JPS59140744A - Cryptocommunication system - Google Patents
Cryptocommunication systemInfo
- Publication number
- JPS59140744A JPS59140744A JP58014092A JP1409283A JPS59140744A JP S59140744 A JPS59140744 A JP S59140744A JP 58014092 A JP58014092 A JP 58014092A JP 1409283 A JP1409283 A JP 1409283A JP S59140744 A JPS59140744 A JP S59140744A
- Authority
- JP
- Japan
- Prior art keywords
- communication
- encryption
- key
- master station
- station
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
Abstract
Description
【発明の詳細な説明】
(a)0発明の技術分野
本発明は暗号通信方式に係り、特にデータ通信暗号装置
がマルチ・ドロップ接続の通信ネットワーク・システム
に適用される場合の暗号化/復号化の為の鍵管理方式及
び暗号化通信方式に関するものである。Detailed Description of the Invention (a) 0 Technical Field of the Invention The present invention relates to a cryptographic communication system, and particularly to encryption/decryption when a data communication cryptographic device is applied to a communication network system with multi-drop connections. The present invention relates to key management systems and encrypted communication systems for.
偽)、従来技術と問題点
公開鍵配送方式PKDS (Public Key
Dis−tributfon System )は、最
も一般的に使用される暗号通信方式の一つである。False), Conventional technology and problemsPublic key distribution method PKDS (Public Key
Dis-tribute system) is one of the most commonly used cryptographic communication methods.
然し此の方式によるデータ通信暗号装置がマルチドロッ
プ接続の通信ネットワーク・システムに適用される場合
、従来方式によれば暗号化/復号化の為の鍵は其のネッ
トワークとして一個のみで管理されていた。However, when a data communication encryption device using this method is applied to a communication network system with multi-drop connections, according to the conventional method, only one key for encryption/decryption is managed for the network. .
即ち通例は暗号装置に此の一個の鍵を置き、親局で管理
していたが、此の場合に親局の暗号装置と成る子局の暗
号装置とが暗号通信をしている時に、其の他の子局の暗
号装置は其の鍵を知っているので、其の暗号通信の内容
を判読することが出来ると云う欠点があった。In other words, normally this single key is placed in the encryption device and managed by the master station, but in this case, when the encryption device of the master station and the encryption device of the slave station are performing encrypted communication, The drawback was that the encryption devices of other slave stations knew the key and could therefore decipher the contents of the encrypted communication.
(C)0発明の目的
本発明の目的は従来技術の有する上記の欠点を除去し、
データ通信暗号装置がマルチ・ドロップ接続の通信ネッ
トワーク・システムに適用される場合でも、同一ネット
ワーク内の他の子局に対し充分秘匿化出来る、より秘匿
度の高い暗号通信方式を提供することである。(C)0Object of the invention The object of the present invention is to eliminate the above-mentioned drawbacks of the prior art,
Even when a data communication encryption device is applied to a communication network system with multi-drop connection, it is possible to provide an encryption communication method with a higher degree of secrecy that can sufficiently conceal other slave stations in the same network. .
(d)0発明の構成
上記の目的は本発明によれば、マルチ・ドロップ接続の
通信ネットワーク・システムに適用されるデータ通信暗
号装置に於いて、親局側暗号装置は金子局側暗号装置に
共通の暗号化/復号化の為の鍵と前記各子局側暗号装置
毎に異なる暗号化/復号化の為の鍵とを保有し、管理す
る機能を具備することを特徴とする暗号通信方式を提供
することにより達成される。(d)0 Structure of the Invention According to the present invention, in a data communication cryptographic device applied to a communication network system with multi-drop connection, the master station side cryptographic device is connected to the gold mine side cryptographic device. A cryptographic communication method characterized by having a function of holding and managing a common encryption/decryption key and a different encryption/decryption key for each slave station cryptographic device. This is achieved by providing
(e)0発明の実施例
本発明は親局側暗号装置に、全子局暗号装置に共通の暗
号化/復号化の為の鍵と、各子局暗号装置毎に異なる暗
号化/復号化の為の鍵とを保有せしめることにより、同
報通信及び個別通信を夫々違う鍵を使用して行い、暗号
のより高度の秘匿化を計るものである。 。(e) 0 Embodiment of the invention The present invention provides a key for encryption/decryption that is common to all slave station cryptographic devices in the master station side cryptographic device, and a key for encryption/decryption that is different for each slave station cryptographic device. By holding a key for each broadcast communication and individual communication, different keys are used for broadcast communication and individual communication, thereby achieving a higher degree of secrecy of the encryption. .
第1図は本発明の一実施例を示すブロック図で図中、M
は親局装置、MDは親局側暗号装置、ModOは親局側
モデム装置、Sl、S2、S3は夫々子局のデータ端末
機、SDI、SD2、SD3は夫々子局S1、S2、S
3側の暗号装置、Mod1〜3は夫々親局側モデム装置
である。FIG. 1 is a block diagram showing one embodiment of the present invention.
is the master station device, MD is the master station encryption device, ModO is the master station modem device, Sl, S2, and S3 are the data terminals of the slave stations, respectively, and SDI, SD2, and SD3 are the slave stations S1, S2, and S, respectively.
The encryption devices Mod 1 to Mod 3 on the third side are modem devices on the master station side, respectively.
第2図は親局側の暗号装置MDのブロック図であり、図
中1は暗号化/復号化回路、2は鍵管理部、3は通信制
御部であり、SDは送信データの通過する線路、RDは
受信データの通過する線路を夫々表している。FIG. 2 is a block diagram of the encryption device MD on the master station side. In the figure, 1 is an encryption/decryption circuit, 2 is a key management section, 3 is a communication control section, and SD is a line through which transmission data passes. , RD represent the lines through which the received data passes.
以下第1図、第2図に従って本発明の詳細な説明する。The present invention will be described in detail below with reference to FIGS. 1 and 2.
第1図の様なマルチ・ドロップ接続の通信ネットワーク
・システム(又は1:N形式)に適用される親局側暗号
通信装置は第2図に示す様なブロック構成を持つ。A master station encrypted communication device applied to a multi-drop connection communication network system (or 1:N format) as shown in FIG. 1 has a block configuration as shown in FIG.
親局からの送信データは親局側暗号装置MDの通信制御
部3に於いて、宛先識別される。ここで同報通信又は個
別通信等の通信種別により、鍵管理部2に於いて、実際
に暗号通信に使用される鍵が選択され、暗号化/復号化
回路1に設定され、以後具の鍵に依って暗号通信が行な
われる。The destination of transmission data from the master station is identified in the communication control section 3 of the master station encryption device MD. Depending on the type of communication such as broadcast communication or individual communication, the key actually used for encrypted communication is selected in the key management unit 2 and set in the encryption/decryption circuit 1. Encrypted communication is performed based on
同報通信の場合には、此のネットワークで規定(管理)
された金子局側暗号装置が保有する鍵を使用し、個別通
信の場合には、各子局別に保有する鍵を使用して暗号通
信を実施する。In the case of broadcast communication, regulations (management) are made in this network.
In the case of individual communication, encrypted communication is performed using a key held by each slave station.
今親局Mが子局S1とだけ個別に暗号通信を行う時は、
親局Mよりの送出データの中から、子局S1向けの情報
を親局側暗号装置MDの通信制御部3により抽出し、鍵
管理部2に於いて、子局S1のみが保有する暗号化/復
号化あ為の鍵Kaを選び出し、以後親局Mより送出する
情報は鍵Kaにより暗号化され通信回線に送り出される
。Now, when master station M performs encrypted communication individually only with slave station S1,
The communication control unit 3 of the master station encryption device MD extracts information destined for the slave station S1 from the data sent from the master station M, and encrypts the information held only by the slave station S1 in the key management unit 2. /The key Ka for decryption is selected, and the information sent from the master station M thereafter is encrypted with the key Ka and sent to the communication line.
此の時子局S1は共通の鍵Kzと個別の鍵Kaを持って
いるので、親局Mより送出される情報を復号化すること
が出来る。At this time, since the slave station S1 has the common key Kz and the individual key Ka, it can decrypt the information sent from the master station M.
親局Mより送出される情報は、当然他の各子局でも受信
することが出来るが、子局s1以外の各子局S2、S3
は鍵Kaを保有していないので情報の復号化は出来ない
。Information sent from the master station M can of course be received by each other slave station, but each slave station S2 and S3 other than slave station s1
Since it does not possess the key Ka, it cannot decrypt the information.
(f)9発明の効果
以上詳細に説明した様に本発明によれば、マルチ・ドロ
ップ接続の通信ネットワーク・システムに於いて、通信
種別毎に暗号化/復号化の為の鍵を変えることが出来る
ので、同一ネ・ノドワーク内の個別通信の秘匿性を高め
ると云う大きい効果が有る・(f) 9 Effects of the Invention As explained in detail above, according to the present invention, in a multi-drop connection communication network system, it is possible to change the encryption/decryption key for each type of communication. This has the great effect of increasing the confidentiality of individual communications within the same network.
第1図は本発明の一実施例を示すプロ・ツク図で図中、
Mは親局装置、MDは親局側暗号装置、ModOは親局
側モデム装置、Sl、S2、S3は夫々子局のデータ端
末機、SDI、SD2、SD3は夫々子局S1、S2、
S3側の暗号装置、Mod1〜3は夫々親局側モデム装
置である。
第2図は親局側の暗号装置MDのプロ・ツク図であり、
図中1は暗号化/復号化回路、2は鍵管理部、3は通信
制御部であり、SDは送信データの通過する線路、RD
は受信データの通過する線路を夫々表している。FIG. 1 is a process diagram showing one embodiment of the present invention.
M is the master station device, MD is the master station encryption device, ModO is the master station modem device, Sl, S2, S3 are the data terminals of the slave stations, SDI, SD2, SD3 are the slave stations S1, S2, respectively.
The cryptographic devices on the S3 side and Mods 1 to 3 are modem devices on the master station side, respectively. Figure 2 is a block diagram of the cryptographic device MD on the master station side.
In the figure, 1 is an encryption/decryption circuit, 2 is a key management unit, 3 is a communication control unit, SD is a line through which transmission data passes, and RD
represent the lines through which the received data passes.
Claims (1)
適用されるデータ通信暗号装置に於いて、親局側暗号装
置は金子局側暗号装置に共通の暗号化/復号化の為の鍵
と前記各子1局側暗号装置毎に異なる暗号化/復号化の
為の鍵とを保有し、管理する機能を具備することを特徴
とす、る暗号通信方式。In a data communication cryptographic device applied to a multi-drop connection communication network system, the master station cryptographic device has a key for encryption/decryption common to the gold and secondary cryptographic devices, and one of the child stations. An encrypted communication method characterized by having a function of holding and managing keys for encryption/decryption that are different for each side encrypting device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP58014092A JPS59140744A (en) | 1983-01-31 | 1983-01-31 | Cryptocommunication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP58014092A JPS59140744A (en) | 1983-01-31 | 1983-01-31 | Cryptocommunication system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| JPS59140744A true JPS59140744A (en) | 1984-08-13 |
Family
ID=11851463
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP58014092A Pending JPS59140744A (en) | 1983-01-31 | 1983-01-31 | Cryptocommunication system |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JPS59140744A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS6282742A (en) * | 1985-10-07 | 1987-04-16 | Hitachi Ltd | Distribution system for remote sensing data |
-
1983
- 1983-01-31 JP JP58014092A patent/JPS59140744A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS6282742A (en) * | 1985-10-07 | 1987-04-16 | Hitachi Ltd | Distribution system for remote sensing data |
| JPH07114404B2 (en) * | 1985-10-07 | 1995-12-06 | 株式会社日立製作所 | Remote sensing data distribution system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| NO20010227D0 (en) | Method and apparatus for securely communicating information between multiple digital, audiovisual devices | |
| SE9503343L (en) | Method for encrypting information | |
| ATE319242T1 (en) | METHOD AND DEVICE FOR SECURE CRYPTOGRAPHIC COMMUNICATION | |
| ATE277466T1 (en) | METHOD AND DEVICE FOR SELECTIVE ENCRYPTION AND DECRYPTION OF POINT-TO-MULTIPOINT MESSAGES | |
| NL1006252A1 (en) | Method of encrypting data transfer | |
| JPH10327141A (en) | Method and device for enciphering/deciphering data | |
| JPH04297157A (en) | Data ciphering device | |
| JPS59140744A (en) | Cryptocommunication system | |
| KR100978001B1 (en) | Imformation protect and equipment manage system for applying aria algorithim and method of the same | |
| JP2000305849A (en) | Transmitter and its method, receiver and its method and communication system | |
| JP2009159220A (en) | Communication device and encryption conversion method | |
| JPH0777933A (en) | Network data ciphering device | |
| JPS61163746A (en) | Cipher key distributing system | |
| JPH01233851A (en) | Cryptographic device | |
| JPH06197105A (en) | Multi-address key distributing device | |
| JPH02195377A (en) | Ic card provided with key sharing function | |
| JPH04101529A (en) | Enciphered communication system | |
| JPS6182547A (en) | Privacy communication system | |
| JPS6346028A (en) | Cryptographic key distribution system | |
| JP2001203679A (en) | Dynamic secure group mobile communication system | |
| JP2000184452A (en) | Cipher communication equipment | |
| JPH0151107B2 (en) | ||
| JP2000222315A (en) | Server client type security system | |
| CA2141724A1 (en) | Cryptographic device | |
| JPH01297928A (en) | Secret multi-address communication system |