WO2024201955A1 - 送信装置、受信装置、通信システム、送信方法、及びプログラム - Google Patents

送信装置、受信装置、通信システム、送信方法、及びプログラム Download PDF

Info

Publication number
WO2024201955A1
WO2024201955A1 PCT/JP2023/013396 JP2023013396W WO2024201955A1 WO 2024201955 A1 WO2024201955 A1 WO 2024201955A1 JP 2023013396 W JP2023013396 W JP 2023013396W WO 2024201955 A1 WO2024201955 A1 WO 2024201955A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
hash value
transmission
divided
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2023/013396
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
聡史 中邑
恆和 齋藤
盛 知加良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NTT Inc
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to PCT/JP2023/013396 priority Critical patent/WO2024201955A1/ja
Priority to JP2025509549A priority patent/JPWO2024201955A1/ja
Publication of WO2024201955A1 publication Critical patent/WO2024201955A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to a technology for dividing and transmitting data.
  • Public key cryptography has been used for some time. With public key cryptography, only small pieces of key data are shared between devices (i.e., the private key is shared in advance using public key cryptography), and the actual messages are sent and received using common key cryptography, and messages are divided as necessary.
  • Non-Patent Document 1 Various methods (encryption modes (Non-Patent Document 1)) are known as division techniques. However, these methods are for common key cryptography. In other words, these methods use a private key that is held in advance, and cannot be used for public key cryptography, which does not have a common key in advance.
  • Non-Patent Document 1 The conventional technology disclosed in Non-Patent Document 1 is for common key cryptography and cannot be applied to quantum-resistant cryptography. Furthermore, when the conventional technology is used to simply split the key and send it, there are problems with the efficiency, such as delays in detecting tampering and the inaccuracy of the order.
  • the present invention has been made in consideration of the above points, and aims to provide technology for realizing an efficient mechanism that can detect tampering, etc., when receiving data in a method in which data is divided and transmitted.
  • a generation unit generates, for each divided data, data including divided data generated by dividing transmission data, a hash value calculated from a random number, and a data number of the divided data; a transmission unit that transmits the data generated by the generation unit to a receiving unit.
  • the disclosed technology provides a technology for implementing an efficient mechanism that can detect tampering when receiving data in a method of dividing and transmitting data.
  • FIG. 1 illustrates an example of the configuration of a communication system.
  • FIG. 2 is a sequence diagram for explaining the operation of the communication system.
  • FIG. 1 is a diagram illustrating a configuration of a transmitting device 100.
  • FIG. 2 is a diagram illustrating a configuration of a receiving device 200.
  • FIG. 2 illustrates an example of a hardware configuration of the apparatus.
  • FIG. 1 An example of the configuration of a communication system according to the present embodiment is shown in Fig. 1.
  • the communication system includes a transmitting device 100 and a receiving device 200.
  • the transmitting device 100 and the receiving device 200 are capable of communicating with each other via a network.
  • both of the transmitting device 100 and the receiving device 200 are devices with limited functionality (resources), such as IoT devices. However, this is not intended to be limiting, and both the transmitting device 100 and the receiving device 200 may be any type of device.
  • the data D to be transmitted may be KEM encrypted data, signature data, or key data, but the technology according to this embodiment may be applied to any other type of data.
  • D 1 , D 2 , ..., D n are each divided data of D divided by the transmitting device 100.
  • n is the number of divisions. 1, 2, etc. are data numbers.
  • H is a hash function. This calculation associates the data number with the data number by hashing.
  • the transmitting device 100 transmits (divided data D 1 , hash value h n , data number 1, division number n) to the receiving device 200 as the leading data.
  • the transmitting device 100 transmits (D 2 , h n-1 , 2), (D 3 , h n-2 , 3), ..., (D n , h 1 , n) in this order as subsequent data to the receiving device 200. That is, the transmitting device 100 transmits (D 2 , h n-1 , 2), and then transmits (D 3 , h n-2 , 3), and so on.
  • the sequence check in S104 may be performed each time a piece of reception data (D k , h n ⁇ k+1 , k) is received, or may be performed collectively after a plurality of pieces of reception data are received.
  • the transmitting device 100 transmits the value of (r, H(D)) to the receiving device 200 as the final data.
  • S106 allows the consistency of the divided data to be confirmed.
  • h1 H(r) allows confirmation of the connection between h1 and the series of received data
  • H(( D1 , D2 , ..., Dn )) H(D) allows confirmation that the entire data D is consistent with the divided data D1 , D2 , ..., Dn . If any of the above confirmations fail, for example, the receiving device 200 discards the data.
  • the receiving device 200 may check the order of the data in the order of the data numbers, and discard any other data (data that is not in the order of the data numbers) and not check the order.
  • the transmitting device 100 may transmit data other than the "first data and last data" without worrying about the order.
  • the data before and after the data number are linked by hash, so it is easy to check the order, etc.
  • the transmitting device 100 can transmit data other than the "first data and last data" without paying attention to the above.
  • First data Data number 00 ( ⁇ bit) Fragment ID ( ⁇ bit) ⁇ Number of divisions n ( ⁇ bit) ⁇ Timeout time ( ⁇ bit) Divided data: D 1 (variable ⁇ byte to ⁇ byte) Hash value: h n (2) Subsequent data (2 to n-1th) ⁇ Data number: 01 to ⁇ ( ⁇ bit) Fragment ID ( ⁇ bit) Divided data: D i (2 ⁇ i ⁇ n ⁇ 1) Hash value: h i (2 ⁇ i ⁇ n ⁇ 1) (3) Last data ⁇ Data number: ⁇ ( ⁇ bit) Fragment ID ( ⁇ bit) Random number: r ⁇ Total hash value: H(D) (Explanation of detailed example of transmission data) A detailed example of the above "(1) first data, (2) subsequent data, (3) last data" will be described below.
  • the data number, fragment ID, number of divisions, timeout time, and hash value are set to a fixed length, and the number of bits to be reserved is determined in advance.
  • the size of the divided data is the number of bytes that can be sent at one time minus the number of bytes of the fixed length. However, the last succeeding data (n-1th) contains the remainder when divided by the number of divisions.
  • the data number is 00, which indicates the first data, and n-1, which indicates the last data.
  • the fragment ID is a factor that identifies whether a series of data is the same.
  • the transmitting device 100 can determine the number of divisions based on the size of the entire data D, the size of data that can be transmitted at one time, and the required fixed-length data size.
  • the timeout period indicates the timeout period between each data item if the method requires sequential transmission, and indicates the timeout period from when the first data item is sent to when the last data item is sent if the method does not require sequential transmission.
  • Example 1 The technology according to the present embodiment can be used for encrypted communication in smartphones that use the widely used NFC (Near Field Communication).
  • NFC Near Field Communication
  • DNSSEC Domain Name System Security Extensions
  • DNSSEC is a technology that extends the specifications to enable authentication of the data creator and confirmation of data integrity for DNS by using a public key cryptography method and a mechanism of electronic signatures.
  • the size of a conventional DNS packet is limited to 512 bytes, and when signature information for DNSSEC (and even a signature using quantum-resistant cryptography) is added to it, it becomes difficult to send the DNS packet in one go. Therefore, by using the technology according to this embodiment, data can be divided and sent to support DNSSEC.
  • (Device configuration example) 3 and 4 show examples of functional configurations of the transmitting device 100 and the receiving device 200, which perform the operations shown in FIG. 2, respectively.
  • the transmitting device 100 has a data storage unit 110, a generating unit 120, and a transmitting unit 130.
  • Data D is stored in the data storage unit 110. Note that data D may be input to the transmitting device 100 from outside.
  • the transmitting unit 130 transmits each piece of data generated by the generating unit 120 to the receiving device 200.
  • the receiving device 200 has a receiving unit 210, an order checking unit 220, and a consistency checking unit 230.
  • the receiving unit 210 receives the data transmitted from the transmitting device 100.
  • Any of the devices (transmitting device 100 and receiving device 200) described in this embodiment can be realized, for example, by causing a computer to execute a program.
  • This computer may be a physical computer or a virtual machine on a cloud.
  • FIG. 5 is a diagram showing an example of the hardware configuration of the computer.
  • the computer in FIG. 5 has a drive device 1000, an auxiliary storage device 1002, a memory device 1003, a CPU 1004, an interface device 1005, a display device 1006, an input device 1007, an output device 1008, etc., all of which are connected to each other via a bus B.
  • the computer may further include a GPU.
  • the program that realizes the processing on the computer is provided by a recording medium 1001, such as a CD-ROM or a memory card.
  • a recording medium 1001 storing the program is set in the drive device 1000, the program is installed from the recording medium 1001 via the drive device 1000 into the auxiliary storage device 1002.
  • the program does not necessarily have to be installed from the recording medium 1001, but may be downloaded from another computer via a network.
  • the auxiliary storage device 1002 stores the installed program as well as necessary files, data, etc.
  • the memory device 1003 When an instruction to start a program is received, the memory device 1003 reads out and stores the program from the auxiliary storage device 1002.
  • the CPU 1004 realizes the functions related to the device in accordance with the program stored in the memory device 1003.
  • the interface device 1005 is used as an interface for connecting to a network, etc.
  • the display device 1006 displays a GUI (Graphical User Interface) based on a program, etc.
  • the input device 1007 is composed of a keyboard and mouse, buttons, a touch panel, etc., and is used to input various operational instructions.
  • the output device 1008 outputs the results of calculations.
  • the tampering can be detected and the data can be discarded by calculating a hash chain, which is a relatively low-cost process, and it is expected that this will contribute to improving efficiency in cases where attacks such as tampering are expected.
  • Additional Notes a generation unit that generates, for each divided data, data including divided data generated by dividing transmission data, a hash value calculated from a random number, and a data number of the divided data; a transmission unit that transmits the data generated by the generation unit to a receiving unit.
  • the number of divisions of the transmission data is n and the data number of the data is k
  • the hash value hn-k+1 of the data is the hash value of the hash value hn-k
  • the hash value of the data with data number n is the hash value of the random number, 2.
  • the transmission device transmits, as final data, the random number and a hash value of the transmission data.
  • a receiving unit that receives data for each divided data, the data including divided data generated by dividing transmission data, a hash value calculated from a random number, and a data number of the divided data; a receiving device comprising: an order confirmation unit that confirms an order between first received data having a certain data number and second received data having a data number immediately preceding the first received data, using a hash value in the first received data and a hash value in the second received data.
  • the receiving device further includes a compatibility check unit, When the number of divisions of the transmission data is n and the data number of the data is k, the hash value hn-k+1 of the data is the hash value of the hash value hn-k, and the hash value of the data with data number n is the hash value of the random number, the receiving unit receives, as final data, the random number and a hash value of the transmission data; the sequence confirmation unit confirms the sequence between the received data of data number k and the received data of data number k-1 by using the hash value hn-k+1 and the hash value hn-k;
  • the receiving device described in Appendix 3 wherein the consistency verification unit verifies whether a hash value in the received data of data number n is equal to a hash value of the random number, and also verifies whether hash values for all received divided data are equal to a hash value of the transmitted data.
  • a communication system comprising the transmitting device according to claim 1 or 2 and the receiving device according to claim 3 or 4.
  • a transmission method executed by a transmission device comprising: a generating step of generating, for each divided data, data including divided data generated by dividing the transmission data, a hash value calculated from a random number, and a data number of the divided data; a transmitting step of transmitting the data generated by the generating step to a receiving device.
  • a non-transitory storage medium storing a program for causing a computer to function as each unit in the transmission device according to claim 1 or 2.
  • a non-transitory storage medium storing a program for causing a computer to function as each unit in the receiving device according to claim 3 or 4.
  • Transmission device 110 Data storage unit 120 Generation unit 130 Transmission unit 200 Reception device 210 Reception unit 220 Order checking unit 230 Consistency checking unit 1001 Recording medium 1002 Auxiliary storage device 1003 Memory device 1004 CPU 1005 Interface device 1006 Display device 1007 Input device 1008 Output device

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
PCT/JP2023/013396 2023-03-30 2023-03-30 送信装置、受信装置、通信システム、送信方法、及びプログラム Ceased WO2024201955A1 (ja)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2023/013396 WO2024201955A1 (ja) 2023-03-30 2023-03-30 送信装置、受信装置、通信システム、送信方法、及びプログラム
JP2025509549A JPWO2024201955A1 (https=) 2023-03-30 2023-03-30

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2023/013396 WO2024201955A1 (ja) 2023-03-30 2023-03-30 送信装置、受信装置、通信システム、送信方法、及びプログラム

Publications (1)

Publication Number Publication Date
WO2024201955A1 true WO2024201955A1 (ja) 2024-10-03

Family

ID=92904405

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2023/013396 Ceased WO2024201955A1 (ja) 2023-03-30 2023-03-30 送信装置、受信装置、通信システム、送信方法、及びプログラム

Country Status (2)

Country Link
JP (1) JPWO2024201955A1 (https=)
WO (1) WO2024201955A1 (https=)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120909552A (zh) * 2025-10-13 2025-11-07 合肥国家实验室 流式量子随机数生成方法、装置、设备、介质和程序产品

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010024379A1 (ja) * 2008-08-29 2010-03-04 日本電気株式会社 通信システム、送信側及び受信又は転送側の通信装置、データ通信方法、データ通信プログラム
JP2013513312A (ja) * 2009-12-04 2013-04-18 クリプトグラフィ リサーチ, インコーポレイテッド 検証可能な耐漏洩性暗号化および復号化
WO2016067565A1 (ja) * 2014-10-29 2016-05-06 日本電気株式会社 情報処理システム、情報処理装置、情報処理方法、及び、記録媒体

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010024379A1 (ja) * 2008-08-29 2010-03-04 日本電気株式会社 通信システム、送信側及び受信又は転送側の通信装置、データ通信方法、データ通信プログラム
JP2013513312A (ja) * 2009-12-04 2013-04-18 クリプトグラフィ リサーチ, インコーポレイテッド 検証可能な耐漏洩性暗号化および復号化
WO2016067565A1 (ja) * 2014-10-29 2016-05-06 日本電気株式会社 情報処理システム、情報処理装置、情報処理方法、及び、記録媒体

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120909552A (zh) * 2025-10-13 2025-11-07 合肥国家实验室 流式量子随机数生成方法、装置、设备、介质和程序产品

Also Published As

Publication number Publication date
JPWO2024201955A1 (https=) 2024-10-03

Similar Documents

Publication Publication Date Title
US9444619B2 (en) Generation of randomized messages for cryptographic hash functions
CN106416124B (zh) 半确定性数字签名生成
US9537657B1 (en) Multipart authenticated encryption
Sadeghi-Nasab et al. A comprehensive review of the security flaws of hashing algorithms
CN114154174A (zh) 后量子签名设施的状态同步
CN114175572B (zh) 利用拟群运算对加密数据实行相等和小于运算的系统和方法
KR20190039850A (ko) 비트-믹서들로부터 안전한 해시 함수를 구성하는 방법
US10601793B2 (en) Systems and methods for securing electronic data with embedded security engines
JP2019535036A (ja) 認証命令を含む暗号メッセージを実現するコンピュータ・プログラム製品、コンピュータ・システム、およびコンピュータ実装方法
CN111131278A (zh) 数据处理方法及装置、计算机存储介质、电子设备
US20110185170A1 (en) Communication with non-repudiation and blind signatures
WO2014136386A1 (ja) タグ生成装置、タグ生成方法およびタグ生成プログラム
CN111586072A (zh) 一种数据传输方法、装置、电子设备及存储介质
US10200356B2 (en) Information processing system, information processing apparatus, information processing method, and recording medium
CN106534077B (zh) 一种基于对称密码的可认证的代理重加密系统及方法
Chaudhary et al. Digital signature security enhancement: using X-OR operation on RSA and AES with 4096 bits key length
WO2018213875A1 (en) Asymmetric cryptography and authentication
Niederhagen et al. Streaming SPHINCS+ for embedded devices using the example of TPMs
WO2022068239A1 (zh) 数据处理方法、节点设备及存储介质
CN115883212B (zh) 信息处理方法、装置、电子设备和存储介质
WO2024201955A1 (ja) 送信装置、受信装置、通信システム、送信方法、及びプログラム
EP3396896A1 (en) Efficient calculation of message authentication codes for related data
CN115550060B (zh) 基于区块链的可信证书验证方法、装置、设备和介质
Khlebnikov Demystifying Cryptography with OpenSSL 3.0
JP4212339B2 (ja) メッセージダイジェスト生成回路およびパディング回路

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23930592

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2025509549

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2025509549

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 23930592

Country of ref document: EP

Kind code of ref document: A1