JPH01194542A - Cryptographic key communication system - Google Patents

Abstract

PURPOSE:To safely execute secret communication in plural stations by coupling the ID information of the respective stations and the secret information of a system itself. CONSTITUTION:In the case of a ring-shaped network for an (m) number of persons, a user (i) transmits a communication sentence to an adjacent user (i+1). The procedure of key generation is the same for all the users and the user (i) (1<=i<=m) receives the opened ID information, which are peculiar for the user (i) in each station, the secret information of the system itself and coupling information with a random number from the adjacent station and prescribed operation is executed. Then, an operated result is sent to the other adjacent station and by repeating this operation in a prescribed number, a cryptographic key to be common for the respective stations is made. Then, the communication is executed by using this cryptographic key, Thus, the same secret key is shared in the plural stations and the secret communication can be safely executed.

Description

[Detailed Description of the Invention] [Industrial Application Field] The present invention relates to a cryptographic key communication method in which a secret key is shared by multiple stations for secret communication using secret key cryptography. .

[Conventional technology]

Figure 3 shows the conventional cryptographic key sharing method (“ID
“Key distribution method based on ”, Institute of Electronics and Communication Engineers Technical Research Report IT
86-53. pp. 25-28゜1986), in which 51 is a memory for storing secret information, 52 is a memory for storing public information, and 53 is a memory for storing an integer e. , 54 is a random number generator, 55 is a memory for storing random numbers generated by the random number generator 54, and 56 is a value S of the secret information memory 51, a value a of the public information memory 52, and a value r of the random number storage memory 55.
57 is a terminal for outputting the message, 58 is a terminal for inputting the message, 59 is a terminal for the user to input ID information of the other party, 60 is the random number storage memory mentioned above. 55 value r, the value e of the memory 53, the input value X from the correspondence terminal 58, and the ID information input terminal 5.
Full information input from 9! From ID (” / ID
) ' A circuit that performs a calculation of mod n, and 61 is a terminal that outputs a key.

Next, the operation will be explained. The operator or builder of a network or communication system selects large prime numbers p and q in advance and calculates n=p'(1(151). Also, e -d = 1 (mod(p-1)(q -1) (
However, e is relatively prime to (p-1) (q-1))
(152) Select e and d, and from user i's ID information (this is IDi), s i = I Di ' mod n
(153) and stores it in the secret information memory 51 unique to that user.

If the formula (153) holds true, s i″= I D i (mod n)
(154) (Rivest, R, L,, Sh
amir, A., 8dleman, L.: AMeth
od for Obtaining Digital
Signatures andPublic-key
Cryptosystems”, Cornmun, A.
CM+21+ρp-120-126, 1978), so
If this confidential information is sent along with the message, the recipient can confirm it using the sender's ID. Furthermore, the operator or builder selects an integer a to be the primitive source using CF (pi, G F (q)) and stores it in the public information memory 52. The integer e is also stored in the memory X53.

When sharing a key between two parties, for example, when user 1 and user 2 share a key, the key generation procedure for user 1 and user 2 is the same, so here we will describe the generation procedure for user 1. .

First, the user 1 causes the random number generator 54 to generate a random number r, and stores it in the memory Y55. In the arithmetic circuit X56, the secret information memory 51, the public information memory 52, and the memory Y55
From Xi = s1 ・a”mod n
Calculate (155),
The message is sent to the user 2 from the message output terminal 57. User 2
similarly sends x2 to user 1.

Next, the user 1 receives the information x2 sent from the user 2 from the correspondence terminal 58. User 1 inputs the ID information of the other user, that is, IDz, to the ID information input terminal 59.
is input, and using the arithmetic circuit Y60 from the memory X53 and memory Y55, Key=
) ”mod n (156).User 2 similarly obtains the Key.

At this time, the value obtained from the key output terminal 61 is Key=
a 11′”” mod n (1
57), which means that user 1 and user 2 have been able to share the key.

[Problem to be solved by the invention]

Conventional encryption key communication methods using ID information are configured as described above, so secret keys can only be shared in one-to-one communication, and multiple stations can share the same information at the same time, such as in a TV conference. There were problems such as the need to share the private key by another method when communicating.

This invention was made to solve the above-mentioned problems, and by combining the ID information of each station and the secret information of the system itself, it is possible to carry out secure secret communication between multiple stations using cryptographic key communication. The purpose is to obtain a method.

[Means to solve the problem]

The cryptographic key communication method according to the present invention receives ID information that is unique to users of each station and is a combination of random numbers, secret information of the system itself, and random number combination information from adjacent stations and performs a predetermined calculation. This method is characterized in that it is transmitted to other adjacent stations, repeated a predetermined number of times to create a common encryption key for each of the two or more stations, and communicates using this encryption key.

[Effect]

Each station has ID information that is unique to the user and is made public.
The combined information of the system's own secret information and random numbers is received from an adjacent station, subjected to predetermined calculations, and sent to other adjacent stations. By repeating the above operation a predetermined number of times, the calculation results for all stations are obtained, and a common encryption key is created from the calculation results.

Communication is then performed using this common encryption key.

[Embodiments of the invention] An embodiment of the present invention will be described below.

FIG. 1 shows an embodiment of the present invention. In the figure, 1 is a memory for storing secret information, 2 is a memory for storing public information, and 3 is a memory for storing public information.
is a random number generator, 4 is a memory for storing random numbers generated by this random number generator 3, and 5 is a value S of the secret information memory 1, a value a of the public information memory 2, and a value r to s of the random number storage memory 4. -a'modn calculation circuit; 6 is a selector with two outputs; 7 is a counter; 8 is a terminal for inputting a message; 9 is one line of the two outputs of the selector 6;
ID is the other line for this line 9, 11 is a terminal for outputting a message, 12 is a terminal for the user to input ID information of the other party, and 13 stores the ID information input to this ID information input terminal 12. The memory 14 calculates (x'/I) from the value r of the random number storage memory 4, the value ID of the ID information storage memory 13, and the value
D2)' A circuit for calculating mod n, 15 is a gate that opens when the count of the counter 7 is 0 or more and m-2 or less and closes when m-1, assuming that there are m users.
6 is a gate opposite to this gate 15, which opens when the count of the counter 7 is m-1 and closes when the count is 0 or more m-2;
17 is a modulus n multiplier, and 18 is a terminal from which a key is obtained when the key sharing procedure is completed.

Next, the operation will be explained. The operator or builder of a network or communication system must determine in advance a large prime number 1)+, pz (where pi=4ki-1, i=1,
2) and n=1)+'pz (
ID1) For k=2, ・k, −kl −kZ +
1 (ID2) is calculated. And user i
From the ID information (this is referred to as IDi), s i = ID i kmod n
(ID3) and stores it in the secret information memory 1 unique to that user.

If the formula (ID3) holds true, s i' = I Di2 (mod n)
(ID4) (Liebe
rherr, K, :Uniform Complete
xity and Digital Signature
e”.

Lecture Notes in Computer
5science 115+Automa.

Language and Programming+
Eighth ColloColloquiu, 1
srae1. pp, 530-543.198]), so if this confidential information is sent along with the message, the receiver can confirm it using the sender's rD. Further, the operator or constructor selects an integer a to be the primitive source using GF (p+) and CF (pg), and stores it in the public information memory 2.

In the case of a ring-shaped network of m people as shown in Figure 2,
User i sends a message to an adjacent user (i+1). Since the key generation procedure is the same for all users, the procedure for user i (1≦i≦m) will be described here.

In FIG. 1, user i first generates a random number r using the random number generator 3.
i is generated and stored in memory A4.

In the arithmetic circuit A5, from the secret information memory 1, the public information memory 2, and the memory A4, x i = si-a" mod n
(ID5) is calculated and sent to the selector 6. The selector 6 is controlled by a counter 7, and the counter 7 counts each time there is an input to the correspondence terminal 8. Selector 6
selects line A9 when the count is 0, selects line BIO when the count is 1 or more, and outputs it to the message output terminal 11. Here, since the count is 0, the value of formula (ID5) is output.

Next, from the user (i-1), xi-1=s i-1・ar'-'mod n
(ID6) is received. User i inputs the ID information ID1-1 of user (i-1) from the ID information input terminal 12.
is input and stored in memory B13. Memory A4. From memory B13 and the value x i-1 of equation (ID6), arithmetic circuit B
14 using (xi-1' / I Di-12)" mod n
(ID7) is calculated. Gate A15. Gate B16 is also controlled by counter 7. Gate A15 opens when the count is less than m-2 and closes when the count is m-1. Gate B16 closes when the count is less than m-2;
Opens when 1. Here, since the count is less than m-2, the gate A15 is opened and the multiplier 17 modulo n is used to calculate (I
D7) From the value of the formula and the secret information memory, xt=si ・ (xi-1'/ID-1") r
'mod n (ID8) is calculated and sent to the selector 6. Since the count is not 0, this value is output to the message output terminal 11.

As described above, receiving x i-1, finding and outputting the value xi of equation (ID2) is repeated a total of (m-2) times.

After that, x i-1 is received from the user (i-1), and Key = (xi-1' / ID-1") mod
Calculate n (ID9). Since the count is m-1, the gate 816 opens and the value of equation (ID9) is output from the disconnection output terminal 18.

At this time, Key = a 4A-Ir"'-r"rRod n
(1 ID) holds, so all users can obtain the same Key value.

〔Effect of the invention〕

As explained above, the present invention receives ID information, which is information unique to users of each station and is a combination of random numbers, secret information of the system itself, and combination information of random numbers from adjacent stations and performs predetermined calculations on the information. The encryption key is sent to other adjacent stations and repeated a predetermined number of times to create a common encryption key for each station, and this encryption key is used for communication. This has the effect of allowing keys to coexist.

[Brief explanation of the drawing]

FIG. 1 is a block diagram showing a cryptographic key communication system according to an embodiment of the present invention, FIG. 2 is a block diagram of a ring-shaped network to which this invention is applied, and FIG. 3 is a configuration diagram showing a conventional cryptographic key communication system. It is a diagram. 1 is a secret information memory, 2 is a public information memory, 3 is a random number generator, 4 is a memory A, 5 is an arithmetic circuit A, 6 is a selector,
7 is the counter, 8 is the correspondence terminal, and 9 is the line A2I.
D is a line B, 11 is a message output terminal, 12 is an ID information input terminal, 13 is a memory B114 is an arithmetic circuit B115 is a gate A116 is a gate B117 is a modulus n multiplier, 18
'51 is a secret information memory, 52 is a public information memory, 53 is a memory X154 is a random number generator, 55 is a memory Y156 is an arithmetic circuit X157 is a message output terminal,
58 is a communication human power terminal, 60 is an arithmetic circuit Y159 is an ID
The information input terminal 61 is a disconnection output terminal. Agent Masuo Oiwa (and 2 others) Procedural amendment (voluntary)

Claims (1)

[Claims] On a communication path where two adjacent stations are connected to each other to construct a ring-shaped network system, when each station performs secret communication using a common encryption key, the system described above An encryption key communication method in which a common encryption key is created for each station by calculating secret information, ID information such as the user name published by each of the above stations, and a random number, and communication is performed using this common encryption key. , after receiving the combination information of the secret information, the ID information, and the random number from one adjacent station, performs a predetermined calculation and sends it to the other adjacent station, and repeats this operation sequentially for each station. 2
A cryptographic key communication method characterized by creating a common cryptographic key for the above stations and performing secret communication using this cryptographic key.