JP4173924B2 - Cryptographic communication device, key management device and method, network communication system and method - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an encryption communication device, a key management device and method, and a network communication system and method suitable for transmitting data in a state avoiding an information failure, and particularly suitable for managing a key for each group to which a user belongs. The present invention relates to a cryptographic communication device, a key management device and method, and a network communication system and method.
[0002]
[Prior art]
Information such as document data is transmitted by mail of a document printed on paper or by FAX using a public telephone network.
[0003]
In recent years, with the spread of personal computers, personal computers can be connected to a public telephone network, and document data itself can be sent and received by e-mail, the Internet, or the like.
[0004]
As a method for ensuring the safety (security) of information transmission, there is a method in which encryption software is installed in a personal computer for creating a document, and a document transmitted between sending and receiving users is encrypted and communicated.
[0005]
When user A and user B perform encrypted communication, a key for encrypting data and a key for decrypting are determined. User A encrypts the data with the encryption key and receives this User B decrypts the information with the decryption key. To improve security, each user has a key other than the key used for data encryption / decryption as a master key, and every time information is transmitted, the data encryption key and decryption key are decrypted. The user A sends the data encrypted with the session key to the user B and the session key encrypted with the master key of the user B so that the user B can decrypt it.
[0006]
When building a network between multiple users and performing two-way encrypted communication, a dedicated key management station is installed to manage the master key and session key used for encryption, and the master key owned by the user User management is performed by using the access management, and access management is performed so as to eliminate the network usage of the user who cannot be confirmed.
[0007]
[Problems to be solved by the invention]
However, in the conventional technology described above, encrypted communication is performed between users, that is, a master key and a session key are operated for each user. For this reason, encrypted communication is performed across groups, and a group composed of a plurality of users cannot be made into a single system related to encrypted communication.
[0008]
The present invention provides an encryption communication device, a key management device and a method, and network communication suitable for ensuring communication security in a state where a group composed of a plurality of users is set as a single system related to encrypted communication. It is to provide a system and method.
[0009]
[Means for Solving the Problems]
In order to achieve the above object, according to the first aspect of the present invention,
For two or more nodes each of which can be used by a plurality of users for communication, a decryption key for decrypting the ciphertext is given to each node in advance, and when transmitting data to each other, the node used by the destination user A key management method for performing encrypted communication using an encryption key corresponding to a given decryption key,
The encryption key used for the encryption is a correspondence between a node identifier indicating a node and a decryption key given to the node, created in advance for each node based on a user identifier indicating the destination user. Also, it is determined from the decryption key retrieved from the database in which the correspondence between the node identifier indicating the node and the user identifier indicating the user who can use the node is described, and the correspondence between the encryption key and the decryption key
A key management method is provided.
[0010]
According to a second aspect of the invention,
For two or more nodes each of which can be used by a plurality of users, a node used by a destination user when a decryption key for decrypting a ciphertext is given to each node in advance and data is transmitted between users. A key management method for performing encrypted communication using an encryption key corresponding to a decryption key given to
For each of the above nodes, the correspondence between the node identifier indicating the node and the decryption key given to the node, and the correspondence between the node identifier indicating the node and the user identifier indicating the user who can use the node are described. Create a database in advance,
Accepting a request for encrypted communication including a user identifier indicating the user of the destination from the user of the sender,
Retrieve the decryption key from the database using the user identifier,
An encryption key is determined from the retrieved decryption key and the correspondence between the encryption key and the decryption key,
Send the determined encryption key to a node that can be used by the sender user
A key management method is provided.
[0011]
According to a third aspect of the invention,
For two or more nodes each of which can be used by a plurality of users for communication, a decryption key for decrypting the ciphertext is given to each node in advance,
When transmitting data, the node used by the destination user encrypts the data to be transmitted with the first encryption key using the first encryption algorithm, generates encrypted data, and uses the first encryption key as the first encryption key. Generating an encrypted encryption key by encrypting using a second encryption algorithm with a second encryption key corresponding to a decryption key given to the node that can be used by the destination user, and the encrypted data and Send out the encryption key,
When receiving data, the node used by the destination user separates and extracts the encrypted encryption key and the encrypted data from the received data, and uses the decryption key given to the node based on the second encryption algorithm. Decrypting the encrypted encryption key to obtain an encryption key, using the obtained encryption key to decrypt the encrypted data based on the first encryption algorithm, obtaining the data, and receiving the obtained data Communicate to
The encryption key for encrypting the encryption key indicates the correspondence between the user and the decryption key created in advance by acquiring an identifier indicating the destination user from the user who intends to transmit data when transmitting the data. Determined from the decryption key retrieved from the database and the correspondence between the encryption key and the decryption key,
In the database, for each node, the correspondence between the identifier indicating the node and the decryption key given to the node, and the correspondence between the identifier indicating the node and the user who can use the node are registered in advance. thing
A key management method is provided.
[0012]
According to a fourth aspect of the invention,
Has encryption / decryption functions, each registered by multiple users Be done A network communication method for performing encrypted communication in a network configured by connecting two or more communication servers,
In transmitting data from the first user to the second user,
An encryption key corresponding to a decryption key given in advance to the second communication server to which the second user is registered is given to the first communication server to which the first user is registered, and the first The data to be transmitted from the user to the second user is transmitted in the state encrypted with the given encryption key in the first communication server,
Decrypting data arriving at the second communication server with a decryption key given in advance to the second communication server
A network communication method is provided.
[0013]
According to a fifth aspect of the present invention,
A network communication system configured by connecting two or more communication servers each registered with a plurality of users,
Each of the above communication servers
Connected to the key management server for managing the encryption key, decryption function for decrypting the ciphertext with the decryption key given in advance, and encryption of the ciphertext with the encryption key given from the key management server With an encryption function to
When sending data from the user registered in the communication server to the network, the identifier of the user who is the destination of the data is given to the key management server,
The key management server gives an encryption key corresponding to a decryption key given in advance to a communication server in which a user indicated by the given identifier is registered, to the communication server given the identifier,
The communication server given the encryption key encrypts the data to be sent with the given encryption key and sends it over the network.
A network communication system is provided.
[0014]
According to a sixth aspect of the present invention,
A key management device for managing an encryption key for encrypted communication in a network configured by connecting two or more communication servers each registered with a plurality of users,
Correspondence relationship between the identifier of each communication server connected to the network and the decryption key given in advance to each communication server, and the identifier of each communication server and a plurality of users registered in each communication server It has a database with correspondences registered,
When a user identifier indicating a destination user is given from a communication server, the communication server registered with the user indicated by the user identifier Given the Giving the encryption key corresponding to the decryption key to the communication server that gave the user identifier
Is provided.
[0015]
According to a seventh aspect of the present invention,
A key management device for managing an encryption key for encrypted communication in a network configured by connecting two or more communication servers each registered with a plurality of users,
A database in which identifiers of a plurality of users having access rights to the network are registered in association with decryption keys given in advance to a communication server serving as a base where each user accesses the network,
Provided is an encryption key management device characterized in that, when a user identifier indicating a destination user is given from a communication server, an encryption key corresponding to a decryption key associated with the user identifier is given to the communication server. .
[0016]
According to an eighth aspect of the present invention,
An encrypted communication device for performing encrypted communication via a network,
A communication means for performing two-way communication;
Encryption means and decryption means for encrypting / decrypting first data to be transmitted;
Prior to the transmission of the first data, an encryption key acquisition means for acquiring an encryption key for encrypting the first data from the outside,
The encryption key acquisition means sends an identifier indicating a destination user to which the first data is to be transmitted to an information processing apparatus for key management, and is an encryption given from the information processing apparatus for key management It has a function of receiving a key and giving the received encryption key to the encryption means.
An encrypted communication device is provided.
[0017]
DETAILED DESCRIPTION OF THE INVENTION
Embodiments of the present invention will be described below with reference to the drawings.
[0018]
First, a network communication system to which the present invention is applied will be described with reference to FIG.
[0019]
In FIG. 1, it is assumed that there are N groups composed of a plurality of users, and network communication management workstations (communication servers) 110 <1> to <N having a bidirectional communication management function for each group unit. >. The network communication management workstations 110 <1> to <N> include information processing apparatuses 120 <1-1> to <1-M1> to <N-MN for users belonging to each group to access the network. > (Where M1 to MN indicate the number of users belonging to each group (1 to N)). Information processing devices 120 <1-1> to <1-M1> to <N-MN> are used as information processing device terminals by a plurality of users belonging to each group, and various information processing devices are used. Information processing apparatuses 120 <1-1> to <1-M1> to <N-MN> are connected to the network communication management workstations 110 <1> to <N> to construct a network communication system. Each user can bidirectionally transmit information centered on document data and video data using the communication network.
[0020]
Satellite communication station facilities 112 <1> to <N> are connected to the network communication management workstations 110 <1> to <N>, and each group is connected via the satellite communication line 81. A communication network is constructed by connecting to the Internet 82 and combining the ground communication line 83 and the satellite communication line 81.
[0021]
The network communication management workstations 110 <1> to <N> have a function of encrypting and decrypting data transmitted in response to a user's request, as well as one-to-one individual distribution and simultaneous distribution to M locations. : M broadcast communication function and manages bi-directional communication by encryption.
[0022]
In this network communication system, a key management station 40 is installed.
[0023]
Like the other information bases, the key management station 40 has a satellite communication station facility 112a and a network communication management workstation 110a, and a key management workstation 140 for performing key management is connected to the key management station 40. Management of keys related to computerized communication.
[0024]
Here, a connection example of an information processing apparatus of a user who uses a network communication system will be described with reference to FIG. Each group of users produces a variety of information and uses a wide variety of information processing apparatuses.
[0025]
In FIG. 2, as the information processing apparatus 120 used, a personal computer 121 used by a plurality of users, a CAD workstation 122 used for creating various design / manufacturing data, a TV conference used for meetings, etc. Personal computer 123, mail server 124, and the like.
[0026]
These information processing apparatuses and a network communication management workstation are connected by a LAN (local area network) 130.
[0027]
The key management station 40 can use the network communication management workstation 110a independently. However, if there is a margin in the communication line, a user of another group passes the router 181 and passes through the key management station 40. It is also possible to connect to the network communication management workstation 110a.
[0028]
Next, control and processing of data related to communication in the network communication system to which the present invention is applied will be described with reference to FIG.
[0029]
This control and processing is performed by an information processing apparatus such as a network communication management workstation installed in each group, a key management workstation of the key management station, and a personal computer used by each user. Control and processing related to communication in a network communication system to which the present invention is applied are roughly divided into an access management unit 1010, a network communication management unit 1020, an encrypted communication processing unit 1030, a key management unit 1040, and non-repudiation management. 1050 and a key recovery unit 1060.
[0030]
When the user tries to use the network communication system from an information processing apparatus such as a personal computer, the access management unit 1010 confirms whether the user has a master key assigned to the user as a user authentication. To manage access to eliminate unauthorized access by users.
[0031]
The network communication management unit 1020 connects a transmission / reception facility with a destination user in response to a request of a user who transmits data, and performs one-to-one individual distribution or at the same time at M locations according to the user's needs. This is for performing transmission / reception management for 1: N broadcast communication to be distributed.
[0032]
The encrypted communication processing unit 1030 is for performing an encrypted communication process in which the transmitting user encrypts and transmits data to be transmitted, and the receiving side decrypts the data to obtain data.
[0033]
The key management unit 1040 is for performing key management related to generation, updating, and deletion of keys involved in encrypted communication, and distribution of keys to network users.
[0034]
The non-repudiation prevention management unit 1050 is for performing management for preventing data loss such as forgery, forgery, non-delivery, etc., and denial of communication actions performed by the parties involved in the communication transmitted by the user. Is.
[0035]
The key recovery unit 1060 is for recovering the key and decrypting the ciphertext when it is necessary to decrypt the transmitted ciphertext due to an unexpected situation such as loss or unauthorized use of the key. is there.
[0036]
Next, with reference to FIG. 3 as well, an outline of processing of each control processing unit in the network communication system of the present invention will be described. Here, a case where encrypted communication is performed from user A to user B will be described as an example.
[0037]
(1) User A turns on a personal computer used by a user to access the network communication system of the present invention. Then, the access management unit 1010 operates to perform user authentication for determining (confirming) whether or not the user A is a valid user.
[0038]
If it is determined that the user is a legitimate user, the user A is allowed to access the network communication system for the first time, and can see the encrypted communication and the transmitted data.
[0039]
(2) When performing encrypted communication, the user A inputs data to be transmitted to the access management unit 1010 and the destination of the destination. The input data and the destination are sent to the network communication management unit 1020, connect the destination party and the communication device, and establish a communication path.
[0040]
(3) The data is sent to the encrypted communication processing unit 1030, and encrypted using the key issued by the key management unit 1040 to create a ciphertext. The created ciphertext is transmitted to the destination party along the established communication path. The destination party that received the ciphertext decrypts the data based on the key issued by the key management unit 1040 and sends the acquired data to the network communication management unit 1020.
[0041]
(4) User authentication is also performed for the user B by the access management unit 1010, and when the user B is confirmed as a valid user, the obtained data passes from the network communication management unit 1020 via the access management unit 1010. To user B.
[0042]
(5) The key management unit 1040 manages not only the key used by the encrypted communication processing unit 1030 but also the key used for user authentication by the access management unit 1010, that is, performs key registration, update, and deletion.
[0043]
(6) When a determination result relating to non-repudiation is required for data transmitted from user A to user B, a non-repudiation prevention determination request is simultaneously input when inputting data to be transmitted to the access management unit 1010. .
[0044]
Then, the non-repudiation prevention management unit 1050 operates to determine whether or not an abnormality such as forgery, forgery, and non-reach has occurred before and after the encrypted communication.
[0045]
When the users A and B access the non-repudiation management unit 1050 after the end of data communication, the users A and B can acquire the determination result regarding the non-repudiation.
[0046]
(7) When an unexpected situation (for example, loss of key, unauthorized use, etc.) occurs and it becomes necessary to decrypt the ciphertext regardless of the normal encrypted communication path, the ciphertext and key are sent to the key recovery unit 1060. When the recovery request is input, the ciphertext can be decrypted.
[0047]
The six control processes constituting the network communication system of the present invention are connected to each information processing apparatus (for example, a network communication management workstation installed in each group shown in FIG. 2 and connected thereto). This is realized by software processing in an information processing apparatus used by a user such as a personal computer and a key management workstation of a key management station.
[0048]
Next, software functions incorporated in an information processing apparatus such as a personal computer used by a user, a network communication management workstation, and a key management workstation will be described with reference to FIG.
[0049]
(1) The information processing apparatus 120 such as a personal computer used by a user includes a user security function f21 and a data file processing function f22.
[0050]
The user security function f21 is for providing a user authentication environment for managing user access and an operation environment for connecting to the other user.
[0051]
The data file processing function f22 includes an environment for a user to make inquiries and transmissions to a plurality of users individually or simultaneously, setting of inquiry contents, transmission contents, transmission, reception of response results, display of response results And an operating environment for transferring a file to an arbitrary user.
[0052]
(2) The network management workstation 110 includes a communication security management function f1, a network transmission / reception management function f12, a scramble function f13, a descrambling function f14, and a communication configuration management function f15.
[0053]
The communication security management function f11 performs authentication determination for a user authentication request from a user by using an encryption algorithm. When performing encrypted communication with a partner user, a key management workstation is generated each time an encrypted communication request is generated. The session key is received from 140 and the encrypted communication is performed.
[0054]
The network transmission / reception management function f12 is for connecting to a partner user and establishing a communication path in order to perform communication between the network management workstations 110.
[0055]
The scramble function f13 is used to encrypt transmission data, generate a key necessary for encryption, and distribute the key in communication performed between the network management workstations 110.
[0056]
The descrambling function f14 is for decrypting received data, receiving a key necessary for decryption, and generating it in communication performed between the network management workstations 110.
[0057]
The communication configuration management function f15 is for searching, registering, and deleting a database used in the network management workstation 110. The network management workstation 110 uses, for example, a user ID database 11 and a user key management database 12 for managing users to be accessed. The contents of these databases will be described later.
[0058]
(3) The key management workstation 40 includes a key configuration management function f41, a non-repudiation prevention function f42, and a key recovery function f43. In the key management workstation 40, for example, a network user ID database 25 for managing users who use the network, a network key configuration database 24 for managing encryption keys used for encrypted communication on the network, and a denial A non-repudiation database (not shown) that stores information for preventing the problem is used. The contents of these databases will be described later.
[0059]
The key configuration management function f41 is for performing key management related to issuance, generation, update, and deletion of keys involved in encrypted communication.
[0060]
The non-repudiation prevention function f42 is for making a non-repudiation determination from a fair position as a third party regarding whether there is no falsification or forgery in data transmission / reception performed by the user.
[0061]
The key recovery function f43 is for recovering the key and decrypting the ciphertext used for communication when an unexpected situation such as loss or unauthorized use of the key occurs.
[0062]
Hereinafter, an embodiment in which the six control processing units of the network communication system of the present invention described above are realized by the computer described above and software functions incorporated therein will be described.
[0063]
In this embodiment, a common key encryption algorithm is used as the encryption algorithm that operates the scramble key and descramble key used for data encryption and decryption.
[0064]
It is possible to construct a system using either a common key encryption algorithm or a public key encryption algorithm as a generation of a master key to be owned by a user and an encryption algorithm used for distributing the generated key.
[0065]
First, an embodiment using a common key encryption algorithm will be shown, and then an embodiment using a public key encryption algorithm will be described.
[0066]
First, an embodiment of the software function configuration of the access management unit using the common key encryption algorithm will be described with reference to FIGS.
[0067]
As the common key encryption algorithm, for example, a MULTI4 encryption algorithm can be used. The MULTI4 encryption algorithm performs encryption processing divided into two stages: a process for determining an encryption / decryption function based on an algorithm determination key and a data key, and a process for performing encryption / decryption of data. The contents of this processing are described in, for example, Japanese Patent Laid-Open No. 04-170576.
[0068]
In FIG. 4, in order to operate the access management unit 1010 (see FIG. 3), each user who uses the information processing apparatus 120 such as a personal computer is preliminarily provided by the key management station 40 with a user ID and a secret key as a master key. Is assigned.
[0069]
This user ID is registered in the user ID database 11 of the network communication management workstation 110, and the secret key as a master key is associated with the user ID in the user key management database 12 of the network communication management workstation 110. Registered as the user's master key.
[0070]
In the access management unit 1010 (see FIG. 3), user authentication is performed by encrypted communication between the user security function f21 of the information processing apparatus 120 such as a personal computer used by the user and the communication security function f11 of the network communication management workstation 110. To implement.
[0071]
Hereinafter, this embodiment will be described with reference to FIG.
[0072]
(1) When the user uses this network communication system, the access request 501 is input to the information processing apparatus 120 such as a personal computer used by the user. The user security function f21 adds a “sequence number” 505 and sends it as a user authentication request 503 to the communication security function f11.
[0073]
(2) Upon receiving this request, the communication security function f11 searches the user ID database 11 using the “user ID” 506 as a key. If the “user ID” 506 is applicable, first, time information (“month”, “ Day, hour, minute, second) and a random number ₀ 507, and then searches the user key management database 12 using the “user ID” 506 as a key, and the “user master key” P assigned to the user _ID 508 is acquired.
[0074]
And this “user master key” P _ID 508 to challenge code CAC ₀ Encrypt 507 and encrypt challenge code E _PID (CAC ₀ ) 509 is created and sent to the user security function f21.
[0075]
(3) The user stores a user master key 508 assigned to the user in a storage medium such as a floppy disk or an IC card. By inputting this key, the encrypted challenge code E sent to the user is stored. _PID (CAC ₀ ) 509 is decoded and a challenge code CAC510 is generated.
[0076]
The generated challenge code CAC510 is sent back to the communication security function.
[0077]
(4) The communication security function f11 is a challenge code CAC generated by this function. ₀ 507 is compared with the challenge code CAC510 that is decrypted and sent, and if they match, the user is determined to be a valid user, and the authentication determination result is authentication completion. Conversely, if they do not match, the authentication determination result is regarded as an authentication error, and this authentication determination result is sent to the user security function f21.
[0078]
(5) When the authentication determination result is completion of user authentication, the user security function f21 transmits the user authentication result to the network communication management unit, except for the “sequence number” 505.
[0079]
Next, an embodiment of the software function configuration of the network communication management unit 1020 (see FIG. 3) will be described with reference to FIG.
[0080]
4, the user inputs data to the data file processing function f22 of the information processing apparatus 120 such as a personal computer to be used, and the data input from this function is the network transmission / reception management function of the network communication management workstation 110. sent to f12. In this network communication management workstation 110, data is processed in response to the user's request and sent to the transmission destination partner side, and is transmitted to the transmission destination partner user via the network transmission / reception management function f12 of the network communication management workstation 110. A series of processes to be transmitted is managed by the network communication management unit.
[0081]
Hereinafter, an embodiment of the network communication management unit will be described with reference to FIGS.
[0082]
(1) When a user makes an inquiry to a plurality of users at the same time,
(I) The user gives an activation instruction and inputs an inquiry content creation request to the data file processing function f22.
[0083]
(Ii) An input screen is displayed on the window screen, and the inquiry content and the destination can be input.
[0084]
(Iii) When an inquiry content transmission request is input, it is sent as broadcast data to the network transmission / reception management function f12, and a data identifier is added and sent to the encrypted communication processing unit 1030.
[0085]
(2) When a user answers multiple users at the same time,
(I) The user gives an activation instruction and inputs an answer content creation request to the data file processing function f22.
[0086]
(Ii) An input screen is displayed on the window screen, and it becomes possible to input an answer content and an address.
[0087]
(Iii) When a reply transmission request is input, it is sent as reply data to the network transmission / reception management function f12, added with a data identifier, and sent to the encrypted communication processing unit 1030.
[0088]
(3) When a user transmits to a plurality of users at the same time,
(I) The user gives an activation instruction and inputs a transmission content creation request to the data file processing function f22.
[0089]
(Ii) An input screen is displayed on the window screen, and the transmission contents and the destination can be input.
[0090]
(Iii) When a transmission content transmission request is input, it is sent as transmission data to the network transmission / reception management function f12, and a data identifier is added and sent to the encrypted communication processing unit 1030.
[0091]
(4) When a user performs file transfer to a plurality of users at the same time,
(I) The user issues an activation instruction and inputs a file transfer request to the data file processing function f22.
[0092]
(Ii) When a file name and a destination are input, the file is read from the database.
[0093]
(Iii) The file transmission data is sent to the network transmission / reception management function f12 and sent to the encrypted communication processing unit 1030.
[0094]
With the above sequence, inquiry content setting, transmission, response content setting, transmission, transmission content setting, transmission, transfer file setting and transmission are performed, and the transmission content is displayed on the screen. Inquiry content reception, response result reception, transmission content reception, and transfer file reception are performed in the same sequence, and the received content is displayed on the screen.
[0095]
Next, with reference to FIG. 6, an embodiment of the software function configuration of the encrypted communication processing unit when the common key encryption algorithm is used will be described.
[0096]
When performing encrypted communication, as shown in the software function incorporated in the network communication system of FIG. 4, the scramble function of the network communication management workstation 110 receives data transmitted from the network transmission / reception management function. Next, a session key is issued from the key configuration management function of the key management workstation, and the data received based on this key is encrypted to create a ciphertext. Send to the descrambling function of the station.
[0097]
The descrambling function decrypts the sent ciphertext and acquires data.
[0098]
As a precondition for operating the encrypted communication processing unit, each user who uses an information processing apparatus such as a personal computer is assigned a user ID and a secret key as a master key by the key management station, as in the case of the access management unit described above. The master key assigned to the user is registered and managed in the network key configuration database of the key management workstation in association with the user ID. Similarly, it is assumed that a user ID and a master key are registered in correspondence with each other in the user key management database of the network communication management workstation.
[0099]
Hereinafter, an embodiment of the encrypted communication processing unit will be described.
[0100]
(1) When an encrypted communication request is generated, the key configuration management function f41 of the key management workstation 140 uses the session key P _T 601 is generated. Next, the master key P of the sending user _ID 602, the master key P of the receiving user _ID 603 is retrieved from the network key configuration database 24 and the session key P _T Encryption is performed using 601 as plaintext, and ciphertext E _PID (P _T 604, E _PYID (P _T ) 605 is created. This ciphertext is sent to the network communication management workstation 110 connected to an information processing apparatus such as a personal computer used by the originating user.
[0101]
(2) At the network communication management workstation 110 to which the user on the calling side connects, the master key P of the user being managed _ID 603 is retrieved from the user key management database 12, and the encrypted session key is decrypted using this key, and the session key P _T To get.
[0102]
(3) On the other hand, the network communication management workstation 110 to which the user on the calling side connects connects the data M input by the user from the network transmission / reception management function f12 and scramble key K for encrypting the data M. _S 606, a descrambling key K for decryption _D 607 is generated.
[0103]
(4) Next, the data M input by the user is converted into a scramble key K. _S Encrypted at 606, and ciphertext E _KS (M) Create 608 and similarly descramble key K _D 607 is the session key P _T Encrypted with ciphertext E _PT (K _S ) 609 is created. These two sets of ciphertext and the sent ciphertext E _PYID (P _T 605) to the network communication management workstation 110 to which the information processing apparatus such as a personal computer used by the destination user is connected.
[0104]
(5) The network communication management workstation 110 of the destination user side is the master key P of this user. _YID 603 is extracted from the user key management database 12 and the encrypted session key E sent using this key is sent. _PYID (P _T ) 605 is decrypted and the session key P _T 601 is acquired. Next, the sent encryption descramble key E _PT (K _D ) 608 obtained above session key P _T Decrypt using 601 and descramble key K _D 607 is acquired.
[0105]
Finally, this descramble key K _D Ciphertext E of data sent using 607 _KS (M) Decodes 608 and obtains data M.
[0106]
(6) The acquired data is transmitted to the destination user via the network transmission / reception management function.
[0107]
The encrypted communication from the user to the user is performed by the above method. Scramble key K _S 606, descrambling key K _D As an algorithm for operating 607, the MULTI2 encryption algorithm that has been proven in CS digital broadcasting is used, and as an algorithm for operating the master keys 602 and 603 and the session key 601, a MULTI4 encryption algorithm different from MULTI2 is used.
[0108]
In this way, the scramble key K used for data encryption _S 606 encryption algorithm and descrambling key K _D It is possible to adopt a double encryption method in which the encryption algorithm of the session key 601 used for the delivery of 607 is different from the encryption algorithm. Therefore, security can be improved compared to the case where the same encryption algorithm is used.
[0109]
Next, an embodiment of the software function configuration of the key management unit of the network communication system to which the present invention is applied will be described with reference to FIG.
[0110]
As described in the embodiments of the access management unit 1010 (see FIG. 3) and the encrypted communication processing unit 1030 (see FIG. 3), the key management unit 1040 (see FIG. 3) uses all the network communication systems. It manages user master keys and session keys involved in encrypted communication, and registers all user master keys in correspondence with user IDs in the network key configuration database 24 of the key management workstation 140. .
[0111]
In the user key management database 12 of the network communication management workstation 110, the master key of the user connected to the network communication management workstation 110 is registered in association with the user ID.
[0112]
Hereinafter, an embodiment of the key management unit will be described with reference to FIG.
[0113]
(1) Session key management
(I) When performing encrypted communication by the encrypted communication processing unit 1030 (see FIG. 3), the communication security management function f11 of the network communication management workstation 110 of the caller user sends the user ID of the caller and the destination partner A session key issue request 701 to which the user ID is added is sent to the key configuration management function f41 of the key management workstation 140.
[0114]
(Ii) The key configuration management function f41 receives this request and the session key P _T And the network key configuration database 24 is searched using the user ID as a key, and the master key P of the originating user is searched. _ID , Master key P of destination user _YID Take out. Next, P _T Is encrypted as plain text and the encrypted session key E _PID (P _T ), E _PYID (P _T ) And is issued to the communication security management function f11 of the network communication management workstation 110 of the originating user.
[0115]
(Iii) Upon receiving the encrypted session key, the communication security management function f11 searches the user key management database 12 using the user ID of the originating user as a key, and the user's master key P _ID Take out. Next, based on this master key, an encrypted session key E _PID (P _T ) And the session key P _T To get.
[0116]
With the above sequence, the session key P is transferred to the network communication management workstation 110 to which the calling user connects. _T And encrypted session key E _PYID (P _T ) Is issued.
[0117]
(2) Master key management
The user's master key is managed by the key configuration management function f41 of the key management workstation 140 and the communication configuration management function f15 of the network communication management workstation 110. Registration, update, and deletion of the user's master key are performed. Implemented by these functions.
[0118]
When the network communication management workstation 110 is installed, a network ID and a network master key are assigned to this workstation and registered in the user key management database 12 by the communication configuration management function f15, and the key configuration management function of the key management workstation 140 is also registered. Register in the network key configuration database 24 from f41.
[0119]
The master key of each user is generated by the key configuration management function f41, and the generated master key and the user ID are associated with each other and registered in the network key configuration database 24.
[0120]
The master key of this user needs to be registered in the user key management database 12 of the network communication management workstation 110. This registration is directly input from the communication configuration management function f15 when the network communication management workstation 110 is installed. It can also be registered in the user key management database 12, but it can also be delivered using the network master key assigned to the network communication management workstation 110, encrypted with the scramble function. Similarly, the master key of the user and the data related to the update / deletion of the network master key are also encrypted by the scramble function using the network master key assigned to the network communication management workstation 110 as a master key update request 703. It can also be delivered.
[0121]
The network communication management workstation 110 decrypts the sent key registration, update, and deletion data, and registers, updates, and deletes the key in the user key management database 12 by the communication configuration management function f15.
[0122]
The update and distribution of the master key to each user is recorded on a storage medium such as an IC card or a floppy disk on the network communication management workstation 110 and distributed offline, or the master assigned to the user before the change. It can be encrypted with a key and sent online using a network. Which of these methods is used may be determined depending on the situation.
[0123]
Next, an embodiment of the software function configuration of the non-repudiation prevention unit will be described with reference to FIG.
[0124]
When the user transmits data to another partner user, as described in the embodiment of the network communication management unit 1020 (see FIG. 3), the user can use the data file of the information processing apparatus 120 (see FIG. 4) such as a personal computer. Data and a destination are input to the processing function f22 (see FIG. 4), but if a non-repudiation determination result is required for the data transmitted by the user, a non-repudiation request is further input.
[0125]
(1) The data input by the user is transmitted from the data file processing function f22 to the network transmission / reception management function f12 as described for the network communication management unit 1020 (see FIG. 3). It is transmitted to the communication management security function f11 via the function f21. The communication management security function f11 creates a nonrepudiation prevention file 802 based on the data transmitted to the network transmission / reception management function f12 in response to the nonrepudiation prevention request 801.
[0126]
The non-repudiation file 802 is obtained by adding an identifier to data input by the user, or by adding an identifier to a hash value obtained by processing data input by the user with a hash function.
[0127]
The hash function is described in “Internet Security” Ohm Co., author, Ryoichi Sasaki, Kazuo Takagi et al.
(1) Unidirectionality: Given an output value of a certain hash function, it is computationally difficult to obtain another message M that yields the same output value.
[0128]
(2) Collision avoidance: Finding two different messages M1 and M2 having the same hash value is difficult in terms of calculation amount.
[0129]
It has the characteristics of.
[0130]
(2) The communication management security function f11 sends the created nonrepudiation file to the nonrepudiation management function f41 of the key management workstation 140, and the nonrepudiation management function f41 uses the sent nonrepudiation file 802 as an identifier. Correspondingly, it is stored in the non-repudiation management database 26.
[0131]
(3) The data transmitted to the network transmission / reception management function f12 is transmitted to the network transmission / reception management function f12 on the destination user side via the encrypted communication processing unit 1030 (see FIG. 3). The decrypted data is transmitted to the destination user as it is. However, when there is a non-repudiation request 801, the communication security management function f11, based on the delivered data, prevents non-repudiation in the same way as the caller. A file 803 is created and transmitted to the non-repudiation management function f41 of the key management workstation 140.
[0132]
The non-repudiation prevention management function f41 stores the non-repudiation prevention file 803 delivered from the receiving side in the non-repudiation prevention management database 26 in association with the identifier.
[0133]
(4) The non-repudiation management function f41 compares the non-repudiation file 802 sent from the user on the transmission side with the non-repudiation file 803 sent from the user on the receiving side, and if both match, the non-repudiation prevention is normal. If it does not match, it is determined that there is an abnormality, and this non-repudiation determination result is registered in the non-repudiation prevention management database 26.
[0134]
(5) After transmission / reception of data is completed, when a user on the transmission side or reception side inputs a non-repudiation inquiry request to the data file processing function f22, the request is transmitted via the user security function f21 and the communication management security function f11. It is delivered to the non-repudiation management function f41. When the non-repudiation management function f41 receives the non-repudiation prevention inquiry request, the non-repudiation prevention management database 26 retrieves the non-repudiation prevention determination result and sends this result to the user who has input the non-repudiation prevention inquiry request.
[0135]
(6) When a hash value is created as a non-repudiation file, since the data amount of the hash value is small, not only the non-repudiation management function f41 of the key management workstation 140 but also data to be transmitted to the destination user It is also possible to send it in addition to.
[0136]
In this case, the communication security function f11 on the reception side can confirm non-repudiation by calculating a hash value based on the received data and comparing it with the hash value sent by the user on the transmission side.
[0137]
When the confirmation result of non-repudiation prevention performed by the communication security function f11 on the receiving side is abnormal and a trouble occurs between the user on the transmitting side and the receiving side, an inquiry is made to the key management workstation 140 which is a third party. Thus, it is possible to determine which is not.
[0138]
Hereinafter, an example of the “key recovery function” provided by the network communication system to which the present invention is applied will be described. Here, when performing encrypted communication, as shown in FIG. 6, it is assumed that the key used for encryption has a double hierarchical structure. In FIG. 6, the data transmitted by the user is M, and the scramble key K generated by the network communication management workstation 140. _S The data is encrypted by the ciphertext E _KS (M) is created. Descramble key K for decrypting this ciphertext _D For the session key P sent from the key management workstation 140. _T Encrypted by ciphertext E _PT (K _D ) Has been created.
[0139]
The key recovery function is the ciphertext E _KS Decryption information is added to (M) and the descramble key K _D It provides a means to decrypt the ciphertext without depending on it.
[0140]
First, referring to FIG. 9, the scramble key K _S A procedure for creating additional data for providing a key recovery function when encrypting data will be described.
[0141]
(1) Scramble key K _S Is generated, a random number is generated, and the scramble key is set to K by the exclusive OR (XOR, indicated by a direct sum symbol in the figure) of K1 and K2. _S = K1 XOR K2 can be expressed.
[0142]
(2) Using P1 and P2 as keys for key recovery, the key recovery function f43 (see FIG. 4) of the network communication management workstation 110 (see FIG. 4) and the key management workstation 140 (see FIG. 4). Shall be stored. Scramble key K _S K1 and K2 generated at the time of generating the key are encrypted with the key recovery keys P1 and P2, and the ciphertext E _P1 (K1), E _P2 Create (K2). This data is stored in the scramble key K _S Ciphertext E of data created in _KS It shall be added to (M).
[0143]
Next, a procedure for decrypting a ciphertext using this additional data will be described with reference to FIG.
[0144]
(1) Data E added from ciphertext _P1 (K1), E _P2 (K2) is separated, and K1 and K2 are decrypted with the key recovery keys P1 and P2.
[0145]
(2) An exclusive OR of K1 and K2 is taken and K _S = K1 XOR K2 as scramble key K _S Is generated. In case of common key encryption, scramble key K _S And descramble key K _D And the scramble key K _S Thus, the ciphertext can be decrypted.
[0146]
If an unexpected situation occurs and the ciphertext needs to be decrypted, the ciphertext is sent to the key management workstation 140 (see FIG. 4). The ciphertext can be decrypted using P1 and P2.
[0147]
The embodiments of the software functions of the six control processing units constituting the network communication system have been described above.
[0148]
In this network communication system, user authentication by the access management unit is performed by a network communication management workstation for a user connected to the workstation. That is, user authentication is performed for each group composed of a plurality of users. In addition, the network communication management unit and the encrypted communication processing unit perform encrypted communication between the network communication management workstations, the user who transmits the data encrypts, and the user who receives this decrypts the data, User-to-user encrypted communication is not implemented.
[0149]
For this reason, in the network communication system shown in FIG. 1, one closed network can be constructed in a group composed of a network communication management workstation and a plurality of users connected thereto.
[0150]
Next, with reference to FIG. 11, a hierarchical structure of keys when a closed network is constructed by a common key encryption method for each network management workstation installed in one group will be described. Here, network communication management workstations 110 <1> to 110 <M> are installed in M groups.
[0151]
The network communication management workstation 110 <j> (1 ≦ j ≦ M) includes n _j Information processing apparatuses such as personal computers used by individual users are connected to form a network. A user ID and a secret key as a master key are assigned to the user. These users are designated as user 1 to user n. _j And user i (1 ≦ i ≦ n) _j ) The secret key assigned to P) _ji The user ID is IDji. The network communication management workstation 110 <j> has these users 1 to n. _j In order to manage the private key as the master key of the user ID n in the user ID database 11 _j IDj1, IDj2, ... IDji, ..., IDjn _j }, And the user key management database 12 is associated with a secret key as a user master key and a user ID. _j Pieces of data (IDj1, Pj1), (IDj2, Pj2). . . (IDji, Pji),. . . (IDjn _j , Pjn _j ) Is registered. User authentication is performed according to a user authentication method using a common key shown in FIG. 4 by using a secret key as a master key assigned to the user.
[0152]
Each network communication management workstation 110 <j> has SD as a network ID. _j , And private key P as master key _Sj Are assigned to the key management workstation 140 and the network ID and secret key S _Dj Is managing. In the network user ID database 25 of the key management workstation 140, SD that is the network ID of the network management workstation 110 <j> is stored. _j And the user ID {ID of the user managed by this _j1 , ID _j2 , ..., ID _jnj } Is registered correspondingly. Further, the network key configuration database 24 includes a network ID SD. _j And private key P _Sj Are registered in correspondence. When the user i belonging to the network communication management workstation 110 <j> performs encrypted communication,
(1) Input the destination (name) of the destination user and the data M to be transmitted.
[0153]
(2) The network communication management workstation 110 <j> requests the key management workstation 140 to issue a session key for performing encrypted communication.
[0154]
(3) The key configuration management function f41 (see FIG. 4) of the key management workstation 140 searches the network user database 25 based on the destination (name) of the destination user. If the destination user is a user connected to the network communication management workstation 110 <k>, an ID that is the user ID of the other user _kl SD, which is the network ID of the network communication management workstation 110 <k> to which the other user connects _k To get.
[0155]
The network ID of the network communication management workstation 110 <j> to which the transmission side user is connected is SD. _j The network ID of the network communication management workstation 110 <k> to which the partner user connects is SD _k It is.
[0156]
SD which is this network ID _j , SD _k The network key configuration database 24 is searched using the _j And SD _k Private key P corresponding to _Sj , P _Sk To get.
[0157]
Next, the session key P _T Is encrypted with the obtained private key, and the encrypted session key E _PSj (P _T ), E _PSk (P _T ).
[0158]
(4) The key management workstation 140 uses the encrypted session key E _PSj (P _T ), E _PSk (P _T ) And SD that is the network ID of the network management workstation 110 <k> to which the destination user is connected _k Are issued to the network communication management workstation 110 <j> that is the session key issue request source.
[0159]
(5) The network communication management workstation 110 <j> has a private key PS as a master key it owns. _j Encrypted session key E _PSj (P _T ) And the session key P _T To get.
[0160]
Next, the scramble key K _S , Descrambling key K _D First, the data M to be transmitted is converted into a scramble key K _S Encrypted with ciphertext E _KS Create (M). Next, descramble key K _D Session key P _T Encrypted with the encrypted descrambling key E _PT (K _D ).
[0161]
On the other hand, SD that is the sent network ID _k The destination is designated as the network communication management workstation 110 <k> and connected, and the created ciphertext E _KS (M), encryption descrambling key E _PT (K _D ) And the sent encrypted session key E _Pk (P _T ) As data and send it.
[0162]
(6) The network communication management workstation 110 <k> that has received the encrypted data receives the private key P as the master key it owns. _sk Encrypted session key E _Psk (P _T ) And the session key P _T To get.
[0163]
Next, the encrypted descrambling key E from this session key _PT (K _D ) And descramble key K _D To get. This descrambling key K _D Ciphertext E _kS (M) is decoded and data M is extracted. The data ID obtained by this decryption is the user ID of the destination partner ID _kl To users who are
[0164]
Through the above procedure, encrypted communication is performed from the user ID ji connected to the network management workstation 110 <j> to the user ID kl connected to the network management workstation 110 <k>.
[0165]
Although the key management workstation of this network communication system manages the secret key as the master key assigned to each network communication management workstation, the user who connects to each network communication management workstation Manages the assigned user ID, but does not manage the secret key as the assigned master key.
[0166]
Conversely, only the network communication management workstation connected to the user manages the secret key as the master key assigned to the user.
[0167]
From this, it is understood that a closed network is constructed as a group between the network communication management workstation and the users connected thereto.
[0168]
When constructing a system using common key cryptography, the private key as the master key assigned to each user is used only for user authentication and is not used outside the network as a key for encrypted communication. The group in which the management workstation is installed may use a unique encryption algorithm for user authentication.
[0169]
In order to ensure security, it is also possible to perform encrypted communication between users in the network of this group using a master key assigned to the users.
[0170]
As an example, assuming that encrypted communication is performed from a user whose user ID is IDji belonging to the network management workstation to a user whose user ID is IDjr, the network communication management workstation generates a session key T. And a session key P with a secret key Pi as a master key corresponding to IDji and a secret key Pr as a master key corresponding to IDjr. _T Encrypted session key E _Pi (T), E _Pr (T) is generated. This is sent to the user whose user ID is IDji.
[0171]
The user of the transmission source has a secret key P as a master key. _i Encrypted session key E _Pj (T) is decrypted and the session key P _T To get.
[0172]
This session key P _T The data M is encrypted by the ciphertext E _T (M) created and sent encrypted session key E _Pr (T) is added to this ciphertext and transmitted. This ciphertext E _T (M) and encrypted session key E _Pr By sending (T), encrypted communication can be performed within the network.
[0173]
In this case, the network communication management workstation installed in the group generates a session key to be used for encrypted communication within the group network in the communication security management function.
[0174]
The embodiment of the software functions of the six control processing units constituting the network communication system of the present invention has been described above. In the software function incorporated in the network communication system shown in FIG. 4, processing related to cryptographic operations is performed by a user security function, a communication management security function, a scramble function, and a descramble function.
[0175]
Next, with reference to FIG. 12, a description will be given of an embodiment in which a cryptographic processing apparatus that performs such cryptographic operations is incorporated into an information processing apparatus such as a personal computer used by a user and a network communication management workstation.
[0176]
The personal computer 121 used by the user is one of information processing devices used by the user, and may be a CAD 122 (see FIG. 2) used by the user. The personal computer 121 used by the user normally includes the CPU 2 and the data processing device 3 and performs processing related to the data file processing function f22 (see FIG. 4) and the user security function f21 (see FIG. 4). The network communication management workstation 4 also includes a CPU 5 and a data processing device 6, and includes a network transmission / reception management function f12 (see FIG. 4), a communication security management function f11 (see FIG. 4), and a communication configuration management function f15 (see FIG. 4). 4), scramble function f13 (see FIG. 4), and descramble function f14 (see FIG. 4).
[0177]
Encryption processing for user authentication performed by the access management unit 1010 (see FIG. 3) by the user security function f21 (see FIG. 4) and the communication management security function f11 (see FIG. 4) 8 is implemented.
[0178]
In the process of user authentication, the user enters the master key assigned to him. The master key can be memorized and input by the user, but in this embodiment, the master key is recorded on the IC card and input from the IC card control unit 9.
[0179]
A personal computer 121 used by a user and a network management workstation 110 are connected via a LAN 10 to form a network 11. The master key assigned to the user connected to the network management workstation 110 is registered in the user key management database 12 and encrypted communication is performed using the user's master key input by the IC card. Done.
[0180]
The network communication management workstation 110 and users belonging to the network communication management workstation 110 are connected via the LAN 10, and user authentication by the network communication management workstation workstation 110 is performed for all connected users. For this reason, an independent closed network can be constituted by this group.
[0181]
When the user authentication by the access management unit 1010 (see FIG. 3) is completed, the encrypted communication processing unit 1030 (see FIG. 3) performs encrypted communication between the network communication management workstations 110. When encrypted communication is performed by the encrypted communication processing unit 1030 (see FIG. 3), an encrypted session key is sent from the key management workstation 140 (see FIG. 4). Here, in order to form a closed network between users connected to the network communication management workstation 110, the network communication management workstation 110 includes a network as shown in the hierarchical structure of the keys of the common key cryptosystem in FIG. A master key is assigned. Thus, the network master key of the network communication management workstation 110 on the transmission side is set to P _Si The network master key of the network communication management workstation 110 on the receiving side is P _Sj Then, the key management workstation 140 (see FIG. 4) _T And the above network master key P _Si , P _Sj Encrypted with ciphertext E _PSi (P _T ), E _PSj (P _T ).
[0182]
Of the software functions incorporated in the network communication system shown in FIG. 4, the scramble function will be described first.
[0183]
The session key decryption apparatus 13 in FIG. 12 has an encrypted session key E sent from the key management workstation. _PSi (P _T ) Through the transmission / reception facility 14. This is assigned to the network communication management workstation 110 and stored in the user key management database 12 as the network master key P. _Si To perform the decryption operation, and the session key P _T Is transferred to the scramble key encryption apparatus 15. The scramble key / descramble key generation device 16 uses a scramble key K used for data encryption. _S And a descrambling key K used to decrypt the data _D Is generated and delivered to the cryptographic processing management device 17. The cryptographic processing management device 17 uses the scramble key K _S Is passed to the data encryption device 18 and the descrambling key K _D Is delivered to the descrambling key encryption device 15. The data M input by the user is input from the data processing device 3 of the personal computer 1 used by the user and transmitted to the data encryption device 18. The descrambling key encryption device 15 uses the session key PT sent from the session key decryption device 13 to generate the descrambling key K. _D Ciphertext E _PT (K _D ) And the data encryption device 18 uses the scramble key K _S The data M is encrypted by the ciphertext E _KS Create (M). The encryption process management device 17 manages this encryption process. When performing encrypted data communication, the encrypted data E _KS (M) and encrypted descramble key E _T (K _D ) At the same time, _D Must be decrypted before E _KS (M) cannot be decrypted. Thus, the encryption descrambling key E _PT (K _D ) Is the ciphertext E _KS It is necessary to receive and decode before (M).
[0184]
Next, a descrambling key distribution sequence for facilitating data decryption for switching scramble keys in common key cryptography will be described with reference to FIG.
[0185]
When encrypted communication is performed from user A to user B, when a certain amount of data is transmitted, a new scramble key used for encryption is generated and the scramble key is switched, and the encrypted communication security is achieved. To ensure. FIG. 13 shows the scramble key switching and data encryption sequence. M at the time of switching the scramble key i-1 _i-1 , M at the time of i-th switching _i , I + 1 is the data at the time of switching _{i + 1} And
[0186]
(S1301) Data M _i-1 Scramble key and descramble key are generated when data M is encrypted. _i Scramble key K used when encrypting _Si And descramble key K _Di Is generated and temporarily stored in the memory.
[0187]
(S1302) Switching the scramble key, data M _i When encrypting data M _{i + 1} Scramble key K used when encrypting _{Si + 1} And descramble key K _{Di + 1} Is generated and temporarily stored in the memory. Descramble key K from this memory _Di , K _{Di + 1} Is encrypted with the session key PT, and the ciphertext E _PT (K _Di , K _{Di + 1} ). Similarly, scramble key K from memory _Si Take out the data M _i Encrypted with ciphertext E _KSi (M _i ). Next, the created ciphertext E _PT (K _Di , K _{Di + 1} ), E _KSi (M _i ) As a pair.
[0188]
Scramble key K used after sending ciphertext _Si And descramble key K _Di Is deleted from the memory.
[0189]
User B has session key P _T Ciphertext E sent by _PT (K _Di , K _{Di + 1} ) And descramble key K _Di , K _{Di + 1} Take out. Descrambled key K taken out _{Di + 1} Are stored in the memory and prepared to decrypt the ciphertext to be sent next.
[0190]
(S1303) Switching the scramble key, data M _{i + 1} When encrypting data M _{i + 2} Scramble key K used when encrypting _{Si + 2} And descramble key K _{Di + 2} Is generated and temporarily stored in the memory. Descramble key K from this memory _{Di + 1} , K _{Di + 2} Take out the session key P _T Encrypted with ciphertext E _PT (K _{Di + 1} , K _{Di + 2} ). Similarly, scramble key K from memory _{Si + 1} Take out the data M _{i + 1} Encrypted with ciphertext E _{KSi + 1} (M _{i + 1} ). Next, the created ciphertext E _PT (K _{Di + 1} , K _{Di + 2} ), E _{KSi + 1} (M _{i + 1} ) As a pair.
[0191]
(4) User B to whom the ciphertext is sent has prepared descrambling key K _{Di + 1} Ciphertext E _{KSi + 1} (M _{i + 1} ) And data M _{i + 1} To get. Data M _{i + 1} Descramble key K used after acquiring _{Di + 1} Is deleted from the memory.
[0192]
Next, the session key P _T Ciphertext E sent by _PT (K _{Di + 1} , K _{Di + 2} ) And descramble key K _{Di + 1} , K _{Di + 2} Take out. Descrambled key K taken out _{Di + 2} Is prepared for decryption of the ciphertext to be sent next.
[0193]
If the decryption of the data Mi + 1 is not successful, the extracted descrambling key K _{Di + 1} Let us try the decoding operation again. Data M mentioned above _{i + 1} When the decryption is successful, the descrambling key K _{Di + 1} Shall be deleted.
[0194]
With the sequence as described above, it is possible to decrypt the data simultaneously with sending the ciphertext of the data. The cryptographic processing management device 17 (see FIG. 12) uses the above sequence to describe the descrambling key ciphertext E. _PT (K _Di , K _{Di + 1} ) And data M _i Ciphertext E _KSi (M _i ) Is created. When these ciphertexts are created, they are sent to the synthesizing device 19 (see FIG. 12), and the ciphertexts are synthesized as data files and distributed via the transmission / reception facility 14 (see FIG. 12).
[0195]
From the key management workstation, the ciphertext E regarding the session key sent to the other party _PSj (P _T ) Is sent, but this ciphertext is delivered to the other party via the synthesizing device 19 (see FIG. 12) and the transmission / reception facility 14 (see FIG. 12).
[0196]
Next, the descrambling function of the software functions (see FIG. 4) of the network communication system will be described with reference to FIG.
[0197]
(1) The session key decryption device 13 transmits the encrypted session key E sent from the network communication management workstation on the transmission side. _PSj (P _T ) Through the transmission / reception facility 14. This is the network master key P assigned to the network communication management workstation 110. _Sj To decrypt the session key P _T Is transferred to the descrambling key decryption apparatus 20.
[0198]
(2) The ciphertext data to be received is the ciphertext E for the descrambling key as shown in the scramble function. _PT (K _Di , K _{Di + 1} ) And ciphertext E for data Mi _KSi (M _i ) And. This data is delivered to the distribution device 21 via the transmission / reception facility 14.
[0199]
Encryption descrambling key E _PT (K _Di , K _{Di + 1} ) And ciphertext E of data _KSi (M _i And the encrypted descrambling key is delivered to the descrambling key decryption device 20, and the ciphertext of the data is delivered to the data decryption device 23.
[0200]
(3) The descrambling key decryption device 20 receives the session key P from the session key decryption device 13. _T Is sent, and this session key P _T The descrambling key synchronizer E sent from the descrambling key synchronizer 22 _PT (K _Di , K _{Di + 1} ) And descramble key K _Di , K _{Di + 1} To get. The descrambling key synchronization device 22 delivers the descrambling key to the data decryption device 23 according to the descrambling key distribution sequence shown in FIG. The data decryption device 23 sends the descramble key K sent _Di Ciphertext E sent in _KSi (M _i ) And data M _i To get. Acquired data M _i Is sent to the data processing device 3 of the personal computer 1 used by the destination user.
[0201]
The embodiment of the software function configuration when the common key encryption is used for the six control processing units constituting the network communication system of the present invention has been described above.
[0202]
Next, with reference to FIG. 14, an embodiment of a software function configuration when public key cryptography is used will be described. FIG. 14 shows a software functional configuration of the access management unit when public key cryptography is used.
[0203]
As a public key encryption algorithm, the IEICE Technical Report TECNICAL REPORT OF IEICE ISEC 97-15 (1997-07) "High-speed encryption method using an elliptic curve" Using the elliptic curve encryption described in Kazuo Takagi and Hiroyuki Kurutani Let P be the base point of the elliptic curve necessary for describing the computation of the key of this elliptic curve encryption.
[0204]
Each user who uses an information processing apparatus such as a personal computer receives a user ID and a secret key d as a master key from the key management station. _ID And the corresponding public key Q _ID (= D _ID · P; · is an operation on an elliptic curve).
[0205]
The user ID assigned to the user connected to the workstation is registered in the user ID database of the network communication management workstation, and the user connected to the workstation is disclosed in the user key management database. The key is registered in association with the user ID.
[0206]
The access management unit performs user authentication by encrypted communication between a user security function of an information processing apparatus such as a personal computer used by a user and a communication security function of a network communication management workstation. Hereinafter, this embodiment will be described.
[0207]
(1) When a user uses this network communication system, an access request is input to an information processing apparatus such as a personal computer used by the user. The user security function adds a “sequence number” and sends it as a user authentication request to the communication security function.
[0208]
(2) Upon receiving this request, the communication security function searches the user ID database using the “user ID” assigned to the user as a key, and if “user ID” is applicable, the time information (“month”, “ (Day, hour, minute, second)) and a challenge code CAC composed of random numbers is generated and sent to the user security function.
[0209]
(3) The user can select a secret key d as a master key assigned to the user from a floppy disk or an IC card. _ID And enter the key recorded on this electronic medium. A signature creation operation is performed on the challenge code CAC sent with this master key, and the created signature data Sd _ID (CAC) is sent to the communication security function.
[0210]
(4) The communication management security function searches the user key management database using “user ID” as a key, and secret key d as a master key assigned to the user. _ID Public key Q corresponding to _ID The signature data Sd sent _ID A signature verification operation is performed based on (CAC) and the generated challenge code CAC.
[0211]
Secret key d used in the user security function by signature verification operation _ID Key Q used in communication management security function _ID Is an operation on an elliptic curve (Q _ID = D _ID If the challenge code CAC is not falsified in the middle of the communication path, the user can be determined as a valid user, and the authentication determination result is authentication complete. To do. On the other hand, if the key used for the encryption process does not correspond or the challenge code CAC is falsified, the authentication determination result is an authentication error. Then, the authentication determination result obtained in this way is returned to the user security function.
[0212]
(5) When the authentication determination result is completion of user authentication, the user security function transmits the user authentication result to the network communication management unit, excluding the “sequence number”.
[0213]
Note that the software function configuration of the network communication management unit in FIG. 3 is the same regardless of whether the common key encryption or the public key encryption is used as the encryption algorithm.
[0214]
Next, with reference to FIG. 15, an embodiment of the software function configuration of the encrypted communication processing unit when the public key encryption algorithm is used will be described.
[0215]
As the public key encryption algorithm, the elliptic curve encryption algorithm is used, similar to the public key encryption algorithm used in the access management unit 1010 (see FIG. 3). Yes.
[0216]
When performing encrypted communication, the scramble function f13 of the network communication management workstation 110 receives data transmitted from the network transmission / reception management function f12 (see FIG. 4).
[0217]
Next, a session key is issued from the key configuration management function f41 of the key management workstation 140, and the received data is encrypted based on this key to create a ciphertext, and the network communication management on the destination user side To the descrambling function f14 of the workstation 110.
[0218]
The descrambling function f14 decrypts the sent ciphertext and acquires data.
[0219]
As a precondition for operating the encrypted communication processing unit 1030 (see FIG. 3), each user who uses an information processing apparatus such as a personal computer, like the access management unit 1010 (see FIG. 3), has a key management station. From the user ID and master key, the private key d _ID And the public key Q corresponding to this secret key _ID (= P · d _ID ; Is an operation on an elliptic curve), and the public key Q assigned to the user in the network key configuration database 24 of the key management workstation 140 is assigned. _ID Is registered and managed in association with the user ID. Similarly, the network communication management workstation 110 has public keys Q of all users connected to this workstation. _ID Are registered and managed in the user key management database 12 in association with the user ID.
[0220]
Hereinafter, examples of the encrypted communication processing unit will be described.
[0221]
(1) When carrying out encrypted communication, when an encrypted communication request is generated, the key management workstation 140 searches the network key configuration database 24, and the public key Q of the destination user transmitted by the user. _YID To get. This public key Q _YID Is sent as a session key to the network communication management workstation 110 to which the calling user connects.
[0222]
(2) The network communication management workstation 110 to which the user on the calling side connects connects the scramble key K for receiving and encrypting the data M1504 to be transmitted from the network transmission / reception management function f12. _S Descramble key K for decrypting with 1501 _D 1502 is generated. This scramble key K _S 1501 and descramble key K _D The encryption algorithm that operates 1502 is a common key encryption algorithm.
[0223]
Next, the data M1504 input by the user is converted into a scramble key K. _S 1501 is encrypted, and the ciphertext E _KS (M) 1506 is created.
[0224]
Descramble key K _D Public key Q as session key sent 1502 _YID Encrypted in 1507 and encrypted descramble key E _QYID (K _D ) 1508 is generated.
[0225]
In the case of public key encryption, the sent key Q _YID 1508 can be used as it is as a key for encryption.
[0226]
Two sets of ciphertext E created in this way _KS (M) 1506 and E _QYID (K _D ) 1508 to the network communication management workstation 110 to which the transmission destination user is connected.
[0227]
(3) The destination network communication management workstation 110 searches the user key management database 12 and manages the secret key D as the master key of the managing user. _YID 1510 is acquired.
[0228]
This acquired private key D _YID In 1510, the encryption descrambling key E _QYID (K _D 1508 is decrypted and the descrambling key K _D 1503 is acquired. Next, this descrambling key K _D 1503, the ciphertext E _KS (M) Decodes 1506 to obtain data M1505.
[0229]
(4) The acquired data M1505 is transmitted to the destination user via the network transmission / reception management function f12.
[0230]
The encrypted communication from the user to the user is performed by the above method.
[0231]
Scramble key K _S , Descramble key K _D Is used as a common key encryption algorithm that uses the MULTI2 encryption algorithm that has been proven in CS digital broadcasting.
[0232]
The encryption algorithm that operates the master key and session key uses an elliptic curve encryption algorithm that is different from the common key encryption algorithm, as described above, and this constitutes a double encryption method to improve security. Yes.
[0233]
Next, in the network communication system of the present invention, an embodiment of a key management unit when elliptic curve cryptography is used as public key cryptography will be described. The software function of the key management unit in the case of using public key cryptography is the same as the software function in the case of common key cryptography shown in FIG. As shown in the embodiment of the software function configuration of the encryption processing unit and the access management unit when the public key encryption algorithm is used, the master key of each user is the secret key d _ID And the public key Q is calculated by calculating the secret key and the elliptic curve. _ID (= D _ID · P; · corresponds to an operation on an elliptic curve).
[0234]
The scramble key and descramble key encryption algorithm is a MULTI2 encryption algorithm as a common key encryption algorithm.
[0235]
The key management unit manages information on the master keys of all users who use the network communication system and session keys involved in encrypted communication.
[0236]
Hereinafter, the key management unit will be described with reference to FIG.
[0237]
(1) Master key management
All users who use this network communication system have a user ID and a corresponding private key d as a master key. _ID And the corresponding public key Q _ID Is assigned,
Similarly, the network communication management workstation 110 has a network ID and a corresponding secret key D as a master key. _S , Corresponding public key Q _S Is assigned.
[0238]
In the network key configuration database 24 of the key management workstation 140, all users are made to correspond to the user IDs and public keys assigned to the users, and the network IDs are assigned to all network communication management workstations 110. And the public key assigned to this workstation are registered in association with each other.
[0239]
Similarly, in the user key management database 12 of the network communication management workstation 110, a secret key D as a master key corresponding to the network ID assigned to the workstation 110 is stored. _S , Corresponding public key Q _S As well as the user IDs and master keys of all users connected to the workstation 110. _ID Q that is the public key to be paired _ID And correspondingly registered. When using public key cryptography, the network key configuration database 24 registers only the public key and does not need to register the secret key.
[0240]
The secret key as the user's master key and the public key to be paired are managed by the communication configuration management function f15 of the network communication management workstation 110 and the key configuration management function f41 of the key management workstation 140. The registration, update, and deletion of the user's master key are performed by these functions.
[0241]
When the network communication management workstation 110 is installed, the network ID of the workstation 110, the secret key and the corresponding public key are generated by the key configuration management function f41 of the key management workstation 140, and the network ID database 27 and the network key are generated. In addition to registration in the configuration database 24, registration is performed in the user ID database 28 and the user key management database 12 by the communication configuration management function f 15 of the network communication management workstation 110.
[0242]
The private key of each user and the public key to be paired are also generated by the key configuration management function f41 and registered in the network key configuration database 24 in association with the public key and the user ID. The generated private key and paired public key of each user must be registered in the user key management database 12. However, when the network communication management workstation 110 is installed, it is directly input and registered from the communication configuration management function f15. However, it is also possible to use the public key assigned to the network communication workstation 110 and deliver it encrypted by the scramble function f14.
[0243]
Similarly, the user's master key and the data related to the update / deletion of the master key of the network communication management workstation 110 are also encrypted using the public key assigned to the network communication management workstation 110 by the scramble function f14. It can also be delivered.
[0244]
Since the key information is information that is the basis of encrypted communication in this network communication system, it is necessary to check its validity at the network communication management workstation 110. For this reason, the key management workstation 140 has a private key d that is a unique master key. _C And the corresponding public key Q _C (= D _C ・ P) is determined, and a signature creation operation (electronic signature) is performed on the key information to be sent by the key management workstation.
[0245]
Of course, this public key is disclosed to the network communication management workstation 110.
[0246]
Next, a procedure for managing the master key will be described. Let M be information on the user's key generated by the key configuration management function 140. Here, a case where the key is updated will be described.
[0247]
(I) M is the user ID of the user to be updated, the secret key d to be updated _ID , Public key Q _ID And the update date and time.
[0248]
All network configuration management databases 24 are searched, and the network ID of the network communication management workstation 110 connected to the obtained user is set as I. _S , Public key Q _S And This public key Q _S , The signature creation operation is executed and distributed by the key management workstation 40, and the user side uses the public key Q by the signature verification operation. _S The validity of this shall be confirmed.
[0249]
The scramble key generated by the scramble function to encrypt the key information is K _S , Descramble key K _D And
[0250]
(Ii) Key information M is scrambled key K _S Encrypted with ciphertext E _KS Create (M).
[0251]
Descramble key K _D Public key Q _S Encrypted with the encrypted descrambling key E _QS (K _D ).
[0252]
For the key information M, a secret key d which is a master key of the key management workstation 140 _C The signature creation operation is performed with signature data S _dC Create (M).
[0253]
Next, this E _KS (M), E _QS (KD), S _dC (M) is the network ID I _S Specify the destination with, and send.
[0254]
(Iii) The network management workstation 110 on the receiving side adds E to the descrambling function f14. _KS (M), E _QS (KD), S _dC Send (M). The descrambling function f14 is a secret key d assigned to the network communication management workstation 110. _S By E _QS (K _D ) And descramble key K _D To get.
[0255]
Next, K _D By E _KS (M) is decrypted to obtain information M on the key.
[0256]
(IV) Information M on the key and the public key Q of the key management workstation 140 _C And signature data S _dC A signature verification operation is performed on (M), and it is confirmed that the key-related information M is sent from the valid key management workstation 140.
[0257]
If this confirmation is obtained, the key information M is sent to the communication configuration management function f15, and the user key management database 12 is updated based on the key information M.
[0258]
(V) The master key is updated and distributed to each user by recording it on a recording medium such as an IC card or a floppy disk on the network communication management workstation 110 side, or distributing it offline to the user before the change. It can be encrypted with the assigned public key and sent online using the network. Which of these methods is used depends on the situation.
[0259]
(2) Session key management
(I) When performing encrypted communication by the encrypted communication processing unit 1030 (see FIG. 3), the communication security management function f11 of the network communication management workstation 110 of the caller user sends the user ID of the caller and the destination party. The session key issue request with the user ID added is sent to the key configuration management function f41 of the key management workstation 140.
[0260]
(Ii) The key configuration management function f41 searches the network key configuration database 24 using the user ID as a key, and public key Q corresponding to the master key of the destination user. _YID Take out.
[0261]
The extracted public key Q _YID In contrast, the secret key d which is the master key of the key management workstation 140 _C The signature creation operation is performed with signature data S _dC (Q _YID ).
[0262]
This public key Q _YID And signature data S _dC (Q _YID Is issued to the communication security management function f11 of the network communication management workstation 110 of the calling user.
[0263]
(Iii) Public key Q _YID And signature data S _dC (Q _YID ), The communication security management function f11 receives the public key Q of the key management workstation 140. _C Using the signature data S _dC (Q _YID ) Perform signature verification operation on public key Q _YID Is sent from a valid key management workstation 140.
[0264]
Public key Q _YID Is used to encrypt the descrambling key as a session key.
[0265]
In this way, a session key is issued.
[0266]
Next, the software function of the non-repudiation prevention unit when elliptic curve cryptography is used as public key cryptography in the network communication system of the present invention will be described.
[0267]
The software function of the non-repudiation unit when using public key cryptography is the same as the software function when using common key cryptography as shown in FIG. 8, and the user inputs a non-repudiation prevention request as in common key cryptography. In such a case, the non-repudiation file is created based on the data to be transmitted in the communication management security function of the network communication management workstation.
[0268]
In the case of public key cryptography, this non-repudiation file uses a data that has been subjected to a signature creation operation, and the non-repudiation function of the key management workstation determines non-repudiation from a third party standpoint.
[0269]
Hereinafter, an example of the software function configuration of the non-repudiation prevention unit when elliptic curve cryptography is used as public key cryptography will be described with reference to FIG.
[0270]
(1) It is assumed that a user (information processing apparatus 120 used for network access) transmits data M, and the network ID assigned to the network communication management workstation 110 connected to this user 120 is set as I. _S , The corresponding private key is d _S , Q is the public key _S And
[0271]
If the user needs non-repudiation, a non-repudiation request 801 is input when data M is input.
[0272]
(2) The communication management security function f11 includes a hash function and a secret key d in the data M. _S The signature creation operation is performed by the signature data S _dS Create (M).
[0273]
In addition, the network ID I _S And public key Q _S Is added to create a non-repudiation file 802. The communication management security function sends the created non-repudiation file 802 to the non-repudiation management function f41 of the key management workstation 140 and the network transmission / reception management function f12 of the transmission destination.
[0274]
(3) The communication management security function f11 of the transmission destination adds an identifier to the hash value obtained by processing the received and decrypted data with the hash function, and uses this to prevent the non-repudiation function of the key management workstation 140 Send to f41.
[0275]
(4) The non-repudiation function f41 of the key management workstation 140 registers the sent non-repudiation file 802 and the hash value to which the identifier is added in the non-repudiation database 26 as evidence of the communication data, and is sent Signature data S _dS (M), added public key Q _S , And a hash value E, a signature verification operation is performed, and this non-repudiation determination result is also registered in the non-repudiation prevention database 26.
[0276]
(5) Similarly, the receiving network communication management workstation 110 receives the received data and the signature data S. _dS (M) and public key Q sent in addition _S The signature verification operation is performed as described above to confirm non-repudiation.
[0277]
The non-repudiation result is also transmitted to the user on the transmission side.
[0278]
(6) When a trouble occurs in the confirmation result of the non-repudiation performed on the receiving side, a non-repudiation inquiry request is made to the third party key management workstation 140.
[0279]
When receiving the non-repudiation prevention inquiry request, the non-repudiation prevention management function f41 retrieves the non-repudiation prevention determination result from the non-repudiation prevention management database 26 and sends it to the inquiry request source.
[0280]
Next, an embodiment of the software function of the key recovery unit when elliptic curve cryptography is used as public key cryptography in the network communication system of the present invention will be described.
[0281]
As shown in the encryption communication processing unit using the public key encryption algorithm in FIG. _S , Descramble key K _D Q as the public key as the session key for delivering the descrambling key _YID Then, encrypted communication is encrypted text E _KS (M) and encrypted descramble key E _QYID (K _D ).
[0282]
First, in IEICE Technical Report TECNICAL REPORT OF IEICE ISEC 97-15 (1997-07), “High-speed encryption method using elliptic curve” according to Kazuo Takagi and Hiroyuki Kurumaya, the encryption descrambling key E _QYID (K _D An embodiment of a key recovery method in which threshold logic is added to () will be described.
[0283]
(1) In the key recovery function f43 (see FIG. 4) of the key management workstation 140 (see FIG. 4), the public key Q for key recovery _A , Q _B , Q _C Is assigned and made public, and the private key d corresponding to this public key _A , D _B , D _C (Q _A = D _A ・ P, Q _B = D _B ・ P, Q _C = D _C ・ P) shall be stored.
[0284]
Encryption descrambling key E _QYID (K _D ) Includes key Q _YID , Q _A , Q _B , Q _C It is assumed that the threshold logic calculated in (1) is added.
[0285]
(2) As in the case of using the common key encryption, when performing encrypted communication, the descrambling key K _D Data must be encrypted before the data is scrambled key K _S Data encryption text E _KS (M) and encrypted descramble key E _QYID (K _D ) Must be generated in pairs.
[0286]
(3) When an unexpected situation occurs and it becomes necessary to decrypt the ciphertext, the paired ciphertext E _KS (M), E _QYID (K _D ) To the key management workstation 140 (see FIG. 4).
[0287]
In the key recovery function f43 (see FIG. 4), the secret key d _A , D _B , D _C 2 and E _QYID (K _D ) Using the threshold logic added to the descrambling key K _D To get.
[0288]
Next, this key K _D Ciphertext E _KS (M) is decrypted to obtain data M.
[0289]
In the network communication system of the present invention, the ciphertext of the data M to be transmitted is the scramble key K. _S Created by encryption operation.
[0290]
Therefore, the scramble key K is exactly the same as the key recovery unit (see FIGS. 9 and 10) using the common key encryption. _S Can be expressed by the exclusive OR of K1 and K2, and the key recovery can be performed using this. The keys P1 and P2 for key recovery shown in FIGS. 9 and 10 can be operated by a common key encryption algorithm, but the public key Q is used for key recovery. _A , Q _B Can also be used.
[0291]
In this case, the ciphertext E _KS The data added to (M) for key recovery uses K1 and K2 as public keys Q _A , Q _B Ciphertext E encrypted by _QA (K1), E _QB (K2) and the key recovery is performed by the public key Q in the key recovery function f43 (see FIG. 4) of the key management workstation 140 (see FIG. 4). _A , Q _B Private key d corresponding to _A , D _B Is performed by decrypting the added data.
[0292]
When public key cryptography is used in the cryptographic processing device 17 (see FIG. 12), the sequence for operating the cryptographic processing management device 17 (see FIG. 12) and the descrambling key synchronization device 22 (see FIG. 12) is public key cryptography. The scramble key switching sequence in FIG. 16 is as shown in FIG.
[0293]
When public key cryptography is used, the public key is used as it is as a session key, so the session key decryption device 13 depicted in FIG. 12 is not necessary. However, it is assumed that a session key signature verification device is installed, the signature creation calculation performed by the key management workstation is verified, and the validity of the session key is confirmed.
[0294]
In the network communication system of the present invention, even when public key cryptography is used, one network is closed between a network communication management workstation and a user (user personal computer) connected thereto, as in the case of using common key cryptography. Network can be built.
[0295]
Next, an example of a key hierarchy using public key cryptography when a closed network is configured for each network management workstation installed at each information base will be described with reference to FIG.
[0296]
Also in this case, the network communication management workstation 110 <j> has n _j A personal computer used by each user is connected to form a network.
[0297]
The user ID of user j is IDji, and the assigned secret key is D _ji , Q for the corresponding public key _ji (= D _ji ・ P).
[0298]
The network communication management workstation 110 <j> has n in the user ID database. _j User IDs {IDj1, IDj2,..., IDjn _j }, And the user key management database is associated with the user ID and the user's public key. _j Pieces of data {(IDj1, Qj1), (IDj2, Qj2), ..., (IDji, Qji), ..., (IDjn _j , Qjn _j )} Is registered.
[0299]
User authentication is performed in this network by a user authentication method using a public key encryption algorithm shown in FIG.
[0300]
Each network communication management workstation 110 <j> has I as a network ID. _Sj Secret key d _Sj , And the public key Q that is paired with this _Sj (= D _Sj P) is assigned, and the key management workstation 140 stores the IS that is the network ID of the network management workstation 110 <j> in the network user ID database 25. _j And the user ID {IDj1, IDj2,..., IDjn of the user managed by this _j } In correspondence with each other, and the network key configuration database 24 stores the network ID IS. _j And the public key Q of the network communication management workstation 110 <j> _Sj And m data {(IS ₁ , Q _S1 ), (IS ₂ , Q _S2 ), ..., (IS _m , Q _Sm )} Is registered. The procedure for the user i belonging to the network communication management workstation 110 <j> to perform the encrypted communication is almost the same as when the common key encryption algorithm is used.
[0301]
(1) User i inputs a destination (name) of a transmission partner and data M to be transmitted.
[0302]
(2) The network communication management workstation 110 <j> makes a session key issue request to the key management workstation 140.
[0303]
(3) The key configuration management function f41 (see FIG. 4) of the key management workstation 140 searches the network user ID database 25 and obtains the ID from the destination (name) of the transmission partner as the user ID of the partner user. _kl And I as the network ID of the network communication management workstation 110 <k> to which the other user connects _Sk To get.
[0304]
Next, this network ID I _Sk To search the network key configuration database 24 using _Sk Public key Q for _Sk To get.
[0305]
(5) The key management workstation 140 uses the Q as a session key. _Sk And I which is the network ID of the network management workstation 110 <k> of the transmission destination _Sk Are issued to the requesting network communication management workstation 110 <j>.
[0306]
(6) The network communication management workstation 110 <j> has a session key Q _Sk Scramble key K _S And descrambling key K _D Is generated.
[0307]
Next, data M is scrambled key K _S Encrypted with ciphertext E _KS Create (M). Descramble key K _D Session key Q _Sk Encrypted with the encrypted descrambling key E _QSk (K _D ). Therefore, the network ID I _Sk Based on the above, the transmission destination is connected to the communication system, and the created ciphertext E _KS (M), encryption descrambling key E _QSk (K _D )
[0308]
(7) The received network communication management workstation 110 <k> of the destination is the secret key d as the assigned master key. _Sk Encryption descramble key E _QSk (K _D ) And descramble key K _D To get. And this descramble key K _D Ciphertext E _KS (M) is decrypted to obtain data M.
[0309]
Next, the decrypted data M is sent to the information processing apparatus 120 such as a personal computer used by the user of the transmission destination.
[0310]
With the above procedure, encrypted communication from the user with the user ID IDji connected to the network management workstation 110 <j> to the user with the user ID IDkl connected to the network management workstation 110 <k> is performed. To be implemented.
[0311]
As shown in this embodiment, the key management workstation of this network communication system manages the public key assigned to each network communication management workstation, and the public key assigned to each user is Managed by the connected network communication management workstation.
[0312]
User authentication can also be performed with this key configuration, which indicates that one closed network is constructed between the network communication management workstation and the user connected thereto.
[0313]
Since the private key and public key assigned to each user are used only for user authentication and not as a key for encrypted communication outside the network, a unique encryption algorithm is used in this network. It is also possible.
[0314]
It is possible to improve security by performing encrypted communication in the network with the public key assigned to each user.
[0315]
A procedure for performing encrypted communication from a user with user ID IDji to a user with IDjr in the network will be described below.
[0316]
(1) The user sends a session key issuance request for performing encrypted communication from the IDji to the user IDjr to the network communication management workstation 110 <j> to be connected.
[0317]
(2) The network communication management workstation 110 <j> searches the user unique key database, acquires the public key Qjr assigned to the user ID jr, and sends it to the user ID jr.
[0318]
(3) The user ID ji encrypts the data M to be sent with the public key Qjr, and the ciphertext E _Qr (M) is created and sent to the user ID jr.
[0319]
(4) Ciphertext E _Qr The user ID jr that has received (M) is the secret key d corresponding to the public key Qjr assigned to this user. _jr (Q _j r = d _jr Decrypt the ciphertext using P) to obtain data M.
[0320]
【The invention's effect】
According to the present invention, in a system that connects a group of a plurality of users with a bidirectional communication network and transmits information bidirectionally between users using a communication path established between the groups, Safety (security) can be ensured so that information to be transmitted is not subject to information failure such as alteration, forgery, omission, non-delivery.
[Brief description of the drawings]
FIG. 1 is a network configuration diagram showing a network communication system to which the present invention is applied.
FIG. 2 is a system configuration diagram showing a network communication system to which the present invention is applied.
FIG. 3 is a block diagram showing a network communication system to which the present invention is applied.
FIG. 4 is a functional block diagram showing a software function in each block of the network communication system to which the present invention is applied.
FIG. 5 is an explanatory diagram showing a software function configuration of an access management unit using a common key encryption algorithm.
FIG. 6 is an explanatory diagram showing an encrypted communication processing unit using a common key encryption algorithm.
FIG. 7 is an explanatory diagram showing a key management unit.
FIG. 8 is an explanatory diagram showing a non-repudiation prevention unit.
FIG. 9 is a flowchart showing encryption processing in a key decryption unit.
FIG. 10 is a flowchart showing a decryption process in a key decryption unit.
FIG. 11 is an explanatory diagram showing a hierarchical structure when a common key cryptosystem is applied.
FIG. 12 is a block diagram showing a cryptographic processing device of a network communication system to which the present invention is applied.
FIG. 13 is a flowchart showing a scramble key switching process using a common key cryptosystem.
FIG. 14 is an explanatory diagram showing a software configuration of an access management unit using a public key encryption algorithm.
FIG. 15 is an explanatory diagram showing an encrypted communication processing unit using a public key encryption algorithm.
FIG. 16 is a flowchart showing a scramble key switching process using a public key cryptosystem.
FIG. 17 is an explanatory diagram showing a key hierarchy of a public key cryptosystem.
[Explanation of symbols]
DESCRIPTION OF SYMBOLS 1 ... Personal computer, 2 ... CPU, 3 ... Data processing apparatus, 5 ... CPU, 6 ... Data processing apparatus, 8 ... Encryption apparatus for user authentication, 7 ... Encryption apparatus for user authentication, 9 ... IC card control part, 11 ... User ID database, 12 ... User key management database, 13 ... Session key decryption device, 15 ... Descramble key encryption device, 16 ... Scramble key / descramble key generation device, 17 ... Cryptographic processing management device, 18 ... Data encryption 19 ... synthesizer, 20 ... descramble key decryptor, 22 ... descramble key synchronizer, 21 ... distributor, 23 ... data decryptor, 24 ... network key configuration database, 25 ... network user ID database 26 ... Non-repudiation management database, 27 ... Network ID database, 28 ... The ID database, 40 ... key management station, 81 ... satellite line, 82 ... Internet, 83 ... terrestrial line, 110 <1> to <N>, 110a, 110 ... workstation for network communication management, 120 <1-1> ~ <1-M1> ~ <N-MN>, 120 ... information processing apparatus, 121 ... personal computer, 122 ... CAD workstation, 123 ... TV conference personal computer, 124 ... mail server, 130 ... local area network, 180 ... Satellite communication station equipment, 181 ... Router, 501 ... Access request, 502 ... Authentication request, 503 ... User authentication request, 504 ... User master key, 505 ... Sequence number, 506 ... User ID, 507, 510 ... Challenge code, 508: User master key, 509: Encryption challenge code 601 ... session key, 602 ... sender's user master key, 603 ... receiver's user master key, 604,605 ... ciphertext, 606 ... scramble key, 607 ... descramble key, 608,609 ... encryption 701 ... Session key issue request, 702 ... Issued session key, 703 ... Master key update request, 801 ... Non-repudiation request, 802, 803 ... Non-repudiation file, 1010 ... Access management unit, 1020 ... Network communication management unit DESCRIPTION OF SYMBOLS 1030 ... Encryption communication processing part, 1040 ... Key management part, 1050 ... Non-repudiation management part, 1060 ... Key recovery part, 1501 ... Scramble key, 1502, 1503 ... Descramble key, 1504, 1505 ... Data, 1506 ... Encryption Sentence, 1507 ... public key, 1508 ... encrypted descrambling key, 1510 ... secret key as a user's master key, f11 ... communication management security function, f12 ... network transmission / reception management function, f13 ... scramble function, f14 ... descrambling function, f15 ... communication configuration management function, f21 ... user security function, f22 ... Data file processing function, f41 ... key configuration management function, f42 ... non-repudiation function, f43 ... key recovery function.

Claims (7)

In a network including two or more communication nodes and a key management node that can be used for communication by each of a plurality of users, a user using one communication node (referred to as a transmission source user) is different from the communication node. A key management method for performing encrypted communication when transmitting data to a user (referred to as a destination user) using a communication node,
The key management node is
User management means for managing a user identifier indicating each of the plurality of users in association with a communication node identifier indicating the communication node that the user can use for communication;
A communication node key managing means for managing the encryption key associated with the decryption key given in advance to the communication node and the communication node identifier indicating the communication node;
When receiving a request for encrypted communication including an identifier of a transmission source user and an identifier of a transmission destination user from the transmission source user via the communication node used by the transmission source user,
Generate a session key for the encrypted communication,
Extracting the communication node identifier (referred to as a transmission destination communication node identifier) managed by the user management means in association with the identifier of the transmission destination user included in the encrypted communication request;
Extracting each encryption key managed by the communication node key managing means in association with the identifier of the communication node of the transmission source of the encrypted communication request and the destination communication node identifier;
The generated session key is encrypted using each encryption key,
A key management method comprising: transmitting both encrypted session keys to a communication node that has transmitted the request for encrypted communication. The key management method according to claim 1 , comprising:
Each of the communication nodes
A decryption key,
A scramble key for encrypting a message to be transmitted, and an encryption key generating means for generating a descrambling key for decrypting a message encrypted with the scramble key,
When receiving both the encrypted session keys from the key management node,
Generating a scramble key and a descramble key in the encryption key generation means;
Of the received session keys, the session key encrypted with an encryption key that can be decrypted with the decryption key is decrypted with the decryption key, and the descramble key is decrypted with the decrypted session key. Encrypt,
The descramble key after the encryption, the message encrypted with the scramble key, and the session key encrypted with the encryption key that can be decrypted with the decryption key of the communication node that can be used by the destination user. A key management method comprising: transmitting to the network. In a network including two or more communication servers and a key management server that can be used by each of a plurality of users for communication, a user using one communication server (referred to as a transmission source user) is different from the communication node. A network communication method for transmitting data by encrypted communication to a user (referred to as a destination user) using a communication server,
Each of the communication servers has a key management means for managing an identifier indicating each of the users who can use the communication server in association with a decryption key given in advance to the user,
A scramble key for encrypting a message to be transmitted to another communication server, and an encryption key generating means for generating a descramble key for decrypting the message encrypted with the scramble key,
The key management server
User key management means for managing a user identifier indicating each of the plurality of users in association with an encryption key associated with a decryption key given in advance to the user,
The communication server that can be used by the transmission source user is:
When a request for encrypted communication to the destination user is received along with a message from the source user,
If the received message has been encrypted, the key management unit decrypts the encrypted message with a decryption key managed in association with the identifier of the transmission source user,
The encryption key generation means generates a scramble key and a descramble key, encrypts the decrypted message with the generated scramble key,
Requesting the encryption key for encrypting the descrambling key to the key management server together with the identifier of the destination user;
The key management server that has received the request for the encryption key for encrypting the descrambling key extracts the encryption key managed in association with the identifier of the transmission destination user included in the request by the user key management means. Reply to the requesting communication server,
The network communication method, wherein the communication server that has received the encryption key from the key management server encrypts the scramble key with the encryption key and transmits the scramble key together with the encrypted message. In a network including two or more communication servers and a key management server that can be used by each of a plurality of users for communication, a user using one communication server (referred to as a transmission source user) is different from the communication node. A network communication method for transmitting data by encrypted communication to a user (referred to as a destination user) using a communication server,
Each of the communication servers has a key management means for managing an identifier indicating each of the users who can use the communication server in association with a decryption key given in advance to the user,
A scramble key for encrypting a message to be transmitted to another communication server, and an encryption key generating means for generating a descramble key for decrypting the message encrypted with the scramble key,
The key management server
A communication server key management means for managing a communication server identifier indicating each of the communication servers and an encryption key associated with a decryption key given in advance to the communication server;
User management means for managing the communication server identifier in association with user identifiers indicating the plurality of users who can use each communication server,
The communication server that can be used by the transmission source user is:
When a request for encrypted communication to the destination user is received along with a message from the source user,
When the message is encrypted, the key management unit decrypts the encrypted message with a decryption key managed in association with the identifier of the transmission source user,
The encryption key generation means generates a scramble key and a descramble key, encrypts the decrypted message with the generated scramble key,
Requesting the encryption key for encrypting the descrambling key to the key management server together with the identifier of the destination user;
The key management server that has received the request for the encryption key for encrypting the descrambling key uses the identifier of the communication server managed in association with the identifier of the destination user included in the request in the user management means. Extracting, extracting the encryption key managed in association with the identifier of the communication server extracted by the communication server key management means, and returning it to the requesting communication server,
The network communication method, wherein the communication server that receives the encryption key from the key management server encrypts the descrambling key with the encryption key and transmits the encrypted message together with the encrypted message. A communication system in a network including two or more communication servers and a key management server, each of which can be used by a plurality of users for communication,
Each of the communication servers
A key management means for managing an identifier indicating each user who can use the user and a decryption key given in advance to the user in association with each other;
When a message sent to a user who can use another communication server (referred to as a destination user) is received from a user who can use the user (referred to as a transmission source user), the message is encrypted. A message decrypting unit in the network that decrypts the message with a managed decryption key associated with the identifier of the transmission source user in the key management unit,
An encryption key generating means for generating a scramble key used for encrypted communication in the network and a descramble key for decrypting a message encrypted with the scramble key;
Message encryption means for encrypting the decrypted message with the scramble key;
User identifier transmission means for transmitting an identifier indicating a user to whom the message is transmitted to the key management server;
An encryption key receiving means for receiving an encryption key as a response to the user identifier transmitted from the user identifier transmitting means from the key management server;
An encryption key encryption means for encrypting the descrambling key generated by the encryption key generation means together with the scramble key used by the message encryption means with the encryption key received by the encryption key receiving means;
Network transmission means for transmitting the encrypted message and the encrypted descrambling key to the network;
When an encrypted message and descrambling key are received from the network, the descrambling key is decrypted with a decryption key given in advance to the network, and the encrypted message is decrypted with the decrypted descrambling key. Message decrypting means,
The key management server
User management means for managing a user identifier indicating each of the plurality of users in association with a communication server identifier indicating the communication server that can be used by the user;
A communication server key managing means for managing the communication server identifier in association with an encryption key associated with a decryption key given in advance to the communication server indicated by the communication server identifier;
Upon receiving an identifier of the destination user from the communication server, the communication server identifier managed in association with the identifier of the destination user is extracted by the user management unit, and the extraction is performed by the communication server key management unit And an encryption key extracting means for extracting the encryption key managed in association with the communication server identifier and returning the encryption key to the communication server that is the transmission source of the identifier of the transmission destination user. Network communication system. A communication system in a network including two or more communication servers and a key management server, each of which can be used by a plurality of users for communication,
Each of the communication servers
A key management means for managing an identifier indicating each user who can use the user and a decryption key given in advance to the user in association with each other;
When a message sent to a user who can use another communication server (referred to as a destination user) is received from a user who can use the user (referred to as a transmission source user), the message is encrypted. A message decrypting unit in the network that decrypts the message with a managed decryption key associated with the identifier of the transmission source user in the key management unit,
Encryption key generating means for generating a scramble key used for encrypted communication in the network and a descramble key for decrypting a message encrypted with the scramble key;
Message encryption means for encrypting the decrypted message with the scramble key;
User identifier transmission means for transmitting a destination user identifier indicating a destination user of the message to the key management server;
An encryption key receiving means for receiving an encryption key as a response to the user identifier transmitted from the user identifier transmitting means from the key management server;
An encryption key encryption means for encrypting the descrambling key generated by the encryption key generation means together with the scramble key used by the message encryption means with the encryption key received by the encryption key receiving means;
Network transmission means for transmitting the encrypted message and the encrypted descrambling key to the network;
When receiving the encrypted message and descrambling key from the network, the key management unit decrypts the descrambling key with a decryption key managed in association with the identifier of the transmission destination user of the message, and Message decrypting means for decrypting the encrypted message with the decrypted descramble key,
The key management server
User key management means for managing a user identifier indicating each of the plurality of users in association with an encryption key associated with a decryption key given in advance to the user;
Upon receiving the transmission destination user identifier from the communication server, the encryption key managed in association with the transmission destination user identifier is extracted by the user key management means, and the encryption key is used as the transmission destination user identifier. An encryption key extracting means for sending a reply to the communication server of the transmission source of
The user identifier transmission means further transmits a transmission source user identifier indicating a transmission source user of the message to the key management server together with the transmission destination user identifier,
The encryption key extraction unit generates a session key, further extracts the encryption key managed in association with the transmission source user identifier in the user key management unit, and associates it with the extracted transmission source user identifier The generated session key is encrypted with each of the encryption key managed in association with the destination user identifier and the encrypted session key (each encrypted source session key). , Called a destination encryption session key) to the communication server of the transmission source,
The encryption key receiving means receives the source encryption session key and the destination encryption session key instead of the encryption key;
The encryption key encryption means encrypts the descrambling key with the source encryption session key instead of the encryption key,
The network transmission means transmits the destination encrypted session key in addition to the encrypted message and the encrypted descrambling key,
When the message decryption unit receives the encrypted message, descrambling key, and destination encryption session key from the network, the message management unit manages the decryption managed in association with the destination user identifier in the key management unit. A network that decrypts the destination encrypted session key with a key, decrypts the descramble key with the decrypted session key, and decrypts the encrypted message with the decrypted descramble key Communications system. The network communication system according to claim 5 , wherein
The user identifier transmission means further transmits an identifier of its own communication server (referred to as a source communication server identifier) to the key management server together with the destination user identifier,
The encryption key extraction unit generates a session key, further extracts an encryption key managed in association with the transmission source server identifier by the server key management unit, and manages the encryption key in association with the transmission source server identifier. The generated session key is encrypted with each of the encryption keys managed in association with the identifiers of the communication server managed in association with the encrypted encryption key and the destination user identifier, and both encrypted Return session keys (referred to as source encryption session key and destination encryption session key, respectively) to the communication server of the source,
The encryption key receiving means receives the source encryption session key and the destination encryption session key instead of the encryption key;
The encryption key encryption means encrypts the descrambling key with the source encryption session key instead of the encryption key,
The network transmission means transmits the destination encrypted session key in addition to the encrypted message and the encrypted descrambling key,
When the message decrypting means receives the encrypted message, descrambling key and the destination encrypted session key from the network, the message decrypting means decrypts the destination encrypted session key with its own decryption key, A network communication system, wherein the descrambling key is decrypted with the decrypted session key, and the encrypted message is decrypted with the decrypted descrambling key.

Images