded data matches any of the seed values held in the memory and a first seed value other than the second seed value;
    If the decrypted data matches the first seed value, determining that the order of delivery of the package from the user of the first terminal to the user of the second terminal is correct;
    Logistics management method.
PCT/JP2022/008090 2021-03-31 2022-02-25 Physical distribution management apparatus and physical distribution management method WO2022209503A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2021061714 2021-03-31
JP2021-061714 2021-03-31

Publications (1)

Publication Number Publication Date
WO2022209503A1 true WO2022209503A1 (en) 2022-10-06

Family

ID=83458380

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/008090 WO2022209503A1 (en) 2021-03-31 2022-02-25 Physical distribution management apparatus and physical distribution management method

Country Status (2)

Country Link
JP (1) JP2022158809A (en)
WO (1) WO2022209503A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102645846B1 (en) * 2023-05-17 2024-03-08 서림정보통신 주식회사 Management apparatus and reader for managing cables based on image code, and method therefor

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003030294A (en) * 2001-07-18 2003-01-31 Nec System Technologies Ltd Transport service system by using digital tally
JP2005213020A (en) * 2004-02-02 2005-08-11 Hitachi Ltd Delivery management method
US20150046363A1 (en) * 2013-08-07 2015-02-12 Flextronics Ap, Llc Method and Apparatus for Managing, Displaying, Analyzing, Coordinating, and Optimizing Innovation, Engineering, Manufacturing, and Logistics Infrastructures

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003030294A (en) * 2001-07-18 2003-01-31 Nec System Technologies Ltd Transport service system by using digital tally
JP2005213020A (en) * 2004-02-02 2005-08-11 Hitachi Ltd Delivery management method
US20150046363A1 (en) * 2013-08-07 2015-02-12 Flextronics Ap, Llc Method and Apparatus for Managing, Displaying, Analyzing, Coordinating, and Optimizing Innovation, Engineering, Manufacturing, and Logistics Infrastructures

Also Published As

Publication number Publication date
JP2022158809A (en) 2022-10-17

Similar Documents

Publication Publication Date Title
US11483157B2 (en) Management of cryptographically secure exchanges of data using permissioned distributed ledgers
US20210334808A1 (en) Identity management service using a blockchain providing certifying transactions between devices
US11038694B1 (en) Devices, methods, and systems for cryptographic authentication and provenance of physical assets
JP6978014B2 (en) System and method to decrypt as a service
JP7385663B2 (en) Method and system for preparing and performing object authentication
US9876646B2 (en) User identification management system and method
US20190034923A1 (en) Secure and confidential custodial transaction system, method and device using zero-knowledge protocol
JP5260523B2 (en) Radio frequency identification (RFID) authentication and key distribution system therefor
US20190205898A1 (en) Decentralized confidential transfer system, method and device
CN104919775B (en) The system and method synchronous for key chain
EP2689383B1 (en) Systems and methods for electronically signing for a delivered package
US8793496B2 (en) Systems, methods, and computer program products for secure optimistic mechanisms for constrained devices
CN109905351B (en) Method, device, server and computer readable storage medium for storing data
US20200098042A1 (en) Trading Apparatus, And Trading Method
CA2979250C (en) Management of cryptographically secure exchanges of data using permissioned distributed ledgers
US11651429B2 (en) Trading system and recording medium
CN104978480A (en) Computer-based Prescription System For Medicaments
CN110598433B (en) Block chain-based anti-fake information processing method and device
WO2022209503A1 (en) Physical distribution management apparatus and physical distribution management method
KR101347124B1 (en) Method of managing electronic prescription based on one-time public information and apparatus using the same
WO2020076968A1 (en) System and methods for authenticating tangible products
JP2024002596A (en) Movement record/management apparatus and movement record/management method
KR20230080677A (en) High-speed blockchain system and method for processing an information using the same
EP4231583A1 (en) Methods and arrangements for establishing digital identity
WO2024026428A1 (en) Digital identity allocation, assignment, and management

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22779728

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 22779728

Country of ref document: EP

Kind code of ref document: A1