WO2017030117A1 - Communication data encryption/decryption method and system - Google Patents

Abstract

The objective of the present invention is to reduce operating costs on a device side having poor computer resources, while maintaining security. In the present invention, an encryption device comprises: an exclusive OR computing unit which executes an exclusive OR computation between plaintext and a first keystream to generate first encrypted text; an error correcting coding unit which subjects the first encrypted text to error correction coding to generate second encrypted text; and a decimator which subjects the second encrypted text to decimation using a second keystream to generate third encrypted text; and a decryption device comprises: an error correcting decoding unit which subjects the third encrypted text to error correcting decoding using the second keystream to generate fourth encrypted text; and an exclusive OR computing unit which executes an exclusive OR computation between the fourth encrypted text and the first keystream and outputs plaintext.

Description

Communication data encryption / decryption method and system

The present invention relates to encryption / decryption of communication data using stream encryption.

In today's computer network society, encryption technology that ensures the confidentiality of communication contents is one of the cores of information security. It is known that there are public key cryptography and common key cryptography, and the common key cryptography can be roughly divided into block cipher and stream cipher.

A stream cipher uses a key sequence generated by a pseudo-random number generator using a secret key or initialization vector as a seed, and encryption is performed by exclusive OR operation for each bit of the plaintext sequence and the key sequence. A text sequence is generated, and in decryption, a plaintext sequence is generated by exclusive OR operation for each bit of the ciphertext sequence and the key sequence. Further, stream ciphers are classified into an external synchronization type and a self-synchronization type when focusing on the synchronization of the key sequence generator.

Various stream ciphers have been proposed. For specific examples, eSTREAM and ISO standards that are stream cipher evaluation projects can be referred to. The security and processing performance of stream ciphers depend largely on the security and processing performance of the key sequence generator, but recently, interest in lightweight key sequence generators is high (Non-Patent Documents 1 to 8).

The stream cipher has a smaller load on the device than the block cipher, and the stream cipher is advantageous when performing cryptographic communication while saving computer resources such as memory and processing capacity. However, in an environment where a device with scarce computer resources, such as a sensor, performs cryptographic communication with a computer-rich device such as a PC (asymmetric computer resource environment), the processing cost is still too high for a device with scarce computer resources. There are challenges.

Construct complex network systems that include not only high-performance computers but also devices such as wearable devices and sensors with low information processing capabilities, as exemplified by wireless sensor networks (WSN) and ubiquitous sensor networks (USN) And there are growing expectations of creating new services and markets. Although there is a need for security technology for such a network system, the current stream encryption technology cannot always meet that need.

In an asymmetric environment where a device with low computer resources (such as a sensor) performs cryptographic communication with a device with high computer resources (such as a PC), the device with low computer resources operates as a sender (ie, encryption is not performed). Both when operating as a receiver (ie when performing decryption), and reducing the cost of operation on the side of a device with scarce computer resources and theoretically strict safety. is important.
JH Kong, L.-M.Ang, KP Seng, “A comprehensive survey of modern symmetric cryptographic solutions for resource constrained environments”, Journal of Network and Computer Applications, vol. 49, pp. 15-50, 2015. ISO / IEC 18033-4: 2011 (Information technology-Security techniques-Lightweight cryptography-Part4: Stream Chiphers). ISO / IEC 29192-3: 2012 (Information technology-Security techniques-Lightweight cryptography-Part3: Stream Chiphers). F. Busching and L. Wolf, “The Rebirth of One-Time Pads Secure Data Transmission from BAN to Sink”, IEEE Internet of Things Journal, vol. 2, no. 1, pp.63-71, Feb. 2015. P. Zhang, C. Lin, Y. Jiang, Y. Fan, and X. (Sherman) Shen, “A Lightweight Encryption Scheme for Network-Coded Mobile Ad Hoc Networks”, IEEE Transactions on Parallel and Distributed Systems, vol. 25 , no. 9, pp. 2211-2221, Sept. 2014. G. Bansod, N. Raval, and N. Pisharoty, “Implementation of a New Lightweight Encryption Design for Embedded Security”, IEEE Transactions on Information Forensic and Security, vol. 10, no. 1, pp.142-151, Jan. 2015. Q. Yu and CN Zhang, “A lightweight secure data transmission protocol for resource constrained devices”, Security Comm. Networks vol. 3, pp. 362-370, 2010. Grain v1: The eSTREAM portfolio of stream ciphers. Available: http://www.ecrypt.eu.org/stream/e2-grain.html V. Jamali, Y. Karimian, J. Huber, and MA Attari, “On the Design of Fast Convergent LDPC Codes for the BEC: An Optimization Approach”, IEEE Transactions on Communications, vol. 63, no. 2, pp.351 -363, Feb. 2015. L. Lan, L. Zeng, YY Tai, L. Chen, S. Lin, and K. Abdel-Ghaffar, “Construction of Quasi-Cyclic LDPC Codes for AWGN and Binary Erasure Channels: A Finite Field Approach”, IEEE Transactions on Information Theory, vol. 53, no. 7, pp. 2429-2458, July 2007.

An object of the present invention is to provide an encryption / decryption method and system capable of reducing the operation cost on the side of a device having scarce computer resources while ensuring safety in data transmission / reception between devices. is there.

The communication data encryption / decryption method employed by the present invention is:
A method for encrypting / decrypting communication data between a first device and a second device, comprising:
The first device includes a key sequence generator, an exclusive OR operator, an error correction decoder, and an embedder.
The second device includes a key sequence generator, an exclusive OR operator, an error correction encoder, and a decimator,
When the first device is a transmitter and the second device is a receiver,
The encryption method in the first device is:
Performing an exclusive OR operation of the plaintext and the first key sequence to generate a first ciphertext;
Generating a second ciphertext by embedding the first ciphertext using a second key sequence;
With
The decoding method in the second device is:
Generating a third ciphertext by performing decimation on the second ciphertext received from the first device using a second key sequence;
Performing an exclusive OR operation of the third ciphertext and the first key sequence to output a plaintext;
With
When the second device is a transmitter and the first device is a receiver,
The encryption method in the second device is:
Performing an exclusive OR operation of the plaintext and the third key sequence to generate a 1 ′ ciphertext;
Generating a second 'ciphertext by error correcting encoding the first'ciphertext;
Performing decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
With
The decoding method in the first device is:
Generating a 4 ′ ciphertext by performing error correction decoding on the 3 ′ ciphertext received from the second device using a fourth key sequence;
Performing an exclusive OR operation of the 4 ′ ciphertext and the third key sequence to output plaintext;
With
Communication data encryption / decryption method.

The communication data encryption / decryption system employed by the present invention is:
An encryption / decryption system for communication data between a first device and a second device, wherein the first device comprises a key sequence generator, an exclusive OR operator, an error correction decoder, an embedder, With
The second device includes a key sequence generator, an exclusive OR operator, an error correction encoder, and a decimator,
When the first device is a transmitter and the second device is a receiver,
The encryption means in the first device is:
The key sequence generator for generating a first key sequence and a second key sequence;
The exclusive OR calculator that performs an exclusive OR operation of the input plaintext and the first key sequence to generate a first ciphertext;
The embedder for generating a second ciphertext by embedding the first ciphertext using a second key sequence;
Consists of
The decoding means in the second device is:
The key sequence generator for generating a first key sequence and a second key sequence;
The decimator for generating a third ciphertext by performing decimation on the second ciphertext received from the first device using a second key sequence;
Executing the exclusive OR operation of the third ciphertext and the first key sequence to output a plaintext;
Consists of
When the second device is a transmitter and the first device is a receiver,
The encryption means in the second device includes a key sequence generator for generating a third key sequence and a fourth key sequence,
The exclusive OR calculator that performs an exclusive OR operation of the plaintext and the third key sequence to generate a 1 'ciphertext;
The error correction encoder for error correcting encoding the first 'ciphertext to generate the second'ciphertext;
The decimator that performs decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
Consists of
The decoding means in the first device is:
The key sequence generator for generating a third key sequence and a fourth key sequence;
An error correction decoder for generating a 4 ′ ciphertext by performing error correction decoding on the 3 ′ ciphertext received from the second device using a fourth key sequence;
An exclusive OR calculator that performs an exclusive OR operation of the 4 ′ ciphertext and the third key sequence and outputs a plaintext;
Consists of.

In one aspect, the processing capability of the first device is higher than the processing capability of the second device.
In one aspect, a plurality of key sequence generators are used. For example, the first key sequence and the third key sequence are generated by the first key sequence generator, and the second key sequence and the fourth key sequence are the first key sequence. It is generated by a second key sequence generator that is separate from the sequence generator.
Further, the second key sequence and the fourth key sequence may be generated by different key sequence generators, and the first key sequence and the third key sequence may be generated by further different key sequence generators. Further, the first key sequence to the fourth key sequence may be generated by the same key sequence generator.

Another technical means adopted by the present invention is a device that operates as an encryption device and a decryption device,
The device includes a key sequence generator, an exclusive OR operator, an error correction decoder, an embedder, a transmission unit, and a reception unit.
The encryption device
The key sequence generator for generating a first key sequence and a second key sequence;
The exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
The embedder for embedding the first ciphertext using a second key sequence to generate a second ciphertext;
The transmitting means for transmitting the second ciphertext;
Consists of
The decryption device
Decimation is performed using the fourth key sequence on the second 'ciphertext generated by error correction encoding the first' ciphertext generated by the exclusive OR operation of the plaintext and the third key sequence. The receiving means for receiving the generated 3 ′ ciphertext;
The key sequence generator for generating a third key sequence and a fourth key sequence;
The error correction decoder for generating a 4 ′ ciphertext by performing error correction decoding of the 3 ′ ciphertext using a fourth key sequence;
The exclusive OR operator for executing the exclusive OR operation of the 4 ′ ciphertext and the third key sequence and outputting plaintext;
A device consisting of
In one aspect, the device is a device rich in computer resources (first device).

Another technical means adopted by the present invention is a device that operates as an encryption device and a decryption device,
The device includes a key sequence generator, an exclusive OR operator, an error correction encoder, a decimator, transmission means, and reception means,
The encryption device is:
The key sequence generator for generating a first key sequence and a second key sequence;
The exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
The error correction encoder for error correcting encoding the first ciphertext to generate a second ciphertext;
The decimator for generating a third ciphertext by performing decimation on the second ciphertext using the second key sequence;
The transmitting means for transmitting a third ciphertext;
Consists of
The decoding device
The receiving means for receiving the 2 ′ ciphertext generated by embedding the first ′ ciphertext generated by the exclusive OR operation of the plaintext and the third key sequence using the fourth key sequence. When,
The key sequence generator for generating a third key sequence and a fourth key sequence;
The decimator that performs decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
The exclusive OR calculator for executing an exclusive OR operation of a 3 ′ ciphertext and a third key sequence and outputting a plaintext;
Device.
In one aspect, the said device is a device (2nd device) with scarce computer resources.

The encryption / decryption method employed by the present invention is as follows:
A first step of generating a first ciphertext by performing an exclusive OR operation between the plaintext and the first key sequence;
A second step of error correcting encoding the first ciphertext to generate a second ciphertext;
A third step of generating a third ciphertext by performing decimation on the second ciphertext using the second key sequence;
A fourth step of generating a fourth ciphertext by performing error correction decryption on the third ciphertext using the second key sequence;
A fifth step of executing an exclusive OR operation of the fourth ciphertext and the first key sequence to output a plaintext;
Consists of.
In one aspect, the first to third steps are performed by the second device, and the fourth to fifth steps are performed by the first device.

The encryption / decryption system employed by the present invention is:
In an encryption / decryption system comprising an encryption device and a decryption device,
The encryption device is:
An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An error correction encoder that performs error correction encoding of the first ciphertext to generate a second ciphertext;
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
Consists of
The decoding device
An error correction decoder for generating a fourth ciphertext by performing error correction decoding on the third ciphertext using the second key sequence;
An exclusive OR calculator that executes an exclusive OR operation of the fourth ciphertext and the first key sequence and outputs a plaintext;
Consists of.
In one aspect, the encryption device is included in a second device and the decryption device is included in the first device.

Other encryption / decryption methods employed by the present invention are:
A first step of generating a first ciphertext by performing an exclusive OR operation between the plaintext and the first key sequence;
A second step of generating a second ciphertext by embedding the first ciphertext using a second key sequence;
A third step of generating a third ciphertext by performing decimation on the second ciphertext using the second key sequence;
A fourth step of executing an exclusive OR operation of the third ciphertext and the first key sequence to output plaintext;
Consists of.
In one aspect, the first to second steps are performed by the first device, and the third to fourth steps are performed by the second device.

The encryption / decryption system employed by the present invention is:
In an encryption / decryption system comprising an encryption device and a decryption device,
The encryption device is:
An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An embedder for embedding the first ciphertext using a second key sequence to generate a second ciphertext;
Consists of
The decoding device
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
An exclusive OR calculator that executes an exclusive OR operation of the third ciphertext and the first key sequence and outputs a plaintext;
Consists of.
In one aspect, the encryption device is included in a first device and the decryption device is included in a second device.

The encryption method employed by the present invention is:
Performing an exclusive OR operation of the plaintext and the first key sequence to generate a first ciphertext;
Generating a second ciphertext by error-correcting the first ciphertext;
Performing a decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
Consists of.
The encryption device employed by the present invention is:
An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An error correction encoder that performs error correction encoding of the first ciphertext to generate a second ciphertext;
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
Consists of.
In one aspect, the said encryption method and apparatus are implement | achieved by the 2nd device.

The decoding method adopted by the present invention is as follows:
Generated by performing decimation using the second key sequence on the second ciphertext generated by error correction encoding the first ciphertext generated by the exclusive OR operation of the plaintext and the first key sequence A decryption method of the third ciphertext,
Generating a fourth ciphertext by performing error correction decoding on the third ciphertext using the second key sequence;
Performing an exclusive OR operation of the fourth ciphertext and the first key sequence to output a plaintext;
It has.
The decoding device employed by the present invention is:
Generated by performing decimation using the second key sequence on the second ciphertext generated by error correction encoding the first ciphertext generated by the exclusive OR operation of the plaintext and the first key sequence A third ciphertext decryption device,
An error correction decoder for generating a fourth ciphertext by performing error correction decoding on the third ciphertext using the second key sequence;
An exclusive OR calculator that executes an exclusive OR operation of the fourth ciphertext and the first key sequence and outputs a plaintext;
Consists of.
In one aspect, the decoding method and apparatus are implemented by a first device.

Other encryption methods employed by the present invention are:
Performing an exclusive OR operation of the plaintext and the first key sequence to generate a first ciphertext;
Generating a second ciphertext by embedding the first ciphertext using a second key sequence;
Consists of.
Other encryption devices adopted by the present invention are:
An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An embedder for embedding the first ciphertext using the second key sequence to generate a second ciphertext;
Consists of.
In one aspect, the encryption method and apparatus are implemented by a first device.

Other decoding methods employed by the present invention are:
A method for decrypting a second ciphertext generated by embedding a first ciphertext generated by an exclusive OR operation between a plaintext and a first key sequence using a second key sequence,
Performing a decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
Performing an exclusive OR operation of the third ciphertext and the first key sequence to output a plaintext;
Consists of.
Other decoding devices adopted by the present invention are:
A decryption device for a second ciphertext generated by embedding a first ciphertext generated by an exclusive OR operation between a plaintext and a first key sequence using a second key sequence,
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
An exclusive OR calculator that executes an exclusive OR operation of the third ciphertext and the first key sequence and outputs a plaintext;
Consists of.
In one aspect, the decoding method and apparatus are implemented by a second device.

The present invention provides a computer program for causing a computer to execute the above encryption method,
A computer program for causing a computer to execute the decoding method;
A computer program for causing a computer to execute the encryption / decryption method;
It can also be defined as

In the present invention, the transmitter / receiver shares prior information (key sequence) necessary for error generation and correction, the sender intentionally generates an error, and the receiver corrects it.
Insertion processing (embedding) is expensive, but thinning processing (decimation) for dropping signals is low cost, and error correction decoding is expensive, but error correction coding is low cost If the device with scarce computer resources is the sender and the device with rich computer resources is the receiver, the sender performs decimation and error correction coding, while the receiver performs error correction decoding and If the resource-rich device is the sender and the computer-poor device is the receiver, the sender performs embedding while the receiver performs decimation, and loads the processing with high computational resources. By deviating toward the richer device side, the operating cost of the device side with scarce computer resources was lowered.
In addition, power consumption can be significantly reduced by reducing the operating cost on the device side where the computer resources are scarce.

In the present invention, by applying the coding technique, the safety can be reduced to a problem well-known in the field of coding theory (decoding after noise insertion or signal loss).
The security of the cipher text when the device rich in computer resources is the sender depends on the security of the adopted key sequence generator and the embedding (insertion) of the binary vector using the key sequence.
The security of the ciphertext when the sender is a device with scarce computer resources depends on the security of the key sequence generator to be adopted and the decimation of the binary vector using the key sequence.

The present invention proposes a cryptographic processing scheme, and the specific configuration of each block or component is not limited. For example, it is used in combination with existing technology or stream encryption technology that will be developed in the future. Can do.
In the present invention, since the component is a black box (for example, the key sequence generation of the element technology does not depend on a specific algorithm), the proposed method itself is not used because the specific algorithm is broken. It does not fail.

It is a figure which shows the 1st device and 2nd device which comprise the encryption / decryption system of the communication data which concern on this embodiment. It is a block diagram in case a 1st device operate | moves as a transmitter (encryption apparatus) and a 2nd device as a receiver (decryption apparatus). It is a block diagram in case a 2nd device operate | moves as a transmitter (encryption apparatus) and a 1st device operates as a receiver (decryption apparatus). It is a block diagram which shows the whole encryption / decryption system. It is a figure which contrasts and shows encryption in a encryption / decryption system (asymmetric computer resource environment).

[A] Overall Configuration of Communication Data Encryption / Decryption System As shown in FIG. 1, the communication data encryption / decryption system includes a first device and a second device. Although FIG. 1 shows one first device and one second device for convenience, the encryption / decryption system includes one or more first devices and one or more second devices. It may be. The first device and the second device both include a computer and have communication functions such as Bluetooth and Wifi. The computer includes an input unit, a storage unit, a processing unit (arithmetic unit or CPU), an output unit, and the like as hardware, and executes predetermined processing by software (computer program).

In this embodiment, the first device is rich in computer resources (CPU, memory, etc.), and the second device is scarce in computer resources. The first device has a higher processing capability (calculation capability) than the second device, and the second device can operate with lower power consumption.

Examples of the first device include PCs (desktops, laptops, notebooks, etc.), servers, mobile computers (smartphones, mobile phones, PDAs, tablets, wearable computers with predetermined computer resources, etc.), tag readers, etc. The

Examples of the second device include a sensor (IC built-in), an RFID tag, an IC tag, an IC card, and a wearable computer. In one aspect, the second device is a sensor (a wearable sensor, an embedded sensor, etc.) that can be employed in a wireless sensor network (WSN) or a ubiquitous sensor network (USN).

Both the first device and the second device are provided with an input unit, an output unit, and a communication function (transmission unit, reception unit), and can communicate via a computer network (typically the Internet). Data can be transmitted and received (typically wireless) between the first device and the second device. For example, data input to a second device (for example, a sensor) (data acquired by the sensor) is transmitted to the first device (a server or a host computer) via a wireless network.

Both the first device and the second device include an encryption device and a decryption device, and encryption communication is performed in the exchange of data. During communication, data (bit string) transmitted from the first device to the second device is encrypted by the encryption device of the first device and transmitted to the second device, and the data received by the second device is The data (bit string) decrypted (decrypted) by the decryption device of the two devices and first transmitted from the second device to the device is encrypted by the encryption device of the second device and transmitted to the first device, Data received by one device is decoded (decoded) by the decoding device of the first device. In the present embodiment, bidirectional encrypted communication of data is performed between the first device and the second device, but only in one direction from the first device to the second device, or from the second device to the first device. Encryption communication may be employed only in one direction. Each component of the encryption device and the decryption device can be configured by computer hardware / software.

The first device includes a key sequence generator, an exclusive OR operator, an embedder (embedder), an error correction decoder, and data transmission / reception means. The encryption device of the first device (upper diagram in FIG. 2) is composed of a key sequence generator, an exclusive OR operator, and an embedder, and the decryption device (upper diagram in FIG. 3) is a key sequence generator, exclusive It consists of a logical sum operator and an error correction decoder.

The first device rich in computer resources performs random bit embedding after performing a bitwise exclusive OR operation (stream cipher operation) with a lightweight key sequence generator during transmission, that is, in encryption processing. In addition, the first device performs stream cipher operation after performing error correction decoding at the time of reception, that is, in the decoding process.

The second device includes a key sequence generator, an exclusive OR calculator, a decimation unit (decimator), an error correction encoder, and data transmission / reception means. The encryption device (lower diagram in FIG. 3) of the second device is composed of a key sequence generator, an exclusive OR operator, a decimation unit, and an error correction encoder, and the decryption device (lower diagram in FIG. 2) is a key sequence generator. Unit, an exclusive OR calculator, and a decimation unit.

The second device with scarce computer resources performs error correction coding after performing stream cipher operation during transmission, that is, encryption processing, and further performs decimation (decimation processing). Further, the second device performs stream cipher computation after decimation at the time of reception, that is, in the decryption process.

The types of key sequence generators and stream ciphers that can be used in this embodiment are not limited, and the present invention can be implemented using existing techniques. There may be one or a plurality of key sequence generators, and the number of pseudo-random number generators included in one key sequence generator is not limited, and may be one or a plurality. In this embodiment, a plurality of types of key sequences are used. These key sequences may be generated by a common pseudo random number generator, or may be generated by separate pseudo random number generators. In the key sequence generator, a block cipher that operates in the CTR mode (Counter Mode) may be employed. The means for synchronizing the key sequence generators of the first device and the second device is not limited. Preferably, the key sequence generator is a lightweight key sequence generator. As a lightweight key sequence generator, although not limited thereto, for example, Trivium (Non-patent Document 3) or Grain v1 (Non-patent Document 8) proposed by eSTREAM can be employed.

There are coding techniques that can correct such errors even when random noise is inserted or signals are lost. The error correction code is a technique for correcting an error that occurs in a transmission path by providing redundancy to information to be transmitted. The encoder adds redundant bits to the information sequence. A decoder corrects bit errors occurring in the communication path. The decoder corrects the error using the added redundant bits.

In the present invention, the transmitter / receiver shares prior information (key sequence) necessary for error generation and correction, the sender intentionally generates an error, and the receiver corrects it. The key sequence (secret parameter) supplied from the key sequence generator is used when the embedder, the decimation unit, and the error correction decoder perform the embedding process, the decimation process, and the decoding process, respectively. Insertion processing (embedding) is expensive, but thinning processing (decimation) for dropping signals is low cost, and error correction decoding is expensive, but error correction coding is low cost When the second device is the sender and the first device is the receiver, the second device performs decimation and error correction coding, while the first device performs error correction decoding and the first device When the sender or the second device is the receiver, the first device performs embedding while the second device performs decimation so that the processing with high load is biased toward the first device. Thus, the operation cost of the second device can be kept low.

By applying the coding technique, the safety can be reduced to a well-known problem in the field of coding theory (decoding after noise insertion or signal loss). Data encoding and error correction techniques have been established, and codes that can be applied to the present invention are not limited, but an LDPC code (low-density parity-check code) is an example. be able to. LDPC codes are known to those skilled in the art, and for more specific content, for example, Non-Patent Documents 9 and 10 can be referred to. Further, codes other than the LDPC code include, but are not limited to, an LT (Luby-Transform) code exemplified as an RS (Reed-Solomon) code and a fountain code.

In this specification, embedding and insertion are substantially synonymous in the process of adding bits to a binary bit string. The embedding is used from the viewpoint of the embedding side (sender), and since the key sequence knows where to embed bits, “deterministic insertion” is performed. Insertion is also used when viewed from the standpoint of a third party (including an attacker). For third parties who do not know the key sequence, it is not possible to distinguish between embedded (inserted) bits and stochastic noise. Similarly, decimation and deletion are substantially synonymous in the process of dropping bits from a binary bit string.

[B] Encryption method and decryption method in an asymmetric computer resource environment [B-1] Data transmission from the first device to the second device (FIG. 2)
If the first device is a transmitter and the second device is a receiver,
The encryption device in the first device is:
A key sequence generator for generating a first key sequence and a second key sequence;
An exclusive OR calculator that executes an exclusive OR operation of the input plaintext and the first key sequence to generate a first ciphertext;
An embedder for embedding the first ciphertext using the second key sequence to generate a second ciphertext;
Consists of
The decoding device in the second device is:
A key sequence generator for generating a first key sequence and a second key sequence;
A decimator that performs decimation on the second ciphertext received from the first device using the second key sequence to generate a third ciphertext;
An exclusive OR calculator that executes an exclusive OR operation of the third ciphertext and the first key sequence and outputs a plaintext;
Consists of.

If the first device is a transmitter and the second device is a receiver,
The encryption method in the first device is
Performing an exclusive OR operation of the plaintext and the first key sequence to generate a first ciphertext;
Generating a second ciphertext by embedding the first ciphertext using a second key sequence;
With
The decoding method in the second device is:
Performing decimation on the second ciphertext received from the first device using the second key sequence to generate a third ciphertext;
Performing an exclusive OR operation of the third ciphertext and the first key sequence to output a plaintext;
Is provided.

[B-2] Data transmission from the second device to the first device (FIG. 3)
If the second device is a transmitter and the first device is a receiver,
The encryption device in the second device includes a key sequence generator for generating a third key sequence and a fourth key sequence,
An exclusive OR calculator that performs an exclusive OR operation of the plaintext and the third key sequence to generate a 1 ′ ciphertext;
An encoder for error-correcting the first 'ciphertext to generate a second'ciphertext;
A decimator that performs decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
Consists of
The decoding device in the first device is:
A key sequence generator for generating a third key sequence and a fourth key sequence;
A decoder that performs error correction decoding on the 3 ′ ciphertext received from the second device using a fourth key sequence to generate a 4 ′ ciphertext;
An exclusive OR calculator that performs an exclusive OR operation of the 4 ′ ciphertext and the third key sequence and outputs a plaintext;
Consists of.

If the second device is a transmitter and the first device is a receiver,
The encryption method in the second device is
Performing an exclusive OR operation of the plaintext and the third key sequence to generate a 1 ′ ciphertext;
Generating a second ciphertext by error correcting encoding the first ciphertext;
Performing decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
With
The decoding method in the first device is:
Generating a 4 ′ ciphertext by performing error correction decoding on the 3 ′ ciphertext received from the second device using a fourth key sequence;
Performing an exclusive OR operation of the 4 ′ ciphertext and the second key sequence to output plaintext;
It has.

[C] Data Flow in Encryption / Decryption System [C-1] Overall View of Encryption / Decryption System FIG. 4 shows an overall view of the encryption / decryption system in the asymmetric computer resource environment. The figure shows a lightweight key sequence generator, an encoding block, a decoding block, an embedding block, and a decimation block exemplified as a key sequence generator.
The lightweight key sequence generator generates binary key sequences X, X ^* , and X ^** . In one preferred embodiment, in order to ensure the independence of the generated key sequence, the binary key sequence X is generated by the first lightweight key sequence generator, and the binary key sequences X ^* and X ^** are generated by the second lightweight key. Generate with a sequence generator.
In the coding block, provide the encoding {0,1} ⁿ → {0,1 ^{} n + m} .
In the embedding block, m random bits are inserted (embedded) into a given n-dimensional binary vector using the binary key sequence X ^* .
In the decimation block, a predetermined n bits are selected by performing decimation on a given n + m-dimensional binary vector using a binary key sequence X ^** (or X ^* ).

n次元バイナリベクトルであって、平文系列のセグメントである。 [C-2] Notation of each vector and operator in the encryption / decryption system

An n-dimensional binary vector that is a plaintext segment.

n次元バイナリベクトルであって、バイナリ鍵系列生成器によって生成された鍵系列のセグメントである。

An n-dimensional binary vector, which is a segment of a key sequence generated by a binary key sequence generator.

n次元バイナリベクトルであって、バイナリ鍵系列生成器によって生成された鍵系列のセグメントである。

An n-dimensional binary vector, which is a segment of a key sequence generated by a binary key sequence generator.

n+m次元バイナリベクトルであって、バイナリ鍵系列生成器によって生成された鍵系列のセグメントである。

An n + m-dimensional binary vector, which is a segment of a key sequence generated by a binary key sequence generator.

n次元バイナリベクトルであって、ビット埋め込み（挿入）あるいはビットデシメーションを備えたチャネルへの入力である。

An n-dimensional binary vector that is input to a channel with bit embedding (insertion) or bit decimation.

m次元バイナリベクトルであって、その要素は、独立同分布(i.i.d.)バイナリランダム変数によって実現される。

An m-dimensional binary vector, the elements of which are realized by independent, iso-distributed (iid) binary random variables.

l+m次元バイナリベクトルであって、入力が

の時のランダムビット埋め込みを伴うチャネルにおける、ベクトルX^＊により制御されるベクトルyへのランダムベクトルrの挿入（埋め込み）ブロックの出力である。

l + m dimensional binary vector with input

Is the output of the insertion (embedding) block of the random vector r into the vector y controlled by the vector X ^* in the channel with random bit embedding at.

ベクトルX^*によって制御されるn次元のバイナリベクトルにランダムmビットを挿入する演算子である。したがって、

とすると、

及び
　ベクトルyの各ビットの直後にランダムビットを1ビット挿入するか否かをベクトルX^*で指定する場合には、

 i=2,3,…,nに対して、

とし、
 i=1,2,…,nに対して、X_i ^*=1ならば、

とする。
　また、ベクトルｙの各ビットの直前にランダムビット1ビット挿入するか否かをベクトルX^*で指定する場合には、
　i=1,2,…,nに対して、

とし、
 i=1,2,…,nに対して、X_i ^*=1ならば、

とする。

An operator that inserts random m bits into an n-dimensional binary vector controlled by the vector X ^* . Therefore,

Then,

And when specifying by vector X ^* whether or not to insert 1 random bit immediately after each bit of vector y,

For i = 2,3, ..., n,

age,
For i = 1,2, ..., n, if X _i ^* = 1,

And
In addition, when designating whether to insert 1 random bit immediately before each bit of the vector y with the vector X ^* ,
For i = 1,2, ..., n,

age,
For i = 1,2, ..., n, if X _i ^* = 1,

And

l-m次元バイナリベクトルであって、入力が

の時のビット欠落を伴うチャネルにおける、ベクトルX^＊により制御されるデシメーションブロックの出力である。

an lm-dimensional binary vector whose input is

Is the output of the decimation block controlled by the vector X ^* in the channel with bit loss at.

デシメーションの演算子であり、すなわち、

とすると、ベクトルX^*によってベクトルyの各ビットの直後へのランダムビット挿入が制御されて生成された(n+m)次元のバイナリベクトルy^(ins)からランダムビットを除いて所定のnビットを選択する場合には、

及び、

　i=2,3,…,nに対して、

である。
　同様に、ベクトルX^*によってベクトルyの各ビットの直前へのランダムビット挿入が制御されて生成された(n+m)次元のバイナリベクトルy^(ins)からランダムビットを除いて所定のnビットを選択する場合には、

及び、
　i=1,2,…,nに対して、
 

である。

Decimation operator, ie

Then, the random number is excluded from the (n + m) -dimensional binary vector y ^(ins) generated by controlling the random bit insertion immediately after each bit of the vector y by the vector X ^* , and the predetermined n bits are obtained. If you choose,

as well as,

For i = 2,3, ..., n,

It is.
Similarly, a random number is excluded from the (n + m) -dimensional binary vector y ^(ins) generated by controlling the random bit insertion immediately before each bit of the vector y by the vector X ^* to obtain a predetermined n bits. If you choose,

as well as,
For i = 1,2, ..., n,

It is.

２元消失通信路(BEC)における符号化の演算子であり、

である。

Encoding operator in binary erasure channel (BEC)

It is.

デシメーションの演算子であり、すなわち、ベクトルX^**の制御のもとで、(n+m)次元のバイナリベクトル

から、

にしたがって、所定のnビットを選択する。

Decimation operator, i.e. binary vector of (n + m) dimensions under the control of vector X ^**

From

According to the above, a predetermined n bits are selected.

演算子

によって間引かれたビットの位置を復元するための演算子であって、

とした時に、
　所与のnビットベクトルy^(decim)及びベクトルX^**に基づいて、(n+m)ビットベクトル

を生成する。間引かれたビットに対応するm個の消失位置におけるバイナリ値は位置を復元するだけでは復元されないが、その不明な値を？と表記して、本演算子で生成された(n+m)ビットベクトルを消失位置も含めて書けば、i=1,2,…,n+mに対して、

となる。

operator

An operator for restoring the position of a bit thinned out by

When
Based on a given n-bit vector y ^(decim) and vector X ^** , an (n + m) bit vector

Is generated. The binary value at the m erasure positions corresponding to the thinned bits is not restored by just restoring the position, but the unknown value? And write the (n + m) bit vector generated by this operator, including the erasure position, for i = 1, 2, ..., n + m,

It becomes.

２元消失通信路 (BEC)におけるビット消失後に復号する演算子である。適切な符号化スキームが選択されたと仮定して、削除されたビットの位置情報を提供する

を用いて、

となる。

It is an operator that decodes after erasing bits in the binary erasure channel (BEC). Provide deleted bit position information, assuming that an appropriate encoding scheme has been selected

Using,

It becomes.

２つのn次元バイナリベクトル、すなわち、

と

のビット毎の排他的論理和を表す。

Two n-dimensional binary vectors, ie

When

Represents the bitwise exclusive OR.

によって生成される。 [C-3] Encryption method in the first device In the encryption in the first device, the ciphertext vector transmitted to the second device is Y ^(ins) ,

Generated by.

によって生成される。 [C-4] In the decryption in the second device that has received the decryption scheme ciphertext vector Y ^(ins) in the second device, the plaintext vector a obtained by decrypting is

Generated by.

によって生成される。 [C-5] Encryption method in the second device In the encryption in the second device, the ciphertext vector transmitted to the first device is Y ^(del) ,

Generated by.

によって生成される。 [C-6] In the decryption in the first device that has received the decryption scheme ciphertext vector Y ^(del) in the first device, the plaintext vector a obtained by decrypting is as follows:

Generated by.

とし、
　埋め込みに用いる鍵系列を、

とする。鍵系列において、「1」は、ランダムビットの埋め込みを意味する。
　埋め込みが実行された系列は、

となる。
　ここで、「r」は、同じ確率で1あるいは0の値をとるランダムビットを表す。
　鍵系列を用いたランダムビット埋め込みについて、各ビットの直後にビット埋め込みを行う場合について説明したが、各ビットの直前にビット埋め込みを行う場合も同様に理解される。 [C-7] Random bit embedding using key sequence

age,
The key sequence used for embedding is

And In the key sequence, “1” means embedding of random bits.
The series that has been embedded is

It becomes.
Here, “r” represents a random bit having a value of 1 or 0 with the same probability.
In the case of random bit embedding using a key sequence, the case where bit embedding is performed immediately after each bit has been described. However, the case where bit embedding is performed immediately before each bit is similarly understood.

とする。
　例えば、

である。
　デシメーションに用いる鍵系列を

とする。鍵系列において、「1」は、ランダムビットの埋め込みを意味する。
　デシメーションが実行された系列は、

となり、埋め込まれたランダムビットが削除される。
　各ビット直後のランダムビット埋め込み後の鍵系列を用いたデシメーションについて説明したが、各ビット直前のランダムビット埋め込み後にデシメーションを行う場合も同様に理解される。 [C-8] Decimation using key sequence (after embedding random bits)
The series that was embedded

And
For example,

It is.
The key sequence used for decimation

And In the key sequence, “1” means embedding of random bits.
The series where the decimation was performed is

And the embedded random bits are deleted.
Although the decimation using the key sequence after the random bit embedding immediately after each bit has been described, the case where the decimation is performed after the random bit embedding immediately before each bit is similarly understood.

とし、
　鍵系列を

とする。ここで、「0」はビットの削除を意味する。
　デシメーションが実行されたビット列は、

となる。 [C-9] Decimation using key sequence

age,
Key sequence

And Here, “0” means bit deletion.
The bit sequence that has been decimated is

It becomes.

　デシメーションに用いた鍵系列を

とする。
　デシメーション前の系列は、

となる。
　ここで、「e」は、間引かれたビットの位置を表す。 [C-10] Pre-processing of decryption after decimation (bit erasure) using key sequence

The key sequence used for decimation

And
The series before decimation is

It becomes.
Here, “e” represents the position of the thinned bit.

[D] Amount of Processing in Asymmetric Encryption / Decryption System FIG. 5 shows the encryption / decryption system shown in FIG. 4 in an organized manner. Encryption in the first device uses key sequence generation and random bit embedding (see the upper diagram in FIG. 2), and encryption in the second device uses key sequence generation, encoding, and decimation (see the lower diagram in FIG. 3). ). Decryption (decryption) in the first device uses key sequence generation and decryption (see the upper diagram in FIG. 3), and decryption (decryption) in the second device uses key sequence generation and decimation (see the lower diagram in FIG. 2). . When the first device is a sender and the second device is a receiver, the first device performs embedding while the second device performs decimation, the second device is the sender, and the first device is the receiver In the second device, the second device performs the decimation and error correction coding, while the first device performs error correction decoding, and the second device is biased toward the first device by biasing the high-load processing to the second device. The operating cost of the device can be kept low.

In one aspect, the processing amount in the device 1 according to the proposed stream cipher is
A first key sequence generation unit, a second key sequence generation unit in the key sequence generator,
Decryption in BEC,
Random bit generation,
Embedded blocks,
Consists of
The processing amount in the device 2 related to the proposed stream cipher is
A first key sequence generation unit, a second key sequence generation unit in the key sequence generator,
Encoding in BEC,
Decimation block,
Consists of
When Trivium (Non-Patent Document 3) is used as the first key sequence generation unit, Grain v1 (Non-Patent Document 8) is used as the second key sequence generation unit, and LDPC code (Non-Patent Document 9) is used as the encoding and decoding code. It becomes as follows.

There is a growing expectation that IT will create new services and markets by building complex network systems that include not only high-performance computers but also devices such as wearable devices and sensors with low information processing capabilities. The present invention can be used as a security technique for such a system.

In the present invention, since the power consumption on the side of a device having a scarce computer resource can be greatly suppressed, the application range is greatly widened. For example, security of critical infrastructure such as electric power, healthcare embedded in people or using mobile devices, services for elderly people, agriculture using various sensors, fishery support and disaster countermeasure systems, can be used without carrying a computer Applications such as next-generation credit card payments on the go can be expected to have significant market applications as well as global markets. There may be a fusion of what appears to be different applications, such as a control system where workers wearing wearable devices work in concert with robots and sensors. The utility value is high as those basic technologies.

Claims (19)

A method for encrypting / decrypting communication data between a first device and a second device, comprising:
The first device includes a key sequence generator, an exclusive OR operator, an error correction decoder, and an embedder.
The second device includes a key sequence generator, an exclusive OR operator, an error correction encoder, and a decimator,
When the first device is a transmitter and the second device is a receiver,
The encryption method in the first device is:
Performing an exclusive OR operation of the plaintext and the first key sequence to generate a first ciphertext;
Generating a second ciphertext by embedding the first ciphertext using a second key sequence;
With
The decoding method in the second device is:
Generating a third ciphertext by performing decimation on the second ciphertext received from the first device using a second key sequence;
Performing an exclusive OR operation of the third ciphertext and the first key sequence to output a plaintext;
With
When the second device is a transmitter and the first device is a receiver,
The encryption method in the second device is:
Performing an exclusive OR operation of the plaintext and the third key sequence to generate a 1 ′ ciphertext;
Generating a second 'ciphertext by error correcting encoding the first'ciphertext;
Performing decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
With
The decoding method in the first device is:
Generating a 4 ′ ciphertext by performing error correction decoding on the 3 ′ ciphertext received from the second device using a fourth key sequence;
Performing an exclusive OR operation of the 4 ′ ciphertext and the third key sequence to output plaintext;
With
Communication data encryption / decryption method. An encryption / decryption system for communication data between a first device and a second device,
The first device includes a key sequence generator, an exclusive OR operator, an error correction decoder, and an embedder.
The second device includes a key sequence generator, an exclusive OR operator, an error correction encoder, and a decimator,
When the first device is a transmitter and the second device is a receiver,
The encryption means in the first device is:
The key sequence generator for generating a first key sequence and a second key sequence;
The exclusive OR calculator that performs an exclusive OR operation of the input plaintext and the first key sequence to generate a first ciphertext;
The embedder for generating a second ciphertext by embedding the first ciphertext using a second key sequence;
Consists of
The decoding means in the second device is:
The key sequence generator for generating a first key sequence and a second key sequence;
The decimator for generating a third ciphertext by performing decimation on the second ciphertext received from the first device using a second key sequence;
Executing the exclusive OR operation of the third ciphertext and the first key sequence to output a plaintext;
Consists of
When the second device is a transmitter and the first device is a receiver,
The encryption means in the second device includes a key sequence generator for generating a third key sequence and a fourth key sequence,
The exclusive OR calculator that performs an exclusive OR operation of the plaintext and the third key sequence to generate a 1 'ciphertext;
The error correction encoder for error correcting encoding the first 'ciphertext to generate the second'ciphertext;
The decimator that performs decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
Consists of
The decoding means in the first device is:
The key sequence generator for generating a third key sequence and a fourth key sequence;
An error correction decoder for generating a 4 ′ ciphertext by performing error correction decoding on the 3 ′ ciphertext received from the second device using a fourth key sequence;
An exclusive OR calculator that performs an exclusive OR operation of the 4 ′ ciphertext and the third key sequence and outputs a plaintext;
Consist of,
Communication data encryption / decryption system. A device that operates as an encryption device and a decryption device,
The device includes a key sequence generator, an exclusive OR operator, an error correction decoder, an embedder, a transmission unit, and a reception unit.
The encryption device
The key sequence generator for generating a first key sequence and a second key sequence;
The exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
The embedder for embedding the first ciphertext using a second key sequence to generate a second ciphertext;
The transmitting means for transmitting the second ciphertext;
Consists of
The decryption device
Decimation is performed using the fourth key sequence on the second 'ciphertext generated by error correction encoding the first' ciphertext generated by the exclusive OR operation of the plaintext and the third key sequence. The receiving means for receiving the generated 3 ′ ciphertext;
The key sequence generator for generating a third key sequence and a fourth key sequence;
The error correction decoder for generating a 4 ′ ciphertext by performing error correction decoding of the 3 ′ ciphertext using a fourth key sequence;
The exclusive OR operator for executing the exclusive OR operation of the 4 ′ ciphertext and the third key sequence and outputting plaintext;
A device consisting of A device that operates as an encryption device and a decryption device,
The device includes a key sequence generator, an exclusive OR operator, an error correction encoder, a decimator, transmission means, and reception means,
The encryption device is:
The key sequence generator for generating a first key sequence and a second key sequence;
The exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
The error correction encoder for error correcting encoding the first ciphertext to generate a second ciphertext;
The decimator for generating a third ciphertext by performing decimation on the second ciphertext using the second key sequence;
The transmitting means for transmitting a third ciphertext;
Consists of
The decoding device
The receiving means for receiving the 2 ′ ciphertext generated by embedding the first ′ ciphertext generated by the exclusive OR operation of the plaintext and the third key sequence using the fourth key sequence. When,
The key sequence generator for generating a third key sequence and a fourth key sequence;
The decimator that performs decimation on the second 'ciphertext using the fourth key sequence to generate a third'ciphertext;
The exclusive OR calculator for executing an exclusive OR operation of a 3 ′ ciphertext and a third key sequence and outputting a plaintext;
A device consisting of A first step of generating a first ciphertext by performing an exclusive OR operation between the plaintext and the first key sequence;
A second step of error correcting encoding the first ciphertext to generate a second ciphertext;
A third step of generating a third ciphertext by performing decimation on the second ciphertext using the second key sequence;
A fourth step of generating a fourth ciphertext by performing error correction decryption on the third ciphertext using the second key sequence;
A fifth step of executing an exclusive OR operation of the fourth ciphertext and the first key sequence to output a plaintext;
An encryption / decryption method comprising: In an encryption / decryption system comprising an encryption device and a decryption device,
The encryption device is:
An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An error correction encoder that performs error correction encoding of the first ciphertext to generate a second ciphertext;
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
Consists of
The decoding device
An error correction decoder for generating a fourth ciphertext by performing error correction decoding on the third ciphertext using the second key sequence;
An exclusive OR calculator that executes an exclusive OR operation of the fourth ciphertext and the first key sequence and outputs a plaintext;
An encryption / decryption system consisting of A first step of generating a first ciphertext by performing an exclusive OR operation between the plaintext and the first key sequence;
A second step of generating a second ciphertext by embedding the first ciphertext using a second key sequence;
A third step of generating a third ciphertext by performing decimation on the second ciphertext using the second key sequence;
A fourth step of executing an exclusive OR operation of the third ciphertext and the first key sequence to output plaintext;
An encryption / decryption method comprising: In an encryption / decryption system comprising an encryption device and a decryption device,
The encryption device is:
An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An embedder for embedding the first ciphertext using a second key sequence to generate a second ciphertext;
Consists of
The decoding device
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
An exclusive OR calculator that executes an exclusive OR operation of the third ciphertext and the first key sequence and outputs a plaintext;
An encryption / decryption system consisting of Performing an exclusive OR operation of the plaintext and the first key sequence to generate a first ciphertext;
Generating a second ciphertext by error-correcting the first ciphertext;
Performing a decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
An encryption method consisting of: An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An error correction encoder that performs error correction encoding of the first ciphertext to generate a second ciphertext;
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
An encryption device comprising: Generated by performing decimation using the second key sequence on the second ciphertext generated by error correction encoding the first ciphertext generated by the exclusive OR operation of the plaintext and the first key sequence A decryption method of the third ciphertext,
Generating a fourth ciphertext by performing error correction decoding on the third ciphertext using the second key sequence;
Performing an exclusive OR operation of the fourth ciphertext and the first key sequence to output a plaintext;
A decryption method. Generated by performing decimation using the second key sequence on the second ciphertext generated by error correction encoding the first ciphertext generated by the exclusive OR operation of the plaintext and the first key sequence A third ciphertext decryption device,
An error correction decoder for generating a fourth ciphertext by performing error correction decoding on the third ciphertext using the second key sequence;
An exclusive OR calculator that executes an exclusive OR operation of the fourth ciphertext and the first key sequence and outputs a plaintext;
A decoding device comprising: Performing an exclusive OR operation of the plaintext and the first key sequence to generate a first ciphertext;
Generating a second ciphertext by embedding the first ciphertext using a second key sequence;
An encryption method consisting of: An exclusive OR calculator that performs an exclusive OR operation between the plaintext and the first key sequence to generate a first ciphertext;
An embedder for embedding the first ciphertext using the second key sequence to generate a second ciphertext;
An encryption device comprising: A method for decrypting a second ciphertext generated by embedding a first ciphertext generated by an exclusive OR operation between a plaintext and a first key sequence using a second key sequence,
Performing a decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
Performing an exclusive OR operation of the third ciphertext and the first key sequence to output a plaintext;
A decoding method comprising: A decryption device for a second ciphertext generated by embedding a first ciphertext generated by an exclusive OR operation between a plaintext and a first key sequence using a second key sequence,
A decimator that performs decimation on the second ciphertext using the second key sequence to generate a third ciphertext;
An exclusive OR calculator that executes an exclusive OR operation of the third ciphertext and the first key sequence and outputs a plaintext;
A decoding device comprising: A computer program for causing a computer to execute the encryption method according to any one of claims 9 and 13. A computer program for causing a computer to execute the decoding method according to any one of claims 11 and 15. A computer program for causing a computer to execute the encryption / decryption method according to any one of claims 1, 5, and 7.

Images