JPS5967747A - System for transmitting key of encryptor - Google Patents
System for transmitting key of encryptorInfo
- Publication number
- JPS5967747A JPS5967747A JP57178862A JP17886282A JPS5967747A JP S5967747 A JPS5967747 A JP S5967747A JP 57178862 A JP57178862 A JP 57178862A JP 17886282 A JP17886282 A JP 17886282A JP S5967747 A JPS5967747 A JP S5967747A
- Authority
- JP
- Japan
- Prior art keywords
- key
- common
- encryptor
- encryption
- master station
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
【発明の詳細な説明】
(a) 発明のj支何分’if
本発明はマルチドロップ鼠続の通信システムに通用され
るデータ心情回祿暗号装置に共通な暗号化鍵を設定する
際、鍵管理の必要のない暗号装置のの鍵配送方式に関す
る。[Detailed Description of the Invention] (a) Summary of the Invention The present invention provides a method for setting a common encryption key in a data processing encryption device used in a multi-drop communication system. This invention relates to a key distribution method for cryptographic devices that does not require management.
fb) 従米技9トjと問題点
マルチドrJツブ汲絖の心情システムに、J用されるデ
ータ通信回線暗号装置に、共通1.lt号化1ヰを設置
dに、マスター#1!(共通な暗号化魅を配送するため
の暗号iト)をセットしておいて、このマスター廊で共
」な暗号化鍵を廿号化して親局より配送するがあり、又
後者は共通な暗号化鍵を通信回縁で送れるものの、マス
タ邦の管理をする必要があり管μV不元分で一度マスタ
ーわLが漏れると通信回想上を流れる共i1な暗号化鍵
(は)剪胱さJ゛じCしまう欠点がある。fb) The common 1. Install lt number 1 on d, master #1! (encryption key for delivering a common encryption key) is set, and the common encryption key is encrypted in this master channel and delivered from the master station, and the latter is a common encryption key. Although the encryption key can be sent over the communication line, it is necessary to manage the master key, and once the master key is leaked in the pipe μV, the common encryption key that flows over the communication network will be shredded. There is a drawback that J゛jiC.
(C) 発明の目的
本9色明の目的は、マルチドロツノ汰就の通信システム
に逸妥されるデータ遡信回線鴎号装〔lに共通な咄号化
鍵を設定する際、上記の欠点をなくし、鍵a理の全く必
要のない暗号装置の鍵配送方式の提供に′ある。(C) Object of the Invention The purpose of this invention is to solve the above-mentioned drawbacks when setting a common encryption key for a data retrace line encryption system that is compromised in a multi-purpose communication system. The object of the present invention is to provide a key distribution method for a cryptographic device that eliminates the need for key management.
(d) 発明の構成
本発明は上記の目的を達成するために1親局側暗号装置
と各子局−りの暗号装置tMJで、各々−力性関数を吠
用した公開鍵配送方式で公開鍵を相互に配送し多い両省
共通の誕を生成し、この生成された、各親局と子局側で
異なる良で、共通の暗号化鍵を暗号化して、咳親ノり側
+1iち装置〃−ら各子局側へ送1hシ、該各子〜担り
の1111′g=J較阪では谷々の生成された鍵で、こ
の送1ばされできた共通の暗号化鍵を復号化することに
より、K親局及び各子局の絹号装置に共通なHty号化
誕が設定されることを%敵とする。(d) Structure of the Invention In order to achieve the above object, the present invention uses a cryptographic device at one master station and a cryptographic device tMJ at each slave station, each using a public key distribution method using a force function. A common encryption key is generated between the two ministries by mutually distributing keys, and the generated common encryption key is encrypted on each master station and slave station side, and the cough parent side + 1 device is encrypted with a common encryption key. 1h is sent to each slave station, and 1111'g of each slave station is decrypted using the generated key of Taniya. By doing so, it is assumed that a common Hty code birth is set for the silk code devices of the K master station and each slave station.
tea 発明の央#例
以下本発明りl−に凡例につき−に従って説明する0
第1図はデーターm(ii回緘晰号賑ばを南するマルチ
ドロップ汝続り)ftllBシステムの1例のブロック
図1第2図は本発明の実施例の鍵配送方式の配送手順図
である。Tea Central of the Invention #Example The present invention will be described below with reference to the legend.0 Figure 1 is a block diagram of an example of a data m (ii) multi-drop system that runs south of the bus. FIG. 1 and FIG. 2 are distribution procedure diagrams of the key distribution method according to the embodiment of the present invention.
図中1はホストコンビ二一タ、2,7〜9暗号装置、3
〜6はモデム、10〜12はデータ端末、13は通信回
線を示す。In the figure, 1 is a host combinator, 2, 7 to 9 cryptographic devices, 3
-6 are modems, 10-12 are data terminals, and 13 is a communication line.
公開鍵配送方式(PKDS方式)とは一方向性関門
数(He l 1man及び叔erkleらのべき乗関
数)を使用した鍵配送方式であり、対向局から各自の公
開鍵X、 Yを各自の秘密鍵α、βを使用して配送し
あい、両局に共通な鍵を対向局で生成する方式である。The public key distribution method (PKDS method) is a key distribution method using a one-way barrier number (the power function of Helman and Ankerkle et al.), in which the public keys This is a method in which keys α and β are used to distribute the keys to each other, and the opposite station generates a key common to both stations.
ポイントッーポイント接続の場合はこの公開鍵配送方式
を実施することで両者共通の鍵が生成されこれを暗号化
鍵として使用される。しかしマルチドロップ接続の場合
は親局と各々の子局間モ公開鍵配送方式を実施するγと
各々別々の鍵が出来てしまい、このままでは共通な暗号
化鍵として使用出来ない。そこでこの公開鍵配送方式で
生成された別々の鍵で共通の鎚を暗号化して親局側から
各子局側へと送信し、子局側では上記生成てれた別々の
鍵で復号化すれば共通な暗号化鍵が得られる。この鍵配
送方式の手順を第1図第2図を用いて以下説明する。親
局側の暗号装置2から公開鍵KAを秘密鍵α人で、子局
側の暗号装置1t7から公開鍵YAを秘密鍵βAで82
図の上段に示す如く各々配送しあう。暗号装置2では受
信した公開鍵YAと秘密鍵αAより、暗号装置7は受信
した公開MXAと秘密鍵βAより各々演算を行い両者共
通のMKAを生成する。この生成された鍵KAでもって
、共通の暗号化−Kを暗号化した信号EKA (K)を
暗号装[2より暗号装置7へと送信する。暗号装置7で
は上記の生成された11%!KAで、この送信されてき
たMKAで暗号化された共通の暗号化鍵を復号化して共
通の暗号化l1lIt!Kを得る。これと同様な操作を
、親局側の暗号装置2及び子局側の暗号装置81ujで
は第2図の中段に示す如く公開鍵XB YBを使用して
各々の秘密鍵αBβBを用いて配送しあい両者共通の鉢
KBを生成し共通の暗号化fi1!Kを、この生成され
た鍵KBにて暗号化した信号EXE(K)を暗号装置2
よシ暗号装[8に送9暗号装置8ではiii!Knで復
号化して共通の暗号化#!Kを得る。In the case of a point-to-point connection, by implementing this public key distribution method, a key common to both parties is generated and used as an encryption key. However, in the case of a multi-drop connection, separate keys are created for γ, which implements the public key distribution method between the master station and each slave station, and cannot be used as a common encryption key as it is. Therefore, a common hammer is encrypted using separate keys generated using this public key distribution method and sent from the master station to each slave station, and the slave stations decrypt it using the separate keys generated above. A common encryption key can be obtained. The procedure of this key distribution method will be explained below using FIGS. 1 and 2. The public key KA is sent from the encryption device 2 on the master station side as the private key α, and the public key YA is sent as the private key βA from the encryption device 1t7 on the slave station side.
They are delivered to each other as shown in the upper part of the figure. The cryptographic device 2 performs calculations using the received public key YA and private key αA, and the cryptographic device 7 performs calculations using the received public MXA and private key βA to generate an MKA common to both. Using this generated key KA, a signal EKA (K), which is an encrypted common encryption -K, is transmitted from the encryption device [2 to the encryption device 7. In cryptographic device 7, the above generated 11%! The KA decrypts the sent common encryption key encrypted by the MKA and creates the common encryption l1lIt! Get K. A similar operation is carried out by the encryption device 2 on the master station side and the encryption device 81uj on the slave station side, as shown in the middle part of FIG. Generate a common pot KB and use common encryption fi1! The signal EXE(K) obtained by encrypting K with the generated key KB is sent to the encryption device 2.
Yoshi cipher system [send to 8 9 cipher device 8 iii! Decrypt with Kn and use common encryption #! Get K.
親局側の暗号装置2と子局側の暗号装置9間でも第2図
下段に示す如く以上と同様の操作を行ない暗号装R9は
共通な暗号化鍵Kを得る以上の如欠して親局側の暗号装
置2及び子局側の暗号装置7〜9は共通の暗号化鍵に′
6:得ることが出来る。従ってこの方式では親局側で共
通の暗号化UKの秘密を保てば鍵管理の必要はなくなる
。The same operation as above is performed between the encryption device 2 on the master station side and the encryption device 9 on the slave station side, as shown in the lower part of FIG. The encryption device 2 on the central station side and the encryption devices 7 to 9 on the slave station side use a common encryption key.
6: It can be obtained. Therefore, in this system, if the master station maintains the secret of the common encryption UK, there is no need for key management.
(fl 発明の効果
以上詳細に説明せる如く本発明によれば、公開鍵配送方
式で親局側と各子局側のデータ通信回線暗ツブ接続の場
合でも鍵管理の必要がなくなる効果がある。(fl) Effects of the Invention As explained in detail above, the present invention has the advantage of eliminating the need for key management even in the case of private data communication line connections between the master station and each slave station using the public key distribution method.
第1図はデータ通信回線暗号装置を有するマルチドロッ
プ接続の通信システムの1例のブロック図、第2図は本
発明の実施例の鍵配送方式の配送手順図である。
図中1はホストコンピュータ、2.7〜9は暗号装置、
3〜6はモデム、10〜12はデータ端末、13は通信
回想を示。FIG. 1 is a block diagram of an example of a multi-drop connection communication system having a data communication line encryption device, and FIG. 2 is a distribution procedure diagram of a key distribution method according to an embodiment of the present invention. In the figure, 1 is a host computer, 2.7 to 9 are encryption devices,
3 to 6 are modems, 10 to 12 are data terminals, and 13 is a communication recollection.
Claims (1)
〜夕通信回癲qH−号装誼の共通な暗号化錐配送に隙し
、親局側暗号装置と谷子加側の暗号装置間で、名々一方
向性関数に1更用した公開鍵配送方式で公開鮭を相互(
C配送しあい両省共通の鍵を生成し、この生成さ)L/
こ、谷税局と子局向で典なる鍵で共通の1lli号化鍵
を扇号化して該親局側暗号装置から谷子hIj廿)リヘ
込(jj L ’i該谷子局bt+の暗号装置では否々
の生成いれた1に4 ”’にの送(flされできた共通
の暗号化ν18を覗す化することにより、該親局及び6
子〕1すの唱づ装置准に共通な暗号化鍵が設定されるこ
とを嚇C<<とjoる暗号装置の鍵配送方式。J used in multi-drop wh i11 communication system
~ Evening Communication Circular QH - Taking advantage of the common encryption key distribution of encryption, public key distribution using a one-way function between the encryption device on the master station side and the encryption device on the Taniko side is carried out. Mutual public salmon (
C. A key common to both ministries is generated, and this generation) L/
Now, the common 1lli encryption key is fan-encrypted using the key that is the key for the valley tax bureau and the slave station, and then sent from the master station side encryption device to the valley tax station bt+ encryption device. Now, by making the generated common encryption ν18 visible, the master station and the 6
1. A key distribution method for cryptographic devices that threatens to set a common encryption key to all devices.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP57178862A JPS5967747A (en) | 1982-10-12 | 1982-10-12 | System for transmitting key of encryptor |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP57178862A JPS5967747A (en) | 1982-10-12 | 1982-10-12 | System for transmitting key of encryptor |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| JPS5967747A true JPS5967747A (en) | 1984-04-17 |
Family
ID=16055980
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP57178862A Pending JPS5967747A (en) | 1982-10-12 | 1982-10-12 | System for transmitting key of encryptor |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JPS5967747A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH01177229A (en) * | 1988-01-05 | 1989-07-13 | Nec Corp | Key distributing system |
-
1982
- 1982-10-12 JP JP57178862A patent/JPS5967747A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH01177229A (en) * | 1988-01-05 | 1989-07-13 | Nec Corp | Key distributing system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TW543312B (en) | Multi-node encryption and key delivery | |
| CN109412794B (en) | Quantum key automatic charging method and system suitable for power business | |
| JPH03243035A (en) | System and method for ciphered communication | |
| CN111385085B (en) | Quantum three-level key system implementation method and system | |
| JPH04297157A (en) | Data ciphering device | |
| JPH10107832A (en) | Cipher multi-address mail system | |
| CN105681253A (en) | Data encryption transmission method, equipment and gateway in centralized network | |
| CN103384233B (en) | A kind of methods, devices and systems for acting on behalf of conversion | |
| CN105376221A (en) | Game message encryption mechanism based on dynamic password, and game system | |
| CN107659405A (en) | The encrypting and decrypting method that data communicate between a kind of transformer station boss station | |
| JPH0193230A (en) | System for sharing variable secret information | |
| JPH01225251A (en) | Secret key delivering system | |
| JPS5967747A (en) | System for transmitting key of encryptor | |
| CN106961330A (en) | Quantum key service station | |
| CN106452754A (en) | Multiplayer online dynamic encryption method and apparatus | |
| JP2000059352A (en) | Encryption communication system | |
| JPH01212039A (en) | Cryptographic key common share device | |
| CN111010386B (en) | Privacy protection and data supervision control method based on shared account book | |
| CN112019553B (en) | Data sharing method based on IBE/IBBE | |
| JPS61163746A (en) | Cipher key distributing system | |
| CN104243409A (en) | Terminal-to-terminal data transmission method | |
| JPH06197105A (en) | Multi-address key distributing device | |
| JPH02195377A (en) | Ic card provided with key sharing function | |
| JPS6253042A (en) | Distributing system for cryptographic key | |
| JPS6346028A (en) | Cryptographic key distribution system |