WO2024069879A1 - Security of communications relayed by terminal device - Google Patents

Security of communications relayed by terminal device Download PDF

Info

Publication number
WO2024069879A1
WO2024069879A1 PCT/JP2022/036515 JP2022036515W WO2024069879A1 WO 2024069879 A1 WO2024069879 A1 WO 2024069879A1 JP 2022036515 W JP2022036515 W JP 2022036515W WO 2024069879 A1 WO2024069879 A1 WO 2024069879A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal device
key
primary key
relay
relay station
Prior art date
Application number
PCT/JP2022/036515
Other languages
French (fr)
Japanese (ja)
Inventor
仁 中里
紗季 田中
遥 堀内
啓佑 高見
Original Assignee
楽天モバイル株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 楽天モバイル株式会社 filed Critical 楽天モバイル株式会社
Priority to PCT/JP2022/036515 priority Critical patent/WO2024069879A1/en
Publication of WO2024069879A1 publication Critical patent/WO2024069879A1/en

Links

Images

Definitions

  • This disclosure relates to the security of communications relayed by terminal devices.
  • a terminal device owned by a user can communicate data volumes according to the contract with the telecommunications carrier.
  • Each user is assigned a data communication capacity per month, for example, that allows high-speed data communication, and the terminal device owned by the user performs high-speed data communication within the range of this data communication capacity (for example, Patent Document 1).
  • the data communication capacity specified in the contract does not necessarily match the amount of data actually used for communication. For example, some users' terminal devices may communicate data volumes that exceed the data communication capacity specified in the contract, while other users' terminal devices may only communicate data volumes that do not meet the data communication capacity specified in the contract.
  • the above-mentioned mobile network has a problem in that the data communication capacity under the user's contract is not used efficiently and sufficiently.
  • available data communication capacity may remain unused. This results in waste of communication facilities and wireless resources that are reserved on the assumption that all data communication capacity will be consumed.
  • some terminal devices consume all of their available data communication capacity and end up with a data communication capacity shortage, resulting in uneven usage of data communication capacity.
  • the present disclosure has been made in consideration of the above, and aims to provide security for communications relayed by terminal devices that can efficiently utilize data communication capacity and level out usage conditions.
  • a key management device has a memory and one or more processors connected to the memory.
  • the one or more processors execute a process of acquiring a relay request from a first terminal device, which requests relaying by another terminal device.
  • the one or more processors also execute a process of identifying a terminal device that is a candidate for a relay station and is located in the vicinity of the first terminal device.
  • the one or more processors also execute a process of generating a primary key for encryption based on a public key of the terminal device that is a candidate for a relay station.
  • the one or more processors also execute a process of transmitting the primary key to the first terminal device.
  • the one or more processors also execute a process of acquiring a secondary key for decryption corresponding to the primary key from the first terminal device.
  • the one or more processors also execute a process of storing the primary key and the secondary key in association with each other in the memory.
  • the key management method includes obtaining, from a first terminal device, a relay request requesting relay by another terminal device.
  • the key management method also includes identifying a terminal device that is a candidate relay station and is located in the vicinity of the first terminal device.
  • the key management method also includes generating a primary key for encryption based on a public key of the terminal device that is a candidate relay station.
  • the key management method also includes transmitting the primary key to the first terminal device.
  • the key management method also includes obtaining, from the first terminal device, a secondary key for decryption that corresponds to the primary key.
  • the key management method also includes storing the primary key and the secondary key in a memory in association with each other.
  • FIG. 1 is a diagram illustrating an example of a configuration of a wireless communication system according to an embodiment.
  • FIG. 2 is a block diagram showing a configuration of a key management device according to an embodiment.
  • FIG. 3 is a block diagram showing a configuration of a terminal device according to an embodiment.
  • FIG. 4 is a sequence diagram showing a communication method according to an embodiment.
  • FIG. 5 is a diagram showing a specific example of primary key generation.
  • FIG. 6 is a block diagram illustrating an example of a hardware configuration of a key management device.
  • FIG. 7 is a block diagram illustrating an example of a hardware configuration of a terminal device.
  • a terminal device also known as UE (User Equipment) communicates data within the range of data communication capacity according to its contract with a telecommunications carrier.
  • UE User Equipment
  • the amount of data communication by a terminal device is not always constant, so there may be cases where the data communication capacity according to the contract is insufficient or where there is surplus data communication capacity according to the contract. Therefore, a terminal device that does not have enough data communication capacity according to the contract may communicate by using the surplus data communication capacity according to the contract of another terminal device.
  • a terminal device that has insufficient data communication capacity uses, for example, a terminal device with surplus data communication capacity as a relay station, and communicates by using the data communication capacity of the terminal device that is the relay station.
  • FIG. 1 is a diagram showing an example of the configuration of a wireless communication system according to one embodiment.
  • the wireless communication system shown in FIG. 1 includes a base station device 10, a key management device 100, a terminal device 200, and a communication server 300.
  • the base station device 10 is a wireless base station located in a RAN (Radio Access Network) and performs wireless communication with terminal devices 200 within the cell formed by the base station device 10.
  • the base station device 10 may have an RU (Radio Unit) having an antenna, and a DU (Distributed Unit) and CU (Centralized Unit) that control the RU.
  • the DU may be a virtual DU (vDU) constructed on a virtualization platform
  • the CU may be a virtual CU (vCU) constructed on a virtualization platform.
  • the key management device 100 can communicate with the terminal devices 200 via the RAN, collects location information for each terminal device 200, and selects a terminal device 200 to serve as a relay station based on the location information when the terminal device 200 performs data communication via another terminal device 200. In addition, when the terminal device 200 performs data communication via another terminal device 200, the key management device 100 registers a key pair of encryption keys used by the terminal device 200 for data communication. The configuration and operation of the key management device 100 will be described in detail later.
  • the terminal device 200 is a terminal device owned by a user, and performs wireless communication with the base station device 10. By entering into a contract with a communications carrier, the user is allocated a data communication capacity that is the capacity for data communication using the terminal device 200, and the terminal device 200 performs high-speed data communication within the range of this data communication capacity.
  • Each terminal device 200 has its own unique key pair of public key and private key to encrypt and decrypt data during data communication. When the terminal device 200 receives data encrypted with its own public key, it can obtain the decrypted data by decrypting the received data with its own private key.
  • the terminal device 200 when the terminal device 200 has insufficient data communication capacity under the contract, it wirelessly connects to another terminal device 200 that will be a relay station and executes data communication using the data communication capacity of the terminal device 200 that will be a relay station. At this time, the terminal device 200 acquires a primary key based on the public key of the terminal device 200 that is a candidate for the relay station from the key management device 100, generates a key pair by generating a secondary key corresponding to the primary key, and registers the generated key pair in the key management device 100. Then, the terminal device 200 transmits the primary key for data encryption to the communication server 300 that will be the communication partner, and when the other terminal device 200 is used as a relay station, the communication server 300 encrypts the data with the primary key.
  • the terminal device 200 when data is relayed by the other terminal device 200, the terminal device 200 encrypts the data using the primary key of the key pair, which is more robust, rather than the public key of the terminal device itself.
  • the configuration and operation of the terminal device 200 will be described in detail later.
  • the communication server 300 can communicate with the terminal devices 200 via the RAN, and transmits and receives data between the terminal devices 200.
  • the communication server 300 receives a primary key from a terminal device 200, it encrypts the data to be sent to the terminal device 200 using the primary key before transmitting it.
  • FIG. 2 is a block diagram showing the configuration of a key management device 100 according to one embodiment.
  • the key management device 100 shown in FIG. 2 has a communication interface unit (hereinafter abbreviated as "communication I/F unit") 110, a location information collection unit 120, a location information storage unit 130, a public key acquisition unit 140, a primary key generation unit 150, a key pair registration unit 160, and a key pair storage unit 170.
  • communication I/F unit hereinafter abbreviated as "communication I/F unit”
  • the communication I/F unit 110 communicates with the terminal device 200 via the RAN. Specifically, the communication I/F unit 110 receives location information and a public key from the terminal device 200, and transmits a primary key generated based on the public key to the terminal device 200.
  • the location information collection unit 120 periodically collects location information of the terminal devices 200. In other words, the location information collection unit 120 acquires location information that is periodically reported by each of the multiple terminal devices 200 and received by the communication I/F unit 110.
  • the location information storage unit 130 stores the location information collected by the location information collection unit 120.
  • the location information storage unit 130 stores the location information in association with the identification information of each terminal device 200.
  • the public key acquisition unit 140 When the public key acquisition unit 140 receives a relay request from a terminal device 200 requesting that communication by another terminal device 200 be relayed, the public key acquisition unit 140 identifies a terminal device 200 located near the terminal device 200 that sent the relay request, based on the location information stored in the location information storage unit 130. The public key acquisition unit 140 then instructs the identified nearby terminal device 200 to send a public key, and acquires the public key received by the communication I/F unit 110 in response to the instruction. In other words, the public key acquisition unit 140 acquires the public key of a terminal device 200 located near the terminal device 200 that sent the relay request. The terminal device 200 from which the public key is acquired becomes a candidate for a relay station that relays communication by the terminal device 200 that sent the relay request.
  • the primary key generation unit 150 generates a primary key based on the public key acquired by the public key acquisition unit 140. Specifically, when public keys are acquired from multiple terminal devices 200 that are candidates for relay stations, the primary key generation unit 150 may generate a primary key by adding these public keys. The primary key generation unit 150 may also process each public key using location information of the terminal device that holds the public key, and add the processed public keys to generate a primary key. Furthermore, when there is one terminal device 200 that is a candidate for a relay station, the primary key generation unit 150 may generate a primary key by adding the public key of the candidate terminal device 200 and a predetermined dummy public key.
  • the primary key generation unit 150 transmits the generated primary key from the communication I/F unit 110 to the terminal device 200 that has sent the relay request. At this time, the primary key generation unit 150 transmits identification information of the terminal device 200 that is a candidate for the relay station together with the primary key. This allows the terminal device 200 that has sent the relay request to identify the terminal device 200 that is a candidate for the relay station.
  • the key pair registration unit 160 obtains the secondary key sent from the terminal device 200, which is the destination of the primary key, and received by the communication I/F unit 110, and creates a key pair by combining the primary key and the secondary key. The key pair registration unit 160 then registers the created key pair in the key pair storage unit 170.
  • the key pair storage unit 170 stores the key pair created by the key pair registration unit 160. Specifically, the key pair storage unit 170 stores the primary key and secondary key used when the terminal device 200 executes communication via the relay station terminal device 200, in association with the identification information of the terminal device 200 that has sent the relay request. By storing the key pair in the key pair storage unit 170, it becomes possible to provide the terminal device 200 with the primary key or secondary key before the update, for example, when updating the key pair.
  • FIG. 3 is a block diagram showing the configuration of a terminal device 200 according to one embodiment.
  • FIG. 3 shows the configuration of a terminal device 200 that is relayed by one of terminal devices 200a and 200b that are candidates for a relay station.
  • the terminal device 200 shown in FIG. 3 has a wireless communication unit 210, a location information reporting unit 220, a relay request unit 230, a secondary key generating unit 240, and a communication control unit 250.
  • the wireless communication unit 210 performs wireless communication with the base station device 10 or the terminal devices 200a, 200b that are to serve as relay stations. That is, when there is sufficient data communication capacity remaining under the contract of the terminal device 200, the wireless communication unit 210 performs wireless communication with the base station device 10 using the remaining data communication capacity. On the other hand, when there is insufficient data communication capacity under the contract of the terminal device 200, the wireless communication unit 210 wirelessly connects to one of the terminal devices 200a, 200b as a relay station, and performs wireless communication using the data communication capacity of the terminal device 200a, 200b that is to serve as a relay station.
  • the location information reporting unit 220 periodically acquires location information of the terminal device 200 and transmits it from the wireless communication unit 210 to the key management device 100.
  • the location information reported by the location information reporting unit 220 is usually transmitted from the wireless communication unit 210 to the base station device 10 and then transferred to the key management device 100 via the RAN.
  • the relay request unit 230 transmits a relay request from the wireless communication unit 210 to the key management device 100, requesting relay by another terminal device 200. Specifically, for example, when the remaining data communication capacity under the contract of the terminal device 200 falls below a predetermined threshold, the relay request unit 230 transmits a relay request to the key management device 100, requesting relay by a nearby terminal device 200.
  • the secondary key generation unit 240 When the wireless communication unit 210 receives the identification information and primary key of the terminal device 200 (terminal devices 200a and 200b in this case) that is a candidate for a relay station, the secondary key generation unit 240 generates a secondary key that forms a key pair with the primary key. That is, the secondary key generation unit 240 uses the received primary key and the private key of the terminal device 200 to generate a secondary key that can decrypt data encrypted by the primary key. The secondary key generation unit 240 then transmits the generated secondary key from the wireless communication unit 210 to the key management device 100 via the base station device 10. The secondary key generation unit 240 also notifies the communication control unit 250 of the identification information, primary key, and secondary key of the terminal devices 200a and 200b that are candidates for a relay station.
  • the communication control unit 250 controls the communication between the terminal device 200 and the communication server 300. Specifically, when the remaining data communication capacity of the terminal device 200 decreases due to communication with the communication server 300 via the base station device 10, the communication control unit 250 instructs the relay request unit 230 to request relay by another terminal device 200. Then, when the secondary key generation unit 240 notifies the communication control unit 250 of the identification information, primary key, and secondary key of the terminal devices 200a and 200b that are candidates for the relay station, the communication control unit 250 selects the terminal device that will be the relay station. That is, the communication control unit 250 selects one of the terminal devices 200a and 200b that are candidates for the relay station as the relay station.
  • the communication control unit 250 transmits the primary key to the communication server 300 via the terminal device that is the relay station and the base station device 10.
  • the communication server 300 uses the primary key to encrypt the data.
  • the communication control unit 250 decrypts the received data using the secondary key.
  • the data is encrypted with a primary key based on the public key of the terminal device 200 that is a candidate for the relay station.
  • the data is encrypted with an encryption key that is more robust than the public key of the terminal device 200, ensuring the security of the communication relayed by the terminal device.
  • terminal devices 200a and 200b are located near terminal device 200, and that terminal devices 200a and 200b are candidates for a relay station.
  • Terminal devices 200, 200a, 200b each periodically report their own location information to key management device 100 (step S101).
  • the location information is transmitted from each of terminal devices 200, 200a, 200b to key management device 100 via base station device 10.
  • key management device 100 By collecting the location information by key management device 100, it is possible to easily identify terminal devices 200a, 200b located near terminal device 200, for example, and select terminal devices 200a, 200b as candidates for relay stations for communications of terminal device 200.
  • the terminal device 200 transmits a relay request to the key management device 100 requesting relay by the other terminal device 200 in order to utilize the data communication capacity of the other terminal device 200 (step S102).
  • the key management device 100 selects a terminal device 200 located near the terminal device 200 as a candidate for the relay station based on the location information (step S103). In other words, the key management device 100 selects a terminal device 200 located within a predetermined range from the location of the terminal device 200 that sent the relay request as a candidate for the relay station.
  • the terminal devices 200a and 200b are selected as candidates for the relay station.
  • the key management device 100 instructs the terminal devices 200a and 200b, which are candidates for relay stations, to transmit their public keys, and receives the public keys of the terminal devices 200a and 200b (step S104). The key management device 100 then generates a primary key based on the received public keys (step S105).
  • the primary key generation unit 150 of the key management device 100 may generate a public key (A+B) by adding the public key (A) of the terminal device 200a and the public key (B) of the terminal device 200b, as shown in FIG. 5(a), for example, and use this public key (A+B) as the primary key. Also, the primary key generation unit 150 processes the public key (A) of the terminal device 200a and the public key (B) of the terminal device 200b using the location information (A) of the terminal device 200a and the location information (B) of the terminal device 200b, respectively, as shown in FIG. 5(b), for example. The primary key generation unit 150 may then generate a public key (A'+B') by adding the processed public keys (A') and (B'), and use this public key (A'+B') as the primary key.
  • the key management device 100 transmits the generated primary key to the terminal device 200 (step S106). At this time, the key management device 100 transmits the primary key together with the identification information of the terminal devices 200a and 200b that are candidates for the relay station.
  • the terminal device 200 When the primary key is received by the terminal device 200, the terminal device 200 generates a secondary key that forms a key pair with the primary key using its own device's private key and the primary key (step S107).
  • the secondary key generated here is used when decrypting data encrypted with the primary key.
  • the primary key and secondary key that form the key pair are generated using the public key of the terminal devices 200a and 200b that are candidates for the relay station and the private key of the terminal device 200. Therefore, the primary key and secondary key used to encrypt and decrypt data are changed according to the situation, and encryption and decryption with higher robustness is possible compared to the case where the public key and private key of the terminal device 200 that are always fixed are used.
  • the terminal device 200 transmits the generated secondary key to the key management device 100 via the base station device 10 (step S108).
  • the key management device 100 receives the secondary key and creates a key pair from the primary key transmitted to the terminal device 200 and the received secondary key, and registers the key pair in the key pair storage unit 170 (step S109). That is, the key management device 100 registers the key pair of the primary key and secondary key to be used when the terminal device 200 communicates via a terminal device that serves as a relay station, in association with the identification information of the terminal device 200.
  • the terminal device 200 selects one of the terminal devices 200a and 200b, which are candidates for the relay station, as the relay station, and starts communication with the communication server 300, the communication partner, via the terminal device that will be the relay station. For example, if the terminal device 200a is selected as the relay station, the terminal device 200 transmits the primary key to the communication server 300 via the terminal device 200a (step S110). The primary key is transmitted to the communication server 300 by using the data communication capacity of the terminal device 200a, which is the relay station.
  • the communication server 300 When the communication server 300 receives the primary key, it encrypts the data addressed to the terminal device 200 using the primary key. The communication server 300 then transmits the encrypted data to the terminal device 200 via the terminal device 200a (step S111). This data is transmitted to the terminal device 200 using the data communication capacity of the terminal device 200a, which is the relay station.
  • the key management device acquires a public key from the terminal device that is a candidate for relay station, generates a primary key based on the public key, and transmits it to the terminal device.
  • the terminal device also generates a secondary key that forms a key pair with the received primary key and transmits it to the key management device.
  • the terminal device communicates with the communication server via the terminal device of the relay station, it encrypts data using the primary key and decrypts the data using the secondary key. Therefore, when the terminal device and the communication server communicate via the terminal device of the relay station, data is encrypted using a highly robust encryption key, and the security of the communication relayed by the terminal device can be ensured.
  • the key management device 100 acquires public keys from the terminal devices 200a and 200b that are candidates for the relay station and generates a primary key, but the present disclosure is not limited to this.
  • the key management device 100 may collect public keys of all the terminal devices 200 in advance, select the terminal devices 200a and 200b that are candidates for the relay station based on the location information, and then transmit the public keys of the terminal devices 200a and 200b from the collected public keys to the terminal device 200.
  • the key management device 100 may instruct these terminal devices 200a, 200b to transmit public keys to the terminal device 200 that is the sender of the relay request. Then, when the public key transmitted in response to the instruction is received by the terminal device 200, the terminal device 200 may generate a primary key and a secondary key using the public keys of the terminal devices 200a, 200b.
  • the key management device 100 can be configured using a processor and a memory.
  • FIG. 6 is a block diagram showing an example of a hardware configuration of the key management device 100 according to the embodiment. As shown in FIG. 6, the key management device 100 has a processor 101, a memory 102, an input/output unit 103, and a communication unit 104.
  • the processor 101 has, for example, a CPU (Central Processing Unit), an FPGA (Field Programmable Gate Array) or a DSP (Digital Signal Processor), and controls the entire key management device 100 and performs various types of information processing.
  • a CPU Central Processing Unit
  • FPGA Field Programmable Gate Array
  • DSP Digital Signal Processor
  • Memory 102 includes, for example, a RAM (Random Access Memory) or a ROM (Read Only Memory), and stores information used in the information processing performed by processor 101.
  • RAM Random Access Memory
  • ROM Read Only Memory
  • the input/output unit 103 is an interface through which the user inputs information and through which information is output to the user.
  • the input/output unit 103 may include, for example, a keyboard, a display, a touch panel, a microphone, or a speaker.
  • the communication unit 104 communicates with the base station device 10.
  • the communication unit 104 may also communicate with other devices located in the core network or an external network.
  • the key management device 100 may also have other components not shown, such as storage and operation switches.
  • the terminal device 200 can be configured using a processor and a memory.
  • FIG. 7 is a block diagram showing an example of the hardware configuration of the terminal device 200 according to the embodiment. As shown in FIG. 7, the terminal device 200 has a processor 201, a memory 202, an input/output unit 203, and a wireless communication unit 204. Both the terminal devices 200a and 200b may have the same hardware configuration as the terminal device 200 shown in FIG. 7.
  • the processor 201 has, for example, a CPU, FPGA, or DSP, and controls the entire terminal device 200 and executes various types of information processing.
  • the memory 202 includes, for example, a RAM or a ROM, and stores information used in the information processing performed by the processor 201.
  • the input/output unit 203 is an interface through which the user inputs information and through which information is output to the user.
  • the input/output unit 203 may include, for example, a keyboard, a display, a touch panel, a microphone, or a speaker.
  • the wireless communication unit 204 wirelessly communicates with other terminal devices 200 or base station device 10 via an antenna.
  • the terminal device 200 may also have other components not shown, such as storage and operation switches.
  • the processes performed by the key management device 100 and the terminal device 200 described in the above embodiment can also be written as programs executable by a computer.
  • the programs can be stored on a computer-readable, non-transitory recording medium and installed on the computer.
  • Examples of such recording media include portable recording media such as CD-ROMs, DVD disks, and USB memory, as well as semiconductor memories such as flash memories.
  • a memory one or more processors coupled to the memory; The one or more processors: acquiring, from a first terminal device, a relay request for requesting relay by another terminal device; Identifying terminal devices that are candidate relay stations located in the vicinity of the first terminal device; generating a primary key for encryption based on a public key of the terminal device of the relay station candidate; Transmitting the primary key to the first terminal device; obtaining a secondary key for decryption corresponding to the primary key from the first terminal device; a key management device that executes a process of storing the primary key and the secondary key in association with each other in the memory;
  • the process of generating the primary key includes: The key management device according to claim 1, wherein the primary key is generated by adding together public keys of a plurality of terminal devices that are candidate relay stations.
  • the process of generating the primary key includes: The key management device according to claim 1, wherein the primary key is generated by adding a public key of the terminal device that is a relay station candidate and a predetermined dummy public key.
  • the process of generating the primary key includes: The key management device according to claim 1, further comprising: a relay station candidate terminal device that generates the primary key by processing a public key of the terminal device using location information of the terminal device.
  • the one or more processors further performing a process of periodically collecting location information of the first terminal device and other terminal devices; The process of specifying The key management device according to any one of [1] to [4], further comprising: a terminal device that is a candidate for a relay station, the terminal device being selected based on collected location information.
  • the process of obtaining the secondary key includes: The key management device according to any one of [1] to [5], further comprising: a secondary key generated based on the primary key and a private key of the first terminal device.
  • a wireless communication unit that wirelessly communicates with a base station device or another terminal device; one or more processors coupled to the wireless communication unit; The one or more processors: When requesting relay by another terminal device, acquiring identification information of the terminal device of the relay station candidate and a primary key generated based on a public key of the terminal device of the relay station candidate and used for encrypting the data to be relayed; generating a secondary key based on the primary key for use in decrypting data to be relayed; A terminal device that executes a process of transmitting the primary key to a communication partner device via any one of the terminal devices that are relay station candidates.
  • REFERENCE SIGNS LIST 100 Key management device 101, 201 Processor 102, 202 Memory 103, 203 Input/output unit 104 Communication unit 110 Communication I/F unit 120 Location information collection unit 130 Location information storage unit 140 Public key acquisition unit 150 Primary key generation unit 160 Key pair registration unit 170 Key pair storage unit 200, 200a, 200b Terminal device 204, 210 Wireless communication unit 220 Location information report unit 230 Relay request unit 240 Secondary key generation unit 250 Communication control unit

Abstract

The present invention provides a key management device including a memory and one or more processors connected to the memory. The one or more processors execute processing of obtaining, from a first terminal device, a relay request which requests relay by another terminal device, identifying a terminal device which is positioned in a vicinity of the first terminal device and is a candidate of a relay station, generating a primary key for encryption on the basis of a public key of the terminal device which is the candidate of the relay station, transmitting the primary key to the first terminal device, acquiring, from the first terminal device, a secondary key for decryption corresponding to the primary key, and storing the primary key and the secondary key in association with each other in the memory.

Description

端末装置によって中継される通信のセキュリティSecurity of communications relayed by terminal equipment
 本開示は、端末装置によって中継される通信のセキュリティに関する。 This disclosure relates to the security of communications relayed by terminal devices.
 一般に、モバイルネットワークにおいて、例えばユーザが所有する携帯電話やスマートフォンなどの端末装置は、通信事業者との契約に応じたデータ量の通信をすることが可能である。各ユーザには、高速データ通信が可能な例えば月ごとのデータ通信容量が契約により割り当てられており、ユーザが所有する端末装置は、このデータ通信容量の範囲内で高速データ通信を行う(例えば特許文献1)。 Generally, in a mobile network, a terminal device owned by a user, such as a mobile phone or smartphone, can communicate data volumes according to the contract with the telecommunications carrier. Each user is assigned a data communication capacity per month, for example, that allows high-speed data communication, and the terminal device owned by the user performs high-speed data communication within the range of this data communication capacity (for example, Patent Document 1).
 ユーザによる通信利用状況は様々であるため、契約によるデータ通信容量と、実際に通信に使用されるデータ量とは必ずしも一致しない。例えば一部のユーザの端末装置は、契約によるデータ通信容量を超えたデータ量の通信をすることがあり、他の一部のユーザの端末装置は、契約によるデータ通信容量に満たないデータ量の通信しかしないことがある。 Because communication usage patterns vary from user to user, the data communication capacity specified in the contract does not necessarily match the amount of data actually used for communication. For example, some users' terminal devices may communicate data volumes that exceed the data communication capacity specified in the contract, while other users' terminal devices may only communicate data volumes that do not meet the data communication capacity specified in the contract.
特開2020-174235号公報JP 2020-174235 A
 しかしながら、上述したモバイルネットワークにおいては、ユーザの契約によるデータ通信容量が効率的かつ十分に利用されないという問題がある。すなわち、すべての端末装置が契約条件に見合った通信をするわけではないため、利用可能なデータ通信容量が消費されずに余ることがある。このため、データ通信容量がすべて消費されることを前提として確保される通信設備及び無線リソースに無駄が生じてしまう。また、利用可能なデータ通信容量をすべて消費し、データ通信容量が不足する端末装置もあるため、データ通信容量の利用状況に偏りが発生する。 However, the above-mentioned mobile network has a problem in that the data communication capacity under the user's contract is not used efficiently and sufficiently. In other words, since not all terminal devices communicate in accordance with the terms of their contract, available data communication capacity may remain unused. This results in waste of communication facilities and wireless resources that are reserved on the assumption that all data communication capacity will be consumed. In addition, some terminal devices consume all of their available data communication capacity and end up with a data communication capacity shortage, resulting in uneven usage of data communication capacity.
 本開示は、上記に鑑みてなされたものであり、データ通信容量を効率的に利用し、利用状況の平準化を図ることができる端末装置によって中継される通信のセキュリティを提供することを目的とする。 The present disclosure has been made in consideration of the above, and aims to provide security for communications relayed by terminal devices that can efficiently utilize data communication capacity and level out usage conditions.
 本開示の一態様によれば、鍵管理装置は、メモリと、前記メモリに接続される1又は複数のプロセッサとを有する。前記1又は複数のプロセッサは、第1の端末装置から、他の端末装置による中継を要求する中継要求を取得する処理を実行する。また、前記1又は複数のプロセッサは、前記第1の端末装置の周辺に位置する中継局候補の端末装置を特定する処理を実行する。また、前記1又は複数のプロセッサは、前記中継局候補の端末装置の公開鍵に基づいて、暗号化用の一次鍵を生成する処理を実行する。また、前記1又は複数のプロセッサは、前記一次鍵を前記第1の端末装置へ送信する処理を実行する。また、前記1又は複数のプロセッサは、前記第1の端末装置から、前記一次鍵に対応する復号化用の二次鍵を取得する処理を実行する。また、前記1又は複数のプロセッサは、前記一次鍵と前記二次鍵を対応付けて前記メモリに記憶する処理を実行する。 According to one aspect of the present disclosure, a key management device has a memory and one or more processors connected to the memory. The one or more processors execute a process of acquiring a relay request from a first terminal device, which requests relaying by another terminal device. The one or more processors also execute a process of identifying a terminal device that is a candidate for a relay station and is located in the vicinity of the first terminal device. The one or more processors also execute a process of generating a primary key for encryption based on a public key of the terminal device that is a candidate for a relay station. The one or more processors also execute a process of transmitting the primary key to the first terminal device. The one or more processors also execute a process of acquiring a secondary key for decryption corresponding to the primary key from the first terminal device. The one or more processors also execute a process of storing the primary key and the secondary key in association with each other in the memory.
 また、本開示の一態様によれば、鍵管理方法は、第1の端末装置から、他の端末装置による中継を要求する中継要求を取得することを有する。また、鍵管理方法は、前記第1の端末装置の周辺に位置する中継局候補の端末装置を特定することを有する。また、鍵管理方法は、前記中継局候補の端末装置の公開鍵に基づいて、暗号化用の一次鍵を生成することを有する。また、鍵管理方法は、前記一次鍵を前記第1の端末装置へ送信することを有する。また、鍵管理方法は、前記第1の端末装置から、前記一次鍵に対応する復号化用の二次鍵を取得することを有する。また、鍵管理方法は、前記一次鍵と前記二次鍵を対応付けてメモリに記憶することを有する。 According to one aspect of the present disclosure, the key management method includes obtaining, from a first terminal device, a relay request requesting relay by another terminal device. The key management method also includes identifying a terminal device that is a candidate relay station and is located in the vicinity of the first terminal device. The key management method also includes generating a primary key for encryption based on a public key of the terminal device that is a candidate relay station. The key management method also includes transmitting the primary key to the first terminal device. The key management method also includes obtaining, from the first terminal device, a secondary key for decryption that corresponds to the primary key. The key management method also includes storing the primary key and the secondary key in a memory in association with each other.
図1は、一実施の形態に係る無線通信システムの構成の一例を示す図である。FIG. 1 is a diagram illustrating an example of a configuration of a wireless communication system according to an embodiment. 図2は、一実施の形態に係る鍵管理装置の構成を示すブロック図である。FIG. 2 is a block diagram showing a configuration of a key management device according to an embodiment. 図3は、一実施の形態に係る端末装置の構成を示すブロック図である。FIG. 3 is a block diagram showing a configuration of a terminal device according to an embodiment. 図4は、一実施の形態に係る通信方法を示すシーケンス図である。FIG. 4 is a sequence diagram showing a communication method according to an embodiment. 図5は、一次鍵生成の具体例を示す図である。FIG. 5 is a diagram showing a specific example of primary key generation. 図6は、鍵管理装置のハードウェア構成の一例を示すブロック図である。FIG. 6 is a block diagram illustrating an example of a hardware configuration of a key management device. 図7は、端末装置のハードウェア構成の一例を示すブロック図である。FIG. 7 is a block diagram illustrating an example of a hardware configuration of a terminal device.
 以下、添付図面を参照して、本開示に係る実施の形態について説明する。以下に説明する実施の形態は例示であり、この記載によって限定解釈されるものではない。 Below, an embodiment of the present disclosure will be described with reference to the attached drawings. The embodiment described below is an example, and should not be construed as being limited by this description.
 通常、UE(User Equipment)とも呼ばれる端末装置は、通信事業者との契約に応じたデータ通信容量の範囲内でデータ通信を行う。しかし、端末装置によるデータ通信量は常に一定ではないため、契約によるデータ通信容量では不足がある場合や、契約によるデータ通信容量に余剰がある場合が発生する。そこで、契約によるデータ通信容量では不足がある端末装置は、他の端末装置の契約によるデータ通信容量の余剰分を利用して通信を実行することが考えられる。すなわち、データ通信容量が不足する端末装置は、例えばデータ通信容量に余剰がある端末装置を中継局とし、中継局となる端末装置のデータ通信容量を利用して通信を実行する。 Typically, a terminal device, also known as UE (User Equipment), communicates data within the range of data communication capacity according to its contract with a telecommunications carrier. However, the amount of data communication by a terminal device is not always constant, so there may be cases where the data communication capacity according to the contract is insufficient or where there is surplus data communication capacity according to the contract. Therefore, a terminal device that does not have enough data communication capacity according to the contract may communicate by using the surplus data communication capacity according to the contract of another terminal device. In other words, a terminal device that has insufficient data communication capacity uses, for example, a terminal device with surplus data communication capacity as a relay station, and communicates by using the data communication capacity of the terminal device that is the relay station.
 このような場合、送信元の端末装置から送信されるデータは、中継局となる端末装置を経由して伝送されるため、中継局となる端末装置によるデータの不正な閲覧や盗難などの恐れがある。換言すれば、他の端末装置によって中継される通信のセキュリティが確保されないという問題がある。そこで、本開示においては、端末装置によって中継される通信のセキュリティを確保することができる通信システム及び通信方法について説明する。 In such cases, data sent from the source terminal device is transmitted via a terminal device that acts as a relay station, and so there is a risk of unauthorized viewing or theft of the data by the terminal device that acts as a relay station. In other words, there is a problem in that the security of communications relayed by other terminal devices cannot be ensured. Therefore, in this disclosure, a communication system and a communication method that can ensure the security of communications relayed by terminal devices are described.
 図1は、一実施の形態に係る無線通信システムの構成の一例を示す図である。図1に示す無線通信システムは、基地局装置10、鍵管理装置100、端末装置200及び通信サーバ300を有する。 FIG. 1 is a diagram showing an example of the configuration of a wireless communication system according to one embodiment. The wireless communication system shown in FIG. 1 includes a base station device 10, a key management device 100, a terminal device 200, and a communication server 300.
 基地局装置10は、RAN(Radio Access Network)に配置される無線基地局であり、自装置が形成するセル内の端末装置200との間で無線通信を実行する。基地局装置10は、アンテナを有するRU(Radio Unit)と、RUを制御するDU(Distributed Unit)及びCU(Centralized Unit)とを有していても良い。なお、DUは、仮想化基盤に構築された仮想DU(vDU)であっても良く、CUは、仮想化基盤に構築された仮想CU(vCU)であっても良い。 The base station device 10 is a wireless base station located in a RAN (Radio Access Network) and performs wireless communication with terminal devices 200 within the cell formed by the base station device 10. The base station device 10 may have an RU (Radio Unit) having an antenna, and a DU (Distributed Unit) and CU (Centralized Unit) that control the RU. The DU may be a virtual DU (vDU) constructed on a virtualization platform, and the CU may be a virtual CU (vCU) constructed on a virtualization platform.
 鍵管理装置100は、RANを介して端末装置200と通信可能であり、各端末装置200の位置情報を収集し、端末装置200が他の端末装置200を経由するデータ通信を実行する場合に、位置情報に基づいて中継局となる端末装置200を選択する。また、鍵管理装置100は、端末装置200が他の端末装置200を経由するデータ通信を実行する場合に、端末装置200がデータ通信に利用する暗号鍵の鍵ペアを登録する。鍵管理装置100の構成及び動作については、後に詳述する。 The key management device 100 can communicate with the terminal devices 200 via the RAN, collects location information for each terminal device 200, and selects a terminal device 200 to serve as a relay station based on the location information when the terminal device 200 performs data communication via another terminal device 200. In addition, when the terminal device 200 performs data communication via another terminal device 200, the key management device 100 registers a key pair of encryption keys used by the terminal device 200 for data communication. The configuration and operation of the key management device 100 will be described in detail later.
 端末装置200は、ユーザが所有する端末装置であり、基地局装置10との間で無線通信を実行する。ユーザは、通信事業者と契約することにより、端末装置200を用いたデータ通信が可能な容量であるデータ通信容量の割り当てを受け、端末装置200は、このデータ通信容量の範囲内で高速データ通信を実行する。各端末装置200は、データ通信の際にデータを暗号化及び復号化するために、それぞれ固有の公開鍵及び秘密鍵の鍵ペアを保有している。端末装置200は、自装置の公開鍵によって暗号化されたデータを受信すると、自装置の秘密鍵によって受信データを復号化することにより、復号化されたデータを得ることができる。 The terminal device 200 is a terminal device owned by a user, and performs wireless communication with the base station device 10. By entering into a contract with a communications carrier, the user is allocated a data communication capacity that is the capacity for data communication using the terminal device 200, and the terminal device 200 performs high-speed data communication within the range of this data communication capacity. Each terminal device 200 has its own unique key pair of public key and private key to encrypt and decrypt data during data communication. When the terminal device 200 receives data encrypted with its own public key, it can obtain the decrypted data by decrypting the received data with its own private key.
 また、端末装置200は、契約によるデータ通信容量に不足がある場合には、中継局となる他の端末装置200に無線接続し、中継局となる端末装置200のデータ通信容量を利用してデータ通信を実行する。このとき、端末装置200は、中継局の候補となる端末装置200の公開鍵に基づく一次鍵を鍵管理装置100から取得し、一次鍵に対応する二次鍵を生成することにより鍵ペアを生成し、生成した鍵ペアを鍵管理装置100に登録する。そして、端末装置200は、データ暗号化用の一次鍵を通信相手となる通信サーバ300へ送信し、他の端末装置200を中継局として用いる場合には、通信サーバ300に一次鍵によってデータを暗号化させる。すなわち、端末装置200は、他の端末装置200によってデータが中継される場合には、自装置の公開鍵ではなく、より堅牢性が高い鍵ペアの一次鍵を用いてデータが暗号化されるようにする。端末装置200の構成及び動作については、後に詳述する。 In addition, when the terminal device 200 has insufficient data communication capacity under the contract, it wirelessly connects to another terminal device 200 that will be a relay station and executes data communication using the data communication capacity of the terminal device 200 that will be a relay station. At this time, the terminal device 200 acquires a primary key based on the public key of the terminal device 200 that is a candidate for the relay station from the key management device 100, generates a key pair by generating a secondary key corresponding to the primary key, and registers the generated key pair in the key management device 100. Then, the terminal device 200 transmits the primary key for data encryption to the communication server 300 that will be the communication partner, and when the other terminal device 200 is used as a relay station, the communication server 300 encrypts the data with the primary key. In other words, when data is relayed by the other terminal device 200, the terminal device 200 encrypts the data using the primary key of the key pair, which is more robust, rather than the public key of the terminal device itself. The configuration and operation of the terminal device 200 will be described in detail later.
 通信サーバ300は、RANを介して端末装置200と通信可能であり、各端末装置200との間でデータを送受信する。通信サーバ300は、端末装置200から一次鍵を受信した場合、この端末装置200に対して送信するデータを一次鍵によって暗号化した上で送信する。 The communication server 300 can communicate with the terminal devices 200 via the RAN, and transmits and receives data between the terminal devices 200. When the communication server 300 receives a primary key from a terminal device 200, it encrypts the data to be sent to the terminal device 200 using the primary key before transmitting it.
 図2は、一実施の形態に係る鍵管理装置100の構成を示すブロック図である。図2に示す鍵管理装置100は、通信インタフェース部(以下「通信I/F部」と略記する)110、位置情報収集部120、位置情報記憶部130、公開鍵取得部140、一次鍵生成部150、鍵ペア登録部160及び鍵ペア記憶部170を有する。 FIG. 2 is a block diagram showing the configuration of a key management device 100 according to one embodiment. The key management device 100 shown in FIG. 2 has a communication interface unit (hereinafter abbreviated as "communication I/F unit") 110, a location information collection unit 120, a location information storage unit 130, a public key acquisition unit 140, a primary key generation unit 150, a key pair registration unit 160, and a key pair storage unit 170.
 通信I/F部110は、RANを介して端末装置200と通信する。具体的には、通信I/F部110は、端末装置200から位置情報及び公開鍵を受信したり、公開鍵に基づいて生成される一次鍵を端末装置200へ送信したりする。 The communication I/F unit 110 communicates with the terminal device 200 via the RAN. Specifically, the communication I/F unit 110 receives location information and a public key from the terminal device 200, and transmits a primary key generated based on the public key to the terminal device 200.
 位置情報収集部120は、定期的に端末装置200の位置情報を収集する。すなわち、位置情報収集部120は、複数の端末装置200がそれぞれ定期的に報告し、通信I/F部110によって受信される位置情報を取得する。 The location information collection unit 120 periodically collects location information of the terminal devices 200. In other words, the location information collection unit 120 acquires location information that is periodically reported by each of the multiple terminal devices 200 and received by the communication I/F unit 110.
 位置情報記憶部130は、位置情報収集部120によって収集される位置情報を記憶する。位置情報記憶部130は、端末装置200それぞれの識別情報に対応づけて位置情報を記憶する。 The location information storage unit 130 stores the location information collected by the location information collection unit 120. The location information storage unit 130 stores the location information in association with the identification information of each terminal device 200.
 公開鍵取得部140は、他の端末装置200による通信の中継を要求する中継要求が端末装置200から受信されると、位置情報記憶部130に記憶された位置情報に基づいて、中継要求の送信元の端末装置200の付近に位置する端末装置200を特定する。そして、公開鍵取得部140は、特定された付近の端末装置200に対して、公開鍵を送信するように指示し、指示に応じて通信I/F部110に受信される公開鍵を取得する。すなわち、公開鍵取得部140は、中継要求の送信元の端末装置200の付近に位置する端末装置200の公開鍵を取得する。公開鍵が取得される端末装置200は、中継要求の送信元の端末装置200による通信を中継する中継局の候補となる。 When the public key acquisition unit 140 receives a relay request from a terminal device 200 requesting that communication by another terminal device 200 be relayed, the public key acquisition unit 140 identifies a terminal device 200 located near the terminal device 200 that sent the relay request, based on the location information stored in the location information storage unit 130. The public key acquisition unit 140 then instructs the identified nearby terminal device 200 to send a public key, and acquires the public key received by the communication I/F unit 110 in response to the instruction. In other words, the public key acquisition unit 140 acquires the public key of a terminal device 200 located near the terminal device 200 that sent the relay request. The terminal device 200 from which the public key is acquired becomes a candidate for a relay station that relays communication by the terminal device 200 that sent the relay request.
 一次鍵生成部150は、公開鍵取得部140によって取得される公開鍵に基づいて一次鍵を生成する。具体的には、一次鍵生成部150は、中継局の候補となる複数の端末装置200から公開鍵が取得された場合には、これらの公開鍵を加算して一次鍵を生成しても良い。また、一次鍵生成部150は、それぞれの公開鍵を、公開鍵を保有する端末装置の位置情報を用いて加工し、加工された公開鍵を加算して一次鍵を生成しても良い。さらに、一次鍵生成部150は、中継局の候補となる端末装置200が1つの場合には、候補となる端末装置200の公開鍵と所定のダミーの公開鍵とを加算して一次鍵を生成しても良い。 The primary key generation unit 150 generates a primary key based on the public key acquired by the public key acquisition unit 140. Specifically, when public keys are acquired from multiple terminal devices 200 that are candidates for relay stations, the primary key generation unit 150 may generate a primary key by adding these public keys. The primary key generation unit 150 may also process each public key using location information of the terminal device that holds the public key, and add the processed public keys to generate a primary key. Furthermore, when there is one terminal device 200 that is a candidate for a relay station, the primary key generation unit 150 may generate a primary key by adding the public key of the candidate terminal device 200 and a predetermined dummy public key.
 一次鍵生成部150は、生成した一次鍵を通信I/F部110から中継要求の送信元の端末装置200へ送信する。このとき、一次鍵生成部150は、中継局の候補となる端末装置200の識別情報を一次鍵とともに送信する。これにより、中継要求の送信元の端末装置200は、中継局の候補となる端末装置200を特定することができる。 The primary key generation unit 150 transmits the generated primary key from the communication I/F unit 110 to the terminal device 200 that has sent the relay request. At this time, the primary key generation unit 150 transmits identification information of the terminal device 200 that is a candidate for the relay station together with the primary key. This allows the terminal device 200 that has sent the relay request to identify the terminal device 200 that is a candidate for the relay station.
 鍵ペア登録部160は、一次鍵の送信先である端末装置200から送信されて通信I/F部110によって受信される二次鍵を取得し、一次鍵と二次鍵を組み合わせることにより鍵ペアを作成する。そして、鍵ペア登録部160は、作成した鍵ペアを鍵ペア記憶部170に登録する。 The key pair registration unit 160 obtains the secondary key sent from the terminal device 200, which is the destination of the primary key, and received by the communication I/F unit 110, and creates a key pair by combining the primary key and the secondary key. The key pair registration unit 160 then registers the created key pair in the key pair storage unit 170.
 鍵ペア記憶部170は、鍵ペア登録部160によって作成される鍵ペアを記憶する。具体的には、鍵ペア記憶部170は、中継要求の送信元の端末装置200の識別情報に対応付けて、この端末装置200が中継局の端末装置200を経由する通信を実行する場合に使用される一次鍵と二次鍵を記憶する。鍵ペア記憶部170が鍵ペアを記憶することにより、例えば鍵ペアの更新時などに、更新前の一次鍵又は二次鍵を端末装置200へ提供することが可能となる。 The key pair storage unit 170 stores the key pair created by the key pair registration unit 160. Specifically, the key pair storage unit 170 stores the primary key and secondary key used when the terminal device 200 executes communication via the relay station terminal device 200, in association with the identification information of the terminal device 200 that has sent the relay request. By storing the key pair in the key pair storage unit 170, it becomes possible to provide the terminal device 200 with the primary key or secondary key before the update, for example, when updating the key pair.
 図3は、一実施の形態に係る端末装置200の構成を示すブロック図である。図3においては、中継局の候補となる端末装置200a、200bのいずれかによって中継される端末装置200の構成を示している。図3に示す端末装置200は、無線通信部210、位置情報報告部220、中継要求部230、二次鍵生成部240及び通信制御部250を有する。 FIG. 3 is a block diagram showing the configuration of a terminal device 200 according to one embodiment. FIG. 3 shows the configuration of a terminal device 200 that is relayed by one of terminal devices 200a and 200b that are candidates for a relay station. The terminal device 200 shown in FIG. 3 has a wireless communication unit 210, a location information reporting unit 220, a relay request unit 230, a secondary key generating unit 240, and a communication control unit 250.
 無線通信部210は、基地局装置10又は中継局となる端末装置200a、200bとの間で無線通信を実行する。すなわち、無線通信部210は、端末装置200の契約によるデータ通信容量が十分に残っている場合には、データ通信容量の残容量を使用して基地局装置10との間で無線通信を実行する。一方、無線通信部210は、端末装置200の契約によるデータ通信容量が不足する場合には、端末装置200a、200bのいずれかを中継局として無線接続し、中継局となる端末装置200a、200bのデータ通信容量を使用して無線通信を実行する。 The wireless communication unit 210 performs wireless communication with the base station device 10 or the terminal devices 200a, 200b that are to serve as relay stations. That is, when there is sufficient data communication capacity remaining under the contract of the terminal device 200, the wireless communication unit 210 performs wireless communication with the base station device 10 using the remaining data communication capacity. On the other hand, when there is insufficient data communication capacity under the contract of the terminal device 200, the wireless communication unit 210 wirelessly connects to one of the terminal devices 200a, 200b as a relay station, and performs wireless communication using the data communication capacity of the terminal device 200a, 200b that is to serve as a relay station.
 位置情報報告部220は、定期的に端末装置200の位置情報を取得し、無線通信部210から鍵管理装置100へ送信する。位置情報報告部220によって報告される位置情報は、通常は無線通信部210から基地局装置10へ送信され、RANを介して鍵管理装置100へ伝送される。 The location information reporting unit 220 periodically acquires location information of the terminal device 200 and transmits it from the wireless communication unit 210 to the key management device 100. The location information reported by the location information reporting unit 220 is usually transmitted from the wireless communication unit 210 to the base station device 10 and then transferred to the key management device 100 via the RAN.
 中継要求部230は、通信制御部250からの指示に従い、他の端末装置200による中継を要求する中継要求を無線通信部210から鍵管理装置100へ送信する。具体的には、中継要求部230は、例えば端末装置200の契約によるデータ通信容量の残量が所定の閾値以下になった場合に、付近の端末装置200による中継を要求する中継要求を鍵管理装置100へ送信する。 The relay request unit 230, following instructions from the communication control unit 250, transmits a relay request from the wireless communication unit 210 to the key management device 100, requesting relay by another terminal device 200. Specifically, for example, when the remaining data communication capacity under the contract of the terminal device 200 falls below a predetermined threshold, the relay request unit 230 transmits a relay request to the key management device 100, requesting relay by a nearby terminal device 200.
 二次鍵生成部240は、中継局の候補となる端末装置200(ここでは端末装置200a、200b)の識別情報と一次鍵が無線通信部210によって受信されると、一次鍵と鍵ペアになる二次鍵を生成する。すなわち、二次鍵生成部240は、受信される一次鍵と端末装置200の秘密鍵とを用いて、一次鍵によって暗号化されたデータを復号化することができる二次鍵を生成する。そして、二次鍵生成部240は、生成した二次鍵を無線通信部210から基地局装置10を介して鍵管理装置100へ送信する。また、二次鍵生成部240は、中継局の候補となる端末装置200a、200bの識別情報、一次鍵及び二次鍵を通信制御部250へ通知する。 When the wireless communication unit 210 receives the identification information and primary key of the terminal device 200 ( terminal devices 200a and 200b in this case) that is a candidate for a relay station, the secondary key generation unit 240 generates a secondary key that forms a key pair with the primary key. That is, the secondary key generation unit 240 uses the received primary key and the private key of the terminal device 200 to generate a secondary key that can decrypt data encrypted by the primary key. The secondary key generation unit 240 then transmits the generated secondary key from the wireless communication unit 210 to the key management device 100 via the base station device 10. The secondary key generation unit 240 also notifies the communication control unit 250 of the identification information, primary key, and secondary key of the terminal devices 200a and 200b that are candidates for a relay station.
 通信制御部250は、端末装置200と通信サーバ300の間の通信を制御する。具体的には、通信制御部250は、基地局装置10を介した通信サーバ300との間の通信によって端末装置200のデータ通信容量の残量が低下すると、他の端末装置200による中継を要求するように中継要求部230へ指示する。そして、通信制御部250は、中継局の候補となる端末装置200a、200bの識別情報、一次鍵及び二次鍵が二次鍵生成部240から通知されると、中継局となる端末装置を選択する。すなわち、通信制御部250は、中継局の候補となる端末装置200a、200bのいずれかを中継局として選択する。そして、通信制御部250は、中継局となる端末装置及び基地局装置10を介して通信サーバ300へ一次鍵を送信する。これにより、通信サーバ300は、端末装置200宛てのデータが中継局となる端末装置によって中継される場合には、一次鍵を用いてデータを暗号化するようになる。 The communication control unit 250 controls the communication between the terminal device 200 and the communication server 300. Specifically, when the remaining data communication capacity of the terminal device 200 decreases due to communication with the communication server 300 via the base station device 10, the communication control unit 250 instructs the relay request unit 230 to request relay by another terminal device 200. Then, when the secondary key generation unit 240 notifies the communication control unit 250 of the identification information, primary key, and secondary key of the terminal devices 200a and 200b that are candidates for the relay station, the communication control unit 250 selects the terminal device that will be the relay station. That is, the communication control unit 250 selects one of the terminal devices 200a and 200b that are candidates for the relay station as the relay station. Then, the communication control unit 250 transmits the primary key to the communication server 300 via the terminal device that is the relay station and the base station device 10. As a result, when data addressed to the terminal device 200 is relayed by the terminal device that is the relay station, the communication server 300 uses the primary key to encrypt the data.
 通信制御部250は、一次鍵によって暗号化されたデータが通信サーバ300から受信されると、二次鍵を用いて受信データを復号化する。このように、端末装置200と通信サーバ300の間の通信が中継局となる端末装置によって中継される場合には、中継局の候補となる端末装置200の公開鍵に基づく一次鍵によってデータが暗号化される。このため、端末装置200の公開鍵よりも堅牢性が高い暗号鍵によってデータが暗号化され、端末装置によって中継される通信のセキュリティを確保することができる。 When data encrypted with the primary key is received from the communication server 300, the communication control unit 250 decrypts the received data using the secondary key. In this way, when communication between the terminal device 200 and the communication server 300 is relayed by a terminal device that serves as a relay station, the data is encrypted with a primary key based on the public key of the terminal device 200 that is a candidate for the relay station. As a result, the data is encrypted with an encryption key that is more robust than the public key of the terminal device 200, ensuring the security of the communication relayed by the terminal device.
 次いで、上記のように構成された無線通信システムにおける通信方法について、図4に示すシーケンス図を参照しながら説明する。以下の説明においては、端末装置200の付近に端末装置200a、200bが位置し、端末装置200a、200bが中継局の候補であるものとする。 Next, a communication method in the wireless communication system configured as described above will be described with reference to the sequence diagram shown in FIG. 4. In the following description, it is assumed that terminal devices 200a and 200b are located near terminal device 200, and that terminal devices 200a and 200b are candidates for a relay station.
 端末装置200、200a、200bは、それぞれ定期的に自装置の位置情報を鍵管理装置100へ報告する(ステップS101)。位置情報は、それぞれの端末装置200、200a、200bから基地局装置10を介して鍵管理装置100へ伝送される。位置情報が鍵管理装置100によって収集されることにより、例えば端末装置200の付近に位置する端末装置200a、200bを容易に特定し、端末装置200の通信の中継局の候補として端末装置200a、200bを選択することができる。 Terminal devices 200, 200a, 200b each periodically report their own location information to key management device 100 (step S101). The location information is transmitted from each of terminal devices 200, 200a, 200b to key management device 100 via base station device 10. By collecting the location information by key management device 100, it is possible to easily identify terminal devices 200a, 200b located near terminal device 200, for example, and select terminal devices 200a, 200b as candidates for relay stations for communications of terminal device 200.
 端末装置200は、契約によるデータ通信容量の残容量が低下すると、他の端末装置200のデータ通信容量を利用するために、他の端末装置200による中継を要求する中継要求を鍵管理装置100へ送信する(ステップS102)。中継要求が鍵管理装置100によって受信されると、鍵管理装置100は、位置情報に基づいて、端末装置200の付近に位置する中継局の候補となる端末装置200を選択する(ステップS103)。すなわち、鍵管理装置100は、中継要求の送信元の端末装置200の位置から所定の範囲内に位置する端末装置200を中継局の候補として選択する。ここでは、端末装置200a、200bが中継局の候補として選択されるものとして説明を続ける。 When the remaining data communication capacity under the contract decreases, the terminal device 200 transmits a relay request to the key management device 100 requesting relay by the other terminal device 200 in order to utilize the data communication capacity of the other terminal device 200 (step S102). When the relay request is received by the key management device 100, the key management device 100 selects a terminal device 200 located near the terminal device 200 as a candidate for the relay station based on the location information (step S103). In other words, the key management device 100 selects a terminal device 200 located within a predetermined range from the location of the terminal device 200 that sent the relay request as a candidate for the relay station. Here, the explanation will continue assuming that the terminal devices 200a and 200b are selected as candidates for the relay station.
 鍵管理装置100は、中継局の候補となる端末装置200a、200bに対して公開鍵の送信を指示し、端末装置200a、200bそれぞれの公開鍵を受信する(ステップS104)。そして、鍵管理装置100は、受信した公開鍵に基づいて一次鍵を生成する(ステップS105)。 The key management device 100 instructs the terminal devices 200a and 200b, which are candidates for relay stations, to transmit their public keys, and receives the public keys of the terminal devices 200a and 200b (step S104). The key management device 100 then generates a primary key based on the received public keys (step S105).
 具体的には、鍵管理装置100の一次鍵生成部150は、例えば図5(a)に示すように、端末装置200aの公開鍵(A)及び端末装置200bの公開鍵(B)を加算することにより、公開鍵(A+B)を生成し、この公開鍵(A+B)を一次鍵としても良い。また、一次鍵生成部150は、例えば図5(b)に示すように、端末装置200aの公開鍵(A)と端末装置200bの公開鍵(B)とをそれぞれ端末装置200aの位置情報(A)と端末装置200bの位置情報(B)とを用いて加工する。そして、一次鍵生成部150は、加工後の公開鍵(A’)及び公開鍵(B’)を加算することにより、公開鍵(A’+B’)を生成し、この公開鍵(A’+B’)を一次鍵としても良い。 Specifically, the primary key generation unit 150 of the key management device 100 may generate a public key (A+B) by adding the public key (A) of the terminal device 200a and the public key (B) of the terminal device 200b, as shown in FIG. 5(a), for example, and use this public key (A+B) as the primary key. Also, the primary key generation unit 150 processes the public key (A) of the terminal device 200a and the public key (B) of the terminal device 200b using the location information (A) of the terminal device 200a and the location information (B) of the terminal device 200b, respectively, as shown in FIG. 5(b), for example. The primary key generation unit 150 may then generate a public key (A'+B') by adding the processed public keys (A') and (B'), and use this public key (A'+B') as the primary key.
 鍵管理装置100は、生成した一次鍵を端末装置200へ送信する(ステップS106)。このとき、鍵管理装置100は、中継局の候補となる端末装置200a、200bの識別情報とともに一次鍵を送信する。一次鍵が端末装置200によって受信されると、端末装置200は、自装置の秘密鍵と一次鍵を用いて、一次鍵と鍵ペアになる二次鍵を生成する(ステップS107)。ここで生成される二次鍵は、一次鍵によって暗号化されたデータを復号化する際に用いられる。鍵ペアとなる一次鍵及び二次鍵は、中継局の候補となる端末装置200a、200bの公開鍵と端末装置200の秘密鍵とを用いて生成される。このため、データの暗号化及び復号化に用いられる一次鍵及び二次鍵が状況に応じて変更され、常に固定された端末装置200の公開鍵及び秘密鍵を用いる場合と比べて、より堅牢性が高い暗号化及び復号化をすることが可能となる。 The key management device 100 transmits the generated primary key to the terminal device 200 (step S106). At this time, the key management device 100 transmits the primary key together with the identification information of the terminal devices 200a and 200b that are candidates for the relay station. When the primary key is received by the terminal device 200, the terminal device 200 generates a secondary key that forms a key pair with the primary key using its own device's private key and the primary key (step S107). The secondary key generated here is used when decrypting data encrypted with the primary key. The primary key and secondary key that form the key pair are generated using the public key of the terminal devices 200a and 200b that are candidates for the relay station and the private key of the terminal device 200. Therefore, the primary key and secondary key used to encrypt and decrypt data are changed according to the situation, and encryption and decryption with higher robustness is possible compared to the case where the public key and private key of the terminal device 200 that are always fixed are used.
 端末装置200は、生成した二次鍵を基地局装置10を介して鍵管理装置100へ送信する(ステップS108)。二次鍵を受信する鍵管理装置100は、端末装置200に対して送信した一次鍵と受信した二次鍵とから鍵ペアを作成し、鍵ペア記憶部170に鍵ペアを登録する(ステップS109)。すなわち、鍵管理装置100は、端末装置200の識別情報に対応付けて、端末装置200が中継局となる端末装置を経由する通信を行う場合に使用される一次鍵及び二次鍵の鍵ペアを登録する。 The terminal device 200 transmits the generated secondary key to the key management device 100 via the base station device 10 (step S108). The key management device 100 receives the secondary key and creates a key pair from the primary key transmitted to the terminal device 200 and the received secondary key, and registers the key pair in the key pair storage unit 170 (step S109). That is, the key management device 100 registers the key pair of the primary key and secondary key to be used when the terminal device 200 communicates via a terminal device that serves as a relay station, in association with the identification information of the terminal device 200.
 以後、端末装置200は、中継局の候補となる端末装置200a、200bのいずれかを中継局として選択し、通信相手の通信サーバ300との間で中継局となる端末装置を経由する通信を開始する。例えば端末装置200aが中継局に選択された場合、端末装置200は、端末装置200a経由で一次鍵を通信サーバ300へ送信する(ステップS110)。一次鍵は、中継局である端末装置200aのデータ通信容量を利用して通信サーバ300へ伝送される。 Then, the terminal device 200 selects one of the terminal devices 200a and 200b, which are candidates for the relay station, as the relay station, and starts communication with the communication server 300, the communication partner, via the terminal device that will be the relay station. For example, if the terminal device 200a is selected as the relay station, the terminal device 200 transmits the primary key to the communication server 300 via the terminal device 200a (step S110). The primary key is transmitted to the communication server 300 by using the data communication capacity of the terminal device 200a, which is the relay station.
 通信サーバ300は、一次鍵を受信すると、端末装置200宛てのデータを一次鍵によって暗号化する。そして、通信サーバ300は、暗号化したデータを端末装置200a経由で端末装置200へ送信する(ステップS111)。このデータは、中継局である端末装置200aのデータ通信容量を利用して端末装置200へ伝送される。 When the communication server 300 receives the primary key, it encrypts the data addressed to the terminal device 200 using the primary key. The communication server 300 then transmits the encrypted data to the terminal device 200 via the terminal device 200a (step S111). This data is transmitted to the terminal device 200 using the data communication capacity of the terminal device 200a, which is the relay station.
 以上のように、本実施の形態によれば、端末装置が他の端末装置による中継を要求する場合に、鍵管理装置は、中継局候補の端末装置から公開鍵を取得し、公開鍵に基づく一次鍵を生成し、端末装置へ送信する。また、端末装置は、受信した一次鍵と鍵ペアになる二次鍵を生成し、鍵管理装置へ送信する。そして、端末装置は、中継局の端末装置経由で通信サーバとの通信を実行する場合に、一次鍵を用いてデータを暗号化させ、二次鍵を用いてデータを復号化する。このため、端末装置と通信サーバが中継局の端末装置経由で通信する場合に、堅牢性が高い暗号鍵によってデータが暗号化され、端末装置によって中継される通信のセキュリティを確保することができる。 As described above, according to this embodiment, when a terminal device requests relaying by another terminal device, the key management device acquires a public key from the terminal device that is a candidate for relay station, generates a primary key based on the public key, and transmits it to the terminal device. The terminal device also generates a secondary key that forms a key pair with the received primary key and transmits it to the key management device. Then, when the terminal device communicates with the communication server via the terminal device of the relay station, it encrypts data using the primary key and decrypts the data using the secondary key. Therefore, when the terminal device and the communication server communicate via the terminal device of the relay station, data is encrypted using a highly robust encryption key, and the security of the communication relayed by the terminal device can be ensured.
 なお、上記一実施の形態においては、鍵管理装置100が中継局の候補となる端末装置200a、200bから公開鍵を取得し、一次鍵を生成するものとしたが、本開示はこれに限定されない。例えば、鍵管理装置100は、あらかじめすべての端末装置200の公開鍵を収集しておき、位置情報に基づいて中継局の候補となる端末装置200a、200bを選択すると、収集した公開鍵の中から端末装置200a、200bの公開鍵を端末装置200へ送信しても良い。 In the above embodiment, the key management device 100 acquires public keys from the terminal devices 200a and 200b that are candidates for the relay station and generates a primary key, but the present disclosure is not limited to this. For example, the key management device 100 may collect public keys of all the terminal devices 200 in advance, select the terminal devices 200a and 200b that are candidates for the relay station based on the location information, and then transmit the public keys of the terminal devices 200a and 200b from the collected public keys to the terminal device 200.
 また、鍵管理装置100は、位置情報に基づいて中継局の候補となる端末装置200a、200bを選択すると、これらの端末装置200a、200bに対して公開鍵を中継要求の送信元である端末装置200へ送信するように指示しても良い。そして、指示を受けて送信される公開鍵が端末装置200によって受信されると、端末装置200が端末装置200a、200bの公開鍵を用いて一次鍵及び二次鍵を生成するようにしても良い。 In addition, when the key management device 100 selects the terminal devices 200a, 200b that are candidates for relay stations based on the location information, it may instruct these terminal devices 200a, 200b to transmit public keys to the terminal device 200 that is the sender of the relay request. Then, when the public key transmitted in response to the instruction is received by the terminal device 200, the terminal device 200 may generate a primary key and a secondary key using the public keys of the terminal devices 200a, 200b.
 上記一実施の形態に係る鍵管理装置100は、プロセッサ及びメモリを用いて構成することができる。図6は、一実施の形態に係る鍵管理装置100のハードウェア構成の一例を示すブロック図である。図6に示すように、鍵管理装置100は、プロセッサ101、メモリ102、入出力部103及び通信部104を有する。 The key management device 100 according to the embodiment can be configured using a processor and a memory. FIG. 6 is a block diagram showing an example of a hardware configuration of the key management device 100 according to the embodiment. As shown in FIG. 6, the key management device 100 has a processor 101, a memory 102, an input/output unit 103, and a communication unit 104.
 プロセッサ101は、例えばCPU(Central Processing Unit)、FPGA(Field Programmable Gate Array)又はDSP(Digital Signal Processor)などを有し、鍵管理装置100の全体を統括制御するとともに、各種の情報処理を実行する。 The processor 101 has, for example, a CPU (Central Processing Unit), an FPGA (Field Programmable Gate Array) or a DSP (Digital Signal Processor), and controls the entire key management device 100 and performs various types of information processing.
 メモリ102は、例えばRAM(Random Access Memory)又はROM(Read Only Memory)などを有し、プロセッサ101が実行する情報処理に用いられる情報を記憶する。 Memory 102 includes, for example, a RAM (Random Access Memory) or a ROM (Read Only Memory), and stores information used in the information processing performed by processor 101.
 入出力部103は、ユーザが情報を入力したり、ユーザへ情報を出力したりするインタフェースである。入出力部103は、例えばキーボード、ディスプレイ、タッチパネル、マイク又はスピーカーなどを備えていても良い。 The input/output unit 103 is an interface through which the user inputs information and through which information is output to the user. The input/output unit 103 may include, for example, a keyboard, a display, a touch panel, a microphone, or a speaker.
 通信部104は、基地局装置10と通信する。通信部104は、コアネットワーク又は外部ネットワークに配置される他の装置と通信をしても良い。 The communication unit 104 communicates with the base station device 10. The communication unit 104 may also communicate with other devices located in the core network or an external network.
 なお、鍵管理装置100は、例えばストレージや操作スイッチなど、図示しない他の構成を有していても良い。 The key management device 100 may also have other components not shown, such as storage and operation switches.
 上記一実施の形態に係る端末装置200は、プロセッサ及びメモリを用いて構成することができる。図7は、一実施の形態に係る端末装置200のハードウェア構成の一例を示すブロック図である。図7に示すように、端末装置200は、プロセッサ201、メモリ202、入出力部203及び無線通信部204を有する。端末装置200a、200bは、いずれも図7に示す端末装置200と同様のハードウェア構成を有していても良い。 The terminal device 200 according to the embodiment can be configured using a processor and a memory. FIG. 7 is a block diagram showing an example of the hardware configuration of the terminal device 200 according to the embodiment. As shown in FIG. 7, the terminal device 200 has a processor 201, a memory 202, an input/output unit 203, and a wireless communication unit 204. Both the terminal devices 200a and 200b may have the same hardware configuration as the terminal device 200 shown in FIG. 7.
 プロセッサ201は、例えばCPU、FPGA又はDSPなどを有し、端末装置200の全体を統括制御するとともに、各種の情報処理を実行する。 The processor 201 has, for example, a CPU, FPGA, or DSP, and controls the entire terminal device 200 and executes various types of information processing.
 メモリ202は、例えばRAM又はROMなどを有し、プロセッサ201が実行する情報処理に用いられる情報を記憶する。 The memory 202 includes, for example, a RAM or a ROM, and stores information used in the information processing performed by the processor 201.
 入出力部203は、ユーザが情報を入力したり、ユーザへ情報を出力したりするインタフェースである。入出力部203は、例えばキーボード、ディスプレイ、タッチパネル、マイク又はスピーカーなどを備えていても良い。 The input/output unit 203 is an interface through which the user inputs information and through which information is output to the user. The input/output unit 203 may include, for example, a keyboard, a display, a touch panel, a microphone, or a speaker.
 無線通信部204は、アンテナを介して、他の端末装置200又は基地局装置10と無線通信する。 The wireless communication unit 204 wirelessly communicates with other terminal devices 200 or base station device 10 via an antenna.
 なお、端末装置200は、例えばストレージや操作スイッチなど、図示しない他の構成を有していても良い。 The terminal device 200 may also have other components not shown, such as storage and operation switches.
 上記一実施の形態において説明した鍵管理装置100及び端末装置200による処理を、それぞれコンピュータが実行可能なプログラムとして記述することも可能である。この場合、このプログラムをコンピュータが読み取り可能かつ非一時的(non-transitory)な記録媒体に格納し、コンピュータに導入することも可能である。このような記録媒体としては、例えばCD-ROM、DVDディスク、USBメモリなどの可搬型記録媒体、及び例えばフラッシュメモリなどの半導体メモリが挙げられる。 The processes performed by the key management device 100 and the terminal device 200 described in the above embodiment can also be written as programs executable by a computer. In this case, the programs can be stored on a computer-readable, non-transitory recording medium and installed on the computer. Examples of such recording media include portable recording media such as CD-ROMs, DVD disks, and USB memory, as well as semiconductor memories such as flash memories.
 なお、本開示は、上記の一実施の形態に限定されるものではなく、上述した構成に対して、構成要素の付加、削除又は転換を行った様々な変形例も含むものとする。 Note that this disclosure is not limited to the above embodiment, but also includes various modifications in which components are added, deleted, or converted from the above configuration.
 以上説明した本開示には、下記[1]から[8]が含まれる。 The present disclosure described above includes the following [1] to [8].
[1] メモリと、
 前記メモリに接続される1又は複数のプロセッサとを有し、
 前記1又は複数のプロセッサは、
 第1の端末装置から、他の端末装置による中継を要求する中継要求を取得し、
 前記第1の端末装置の周辺に位置する中継局候補の端末装置を特定し、
 前記中継局候補の端末装置の公開鍵に基づいて、暗号化用の一次鍵を生成し、
 前記一次鍵を前記第1の端末装置へ送信し、
 前記第1の端末装置から、前記一次鍵に対応する復号化用の二次鍵を取得し、
 前記一次鍵と前記二次鍵を対応付けて前記メモリに記憶する
 処理を実行する鍵管理装置。 [1] A memory;
one or more processors coupled to the memory;
The one or more processors:
acquiring, from a first terminal device, a relay request for requesting relay by another terminal device;
Identifying terminal devices that are candidate relay stations located in the vicinity of the first terminal device;
generating a primary key for encryption based on a public key of the terminal device of the relay station candidate;
Transmitting the primary key to the first terminal device;
obtaining a secondary key for decryption corresponding to the primary key from the first terminal device;
a key management device that executes a process of storing the primary key and the secondary key in association with each other in the memory;
[2] 前記一次鍵を生成する処理は、
 複数の前記中継局候補の端末装置の公開鍵を加算することにより前記一次鍵を生成する
 [1]に記載の鍵管理装置。 [2] The process of generating the primary key includes:
The key management device according to claim 1, wherein the primary key is generated by adding together public keys of a plurality of terminal devices that are candidate relay stations.
[3] 前記一次鍵を生成する処理は、
 前記中継局候補の端末装置の公開鍵と所定のダミーの公開鍵とを加算することにより前記一次鍵を生成する
 [1]に記載の鍵管理装置。 [3] The process of generating the primary key includes:
The key management device according to claim 1, wherein the primary key is generated by adding a public key of the terminal device that is a relay station candidate and a predetermined dummy public key.
[4] 前記一次鍵を生成する処理は、
 前記中継局候補の端末装置の公開鍵を当該端末装置の位置情報を用いて加工することにより前記一次鍵を生成する
 [1]に記載の鍵管理装置。 [4] The process of generating the primary key includes:
The key management device according to claim 1, further comprising: a relay station candidate terminal device that generates the primary key by processing a public key of the terminal device using location information of the terminal device.
[5] 前記1又は複数のプロセッサは、
 前記第1の端末装置及び他の端末装置の位置情報を定期的に収集する処理をさらに実行し、
 前記特定する処理は、
 収集した位置情報に基づいて、前記中継局候補の端末装置を選択する
 [1]から[4]のいずれか1つに記載の鍵管理装置。 [5] The one or more processors:
further performing a process of periodically collecting location information of the first terminal device and other terminal devices;
The process of specifying
The key management device according to any one of [1] to [4], further comprising: a terminal device that is a candidate for a relay station, the terminal device being selected based on collected location information.
[6] 前記二次鍵を取得する処理は、
 前記一次鍵と前記第1の端末装置の秘密鍵とに基づいて生成された二次鍵を取得する
 [1]から[5]のいずれか1つに記載の鍵管理装置。 [6] The process of obtaining the secondary key includes:
The key management device according to any one of [1] to [5], further comprising: a secondary key generated based on the primary key and a private key of the first terminal device.
[7] 基地局装置又は他の端末装置と無線通信する無線通信部と、
 前記無線通信部に接続される1又は複数のプロセッサとを有し、
 前記1又は複数のプロセッサは、
 他の端末装置による中継を要求する場合に、中継局候補の端末装置の識別情報と、前記中継局候補の端末装置の公開鍵に基づいて生成された一次鍵であって中継されるデータの暗号化に用いられる一次鍵とを取得し、
 前記一次鍵に基づいて、中継されるデータの復号化に用いられる二次鍵を生成し、
 前記中継局候補の端末装置のいずれかの端末装置を経由して通信相手装置に前記一次鍵を送信する
 処理を実行する端末装置。 [7] A wireless communication unit that wirelessly communicates with a base station device or another terminal device;
one or more processors coupled to the wireless communication unit;
The one or more processors:
When requesting relay by another terminal device, acquiring identification information of the terminal device of the relay station candidate and a primary key generated based on a public key of the terminal device of the relay station candidate and used for encrypting the data to be relayed;
generating a secondary key based on the primary key for use in decrypting data to be relayed;
A terminal device that executes a process of transmitting the primary key to a communication partner device via any one of the terminal devices that are relay station candidates.
[8] 第1の端末装置から、他の端末装置による中継を要求する中継要求を取得することと、
 前記第1の端末装置の周辺に位置する中継局候補の端末装置を特定することと、
 前記中継局候補の端末装置の公開鍵に基づいて、暗号化用の一次鍵を生成することと、
 前記一次鍵を前記第1の端末装置へ送信することと、
 前記第1の端末装置から、前記一次鍵に対応する復号化用の二次鍵を取得することと、
 前記一次鍵と前記二次鍵を対応付けてメモリに記憶することと
 を有する鍵管理方法。 [8] Obtaining a relay request from a first terminal device, the relay request requesting relay by another terminal device;
Identifying terminal devices that are candidate relay stations located in the vicinity of the first terminal device;
generating a primary key for encryption based on a public key of the terminal device of the relay station candidate;
transmitting the primary key to the first terminal device;
obtaining a secondary key for decryption corresponding to the primary key from the first terminal device;
and storing the primary key and the secondary key in a memory in association with each other.
 100 鍵管理装置
 101、201 プロセッサ
 102、202 メモリ
 103、203 入出力部
 104 通信部
 110 通信I/F部
 120 位置情報収集部
 130 位置情報記憶部
 140 公開鍵取得部
 150 一次鍵生成部
 160 鍵ペア登録部
 170 鍵ペア記憶部
 200、200a、200b 端末装置
 204、210 無線通信部
 220 位置情報報告部
 230 中継要求部
 240 二次鍵生成部
 250 通信制御部

  REFERENCE SIGNS LIST 100 Key management device 101, 201 Processor 102, 202 Memory 103, 203 Input/output unit 104 Communication unit 110 Communication I/F unit 120 Location information collection unit 130 Location information storage unit 140 Public key acquisition unit 150 Primary key generation unit 160 Key pair registration unit 170 Key pair storage unit 200, 200a, 200b Terminal device 204, 210 Wireless communication unit 220 Location information report unit 230 Relay request unit 240 Secondary key generation unit 250 Communication control unit

Claims (8)

  1.  メモリと、
     前記メモリに接続される1又は複数のプロセッサとを有し、
     前記1又は複数のプロセッサは、
     第1の端末装置から、他の端末装置による中継を要求する中継要求を取得し、
     前記第1の端末装置の周辺に位置する中継局候補の端末装置を特定し、
     前記中継局候補の端末装置の公開鍵に基づいて、暗号化用の一次鍵を生成し、
     前記一次鍵を前記第1の端末装置へ送信し、
     前記第1の端末装置から、前記一次鍵に対応する復号化用の二次鍵を取得し、
     前記一次鍵と前記二次鍵を対応付けて前記メモリに記憶する
     処理を実行する鍵管理装置。     Memory,
    one or more processors coupled to the memory;
    The one or more processors:
    acquiring, from a first terminal device, a relay request for requesting relay by another terminal device;
    Identifying terminal devices that are candidate relay stations located in the vicinity of the first terminal device;
    generating a primary key for encryption based on a public key of the terminal device of the relay station candidate;
    Transmitting the primary key to the first terminal device;
    obtaining a secondary key for decryption corresponding to the primary key from the first terminal device;
    a key management device that executes a process of storing the primary key and the secondary key in association with each other in the memory;
  2.  前記一次鍵を生成する処理は、
     複数の前記中継局候補の端末装置の公開鍵を加算することにより前記一次鍵を生成する
     請求項1に記載の鍵管理装置。     The process of generating the primary key includes:
    The key management device according to claim 1 , wherein the primary key is generated by adding public keys of a plurality of terminal devices which are the relay station candidates.
  3.  前記一次鍵を生成する処理は、
     前記中継局候補の端末装置の公開鍵と所定のダミーの公開鍵とを加算することにより前記一次鍵を生成する
     請求項1に記載の鍵管理装置。     The process of generating the primary key includes:
    The key management device according to claim 1 , wherein the primary key is generated by adding a public key of the terminal device that is the relay station candidate and a predetermined dummy public key.
  4.  前記一次鍵を生成する処理は、
     前記中継局候補の端末装置の公開鍵を当該端末装置の位置情報を用いて加工することにより前記一次鍵を生成する
     請求項1に記載の鍵管理装置。     The process of generating the primary key includes:
    The key management device according to claim 1 , wherein the primary key is generated by processing a public key of the terminal device of the relay station candidate using location information of the terminal device.
  5.  前記1又は複数のプロセッサは、
     前記第1の端末装置及び他の端末装置の位置情報を定期的に収集する処理をさらに実行し、
     前記特定する処理は、
     収集した位置情報に基づいて、前記中継局候補の端末装置を選択する
     請求項1に記載の鍵管理装置。     The one or more processors:
    further performing a process of periodically collecting location information of the first terminal device and other terminal devices;
    The process of specifying
    The key management device according to claim 1 , further comprising: a terminal device that is a candidate for the relay station, the terminal device being selected based on collected location information.
  6.  前記二次鍵を取得する処理は、
     前記一次鍵と前記第1の端末装置の秘密鍵とに基づいて生成された二次鍵を取得する
     請求項1に記載の鍵管理装置。     The process of obtaining the secondary key includes:
    The key management device according to claim 1 , further comprising: a secondary key generated based on the primary key and a private key of the first terminal device.
  7.  基地局装置又は他の端末装置と無線通信する無線通信部と、
     前記無線通信部に接続される1又は複数のプロセッサとを有し、
     前記1又は複数のプロセッサは、
     他の端末装置による中継を要求する場合に、中継局候補の端末装置の識別情報と、前記中継局候補の端末装置の公開鍵に基づいて生成された一次鍵であって中継されるデータの暗号化に用いられる一次鍵とを取得し、
     前記一次鍵に基づいて、中継されるデータの復号化に用いられる二次鍵を生成し、
     前記中継局候補の端末装置のいずれかの端末装置を経由して通信相手装置に前記一次鍵を送信する
     処理を実行する端末装置。     A wireless communication unit that wirelessly communicates with a base station device or another terminal device;
    one or more processors coupled to the wireless communication unit;
    The one or more processors:
    When requesting relay by another terminal device, acquiring identification information of the terminal device of the relay station candidate and a primary key generated based on a public key of the terminal device of the relay station candidate and used for encrypting the data to be relayed;
    generating a secondary key based on the primary key for use in decrypting data to be relayed;
    A terminal device that executes a process of transmitting the primary key to a communication partner device via any one of the terminal devices that are relay station candidates.
  8.  第1の端末装置から、他の端末装置による中継を要求する中継要求を取得することと、
     前記第1の端末装置の周辺に位置する中継局候補の端末装置を特定することと、
     前記中継局候補の端末装置の公開鍵に基づいて、暗号化用の一次鍵を生成することと、
     前記一次鍵を前記第1の端末装置へ送信することと、
     前記第1の端末装置から、前記一次鍵に対応する復号化用の二次鍵を取得することと、
     前記一次鍵と前記二次鍵を対応付けてメモリに記憶することと
     を有する鍵管理方法。

          Obtaining a relay request from a first terminal device, the relay request being requested to be relayed by another terminal device;
    Identifying terminal devices that are candidate relay stations located in the vicinity of the first terminal device;
    generating a primary key for encryption based on a public key of the terminal device of the relay station candidate;
    transmitting the primary key to the first terminal device;
    obtaining a secondary key for decryption corresponding to the primary key from the first terminal device;
    and storing the primary key and the secondary key in a memory in association with each other.
PCT/JP2022/036515 2022-09-29 2022-09-29 Security of communications relayed by terminal device WO2024069879A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/036515 WO2024069879A1 (en) 2022-09-29 2022-09-29 Security of communications relayed by terminal device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/036515 WO2024069879A1 (en) 2022-09-29 2022-09-29 Security of communications relayed by terminal device

Publications (1)

Publication Number Publication Date
WO2024069879A1 true WO2024069879A1 (en) 2024-04-04

Family

ID=90476882

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/036515 WO2024069879A1 (en) 2022-09-29 2022-09-29 Security of communications relayed by terminal device

Country Status (1)

Country Link
WO (1) WO2024069879A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100260337A1 (en) * 2009-04-13 2010-10-14 The Hong Kong University Of Science And Technology Context-Free Protocol for Enforcing Data Forwarding in Wireless Ad Hoc Networks
JP2012516647A (en) * 2009-01-27 2012-07-19 ソニー株式会社 Multi-layer wireless home mesh network authentication

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012516647A (en) * 2009-01-27 2012-07-19 ソニー株式会社 Multi-layer wireless home mesh network authentication
US20100260337A1 (en) * 2009-04-13 2010-10-14 The Hong Kong University Of Science And Technology Context-Free Protocol for Enforcing Data Forwarding in Wireless Ad Hoc Networks

Similar Documents

Publication Publication Date Title
JP5241818B2 (en) Terminal
EP3293934A1 (en) Cloud storage method and system
CN101136742B (en) Packet key synchronization, updating, and calibration method
JP5043408B2 (en) Key management server, terminal, key sharing system, key distribution program, key reception program, key distribution method and key reception method
EP3771244B1 (en) Authentication method, related equipment, and system
KR20070116146A (en) System and method for personal identification number messaging
JP2007243807A (en) Radio communication apparatus, mac address management system, radio communication method and radio communication program
CN103733599A (en) Apparatus and method for supporting family cloud in cloud computing system
JP4962237B2 (en) Program and method for managing information on location of portable device and file encryption key
WO1996018269A2 (en) Automatic radio group rekeying method
CN1798021B (en) Communication supporting server, method and system
CN104365127A (en) Method for tracking a mobile device onto a remote displaying unit
JP5397547B2 (en) Key setting method, node, and network system
CN101651944B (en) Cluster system and encrypted communication method
WO2024069879A1 (en) Security of communications relayed by terminal device
KR101500118B1 (en) Data sharing method and data sharing system
JP5488716B2 (en) Key update method, node, gateway, server, and network system
JP2007049455A (en) Encryption key management sever and method therefor, and encryption key management program
CN113038444B (en) Method and device for generating application layer key
US10841792B2 (en) Network connection method, method for determining security node, and apparatus
CN108156112B (en) Data encryption method, electronic equipment and network side equipment
KR101757563B1 (en) Apparatus and method for managing secret key in IoT environment
CN100583743C (en) Distributing method for transmission key
US9980143B2 (en) Communication system, base station, and terminal
JP5494828B2 (en) Key setting method, node, server, and network system