WO2024038568A1 - Physical encryption device, physical encryption method, physical decryption device, and physical decryption method - Google Patents

Physical encryption device, physical encryption method, physical decryption device, and physical decryption method Download PDF

Info

Publication number
WO2024038568A1
WO2024038568A1 PCT/JP2022/031285 JP2022031285W WO2024038568A1 WO 2024038568 A1 WO2024038568 A1 WO 2024038568A1 JP 2022031285 W JP2022031285 W JP 2022031285W WO 2024038568 A1 WO2024038568 A1 WO 2024038568A1
Authority
WO
WIPO (PCT)
Prior art keywords
encryption
physical
bit string
encrypted
error correction
Prior art date
Application number
PCT/JP2022/031285
Other languages
French (fr)
Japanese (ja)
Inventor
剛 吉田
Original Assignee
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機株式会社 filed Critical 三菱電機株式会社
Priority to PCT/JP2022/031285 priority Critical patent/WO2024038568A1/en
Priority to PCT/JP2023/006614 priority patent/WO2024038633A1/en
Publication of WO2024038568A1 publication Critical patent/WO2024038568A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H03ELECTRONIC CIRCUITRY
    • H03MCODING; DECODING; CODE CONVERSION IN GENERAL
    • H03M13/00Coding, decoding or code conversion, for error detection or error correction; Coding theory basic assumptions; Coding bounds; Error probability evaluation methods; Channel models; Simulation or testing of codes
    • H03M13/25Error detection or forward error correction by signal space coding, i.e. adding redundancy in the signal constellation, e.g. Trellis Coded Modulation [TCM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L27/00Modulated-carrier systems
    • H04L27/26Systems using multi-frequency codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner

Definitions

  • the disclosed technology relates to a physical encryption device, a physical encryption method, a physical decryption device, and a physical decryption method.
  • probabilistic shaping is a digital signal processing technique that shapes the probability distribution of a modulated signal. More specifically, probability shaping can be said to be a technique for mapping the position of a signal with a high frequency of occurrence, that is, a high probability of occurrence, to a position close to the origin on the complex plane, that is, a position that can be realized with low energy. For this reason, stochastic shaping has come to be recognized as a technology that can bring communication efficiency as close as possible to the theoretical limit known as the Shannon limit, and is being studied around the world.
  • Patent Document 1 discloses a technique for improving communication performance by combining probability shaping and error correction coding.
  • the present technology aims to provide a physical encryption device that achieves both probability shaping and physical encryption in a communication system.
  • the physical encryption device includes a probability shaping coding unit that performs probability shaping on a plurality of bits input from the outside, and a probability shaping coding unit that performs probability shaping on error correction information bits sent from the probability shaping coding unit.
  • An error correction encoding unit that performs error correction encoding; a temporary symbol generation unit that generates temporary symbols from a bit string consisting of error correction information bits and error correction redundant bits; and a temporary symbol generation unit that generates an encrypted bit string based on a shared key.
  • an encrypted bit string generator that determines an encryption matrix based on at least a portion of the encrypted bit string; and an encryption matrix generator that generates an encrypted symbol from a temporary symbol using the encryption matrix.
  • the symbol generator includes a symbol generator.
  • the physical encryption device Since the physical encryption device according to the disclosed technology has the above configuration, it is possible to achieve both probability shaping and physical encryption.
  • FIG. 1 is a block diagram showing the functional configuration of a physical encryption device according to the first embodiment.
  • FIG. 2 is a block diagram showing the functional configuration of the physical decoding device according to the first embodiment.
  • FIG. 3 is an explanatory diagram showing an example of generating one 8-value PAM symbol from 3 bits.
  • FIG. 4 is an explanatory diagram showing the operation of the physical encryption device according to the first embodiment using a specific numerical example.
  • FIG. 5 is an explanatory diagram showing the processing contents of the temporary symbol termination unit 203 configuring the physical decoding device according to the first embodiment using a specific numerical example.
  • FIG. 6 is a block diagram showing the functional configuration of an optical transmission system that is an application example of the disclosed technology.
  • FIG. 7 is a configuration diagram showing the hardware configuration of the physical encryption device according to the second embodiment.
  • FIG. 8 is a configuration diagram showing the hardware configuration of the physical decoding device according to the second embodiment.
  • Mathematical cryptography and physical cryptography are known as types of cryptography.
  • physical cryptography refers to cryptography whose implementation is based on fundamental laws of physics, such as quantum cryptography.
  • quantum cryptography is based on the physics of quantum mechanics.
  • the difference between mathematical cryptography and physical cryptography is also explained by the difference in security.
  • Mathematical cryptography is said to be a cryptography based solely on computational security.
  • Computational security is a concept related to security that focuses on the computational complexity of the algorithm required for cryptanalysis.
  • physical cryptography is said to be a cipher that can implement information-theoretic security rather than computational security.
  • Information-theoretical security is a concept that guarantees the confidentiality of communications from an attacker (called Eve) who has unlimited computing power.
  • Eve an attacker who has unlimited computing power.
  • the ciphers are respectively referred to as physical ciphers.
  • a layer that handles symbols is referred to as a physical layer.
  • FIG. 1 is a block diagram showing the functional configuration of a physical encryption device 100 according to the first embodiment.
  • the physical encryption device 100 according to the first embodiment includes a probability shaping coding section 101, an error correction coding section 102, a temporary symbol generation section 103, and an encrypted symbol generation section 104. , an encrypted bit string generation section 111, an encryption matrix generation section 112, a digital-to-analog conversion section 121, an optical modulation section 122, and an optical amplification section 123.
  • FIG. 2 is a block diagram showing the functional configuration of physical decoding device 200 according to the first embodiment.
  • the physical decoding device 200 according to the first embodiment includes a probability shaping decoding section 201, an error correction decoding section 202, a temporary symbol termination section 203, an encrypted symbol termination section 204, and an encryption symbol termination section 204. It includes a bit string generation section 211, an encryption matrix generation section 212, an analog-to-digital conversion section 221, and a light detection section 222.
  • the probability shaping encoding unit 101 configuring the physical encryption device 100 is a component that performs probability shaping on a plurality of bits input from the outside.
  • the bits that have been probability-shaped by the probability-shaping encoding unit 101 are referred to as "probability-shaped bits" in this specification.
  • the probability-shaped bits generated in probability-shaping encoding section 101 are sent to error-correction encoding section 102 .
  • the error correction encoding section 102 constituting the physical encryption device 100 collects a plurality of probability-shaped bits sent from the probability shaping encoding section 101.
  • the bits obtained by this first processing are referred to as "error correction information bits" in this specification.
  • error correction encoding section 102 performs error correction encoding on the error correction information bits.
  • the bits obtained by this second processing are referred to as "error correction redundant bits” in this specification.
  • the error correction code employed by the error correction encoding unit 102 may be, for example, a BCH code, a low density parity check code, a turbo code, or the like.
  • the error correction information bits and error correction redundant bits generated in error correction encoding section 102 are sent to temporary symbol generation section 103.
  • the temporary symbol generation unit 103 configuring the physical encryption device 100 is a component that generates N temporary symbols from a bit string consisting of error correction information bits and error correction redundant bits sent from the error correction encoding unit 102. .
  • N represents the number of temporary symbols generated by the temporary symbol generation unit 103.
  • the term "temporary" in the prefix of the name "temporary symbol” means that only probability shaping has been performed on the bit string, and that it is temporary and not the final form. Note that the final form obtained by the physical encryption device 100 according to the disclosed technique is referred to as an "encrypted symbol" in this specification. Details of the encryption symbol will become clear from the explanation below.
  • Each temporary symbol is a one-dimensional symbol.
  • the temporary symbol assumed by the technology of the present disclosure may be, for example, a symbol related to one-dimensional pulse amplitude modulation (PAM). Further, the temporary symbol assumed by the presently disclosed technique may be, for example, a one-dimensional projection of a multidimensional symbol related to two-dimensional quadrature amplitude modulation (Quadrature Amplitude Modulation).
  • the disclosed technology performs probability shaping in the most upstream probability shaping encoding unit 101 and introduces the concept of an encryption matrix, thereby changing the probability distribution of temporary symbols in the temporary symbol generation unit 103 to a discretized Gaussian distribution. This has the excellent effect of being able to approximate .
  • the disclosed technology performs probability shaping before encryption, introduces the concept of an encryption matrix, and performs encryption without affecting the probability of occurrence of signal points. It is possible to achieve both high performance and high secrecy through encryption.
  • the N temporary symbols generated by the temporary symbol generation section 103 are sent to the encrypted symbol generation section 104.
  • the encrypted bit string generation unit 111 configuring the physical encryption device 100 is a component that generates an encrypted bit string based on a shared encryption key input from the outside. Note that AES (Advanced Encryption Standard) and the like are generally known as common key encryption algorithms.
  • the encrypted bit string generated by the encrypted bit string generator 111 is sent to the encrypted matrix generator 112.
  • the encryption matrix generation unit 112 configuring the physical encryption device 100 is a component that determines an encryption matrix based on at least a portion of the encrypted bit string sent from the encrypted bit string generation unit 111.
  • the encryption matrix generation unit 112 may be configured to hold a plurality of encryption matrix candidates (hereinafter referred to as "encryption matrix candidates"). All of the encryption matrix candidates are matrices with a size of N ⁇ N, and each has an inverse matrix. It is desirable that the encryption matrix candidate is an orthonormal matrix.
  • the method of determining an encryption matrix by the encryption matrix generation unit 112 may be to select and determine one encryption matrix from candidate encryption matrices.
  • the encryption matrix determined by encryption matrix generation section 112 is sent to encryption symbol generation section 104.
  • L encryption matrices (L is an integer of 1 or more) constitute one "physical encryption block.”
  • Each of the encryption matrices constituting the physical cipher block is selected from at least two encryption matrix candidates.
  • the encryption matrix candidate may be realized, for example, by cyclically shifting matrix elements.
  • the physical cipher block is composed of encryption matrices related to at least 2 to the L power of combinations.
  • the encrypted symbol generation unit 104 configuring the physical encryption device 100 is a component that generates an encrypted symbol using the encryption matrix sent from the encryption matrix generation unit 112. Specifically, the encrypted symbol generation unit 104 multiplies the first to Nth temporary symbols sent from the temporary symbol generation unit 103 by an encryption matrix from the left, thereby generating the first to Nth temporary symbols. Generate cryptographic symbols up to. The first to Nth encrypted symbols generated in the encrypted symbol generator 104 are sent to the digital-to-analog converter 121 in the form of digital signals.
  • FIG. 3 is an explanatory diagram showing an example of generating one 8-value PAM symbol from 3 bits.
  • bit string is an example of a plurality of bits output from the error correction encoding section 102.
  • the probability shaping encoding section 101 and the error correction encoding section 102 are sometimes referred to as a PS encoder and an FEC encoder.
  • PS is an acronym for Probabilistic Shaping.
  • FEC is an acronym for Forward Error Correction.
  • the bit string shown in FIG. 4 shows an example in which 3 bits are treated as one unit.
  • the left side represents the beginning.
  • the leftmost column (“0, 1, 1” arranged vertically) is the first three bits output from the error correction encoding section 102. As shown in FIG.
  • first temporary symbol string X p1 5, 3, -1, 1, -3
  • the first temporary symbol string (X p1 ) may be considered to correspond to the real axis of the complex plane.
  • the second temporary symbol sequence (X p2 ) may be considered to correspond to the imaginary axis of the complex plane.
  • probability shaping maps the position of a signal with a high frequency of occurrence, that is, a high probability of occurrence, to a position close to the origin on the complex plane.
  • ⁇ 0, 0, 0'' and ⁇ 0, 0, 0'' which are six consecutive 0s, are mapped to (1, 1) on the complex plane, but the design is such that a position close to the origin is selected. be done.
  • the first three bits (“0, 1, 1”) of the bit string are converted to the output symbol “5” based on the conversion table shown in FIG. 3, and are allocated to the beginning of the first temporary symbol string (X p1 ). It will be done.
  • the second three bits (“1, 1, 0”) of the bit string are converted to the output symbol “-7” based on the conversion table shown in FIG . will be allocated to Thereafter, output symbols are sequentially and alternately allocated to the first provisional symbol string (X p1 ) and the second provisional symbol string (X p2 ) in the same manner.
  • the portion described as "shared key 11001" is a shared key for encryption that is input to the encrypted bit string generation unit 111 from the outside.
  • the portion described as "encrypted bit string 10001" represents the encrypted bit string generated by the encrypted bit string generation unit 111.
  • the encrypted bit string is a bit string generated only from shared key information.
  • the encrypted bit string may be generated based on the above-mentioned AES algorithm, for example.
  • the encryption matrix (E 0 , E 1 ) illustrated in FIG. 4 is shown below. What should be noted in particular is that the encryption matrices (E 0 , E 1 ) shown in equation (1) are all orthogonal matrices. There are various ways to define an orthogonal matrix, but one definition is that the column vectors that make up the orthogonal matrix form an orthonormal basis.
  • the length of all vectors is 1, and the inner product of the vectors is equal to Kronecker's delta, that is, when two different lines are extracted (when i ⁇ j), the inner product is 0.
  • the inner product is 0.
  • the encryption matrix (E 0 , E 1 ) shown in equation (1) the whole is divided by the square root of 2, which is the column vector of the encryption matrix (E 0 , E 1 ) that becomes the base vector. This is for normalizing the size of 1 to 1.
  • the most important technical feature of the physical encryption device 100 is that it implements encryption by introducing the concept of "encryption matrix.” More specifically, the most important feature of the technology disclosed herein is that it has realized the idea of preparing a plurality of encryption matrix candidates (for example, E 0 and E 1 ) and switching between them as appropriate. Furthermore, the technology of the present disclosure has a technical feature in that the encryption matrix candidates are composed of a plurality of different orthogonal matrices.
  • the encryption matrix which is an orthogonal matrix, has the property of linear mapping, in that the distribution characteristics when the temporary symbol string, which is the mapping source, is plotted on a complex plane are maintained at the mapping destination. In the specific numerical example shown in FIG.
  • E1 of the encryption matrix can be interpreted as follows.
  • the bold R that appears in equation (2) represents a two-dimensional rotation matrix. That is, the encryption matrix E1 is nothing but a rotation matrix that rotates 45 degrees around the origin. Therefore, E 1 of the encryption matrix maintains the distribution characteristics when the temporary symbol string, which is the mapping source, is plotted on the complex plane even in the mapping destination.
  • E 0 of the encryption matrix shown in FIG. 4 can be interpreted as follows.
  • the matrix described as Y-axis mirror that appears in equation (3) can be interpreted as a matrix that provides a mapping that implements line symmetry about the Y axis.
  • the encryption matrix E 0 is nothing but a matrix that provides a mapping that first performs line symmetry around the Y axis and then performs a 45 degree rotation around the origin. Therefore, E 0 of the encryption matrix also maintains the distribution characteristics in the mapping destination when the temporary symbol string that is the mapping source is plotted on the complex plane.
  • An encryption matrix candidate consisting of a plurality of different orthogonal matrices may be generated by combining rotation and line symmetry in this way. Note that in the numerical example shown in FIG. 4, the encryption matrix candidate is created by 45-degree rotation and line symmetry about the Y-axis, but the disclosed technology is not limited to this. The angle of rotation may be other than 45 degrees, and the center of line symmetry may be at the Y-axis level.
  • An encryption matrix candidate consisting of a plurality of different orthogonal matrices can also be generated by randomly generating "1" or "-1". This method is particularly effective when N in the size (N ⁇ N) of the encryption matrix is an even number.
  • the vertical vector of "1, 1" is considered to be the first basis vector (e 1 ) and is set as the leftmost column vector of the encryption matrix (E in equation (1) 0 , see E1 ).
  • the next step is to further randomly generate "1" or "-1” and use it as a candidate for the second basis vector (e 2 ).
  • E the inner product of the first basis vector (e 1 ) and the second basis vector (e 2 ) must be zero. That is, the equation shown at the bottom of equation (4) must hold true. For example, assume that as a result of randomly generating "1" or "-1", the second basis vector (e 2 ) is "1, -1". At this time, since the inner product of the vectors becomes 0, it can be said that the encryption matrix (E) has been successfully generated (see E 0 in equation (1)).
  • E the procedure from there is, for example, fixing the first basis vector (e 1 ) and creating a new second basis vector (e 2 ) may be found using a similar method. Furthermore, if one encryption matrix (E) is successfully generated, the procedure from there may use line symmetry or rotation such as the Y-axis mirror described above to generate multiple encryption matrix candidates. . Note that since orthogonal matrices have the property that the value of the determinant is 1 or -1, this property may be used to check whether the encryption matrix candidate has been successfully generated. E 0 shown in equation (1) has a determinant value of ⁇ 1. E 1 shown in equation (1) has a determinant value of 1.
  • an encryption matrix candidate when N 4, obtained by a method of randomly generating "1" or "-1".
  • a square matrix whose elements are either 1 or -1 and whose columns (and rows) are orthogonal is called a Hadamard matrix.
  • Sylvester's generation method is known as a method for generating Hadamard matrices.
  • the subscript 2 in E 2 and the subscript 3 in E3 are distinguished from the matrix (E 0 , E 1 ) shown in equation (1). Different numbers are selected for the purpose.
  • N in the encryption matrix size (N ⁇ N) is an odd number
  • a Hadamard matrix cannot be created.
  • the first basis vector is set to "1, 1, 1" (strictly speaking, it is divided by the root 3 for normalization, see equation (6))
  • the orthogonal matrix that can be generated is, for example, as follows. It is given to In this way, when N in the size (N ⁇ N) of the encryption matrix is an odd number, it is easy to generate the encryption matrix by combining rotation and symmetry.
  • the portions described as “2 ⁇ 2 matrices E 1 , E 0 , E 0 , E 0 , E 1 , . . . ” indicate that the encryption matrix generation unit 112 sequentially generates one of the encryption matrix candidates. This represents the selected encryption matrix.
  • the arrangement of the encryption matrix “E 1 , E 0 , E 0 , E 0 , E 1 ,...” corresponds to the arrangement of the encrypted bits in “Encrypted bit string 10001...” .
  • the encryption and decryption operations are given by the following equation using the encryption matrix (E b[i] ).
  • i appearing in formula (7) is a variable that specifies the number of the symbol in the symbol string.
  • first encrypted symbol string and “second encrypted symbol string" refer to the first to Nth encrypted symbols generated in the encrypted symbol generation unit 104. It represents a symbol.
  • the digital-to-analog conversion unit 121 configuring the physical encryption device 100 is a component that converts the encrypted symbol sent from the temporary symbol generation unit 103 as a digital signal into an electrical analog signal.
  • the digital-to-analog conversion unit 121 performs digital-to-analog conversion for each physical lane of the encrypted symbol sent from the temporary symbol generation unit 103.
  • axis For example, if the optical transmission system performs orthogonal polarization multiplexing to generate orthogonal amplitude modulation, then Four physical lanes are prepared: axis.
  • the in-phase axis is referred to as the I-axis.
  • the orthogonal phase axis shall be referred to as the Q axis.
  • the letter I on the I axis comes from the initial letter In-phase.
  • the letter Q on the Q-axis comes from the initial letter Quadrature.
  • the optical modulator 122 configuring the physical encryption device 100 is a component that modulates light, which is a carrier wave, based on the electrical analog signal sent from the digital-to-analog converter 121. If the electrical analog signal sent from the digital-to-analog converter 121 is of four systems: The section 122 performs four modulations and generates one modulated optical signal. The optical signal generated by the optical modulation section 122 is sent to the optical amplification section 123.
  • optical amplifying section 123 configuring the physical encryption device 100 is a component that amplifies the optical signal sent from the optical modulating section 122.
  • the optical signal amplified by the optical amplification section 123 is sent to an optical transmission system (not shown) consisting of an optical fiber or the like.
  • a device that is a subcombination of the physical encryption device 100 is the physical decryption device 200 shown in FIG. As shown in FIGS. 1 and 2, the components of the physical encryption device 100 and the components of the physical decryption device 200 have a corresponding relationship.
  • the optical detection unit 222 that constitutes the physical decoding device 200 is a component that detects an optical signal from an optical transmission system made of an optical fiber or the like.
  • the optical signal is converted into electrical analog signals of four systems: X polarization-I-axis, X-polarization-Q-axis, Y-polarization-I-axis, and Y-polarization-Q-axis.
  • the four electrical analog signals are sent to an analog-to-digital converter 221.
  • the analog-to-digital converter 221 configuring the physical decoding device 200 is a component that converts an electrical analog signal sent from the photodetector 222 into a digital signal.
  • the digital signal converted by the analog-to-digital converter 221 is sent as an encrypted symbol to the encrypted symbol termination section 204.
  • the encrypted bit string generation unit 211 configuring the physical decryption device 200 is a component that generates the same encrypted bit string based on the same shared key that the physical encryption device 100 has.
  • the common key encryption algorithm used by the encrypted bit string generator 211 is the same as that used by the encrypted bit string generator 111 of the physical encryption device 100.
  • the encrypted bit string generated by the encrypted bit string generator 211 is sent to the encrypted matrix generator 212.
  • the encryption matrix generation unit 212 configuring the physical decryption device 200 is a component that determines an encryption matrix based on at least a part of the encrypted bit string sent from the encrypted bit string generation unit 211.
  • the way the encryption matrix generation unit 212 determines the encryption matrix is the same as the way the encryption matrix generation unit 112 in the physical encryption device 100 determines the encryption matrix.
  • the encryption matrix determined by the encryption matrix generation section 212 is sent to the encryption symbol termination section 204.
  • the encrypted symbol termination unit 204 configuring the physical decoding device 200 is a component that decodes encrypted symbols into temporary symbols using the encryption matrix sent from the encryption matrix generation unit 212. Specifically, the encrypted symbol termination unit 204 multiplies the first to Nth encrypted symbols sent from the analog-to-digital converter 221 by the inverse matrix of the encryption matrix from the left. Decoding into the 1st to Nth temporary symbols is performed. The first to Nth temporary symbols decoded by the encrypted symbol termination section 204 are sent to the temporary symbol termination section 203.
  • FIG. 5 is an explanatory diagram showing the processing contents of temporary symbol termination section 203 configuring physical decoding device 200 according to the first embodiment using a specific numerical example.
  • the table shown on the left side of the leftward arrow is a numerical example of the bit string decoded in the temporary symbol termination section 203.
  • the bit string decoded in the temporary symbol termination unit 203 includes "hard decision bits" (bits displayed in bold) that are decoded based on the conversion table shown in FIG. , "reliability information (example of 2 bits)" (2 bits displayed in non-bold).
  • the error correction decoding section 202 configuring the physical decoding device 200 is a component that performs error correction decoding on the bit string sent from the temporary symbol termination section 203.
  • the error correction decoding performed by the error correction decoding section 202 corresponds to the error correction encoding performed in the error correction encoding section 102 of the physical encryption device 100, and has the opposite effect.
  • the bit string subjected to error correction decoding in the error correction decoding section 202 is sent to the probability shaping decoding section 201.
  • the probability shaping decoding unit 201 configuring the physical decoding device 200 is a component that performs a reverse probability shaping operation on the bit string sent from the error correction decoding unit 202.
  • Physical decoding processing is realized by the actions of the respective components constituting the physical decoding device 200 described above.
  • FIG. 6 is a block diagram showing the functional configuration of an optical transmission system that is an application example of the disclosed technology.
  • the physical encryption device 100 according to the disclosed technology is installed on the left side of the optical transmission system shown in FIG. It can be applied to the functional blocks described as "optical multiplexing" and "optical amplification.” Further, the physical decoding device 200 according to the disclosed technology is located on the right side of the optical transmission system shown in FIG. It can be applied to the part of the functional block that has been created.
  • One of the excellent effects of the physical encryption device 100 according to the first embodiment is that it is possible to achieve both probability shaping and physical encryption in this way.
  • Embodiment 2 The physical encryption device 100 and the physical decryption device 200 according to the second embodiment are the physical encryption device 100 and the physical decryption device 200 according to the presently disclosed technology in terms of hardware configuration.
  • the same symbols used in the first embodiment are used unless otherwise specified. Further, in the second embodiment, explanations that overlap with those in the first embodiment will be omitted as appropriate.
  • FIG. 7 is a configuration diagram showing the hardware configuration of the physical encryption device 100 according to the second embodiment.
  • Each function of the physical encryption device 100 is realized by a processing circuit. Even if the processing circuit is dedicated hardware, it is also called a CPU (Central Processing Unit, central processing unit, processing unit, arithmetic unit, microprocessor, microcomputer, processor, DSP) that executes a program stored in memory. ).
  • CPU Central Processing Unit, central processing unit, processing unit, arithmetic unit, microprocessor, microcomputer, processor, DSP
  • FIG. 7A is a configuration diagram showing the hardware configuration of physical encryption device 100 according to the second embodiment, and shows a case where the processing circuit is dedicated hardware.
  • the physical encryption device 100 in this case includes a transmission side input interface 152, a transmission side processing circuit 154, and a transmission side output interface 158.
  • the dedicated hardware transmitter processing circuit 154 may be, for example, a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, an ASIC, an FPGA, or a combination thereof.
  • Each function of the physical encryption device 100 may be realized by a separate transmission side processing circuit 154 for each function, or may be realized all by one transmission side processing circuit 154.
  • FIG. 7B is a configuration diagram showing the hardware configuration of the physical encryption device 100 according to the second embodiment, and shows a case where the processing circuit is a CPU.
  • the functions of each part of the physical encryption device 100 are executed by software.
  • the physical encryption device 100 in this case includes a sending side input interface 152, a sending side processor 155, a sending side memory 156, and a sending side output interface 158.
  • the transmitting side processor 155 which is a processing circuit realized by a CPU, realizes the functions of each part by reading and executing a program stored in the transmitting side memory 156.
  • the physical encryption device 100 includes a transmitting side memory 156 for storing a program that, when executed by the transmitting side processor 155, results in the processing steps related to the functions of each unit being executed. It can also be said that these programs cause the sending processor 155, which is a computer, to execute the procedures and methods of the physical encryption device 100.
  • the transmitting side memory 156 may be a non-volatile or volatile semiconductor memory such as RAM, ROM, flash memory, EPROM, etc., for example.
  • the transmitting side memory 156 may include a disk such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, a DVD, or the like. Further, the transmitting side memory 156 may be in the form of an HHD or an SSD.
  • the physical encryption device 100 may have some functions realized by dedicated hardware and the remaining functions realized by software or firmware. In this manner, the functions of each part of the processing circuit related to the physical encryption device 100 can be realized by hardware, software, firmware, or a combination thereof.
  • FIG. 8 is a configuration diagram showing the hardware configuration of the physical decoding device 200 according to the second embodiment.
  • Each function of the physical decryption device 200 is realized by a processing circuit different from that of the physical encryption device 100.
  • the processing circuit related to the physical decryption device 200 may be dedicated hardware or a CPU that executes a program stored in memory.
  • FIG. 8A is a configuration diagram showing the hardware configuration of the physical decoding device 200 according to the second embodiment, and as shown in FIG. 8A in which the processing circuit is dedicated hardware, in this case,
  • the physical decoding device 200 includes a receiving side input interface 252, a receiving side processing circuit 254, and a receiving side output interface 258.
  • the dedicated hardware receiver processing circuit 254 may be, for example, a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, an ASIC, an FPGA, or a combination thereof.
  • Each function of the physical decoding device 200 may be realized by a separate receiving side processing circuit 254 for each function, or may be realized all by one receiving side processing circuit 254.
  • FIG. 8B is a configuration diagram showing the hardware configuration of physical decoding device 200 according to the second embodiment, and shows a case where the processing circuit is a CPU.
  • the functions of each part of the physical decoding device 200 are executed by software.
  • the physical decoding device 200 in this case includes a receiving side input interface 252, a receiving side processor 255, a receiving side memory 256, and a receiving side output interface 258.
  • the receiving processor 255 which is a processing circuit implemented by a CPU, implements the functions of each section by reading and executing a program stored in the receiving memory 256.
  • the physical decoding device 200 includes a receiving side memory 256 for storing a program that, when executed by the receiving side processor 255, results in the processing steps related to the functions of each unit being executed. It can also be said that these programs cause the receiving processor 255, which is a computer, to execute the procedures and methods of the physical decoding device 200.
  • the receiving side memory 256 may be a non-volatile or volatile semiconductor memory such as RAM, ROM, flash memory, EPROM, etc., for example.
  • the receiving side memory 256 may be of a mode including a disk such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, a DVD, or the like. Further, the receiving side memory 256 may be in the form of an HHD or an SSD.
  • the physical decoding device 200 may have some functions realized by dedicated hardware and the remaining functions realized by software or firmware. In this way, the processing circuit related to the physical decoding device 200 can realize the functions of each part using hardware, software, firmware, or a combination thereof.
  • the functions of each part can be realized by hardware, software, firmware, or a combination thereof.
  • the physical encryption device 100 and the physical decryption device 200 according to the second embodiment realized in this way have the same effects as those described in the first embodiment.
  • the disclosed technology can be applied, for example, to encryption of optical transmission systems, particularly on the backbone network side, and has industrial applicability.
  • 100 Physical encryption device 101 Probability shaping coding unit, 102 Error correction coding unit, 103 Temporary symbol generation unit, 104 Encrypted symbol generation unit, 111 Encrypted bit string generation unit, 112 Encryption matrix generation unit, 121 Digital analog Conversion unit, 122 Optical modulation unit, 123 Optical amplification unit, 152 Transmission side input interface, 154 Transmission side processing circuit, 155 Transmission side processor, 156 Transmission side memory, 158 Transmission side output interface, 200 Physical decoding device, 201 Stochastic shaping decoding 202 Error correction decoding unit, 203 Temporary symbol termination unit, 204 Encrypted symbol termination unit, 211 Encrypted bit string generation unit, 212 Encryption matrix generation unit, 221 Analog-to-digital conversion unit, 222 Photodetection unit, 252 Receiving side input Interface, 254 Receiving side processing circuit, 255 Receiving side processor, 256 Receiving side memory, 258 Receiving side output interface.

Abstract

A physical encryption device according to the present disclosure comprises: a probabilistic shaping encoding unit (101) that executes probabilistic shaping on a plurality of bits inputted from the outside; an error correction encoding unit (102) that executes error correction encoding on error correction information bits sent from the probabilistic shaping encoding unit (101); a provisional symbol generation unit (103) that generates a provisional symbol from a bit string composed of the error correction information bits and error correction redundant bits; an encryption bit string generation unit (111) that generates an encryption bit string on the basis of a shared key; an encryption matrix generation unit (112) that determines an encryption matrix on the basis of at least a part of the encryption bit string; and an encryption symbol generation unit (104) that generates an encryption symbol from the provisional symbol by using the encryption matrix.

Description

物理暗号化装置、物理暗号化方法、物理復号装置、及び物理復号方法Physical encryption device, physical encryption method, physical decryption device, and physical decryption method
 本開示技術は、物理暗号化装置、物理暗号化方法、物理復号装置、及び物理復号方法に関する。 The disclosed technology relates to a physical encryption device, a physical encryption method, a physical decryption device, and a physical decryption method.
 光伝送システムの技術分野において、Probabilistic Shaping(Probabilistic Constellation Shapingとも称される。以降、本明細書においては「確率整形」と称する。)が注目されている。確率整形は、簡単に言えば変調信号の確率分布を整形するデジタル信号処理技術である。より具体的に言えば、確率整形は、出現頻度すなわち発生確率の高い信号の位置を、複素平面における原点に近い位置、すなわち低いエネルギーで実現できる位置、に写像する技術とも言える。このため確率整形は、通信効率をシャノン限界と称される理論限界に限りなく近づけられる技術だ、と認識されるようになり、世界中で検討が行われるようになった。 In the technical field of optical transmission systems, probabilistic shaping (also referred to as probabilistic constellation shaping, hereinafter referred to as "probabilistic shaping" in this specification) has been attracting attention. Simply put, probability shaping is a digital signal processing technique that shapes the probability distribution of a modulated signal. More specifically, probability shaping can be said to be a technique for mapping the position of a signal with a high frequency of occurrence, that is, a high probability of occurrence, to a position close to the origin on the complex plane, that is, a position that can be realized with low energy. For this reason, stochastic shaping has come to be recognized as a technology that can bring communication efficiency as close as possible to the theoretical limit known as the Shannon limit, and is being studied around the world.
 例えば、特許文献1には、確率整形と誤り訂正符号化とを組み合わせることにより、通信を高性能化する技術が開示されている。 For example, Patent Document 1 discloses a technique for improving communication performance by combining probability shaping and error correction coding.
特開2020-48188号公報JP2020-48188A
 ところで、光伝送システムなどの通信システムにおいて、信号を暗号化し、通信の秘匿性を高めることも求められている。最も直感的に考え得る暗号化の1つは、擬似ランダムビット列を用意し、暗号化対象である信号のビット列との排他的ORを取る、というビットレベルにおける数理暗号の手法であろう。
 しかし、このような数理暗号を施すことは、各信号点の発生確率を原理的に均一にしてしまうため、各信号点の発生確率を偏らせて高性能化する上記の確率整形と併用することができない、という問題がある。 By the way, in communication systems such as optical transmission systems, it is also required to encrypt signals to improve the confidentiality of communication. One of the encryption methods that can be considered most intuitively is a bit-level mathematical encryption method in which a pseudo-random bit string is prepared and exclusive ORed with the bit string of the signal to be encoded.
However, applying such mathematical encryption essentially equalizes the probability of occurrence of each signal point, so it should be used in conjunction with the above-mentioned probability shaping, which biases the probability of occurrence of each signal point and improves performance. The problem is that it cannot be done.
 本開示技術は、上記課題を鑑み、通信システムにおいて、確率整形と物理暗号化とを両立する物理暗号化装置を提供することを目的とする。 In view of the above-mentioned problems, the present technology aims to provide a physical encryption device that achieves both probability shaping and physical encryption in a communication system.
 本開示技術に係る物理暗号化装置は、外部から入力される複数のビットに対して、確率整形を実施する確率整形符号化部と、確率整形符号化部から送られる誤り訂正情報ビットに対し、誤り訂正の符号化を行う誤り訂正符号化部と、誤り訂正情報ビット及び誤り訂正冗長ビットからなるビット列から、仮シンボルを生成する仮シンボル生成部と、共有鍵に基づいて、暗号化ビット列を生成する暗号化ビット列生成部と、暗号化ビット列の少なくとも一部に基づいて、暗号化行列を決定する暗号化行列生成部と、暗号化行列を用いて、仮シンボルから暗号化シンボルを生成する暗号化シンボル生成部と、を含むものである。 The physical encryption device according to the disclosed technique includes a probability shaping coding unit that performs probability shaping on a plurality of bits input from the outside, and a probability shaping coding unit that performs probability shaping on error correction information bits sent from the probability shaping coding unit. An error correction encoding unit that performs error correction encoding; a temporary symbol generation unit that generates temporary symbols from a bit string consisting of error correction information bits and error correction redundant bits; and a temporary symbol generation unit that generates an encrypted bit string based on a shared key. an encrypted bit string generator that determines an encryption matrix based on at least a portion of the encrypted bit string; and an encryption matrix generator that generates an encrypted symbol from a temporary symbol using the encryption matrix. The symbol generator includes a symbol generator.
 本開示技術に係る物理暗号化装置は上記構成を備えるため、確率整形と物理暗号化とを両立して実現することができる。 Since the physical encryption device according to the disclosed technology has the above configuration, it is possible to achieve both probability shaping and physical encryption.
図1は、実施の形態1に係る物理暗号化装置の機能構成を示すブロック図である。FIG. 1 is a block diagram showing the functional configuration of a physical encryption device according to the first embodiment. 図2は、実施の形態1に係る物理復号装置の機能構成を示すブロック図である。FIG. 2 is a block diagram showing the functional configuration of the physical decoding device according to the first embodiment. 図3は、3bitから1つの8値PAMシンボルを生成する例を示す説明図である。FIG. 3 is an explanatory diagram showing an example of generating one 8-value PAM symbol from 3 bits. 図4は、実施の形態1に係る物理暗号化装置の動作を具体的な数値例で示す説明図である。FIG. 4 is an explanatory diagram showing the operation of the physical encryption device according to the first embodiment using a specific numerical example. 図5は、実施の形態1に係る物理復号装置を構成する仮シンボル終端部203の処理内容を具体的な数値例で示す説明図である。FIG. 5 is an explanatory diagram showing the processing contents of the temporary symbol termination unit 203 configuring the physical decoding device according to the first embodiment using a specific numerical example. 図6は、本開示技術の応用例である光伝送システムの機能構成を示す部ブロック図である。FIG. 6 is a block diagram showing the functional configuration of an optical transmission system that is an application example of the disclosed technology. 図7は、実施の形態2に係る物理暗号化装置のハードウエア構成を示す構成図である。FIG. 7 is a configuration diagram showing the hardware configuration of the physical encryption device according to the second embodiment. 図8は、実施の形態2に係る物理復号装置のハードウエア構成を示す構成図である。FIG. 8 is a configuration diagram showing the hardware configuration of the physical decoding device according to the second embodiment.
 暗号の種類には、数理暗号、及び物理暗号が知られている。一般に物理暗号と言えば、量子暗号のように、その実装の基礎が物理学の基本法則に基づいている暗号を意味する。例えば、量子暗号は、その実装の基礎が量子力学という物理学に基づいている。
 数理暗号と物理暗号との違いは、安全性の違いによっても説明される。数理暗号は、もっぱら計算量的安全性に基づいている暗号だと言われている。計算量的安全性とは、暗号解読に必要なアルゴリズムの計算量に着目した安全性に関する概念である。一方で、物理暗号は、計算量的安全性ではなく、情報理論的安全性を実装できる暗号だと言われている。情報理論的安全性とは、無限の計算能力を持つ攻撃者(イブと呼ばれる)から通信の秘匿性を保証できるとする概念である。
 本明細書においては、物理法則を利用しているか否かということには着目せず、ビットの0、1を取り扱っているレベルの暗号は数理暗号と、「シンボル」という概念を導入したレベルの暗号は物理暗号と、それぞれ称されるものとする。また、本明細書においては、シンボルを扱うレイヤーは、物理レイヤーと称されるものとする。 Mathematical cryptography and physical cryptography are known as types of cryptography. Generally speaking, physical cryptography refers to cryptography whose implementation is based on fundamental laws of physics, such as quantum cryptography. For example, quantum cryptography is based on the physics of quantum mechanics.
The difference between mathematical cryptography and physical cryptography is also explained by the difference in security. Mathematical cryptography is said to be a cryptography based solely on computational security. Computational security is a concept related to security that focuses on the computational complexity of the algorithm required for cryptanalysis. On the other hand, physical cryptography is said to be a cipher that can implement information-theoretic security rather than computational security. Information-theoretical security is a concept that guarantees the confidentiality of communications from an attacker (called Eve) who has unlimited computing power.
In this specification, we will not focus on whether physical laws are used or not, and the level of cryptography that handles bits 0 and 1 is mathematical cryptography, and the level of cryptography that introduces the concept of "symbol". The ciphers are respectively referred to as physical ciphers. Furthermore, in this specification, a layer that handles symbols is referred to as a physical layer.
実施の形態1.
 図1は、実施の形態1に係る物理暗号化装置100の機能構成を示すブロック図である。図1に示されるとおり、実施の形態1に係る物理暗号化装置100は、確率整形符号化部101と、誤り訂正符号化部102と、仮シンボル生成部103と、暗号化シンボル生成部104と、暗号化ビット列生成部111と、暗号化行列生成部112と、デジタルアナログ変換部121と、光変調部122と、光増幅部123と、を含む。 Embodiment 1.
FIG. 1 is a block diagram showing the functional configuration of a physical encryption device 100 according to the first embodiment. As shown in FIG. 1, the physical encryption device 100 according to the first embodiment includes a probability shaping coding section 101, an error correction coding section 102, a temporary symbol generation section 103, and an encrypted symbol generation section 104. , an encrypted bit string generation section 111, an encryption matrix generation section 112, a digital-to-analog conversion section 121, an optical modulation section 122, and an optical amplification section 123.
 図2は、実施の形態1に係る物理復号装置200の機能構成を示すブロック図である。図2に示されるとおり、実施の形態1に係る物理復号装置200は、確率整形復号部201と、誤り訂正復号部202と、仮シンボル終端部203と、暗号化シンボル終端部204と、暗号化ビット列生成部211と、暗号化行列生成部212と、アナログデジタル変換部221と、光検出部222と、を含む。 FIG. 2 is a block diagram showing the functional configuration of physical decoding device 200 according to the first embodiment. As shown in FIG. 2, the physical decoding device 200 according to the first embodiment includes a probability shaping decoding section 201, an error correction decoding section 202, a temporary symbol termination section 203, an encrypted symbol termination section 204, and an encryption symbol termination section 204. It includes a bit string generation section 211, an encryption matrix generation section 212, an analog-to-digital conversion section 221, and a light detection section 222.
《物理暗号化装置100を構成する確率整形符号化部101》
 物理暗号化装置100を構成する確率整形符号化部101は、外部から入力される複数のビットに対して、確率整形を実施する構成要素である。確率整形符号化部101により確率整形されたビットは、本明細書においては、「確率整形後ビット」と称されるものとする。
 確率整形符号化部101において生成された確率整形後ビットは、誤り訂正符号化部102へと送られる。 <<Probability shaping encoding unit 101 configuring the physical encryption device 100>>
The probability shaping encoding unit 101 configuring the physical encryption device 100 is a component that performs probability shaping on a plurality of bits input from the outside. The bits that have been probability-shaped by the probability-shaping encoding unit 101 are referred to as "probability-shaped bits" in this specification.
The probability-shaped bits generated in probability-shaping encoding section 101 are sent to error-correction encoding section 102 .
《物理暗号化装置100を構成する誤り訂正符号化部102》
 物理暗号化装置100を構成する誤り訂正符号化部102は、第1に、確率整形符号化部101から送られる確率整形後ビットを複数まとめる。この第1の処理により得られたビットは、本明細書においては、「誤り訂正情報ビット」と称されるものとする。
 誤り訂正符号化部102は、第2に、誤り訂正情報ビットに対し、誤り訂正符号化を行う。この第2の処理により得られたビットは、本明細書においては、「誤り訂正冗長ビット」と称されるものとする。
 誤り訂正符号化部102が採用する誤り訂正符号は、例えば、BCH符号、低密度パリティ検査符号、ターボ符号、等の符号でよい。
 誤り訂正符号化部102において生成された誤り訂正情報ビット及び誤り訂正冗長ビットは、仮シンボル生成部103へと送られる。 <<Error correction encoding unit 102 configuring the physical encryption device 100>>
First, the error correction encoding section 102 constituting the physical encryption device 100 collects a plurality of probability-shaped bits sent from the probability shaping encoding section 101. The bits obtained by this first processing are referred to as "error correction information bits" in this specification.
Second, error correction encoding section 102 performs error correction encoding on the error correction information bits. The bits obtained by this second processing are referred to as "error correction redundant bits" in this specification.
The error correction code employed by the error correction encoding unit 102 may be, for example, a BCH code, a low density parity check code, a turbo code, or the like.
The error correction information bits and error correction redundant bits generated in error correction encoding section 102 are sent to temporary symbol generation section 103.
《物理暗号化装置100を構成する仮シンボル生成部103》
 物理暗号化装置100を構成する仮シンボル生成部103は、誤り訂正符号化部102から送られる誤り訂正情報ビット及び誤り訂正冗長ビットからなるビット列から、N個の仮シンボルを生成する構成要素である。以降、本明細書においては、Nは、仮シンボル生成部103が生成する仮シンボルの個数を表すものとする。
 名称「仮シンボル」の接頭語における「仮」の用語は、ビット列に対して確率整形のみを実施したものであり、暫時のもの、最終形ではないこと、を意味するものである。なお本開示技術に係る物理暗号化装置100により得られる最終形のものは、本明細書において、「暗号化シンボル」と称されるものとする。暗号化シンボルの詳細は、後述の説明により明らかとなる。
 仮シンボルは、それぞれ1次元シンボルである。本開示技術が想定する仮シンボルは、例えば、1次元のパルス振幅変調(PAM:Pulse Amplitude Modulation)に係るシンボルであってもよい。また本開示技術が想定する仮シンボルは、例えば、2次元の直交振幅変調(Quadrature Amplitude Modulation)に係る多次元のシンボルを、1次元に射影したもの、であってもよい。
 本開示技術は、最上流の確率整形符号化部101において確率整形を実施し、暗号化行列という概念を導入することにより、仮シンボル生成部103における仮シンボルの確率分布を離散化されたガウス分布に近似できる、という優れた効果を奏する。言い換えれば本開示技術は、暗号化よりも先に確率整形を実施し、暗号化行列という概念を導入して暗号化を実施することにより、信号点の発生確率に影響を与えずに確率整形による高性能化と暗号化による高秘匿化を両立することができる。
 仮シンボル生成部103において生成されたN個の仮シンボルは、暗号化シンボル生成部104へと送られる。 <<Temporary symbol generation unit 103 configuring the physical encryption device 100>>
The temporary symbol generation unit 103 configuring the physical encryption device 100 is a component that generates N temporary symbols from a bit string consisting of error correction information bits and error correction redundant bits sent from the error correction encoding unit 102. . Hereinafter, in this specification, N represents the number of temporary symbols generated by the temporary symbol generation unit 103.
The term "temporary" in the prefix of the name "temporary symbol" means that only probability shaping has been performed on the bit string, and that it is temporary and not the final form. Note that the final form obtained by the physical encryption device 100 according to the disclosed technique is referred to as an "encrypted symbol" in this specification. Details of the encryption symbol will become clear from the explanation below.
Each temporary symbol is a one-dimensional symbol. The temporary symbol assumed by the technology of the present disclosure may be, for example, a symbol related to one-dimensional pulse amplitude modulation (PAM). Further, the temporary symbol assumed by the presently disclosed technique may be, for example, a one-dimensional projection of a multidimensional symbol related to two-dimensional quadrature amplitude modulation (Quadrature Amplitude Modulation).
The disclosed technology performs probability shaping in the most upstream probability shaping encoding unit 101 and introduces the concept of an encryption matrix, thereby changing the probability distribution of temporary symbols in the temporary symbol generation unit 103 to a discretized Gaussian distribution. This has the excellent effect of being able to approximate . In other words, the disclosed technology performs probability shaping before encryption, introduces the concept of an encryption matrix, and performs encryption without affecting the probability of occurrence of signal points. It is possible to achieve both high performance and high secrecy through encryption.
The N temporary symbols generated by the temporary symbol generation section 103 are sent to the encrypted symbol generation section 104.
《物理暗号化装置100を構成する暗号化ビット列生成部111》
 物理暗号化装置100を構成する暗号化ビット列生成部111は、外部から入力される暗号化用の共有鍵に基づいて、暗号化ビット列を生成する構成要素である。なお、一般には、共通鍵暗号のアルゴリズムとして、AES(Advanced Encryption Standard)などが知られている。
 暗号化ビット列生成部111で生成された暗号化ビット列は、暗号化行列生成部112へと送られる。 <<Encrypted bit string generation unit 111 configuring the physical encryption device 100>>
The encrypted bit string generation unit 111 configuring the physical encryption device 100 is a component that generates an encrypted bit string based on a shared encryption key input from the outside. Note that AES (Advanced Encryption Standard) and the like are generally known as common key encryption algorithms.
The encrypted bit string generated by the encrypted bit string generator 111 is sent to the encrypted matrix generator 112.
《物理暗号化装置100を構成する暗号化行列生成部112》
 物理暗号化装置100を構成する暗号化行列生成部112は、暗号化ビット列生成部111から送られた暗号化ビット列の少なくとも一部に基づいて、暗号化行列を決定する構成要素である。
 暗号化行列生成部112は、複数の暗号化行列の候補(以降、「暗号化行列候補」と称する)を保有する構成を備えていてよい。暗号化行列候補は、いずれもサイズがN×Nの行列であり、いずれも逆行列が存在するものである。暗号化行列候補は、正規直交行列であることが望ましい。
 暗号化行列生成部112による暗号化行列の決め方は、暗号化行列候補から1つを選択して決める、というものでよい。
 暗号化行列生成部112において決められた暗号化行列は、暗号化シンボル生成部104へと送られる。 <<Encryption matrix generation unit 112 configuring the physical encryption device 100>>
The encryption matrix generation unit 112 configuring the physical encryption device 100 is a component that determines an encryption matrix based on at least a portion of the encrypted bit string sent from the encrypted bit string generation unit 111.
The encryption matrix generation unit 112 may be configured to hold a plurality of encryption matrix candidates (hereinafter referred to as "encryption matrix candidates"). All of the encryption matrix candidates are matrices with a size of N×N, and each has an inverse matrix. It is desirable that the encryption matrix candidate is an orthonormal matrix.
The method of determining an encryption matrix by the encryption matrix generation unit 112 may be to select and determine one encryption matrix from candidate encryption matrices.
The encryption matrix determined by encryption matrix generation section 112 is sent to encryption symbol generation section 104.
 L個(Lは1以上の整数)の暗号化行列は、1つの「物理暗号ブロック」を構成する。物理暗号ブロックを構成する暗号化行列のそれぞれは、少なくとも2つの暗号化行列候補から選択されたものである。
 暗号化行列候補は、例えば、行列要素を巡回シフトする操作により実現されてよい。
 物理暗号ブロックは、少なくとも2のL乗通りの組合せに係る暗号化行列から構成される。 L encryption matrices (L is an integer of 1 or more) constitute one "physical encryption block." Each of the encryption matrices constituting the physical cipher block is selected from at least two encryption matrix candidates.
The encryption matrix candidate may be realized, for example, by cyclically shifting matrix elements.
The physical cipher block is composed of encryption matrices related to at least 2 to the L power of combinations.
《物理暗号化装置100を構成する暗号化シンボル生成部104》
 物理暗号化装置100を構成する暗号化シンボル生成部104は、暗号化行列生成部112から送られる暗号化行列を用いて、暗号化シンボルを生成する構成要素である。暗号化シンボル生成部104は、具体的には、仮シンボル生成部103から送られる第1から第Nまでの仮シンボルに対して、暗号化行列を左から乗算することにより、第1から第Nまでの暗号化シンボルを生成する。
 暗号化シンボル生成部104において生成される第1から第Nまでの暗号化シンボルは、デジタル信号の態様でデジタルアナログ変換部121へと送られる。 <<Encrypted symbol generation unit 104 configuring physical encryption device 100>>
The encrypted symbol generation unit 104 configuring the physical encryption device 100 is a component that generates an encrypted symbol using the encryption matrix sent from the encryption matrix generation unit 112. Specifically, the encrypted symbol generation unit 104 multiplies the first to Nth temporary symbols sent from the temporary symbol generation unit 103 by an encryption matrix from the left, thereby generating the first to Nth temporary symbols. Generate cryptographic symbols up to.
The first to Nth encrypted symbols generated in the encrypted symbol generator 104 are sent to the digital-to-analog converter 121 in the form of digital signals.
《具体的な数値例について》
 図3は、3bitから1つの8値PAMシンボルを生成する一例を示す説明図である。 《About specific numerical examples》
FIG. 3 is an explanatory diagram showing an example of generating one 8-value PAM symbol from 3 bits.
 図4は、実施の形態1に係る物理暗号化装置100の動作を具体的な数値例で示す説明図である。図4は、具体的には、N=2、L=2、であり、仮シンボルが±1、±3、±5、±7のいずれか1つをとる8値PAMシンボルである場合の数値例を示すものである。 FIG. 4 is an explanatory diagram showing the operation of the physical encryption device 100 according to the first embodiment using a specific numerical example. Specifically, FIG. 4 shows the numerical values when N=2, L=2, and the temporary symbol is an 8-value PAM symbol that takes one of ±1, ±3, ±5, and ±7. This is an example.
 図4において、「ビット列」と記載された表は、誤り訂正符号化部102から出力される複数のビットの例である。なお、確率整形符号化部101及び誤り訂正符号化部102は、PS Encoder及びFEC Encoderと称されることもある。PSは、Probabilistic Shapingの頭文字である。また、FECは、Forward Error Correctionの頭文字である。
 図4に示されるビット列は、3ビットを1つの単位として扱う場合の例を示している。図4に示される表において、左側が先頭を表している。図4に示される表において、一番左の列(「0、1、1」を縦に並べたもの)は、誤り訂正符号化部102から出力される1番目の3ビットである。図3に示されるように、「0、1、1」からなる3ビットは、出力シンボルの「5」に該当する。図4に示される表において、左から2番目の列(「1、1、0」を縦に並べたもの)は、誤り訂正符号化部102から出力される2番目の3ビットである。図3に示されるように、「1、1、0」からなる3ビットは、出力シンボルの「-7」に該当する。 In FIG. 4, the table labeled "bit string" is an example of a plurality of bits output from the error correction encoding section 102. Note that the probability shaping encoding section 101 and the error correction encoding section 102 are sometimes referred to as a PS encoder and an FEC encoder. PS is an acronym for Probabilistic Shaping. Further, FEC is an acronym for Forward Error Correction.
The bit string shown in FIG. 4 shows an example in which 3 bits are treated as one unit. In the table shown in FIG. 4, the left side represents the beginning. In the table shown in FIG. 4, the leftmost column (“0, 1, 1” arranged vertically) is the first three bits output from the error correction encoding section 102. As shown in FIG. 3, three bits consisting of "0, 1, 1" correspond to "5" of the output symbol. In the table shown in FIG. 4, the second column from the left (“1, 1, 0” arranged vertically) is the second three bits output from the error correction encoding section 102. As shown in FIG. 3, three bits consisting of "1, 1, 0" correspond to "-7" of the output symbol.
 図4において、「第1の仮シンボル列 Xp1=5、3、-1、1、-3…」「第2の仮シンボル列 Xp2=-7、1、-1、-1、3…」と記載された箇所は、それぞれ、誤り訂正符号化部102を経て仮シンボル生成部103において生成されるN個の仮シンボルを表したものである。
 第1の仮シンボル列(Xp1)は、複素平面の実軸に該当すると考えてよい。同様に、第2の仮シンボル列(Xp2)は、複素平面の虚軸に該当すると考えてよい。前述のとおり、確率整形は、出現頻度すなわち発生確率の高い信号の位置を複素平面における原点に近い位置へと写像する。0が6回連続する「0、0、0」「0、0、0」は、複素平面における(1、1)へと写像されるが、このように原点に近い位置が選ばれるように設計される。
 ビット列の先頭の3ビット(「0、1、1」)は、図3に示される変換テーブルに基づいて出力シンボル「5」に変換され、第1の仮シンボル列(Xp1)の先頭に割り振られる。ビット列の2番目の3ビット(「1、1、0」)は、図3に示される変換テーブルに基づいて出力シンボル「-7」に変換され、第2の仮シンボル列(Xp2)の先頭に割り振られる。以降は同様にして、出力シンボルは、順番に、第1の仮シンボル列(Xp1)と第2の仮シンボル列(Xp2)とに、交互に割り振られる。 In FIG. 4, "first temporary symbol string X p1 =5, 3, -1, 1, -3..." and "second temporary symbol string X p2 = -7, 1, -1, -1, 3... ” each represents N temporary symbols generated by the temporary symbol generation unit 103 via the error correction encoding unit 102.
The first temporary symbol string (X p1 ) may be considered to correspond to the real axis of the complex plane. Similarly, the second temporary symbol sequence (X p2 ) may be considered to correspond to the imaginary axis of the complex plane. As described above, probability shaping maps the position of a signal with a high frequency of occurrence, that is, a high probability of occurrence, to a position close to the origin on the complex plane. ``0, 0, 0'' and ``0, 0, 0'', which are six consecutive 0s, are mapped to (1, 1) on the complex plane, but the design is such that a position close to the origin is selected. be done.
The first three bits (“0, 1, 1”) of the bit string are converted to the output symbol “5” based on the conversion table shown in FIG. 3, and are allocated to the beginning of the first temporary symbol string (X p1 ). It will be done. The second three bits (“1, 1, 0”) of the bit string are converted to the output symbol “-7” based on the conversion table shown in FIG . will be allocated to Thereafter, output symbols are sequentially and alternately allocated to the first provisional symbol string (X p1 ) and the second provisional symbol string (X p2 ) in the same manner.
 図4において、「共有鍵 11001…」と記載された箇所は、外部から暗号化ビット列生成部111へ入力される暗号化用の共有鍵である。
 図4において、「暗号化後ビット列 10001…」と記載された箇所は、暗号化ビット列生成部111で生成された暗号化ビット列を表したものである。暗号化後ビット列は、共有鍵の情報のみから生成されるビット列である。暗号化後ビット列は、例えば、前述のAESのアルゴリズムに基づいて生成されたものでもよい。 In FIG. 4, the portion described as "shared key 11001..." is a shared key for encryption that is input to the encrypted bit string generation unit 111 from the outside.
In FIG. 4, the portion described as "encrypted bit string 10001..." represents the encrypted bit string generated by the encrypted bit string generation unit 111. The encrypted bit string is a bit string generated only from shared key information. The encrypted bit string may be generated based on the above-mentioned AES algorithm, for example.
 図4において、「2×2行列候補 E=…、E=…」と記載された箇所は、暗号化行列生成部112が保有する暗号化行列候補(E、E)を表したものである。図4に例示されている暗号化行列(E、E)は、以下に示されるものである。

Figure JPOXMLDOC01-appb-I000001

 特記すべきことは、式(1)に示される暗号化行列(E、E)が、いずれも直交行列である、ということである。直交行列には色々な定義の仕方があるが、定義の1つは、直交行列を構成する列ベクトルが、正規直交基底をなす、というものである。ここで、正規直交は、すべてのベクトルの長さが1で、ベクトルの内積がクロネッカのデルタに等しい、すなわち異なる2本を抽出したときに(i≠jのときに)その内積が0となる、という性質を有する。
 式(1)に示される暗号化行列(E、E)において、2の平方根で全体を割っているが、これは、基底ベクトルとなる暗号化行列(E、E)の列ベクトルの大きさを、1にする正規化のためのものである。 In FIG. 4, the portion described as “2×2 matrix candidates E 0 =…, E 1 =…” represents the encryption matrix candidates (E 0 , E 1 ) held by the encryption matrix generation unit 112. It is something. The encryption matrix (E 0 , E 1 ) illustrated in FIG. 4 is shown below.

Figure JPOXMLDOC01-appb-I000001

What should be noted in particular is that the encryption matrices (E 0 , E 1 ) shown in equation (1) are all orthogonal matrices. There are various ways to define an orthogonal matrix, but one definition is that the column vectors that make up the orthogonal matrix form an orthonormal basis. Here, in orthonormality, the length of all vectors is 1, and the inner product of the vectors is equal to Kronecker's delta, that is, when two different lines are extracted (when i≠j), the inner product is 0. It has the following properties.
In the encryption matrix (E 0 , E 1 ) shown in equation (1), the whole is divided by the square root of 2, which is the column vector of the encryption matrix (E 0 , E 1 ) that becomes the base vector. This is for normalizing the size of 1 to 1.
 本開示技術に係る物理暗号化装置100の最たる技術的特徴は、「暗号化行列」という概念を導入して暗号化を実現したことである。より具体的には、本開示技術の最たる特徴は、暗号化行列候補を複数用意し(例えば、EとE)、これらを適宜、切り替えて用いる、という着想を実現したことである。さらに、本開示技術は、暗号化行列候補を、それぞれ異なる複数の直交行列で構成したところに技術的特徴がある。
 直交行列である暗号化行列は、写像元である仮シンボル列を複素平面にプロットしたときの分布特性を、写像先においても維持する、という線形写像の性質を有する。
 図4に示された具体的な数値例で言えば、暗号化行列のEは、以下のように解釈できる。

Figure JPOXMLDOC01-appb-I000002

ただし、式(2)に登場する太字のRは、2次元の回転行列を表す。すなわち暗号化行列のEは、原点を中心に45度回転させる回転行列に他ならない。したがって、暗号化行列のEは、写像元である仮シンボル列を複素平面にプロットしたときの分布特性を、写像先においても維持する。
 さらに、図4に示された暗号化行列のEは、以下のように解釈できる。

Figure JPOXMLDOC01-appb-I000003

ただし、式(3)に登場するY-axis mirrorと記載された行列は、Y軸を中心とした線対称を実施する写像を与える行列である、と解釈できる。すなわち暗号化行列のEは、まずY軸を中心とした線対称を実施し、原点を中心とした45度回転を実施する写像を与える行列に他ならない。したがって、暗号化行列のEも、写像元である仮シンボル列を複素平面にプロットしたときの分布特性を、写像先においても維持する。 The most important technical feature of the physical encryption device 100 according to the disclosed technology is that it implements encryption by introducing the concept of "encryption matrix." More specifically, the most important feature of the technology disclosed herein is that it has realized the idea of preparing a plurality of encryption matrix candidates (for example, E 0 and E 1 ) and switching between them as appropriate. Furthermore, the technology of the present disclosure has a technical feature in that the encryption matrix candidates are composed of a plurality of different orthogonal matrices.
The encryption matrix, which is an orthogonal matrix, has the property of linear mapping, in that the distribution characteristics when the temporary symbol string, which is the mapping source, is plotted on a complex plane are maintained at the mapping destination.
In the specific numerical example shown in FIG. 4, E1 of the encryption matrix can be interpreted as follows.

Figure JPOXMLDOC01-appb-I000002

However, the bold R that appears in equation (2) represents a two-dimensional rotation matrix. That is, the encryption matrix E1 is nothing but a rotation matrix that rotates 45 degrees around the origin. Therefore, E 1 of the encryption matrix maintains the distribution characteristics when the temporary symbol string, which is the mapping source, is plotted on the complex plane even in the mapping destination.
Furthermore, E 0 of the encryption matrix shown in FIG. 4 can be interpreted as follows.

Figure JPOXMLDOC01-appb-I000003

However, the matrix described as Y-axis mirror that appears in equation (3) can be interpreted as a matrix that provides a mapping that implements line symmetry about the Y axis. That is, the encryption matrix E 0 is nothing but a matrix that provides a mapping that first performs line symmetry around the Y axis and then performs a 45 degree rotation around the origin. Therefore, E 0 of the encryption matrix also maintains the distribution characteristics in the mapping destination when the temporary symbol string that is the mapping source is plotted on the complex plane.
 複数の異なる直交行列からなる暗号化行列候補は、このように、回転と線対称とを組み合わせて生成してもよい。なお、図4に示された数値例においては、45度回転とY軸中心の線対称とにより暗号化行列候補が作られているが、本開示技術はこれに限定されない。回転の角度は45度以外の角度であってもよいし、線対称の中心はY軸位階のものであってもよい。 An encryption matrix candidate consisting of a plurality of different orthogonal matrices may be generated by combining rotation and line symmetry in this way. Note that in the numerical example shown in FIG. 4, the encryption matrix candidate is created by 45-degree rotation and line symmetry about the Y-axis, but the disclosed technology is not limited to this. The angle of rotation may be other than 45 degrees, and the center of line symmetry may be at the Y-axis level.
 複数の異なる直交行列からなる暗号化行列候補は、「1」又は「-1」をランダムに発生させる方法によっても生成することができる。この手法は、特に暗号化行列のサイズ(N×N)におけるNが偶数のときに有効な方法である。
 以下は、暗号化行列(E)の生成手順を説明するN=2のときの簡単な数値例である。ランダムに「1」又は「-1」を発生させた結果、「1、1」が得られたとする。「1、1」を縦にならべて縦ベクトルにしたものは、1つ目の基底ベクトル(e)と考えて、暗号化行列の一番左の列ベクトルにする(式(1)のE、Eを参照)。N=2のときに、Eが直交行列となる条件は、以下の式で与えられる。

Figure JPOXMLDOC01-appb-I000004

 次の手順は、さらにランダムに「1」又は「-1」を発生させ、2つ目の基底ベクトル(e)の候補とする、というものである。Eが直交行列であるためには、1つ目の基底ベクトル(e)と2つ目の基底ベクトル(e)との内積が0にならなければならない。すなわち、式(4)の最下段に示した式が成立しなければならない。例えば、ランダムに「1」又は「-1」を発生させた結果、2つ目の基底ベクトル(e)が「1、-1」だったとする。このときにベクトルの内積が0になるため、暗号化行列(E)の生成に成功したと言える(式(1)のEを参照)。
 暗号化行列(E)を1つ生成することに成功すれば、そこからの手順は、例えば、1つ目の基底ベクトル(e)を固定して、新たな2つ目の基底ベクトル(e)を同様の手法で見つけてもよい。また、1つ暗号化行列(E)の生成に成功すれば、そこからの手順は、前述のY-axis mirror等の線対称又は回転を使い、複数の暗号化行列候補を生成してもよい。
 なお、直交行列は、行列式の値が1又は-1であるという性質を有するため、この性質を利用して暗号化行列候補をうまく生成できたか否かを確認するようにしてもよい。式(1)に示されるEは、行列式の値が-1である。式(1)に示されるEは、行列式の値が1である。 An encryption matrix candidate consisting of a plurality of different orthogonal matrices can also be generated by randomly generating "1" or "-1". This method is particularly effective when N in the size (N×N) of the encryption matrix is an even number.
The following is a simple numerical example when N=2 to explain the generation procedure of the encryption matrix (E). Assume that "1, 1" is obtained as a result of randomly generating "1" or "-1". The vertical vector of "1, 1" is considered to be the first basis vector (e 1 ) and is set as the leftmost column vector of the encryption matrix (E in equation (1) 0 , see E1 ). The condition for E to be an orthogonal matrix when N=2 is given by the following equation.

Figure JPOXMLDOC01-appb-I000004

The next step is to further randomly generate "1" or "-1" and use it as a candidate for the second basis vector (e 2 ). In order for E to be an orthogonal matrix, the inner product of the first basis vector (e 1 ) and the second basis vector (e 2 ) must be zero. That is, the equation shown at the bottom of equation (4) must hold true. For example, assume that as a result of randomly generating "1" or "-1", the second basis vector (e 2 ) is "1, -1". At this time, since the inner product of the vectors becomes 0, it can be said that the encryption matrix (E) has been successfully generated (see E 0 in equation (1)).
If one encryption matrix (E) is successfully generated, the procedure from there is, for example, fixing the first basis vector (e 1 ) and creating a new second basis vector (e 2 ) may be found using a similar method. Furthermore, if one encryption matrix (E) is successfully generated, the procedure from there may use line symmetry or rotation such as the Y-axis mirror described above to generate multiple encryption matrix candidates. .
Note that since orthogonal matrices have the property that the value of the determinant is 1 or -1, this property may be used to check whether the encryption matrix candidate has been successfully generated. E 0 shown in equation (1) has a determinant value of −1. E 1 shown in equation (1) has a determinant value of 1.
 以下は、「1」又は「-1」をランダムに発生させる方法によって得られた、N=4のときの暗号化行列候補に関する簡単な数値例である。

Figure JPOXMLDOC01-appb-I000005

ここで、要素が1又は-1のいずれかであり、かつ各列(及び各行)が直交するような正方行列は、アダマール行列と称されている。アダマール行列の生成法には、シルベスターの生成法が知られている。式(5)上段に示された行列のEは、シルベスターの生成法により得られるN=4のときのアダマール行列である。なお、式(5)に示される行列において、Eにおける下付き添え字の2、及びE3における下付き添え字の3は、式(1)に示される行列(E、E)と区別するために異なる数字が選択されている。 The following is a simple numerical example regarding an encryption matrix candidate when N=4, obtained by a method of randomly generating "1" or "-1".

Figure JPOXMLDOC01-appb-I000005

Here, a square matrix whose elements are either 1 or -1 and whose columns (and rows) are orthogonal is called a Hadamard matrix. Sylvester's generation method is known as a method for generating Hadamard matrices. E2 of the matrix shown in the upper part of equation (5) is the Hadamard matrix when N=4 obtained by Sylvester's generation method. In addition, in the matrix shown in equation (5), the subscript 2 in E 2 and the subscript 3 in E3 are distinguished from the matrix (E 0 , E 1 ) shown in equation (1). Different numbers are selected for the purpose.
 暗号化行列のサイズ(N×N)におけるNが奇数のとき、アダマール行列は作れない。1つ目の基底ベクトルを「1、1、1」としたとき(厳密には、正規化のためルート3で割ったもの、式(6)参照)、生成し得る直交行列は、例えば、以下に与えられるものである。

Figure JPOXMLDOC01-appb-I000006

 このように、暗号化行列のサイズ(N×N)におけるNが奇数のときは、回転及び対称を組み合わせて生成する手法が容易である。 When N in the encryption matrix size (N×N) is an odd number, a Hadamard matrix cannot be created. When the first basis vector is set to "1, 1, 1" (strictly speaking, it is divided by the root 3 for normalization, see equation (6)), the orthogonal matrix that can be generated is, for example, as follows. It is given to

Figure JPOXMLDOC01-appb-I000006

In this way, when N in the size (N×N) of the encryption matrix is an odd number, it is easy to generate the encryption matrix by combining rotation and symmetry.
 図4において、「2×2行列 E、E、E、E、E、…」と記載された箇所は、暗号化行列生成部112により順次、暗号化行列候補から1つを選択して決められた暗号化行列を表したものである。暗号化行列の並び方「E、E、E、E、E、…」(下付き添え数字に着目)は、「暗号化後ビット列 10001…」における暗号化ビットの並び方に対応する。 In FIG. 4, the portions described as “2×2 matrices E 1 , E 0 , E 0 , E 0 , E 1 , . . . ” indicate that the encryption matrix generation unit 112 sequentially generates one of the encryption matrix candidates. This represents the selected encryption matrix. The arrangement of the encryption matrix “E 1 , E 0 , E 0 , E 0 , E 1 ,…” (pay attention to the subscript numbers) corresponds to the arrangement of the encrypted bits in “Encrypted bit string 10001…” .
 図4に示されるとおり、暗号化及び復号の操作は、暗号化行列(Eb[i])を用いた以下の式により与えられる。

Figure JPOXMLDOC01-appb-I000007

ここで、数式(7)に登場するiは、シンボル列中の何番目のシンボルかを特定する変数である。また暗号化行列を表す文字にEに付された下付き添え字であるb[i]は、暗号化後ビット列におけるi番目のビットの値を示したものである。したがって、図4に示される例においては、具体的な値は、b[1]=1、b[2]=0、b[3]=0、b[4]=0、b[5]=1、である。 As shown in FIG. 4, the encryption and decryption operations are given by the following equation using the encryption matrix (E b[i] ).

Figure JPOXMLDOC01-appb-I000007

Here, i appearing in formula (7) is a variable that specifies the number of the symbol in the symbol string. Furthermore, b[i], which is a subscript added to the letter E representing the encryption matrix, indicates the value of the i-th bit in the bit string after encryption. Therefore, in the example shown in FIG. 4, the specific values are b[1]=1, b[2]=0, b[3]=0, b[4]=0, b[5]= 1.
 図4において、「第1の暗号化シンボル列 …」「第2の暗号化シンボル列 …」と記載された箇所は、暗号化シンボル生成部104において生成された第1から第Nまでの暗号化シンボルを表したものである。
 例えば、i=1に係る暗号化シンボルは、以下の式に示される計算を経て算出される。

Figure JPOXMLDOC01-appb-I000008
 In FIG. 4, the parts described as "first encrypted symbol string..." and "second encrypted symbol string..." refer to the first to Nth encrypted symbols generated in the encrypted symbol generation unit 104. It represents a symbol.
For example, the encrypted symbol for i=1 is calculated through the calculation shown in the following equation.

Figure JPOXMLDOC01-appb-I000008
《物理暗号化装置100を構成するデジタルアナログ変換部121》
 物理暗号化装置100を構成するデジタルアナログ変換部121は、デジタル信号として仮シンボル生成部103から送られる暗号化シンボルを、電気アナログ信号に変換する構成要素である。デジタルアナログ変換部121は、仮シンボル生成部103から送られる暗号化シンボルの物理レーンのそれぞれに対し、デジタルアナログ変換を実施する。例えば、光伝送システムが、直交偏波多重を行い直交振幅変調を生成するものである場合には、X偏波同相軸、X偏波直交位相軸、Y偏波同相軸、Y偏波直交位相軸、の4つの物理レーンが用意される。なお、本明細書において、同相軸は、I軸と称するものとしする。また直交位相軸は、Q軸と称するものとする。I軸におけるIの文字は、In-phaseの頭文字に由来する。Q軸におけるQの文字は、Quadratureの頭文字に由来する。 <<Digital-to-analog converter 121 that constitutes the physical encryption device 100>>
The digital-to-analog conversion unit 121 configuring the physical encryption device 100 is a component that converts the encrypted symbol sent from the temporary symbol generation unit 103 as a digital signal into an electrical analog signal. The digital-to-analog conversion unit 121 performs digital-to-analog conversion for each physical lane of the encrypted symbol sent from the temporary symbol generation unit 103. For example, if the optical transmission system performs orthogonal polarization multiplexing to generate orthogonal amplitude modulation, then Four physical lanes are prepared: axis. Note that in this specification, the in-phase axis is referred to as the I-axis. Further, the orthogonal phase axis shall be referred to as the Q axis. The letter I on the I axis comes from the initial letter In-phase. The letter Q on the Q-axis comes from the initial letter Quadrature.
《物理暗号化装置100を構成する光変調部122》
 物理暗号化装置100を構成する光変調部122は、デジタルアナログ変換部121から送られる電気アナログ信号に基づいて、搬送波である光の変調を行う構成要素である。デジタルアナログ変換部121から送られる電気アナログ信号が、X偏波-I軸、X偏波-Q軸、Y偏波-I軸、Y偏波-Q軸、の4系統であれば、光変調部122は、4つの変調を行い、変調がなされた1つの光信号を生成する。
 光変調部122で生成された光信号は、光増幅部123へと送られる。 <<Light modulation section 122 configuring physical encryption device 100>>
The optical modulator 122 configuring the physical encryption device 100 is a component that modulates light, which is a carrier wave, based on the electrical analog signal sent from the digital-to-analog converter 121. If the electrical analog signal sent from the digital-to-analog converter 121 is of four systems: The section 122 performs four modulations and generates one modulated optical signal.
The optical signal generated by the optical modulation section 122 is sent to the optical amplification section 123.
《物理暗号化装置100を構成する光増幅部123》
 物理暗号化装置100を構成する光増幅部123は、光変調部122から送られる光信号を増幅する構成要素である。
 光増幅部123で増幅された光信号は、光ファイバ等からなる光伝送系(不図示)へ送られる。 <<Optical amplification unit 123 configuring the physical encryption device 100>>
The optical amplifying section 123 configuring the physical encryption device 100 is a component that amplifies the optical signal sent from the optical modulating section 122.
The optical signal amplified by the optical amplification section 123 is sent to an optical transmission system (not shown) consisting of an optical fiber or the like.
 物理暗号化装置100のサブコンビネーションとなる装置が、図2に示される物理復号装置200である。図1及び図2に示されるとおり、物理暗号化装置100の構成要素と物理復号装置200の構成要素とは、それぞれが対応関係にある。 A device that is a subcombination of the physical encryption device 100 is the physical decryption device 200 shown in FIG. As shown in FIGS. 1 and 2, the components of the physical encryption device 100 and the components of the physical decryption device 200 have a corresponding relationship.
《物理復号装置200を構成する光検出部222》
 物理復号装置200を構成する光検出部222は、光ファイバ等からなる光伝送系からの光信号を検出する構成要素である。光検出部222において光信号は、X偏波-I軸、X偏波-Q軸、Y偏波-I軸、Y偏波-Q軸、の4系統の電気アナログ信号へと変換される。4系統の電気アナログ信号は、アナログデジタル変換部221へと送られる。 <<Photodetector 222 configuring physical decoding device 200>>
The optical detection unit 222 that constitutes the physical decoding device 200 is a component that detects an optical signal from an optical transmission system made of an optical fiber or the like. In the photodetector 222, the optical signal is converted into electrical analog signals of four systems: X polarization-I-axis, X-polarization-Q-axis, Y-polarization-I-axis, and Y-polarization-Q-axis. The four electrical analog signals are sent to an analog-to-digital converter 221.
《物理復号装置200を構成するアナログデジタル変換部221》
 物理復号装置200を構成するアナログデジタル変換部221は、光検出部222から送られる電気アナログ信号を、デジタル信号に変換する構成要素である。
 アナログデジタル変換部221において変換されたデジタル信号は、暗号化シンボルとして、暗号化シンボル終端部204へと送られる。 <<Analog-to-digital converter 221 configuring physical decoding device 200>>
The analog-to-digital converter 221 configuring the physical decoding device 200 is a component that converts an electrical analog signal sent from the photodetector 222 into a digital signal.
The digital signal converted by the analog-to-digital converter 221 is sent as an encrypted symbol to the encrypted symbol termination section 204.
《物理復号装置200を構成する暗号化ビット列生成部211》
 物理復号装置200を構成する暗号化ビット列生成部211は、物理暗号化装置100が有するものと同じ共有鍵に基づいて、同じ暗号化ビット列を生成する構成要素である。暗号化ビット列生成部211が用いる共通鍵暗号のアルゴリズムは、物理暗号化装置100の暗号化ビット列生成部111が用いるものと同じである。
 暗号化ビット列生成部211で生成された暗号化ビット列は、暗号化行列生成部212へと送られる。 <<Encrypted bit string generation unit 211 configuring the physical decryption device 200>>
The encrypted bit string generation unit 211 configuring the physical decryption device 200 is a component that generates the same encrypted bit string based on the same shared key that the physical encryption device 100 has. The common key encryption algorithm used by the encrypted bit string generator 211 is the same as that used by the encrypted bit string generator 111 of the physical encryption device 100.
The encrypted bit string generated by the encrypted bit string generator 211 is sent to the encrypted matrix generator 212.
《物理復号装置200を構成する暗号化行列生成部212》
 物理復号装置200を構成する暗号化行列生成部212は、暗号化ビット列生成部211から送られた暗号化ビット列の少なくとも一部に基づいて、暗号化行列を決定する構成要素である。
 暗号化行列生成部212による暗号化行列の決め方は、物理暗号化装置100における暗号化行列生成部112による暗号化行列の決め方と同じである。
 暗号化行列生成部212において決められた暗号化行列は、暗号化シンボル終端部204へと送られる。 <<Encryption matrix generation unit 212 configuring the physical decryption device 200>>
The encryption matrix generation unit 212 configuring the physical decryption device 200 is a component that determines an encryption matrix based on at least a part of the encrypted bit string sent from the encrypted bit string generation unit 211.
The way the encryption matrix generation unit 212 determines the encryption matrix is the same as the way the encryption matrix generation unit 112 in the physical encryption device 100 determines the encryption matrix.
The encryption matrix determined by the encryption matrix generation section 212 is sent to the encryption symbol termination section 204.
《物理復号装置200を構成する暗号化シンボル終端部204》
 物理復号装置200を構成する暗号化シンボル終端部204は、暗号化行列生成部212から送られる暗号化行列を用いて、暗号化シンボルを仮シンボルへと復号する構成要素である。暗号化シンボル終端部204は、具体的には、アナログデジタル変換部221から送られる第1から第Nまでの暗号化シンボルに対して、暗号化行列の逆行列を左から乗算することにより、第1から第Nまでの仮シンボルへの復号を実施する。
 暗号化シンボル終端部204で復号された第1から第Nまでの仮シンボルは、仮シンボル終端部203へと送られる。 <<Encrypted symbol termination section 204 configuring physical decoding device 200>>
The encrypted symbol termination unit 204 configuring the physical decoding device 200 is a component that decodes encrypted symbols into temporary symbols using the encryption matrix sent from the encryption matrix generation unit 212. Specifically, the encrypted symbol termination unit 204 multiplies the first to Nth encrypted symbols sent from the analog-to-digital converter 221 by the inverse matrix of the encryption matrix from the left. Decoding into the 1st to Nth temporary symbols is performed.
The first to Nth temporary symbols decoded by the encrypted symbol termination section 204 are sent to the temporary symbol termination section 203.
《物理復号装置200を構成する仮シンボル終端部203》
 物理復号装置200を構成する仮シンボル終端部203は、暗号化シンボル終端部204から送られる第1から第Nまでの仮シンボルから、ビット列への復号を実施する構成要素である。
 図5は、実施の形態1に係る物理復号装置200を構成する仮シンボル終端部203の処理内容を具体的な数値例で示す説明図である。図5において、左向き矢印の左側に示される表は、仮シンボル終端部203において復号されるビット列の数値例である。図5に示されるように、仮シンボル終端部203において復号されるビット列は、図3に示される変換テーブルに基づいて復号される「硬判定ビット」(太字で表示されたビット)のほか、例えば、「信頼度情報(2bitの例)」(非太字で表示された2ビット)を含んでもよい。 <<Temporary symbol termination section 203 configuring physical decoding device 200>>
The temporary symbol termination section 203 configuring the physical decoding device 200 is a component that decodes the first to Nth temporary symbols sent from the encrypted symbol termination section 204 into a bit string.
FIG. 5 is an explanatory diagram showing the processing contents of temporary symbol termination section 203 configuring physical decoding device 200 according to the first embodiment using a specific numerical example. In FIG. 5, the table shown on the left side of the leftward arrow is a numerical example of the bit string decoded in the temporary symbol termination section 203. As shown in FIG. 5, the bit string decoded in the temporary symbol termination unit 203 includes "hard decision bits" (bits displayed in bold) that are decoded based on the conversion table shown in FIG. , "reliability information (example of 2 bits)" (2 bits displayed in non-bold).
《物理復号装置200を構成する誤り訂正復号部202》
 物理復号装置200を構成する誤り訂正復号部202は、仮シンボル終端部203から送られたビット列に対し、誤り訂正復号を行う構成要素である。誤り訂正復号部202が行う誤り訂正復号は、物理暗号化装置100の誤り訂正符号化部102において行われる誤り訂正符号化に対応したものであり、逆の作用を及ぼすものである。
 誤り訂正復号部202において誤り訂正復号が行われたビット列は、確率整形復号部201へと送られる。 <<Error correction decoding unit 202 that constitutes the physical decoding device 200>>
The error correction decoding section 202 configuring the physical decoding device 200 is a component that performs error correction decoding on the bit string sent from the temporary symbol termination section 203. The error correction decoding performed by the error correction decoding section 202 corresponds to the error correction encoding performed in the error correction encoding section 102 of the physical encryption device 100, and has the opposite effect.
The bit string subjected to error correction decoding in the error correction decoding section 202 is sent to the probability shaping decoding section 201.
《物理復号装置200を構成する確率整形復号部201》
 物理復号装置200を構成する確率整形復号部201は、誤り訂正復号部202から送られたビット列に対し、確率整形の逆作用を実施する構成要素である。
 以上の物理復号装置200を構成する各構成要素の作用により、物理復号の処理が実現される。 <<Probability shaping decoding unit 201 configuring the physical decoding device 200>>
The probability shaping decoding unit 201 configuring the physical decoding device 200 is a component that performs a reverse probability shaping operation on the bit string sent from the error correction decoding unit 202.
Physical decoding processing is realized by the actions of the respective components constituting the physical decoding device 200 described above.
 図6は、本開示技術の応用例である光伝送システムの機能構成を示す部ブロック図である。本開示技術に係る物理暗号化装置100は、図6に示される光伝送システムにおける左側、具体的には、「符号化」-「予補償」-「デジタルアナログ変換」-「光変調」-「光多重」-「光増幅」と記載された機能ブロックの部分に応用できる。また、本開示技術に係る物理復号装置200は、図6に示される光伝送システムにおける右側、具体的には、「光検波」-「アナログデジタル変換」-「後補償」-「復号」と記載された機能ブロックの部分に応用できる。 FIG. 6 is a block diagram showing the functional configuration of an optical transmission system that is an application example of the disclosed technology. The physical encryption device 100 according to the disclosed technology is installed on the left side of the optical transmission system shown in FIG. It can be applied to the functional blocks described as "optical multiplexing" and "optical amplification." Further, the physical decoding device 200 according to the disclosed technology is located on the right side of the optical transmission system shown in FIG. It can be applied to the part of the functional block that has been created.
 実施の形態1に係る物理暗号化装置100の優れた効果の1つは、このようにして、確率整形と物理暗号化とを両立して実現できることである。 One of the excellent effects of the physical encryption device 100 according to the first embodiment is that it is possible to achieve both probability shaping and physical encryption in this way.
実施の形態2.
 実施の形態2に係る物理暗号化装置100及び物理復号装置200は、本開示技術に係る物理暗号化装置100及び物理復号装置200を、ハードウエア構成という観点で示した態様のものである。
 実施の形態2においては、特に明記する場合を除き、実施の形態1で用いられたものと同じ符号が用いられる。また、実施の形態2においては、実施の形態1と重複する説明は、適宜、省略される。 Embodiment 2.
The physical encryption device 100 and the physical decryption device 200 according to the second embodiment are the physical encryption device 100 and the physical decryption device 200 according to the presently disclosed technology in terms of hardware configuration.
In the second embodiment, the same symbols used in the first embodiment are used unless otherwise specified. Further, in the second embodiment, explanations that overlap with those in the first embodiment will be omitted as appropriate.
 図7は、実施の形態2に係る物理暗号化装置100のハードウエア構成を示す構成図である。物理暗号化装置100の各機能は、処理回路により実現される。処理回路は、専用のハードウエアであっても、メモリに格納されるプログラムを実行するCPU(Central Processing Unit、中央処理装置、処理装置、演算装置、マイクロプロセッサ、マイクロコンピュータ、プロセッサ、DSPとも称される)であってもよい。 FIG. 7 is a configuration diagram showing the hardware configuration of the physical encryption device 100 according to the second embodiment. Each function of the physical encryption device 100 is realized by a processing circuit. Even if the processing circuit is dedicated hardware, it is also called a CPU (Central Processing Unit, central processing unit, processing unit, arithmetic unit, microprocessor, microcomputer, processor, DSP) that executes a program stored in memory. ).
 図7Aは、実施の形態2に係る物理暗号化装置100のハードウエア構成を示す構成図であり、処理回路が専用のハードウエアの場合を示したものである。図7Aに示されるように、この場合の物理暗号化装置100は、送信側入力インタフェース152と、送信側処理回路154と、送信側出力インタフェース158と、を含む。
 専用ハードウエアである送信側処理回路154は、例えば、単一回路、複合回路、プログラム化したプロセッサ、並列プログラム化されたプロセッサ、ASIC、FPGA、又はこれらを組み合わせたものが該当する。物理暗号化装置100の各機能は、機能ごとに別々の送信側処理回路154により実現されてもよいし、まとめて1つの送信側処理回路154により実現されてもよい。 FIG. 7A is a configuration diagram showing the hardware configuration of physical encryption device 100 according to the second embodiment, and shows a case where the processing circuit is dedicated hardware. As shown in FIG. 7A, the physical encryption device 100 in this case includes a transmission side input interface 152, a transmission side processing circuit 154, and a transmission side output interface 158.
The dedicated hardware transmitter processing circuit 154 may be, for example, a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, an ASIC, an FPGA, or a combination thereof. Each function of the physical encryption device 100 may be realized by a separate transmission side processing circuit 154 for each function, or may be realized all by one transmission side processing circuit 154.
 図7Bは、実施の形態2に係る物理暗号化装置100のハードウエア構成を示す構成図であり、処理回路がCPUの場合を示したものである。この場合、物理暗号化装置100の各部の機能は、ソフトウエアにより実行される。図7Bに示されるように、この場合の物理暗号化装置100は、送信側入力インタフェース152と、送信側プロセッサ155と、送信側メモリ156と送信側出力インタフェース158と、を含む。
 CPUで実現された処理回路である送信側プロセッサ155は、送信側メモリ156に記憶されたプログラムを読み出して実行することにより、各部の機能を実現する。すなわち、物理暗号化装置100は、送信側プロセッサ155により実行されるときに、各部の機能に係る処理ステップが結果的に実行されることになるプログラムを格納するための送信側メモリ156を備える。また、これらのプログラムは、物理暗号化装置100の手順及び方法をコンピュータである送信側プロセッサ155に実行させるものであるとも言える。ここで送信側メモリ156は、例えば、RAM、ROM、フラッシュメモリ、EPROM、等の不揮発性又は揮発性の半導体メモリであってもよい。また送信側メモリ156は、磁気ディスク、フレキシブルディスク、光ディスク、コンパクトディスク、ミニディスク、DVD、等のディスクを備える態様のものであってもよい。さらに送信側メモリ156は、HHD、又はSSDの態様であってもよい。 FIG. 7B is a configuration diagram showing the hardware configuration of the physical encryption device 100 according to the second embodiment, and shows a case where the processing circuit is a CPU. In this case, the functions of each part of the physical encryption device 100 are executed by software. As shown in FIG. 7B, the physical encryption device 100 in this case includes a sending side input interface 152, a sending side processor 155, a sending side memory 156, and a sending side output interface 158.
The transmitting side processor 155, which is a processing circuit realized by a CPU, realizes the functions of each part by reading and executing a program stored in the transmitting side memory 156. That is, the physical encryption device 100 includes a transmitting side memory 156 for storing a program that, when executed by the transmitting side processor 155, results in the processing steps related to the functions of each unit being executed. It can also be said that these programs cause the sending processor 155, which is a computer, to execute the procedures and methods of the physical encryption device 100. Here, the transmitting side memory 156 may be a non-volatile or volatile semiconductor memory such as RAM, ROM, flash memory, EPROM, etc., for example. Further, the transmitting side memory 156 may include a disk such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, a DVD, or the like. Further, the transmitting side memory 156 may be in the form of an HHD or an SSD.
 なお、物理暗号化装置100は、一部の機能を専用のハードウエアで実現し、残りの機能をソフトウエア又はファームウエアで実現する、というものでもよい。このように物理暗号化装置100に係る処理回路は、ハードウエア、ソフトウエア、ファームウエア、又はこれらの組合せによって、各部の機能を実現することができる。 Note that the physical encryption device 100 may have some functions realized by dedicated hardware and the remaining functions realized by software or firmware. In this manner, the functions of each part of the processing circuit related to the physical encryption device 100 can be realized by hardware, software, firmware, or a combination thereof.
 図8は、実施の形態2に係る物理復号装置200のハードウエア構成を示す構成図である。物理復号装置200の各機能は、物理暗号化装置100のものとは別の処理回路により実現される。物理暗号化装置100のときと同様に、物理復号装置200に係る処理回路は、専用のハードウエアであっても、メモリに格納されるプログラムを実行するCPUであってもよい。 FIG. 8 is a configuration diagram showing the hardware configuration of the physical decoding device 200 according to the second embodiment. Each function of the physical decryption device 200 is realized by a processing circuit different from that of the physical encryption device 100. As with the physical encryption device 100, the processing circuit related to the physical decryption device 200 may be dedicated hardware or a CPU that executes a program stored in memory.
 図8Aは、実施の形態2に係る物理復号装置200のハードウエア構成を示す構成図であり、処理回路が専用のハードウエアの場合を示したものである図8Aに示されるように、この場合の物理復号装置200は、受信側入力インタフェース252と、受信側処理回路254と、受信側出力インタフェース258と、を含む。
 専用ハードウエアである受信側処理回路254は、例えば、単一回路、複合回路、プログラム化したプロセッサ、並列プログラム化されたプロセッサ、ASIC、FPGA、又はこれらを組み合わせたものが該当する。物理復号装置200の各機能は、機能ごとに別々の受信側処理回路254により実現されてもよいし、まとめて1つの受信側処理回路254により実現されてもよい。 FIG. 8A is a configuration diagram showing the hardware configuration of the physical decoding device 200 according to the second embodiment, and as shown in FIG. 8A in which the processing circuit is dedicated hardware, in this case, The physical decoding device 200 includes a receiving side input interface 252, a receiving side processing circuit 254, and a receiving side output interface 258.
The dedicated hardware receiver processing circuit 254 may be, for example, a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, an ASIC, an FPGA, or a combination thereof. Each function of the physical decoding device 200 may be realized by a separate receiving side processing circuit 254 for each function, or may be realized all by one receiving side processing circuit 254.
 図8Bは、実施の形態2に係る物理復号装置200のハードウエア構成を示す構成図であり、処理回路がCPUの場合を示したものである。この場合、物理復号装置200の各部の機能は、ソフトウエアにより実行される。図7Bに示されるように、この場合の物理復号装置200は、受信側入力インタフェース252と、受信側プロセッサ255と、受信側メモリ256と受信側出力インタフェース258と、を含む。
 CPUで実現された処理回路である受信側プロセッサ255は、受信側メモリ256に記憶されたプログラムを読み出して実行することにより、各部の機能を実現する。すなわち、物理復号装置200は、受信側プロセッサ255により実行されるときに、各部の機能に係る処理ステップが結果的に実行されることになるプログラムを格納するための受信側メモリ256を備える。また、これらのプログラムは、物理復号装置200の手順及び方法をコンピュータである受信側プロセッサ255に実行させるものであるとも言える。ここで受信側メモリ256は、例えば、RAM、ROM、フラッシュメモリ、EPROM、等の不揮発性又は揮発性の半導体メモリであってもよい。また受信側メモリ256は、磁気ディスク、フレキシブルディスク、光ディスク、コンパクトディスク、ミニディスク、DVD、等のディスクを備える態様のものであってもよい。さらに受信側メモリ256は、HHD、又はSSDの態様であってもよい。 FIG. 8B is a configuration diagram showing the hardware configuration of physical decoding device 200 according to the second embodiment, and shows a case where the processing circuit is a CPU. In this case, the functions of each part of the physical decoding device 200 are executed by software. As shown in FIG. 7B, the physical decoding device 200 in this case includes a receiving side input interface 252, a receiving side processor 255, a receiving side memory 256, and a receiving side output interface 258.
The receiving processor 255, which is a processing circuit implemented by a CPU, implements the functions of each section by reading and executing a program stored in the receiving memory 256. That is, the physical decoding device 200 includes a receiving side memory 256 for storing a program that, when executed by the receiving side processor 255, results in the processing steps related to the functions of each unit being executed. It can also be said that these programs cause the receiving processor 255, which is a computer, to execute the procedures and methods of the physical decoding device 200. Here, the receiving side memory 256 may be a non-volatile or volatile semiconductor memory such as RAM, ROM, flash memory, EPROM, etc., for example. Further, the receiving side memory 256 may be of a mode including a disk such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, a DVD, or the like. Further, the receiving side memory 256 may be in the form of an HHD or an SSD.
 なお、物理復号装置200は、一部の機能を専用のハードウエアで実現し、残りの機能をソフトウエア又はファームウエアで実現する、というものでもよい。このように物理復号装置200に係る処理回路は、ハードウエア、ソフトウエア、ファームウエア、又はこれらの組合せによって、各部の機能を実現することができる。 Note that the physical decoding device 200 may have some functions realized by dedicated hardware and the remaining functions realized by software or firmware. In this way, the processing circuit related to the physical decoding device 200 can realize the functions of each part using hardware, software, firmware, or a combination thereof.
 以上のとおり実施の形態2に係る物理暗号化装置100及び物理復号装置200は、ハードウエア、ソフトウエア、ファームウエア、又はこれらの組合せによって、各部の機能を実現することができる。このように実現された実施の形態2に係る物理暗号化装置100及び物理復号装置200は、実施の形態1に記載されたものと同じ効果を奏する。 As described above, in the physical encryption device 100 and the physical decryption device 200 according to the second embodiment, the functions of each part can be realized by hardware, software, firmware, or a combination thereof. The physical encryption device 100 and the physical decryption device 200 according to the second embodiment realized in this way have the same effects as those described in the first embodiment.
 本開示技術は、例えば、光伝送システムの、特に基幹系ネットワーク側の暗号化に応用でき、産業上の利用可能性を有する。 The disclosed technology can be applied, for example, to encryption of optical transmission systems, particularly on the backbone network side, and has industrial applicability.
 100 物理暗号化装置、101 確率整形符号化部、102 誤り訂正符号化部、103 仮シンボル生成部、104 暗号化シンボル生成部、111 暗号化ビット列生成部、112 暗号化行列生成部、121 デジタルアナログ変換部、122 光変調部、123 光増幅部、152 送信側入力インタフェース、154 送信側処理回路、155 送信側プロセッサ、156 送信側メモリ、158 送信側出力インタフェース、200 物理復号装置、201 確率整形復号部、202 誤り訂正復号部、203 仮シンボル終端部、204 暗号化シンボル終端部、211 暗号化ビット列生成部、212 暗号化行列生成部、221 アナログデジタル変換部、222 光検出部、252 受信側入力インタフェース、254 受信側処理回路、255 受信側プロセッサ、256 受信側メモリ、258 受信側出力インタフェース。 100 Physical encryption device, 101 Probability shaping coding unit, 102 Error correction coding unit, 103 Temporary symbol generation unit, 104 Encrypted symbol generation unit, 111 Encrypted bit string generation unit, 112 Encryption matrix generation unit, 121 Digital analog Conversion unit, 122 Optical modulation unit, 123 Optical amplification unit, 152 Transmission side input interface, 154 Transmission side processing circuit, 155 Transmission side processor, 156 Transmission side memory, 158 Transmission side output interface, 200 Physical decoding device, 201 Stochastic shaping decoding 202 Error correction decoding unit, 203 Temporary symbol termination unit, 204 Encrypted symbol termination unit, 211 Encrypted bit string generation unit, 212 Encryption matrix generation unit, 221 Analog-to-digital conversion unit, 222 Photodetection unit, 252 Receiving side input Interface, 254 Receiving side processing circuit, 255 Receiving side processor, 256 Receiving side memory, 258 Receiving side output interface.

Claims (4)

  1.  外部から入力される複数のビットに対して、確率整形を実施する確率整形符号化部と、
     前記確率整形符号化部から送られる誤り訂正情報ビットに対し、誤り訂正の符号化を行う誤り訂正符号化部と、
     前記誤り訂正情報ビット及び誤り訂正冗長ビットからなるビット列から、仮シンボルを生成する仮シンボル生成部と、
     共有鍵に基づいて、暗号化ビット列を生成する暗号化ビット列生成部と、
     前記暗号化ビット列の少なくとも一部に基づいて、暗号化行列を決定する暗号化行列生成部と、
     前記暗号化行列を用いて、前記仮シンボルから暗号化シンボルを生成する暗号化シンボル生成部と、
    を含む、
     物理暗号化装置。     a probability shaping encoder that performs probability shaping on a plurality of bits input from the outside;
    an error correction encoding unit that performs error correction encoding on the error correction information bits sent from the probability shaping encoding unit;
    a temporary symbol generation unit that generates a temporary symbol from the bit string consisting of the error correction information bits and the error correction redundant bits;
    an encrypted bit string generator that generates an encrypted bit string based on the shared key;
    an encryption matrix generation unit that determines an encryption matrix based on at least a portion of the encrypted bit string;
    an encrypted symbol generation unit that uses the encryption matrix to generate an encrypted symbol from the temporary symbol;
    including,
    Physical encryption device.
  2.  確率整形符号化部と、誤り訂正符号化部と、仮シンボル生成部と、暗号化ビット列生成部と、暗号化行列生成部と、暗号化シンボル生成部と、を含む物理暗号化装置の物理暗号化方法であって、
     前記確率整形符号化部が、外部から入力される複数のビットに対して、確率整形を実施し、
     前記誤り訂正符号化部が、前記確率整形符号化部から送られる誤り訂正情報ビットに対し、誤り訂正の符号化を行い、
     前記仮シンボル生成部が、前記誤り訂正情報ビット及び誤り訂正冗長ビットからなるビット列から、仮シンボルを生成し、
     前記暗号化ビット列生成部が、共有鍵に基づいて、暗号化ビット列を生成し、
     前記暗号化行列生成部が、前記暗号化ビット列の少なくとも一部に基づいて、暗号化行列を決定し、
     前記暗号化シンボル生成部が、前記暗号化行列を用いて、前記仮シンボルから暗号化シンボルを生成する、
     物理暗号化方法。     A physical encryption device for a physical encryption device including a probability shaping coding unit, an error correction coding unit, a temporary symbol generation unit, an encrypted bit string generation unit, an encryption matrix generation unit, and an encrypted symbol generation unit. A method of
    The probability shaping encoding unit performs probability shaping on a plurality of bits input from the outside,
    The error correction encoding unit performs error correction encoding on the error correction information bits sent from the probability shaping encoding unit,
    The temporary symbol generation unit generates a temporary symbol from the bit string consisting of the error correction information bits and the error correction redundant bits,
    The encrypted bit string generation unit generates an encrypted bit string based on a shared key,
    the encryption matrix generation unit determines an encryption matrix based on at least a portion of the encrypted bit string;
    the encrypted symbol generation unit generates an encrypted symbol from the temporary symbol using the encryption matrix;
    Physical encryption method.
  3.  共有鍵に基づいて、暗号化ビット列を生成する暗号化ビット列生成部と、
     前記暗号化ビット列の少なくとも一部に基づいて、暗号化行列を決定する暗号化行列生成部と、
     前記暗号化行列を用いて、暗号化シンボルを仮シンボルへと復号する暗号化シンボル終端部と、
     前記仮シンボルから、ビット列への復号を実施する仮シンボル終端部と、
     前記仮シンボル終端部から送られたビット列に対し、誤り訂正復号を行う誤り訂正復号部と、
     前記誤り訂正復号部から送られたビット列に対し、確率整形の逆作用を実施する確率整形復号部と、
     を含む、
     物理復号装置。     an encrypted bit string generator that generates an encrypted bit string based on the shared key;
    an encryption matrix generation unit that determines an encryption matrix based on at least a portion of the encrypted bit string;
    an encrypted symbol termination unit that decodes the encrypted symbol into a temporary symbol using the encryption matrix;
    a temporary symbol termination unit that decodes the temporary symbol into a bit string;
    an error correction decoding unit that performs error correction decoding on the bit string sent from the temporary symbol terminal part;
    a probability shaping decoding unit that performs an inverse probability shaping operation on the bit string sent from the error correction decoding unit;
    including,
    Physical decoding device.
  4.  暗号化ビット列生成部と、暗号化行列生成部と、暗号化シンボル終端部と、仮シンボル終端部と、誤り訂正復号部と、確率整形復号部と、を含む物理復号装置の物理復号方法であって、
     前記暗号化ビット列生成部が、共有鍵に基づいて、暗号化ビット列を生成し、
     前記暗号化行列生成部が、前記暗号化ビット列の少なくとも一部に基づいて、暗号化行列を決定し、
     前記暗号化シンボル終端部が、前記暗号化行列を用いて、暗号化シンボルを仮シンボルへと復号し、
     前記仮シンボル終端部が、前記仮シンボルから、ビット列への復号を実施し、
     前記誤り訂正復号部が、前記仮シンボル終端部から送られたビット列に対し、誤り訂正復号を行い、
     前記確率整形復号部が、前記誤り訂正復号部から送られたビット列に対し、確率整形の逆作用を実施する、
     物理復号方法。     A physical decoding method for a physical decoding device including an encrypted bit string generation section, an encrypted matrix generation section, an encrypted symbol termination section, a temporary symbol termination section, an error correction decoding section, and a probability shaping decoding section. hand,
    The encrypted bit string generation unit generates an encrypted bit string based on a shared key,
    the encryption matrix generation unit determines an encryption matrix based on at least a portion of the encrypted bit string;
    the encrypted symbol termination unit decodes the encrypted symbol into a temporary symbol using the encryption matrix;
    The temporary symbol termination unit decodes the temporary symbol into a bit string,
    The error correction decoding unit performs error correction decoding on the bit string sent from the temporary symbol terminal part,
    The probability shaping decoding unit performs a reverse probability shaping operation on the bit string sent from the error correction decoding unit.
    Physical decoding method.
PCT/JP2022/031285 2022-08-19 2022-08-19 Physical encryption device, physical encryption method, physical decryption device, and physical decryption method WO2024038568A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2022/031285 WO2024038568A1 (en) 2022-08-19 2022-08-19 Physical encryption device, physical encryption method, physical decryption device, and physical decryption method
PCT/JP2023/006614 WO2024038633A1 (en) 2022-08-19 2023-02-24 Physical encryption device, physical encryption method, physical decryption device, and physical decryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/031285 WO2024038568A1 (en) 2022-08-19 2022-08-19 Physical encryption device, physical encryption method, physical decryption device, and physical decryption method

Publications (1)

Publication Number Publication Date
WO2024038568A1 true WO2024038568A1 (en) 2024-02-22

Family

ID=89941660

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/JP2022/031285 WO2024038568A1 (en) 2022-08-19 2022-08-19 Physical encryption device, physical encryption method, physical decryption device, and physical decryption method
PCT/JP2023/006614 WO2024038633A1 (en) 2022-08-19 2023-02-24 Physical encryption device, physical encryption method, physical decryption device, and physical decryption method

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/JP2023/006614 WO2024038633A1 (en) 2022-08-19 2023-02-24 Physical encryption device, physical encryption method, physical decryption device, and physical decryption method

Country Status (1)

Country Link
WO (2) WO2024038568A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110336667A (en) * 2019-07-26 2019-10-15 电子科技大学 A kind of communication physical layer encryption communication method and device based on pseudo-random sequence control
WO2021019620A1 (en) * 2019-07-26 2021-02-04 三菱電機株式会社 Subchannel encoding device, subchannel decoding device, subchannel encoding method, subchannel decoding method, and subchannel multiplexing optical communication system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1488589B1 (en) * 2003-03-27 2005-08-10 DoCoMo Communications Laboratories Europe GmbH Apparatus and method for estimating a plurality of channels

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110336667A (en) * 2019-07-26 2019-10-15 电子科技大学 A kind of communication physical layer encryption communication method and device based on pseudo-random sequence control
WO2021019620A1 (en) * 2019-07-26 2021-02-04 三菱電機株式会社 Subchannel encoding device, subchannel decoding device, subchannel encoding method, subchannel decoding method, and subchannel multiplexing optical communication system

Also Published As

Publication number Publication date
WO2024038633A1 (en) 2024-02-22

Similar Documents

Publication Publication Date Title
US8189787B2 (en) Data transmitting apparatus, data receiving apparatus and data communication apparatus
CN109768990B (en) Physical layer secure transmission method based on asymmetric key
JP7328969B2 (en) Cryptographic system and method
US9893880B2 (en) Method for secure symbol comparison
CN113810172B (en) Low-redundancy encryption method and system for polarization code quantum noise stream physical layer
WO2016050276A1 (en) Method and system for providing a secure update of code on a memory-constrained device
US20210306146A1 (en) Quantum computing-threat-resistant method and system for use on cryptography key exchanging processes
Walia et al. Implementation of new modified MD5-512 bit algorithm for cryptography
US11641269B2 (en) Modulation-agnostic transformations using unitary braid divisional multiplexing (UBDM)
CN114928435B (en) Quantum noise stream encryption method and system based on DNA coding and SLM
Vambol et al. McEliece and Niederreiter Cryptosystems Analysis in the Context of Post-Quantum Network Security
Bhattacharya Cryptology and information security-past, present, and future role in society
WO2024038568A1 (en) Physical encryption device, physical encryption method, physical decryption device, and physical decryption method
EP4052193A1 (en) System and method for encryption and decryption using logic synthesis
CN110266321B (en) Novel communication method and system based on polarization code
Kumar et al. A novel approach for securing data in IoTcloud using DNA cryptography and Huffman coding algorithm
Dömösi et al. A cryptographic system based on a new class of binary error-correcting codes
Korzhik et al. Performance evaluation of keyless authentication based on noisy channel
Shoushtari et al. Post-Quantum Cryptography Based on Codes: A Game Changer for Secrecy in Aeronautical Mobile Telemetry
Wang et al. Anti-quantum generalized signcryption scheme based on multivariate and coding
Denny Encryptions using linear and non-linear codes: Implementation and security considerations
Sone Physical Layer Security for Wireless Networks Based on Coset Convolutional Coding
Dharani et al. Quantum Resistant Cryptographic Systems for Blockchain Network
Jiron et al. A new DNA cryptosystem based on AG codes evaluated in gaussian channels
Amankona et al. A framework for securing data by using elliptic curve cryptography and Reed Solomon coding schemes

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22955742

Country of ref document: EP

Kind code of ref document: A1