JPS6163128A - Ciphering key distribution system - Google Patents

Ciphering key distribution system

Info

Publication number
JPS6163128A
JPS6163128A JP59185186A JP18518684A JPS6163128A JP S6163128 A JPS6163128 A JP S6163128A JP 59185186 A JP59185186 A JP 59185186A JP 18518684 A JP18518684 A JP 18518684A JP S6163128 A JPS6163128 A JP S6163128A
Authority
JP
Japan
Prior art keywords
information
destination
key distribution
public
sender
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP59185186A
Other languages
Japanese (ja)
Other versions
JPH0546731B2 (en
Inventor
Tatsuaki Okamoto
龍明 岡本
Akira Shiraishi
旭 白石
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nippon Telegraph and Telephone Corp
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to JP59185186A priority Critical patent/JPS6163128A/en
Publication of JPS6163128A publication Critical patent/JPS6163128A/en
Publication of JPH0546731B2 publication Critical patent/JPH0546731B2/ja
Granted legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)

Abstract

PURPOSE:To distribute effectively a key from one distribution sender to plural distribution destinations under the recognition of the both the parties by allowing each key distribution destination to use reception information and secret information possessed by the own destination so as to obtain a key from the information generated by key distribution sender through the use of a random number and public information. CONSTITUTION:The distribution sender generate information transferred to each distribution destination (i) by using the generated random number and the information transmitted to each distribution destination and system public information and transmits the result to each distribution destination. Then each distribution destination (i) (i=1, 2...n) inputs an output Zi of an exponential synthesis function operating device received from the sender and values bi, P stored in secret to the operator 51 and numerals Yn+1 and P obtained from a public table 16 from its output are inputted to as synthesis multiplier 52. Thus, Equation I is satisfied. In such a procedure, the sender qualifies the destination and each destination (i) qualifies the sender because the public list registration information of the sender is used.

Description

【発明の詳細な説明】 〔産業上の利用分野〕 本発明は、慣用暗号系の暗号鍵を3者以上に安全に配送
する方式に関する。DETAILED DESCRIPTION OF THE INVENTION [Field of Industrial Application] The present invention relates to a system for safely delivering a cryptographic key of a conventional cryptographic system to three or more parties.

〔従来技術〕[Prior art]

慣用暗号系の鍵を安全に配送する方式として。 As a method for safely delivering keys for conventional cryptography.

離散対数問題の雅しさを利用した公開鍵配送方式が提案
されている(W、 Diffie and M、 E 
、 [(e11man+ ”New Directio
ns in Cryptography”。A public key distribution method that takes advantage of the elegance of the discrete logarithm problem has been proposed (W, Diffie and M, E
, [(e11man+ “New Direction
ns in Cryptography”.

r E E E Tran−+  I T  22 +
 6 + pp644−6’54.1976)。しかし
ながら、この方式は2者間に暗号鍵を配送する;とはで
きるが、3者以上に暗号鍵を配送することはできない。r E E E Tran-+ I T 22 +
6 + pp644-6'54.1976). However, although this method can distribute the encryption key between two parties, it cannot distribute the encryption key to three or more parties.

一方、公開鍵配送方式を基本にして、多者に共通鍵を配
送できるようにした方式が提案されているが(I + 
 I ngemarsson et、 al、 + ”
A Conference  Key  Disjri
bution  5yst、am”、   I  E 
 E  ETran、、IT−28,5+PP−714
−720゜1982)、この方式は多者間でループ状に
通信を行うため同報通信型の暗号鍵配送には適さず。On the other hand, a method has been proposed that is based on a public key distribution method and allows a common key to be distributed to many parties (I +
Ingemarsson et al, +”
A Conference Key
Buttion 5yst, am”, I E
E ETran, IT-28,5+PP-714
-720° 1982), this method is not suitable for broadcast communication type encryption key distribution because communication is performed in a loop between many parties.

また、暗号鍵共通者の確認のためには別途認証機能が必
要となる。In addition, a separate authentication function is required to confirm the person who shares the encryption key.

〔発明の目的〕[Purpose of the invention]

本発明の目的は、公開鍵配送方式に基づき1回報通信に
適した形で3者以上への鍵の配送を行うと共に、配送先
、配送元の認証を行うことができる暗号鍵配送方式を提
供することにある。An object of the present invention is to provide an encryption key distribution method that can distribute keys to three or more parties in a form suitable for one-time communication based on a public key distribution method, and can authenticate the destination and source. It's about doing.

〔発明の構成及び作用〕[Structure and operation of the invention]

本発明は、システムで共通に用いられる公開情報を予め
定めておくと共に、無配送元及び複数の無配送先の各省
はそれぞれシステムの公開情報に基づき秘密情報及び公
開情報を予め生成し、公開情報のみ公開溝に登録してお
き、無配送元が複数の無配送先へ鍵を配送する場合、無
配送元は乱数を生成し、その乱数、各無配送元の公開情
報及びシステムの公開情報等を用いて指数合同関数演算
等より各無配送先へ転送する情報を生成し、これら情報
を受信した各無配送先は受信情報と各自が保持する秘密
情報等を用いて指数合同関数演算等により鍵を得ること
を特徴とする。以下、図面により本発明の内容を詳述す
る。In the present invention, public information commonly used in the system is determined in advance, and each ministry of a non-delivery source and a plurality of non-delivery destinations generates secret information and public information in advance based on the public information of the system, and the public information When a non-delivery source sends a key to multiple non-delivery destinations, the non-delivery source generates a random number, and the random number, public information of each non-delivery source, system public information, etc. The information to be transferred to each non-delivery destination is generated by an exponential congruence function calculation, etc. using It is characterized by getting the key. Hereinafter, the content of the present invention will be explained in detail with reference to the drawings.

まず、システム内で共通に用いられる公開情報としてX
、Pを定める。X、Pは次の条件を満たす整数とする。First, as public information commonly used within the system,
, P is determined. Let X and P be integers that satisfy the following conditions.

(1) 1≦X≦P−1 (11)・Pは素数でかつ(P−1)/2も素数法に、
第1図に示すように、無配送元、無配送先の各省i  
(t=1+ 21・・・、n)は、乱数発生器11.最
大公約数演算器12.比較器13より、次式 %式%(1) ここで、GCD (X、Y)はX、Yの最大公約数の関
係を満足する整数al を生成し、それを用いて合同逆
数演算器14.指数合同関数演算器15より1次式 %式%(3) の関係を満足する整数す、、Y、を生成し、Y。(1) 1≦X≦P-1 (11)・P is a prime number and (P-1)/2 is also a prime number method,
As shown in Figure 1, each province i of non-delivery origin and non-delivery destination
(t=1+21...,n) is the random number generator 11. Greatest common divisor calculator 12. From the comparator 13, the following formula % formula % (1) where GCD (X, Y) generates an integer al that satisfies the relationship of the greatest common divisor of .. The exponential congruence function calculator 15 generates integers S, Y, which satisfy the relationship of the linear equation (3).

を公開情報として公開溝16に登録し、ai + b秘
密に保持する。is registered in the public groove 16 as public information, and ai+b is kept secret.

次に、配送元が配送先i  (t=1.2.・・・on
)へ共通鍵を配:!−するものとする。Next, the delivery source is the delivery destination i (t=1.2...on
) to assign the common key to :! - Shall be.

、  まず、第2図で示すように配送元は、乱数γ(1
≦γ≦P−1)を乱数発生器21により生成し、公開溝
16より得たY’+  (t=1,2−・・・。, First, as shown in Figure 2, the delivery source is a random number γ(1
≦γ≦P-1) is generated by the random number generator 21, and Y'+ (t=1, 2-...) is obtained from the public channel 16.

n)及びγをPと共に指数合同関数演算器22に入力す
ることにより1次式 %式%(5) を満足するZ、を生成し、配送先iへ送付する。By inputting n) and γ together with P into the exponential congruence function calculator 22, Z that satisfies the linear equation % (5) is generated and sent to destination i.

また、X、γ、Pを指数合同関数演算器23に入力する
ことにより、配送先iと共通に保持する(つまり、配送
先iへ配送したことになる)暗号鍵Kを生成する。つま
り、 KEX  (modP)            (6
)次に、第3図で示すように、配送先i  (i=1゜
2、・・・n)では、配送元より受は取ったZlと秘密
に保持するbi+及びPを指数合同関数演算器30に入
力することにより、配送された暗号鍵Kを生成すること
ができ、配送元及び配送先1(i=1.・・・on)の
(n+1)者の間で共通の暗号鍵Kを配送することがで
きたことになる。つまり、’   bi KEZ+   (n+odP)           
(7)また1以上の配送手順において、配送元は配送先
の公開溝登録情報を用いるため、配送元は配送先に対す
る認証を行ったことになる。つまり、正しいi  (i
=1.2.・・・n)以外の者はKを生成できないため
、配送元が鍵配送を意図した者以外へ鍵が配送されるこ
とはない。Furthermore, by inputting X, γ, and P to the exponential congruence function calculator 23, an encryption key K that is held in common with the delivery destination i (that is, it is delivered to the delivery destination i) is generated. In other words, KEX (modP) (6
) Next, as shown in Figure 3, at delivery destination i (i = 1°2,...n), Zl received from the delivery source and bi+ and P kept secret are subjected to an exponential congruence function operation. By inputting it into the device 30, the delivered encryption key K can be generated, and the encryption key K is common among (n+1) parties of the delivery source and delivery destination 1 (i=1...on). This means that we were able to deliver. In other words, ' bi KEZ+ (n+odP)
(7) Furthermore, in one or more delivery procedures, the delivery origin uses the public channel registration information of the delivery destination, so the delivery origin has authenticated the delivery destination. In other words, the correct i (i
=1.2. Since no one other than n) can generate K, the key will not be delivered to anyone other than the person to whom the delivery source intended the key delivery.

次に、配送元が配送先を認証するだけでなく。Second, not only does the origin authenticate the destination.

配送先が配送元を認証する方式を示す。Indicates the method by which the delivery destination authenticates the delivery source.

まず、第4図で示すように、配送元(n+1)は乱数γ
(1≦γ≦P−1)を乱数発生器41により生成し、秘
密に保持するa n++と−γ、P−1を合同減算器4
2へ入力し、次式 %式%(8) の関係を満足するtを生成し、さらに公開s16より得
たY、(i=1.2.・・・、n)及びt、Pを指数合
同関数演算器43に入力することにより。First, as shown in Figure 4, the delivery source (n+1) is a random number γ
(1≦γ≦P-1) is generated by a random number generator 41, and a n++, -γ, and P-1 are kept secret by a joint subtractor 4.
2, generate t that satisfies the relationship of the following formula % formula % (8), and further index Y, (i = 1.2..., n) and t, P obtained from public s16. By inputting it to the congruence function calculator 43.

次式 %式%(9) を満足するZ、を生成し、配送先iへ送付する。The following formula % formula % (9) Z that satisfies is generated and sent to destination i.

また、X、γ、Pを指数合同関数演算器44に入力する
ことにより、 式(6)を満足するKを生成する。これ
は、配送先iと共有する暗号鍵にである。Furthermore, by inputting X, γ, and P to the exponential congruence function calculator 44, K that satisfies Equation (6) is generated. This is the encryption key shared with destination i.

次に、第5図で示すように、配送先i  (i=1゜2
、・・・+n)では、配送元より受は取ったZiと秘密
に保持するす、及びPを指数合同関数演算器51に入力
し、その出力と公開116より得たYl、及びPを合同
乗算器52へ入力することにより1次式 %式%(10) を満足するKを得る。つまり、配送元(n+1)及び配
送先i  (i:i、2.−、n)の(n+1)者の間
で共通の暗号鍵Kを配送することができたことになる。Next, as shown in Fig. 5, delivery destination i (i=1°2
,...+n), input Zi received from the delivery source, S, and P kept secret to the exponential congruence function calculator 51, and concatenate its output with Yl obtained from the public 116 and P. By inputting it to the multiplier 52, K that satisfies the linear equation %(10) is obtained. In other words, the common encryption key K could be delivered between the delivery source (n+1) and the delivery destination i (i:i, 2.-, n) (n+1).

以上の手順においては、配送元(n+1)は配送先iの
認証を行っていると共に、配送先iは配送元(n+1)
の公開溝登録情報を用いるため、配送先iは配送元の認
証を行ったことになる。つまり、正しい配送元(n+1
)以外は、式(10)が成立するような2.を生成でき
ない。In the above procedure, the delivery source (n+1) is authenticating the delivery destination i, and the delivery destination i is the delivery source (n+1).
Since the public channel registration information of is used, delivery destination i has authenticated the delivery source. In other words, the correct delivery source (n+1
), 2. such that equation (10) holds true. cannot be generated.

〔発明の効果〕〔Effect of the invention〕

以上説明したように5本発明によれば、公開鍵配送方式
に基づき、一つの配送元より2者以上への配送先へ鍵の
配送を行うと共に、配送先、配送元の認証を行うことが
できる。As explained above, according to the present invention, based on the public key distribution method, keys can be delivered from one delivery source to two or more delivery destinations, and the delivery destination and the delivery source can be authenticated. can.

従って1本発明は1回報通信で2者以上に鍵を配送する
場合に有効である。Therefore, the present invention is effective when a key is distributed to two or more parties in one broadcast communication.

【図面の簡単な説明】[Brief explanation of drawings]

第1図は、配送元、配送先の各音による公開情報、秘密
情報の生成を示す図、第2図は、配送元が配送先iへの
配送情報及び暗号鍵を生成する場合を示す図、第3図は
、第2図に対応した配送先iの暗号鍵の生成を示す図、
第4図は、配送元(n+1)が配送先iへの配送情報及
び暗号鍵を生成する場合を示す図、第5図は、第4図に
対応した配送先iの暗号鍵の生成を示す図である。 11.21.41・・・乱数発生器。 12・・・最大公約数演算器、  1.3・・・比較器
。 14・・・合同逆数演算器、   15,22,23゜
30.43,44.51・・・指数合同関数演算器。 16・・・公開溝、  42・・・合同減算器。 52・・・合同乗算器。 第  1   図 し4    ytFIG. 1 is a diagram showing the generation of public information and secret information using each sound of the delivery source and delivery destination, and FIG. 2 is a diagram showing the case where the delivery source generates delivery information and encryption key for delivery destination i. , FIG. 3 is a diagram showing the generation of an encryption key for delivery destination i corresponding to FIG.
FIG. 4 is a diagram showing a case where a delivery source (n+1) generates delivery information and encryption key for delivery destination i, and FIG. 5 shows generation of an encryption key for delivery destination i corresponding to FIG. 4. It is a diagram. 11.21.41...Random number generator. 12... Greatest common divisor calculator, 1.3... Comparator. 14...Congruent reciprocal calculator, 15,22,23°30.43,44.51...Exponential congruence function calculator. 16...Open groove, 42...Congruent subtractor. 52...Congruent multiplier. Figure 1 4 yt

Claims (1)

【特許請求の範囲】[Claims] (1)慣用暗号系の暗号鍵を3者以上の間に安全に配送
するシステムにおいて、システムで共通に用いられる公
開情報を予め定めておくと共に、鍵配送元及び複数の鍵
配送先の各者はそれぞれシステムの公開情報に基づき秘
密情報及び公開情報を予め生成して公開情報のみ公開簿
に登録しておき、鍵配送元が複数の鍵配送先へ鍵を配送
する場合、鍵配送元は乱数を生成し、該生成した乱数、
各鍵配送先の公開情報及びシステムの公開情報等を用い
て各鍵配送先へ転送する情報を生成し、これら情報を受
信した各鍵配送先は受信情報と各自が保持する秘密情報
等を用いて鍵を得ることを特徴とする暗号鍵配送方式。(1) In a system that securely distributes encryption keys of conventional cryptography among three or more parties, public information commonly used in the system is determined in advance, and each of the key distribution source and multiple key distribution destinations generates secret information and public information in advance based on the public information of the system and registers only the public information in the public register, and when the key distribution source distributes keys to multiple key distribution destinations, the key distribution source uses random numbers. and the generated random number,
Information to be transferred to each key distribution destination is generated using public information of each key distribution destination and system public information, etc., and each key distribution destination that receives this information uses the received information and private information held by each key distribution destination. A cryptographic key distribution method characterized by obtaining a key by using
JP59185186A 1984-09-04 1984-09-04 Ciphering key distribution system Granted JPS6163128A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP59185186A JPS6163128A (en) 1984-09-04 1984-09-04 Ciphering key distribution system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP59185186A JPS6163128A (en) 1984-09-04 1984-09-04 Ciphering key distribution system

Publications (2)

Publication Number Publication Date
JPS6163128A true JPS6163128A (en) 1986-04-01
JPH0546731B2 JPH0546731B2 (en) 1993-07-14

Family

ID=16166349

Family Applications (1)

Application Number Title Priority Date Filing Date
JP59185186A Granted JPS6163128A (en) 1984-09-04 1984-09-04 Ciphering key distribution system

Country Status (1)

Country Link
JP (1) JPS6163128A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH01173939A (en) * 1987-04-03 1989-07-10 Bull Cp 8 Method of accessing identification key to safety module and user card in information processing network
US7333617B1 (en) 1999-08-12 2008-02-19 Deutsche Telekom Ag Method for establishing a common key for a group of at least three subscribers

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
CRYPTOGRAPHY AND DATA SECURITY=1982 *
THE ART OF COMPUTER PROGRAMMING SECOND EDITION=1981 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH01173939A (en) * 1987-04-03 1989-07-10 Bull Cp 8 Method of accessing identification key to safety module and user card in information processing network
JPH0793622B2 (en) * 1987-04-03 1995-10-09 ビュル セーペー8 How to get the secret key to the security module and user card in the information processing network
US7333617B1 (en) 1999-08-12 2008-02-19 Deutsche Telekom Ag Method for establishing a common key for a group of at least three subscribers
US7778423B2 (en) 1999-08-12 2010-08-17 Deutsche Telekom Ag Method for establishing a common key for a group of at least three subscribers

Also Published As

Publication number Publication date
JPH0546731B2 (en) 1993-07-14

Similar Documents

Publication Publication Date Title
JP2606419B2 (en) Cryptographic communication system and cryptographic communication method
EP1526676B1 (en) Conference session key distribution method on an id-based cryptographic system
US6249585B1 (en) Publicly verifiable key recovery
JPH05281906A (en) Cipher key common-used system
Hwang Cryptosystem for group oriented cryptography
Han et al. A GDPR based Approach to Enhancing Blockchain Privacy
JPS6163128A (en) Ciphering key distribution system
JPH0193230A (en) System for sharing variable secret information
US6724893B1 (en) Method of passing a cryptographic key that allows third party access to the key
US7035405B1 (en) Method for establishing a common key between a central station and a group of subscribers
JP3074164B2 (en) Exclusive key agreement
JP3694242B2 (en) Signed cryptographic communication method and apparatus
JPS6253042A (en) Distributing system for cryptographic key
JPS62190943A (en) Certification system for distribution of cryptographic key
JPH0382237A (en) Open public key cryptographic signal verification system
CN116886411B (en) Secure multiparty computing method based on anonymous authentication
JPH0382239A (en) Cryptographic key delivering system
CN110113165B (en) SM2 digital signature collaborative generation method and system supporting mixed secret sharing
JPH0815272B2 (en) Shared encryption key delivery method
JP3862397B2 (en) Information communication system
JP3464153B2 (en) Encryption communication method and encryption communication system
JP2002217885A (en) Key escrow system
JPH02246640A (en) Common key delivery system using verification information of management center
CN116628747A (en) Data authorization sharing method based on privacy calculation
JP2002252609A (en) Key escrow system

Legal Events

Date Code Title Description
EXPY Cancellation because of completion of term