[go: up one dir, main page]

WO2018092313A1 - Communication device, communication system and communication method - Google Patents

Communication device, communication system and communication method Download PDF

Info

Publication number
WO2018092313A1
WO2018092313A1 PCT/JP2016/084482 JP2016084482W WO2018092313A1 WO 2018092313 A1 WO2018092313 A1 WO 2018092313A1 JP 2016084482 W JP2016084482 W JP 2016084482W WO 2018092313 A1 WO2018092313 A1 WO 2018092313A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication device
plaintext
communication
transmitted
time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2016/084482
Other languages
French (fr)
Japanese (ja)
Inventor
崇宏 小玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mitsubishi Electric Corp
Original Assignee
Mitsubishi Electric Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitsubishi Electric Corp filed Critical Mitsubishi Electric Corp
Priority to PCT/JP2016/084482 priority Critical patent/WO2018092313A1/en
Publication of WO2018092313A1 publication Critical patent/WO2018092313A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L27/00Modulated-carrier systems
    • H04L27/32Carrier systems characterised by combinations of two or more of the types covered by groups H04L27/02, H04L27/10, H04L27/18 or H04L27/26
    • H04L27/34Amplitude- and phase-modulated carrier systems, e.g. quadrature-amplitude modulated carrier systems

Definitions

  • the present invention relates to a communication device, a communication system, and a communication method that perform bidirectional communication while suppressing information leakage and tampering.
  • information security needs to be strengthened to prevent information leakage and tampering.
  • Information security is to ensure confidentiality, integrity, and availability.
  • OSI Open Systems Interconnection
  • the function of enhancing the confidentiality of information is mainly handled by the transport layer of the fourth layer.
  • cross-layer processing in which encryption is performed in a plurality of layers is required.
  • confidentiality is regarded as important, and it is a problem to improve the confidentiality of data in order to prevent an attack from an eavesdropper on the transmission path.
  • plain text the original data to be transmitted, that is, data that has not been encrypted or encoded is referred to as plain text.
  • AES Advanced Encryption Standard
  • AES Advanced Encryption Standard
  • Patent Document 1 discloses that a ciphertext is generated from a signature generated from plaintext and a sender-side secret key on the transmission side. A method has been proposed in which the original plaintext can be restored by decrypting the signature on the receiver side using the private key on the receiver side.
  • the technique described in Patent Document 1 is a technique for unidirectional transmission, and encryption is necessary in each of the forward direction and the opposite direction during bidirectional transmission.
  • Common key cryptosystems can be broadly classified into two types: block cryptosystems and stream cryptosystems.
  • the block cipher system is a system that guarantees secrecy by the amount of calculation required for decryption because the length of the secret key is shorter than the plaintext length.
  • the stream encryption method is a method in which the length of the secret key is equal to or longer than the plaintext length, and complete secrecy is guaranteed by a one-time pad.
  • the stream encryption method is a method with high encryption strength that guarantees complete secrecy, but generally the hardware circuit scale is larger than that of the block encryption method.
  • This invention is made in view of the above, Comprising: Obtaining the communication apparatus which can suppress the increase in a hardware circuit scale after ensuring the secrecy of a bidirectional transmission path in bidirectional
  • a communication device includes a receiver that receives a first encoded text from a communication device of a communication partner, and a first that is transmitted at a first time. And a second plaintext obtained by decoding the first encoded text transmitted from the communication device of the communication partner at a second time before the first time. And an encoder for generating a second encoded sentence.
  • the communication device decodes the first encoded text using the transmitter that transmits the second encoded text to the communication device of the communication partner and the first plaintext that is transmitted at the second time. And a decoder for generating two plaintexts.
  • the communication apparatus has an effect that it is possible to suppress an increase in the hardware circuit scale while ensuring the secrecy of the bidirectional transmission path in bidirectional transmission.
  • FIG. 11 is a sequence diagram illustrating an example of a procedure until the encoded transmission according to the first embodiment is started.
  • N is an integer greater than or equal to 2 of Embodiment 1
  • FIG. The figure which shows the structural example of the communication system concerning Embodiment 2.
  • FIG. The figure which shows the concept of the encoding and encryption method of Embodiment 2.
  • FIG. 4 is a diagram showing a concept of a block encryption method in Embodiment 3 using both the encoding method described in Embodiment 1 and a multi-level phase amplitude modulation method.
  • FIG. 11 is a diagram illustrating a concept of a block encryption method according to the third embodiment using both the encoding method described in the first embodiment and the multi-channel multilevel phase amplitude modulation method.
  • FIG. 10 is a diagram illustrating a configuration example of a communication device when a stream data pad method is applied to a multi-level phase amplitude modulation signal using multi-channel according to the third embodiment.
  • the figure which shows the structural example of the control circuit of Embodiment 1 to Embodiment 3.
  • FIG. 1 is a diagram of a configuration example of a communication system according to the first embodiment of the present invention.
  • a communication system 100 according to the present embodiment includes a communication device 1-1 and a communication device 1-2.
  • a communication device 1-1 as a first communication device includes a control unit 10, an encoder 11, a transmitter 12, memories 13, 14, a receiver 15, and a decoder 16.
  • the communication device 1-2 which is the second communication device, has the same configuration as that of the communication device 1-1.
  • the communication device 1-1 and the communication device 1-2 can perform bidirectional communication via the transmission path 2.
  • the transmission path 2 may be a wired transmission path including an optical transmission path or a wireless transmission path.
  • the communication device 1-1 is a transmission device
  • the communication device 1-2 is a reception device.
  • the communication device 1-2 In communication from the communication device 1-2 to the communication device 1-1, the communication device 1-2 is a transmission device, and the communication device 1-1 is a reception device.
  • the communication device 1-1 and the communication device 1-2 are shown without distinction, they are referred to as the communication device 1.
  • the control unit 10 controls each unit in the communication device 1.
  • the encoder 11 performs encoding based on plaintext that is data to be transmitted and data stored in the memory 13. Further, the encoder 11 stores the plaintext used for encoding, that is, the plaintext to be transmitted, in the memory 14 which is the first memory.
  • the memory 14 stores the plain text used for encoding in the encoder 11.
  • the transmitter 12 transmits the encoded data to the opposite device via the transmission path 2.
  • the receiver 15 receives data from the opposite device and outputs it to the decoder 16.
  • the decoder 16 decrypts the data input from the receiver 15 using the data stored in the memory 14 to obtain plain text, and stores the plain text obtained by the decryption in the memory 13.
  • the memory 13 as the second memory stores the plain text obtained by the decryption.
  • the opposite device that is, the communication partner device for the communication device 1-1 is the communication device 1-2
  • the opposite device that is, the communication partner device for the communication device 1-2 is the communication device 1-1.
  • an encryption device In communication using a common common key cryptosystem, an encryption device generates a ciphertext by performing encryption using a plaintext and a secret key in a transmission apparatus. Specifically, the encryptor of the transmission apparatus using a general common key cryptosystem encrypts the plaintext D tA (t) using the secret key K A (t) and encrypts the ciphertext Y shown in the following formula (1). Generate A. Note that t indicates time, D tA (t) indicates plaintext encoded by encoding at time t, and K A (t) indicates a secret key used for encoding at time t.
  • the decryptor of the receiving apparatus using a general common key cryptosystem restores the transmitted plaintext D tA (t) by decrypting the ciphertext Y A using the secret key K A (t).
  • the decryptor of the receiving device in the opposite direction transmission decrypts the ciphertext Y B by using the secret key K B (t) to restore the transmitted plain text D tB (t).
  • K B secret key
  • D tB transmitted plain text
  • FIG. 2 is a diagram showing the concept of the encoding method of the present embodiment.
  • the encoding method according to the present embodiment will be described with reference to FIGS.
  • the communication device 1-1 shown in FIG. 1 is shown on the left side
  • the communication device 1-2 shown in FIG. 1 is shown on the right side.
  • the direction from the communication device 1-1 to the communication device 1-2 is referred to as a forward direction
  • the direction from the communication device 1-2 to the communication device 1-1 is referred to as a facing direction.
  • the encoder 11 calculates an exclusive OR of the plaintext D tA (t) and the plaintext D rB (t ⁇ t) stored in the memory 13. By doing so, the encoded sentence Y ′ A shown in Expression (3) is calculated.
  • the transmitter 12 of the communication device 1-1 transmits Y ′ A via the transmission path 2 to the communication device 1-2 that is a reception device in forward transmission.
  • the plaintext D rB (t- ⁇ t) is the plaintext D tB (t- ⁇ t) encoded by the communication device 1-2 which is the receiving device in the forward transmission at the time t- ⁇ t. Plain text obtained by being received and decrypted. ⁇ t is the time for which each memory holds data.
  • the transmission time from the communication apparatus 1-2 to the communication apparatus 1-1 obtained by adding the processing time in the communication apparatus 1-1 and the communication apparatus 1-2 times
  • T h Delta] t is the T h or more values Any value can be set.
  • a method of setting ⁇ t will be described later. Here, it is assumed that the time required for encoding is negligible, and the time when D tA (t) and D tB (t) are encoded and the time when they are transmitted are the same. That is, the plain text encoded at time t is transmitted as the encoded text at time t.
  • the receiver 15 receives Y ′ A, and the receiver 15 gives the received Y ′ A to the decoder 16.
  • the decoder 16 calculates the exclusive OR of the encoded text Y ′ A and the plain text D tB (t ⁇ t) stored in the memory 13 to obtain the transmitted plain text D tA (t). Restore.
  • the plain text D tB (t ⁇ t) is plain text encoded by the communication device 1-2 at the time t ⁇ t, and is stored in the memory 13 by the encoder 11.
  • the plaintext D rB (t- ⁇ t) is received and restored by the communication device 1-1 after the plaintext D tB (t- ⁇ t) used for encoding by the communication device 1-2 is encoded. is there. Therefore, the plaintext D rB (t- ⁇ t) and the plaintext D tB (t- ⁇ t) match. Therefore, D tA (t) is restored by exclusive OR of the encoded text Y ′ A and the plain text D tB (t ⁇ t).
  • the encoder 11 excludes the plaintext D tB (t) and the plaintext D rA (t ⁇ t) stored in the memory 13.
  • the encoded sentence Y ′ B shown in Expression (4) is calculated.
  • the transmitter 12 of the communication apparatus 1-2 through the transmission path 2 transmits the Y 'B the opposing direction communication device 1-1 is a receiving apparatus in the transmission of.
  • the receiver 15 receives Y ′ B , it inputs it to the decoder 16.
  • the decoder 16 calculates the exclusive OR of the encoded text Y ′ B and the plain text D rA (t ⁇ t) stored in the memory 14, thereby obtaining the transmitted plain text D tB (t). Restore.
  • the receiver 15 of the communication device 1-1 is a first receiver that receives Y ′ B that is the first encoded text from the communication device 1-2.
  • the encoder 11 of the communication device 1-1 which is the first encoder, transmits the first plaintext D tA (t) to be transmitted at time t, which is the first time, and the second plaintext before the first time.
  • the transmitter 12 of the communication device 1-1 that is the first transmitter transmits Y ′ A to the communication device 1-2.
  • the decoder 16 of the communication device 1-1 serving as the first decoder decodes the first encoded text Y ′ B using the first plaintext D tA (t ⁇ t) transmitted to t ⁇ t. To generate the second plaintext D rB (t).
  • the receiver 15 of the communication device 1-2 is a second receiver that receives Y ′ A that is the second encoded text from the communication device 1-1.
  • the encoder 11 of the communication device 1-2 which is the second encoder, transmits the second plaintext D tB (t) transmitted at time t and the second plaintext D tB (t) transmitted from the communication device 1-1 at time t- ⁇ t.
  • D rA (t- ⁇ t) of the encoded sentences is first plaintext obtained by decoding, to generate a first encoded sentences Y 'B by carrying out the coding using.
  • the transmitter 12 of the communication device 1-2 which is the second transmitter transmits Y ′ B to the communication device 1-1.
  • the decoder 16 of the communication device 1-2 as the second decoder decodes the second encoded text Y ′ A using the second plaintext D tB (t ⁇ t) transmitted to t ⁇ t. To generate a first plaintext D rA (t).
  • FIG. 3 is a diagram illustrating an example of data transmission by encoding according to the present embodiment.
  • FIG. 3 shows an example in which each plaintext is composed of 6 bits.
  • Six numerical values such as 110111 indicate examples of 6-bit data values.
  • 110111 is stored in the memory 13 of the communication device 1-1 as plain text DrB (t- ⁇ t) received and restored by communication in the opposite direction.
  • the encoder 11 of the communication device 1-1 exclusively uses 101100, which is plain text D tA (t), and 110111, which is D rB (t ⁇ t), in forward communication.
  • a logical sum is calculated and 011011 is obtained as the encoded sentence Y ′ A.
  • the encoded text Y ′ A is transmitted in the forward direction as shown in FIG.
  • 110111 that is a plaintext D tB (t ⁇ t) transmitted from the communication device 1-2 in the past is stored in the memory 14 of the communication device 1-2.
  • Decoder 16 of the communication device 1-2 calculates an exclusive OR of the 110111 is a code-text Y 'A 011011 plaintext D tB (t- ⁇ t) performs decoding by, obtaining 101100 as D rA (t) is a plaintext received in the forward communications. Since D rA (t) is the reconstructed D tA (t), the communication apparatus 1-2 determines 101100, which is the plaintext D tA (t) transmitted from the communication apparatus 1-1, by the above processing. Can be restored.
  • 010101 is stored in the memory 13 of the communication device 1-2 as the plain text DrA (t- ⁇ t) received and restored by communication in the opposite direction.
  • the encoder 11 of the communication device 1-2 as shown in FIG. 3 (B1), 110011 which is plaintext D tB (t) and 010101 which is plaintext D rA (t ⁇ t).
  • the exclusive OR is calculated and 100110 is obtained as the encoded sentence Y ′ B.
  • the encoded text Y ′ B is transmitted in the opposite direction as shown in FIG. 3 (B2).
  • 010101 is stored in the memory 14 of the communication device 1-1 as the plaintext D tA (t ⁇ t) transmitted from the communication device 1-1 in the past.
  • Decoder 16 of the communication apparatus 11 calculates an exclusive OR of the 010101 is a code-text Y 'B 100110 plaintext D tA (t- ⁇ t)
  • decryption is performed, and 110011 is obtained as DrB (t) which is a plaintext received in the opposite communication. Since D rB (t) is the restored D tB (t), the communication apparatus 1-1 has received 110011, which is the plaintext D tB (t) transmitted from the communication apparatus 1-2, through the above processing. Can be restored.
  • FIG. 4 is a sequence diagram illustrating an example of a procedure until the encoded transmission of the present embodiment is started.
  • the mode in which the communication apparatus 1-1 and the communication apparatus 1-2 perform the above-described encoded transmission is referred to as an encoded transmission mode.
  • the communication device 1-1 and the communication device 1-2 are not performing the above-described encoded transmission.
  • the control unit 10 of the communication device 1-1 transmits a notification ACK for starting the encoded transmission mode to the communication device 1-2 via the transmitter 12 (step S1).
  • the control unit 10 of the communication apparatus 1-2 receives the notification ACK of the start of the encoded transmission mode via the receiver 15, the control unit 10 transmits a RES, which is a response indicating that the notification is accepted, via the transmitter 12.
  • a RES which is a response indicating that the notification is accepted
  • the control unit 10 of the communication apparatus 1-1 determines whether data is transmitted between the communication apparatus 1-1 and the communication apparatus 1-2 in order to determine the time ⁇ t for holding the plaintext during transmission in the opposite direction in the memory.
  • the MEA which is a signal for measuring the time spent for one round trip
  • the time spent for one round trip of data between the communication device 1-1 and the communication device 1-2 is measured (step S3). ). That is, the communication device 1-1 stores the time when the MEA is transmitted, and stores the time when the response to the MEA is received. Then, the difference between the time when the response to the MEA is received and the time when the MEA is transmitted is calculated as the time spent for one round trip.
  • any signal may be used as long as the reception device returns a response as soon as it is received.
  • the signal for measurement may be any signal.
  • the control unit 10 of the communication device 1-1 determines the calculated time spent for one round trip as the memory retention time, and transmits the memory retention time information storing the memory retention time to the communication device 1-2. (Step S4). As a result, the memory holding time is shared between the communication device 1-1 and the communication device 1-2.
  • the control unit 10 of the communication device 1-2 transmits RES, which is a response indicating that the notification has been received, to the communication device 1-1 (step S5).
  • the control unit 10 of the communication device 1-1 and the communication device 1-2 controls the memory 13 and the memory 14 so that the data retention time in the memory 13 and the memory 14 becomes the above-described memory retention time. As a result, the oldest data stored in each memory becomes data at a time before the current time t by the memory holding time ⁇ t.
  • the memory holding time can be set to an arbitrary value equal to or longer than the time spent for one round trip.
  • control unit 10 of the communication device 1-1 transmits a data transmission start notification to the communication device 1-2 (step S6).
  • the control unit 10 of the communication device 1-2 transmits RES, which is a response indicating that the notification has been received, to the communication device 1-1 (step S7).
  • the communication device 1-1 generates a ciphertext by encoding a plaintext by using a predetermined fixed secret key or a secret key generated by higher layer processing as an initial vector. Then, the ciphertext is transmitted to the communication device 1-2 (step S8).
  • the plaintext received by the transmission in the opposite direction is not stored in the memory 13.
  • the communication apparatus 1-1 performs encoding using the above-described initial vector instead of the plain text received in the memory 13 by transmission in the opposite direction.
  • the communication device 1-1 stores the transmitted plain text in the memory 14.
  • the plaintext at the start of data transmission refers to the first frame when the plaintext is transmitted in units of frames, and in the case of stream transmission, refers to the arbitrarily set bits from the start of transmission.
  • the communication device 1-2 decrypts the encoded text received by the forward transmission using the same secret key as that used by the communication device 1-1 for encoding, and stores the decrypted text in the memory 13. Further, as described above, the communication device 1-2 encodes and transmits the plaintext to be transmitted in the opposite direction using the plaintext stored in the memory 13 (step S9).
  • the communication device 1-1 decodes the encoded text received by the transmission in the opposite direction using the plain text stored in the memory 14. Further, the communication device 1-1 encodes and transmits the plain text to be transmitted in the forward direction using the plain text stored in the memory 13 (step S10).
  • the communication device 1-2 decodes the encoded text received by the forward transmission using the plain text stored in the memory 14. Further, the communication device 1-2 encodes and transmits the plain text to be transmitted in the opposite direction using the plain text stored in the memory 13 (step S11). Thereafter, step S10 and step S11 are repeated until the end of encoded transmission.
  • a bidirectional transmission form of 1: 1 node as shown in FIG. 5 similar to FIG. 1 may be used, or both 1: N (N is an integer of 2 or more) nodes as shown in FIG. It may be in the form of bidirectional transmission.
  • the form of bidirectional transmission via a plurality of nodes as shown in FIG. 7 may be used.
  • the communication device 1-2 to the communication device 1-5 illustrated in FIG. 6 have the same configuration as the communication device 1-1.
  • the communication devices 3-1 to 3-3 shown in FIG. 7 are not particularly limited in configuration as long as the communication devices have a relay function.
  • the present embodiment uses the fact that the communication apparatuses 1-1 and 1-2 perform bidirectional communication, that is, the communication apparatuses 1-1 and 1-2 are also transmitting apparatuses and are in the reverse direction. Utilizing the fact that it is also a receiving device in transmission, the transmitted plaintext is stored in the memory 13 and encoding is performed using the plaintext obtained by restoring the received data. That is, the plaintext received in the past is used as a key for encryption, and the plaintext transmitted in the past is used as a key for decryption. As a result, the communication devices 1-1 and 1-2 can decrypt the received data using the plaintext transmitted by the communication devices 1-1 and 1-2.
  • the plaintext used for decryption by the decoder is information that can only be obtained by the communication partner, confidentiality can be ensured. Furthermore, since the processing can be realized by a circuit that performs exclusive OR with the memory, it can be realized by simple hardware.
  • FIG. FIG. 8 is a diagram illustrating a configuration example of a communication system according to the second exemplary embodiment of the present invention.
  • the communication system 100a of the present embodiment includes a communication device 1a-1 and a communication device 1a-2.
  • the communication device 1a-1 includes an encryptor 17 that is an encoder according to the present embodiment instead of the encoder 11 according to the first embodiment, and instead of the decoder 16 according to the first embodiment. Except for the provision of the decoder 18, it is the same as the communication apparatus 1-1 of the first embodiment. Components having the same functions as those in the first embodiment are denoted by the same reference numerals as those in the first embodiment, and redundant description is omitted.
  • the configuration of the communication device 1a-2 is the same as that of the communication device 1a-1.
  • the direction from the communication device 1a-1 as the first communication device to the communication device 1a-2 as the second communication device is referred to as the forward direction, and from the communication device 1a-2 to the communication device 1a-1. The direction is called the facing direction.
  • FIG. 9 is a diagram showing the concept of the encoding and encryption method of the present embodiment.
  • the encryptor 17 of the communication device 1a-1 includes the plaintext D tA (t), the plaintext D rB (t ⁇ t) stored in the memory 13 of the communication device 1a-1, and the secret key K A ( A coded sentence transmitted in the forward direction is generated by exclusive OR with t).
  • the decoder 18 of the communication device 1a-2 performs exclusive OR of the encoded text transmitted in the forward direction, the plaintext D tB (t ⁇ t) stored in the memory 14 and the secret key K A (t). By calculating, the plaintext D tA (t) transmitted from the communication device 1a-1 is restored.
  • the encryption device 17 of the communication device 1a-2 performs the plaintext D tB (t), the plaintext D rA (t ⁇ t) stored in the memory 13 of the communication device 1a-2, and the secret key K.
  • a coded sentence transmitted in the opposite direction is generated by exclusive OR with B (t).
  • the decoder 18 of the communication device 1a-1 performs an exclusive OR operation between the encoded text transmitted in the opposite direction, the plaintext D tA (t ⁇ t) stored in the memory 14, and the secret key K B (t). By calculating, the plaintext D tB (t) transmitted from the communication device 1a-2 is restored.
  • a method for generating and updating a secret key K A (t) and a secret key K B (t), which are common secret keys between the communication device 1-1 and the communication device 1-2, is a common common key encryption method.
  • the memory holding time described in Embodiment 1 may be used as a secret key.
  • the memory holding time is shared between the communication device 1-1 and the communication device 1-2. For this reason, the memory retention time can be used as the above-described common secret key.
  • FIG. 10 is a diagram for performing an encryption and encoding procedure in the first method.
  • the first method shown in FIG. 10 is a scheme in which the transmitting device encodes the plaintext to be transmitted using the plaintext received from the opposite device after encrypting with the secret key.
  • the encryptor 17 of the communication device 1a-1 transmits plaintext D tA (t) transmitted in the forward direction with 001010 which is the secret key K A (t). Is encrypted by an exclusive logical operation to generate a ciphertext 100110. Thereafter, as shown in FIG. 10 (A12), the encryptor 17 of the communication device 1a-1 performs an exclusive OR operation between the ciphertext 100110 and the plaintext DrB (t ⁇ t) 110111 received in the communication in the opposite direction. Is obtained as an encoded sentence. This encoded text is transmitted in the forward direction as shown in FIG. 10 (A13).
  • the decoder 18 of the communication device 1a-2 exclusively receives the received encoded text 010001 and the plain text D tB (t ⁇ t) 110111 transmitted in the opposite direction. Decrypt by logical operation. Thereafter, as shown in (A15) of FIG. 10, a decoder 18 of the communication device 1a-2 is decoded by an exclusive logical operation between the result of decryption 100110 and a secret key K A (t) 001010 To obtain plain text D rA (t) 101100 received in the forward direction. D rA (t) is the same as D tA (t) transmitted in the forward direction.
  • the encryptor 17 of the communication device 1a-2 is plaintext D tB to transmit at 010101 and opposing direction is the private key K B (t) (
  • the ciphertext 100110 is generated by encrypting 110011 that is t) by an exclusive logical operation.
  • the exclusive logical sum of the encryptor 17 of the communication device 1a-2 is a plaintext D rA received by the communication ciphertext 100110 and forward (t- ⁇ t) 100011 000101 is generated as an encoded sentence.
  • This encoded text is transmitted in the opposite direction as shown in FIG. 10 (B13).
  • the decoder 18 of the communication device 1a-1 exclusively uses the received encoded text 00101 and the plaintext D tA (t ⁇ t) 1000011 transmitted in the forward direction. Decrypt by logical operation. Thereafter, as shown in (B15) of FIG. 10, the decryptor 18 of the communication device 1a-2 decrypts the result of the decryption by the exclusive logical operation of 100110 as the decrypted result and 010101 as the secret key K B (t). And plaintext D rB (t) 110011 received in the opposite direction is obtained. D rB (t) is the same as D tB (t) transmitted in the forward direction.
  • FIG. 11 is a diagram for performing encryption and encoding procedures in the second method.
  • the second method shown in FIG. 11 is a method in which the transmitting device performs an exclusive logical operation on a secret key and a plaintext received in the past used as a kind of key in advance and then performs an exclusive logical operation on the plaintext.
  • encryptor 17 of the communication device 1a-1 in the transmission of the forward, encryptor 17 of the communication device 1a-1 is a received in the opposing direction of the communication plaintext D rB (t- ⁇ t) An exclusive logical operation of a certain 110111 and a secret key K A (t) 001010 is performed to generate 111101 as an encryption key.
  • the encryptor 17 of the communication device 1a-1 performs exclusive logic on the encryption key 111101 and the plaintext D tA (t) 101100 transmitted in the forward direction.
  • An encoded sentence 010001 is generated by encoding by calculation. This encoded text is transmitted in the forward direction as shown in FIG. 11 (A23).
  • the decryptor 18 of the communication device 1a-2 has 110111 as the plaintext D tB (t ⁇ t) transmitted in the opposite direction and 000010 as the secret key K A (t). And 111101 is generated as an encryption key.
  • the decryptor 18 of the communication device 1a-2 decrypts the encryption key 111101 and the received encoded text 010001 by an exclusive logical operation, and sequentially The plaintext D rA (t) 101100 received in the direction is obtained.
  • D rA (t) is the same as Dt A (t) transmitted in the forward direction.
  • the encoding method described in the first embodiment and the common key cryptosystem are used in combination. Thereby, it is possible to improve confidentiality as compared with the first embodiment.
  • Embodiment 3 The coding schemes of the first and second embodiments can be considered as a stream type scheme, but in this embodiment, a scheme for further improving the cryptographic strength by using together with the block type cryptographic scheme. Will be explained.
  • a rule such as assigning each bit information in the bit block included in the received symbol to which bit information in the transmission bit block is assigned to the reference table.
  • the confidentiality of the data in a transmission line can be improved by sharing the information of a reference table between a transmitter and a receiver. Further, when the bit block size is increased, the possible combinations of received data assigned to transmission data are increased and the key space is expanded, so that the confidentiality of data is improved.
  • a method for increasing the bit block size there is a form using a modulation technique or a signal processing technique.
  • a method for increasing the bit block size using a modulation technique there is a multi-valued method using a phase amplitude modulation method. That is, there is a method of transmitting the encoded text after performing multi-value amplitude phase modulation.
  • a technique for increasing the bit block size using a signal processing technique there is a method of sub-channeling using a plurality of carriers, that is, a method of transmitting a coded sentence using a plurality of frequencies.
  • FIG. 12 is a diagram showing the relationship between the signal points of the quaternary phase modulation signal on the IQ plane and the bit values assigned to the signal points.
  • FIG. 13 is a diagram showing the relationship between the signal points of the 16-level phase amplitude modulation signal on the IQ plane and the bit values assigned to the signal points.
  • b i, j in the bit numbers b i, j , j is fixed and the description is omitted and shown as b i .
  • i is 1, 2,.
  • FIG. 14 is a diagram illustrating the relationship between the signal points of the quaternary phase modulation signal and the bit values assigned to the signal points.
  • FIG. 15 is a diagram illustrating a relationship between signal points of the polarization multiplexed 16-level phase amplitude modulation signal and bit values assigned to the signal points.
  • i 1, 2,...
  • the bit number i is determined so that the bit number increases from the most significant bit to the lower bit of the polarization.
  • FIG. 16 is a diagram showing a concept of a block encryption method using both the encoding method described in the first embodiment and the multi-level phase amplitude modulation method.
  • FIG. 16 shows an example in which the encoding method and the 16-level phase amplitude modulation method are used in combination.
  • the transmitting apparatus converts 0111, which is plaintext DrB (t ⁇ t) received in transmission in the opposite direction, into a bit string according to a reference table held in advance. Bit string conversion based on rules. In the example shown in FIG. 16, a rule for converting the first and third upper bits is used.
  • the transmitting device code statements coded by an exclusive logical operation 1011 and a plaintext D tA sent in 1101 and forward is a data bit string conversion (t) 0110 is generated as follows.
  • the encoded text 0110 is modulated by the 16-value phase amplitude modulation method and transmitted in the forward direction.
  • the receiving apparatus in the forward transmission receives the modulated signal, demodulates the analog signal, and calculates 0110 which is an encoded sentence. Then, as shown in (A34) of FIG. 16, the receiving apparatus decodes the encoded text 0110 and the plain text D tB (t ⁇ t) 1101 transmitted in the opposite direction by performing an exclusive logical operation. , 1011 which is the plaintext D rA (t) received in the forward transmission is obtained. As shown in (A35) of FIG. 16, the receiving device converts 1011 as plain text DrA (t) into 1011 according to the bit string conversion rule of the same reference table as the reference table used by the transmitting device and stores it in the memory. Store.
  • the plaintext D rA (t) stored here is subjected to an exclusive logical operation with the plaintext that is bit-string converted and transmitted in the opposite transmission when encoding in the opposite direction transmission is performed later. That is, the plaintext D rA (t) is used in the FIG. 16 (B31). In the transmission in the opposite direction, (B31) to (B36) are performed as in the forward transmission.
  • FIG. 17 is a diagram showing a frequency arrangement of a signal composed of n subchannels. In order from the subchannel on the low frequency side, j is set to 1, 2,.
  • FIG. 18 is a diagram showing the concept of a block encryption method using both the encoding method described in the first embodiment and the multichannel multilevel phase amplitude modulation method.
  • the multi-channel multi-level phase amplitude modulation method is a method in which subchannelization and multi-level phase amplitude modulation method are combined. In the example shown in FIG. 18, a case where a 2-subchannel 16-value phase amplitude modulation method is applied is shown.
  • the transmission device converts 01111001, which is plaintext DrB (t ⁇ t) received in transmission in the opposite direction, into a bit string by a reference table that is held in advance. Bit string conversion based on rules. In the example shown in FIG. 18, it is assumed that a rule for converting the first upper bit of the first subchannel and the first lower bit of the second subchannel is used.
  • the transmission apparatus encodes 11111000 which is data after bit string conversion and 10110110 which is plaintext D tA (t) transmitted in the forward direction by an exclusive logical operation. 01101110 is generated as As shown in (A43) of FIG. 18, the encoded text 01101110 is modulated by the 2-subchannel 16-value phase amplitude modulation method and transmitted in the forward direction.
  • the receiving device in the forward transmission receives the modulated signal, demodulates the analog signal, and calculates 11111000 which is an encoded sentence. Then, as shown in (A44) of FIG. 18, the receiving apparatus decodes the encoded text 11111000 and the plaintext D tB (t ⁇ t) 11111000 transmitted in the opposite direction by performing an exclusive logical operation. , 10110110, which is the plaintext D rA (t) received in the forward transmission.
  • (m, n) is (2, 5), and the bit block size is 10 bits.
  • (m, n) is (4, 5), and the bit block size is 20 bits.
  • FIG. 19 is a diagram showing the amount of calculation that an eavesdropper needs to decrypt for the bit block size.
  • the horizontal axis indicates the bit block size
  • the vertical axis indicates the calculation time.
  • the calculation time for the bit block size in AES is shown as a characteristic 501
  • the calculation time for the bit block size of the present embodiment is shown as a characteristic 502.
  • the bit block size may be 60 bits.
  • FIG. 20 is a diagram illustrating a configuration example of the communication apparatus 200 when the stream data pad method is applied to a multi-level phase amplitude modulation signal using multi-channel.
  • the communication device 200 includes a transmission device 5, a reception device 6, and a data processing unit 70.
  • the data processing unit 70 includes a first memory 71, a second memory 72, a reference table processing unit 73, and a hard decision unit 74.
  • the 1: nDeMUX (demultiplexer) 51 of the transmission device 5 branches n bits of serial data to be transmitted into n bits for each bit, and branches to 1: mDeMUX (demultiplexer) 52-1 to 52-n. Output each data.
  • the mDeMUXs 52-1 to 52-n branch the input data every m bits.
  • Data output from the mDeMUXs 52-1 to 52-n is stored in the first memory 71. Further, the data stored in the second memory 72 is bit string converted by the reference table processing unit 73.
  • Data output from mDeMUXs 52-1 to 52-n are encoded by performing an exclusive logical operation on the result of bit string conversion, and input to signal point map units 53-1 to 53-n. .
  • Signal point map units 53-1 to 53-n assign signal points to the input data, and output the data after assigning the signal points to digital filters 54-1 to 54-n, respectively.
  • the digital filters 54-1 to 54-n shape the frequency shape of the input data and output it to the n: 1 MUX (multiplexer) 56.
  • the n: 1 MUX 56 multiplexes the input data and outputs the multiplexed data to a DAC (Digital to Analog Converter) 57.
  • the DAC 57 converts the input data into an analog signal and outputs it to the driver 58.
  • the driver 58 amplifies the input analog signal and outputs it to the modulator 59.
  • the modulator 59 modulates the input signal and outputs it as a transmission signal.
  • the receiver 61 receives the transmitted signal and outputs it to an ADC (Analog to Digital Converter) 62.
  • the ADC converts the input signal into a digital signal and outputs it to the 1: nDeMUX 63.
  • 1: nDeMUX 63 branches the signal into n and outputs the branched signals to digital filters 64-1 to 64-n, respectively.
  • Each of the digital filters 64-1 to 64-n corresponds to one subchannel, and performs filtering so as to transmit the signal of the corresponding subchannel and outputs the filtered signals to the equalizers 65-1 to 65-n.
  • the equalizers 65-1 to 65-n perform processing for compensating for the influence of the transmission path on the data received from the digital filters 64-1 to 64-n, and the processed data is processed by the data processing unit 70. Output to.
  • the hard decision unit 74 of the data processing unit 70 makes a hard decision on the input signal, restores the original bit value, and outputs it to the reference table processing unit 73.
  • the reference table processing unit 73 performs bit string conversion using the reference table, and stores the converted value in the second memory 72.
  • the data output from the equalizers 65-1 to 65-n is subjected to an exclusive logical operation with data obtained by rearranging the data stored in the second memory 72 by the reference table processing unit 73.
  • the result of this exclusive logical operation is received by m: 1 MUX 66-1 to 66-n.
  • m: 1 MUX 66-1 to 66-n combine the received data and output as received data.
  • each other than the receiver, transmitter, and memory is realized by a processing circuit.
  • the processing circuit may be an analog circuit or a digital circuit.
  • the processing circuit may be dedicated hardware or a control circuit including a processor.
  • the encoder, the encryptor, and the decoder that perform the encoding according to the present invention can be realized by an exclusive OR circuit.
  • the control circuit has, for example, the configuration shown in FIG.
  • FIG. 21 is a diagram illustrating a configuration example of the control circuit.
  • the control circuit 300 includes a processor 301 and a memory 302.
  • the processor 301 is a CPU (Central Processing Unit), a microprocessor, or the like.
  • each unit realized in the control circuit executes a program stored in the memory 302 by the processor 301 Is realized.
  • the memory 302 is also used as a storage area when a program is executed by the processor 301.
  • the configuration described in the above embodiment shows an example of the contents of the present invention, and can be combined with another known technique, and can be combined with other configurations without departing from the gist of the present invention. It is also possible to omit or change the part.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A communication device (1-1) according to the present invention is provided with: a receiver (15) which receives first coded text from a communication device (1-2) serving as a communication partner; a coder (11) which generates second coded text by performing coding using first plaintext to be transmitted at a first time, and second plaintext that is plaintext obtained by decoding the first coded text transmitted from the communication device (1-2) at a second time earlier than the first time; a transmitter (12) which transmits the second coded text to the communication device (1-2); and a decoder (16) which generates the second plaintext by decoding the first coded text using the first plaintext transmitted at the second time.

Description

通信装置、通信システムおよび通信方法COMMUNICATION DEVICE, COMMUNICATION SYSTEM, AND COMMUNICATION METHOD

 本発明は、情報漏えいおよび改ざんを抑制して双方向通信を行う通信装置、通信システムおよび通信方法に関する。 The present invention relates to a communication device, a communication system, and a communication method that perform bidirectional communication while suppressing information leakage and tampering.

 通信分野において、情報漏えいおよび改ざんを防ぐために情報セキュリティの強化が求められている。情報セキュリティとは、機密性と完全性と可用性との3つを確保することである。OSI(Open Systems Interconnection)参照モデルでは、情報の機密性を強化する機能は主として第4層のトランスポート層が担う。今後、機密性を向上させるために、複数の層で暗号化が行われるクロスレイヤ処理が求められる。特に物理層では、機密性が重要視されており、伝送路上における盗聴者からの攻撃を防ぐためデータの秘匿性を向上させることが課題である。以降、伝送される元データすなわち暗号化または符号化が行われていないデータを平文と呼ぶ。 In the communications field, information security needs to be strengthened to prevent information leakage and tampering. Information security is to ensure confidentiality, integrity, and availability. In the OSI (Open Systems Interconnection) reference model, the function of enhancing the confidentiality of information is mainly handled by the transport layer of the fourth layer. In the future, in order to improve confidentiality, cross-layer processing in which encryption is performed in a plurality of layers is required. Especially in the physical layer, confidentiality is regarded as important, and it is a problem to improve the confidentiality of data in order to prevent an attack from an eavesdropper on the transmission path. Hereinafter, the original data to be transmitted, that is, data that has not been encrypted or encoded is referred to as plain text.

 伝送路における秘匿性を向上させる手法として共通鍵暗号方式に用いられるAES(Advanced Encryption Standard)とよばれる暗号化アルゴリズムが広く用いられる。しかし、AESは通信の形態の中でも一方向伝送を対象とした暗号化アルゴリズムであるため、双方向伝送時は、順方向と順方向の逆の方向である対向方向とのそれぞれにおいて、平文に対してAESを適用しなければならない。AES以外の暗号化アルゴリズムにおいても、AESと同様に一方向伝送を対象としており、双方向伝送時は、順方向と対向方向のそれぞれにおいて共通暗号化方式が適用される。 An encryption algorithm called AES (Advanced Encryption Standard) used in a common key cryptosystem is widely used as a technique for improving the secrecy of a transmission path. However, since AES is an encryption algorithm for unidirectional transmission among communication modes, during bidirectional transmission, the plain text is transmitted in both the forward direction and the opposite direction, which is the reverse direction of the forward direction. AES must be applied. Encryption algorithms other than AES are also intended for unidirectional transmission as in AES, and during bidirectional transmission, a common encryption scheme is applied in each of the forward and opposite directions.

 共通鍵暗号方式では、秘匿性を確保するために、送信器と受信器との間で秘密鍵は更新されながら用いられるため、双方向伝送時における秘密鍵の管理は複雑である。 In the common key cryptosystem, since the secret key is used while being updated between the transmitter and the receiver in order to ensure confidentiality, the management of the secret key at the time of bidirectional transmission is complicated.

 共通鍵暗号方式において問題となる秘密鍵の管理の複雑さを解決する手法として、特許文献1には、送信側で、平文から生成した署名と送信者側の秘密鍵とから暗号文を生成し、受信側で署名を受信者側の秘密鍵を用いて復号化することで元の平文が復元できる手法が提案されている。 As a technique for solving the complexity of secret key management, which is a problem in the common key cryptosystem, Patent Document 1 discloses that a ciphertext is generated from a signature generated from plaintext and a sender-side secret key on the transmission side. A method has been proposed in which the original plaintext can be restored by decrypting the signature on the receiver side using the private key on the receiver side.

特開平10-083138号公報Japanese Patent Application Laid-Open No. 10-083138

 特許文献1に記載の技術を用いると、秘密鍵の管理は簡素化される。しかしながら、特許文献1に記載の技術は、一方向伝送を対象とした技術であり、双方向伝送時は、順方向と対向方向とのそれぞれにおいて暗号化が必要となる。共通鍵暗号方式は、ブロック暗号方式とストリーム暗号方式との2種類に大別できる。ブロック暗号方式は、秘密鍵の長さが平文長より短く暗号解読に要する計算量によって秘匿性を保証する方式である。ストリーム暗号方式は、秘密鍵の長さが平文長と同等または平文長と同等以上でありワンタイムパッドにより完全秘匿が保証される方式である。ストリーム暗号方式は、完全秘匿が保証される暗号強度の高い方式であるが、一般に、ハードウエア回路規模がブロック暗号方式に比べて大きくなる。 Using the technique described in Patent Document 1, management of the secret key is simplified. However, the technique described in Patent Document 1 is a technique for unidirectional transmission, and encryption is necessary in each of the forward direction and the opposite direction during bidirectional transmission. Common key cryptosystems can be broadly classified into two types: block cryptosystems and stream cryptosystems. The block cipher system is a system that guarantees secrecy by the amount of calculation required for decryption because the length of the secret key is shorter than the plaintext length. The stream encryption method is a method in which the length of the secret key is equal to or longer than the plaintext length, and complete secrecy is guaranteed by a one-time pad. The stream encryption method is a method with high encryption strength that guarantees complete secrecy, but generally the hardware circuit scale is larger than that of the block encryption method.

 近年、秘匿性の高さとハードウエア回路規模の削減との両方が求められている。このため、秘匿性を確保した上でハードウエア回路規模を削減することが求められる。 In recent years, both high confidentiality and reduction in hardware circuit scale have been demanded. For this reason, it is required to reduce the hardware circuit scale while ensuring confidentiality.

 本発明は、上記に鑑みてなされたものであって、双方向伝送において双方向の伝送路の秘匿性を確保した上でハードウエア回路規模の増大を抑制することができる通信装置を得ることを目的とする。 This invention is made in view of the above, Comprising: Obtaining the communication apparatus which can suppress the increase in a hardware circuit scale after ensuring the secrecy of a bidirectional transmission path in bidirectional | two-way transmission. Objective.

 上述した課題を解決し、目的を達成するために、本発明にかかる通信装置は、通信相手の通信装置から第1の符号化文を受信する受信器と、第1の時刻に送信する第1の平文と、第1の時刻より前の第2の時刻に前記通信相手の通信装置から送信された第1の符号化文が復号されて得られた第2の平文と、を用いた符号化を実施して第2の符号化文を生成する符号器を備える。また、通信装置は、第2の符号化文を通信相手の通信装置へ送信する送信器と、第1の符号化文を第2の時刻に送信した第1の平文を用いて復号して第2の平文を生成する復号器とを備える。 In order to solve the above-described problems and achieve the object, a communication device according to the present invention includes a receiver that receives a first encoded text from a communication device of a communication partner, and a first that is transmitted at a first time. And a second plaintext obtained by decoding the first encoded text transmitted from the communication device of the communication partner at a second time before the first time. And an encoder for generating a second encoded sentence. In addition, the communication device decodes the first encoded text using the transmitter that transmits the second encoded text to the communication device of the communication partner and the first plaintext that is transmitted at the second time. And a decoder for generating two plaintexts.

 本発明にかかる通信装置は、双方向伝送において双方向の伝送路の秘匿性を確保した上でハードウエア回路規模の増大を抑制することができるという効果を奏する。 The communication apparatus according to the present invention has an effect that it is possible to suppress an increase in the hardware circuit scale while ensuring the secrecy of the bidirectional transmission path in bidirectional transmission.

実施の形態1にかかる通信システムの構成例を示す図The figure which shows the structural example of the communication system concerning Embodiment 1. FIG. 実施の形態1の符号化方法の概念を示す図The figure which shows the concept of the encoding method of Embodiment 1. FIG. 実施の形態1の符号化によりデータ伝送の一例を示す図The figure which shows an example of data transmission by the encoding of Embodiment 1 実施の形態1の符号化伝送を開始するまでの手順の一例を示すシーケンス図FIG. 11 is a sequence diagram illustrating an example of a procedure until the encoded transmission according to the first embodiment is started. 実施の形態1の1:1ノードの双方向伝送の形態を示す図The figure which shows the form of the bidirectional | two-way transmission of 1: 1 node of Embodiment 1. 実施の形態1の1:N(Nは2以上の整数)ノードの双方向伝送の形態を示す図The figure which shows the form of bidirectional | two-way transmission of 1: N (N is an integer greater than or equal to 2) of Embodiment 1 実施の形態1の複数ノードを経由する双方向伝送の形態を示す図The figure which shows the form of the bidirectional | two-way transmission which passes through several nodes of Embodiment 1. 実施の形態2にかかる通信システムの構成例を示す図The figure which shows the structural example of the communication system concerning Embodiment 2. FIG. 実施の形態2の符号化および暗号化方法の概念を示す図The figure which shows the concept of the encoding and encryption method of Embodiment 2. 実施の形態2の第1の方法における暗号化および符号化手順を説明するための図The figure for demonstrating the encryption in the 1st method of Embodiment 2, and an encoding procedure. 実施の形態2の第2の方法における暗号化および符号化手順を説明するための図The figure for demonstrating the encryption in the 2nd method of Embodiment 2, and an encoding procedure. 実施の形態3の4値位相変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図The figure which shows the relationship between the signal point of the quaternary phase modulation signal of Embodiment 3, and the bit value allocated to each signal point 実施の形態3の16値位相振幅変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図The figure which shows the relationship between the signal point of the 16 value phase amplitude modulation signal of Embodiment 3, and the bit value allocated to each signal point 実施の形態3の4値位相変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図The figure which shows the relationship between the signal point of the quaternary phase modulation signal of Embodiment 3, and the bit value allocated to each signal point 実施の形態3の偏波多重16値位相振幅変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図The figure which shows the relationship between the signal point of the polarization multiplexing 16 value phase amplitude modulation signal of Embodiment 3, and the bit value allocated to each signal point 実施の形態3において、実施の形態1で述べた符号化方法と多値位相振幅変調方式とを併用してブロック暗号化する方法の概念を示す図FIG. 4 is a diagram showing a concept of a block encryption method in Embodiment 3 using both the encoding method described in Embodiment 1 and a multi-level phase amplitude modulation method. 実施の形態3のn個のサブチャネルから構成される信号の周波数配置を示す図The figure which shows the frequency arrangement | positioning of the signal comprised from n subchannels of Embodiment 3. 実施の形態3において、実施の形態1で述べた符号化方法とマルチチャネル多値位相振幅変調方式とを併用してブロック暗号化する方式の概念を示す図FIG. 11 is a diagram illustrating a concept of a block encryption method according to the third embodiment using both the encoding method described in the first embodiment and the multi-channel multilevel phase amplitude modulation method. 実施の形態3のビットブロックサイズに対して盗聴者が暗号解読に必要となる計算量を示す図The figure which shows the calculation amount which an eavesdropper needs for a cryptanalysis with respect to the bit block size of Embodiment 3 実施の形態3のマルチチャネルを用いた多値位相振幅変調信号にストリームデータパッド方式を適用した場合の通信装置の構成例を示す図FIG. 10 is a diagram illustrating a configuration example of a communication device when a stream data pad method is applied to a multi-level phase amplitude modulation signal using multi-channel according to the third embodiment. 実施の形態1から実施の形態3の制御回路の構成例を示す図The figure which shows the structural example of the control circuit of Embodiment 1 to Embodiment 3.

 以下に、本発明の実施の形態にかかる通信装置、通信システムおよび通信方法を図面に基づいて詳細に説明する。なお、この実施の形態によりこの発明が限定されるものではない。 Hereinafter, a communication device, a communication system, and a communication method according to an embodiment of the present invention will be described in detail based on the drawings. Note that the present invention is not limited to the embodiments.

実施の形態1.
 図1は、本発明の実施の形態1にかかる通信システムの構成例を示す図である。図1に示すように、本実施の形態の通信システム100は、通信装置1-1および通信装置1-2を備える。 Embodiment 1 FIG.
FIG. 1 is a diagram of a configuration example of a communication system according to the first embodiment of the present invention. As shown in FIG. 1, a communication system 100 according to the present embodiment includes a communication device 1-1 and a communication device 1-2.

 図1に示すように第1の通信装置である通信装置1-1は、制御部10、符号器11、送信器12、メモリ13,14、受信器15および復号器16を備える。第2の通信装置である通信装置1-2は、通信装置1-1の構成と同様である。通信装置1-1と通信装置1-2とは、伝送路2を介して、双方向通信を行うことができる。伝送路2は、光伝送路をはじめとした有線伝送路であってもよいし、無線伝送路であってもよい。通信装置1-1から通信装置1-2へ向かう通信においては、通信装置1-1が送信装置であり、通信装置1-2が受信装置である。通信装置1-2から通信装置1-1へ向かう通信においては、通信装置1-2が送信装置であり、通信装置1-1が受信装置である。以下、通信装置1-1および通信装置1-2を区別せずに示す場合は、通信装置1と称す。 As shown in FIG. 1, a communication device 1-1 as a first communication device includes a control unit 10, an encoder 11, a transmitter 12, memories 13, 14, a receiver 15, and a decoder 16. The communication device 1-2, which is the second communication device, has the same configuration as that of the communication device 1-1. The communication device 1-1 and the communication device 1-2 can perform bidirectional communication via the transmission path 2. The transmission path 2 may be a wired transmission path including an optical transmission path or a wireless transmission path. In communication from the communication device 1-1 to the communication device 1-2, the communication device 1-1 is a transmission device, and the communication device 1-2 is a reception device. In communication from the communication device 1-2 to the communication device 1-1, the communication device 1-2 is a transmission device, and the communication device 1-1 is a reception device. Hereinafter, when the communication device 1-1 and the communication device 1-2 are shown without distinction, they are referred to as the communication device 1.

 制御部10は、通信装置1内の各部を制御する。符号器11は、送信するデータである平文とメモリ13に格納されたデータとに基づいて符号化を行う。また、符号器11は、符号化に用いた平文すなわち送信する平文を第1のメモリであるメモリ14へ格納する。メモリ14は、符号器11において符号化に用いられた平文を記憶する。送信器12は、符号化されたデータを、伝送路2を介して対向装置に送信する。受信器15は、対向装置からデータを受信し復号器16へ出力する。復号器16は、受信器15から入力されたデータをメモリ14に格納されたデータを用いて復号化して平文を得て、復号化により得られた平文をメモリ13へ格納する。第2のメモリであるメモリ13は、復号化により得られた平文を記憶する。図1の構成例では、通信装置1-1にとって対向装置すなわち通信相手の装置は通信装置1-2であり、通信装置1-2にとって対向装置すなわち通信相手の装置は通信装置1-1である。 The control unit 10 controls each unit in the communication device 1. The encoder 11 performs encoding based on plaintext that is data to be transmitted and data stored in the memory 13. Further, the encoder 11 stores the plaintext used for encoding, that is, the plaintext to be transmitted, in the memory 14 which is the first memory. The memory 14 stores the plain text used for encoding in the encoder 11. The transmitter 12 transmits the encoded data to the opposite device via the transmission path 2. The receiver 15 receives data from the opposite device and outputs it to the decoder 16. The decoder 16 decrypts the data input from the receiver 15 using the data stored in the memory 14 to obtain plain text, and stores the plain text obtained by the decryption in the memory 13. The memory 13 as the second memory stores the plain text obtained by the decryption. In the configuration example of FIG. 1, the opposite device, that is, the communication partner device for the communication device 1-1 is the communication device 1-2, and the opposite device, that is, the communication partner device for the communication device 1-2 is the communication device 1-1. .

 次に、本実施の形態の符号化について説明する前に、一般的な共通鍵暗号方式について説明する。一般的な共通鍵暗号方式を用いた通信では、送信装置では暗号器が平文と秘密鍵とを用いて暗号化を行って暗号文を生成する。詳細には、一般的な共通鍵暗号方式を用いる送信装置の暗号器は、秘密鍵KA(t)を用いて平文DtA(t)を暗号化し以下の式(1)に示す暗号文YAを生成する。なお、tは時刻を示し、DtA(t)は、時刻tにおける符号化で符号化された平文を示し、KA(t)は時刻tにおける符号化で用いられた秘密鍵を示す。 Next, a general common key cryptosystem will be described before describing the encoding of the present embodiment. In communication using a common common key cryptosystem, an encryption device generates a ciphertext by performing encryption using a plaintext and a secret key in a transmission apparatus. Specifically, the encryptor of the transmission apparatus using a general common key cryptosystem encrypts the plaintext D tA (t) using the secret key K A (t) and encrypts the ciphertext Y shown in the following formula (1). Generate A. Note that t indicates time, D tA (t) indicates plaintext encoded by encoding at time t, and K A (t) indicates a secret key used for encoding at time t.

Figure JPOXMLDOC01-appb-M000001
Figure JPOXMLDOC01-appb-M000001

 一般的な共通鍵暗号方式を用いる受信装置の復号器は、暗号文YAを秘密鍵KA(t)を用いて復号化することにより、送信された平文DtA(t)を復元する。 The decryptor of the receiving apparatus using a general common key cryptosystem restores the transmitted plaintext D tA (t) by decrypting the ciphertext Y A using the secret key K A (t).

 一般的な共通鍵暗号方式を用いて双方向通信を行う場合には、順方向および対向方向において、それぞれ上述したような暗号化および復号化が実施される。すなわち上述した処理が順方向で行われる処理であるとすると、対向方向伝送においては、送信装置の暗号器は、秘密鍵KB(t)を用いて平文DtB(t)を暗号化し、以下の式(2)に示す暗号文YBを生成する。 When bidirectional communication is performed using a general common key cryptosystem, encryption and decryption as described above are performed in the forward direction and the opposite direction, respectively. That is, assuming that the above-described processing is processing performed in the forward direction, in the opposite direction transmission, the encryptor of the transmission device encrypts the plaintext D tB (t) using the secret key K B (t), and The ciphertext Y B shown in equation (2) is generated.

Figure JPOXMLDOC01-appb-M000002
Figure JPOXMLDOC01-appb-M000002

 対向方向伝送における受信装置の復号器は、暗号文YBを秘密鍵KB(t)を用いて復号化することにより、送信された平文DtB(t)を復元する。以上のように、一般的な共通鍵暗号方式を用いる場合、秘密鍵を用いる必要がある。秘匿性を確保するために、送信装置と受信装置との間で秘密鍵は更新されながら用いられるため、一般的な共通鍵暗号方式では双方向伝送時における秘密鍵の管理は複雑である。 The decryptor of the receiving device in the opposite direction transmission decrypts the ciphertext Y B by using the secret key K B (t) to restore the transmitted plain text D tB (t). As described above, when a general common key cryptosystem is used, it is necessary to use a secret key. In order to ensure confidentiality, the secret key is used while being updated between the transmitting device and the receiving device, so that the management of the secret key at the time of bidirectional transmission is complicated in a general common key cryptosystem.

 これに対し、本実施の形態の通信システムは、双方向通信の特性を利用した符号化を行うことにより、秘密鍵の管理を不要とし、かつ秘匿性を確保した上でハードウエア回路規模の増大を抑制する。図2は、本実施の形態の符号化方法の概念を示す図である。図1および図2を用いて、本実施の形態の符号化方法について説明する。図2では、図1に示した通信装置1-1を左側に記載し、図1に示した通信装置1-2を右側に記載している。以下では、通信装置1-1から通信装置1-2へ向かう方向を順方向と呼び、通信装置1-2から通信装置1-1へ向かう方向を対向方向と呼ぶ。 On the other hand, the communication system according to the present embodiment does not require management of a secret key by performing encoding using the characteristics of bidirectional communication, and increases the hardware circuit scale while ensuring secrecy. Suppress. FIG. 2 is a diagram showing the concept of the encoding method of the present embodiment. The encoding method according to the present embodiment will be described with reference to FIGS. In FIG. 2, the communication device 1-1 shown in FIG. 1 is shown on the left side, and the communication device 1-2 shown in FIG. 1 is shown on the right side. Hereinafter, the direction from the communication device 1-1 to the communication device 1-2 is referred to as a forward direction, and the direction from the communication device 1-2 to the communication device 1-1 is referred to as a facing direction.

 順方向の伝送における送信装置である通信装置1-1では、符号器11が、平文DtA(t)とメモリ13に格納された平文DrB(t-Δt)との排他的論理和を算出することにより、式(3)に示した符号化文Y’Aを算出する。通信装置1-1の送信器12は、伝送路2を介してY’Aを順方向の伝送における受信装置である通信装置1-2へ送信する。平文DrB(t-Δt)は、時刻t-Δtにおいて、順方向の伝送における受信装置である通信装置1-2で符号化された平文DtB(t-Δt)が通信装置1-1で受信されて復号化されることにより得られる平文である。Δtは、各メモリがデータを保持する時間である。通信装置1-2から通信装置1-1までの伝送時間に、通信装置1-1および通信装置1-2における処理時間を加算した時間をThとすると、Δtは、Th以上の値の任意の値を設定可能である。Δtの設定方法は後述する。なお、ここでは、符号化に要する時間は無視できるとし、DtA(t)およびDtB(t)が符号化された時刻と送信された時刻は同一であるとする。すなわち、時刻tに符号化された平文は、符号化文として時刻tに送信されるとしている。 In the communication device 1-1 that is a transmission device in forward transmission, the encoder 11 calculates an exclusive OR of the plaintext D tA (t) and the plaintext D rB (t−Δt) stored in the memory 13. By doing so, the encoded sentence Y ′ A shown in Expression (3) is calculated. The transmitter 12 of the communication device 1-1 transmits Y ′ A via the transmission path 2 to the communication device 1-2 that is a reception device in forward transmission. The plaintext D rB (t-Δt) is the plaintext D tB (t-Δt) encoded by the communication device 1-2 which is the receiving device in the forward transmission at the time t-Δt. Plain text obtained by being received and decrypted. Δt is the time for which each memory holds data. The transmission time from the communication apparatus 1-2 to the communication apparatus 1-1, obtained by adding the processing time in the communication apparatus 1-1 and the communication apparatus 1-2 times When T h, Delta] t is the T h or more values Any value can be set. A method of setting Δt will be described later. Here, it is assumed that the time required for encoding is negligible, and the time when D tA (t) and D tB (t) are encoded and the time when they are transmitted are the same. That is, the plain text encoded at time t is transmitted as the encoded text at time t.

Figure JPOXMLDOC01-appb-M000003
Figure JPOXMLDOC01-appb-M000003

 順方向の伝送における受信装置である通信装置1-2では、受信器15がY’Aを受信する、受信器15は受信したY’Aを復号器16へ与える。復号器16は、符号化文Y’Aとメモリ13に格納された平文DtB(t-Δt)との排他的論理和を算出することにより、送信された平文であるDtA(t)を復元する。平文DtB(t-Δt)は、通信装置1-2が、時刻t-Δtにおいて符号化した平文であり、符号器11によりメモリ13に格納されたものである。平文DrB(t-Δt)は、通信装置1-2で符号化に用いられた平文DtB(t-Δt)が符号化された後に通信装置1-1で受信されて復元されたものである。したがって、平文DrB(t-Δt)と平文DtB(t-Δt)とは一致する。このため、符号化文Y’Aと平文DtB(t-Δt)との排他的論理和によりDtA(t)が復元される。 In the communication device 1-2 which is a receiving device in forward transmission, the receiver 15 receives Y ′ A, and the receiver 15 gives the received Y ′ A to the decoder 16. The decoder 16 calculates the exclusive OR of the encoded text Y ′ A and the plain text D tB (t−Δt) stored in the memory 13 to obtain the transmitted plain text D tA (t). Restore. The plain text D tB (t−Δt) is plain text encoded by the communication device 1-2 at the time t−Δt, and is stored in the memory 13 by the encoder 11. The plaintext D rB (t-Δt) is received and restored by the communication device 1-1 after the plaintext D tB (t-Δt) used for encoding by the communication device 1-2 is encoded. is there. Therefore, the plaintext D rB (t-Δt) and the plaintext D tB (t-Δt) match. Therefore, D tA (t) is restored by exclusive OR of the encoded text Y ′ A and the plain text D tB (t−Δt).

 同様に、対向方向の伝送においては、送信装置である通信装置1-2では、符号器11が、平文DtB(t)とメモリ13に格納された平文DrA(t-Δt)との排他的論理和を算出することにより、式(4)に示した符号化文Y’Bを算出する。通信装置1-2の送信器12は、伝送路2を介してY’Bを対向方向の伝送における受信装置である通信装置1-1へ送信する。 Similarly, in transmission in the opposite direction, in the communication device 1-2 which is a transmission device, the encoder 11 excludes the plaintext D tB (t) and the plaintext D rA (t−Δt) stored in the memory 13. By calculating the logical OR, the encoded sentence Y ′ B shown in Expression (4) is calculated. The transmitter 12 of the communication apparatus 1-2 through the transmission path 2 transmits the Y 'B the opposing direction communication device 1-1 is a receiving apparatus in the transmission of.

Figure JPOXMLDOC01-appb-M000004
Figure JPOXMLDOC01-appb-M000004

 対向方向の伝送における受信装置である通信装置1-1では、受信器15がY’Bを受信すると復号器16へ入力する。復号器16は、符号化文Y’Bとメモリ14に格納された平文DrA(t-Δt)との排他的論理和を算出することにより、送信された平文であるDtB(t)を復元する。 In the communication device 1-1 that is a receiving device in transmission in the opposite direction, when the receiver 15 receives Y ′ B , it inputs it to the decoder 16. The decoder 16 calculates the exclusive OR of the encoded text Y ′ B and the plain text D rA (t−Δt) stored in the memory 14, thereby obtaining the transmitted plain text D tB (t). Restore.

 以上のように、通信装置1-1の受信器15は、通信装置1-2から第1の符号化文であるY’Bを受信する第1の受信器である。第1の符号器である通信装置1-1の符号器11は、第1の時刻である時刻tに送信する第1の平文DtA(t)と、第1の時刻より前の第2の時刻である時刻t-Δtに通信装置1-2から送信された第1の符号化文が復号されて得られた第2の平文であるDrB(t-Δt)と、を用いた符号化を実施して第2の符号化文Y’Aを生成する。第1の送信器である通信装置1-1の送信器12は、Y’Aを通信装置1-2へ送信する。第1の復号器である通信装置1-1の復号器16は、第1の符号化文Y’Bをt-Δtに送信した第1の平文DtA(t-Δt)を用いて復号して第2の平文DrB(t)を生成する。 As described above, the receiver 15 of the communication device 1-1 is a first receiver that receives Y ′ B that is the first encoded text from the communication device 1-2. The encoder 11 of the communication device 1-1, which is the first encoder, transmits the first plaintext D tA (t) to be transmitted at time t, which is the first time, and the second plaintext before the first time. Encoding using D rB (t-Δt), which is the second plaintext obtained by decoding the first encoded text transmitted from the communication device 1-2 at time t-Δt, which is time To generate a second encoded sentence Y ′ A. The transmitter 12 of the communication device 1-1 that is the first transmitter transmits Y ′ A to the communication device 1-2. The decoder 16 of the communication device 1-1 serving as the first decoder decodes the first encoded text Y ′ B using the first plaintext D tA (t−Δt) transmitted to t−Δt. To generate the second plaintext D rB (t).

 また、通信装置1-2の受信器15は、通信装置1-1から第2の符号化文であるY’Aを受信する第2の受信器である。第2の符号器である通信装置1-2の符号器11は、時刻tに送信する第2の平文DtB(t)と、時刻t-Δtに通信装置1-1から送信された第2の符号化文が復号されて得られた第1の平文であるDrA(t-Δt)と、を用いた符号化を実施して第1の符号化文Y’Bを生成する。第2の送信器である通信装置1-2の送信器12は、Y’Bを通信装置1-1へ送信する。第2の復号器である通信装置1-2の復号器16は、第2の符号化文Y’Aをt-Δtに送信した第2の平文DtB(t-Δt)を用いて復号して第1の平文DrA(t)を生成する。 The receiver 15 of the communication device 1-2 is a second receiver that receives Y ′ A that is the second encoded text from the communication device 1-1. The encoder 11 of the communication device 1-2, which is the second encoder, transmits the second plaintext D tB (t) transmitted at time t and the second plaintext D tB (t) transmitted from the communication device 1-1 at time t-Δt. and D rA (t-Δt) of the encoded sentences is first plaintext obtained by decoding, to generate a first encoded sentences Y 'B by carrying out the coding using. The transmitter 12 of the communication device 1-2 which is the second transmitter transmits Y ′ B to the communication device 1-1. The decoder 16 of the communication device 1-2 as the second decoder decodes the second encoded text Y ′ A using the second plaintext D tB (t−Δt) transmitted to t−Δt. To generate a first plaintext D rA (t).

 図3は、本実施の形態の符号化によるデータ伝送の一例を示す図である。図3では、各平文が6ビットで構成される例を示している。110111などのように6つの数値は6ビットのデータ値の例を示している。図3に示した例では、通信装置1-1のメモリ13に対向方向の通信で受信して復元された平文DrB(t-Δt)として110111が格納されているとする。通信装置1-1の符号器11は、図3(A1)に示すように、順方向通信において、平文DtA(t)である101100とDrB(t-Δt)である110111との排他的論理和を算出し、符号化文Y’Aとして011011を得る。符号化文Y’Aは、図3(A2)に示すように、順方向に伝送される。 FIG. 3 is a diagram illustrating an example of data transmission by encoding according to the present embodiment. FIG. 3 shows an example in which each plaintext is composed of 6 bits. Six numerical values such as 110111 indicate examples of 6-bit data values. In the example shown in FIG. 3, it is assumed that 110111 is stored in the memory 13 of the communication device 1-1 as plain text DrB (t-Δt) received and restored by communication in the opposite direction. As shown in FIG. 3A1, the encoder 11 of the communication device 1-1 exclusively uses 101100, which is plain text D tA (t), and 110111, which is D rB (t−Δt), in forward communication. A logical sum is calculated and 011011 is obtained as the encoded sentence Y ′ A. The encoded text Y ′ A is transmitted in the forward direction as shown in FIG.

 通信装置1-2のメモリ14には過去に通信装置1-2から送信された平文DtB(t-Δt)である110111が格納されているとする。通信装置1-2の復号器16は、図3(A3)に示すように、符号化文Y’Aである011011と平文DtB(t-Δt)である110111との排他的論理和を算出することにより復号化を行い、順方向通信において受信した平文であるDrA(t)として101100を得る。DrA(t)は、復元されたDtA(t)であるから、以上の処理により、通信装置1-2は、通信装置1-1から送信された平文DtA(t)である101100を復元することができる。 It is assumed that 110111 that is a plaintext D tB (t−Δt) transmitted from the communication device 1-2 in the past is stored in the memory 14 of the communication device 1-2. Decoder 16 of the communication device 1-2, as shown in FIG. 3 (A3), calculates an exclusive OR of the 110111 is a code-text Y 'A 011011 plaintext D tB (t-Δt) performs decoding by, obtaining 101100 as D rA (t) is a plaintext received in the forward communications. Since D rA (t) is the reconstructed D tA (t), the communication apparatus 1-2 determines 101100, which is the plaintext D tA (t) transmitted from the communication apparatus 1-1, by the above processing. Can be restored.

 また、通信装置1-2のメモリ13に対向方向の通信で受信して復元された平文DrA(t-Δt)として010101が格納されているとする。対向方向の通信では、通信装置1-2の符号器11は、図3(B1)に示すように、平文DtB(t)である110011と平文DrA (t-Δt)である010101との排他的論理和を算出し、符号化文Y’Bとして100110を得る。符号化文Y’Bは、図3(B2)に示すように、対向方向に伝送される。 Further, it is assumed that 010101 is stored in the memory 13 of the communication device 1-2 as the plain text DrA (t-Δt) received and restored by communication in the opposite direction. In the communication in the opposite direction, the encoder 11 of the communication device 1-2, as shown in FIG. 3 (B1), 110011 which is plaintext D tB (t) and 010101 which is plaintext D rA (t−Δt). The exclusive OR is calculated and 100110 is obtained as the encoded sentence Y ′ B. The encoded text Y ′ B is transmitted in the opposite direction as shown in FIG. 3 (B2).

 通信装置1-1のメモリ14には過去に通信装置1-1から送信された平文DtA(t-Δt)として010101が格納されているとする。通信装置1-1の復号器16は、図3(B3)に示すように、符号化文Y’Bである100110と平文DtA(t-Δt)である010101との排他的論理和を算出することにより復号化を行い、対向通信において受信した平文であるDrB(t)として110011を得る。DrB(t)は、復元されたDtB(t)であるから、以上の処理により、通信装置1-1は、通信装置1-2から送信された平文DtB(t)である110011を復元することができる。 It is assumed that 010101 is stored in the memory 14 of the communication device 1-1 as the plaintext D tA (t−Δt) transmitted from the communication device 1-1 in the past. Decoder 16 of the communication apparatus 11, as shown in FIG. 3 (B3), calculates an exclusive OR of the 010101 is a code-text Y 'B 100110 plaintext D tA (t-Δt) Thus, decryption is performed, and 110011 is obtained as DrB (t) which is a plaintext received in the opposite communication. Since D rB (t) is the restored D tB (t), the communication apparatus 1-1 has received 110011, which is the plaintext D tB (t) transmitted from the communication apparatus 1-2, through the above processing. Can be restored.

 次に、上述した符号化伝送を開始するまでの手順について説明する。図4は、本実施の形態の符号化伝送を開始するまでの手順の一例を示すシーケンス図である。以下、通信装置1-1および通信装置1-2が上述した符号化伝送を行っているモードを、符号化伝送モードと呼ぶ。図4に示したシーケンスの開始前は、通信装置1-1と通信装置1-2とが上述した符号化伝送を行っていない状態であるとする。 Next, the procedure until the above-described encoded transmission is started will be described. FIG. 4 is a sequence diagram illustrating an example of a procedure until the encoded transmission of the present embodiment is started. Hereinafter, the mode in which the communication apparatus 1-1 and the communication apparatus 1-2 perform the above-described encoded transmission is referred to as an encoded transmission mode. Before the start of the sequence shown in FIG. 4, it is assumed that the communication device 1-1 and the communication device 1-2 are not performing the above-described encoded transmission.

 まず、通信装置1-1の制御部10が、送信器12を介して通信装置1-2へ符号化伝送モードの開始の通知ACKを送信する(ステップS1)。通信装置1-2の制御部10は、符号化伝送モードの開始の通知ACKを、受信器15を介して受信すると、該通知を受理したことを示す応答であるRESを、送信器12を介して通信装置1-1へ送信する(ステップS2)。 First, the control unit 10 of the communication device 1-1 transmits a notification ACK for starting the encoded transmission mode to the communication device 1-2 via the transmitter 12 (step S1). When the control unit 10 of the communication apparatus 1-2 receives the notification ACK of the start of the encoded transmission mode via the receiver 15, the control unit 10 transmits a RES, which is a response indicating that the notification is accepted, via the transmitter 12. To the communication device 1-1 (step S2).

 次に、通信装置1-1の制御部10は、対向方向の伝送時の平文をメモリで保持する時間Δtを決めるために、通信装置1-1と通信装置1-2との間をデータが一往復するのに費やす時間を計測するための信号であるMEAを用いて、通信装置1-1と通信装置1-2との間をデータが一往復するのに費やす時間を測定する(ステップS3)。すなわち通信装置1-1は、MEAを送信した時刻を記憶しておき、MEAに対する応答を受信した時刻を記憶しておく。そして、MEAに対する応答を受信した時刻とMEAを送信した時刻との差を、一往復するのに費やす時間として算出する。MEAとしては、受信されたら受信装置がすぐに応答を返送するような信号であればどのような信号を用いてもよい。計測のための信号はどのような内容の信号でもよい。 Next, the control unit 10 of the communication apparatus 1-1 determines whether data is transmitted between the communication apparatus 1-1 and the communication apparatus 1-2 in order to determine the time Δt for holding the plaintext during transmission in the opposite direction in the memory. Using the MEA, which is a signal for measuring the time spent for one round trip, the time spent for one round trip of data between the communication device 1-1 and the communication device 1-2 is measured (step S3). ). That is, the communication device 1-1 stores the time when the MEA is transmitted, and stores the time when the response to the MEA is received. Then, the difference between the time when the response to the MEA is received and the time when the MEA is transmitted is calculated as the time spent for one round trip. As the MEA, any signal may be used as long as the reception device returns a response as soon as it is received. The signal for measurement may be any signal.

 次に、通信装置1-1の制御部10は、算出された一往復するのに費やす時間をメモリ保持時間として決定し、メモリ保持時間を格納したメモリ保持時間情報を通信装置1-2へ送信する(ステップS4)。これにより、通信装置1-1と通信装置1-2との間でメモリ保持時間が共有される。通信装置1-2の制御部10は、メモリ保持時間情報を受信すると、該通知を受理したことを示す応答であるRESを、通信装置1-1へ送信する(ステップS5)。通信装置1-1および通信装置1-2の制御部10は、メモリ13およびメモリ14におけるデータの保持時間が、上述したメモリ保持時間となるようにメモリ13およびメモリ14を制御する。これにより、各メモリに格納された最も古いデータは、現在の時刻tよりメモリ保持時間Δtだけ前の時刻のデータとなる。なお、メモリ保持時間は一往復するのに費やす時間以上の任意の値に設定できる。 Next, the control unit 10 of the communication device 1-1 determines the calculated time spent for one round trip as the memory retention time, and transmits the memory retention time information storing the memory retention time to the communication device 1-2. (Step S4). As a result, the memory holding time is shared between the communication device 1-1 and the communication device 1-2. When receiving the memory retention time information, the control unit 10 of the communication device 1-2 transmits RES, which is a response indicating that the notification has been received, to the communication device 1-1 (step S5). The control unit 10 of the communication device 1-1 and the communication device 1-2 controls the memory 13 and the memory 14 so that the data retention time in the memory 13 and the memory 14 becomes the above-described memory retention time. As a result, the oldest data stored in each memory becomes data at a time before the current time t by the memory holding time Δt. Note that the memory holding time can be set to an arbitrary value equal to or longer than the time spent for one round trip.

 次に、通信装置1-1の制御部10は、データ伝送の開始の通知を通信装置1-2へ送信する(ステップS6)。通信装置1-2の制御部10は、データ伝送の開始の通知を受信すると、該通知を受理したことを示す応答であるRESを、通信装置1-1へ送信する(ステップS7)。 Next, the control unit 10 of the communication device 1-1 transmits a data transmission start notification to the communication device 1-2 (step S6). When receiving the notification of the start of data transmission, the control unit 10 of the communication device 1-2 transmits RES, which is a response indicating that the notification has been received, to the communication device 1-1 (step S7).

 次に、通信装置1-1は、順方向の伝送において、あらかじめ定められた固定の秘密鍵または上位レイヤの処理で生成される秘密鍵を初期ベクトルとして用いて平文を符号化して暗号文を生成し、暗号文を通信装置1-2へ送信する(ステップS8)。符号化伝送の開始時には、メモリ13に対向方向の伝送で受信した平文が格納されていない。このため、ステップS8では、通信装置1-1は、メモリ13に対向方向の伝送で受信した平文の代わりに上述した初期ベクトルを用いて符号化を実施する。通信装置1-1は、送信した平文をメモリ14に格納する。データ伝送開始時の平文とは、平文をフレーム単位で伝送する場合は最初のフレームであり、ストリーム伝送の場合は伝送開始から任意に設定したビットまでを指す。 Next, in the forward transmission, the communication device 1-1 generates a ciphertext by encoding a plaintext by using a predetermined fixed secret key or a secret key generated by higher layer processing as an initial vector. Then, the ciphertext is transmitted to the communication device 1-2 (step S8). At the start of encoded transmission, the plaintext received by the transmission in the opposite direction is not stored in the memory 13. For this reason, in step S8, the communication apparatus 1-1 performs encoding using the above-described initial vector instead of the plain text received in the memory 13 by transmission in the opposite direction. The communication device 1-1 stores the transmitted plain text in the memory 14. The plaintext at the start of data transmission refers to the first frame when the plaintext is transmitted in units of frames, and in the case of stream transmission, refers to the arbitrarily set bits from the start of transmission.

 通信装置1-2は、順方向の伝送によって受信した符号化文を、通信装置1-1が符号化において用いた秘密鍵と同じ秘密鍵を用いて復号化してメモリ13へ格納する。また、通信装置1-2は、上述したとおり、メモリ13に格納された平文を用いて対向方向で伝送する平文を符号化して送信する(ステップS9)。通信装置1-1は、対向方向の伝送によって受信した符号化文を、メモリ14に格納されている平文を用いて復号する。また、通信装置1-1は、メモリ13に格納された平文を用いて順方向で伝送する平文を符号化して送信する(ステップS10)。通信装置1-2は、順方向の伝送によって受信した符号化文を、メモリ14に格納されている平文を用いて復号する。また、通信装置1-2は、メモリ13に格納された平文を用いて、対向方向で伝送する平文を符号化して送信する(ステップS11)。以降、ステップS10およびステップS11が、符号化伝送の終了まで繰り返される。 The communication device 1-2 decrypts the encoded text received by the forward transmission using the same secret key as that used by the communication device 1-1 for encoding, and stores the decrypted text in the memory 13. Further, as described above, the communication device 1-2 encodes and transmits the plaintext to be transmitted in the opposite direction using the plaintext stored in the memory 13 (step S9). The communication device 1-1 decodes the encoded text received by the transmission in the opposite direction using the plain text stored in the memory 14. Further, the communication device 1-1 encodes and transmits the plain text to be transmitted in the forward direction using the plain text stored in the memory 13 (step S10). The communication device 1-2 decodes the encoded text received by the forward transmission using the plain text stored in the memory 14. Further, the communication device 1-2 encodes and transmits the plain text to be transmitted in the opposite direction using the plain text stored in the memory 13 (step S11). Thereafter, step S10 and step S11 are repeated until the end of encoded transmission.

 なお、本実施の形態で述べた符号化方法は、ネットワークの形態に依存することなく適用可能である。例えば、図1と同様の図5に示すような1:1ノードの双方向伝送の形態であってもよいし、図6に示すような1:N(Nは2以上の整数)ノードの双方向伝送の形態であってもよい。また、図7に示すような複数ノードを経由する双方向伝送の形態などであってもよい。図6に示した通信装置1-2から通信装置1-5は、通信装置1-1と同様の構成である。図7に示した通信装置3-1から通信装置3-3は、中継機能を有する通信装置であればよく特に構成に限定はない。 Note that the encoding method described in the present embodiment can be applied without depending on the network form. For example, a bidirectional transmission form of 1: 1 node as shown in FIG. 5 similar to FIG. 1 may be used, or both 1: N (N is an integer of 2 or more) nodes as shown in FIG. It may be in the form of bidirectional transmission. Moreover, the form of bidirectional transmission via a plurality of nodes as shown in FIG. 7 may be used. The communication device 1-2 to the communication device 1-5 illustrated in FIG. 6 have the same configuration as the communication device 1-1. The communication devices 3-1 to 3-3 shown in FIG. 7 are not particularly limited in configuration as long as the communication devices have a relay function.

 以上のように、本実施の形態では、通信装置1-1,1-2が双方向通信を行うことを利用し、すなわち通信装置1-1,1-2が、送信装置でもあり逆方向の伝送における受信装置でもあることを利用し、それぞれ送信した平文をメモリ13に記憶しておくとともに受信したデータを復元して得られた平文を用いて符号化を行う。すなわち、過去に受信した平文を暗号化のための鍵として用い、過去に送信した平文を復号化のための鍵として用いることになる。これにより、通信装置1-1,1-2は、受信したデータを自身が送信した平文を用いて復号することができる。また、復号器が復号に用いる平文は通信相手でないと得られない情報であるため秘匿性を確保することができる。さらに、メモリと排他的論理和を行う回路で処理が実現できるため、簡易なハードウエアで実現できる。 As described above, the present embodiment uses the fact that the communication apparatuses 1-1 and 1-2 perform bidirectional communication, that is, the communication apparatuses 1-1 and 1-2 are also transmitting apparatuses and are in the reverse direction. Utilizing the fact that it is also a receiving device in transmission, the transmitted plaintext is stored in the memory 13 and encoding is performed using the plaintext obtained by restoring the received data. That is, the plaintext received in the past is used as a key for encryption, and the plaintext transmitted in the past is used as a key for decryption. As a result, the communication devices 1-1 and 1-2 can decrypt the received data using the plaintext transmitted by the communication devices 1-1 and 1-2. Also, since the plaintext used for decryption by the decoder is information that can only be obtained by the communication partner, confidentiality can be ensured. Furthermore, since the processing can be realized by a circuit that performs exclusive OR with the memory, it can be realized by simple hardware.

実施の形態2.
 図8は、本発明の実施の形態2にかかる通信システムの構成例を示す図である。図8に示すように、本実施の形態の通信システム100aは、通信装置1a-1および通信装置1a-2を備える。 Embodiment 2. FIG.
FIG. 8 is a diagram illustrating a configuration example of a communication system according to the second exemplary embodiment of the present invention. As shown in FIG. 8, the communication system 100a of the present embodiment includes a communication device 1a-1 and a communication device 1a-2.

 図8に示すように通信装置1a-1は、実施の形態1の符号器11の替わりに本実施の形態の符号器である暗号器17を備え、実施の形態1の復号器16の替わりに復号器18を備える以外は、実施の形態1の通信装置1-1と同様である。実施の形態1と同様の機能を有する構成要素は、実施の形態1と同一の符号を付して重複する説明を省略する。通信装置1a-2の構成は、通信装置1a-1と同様である。以下では、第1の通信装置である通信装置1a-1から第2の通信装置である通信装置1a-2へ向かう方向を順方向と呼び、通信装置1a-2から通信装置1a-1へ向かう方向を対向方向と呼ぶ。 As shown in FIG. 8, the communication device 1a-1 includes an encryptor 17 that is an encoder according to the present embodiment instead of the encoder 11 according to the first embodiment, and instead of the decoder 16 according to the first embodiment. Except for the provision of the decoder 18, it is the same as the communication apparatus 1-1 of the first embodiment. Components having the same functions as those in the first embodiment are denoted by the same reference numerals as those in the first embodiment, and redundant description is omitted. The configuration of the communication device 1a-2 is the same as that of the communication device 1a-1. Hereinafter, the direction from the communication device 1a-1 as the first communication device to the communication device 1a-2 as the second communication device is referred to as the forward direction, and from the communication device 1a-2 to the communication device 1a-1. The direction is called the facing direction.

 本実施の形態では、実施の形態1で説明した符号化方式と共通鍵暗号方式とを併用する。図9は、本実施の形態の符号化および暗号化方法の概念を示す図である。本実施の形態では、通信装置1a-1の暗号器17は、平文DtA(t)と通信装置1a-1のメモリ13に格納された平文DrB(t-Δt)と秘密鍵KA(t)との排他的論理和により順方向に伝送される符号化文を生成する。通信装置1a-2の復号器18は、順方向に伝送される符号化文とメモリ14に格納された平文DtB(t-Δt)と秘密鍵KA(t)との排他的論理和を算出することで通信装置1a-1から送信された平文DtA(t)を復元する。 In this embodiment, the encoding method described in Embodiment 1 and the common key encryption method are used in combination. FIG. 9 is a diagram showing the concept of the encoding and encryption method of the present embodiment. In the present embodiment, the encryptor 17 of the communication device 1a-1 includes the plaintext D tA (t), the plaintext D rB (t−Δt) stored in the memory 13 of the communication device 1a-1, and the secret key K A ( A coded sentence transmitted in the forward direction is generated by exclusive OR with t). The decoder 18 of the communication device 1a-2 performs exclusive OR of the encoded text transmitted in the forward direction, the plaintext D tB (t−Δt) stored in the memory 14 and the secret key K A (t). By calculating, the plaintext D tA (t) transmitted from the communication device 1a-1 is restored.

 同様に、対向方向伝送では、通信装置1a-2の暗号器17は、平文DtB(t)と通信装置1a-2のメモリ13に格納された平文DrA(t-Δt)と秘密鍵KB(t)との排他的論理和により、対向方向に伝送される符号化文を生成する。通信装置1a-1の復号器18は、対向方向に伝送される符号化文とメモリ14に格納された平文DtA(t-Δt)と秘密鍵KB(t)との排他的論理和を算出することで、通信装置1a-2から送信された平文DtB(t)を復元する。通信装置1-1と通信装置1-2との間の共通の秘密鍵である秘密鍵KA(t)および秘密鍵KB(t)の生成方法および更新方法は、一般的な共通鍵暗号方式を用いてもよいが、実施の形態1で述べたメモリ保持時間を秘密鍵として用いてもよい。メモリ保持時間は、実施の形態1で述べた通り通信装置1-1と通信装置1-2との間で共通化されている。このため、メモリ保持時間を、上述した共通の秘密鍵として用いることができる。 Similarly, in the opposite direction transmission, the encryption device 17 of the communication device 1a-2 performs the plaintext D tB (t), the plaintext D rA (t−Δt) stored in the memory 13 of the communication device 1a-2, and the secret key K. A coded sentence transmitted in the opposite direction is generated by exclusive OR with B (t). The decoder 18 of the communication device 1a-1 performs an exclusive OR operation between the encoded text transmitted in the opposite direction, the plaintext D tA (t−Δt) stored in the memory 14, and the secret key K B (t). By calculating, the plaintext D tB (t) transmitted from the communication device 1a-2 is restored. A method for generating and updating a secret key K A (t) and a secret key K B (t), which are common secret keys between the communication device 1-1 and the communication device 1-2, is a common common key encryption method. Although the method may be used, the memory holding time described in Embodiment 1 may be used as a secret key. As described in the first embodiment, the memory holding time is shared between the communication device 1-1 and the communication device 1-2. For this reason, the memory retention time can be used as the above-described common secret key.

 実施の形態1で説明した符号化方式と共通鍵暗号方式とを併用する際の具体的な実装の形態としては以下の第1の方法および第2の方法の2通りの形態が挙げられる。図10は、第1の方法における暗号化および符号化手順するための図である。図10に示した第1の方法では、送信装置が、送信する平文に対し秘密鍵で暗号化を行った後に対向装置から受信した平文を用いて符号化する方式となる。 Specific implementation forms when the encoding system and the common key encryption system described in Embodiment 1 are used in combination include the following two forms of the first method and the second method. FIG. 10 is a diagram for performing an encryption and encoding procedure in the first method. The first method shown in FIG. 10 is a scheme in which the transmitting device encodes the plaintext to be transmitted using the plaintext received from the opposite device after encrypting with the secret key.

 図10の(A11)に示すように、順方向の伝送において、通信装置1a-1の暗号器17は、秘密鍵KA(t)である001010と順方向で送信する平文DtA(t)である101100とを排他的論理演算により暗号化して暗号文100110を生成する。その後、図10(A12)に示すように、通信装置1a-1の暗号器17は、暗号文100110と対向方向の通信で受信した平文DrB(t-Δt)である110111との排他論理和を求めることにより符号化文として010001を生成する。この符号化文は、図10(A13)に示すように、順方向に伝送される。 As shown in (A11) of FIG. 10, in forward transmission, the encryptor 17 of the communication device 1a-1 transmits plaintext D tA (t) transmitted in the forward direction with 001010 which is the secret key K A (t). Is encrypted by an exclusive logical operation to generate a ciphertext 100110. Thereafter, as shown in FIG. 10 (A12), the encryptor 17 of the communication device 1a-1 performs an exclusive OR operation between the ciphertext 100110 and the plaintext DrB (t−Δt) 110111 received in the communication in the opposite direction. Is obtained as an encoded sentence. This encoded text is transmitted in the forward direction as shown in FIG. 10 (A13).

 通信装置1a-2の復号器18は、図10の(A14)に示すように、受信した符号化文である010001と対向方向で送信した平文DtB(t-Δt)である110111を排他的論理演算により復号化する。その後、図10の(A15)に示すように、通信装置1a-2の復号器18は、復号化した結果である100110と秘密鍵KA(t)である001010との排他的論理演算により復号化し、順方向で受信した平文DrA(t)101100を得る。DrA(t)は、順方向で送信されたDtA(t)と同一である。 As shown in (A14) of FIG. 10, the decoder 18 of the communication device 1a-2 exclusively receives the received encoded text 010001 and the plain text D tB (t−Δt) 110111 transmitted in the opposite direction. Decrypt by logical operation. Thereafter, as shown in (A15) of FIG. 10, a decoder 18 of the communication device 1a-2 is decoded by an exclusive logical operation between the result of decryption 100110 and a secret key K A (t) 001010 To obtain plain text D rA (t) 101100 received in the forward direction. D rA (t) is the same as D tA (t) transmitted in the forward direction.

 また、対向方向の伝送において、図10の(B11)に示すように、通信装置1a-2の暗号器17は、秘密鍵KB(t)である010101と対向方向で送信する平文DtB(t)である110011とを排他的論理演算により暗号化して暗号文100110を生成する。その後、図10(B12)に示すように、通信装置1a-2の暗号器17は、暗号文100110と順方向の通信で受信した平文DrA(t-Δt)である100011との排他論理和を求めることにより符号化文として000101を生成する。この符号化文は、図10(B13)に示すように、対向方向に伝送される。 Further, in the transmission of the opposite direction, as shown in (B11) of FIG. 10, the encryptor 17 of the communication device 1a-2 is plaintext D tB to transmit at 010101 and opposing direction is the private key K B (t) ( The ciphertext 100110 is generated by encrypting 110011 that is t) by an exclusive logical operation. Thereafter, as shown in FIG. 10 (B12), the exclusive logical sum of the encryptor 17 of the communication device 1a-2 is a plaintext D rA received by the communication ciphertext 100110 and forward (t-Δt) 100011 000101 is generated as an encoded sentence. This encoded text is transmitted in the opposite direction as shown in FIG. 10 (B13).

 通信装置1a-1の復号器18は、図10の(B14)に示すように、受信した符号化文である000101と順方向で送信した平文DtA(t-Δt)である100011を排他的論理演算により復号化する。その後、図10の(B15)に示すように、通信装置1a-2の復号器18は、復号化した結果である100110と秘密鍵KB(t)である010101との排他的論理演算により復号化し、対向方向で受信した平文DrB(t)110011を得る。DrB(t)は、順方向で送信されたDtB(t)と同一である。 As shown in (B14) of FIG. 10, the decoder 18 of the communication device 1a-1 exclusively uses the received encoded text 00101 and the plaintext D tA (t−Δt) 1000011 transmitted in the forward direction. Decrypt by logical operation. Thereafter, as shown in (B15) of FIG. 10, the decryptor 18 of the communication device 1a-2 decrypts the result of the decryption by the exclusive logical operation of 100110 as the decrypted result and 010101 as the secret key K B (t). And plaintext D rB (t) 110011 received in the opposite direction is obtained. D rB (t) is the same as D tB (t) transmitted in the forward direction.

 図11は、第2の方法における暗号化および符号化手順するための図である。図11に示した第2の方法では、送信装置が、秘密鍵と、鍵の一種として用いられる過去に受信した平文とを予め排他的論理演算した後に平文と排他的論理演算する方法となる。 FIG. 11 is a diagram for performing encryption and encoding procedures in the second method. The second method shown in FIG. 11 is a method in which the transmitting device performs an exclusive logical operation on a secret key and a plaintext received in the past used as a kind of key in advance and then performs an exclusive logical operation on the plaintext.

 第2の方法では、図11の(A21)に示すように、順方向の伝送において、通信装置1a-1の暗号器17は、対向方向の通信で受信した平文DrB(t-Δt)である110111と秘密鍵KA(t)である001010との排他的論理演算を行って暗号鍵として111101を生成する。次に、通信装置1a-1の暗号器17は、図11の(A22)に示すように、暗号鍵である111101と順方向で送信する平文DtA(t)である101100とを排他的論理演算により符号化して符号化文010001を生成する。この符号化文は、図11(A23)に示すように、順方向に伝送される。 In the second method, as shown in (A21) of FIG. 11, in the transmission of the forward, encryptor 17 of the communication device 1a-1 is a received in the opposing direction of the communication plaintext D rB (t-Δt) An exclusive logical operation of a certain 110111 and a secret key K A (t) 001010 is performed to generate 111101 as an encryption key. Next, as shown in (A22) of FIG. 11, the encryptor 17 of the communication device 1a-1 performs exclusive logic on the encryption key 111101 and the plaintext D tA (t) 101100 transmitted in the forward direction. An encoded sentence 010001 is generated by encoding by calculation. This encoded text is transmitted in the forward direction as shown in FIG. 11 (A23).

 通信装置1a-2の復号器18は、図11の(A21’)に示すように、対向方向で送信した平文DtB(t-Δt)である110111と秘密鍵KA(t)である001010との排他的論理演算を行って、暗号鍵として111101を生成する。通信装置1a-2の復号器18は、図11の(A24)に示すように、暗号鍵である111101と、受信した符号化文である010001と、を排他的論理演算により復号化して、順方向で受信した平文DrA(t)101100を得る。DrA(t)は、順方向で送信されたDtA(t)と同一である。 As shown in (A21 ′) of FIG. 11, the decryptor 18 of the communication device 1a-2 has 110111 as the plaintext D tB (t−Δt) transmitted in the opposite direction and 000010 as the secret key K A (t). And 111101 is generated as an encryption key. As shown in (A24) of FIG. 11, the decryptor 18 of the communication device 1a-2 decrypts the encryption key 111101 and the received encoded text 010001 by an exclusive logical operation, and sequentially The plaintext D rA (t) 101100 received in the direction is obtained. D rA (t) is the same as Dt A (t) transmitted in the forward direction.

 対向方向についても、図11に示したように、通信装置1a-2が平文DtB(t)110011を送信するとき、順方向と同様に(B21)から(B24)、および(B21’)が実施され、通信装置1a-1は、対向方向で受信した平文DrB(t)110011を得る。 Also in the opposite direction, as shown in FIG. 11, when the communication device 1a-2 transmits the plaintext D tB (t) 110011, (B21) to (B24) and (B21 ′) are changed as in the forward direction. As a result, the communication device 1a-1 obtains the plaintext D rB (t) 110011 received in the opposite direction.

 以上のように、本実施の形態では、実施の形態1で説明した符号化方式と共通鍵暗号方式とを併用する。これにより、実施の形態1に比べされに秘匿性を高めることができる。 As described above, in the present embodiment, the encoding method described in the first embodiment and the common key cryptosystem are used in combination. Thereby, it is possible to improve confidentiality as compared with the first embodiment.

実施の形態3.
 実施の形態1および実施の形態2の符号化方式は、ストリーム型の方式と考えることができるが、本実施の形態では、ブロック型の暗号化方式と併用することによって更に暗号強度を向上させる方式を説明する。具体的な手法としては、受信したシンボル内に含まれるビットブロック内の各ビット情報を、送信ビットブロック内のいずれのビット情報に割り当てるかといった規則を参照表に割り当てる。そして、送信装置と受信装置との間で参照表の情報を共有することで伝送路中のデータの秘匿性を高めることができる。また、ビットブロックサイズを増大させると、送信データに割り当てられる受信データの取り得る組み合わせが増大し鍵空間が拡大するため、データの秘匿性は向上する。 Embodiment 3 FIG.
The coding schemes of the first and second embodiments can be considered as a stream type scheme, but in this embodiment, a scheme for further improving the cryptographic strength by using together with the block type cryptographic scheme. Will be explained. As a specific method, a rule such as assigning each bit information in the bit block included in the received symbol to which bit information in the transmission bit block is assigned to the reference table. And the confidentiality of the data in a transmission line can be improved by sharing the information of a reference table between a transmitter and a receiver. Further, when the bit block size is increased, the possible combinations of received data assigned to transmission data are increased and the key space is expanded, so that the confidentiality of data is improved.

 ビットブロックサイズを増大させる手法として、変調技術または信号処理技術を利用した形態がある。変調技術を用いてビットブロックサイズを増大する手法として、位相振幅変調方式による多値化が挙げられる。すなわち、符号化文を多値振幅位相変調して送信する方法が挙げられる。また、信号処理技術を用いてビットブロックサイズを増大する手法として、複数の搬送波を用いたサブチャネル化すなわち複数の周波数を用いて符号化文を送信する方法が挙げられる。 As a method for increasing the bit block size, there is a form using a modulation technique or a signal processing technique. As a method for increasing the bit block size using a modulation technique, there is a multi-valued method using a phase amplitude modulation method. That is, there is a method of transmitting the encoded text after performing multi-value amplitude phase modulation. Further, as a technique for increasing the bit block size using a signal processing technique, there is a method of sub-channeling using a plurality of carriers, that is, a method of transmitting a coded sentence using a plurality of frequencies.

 変調時にビットブロックに対してシンボルをマッピングする際、変調処理を、ビットブロック内のビット番号bi,j(i=1,2,…,m)(j=1,2,…,n)を要素とするm×n行列で表現することができる。mはビットブロックの個数であり、nはサブチャネル数である。iは変調方式に起因するビットブロックの番号を示し、jはサブチャネルを示す番号である。 When mapping symbols to bit blocks during modulation, the modulation process is performed using bit numbers b i, j (i = 1, 2,..., M) (j = 1, 2,..., N) in the bit blocks. It can be expressed by an m × n matrix as an element. m is the number of bit blocks and n is the number of subchannels. i indicates the number of a bit block resulting from the modulation scheme, and j is a number indicating a subchannel.

 図12は、IQ平面における4値位相変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図である。図13は、IQ平面における16値位相振幅変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図である。なお、図12および図13では、ビット番号bi,jにおいてjは固定として記載を省略し、biとして示している。また、iは上位ビットから順番に1,2…とする。 FIG. 12 is a diagram showing the relationship between the signal points of the quaternary phase modulation signal on the IQ plane and the bit values assigned to the signal points. FIG. 13 is a diagram showing the relationship between the signal points of the 16-level phase amplitude modulation signal on the IQ plane and the bit values assigned to the signal points. In FIG. 12 and FIG. 13, in the bit numbers b i, j , j is fixed and the description is omitted and shown as b i . In addition, i is 1, 2,.

 光通信では、偏波に情報を載せる偏波多重技術が用いられる。図14は、4値位相変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図である。図15は、偏波多重16値位相振幅変調信号の信号点と各信号点に割り当てられたビット値との関係を示す図である。図14および図15では、X偏波の上位ビットから順番にi=1,2,…とし、X偏波の最下位ビットのビットに続いたビット番号をY偏波の最上位ビットとし、Y偏波の最上位ビットから下位ビットにかけてビット番号が増えるようにビット番号iを定めている。 In optical communications, polarization multiplexing technology that puts information on polarization is used. FIG. 14 is a diagram illustrating the relationship between the signal points of the quaternary phase modulation signal and the bit values assigned to the signal points. FIG. 15 is a diagram illustrating a relationship between signal points of the polarization multiplexed 16-level phase amplitude modulation signal and bit values assigned to the signal points. In FIG. 14 and FIG. 15, i = 1, 2,... In order from the most significant bit of the X polarization, and the bit number following the least significant bit of the X polarization is the most significant bit of the Y polarization. The bit number i is determined so that the bit number increases from the most significant bit to the lower bit of the polarization.

 図16は、実施の形態1で述べた符号化方法と多値位相振幅変調方式とを併用してブロック暗号化する方法の概念を示す図である。図16では、符号化方法と16値位相振幅変調方式とを併用した例を示している。 FIG. 16 is a diagram showing a concept of a block encryption method using both the encoding method described in the first embodiment and the multi-level phase amplitude modulation method. FIG. 16 shows an example in which the encoding method and the 16-level phase amplitude modulation method are used in combination.

 図16の(A31)に示すように、順方向伝送において、送信装置は、対向方向の伝送で受信した平文DrB(t-Δt)である0111を、あらかじめ保持している参照表によるビット列変換規則に基づきビット列変換する。図16に示した例では、上位ビット1番目と3番目を変換する規則を用いるものとする。図16の(A32)に示すように、送信装置は、ビット列変換後のデータである1101と順方向で送信される平文DtA(t)である1011とを排他的論理演算により符号化し符号文として0110を生成する。図16の(A33)に示すように、符号化文0110は16値位相振幅変調方式により変調されて、順方向に伝送される。 As shown in (A31) of FIG. 16, in forward transmission, the transmitting apparatus converts 0111, which is plaintext DrB (t−Δt) received in transmission in the opposite direction, into a bit string according to a reference table held in advance. Bit string conversion based on rules. In the example shown in FIG. 16, a rule for converting the first and third upper bits is used. As shown in (A32) of FIG. 16, the transmitting device, code statements coded by an exclusive logical operation 1011 and a plaintext D tA sent in 1101 and forward is a data bit string conversion (t) 0110 is generated as follows. As shown in (A33) of FIG. 16, the encoded text 0110 is modulated by the 16-value phase amplitude modulation method and transmitted in the forward direction.

 順方向伝送における受信装置は、変調された信号を受信してアナログ信号を復調して符号化文である0110を算出する。そして、図16の(A34)に示すように、受信装置は、符号化文である0110と対向方向に送信した平文DtB(t-Δt)である1101とを排他的論理演算して復号化し、順方向伝送において受信された平文DrA(t)である1011を得る。受信装置は、図16の(A35)に示すように、送信装置が用いた参照表と同一の参照表のビット列変換規則に従い、平文DrA(t)である1011を1011に変換してメモリに格納する。ここで格納された平文DrA(t)は、後に、対向方向の伝送における符号化を行う際に、ビット列変換されて対向伝送で送信される平文と排他的論理演算される。すなわち、平文DrA(t)は、図16の(B31)で用いられる。対向方向の伝送では、順方向の伝送と同様に、(B31)から(B36)が実施される。 The receiving apparatus in the forward transmission receives the modulated signal, demodulates the analog signal, and calculates 0110 which is an encoded sentence. Then, as shown in (A34) of FIG. 16, the receiving apparatus decodes the encoded text 0110 and the plain text D tB (t−Δt) 1101 transmitted in the opposite direction by performing an exclusive logical operation. , 1011 which is the plaintext D rA (t) received in the forward transmission is obtained. As shown in (A35) of FIG. 16, the receiving device converts 1011 as plain text DrA (t) into 1011 according to the bit string conversion rule of the same reference table as the reference table used by the transmitting device and stores it in the memory. Store. The plaintext D rA (t) stored here is subjected to an exclusive logical operation with the plaintext that is bit-string converted and transmitted in the opposite transmission when encoding in the opposite direction transmission is performed later. That is, the plaintext D rA (t) is used in the FIG. 16 (B31). In the transmission in the opposite direction, (B31) to (B36) are performed as in the forward transmission.

 図17はn個のサブチャネルから構成される信号の周波数配置を示す図である。低周波数側のサブチャネルから順番にjは1,2…とする。図18は実施の形態1で述べた符号化方法とマルチチャネル多値位相振幅変調方式とを併用してブロック暗号化する方式の概念を示す図である。マルチチャネル多値位相振幅変調方式は、サブチャネル化と多値位相振幅変調方式とを組み合わせた方式である。図18に示した例では、2サブチャネル16値位相振幅変調方式を適用した場合を示している。 FIG. 17 is a diagram showing a frequency arrangement of a signal composed of n subchannels. In order from the subchannel on the low frequency side, j is set to 1, 2,. FIG. 18 is a diagram showing the concept of a block encryption method using both the encoding method described in the first embodiment and the multichannel multilevel phase amplitude modulation method. The multi-channel multi-level phase amplitude modulation method is a method in which subchannelization and multi-level phase amplitude modulation method are combined. In the example shown in FIG. 18, a case where a 2-subchannel 16-value phase amplitude modulation method is applied is shown.

 図18の(A41)に示すように、順方向伝送において、送信装置は、対向方向の伝送で受信した平文DrB(t-Δt)である01111001を、あらかじめ保持している参照表によるビット列変換規則に基づきビット列変換する。図18に示した例では、1サブチャネル目の上位ビット1番目および2サブチャネル目の下位ビット1番目を変換する規則を用いるものとする。図18の(A32)に示すように、送信装置は、ビット列変換後のデータである11111000と順方向で送信される平文DtA(t)である10110110とを排他的論理演算により符号化し符号文として01101110を生成する。図18の(A43)に示すように、符号化文01101110は2サブチャネル16値位相振幅変調方式により変調されて、順方向に伝送される。 As shown in (A41) of FIG. 18, in forward transmission, the transmission device converts 01111001, which is plaintext DrB (t−Δt) received in transmission in the opposite direction, into a bit string by a reference table that is held in advance. Bit string conversion based on rules. In the example shown in FIG. 18, it is assumed that a rule for converting the first upper bit of the first subchannel and the first lower bit of the second subchannel is used. As shown in (A32) of FIG. 18, the transmission apparatus encodes 11111000 which is data after bit string conversion and 10110110 which is plaintext D tA (t) transmitted in the forward direction by an exclusive logical operation. 01101110 is generated as As shown in (A43) of FIG. 18, the encoded text 01101110 is modulated by the 2-subchannel 16-value phase amplitude modulation method and transmitted in the forward direction.

 順方向伝送における受信装置は、変調されて信号を受信してアナログ信号を復調して符号化文である11111000を算出する。そして、図18の(A44)に示すように、受信装置は、符号化文である11111000と対向方向に送信した平文DtB(t-Δt)である11111000とを排他的論理演算して復号化し、順方向伝送において受信された平文DrA(t)である10110110を得る。受信装置は、図18の(A45)に示すように、送信装置が用いた参照表と同一の参照表のビット列変換規則に従い、平文DrA(t)である10110110を00110111に変換してメモリに格納する。対向方向の伝送では、順方向の伝送と同様に、(B41)から(B46)が実施される。 The receiving device in the forward transmission receives the modulated signal, demodulates the analog signal, and calculates 11111000 which is an encoded sentence. Then, as shown in (A44) of FIG. 18, the receiving apparatus decodes the encoded text 11111000 and the plaintext D tB (t−Δt) 11111000 transmitted in the opposite direction by performing an exclusive logical operation. , 10110110, which is the plaintext D rA (t) received in the forward transmission. Receiving apparatus, as shown in (A45) of FIG. 18, in accordance with the bit string conversion rule of the same reference table and the reference table transmitting device is used, by converting 10110110 a plaintext D rA (t) to 00110111 in the memory Store. In the transmission in the opposite direction, (B41) to (B46) are performed as in the forward transmission.

 例えば、5サブチャネルを用いた4値位相変調方式の場合、(m,n)は(2,5)となりビットブロックサイズは10ビットとなる。 For example, in the case of a quaternary phase modulation system using 5 subchannels, (m, n) is (2, 5), and the bit block size is 10 bits.

 例えば、5サブチャネルを用いた偏波多重4値位相変調方式の場合、(m,n)はそれぞれ(4,5)となりビットブロックサイズは20ビットとなる。 For example, in the case of a polarization multiplexing quaternary phase modulation system using 5 subchannels, (m, n) is (4, 5), and the bit block size is 20 bits.

 図19は、ビットブロックサイズに対して盗聴者が暗号解読に必要となる計算量を示す図である。図19では、横軸にビットブロックサイズを示し、縦軸に計算時間を示している。図19では、AESにおけるビットブロックサイズに対する計算時間を特性501として示し、本実施の形態のビットブロックサイズに対する計算時間を特性502として示している。例えば、商用化されている256ビットAESと同等の暗号強度を本実施の形態の方式で実現する場合、ビットブロックサイズを60ビットとすればよい。 FIG. 19 is a diagram showing the amount of calculation that an eavesdropper needs to decrypt for the bit block size. In FIG. 19, the horizontal axis indicates the bit block size, and the vertical axis indicates the calculation time. In FIG. 19, the calculation time for the bit block size in AES is shown as a characteristic 501, and the calculation time for the bit block size of the present embodiment is shown as a characteristic 502. For example, when the encryption strength equivalent to commercially available 256-bit AES is realized by the method of this embodiment, the bit block size may be 60 bits.

 図20はマルチチャネルを用いた多値位相振幅変調信号にストリームデータパッド方式を適用した場合の通信装置200の構成例を示す図である。通信装置200は、送信装置5、受信装置6およびデータ処理部70を備える。データ処理部70は、第1のメモリ71、第2のメモリ72、参照表処理部73および硬判定部74を備える。 FIG. 20 is a diagram illustrating a configuration example of the communication apparatus 200 when the stream data pad method is applied to a multi-level phase amplitude modulation signal using multi-channel. The communication device 200 includes a transmission device 5, a reception device 6, and a data processing unit 70. The data processing unit 70 includes a first memory 71, a second memory 72, a reference table processing unit 73, and a hard decision unit 74.

 送信装置5の1:nDeMUX(デマルチプレクサ)51は、送信するシリアルデータのnビットをビットごとにn個に分岐させ、1:mDeMUX(デマルチプレクサ)52-1~52-nに、分岐させたデータをそれぞれ出力する。1:mDeMUX52-1~52-nは、入力されたデータをそれぞれmビットごとに分岐させる。1:mDeMUX52-1~52-nから出力されるデータは第1のメモリ71に格納される。また、第2のメモリ72に格納されているデータが参照表処理部73によりビット列変換される。1:mDeMUX52-1~52-nから出力されるデータは、ビット列変換された結果と排他的論理演算されることにより符号化されて、信号点マップ部53-1~53-nへ入力される。 The 1: nDeMUX (demultiplexer) 51 of the transmission device 5 branches n bits of serial data to be transmitted into n bits for each bit, and branches to 1: mDeMUX (demultiplexer) 52-1 to 52-n. Output each data. 1: The mDeMUXs 52-1 to 52-n branch the input data every m bits. 1: Data output from the mDeMUXs 52-1 to 52-n is stored in the first memory 71. Further, the data stored in the second memory 72 is bit string converted by the reference table processing unit 73. 1: Data output from mDeMUXs 52-1 to 52-n are encoded by performing an exclusive logical operation on the result of bit string conversion, and input to signal point map units 53-1 to 53-n. .

 信号点マップ部53-1~53-nは、入力されたデータに信号点を割当て、信号点を割当てた後のデータをそれぞれデジタルフィルタ54-1~54-nへ出力する。デジタルフィルタ54-1~54-nは、入力されたデータの周波数形状を整形してn:1MUX(マルチプレクサ)56へ出力する。n:1MUX56は、入力されたデータを多重化してDAC(Digital to Analog Converter:デジタルアナログ変換器)57へ出力する。DAC57は、入力されたデータをアナログ信号に変換してドライバ58へ出力する。ドライバ58は、入力されたアナログ信号を増幅して変調器59へ出力する。変調器59は、入力された信号を変調して送信信号として出力する。 Signal point map units 53-1 to 53-n assign signal points to the input data, and output the data after assigning the signal points to digital filters 54-1 to 54-n, respectively. The digital filters 54-1 to 54-n shape the frequency shape of the input data and output it to the n: 1 MUX (multiplexer) 56. The n: 1 MUX 56 multiplexes the input data and outputs the multiplexed data to a DAC (Digital to Analog Converter) 57. The DAC 57 converts the input data into an analog signal and outputs it to the driver 58. The driver 58 amplifies the input analog signal and outputs it to the modulator 59. The modulator 59 modulates the input signal and outputs it as a transmission signal.

 受信装置6では、受信器61が、伝送された信号を受信してADC(Analog to Digital Converter:アナログデジタル変換器)62へ出力する。ADCは、入力された信号をデジタル信号に変換して1:nDeMUX63へ出力する。1:nDeMUX63は、信号をn個に分岐させ、分岐後の信号をそれぞれデジタルフィルタ64-1~64-nに出力する。デジタルフィルタ64-1~64-nは、それぞれが1つのサブチャネルに対応しており、対応するサブチャネルの信号を透過させるようフィルタリングして等化器65-1~65-nへ出力する。等化器65-1~65-nは、デジタルフィルタ64-1から64-nから受け取ったデータに対して伝送路の影響等を補償する処理を実施し、処理後のデータをデータ処理部70へ出力する。データ処理部70の硬判定部74は、入力された信号を硬判定して元のビット値を復元し、参照表処理部73へ出力する。参照表処理部73は、参照表を用いてビット列変換を行い、変換後の値を第2のメモリ72に格納する。 In the receiving device 6, the receiver 61 receives the transmitted signal and outputs it to an ADC (Analog to Digital Converter) 62. The ADC converts the input signal into a digital signal and outputs it to the 1: nDeMUX 63. 1: nDeMUX 63 branches the signal into n and outputs the branched signals to digital filters 64-1 to 64-n, respectively. Each of the digital filters 64-1 to 64-n corresponds to one subchannel, and performs filtering so as to transmit the signal of the corresponding subchannel and outputs the filtered signals to the equalizers 65-1 to 65-n. The equalizers 65-1 to 65-n perform processing for compensating for the influence of the transmission path on the data received from the digital filters 64-1 to 64-n, and the processed data is processed by the data processing unit 70. Output to. The hard decision unit 74 of the data processing unit 70 makes a hard decision on the input signal, restores the original bit value, and outputs it to the reference table processing unit 73. The reference table processing unit 73 performs bit string conversion using the reference table, and stores the converted value in the second memory 72.

 等化器65-1~65-nから出力されたデータは第2のメモリ72に格納されたデータが参照表処理部73により並び替えられたデータと排他的論理演算される。この排他的論理演算の結果は、m:1MUX66-1~66-nが受け取る。m:1MUX66-1~66-nは、受け取ったデータを結合して、受信データとして出力する。 The data output from the equalizers 65-1 to 65-n is subjected to an exclusive logical operation with data obtained by rearranging the data stored in the second memory 72 by the reference table processing unit 73. The result of this exclusive logical operation is received by m: 1 MUX 66-1 to 66-n. m: 1 MUX 66-1 to 66-n combine the received data and output as received data.

 以上のように、本実施の形態では、変調技術および信号処理技術のうち少なくも一方と実施の形態1の符号化を併用する例を説明した。これにより、実施の形態1に比べてさらに秘匿性を高めることができる。 As described above, in the present embodiment, the example in which at least one of the modulation technique and the signal processing technique is used in combination with the encoding of the first embodiment has been described. Thereby, confidentiality can be further improved as compared with the first embodiment.

 なお、実施の形態1から実施の形態3で述べた構成要素のうち、受信器、送信器およびメモリ以外は、それぞれが処理回路により実現される。処理回路はアナログ回路であってもよいしデジタル回路であってもよい。また、処理回路は専用ハードウエアであってもよいし、プロセッサを備える制御回路であってもよい。なお、本発明にかかる符号化を実施する符号器、暗号器および復号器は、排他的論理和回路により実現することができる。実施の形態1から実施の形態3で述べた構成要素のうちの少なくとも一部が制御回路により実現される場合、制御回路は例えば図21に示した構成を有する。 Of the constituent elements described in the first to third embodiments, each other than the receiver, transmitter, and memory is realized by a processing circuit. The processing circuit may be an analog circuit or a digital circuit. The processing circuit may be dedicated hardware or a control circuit including a processor. Note that the encoder, the encryptor, and the decoder that perform the encoding according to the present invention can be realized by an exclusive OR circuit. When at least a part of the constituent elements described in the first to third embodiments is realized by a control circuit, the control circuit has, for example, the configuration shown in FIG.

 図21は、制御回路の構成例を示す図である。制御回路300は、プロセッサ301およびメモリ302を備える。プロセッサ301は、CPU(Central Processing Unit)、マイクロプロセッサ等である。実施の形態1から実施の形態3で述べた構成要素のうちの少なくとも一部が制御回路により実現される場合、制御回路に実現される各部は、メモリ302に格納されたプログラムがプロセッサ301により実行されることにより実現される。メモリ302は、プロセッサ301によりプログラムが実行される際の記憶領域としても用いられる。 FIG. 21 is a diagram illustrating a configuration example of the control circuit. The control circuit 300 includes a processor 301 and a memory 302. The processor 301 is a CPU (Central Processing Unit), a microprocessor, or the like. When at least some of the components described in the first to third embodiments are realized by a control circuit, each unit realized in the control circuit executes a program stored in the memory 302 by the processor 301 Is realized. The memory 302 is also used as a storage area when a program is executed by the processor 301.

 以上の実施の形態に示した構成は、本発明の内容の一例を示すものであり、別の公知の技術と組み合わせることも可能であるし、本発明の要旨を逸脱しない範囲で、構成の一部を省略、変更することも可能である。 The configuration described in the above embodiment shows an example of the contents of the present invention, and can be combined with another known technique, and can be combined with other configurations without departing from the gist of the present invention. It is also possible to omit or change the part.

 1-1~1-5,1a-1,1a-2,200 通信装置、5 送信装置、6 受信装置、10 制御部、11 符号器、12 送信器、13,14 メモリ、15 受信器、16,18 復号器、17 暗号器、70 データ処理部、100,100a 通信システム。 1-1 to 1-5, 1a-1, 1a-2, 200 communication device, 5 transmission device, 6 reception device, 10 control unit, 11 encoder, 12 transmitter, 13, 14 memory, 15 receiver, 16 , 18 Decryptor, 17 Encryptor, 70 Data processing unit, 100, 100a communication system.

Claims (11)

 通信相手の通信装置から第1の符号化文を受信する受信器と、
 第1の時刻に送信する第1の平文と、前記第1の時刻より前の第2の時刻に前記通信相手の通信装置から送信された前記第1の符号化文が復号されて得られた第2の平文と、を用いた符号化を実施して第2の符号化文を生成する符号器と、
 前記第2の符号化文を前記通信相手の通信装置へ送信する送信器と、
 前記第1の符号化文を前記第2の時刻に送信した前記第1の平文を用いて復号して前記第2の平文を生成する復号器と、
 を備えることを特徴とする通信装置。 A receiver for receiving a first encoded text from a communication device of a communication partner;
Obtained by decoding the first plaintext transmitted at the first time and the first encoded text transmitted from the communication device of the communication partner at the second time before the first time A second plaintext, and an encoder that performs encoding using and generates a second encoded text;
A transmitter for transmitting the second encoded text to the communication partner communication device;
A decoder for decoding the first encoded text using the first plaintext transmitted at the second time to generate the second plaintext;
A communication apparatus comprising:  前記第1の平文が格納される第1のメモリと、
 前記第2の平文が格納される第2のメモリと、
 を備えることを特徴とする請求項1に記載の通信装置。 A first memory in which the first plaintext is stored;
A second memory in which the second plaintext is stored;
The communication apparatus according to claim 1, further comprising:  前記符号器は、前記第1の時刻に送信する第1の平文と、前記第2の時刻に前記通信相手の通信装置から送信された前記第1の符号化文を復号して得られる前記第2の平文と、前記通信相手の通信装置と共通の秘密鍵とを用いた符号化を実施して前記第2の符号化文を生成することを特徴とする請求項1に記載の通信装置。 The encoder is configured to decode the first plaintext transmitted at the first time and the first encoded text transmitted from the communication device of the communication partner at the second time. The communication apparatus according to claim 1, wherein the second encoded text is generated by performing encoding using two plaintexts and a secret key shared with the communication apparatus of the communication partner.  前記符号器は、前記第1の時刻に送信する第1の平文と、前記第2の時刻に前記通信相手の通信装置から送信された前記第1の符号化文を復号して得られる前記第2の平文と、前記通信相手の通信装置と共通の秘密鍵とを用いた符号化を実施して前記第2の符号化文を生成することを特徴とする請求項2に記載の通信装置。 The encoder is configured to decode the first plaintext transmitted at the first time and the first encoded text transmitted from the communication device of the communication partner at the second time. The communication apparatus according to claim 2, wherein the second encoded text is generated by performing encoding using a plaintext of 2 and a secret key common to the communication apparatus of the communication partner.  前記第1のメモリが前記第1の平文を保持する時間と、前記第2のメモリが前記第2の平文を保持する時間とは同一のメモリ保持時間であり、前記メモリ保持時間は前記秘密鍵として用いられることを特徴とする請求項4に記載の通信装置。 The time that the first memory holds the first plaintext and the time that the second memory holds the second plaintext are the same memory holding time, and the memory holding time is the secret key The communication apparatus according to claim 4, wherein the communication apparatus is used as a communication apparatus.  前記符号器は、前記第1の時刻に送信する第1の平文と、前記秘密鍵とを用いた第1の符号化を行い、前記第1の符号化の結果と前記第2の時刻に前記通信相手の通信装置から送信された前記第1の符号化文を復号して得られる前記第2の平文とを用いた第2の符号化を実施することを特徴とする請求項3から5のいずれか1つに記載の通信装置。 The encoder performs first encoding using the first plaintext to be transmitted at the first time and the secret key, and at the second time and the result of the first encoding. 6. The second encoding using the second plaintext obtained by decoding the first encoded text transmitted from a communication apparatus of a communication partner is performed. The communication apparatus as described in any one.  前記符号器は、前記第2の時刻に前記通信相手の通信装置から送信された前記第1の符号化文を復号して得られる前記第2の平文と、前記秘密鍵とを用いた第1の符号化を行い、前記第1の符号化の結果と前記第1の時刻に送信する第1の平文とを用いた第2の符号化を実施することを特徴とする請求項3から5のいずれか1つに記載の通信装置。 The encoder uses the second plaintext obtained by decrypting the first encoded text transmitted from the communication device of the communication partner at the second time, and the first using the secret key. The second encoding using the result of the first encoding and the first plaintext to be transmitted at the first time is performed. The communication apparatus as described in any one.  前記第2の符号化文を多値位相振幅変調して送信することを特徴とする請求項1から7のいずれか1つに記載の通信装置。 The communication apparatus according to any one of claims 1 to 7, wherein the second encoded text is subjected to multi-level phase amplitude modulation and transmitted.  前記第2の符号化文を複数の周波数を用いて送信することを特徴とする請求項1から8のいずれか1つに記載の通信装置。 The communication apparatus according to any one of claims 1 to 8, wherein the second encoded text is transmitted using a plurality of frequencies.  第1の通信装置と、前記第1の通信装置の通信相手の通信装置である第2の通信装置とを備える通信システムであって、
 前記第1の通信装置は、
 前記第2の通信装置から第1の符号化文を受信する第1の受信器と、
 第1の時刻に送信する第1の平文と、前記第1の時刻より前の第2の時刻に前記第2の通信装置から送信された前記第1の符号化文が復号されて得られた第2の平文と、を用いた符号化を実施して第2の符号化文を生成する第1の符号器と、
 前記第2の符号化文を前記第2の通信装置へ送信する第1の送信器と、
 前記第2の通信装置から受信した前記第1の符号化文を前記第2の時刻に送信した前記第1の平文を用いて復号して前記第2の平文を生成する第1の復号器と、
 を備え、
 前記第2の通信装置は、
 前記第1の通信装置から第2の符号化文を受信する第2の受信器と、
 前記第1の時刻に送信する第2の平文と、前記2の時刻に前記第1の通信装置から送信された前記第2の符号化文が復号されて得られた前記第2の平文と、を用いた符号化を実施して前記第1の符号化文を生成する第2の符号器と、
 前記第1の符号化文を前記第1の通信装置へ送信する第2の送信器と、
 前記第1の通信装置から受信した前記第2の符号化文を前記第2の時刻に送信した前記第2の平文を用いて復号して前記第1の平文を生成する第2の復号器と、
 を備えることを特徴とする通信システム。 A communication system comprising a first communication device and a second communication device that is a communication device of a communication partner of the first communication device,
The first communication device is:
A first receiver for receiving a first encoded text from the second communication device;
Obtained by decoding the first plaintext transmitted at the first time and the first encoded text transmitted from the second communication device at the second time prior to the first time A first encoder that performs encoding using the second plaintext to generate a second encoded text;
A first transmitter for transmitting the second encoded text to the second communication device;
A first decoder for decoding the first encoded text received from the second communication device using the first plaintext transmitted at the second time to generate the second plaintext; ,
With
The second communication device is:
A second receiver for receiving a second encoded text from the first communication device;
A second plaintext transmitted at the first time, and a second plaintext obtained by decoding the second encoded text transmitted from the first communication device at the second time, A second encoder that performs encoding using and generates the first encoded sentence;
A second transmitter for transmitting the first encoded text to the first communication device;
A second decoder for decoding the second encoded text received from the first communication device using the second plaintext transmitted at the second time to generate the first plaintext; ,
A communication system comprising:  第1の通信装置と、前記第1の通信装置の通信相手の通信装置である第2の通信装置とを備える通信システムにおける通信方法であって、
 前記第1の通信装置から前記第2の通信装置へ向かう方向である順方向伝送において、
 前記第1の通信装置が、第1の時刻に送信する第1の平文と、前記第1の時刻より前の第2の時刻に前記第2の通信装置から送信された第1の符号化文が復号されて得られた第2の平文と、を用いた符号化を実施して第2の符号化文を生成する第1のステップと、
 前記第1の通信装置が、前記第2の符号化文を前記第2の通信装置へ送信する第2のステップと、
 前記第2の通信装置が、前記第1の通信装置から受信した前記第2の符号化文を前記第2の時刻に送信した前記第2の平文を用いて復号して前記第1の平文を生成する第4のステップと、
 を含み、
 前記第2の通信装置から前記第1の通信装置へ向かう方向である対向方向伝送において、
 前記第2の通信装置が、前記第1の時刻に送信する第2の平文と、前記第2の時刻に前記第1の通信装置から送信された前記第2の符号化文が復号されて得られた前記第2の平文と、を用いた符号化を実施して前記第1の符号化文を生成する第5のステップと、
 前記第2の通信装置が、前記第1の符号化文を前記第1の通信装置へ送信する第6のステップと、
 前記第1の通信装置が、前記第2の通信装置から受信した前記第1の符号化文を前記第2の時刻に送信した前記第1の平文を用いて復号して前記第2の平文を生成する第7のステップと、
 を含むことを特徴とする通信方法。 A communication method in a communication system comprising a first communication device and a second communication device that is a communication device of a communication partner of the first communication device,
In forward transmission, which is a direction from the first communication device to the second communication device,
The first plaintext transmitted by the first communication device at a first time, and the first encoded text transmitted from the second communication device at a second time before the first time. A first plaintext obtained by decoding the first plaintext, and a first step of generating a second encoded text by performing encoding using
A second step in which the first communication device transmits the second encoded text to the second communication device;
The second communication device decodes the second encoded text received from the first communication device by using the second plaintext transmitted at the second time and decodes the first plaintext. A fourth step of generating;
Including
In opposite direction transmission, which is a direction from the second communication device to the first communication device,
The second plaintext transmitted by the second communication device at the first time and the second encoded text transmitted from the first communication device at the second time are obtained by decoding. A second step of generating the first encoded text by performing encoding using the second plaintext received,
A sixth step in which the second communication device transmits the first encoded text to the first communication device;
The first communication device decodes the first encoded text received from the second communication device using the first plaintext transmitted at the second time, and the second plaintext is decoded. A seventh step of generating;
A communication method comprising:
PCT/JP2016/084482 2016-11-21 2016-11-21 Communication device, communication system and communication method Ceased WO2018092313A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2016/084482 WO2018092313A1 (en) 2016-11-21 2016-11-21 Communication device, communication system and communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2016/084482 WO2018092313A1 (en) 2016-11-21 2016-11-21 Communication device, communication system and communication method

Publications (1)

Publication Number Publication Date
WO2018092313A1 true WO2018092313A1 (en) 2018-05-24

Family

ID=62146363

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2016/084482 Ceased WO2018092313A1 (en) 2016-11-21 2016-11-21 Communication device, communication system and communication method

Country Status (1)

Country Link
WO (1) WO2018092313A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH03129936A (en) * 1989-10-14 1991-06-03 Mitsubishi Electric Corp Network method and its device
JPH0983507A (en) * 1995-09-19 1997-03-28 Hitachi Inf Syst Ltd How to generate and share encryption keys
JPH09238132A (en) * 1996-02-29 1997-09-09 Oki Electric Ind Co Ltd Portable terminal communication system and communication method thereof
JPH10327143A (en) * 1997-05-23 1998-12-08 Nec Corp Data transmission system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH03129936A (en) * 1989-10-14 1991-06-03 Mitsubishi Electric Corp Network method and its device
JPH0983507A (en) * 1995-09-19 1997-03-28 Hitachi Inf Syst Ltd How to generate and share encryption keys
JPH09238132A (en) * 1996-02-29 1997-09-09 Oki Electric Ind Co Ltd Portable terminal communication system and communication method thereof
JPH10327143A (en) * 1997-05-23 1998-12-08 Nec Corp Data transmission system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
TAKESHI HATTORI, OFDM/OFDMA TEXTBOOK, 21 September 2008 (2008-09-21), pages 2-6, 17 - 18 *

Similar Documents

Publication Publication Date Title
JP6740902B2 (en) Authentication encryption method, authentication decryption method, and information processing apparatus
JP2016513825A (en) Safety communication method and apparatus
KR101600016B1 (en) method of encrypting data using Homomorphic Encryption and Computing device performing the method
US20160173276A1 (en) Authenticated encryption device, authenticated encryption method, and program for authenticated encryption
TW200828936A (en) Encryption processor, encryption processing method, and computer program
EP2556613A1 (en) Processing transport packets
US20150016606A1 (en) Generating device, re-encrypting device, method, and computer program product
US20140044262A1 (en) Low Latency Encryption and Authentication in Optical Transport Networks
CN114244507A (en) Quantum direct communication method, device, equipment and system based on single-path transmission
CA3135046C (en) Enhanced randomness for digital systems
WO2016067524A1 (en) Authenticated encryption apparatus, authenticated decryption apparatus, authenticated cryptography system, authenticated encryption method, and program
CN114051208B (en) Method, device and computer-readable storage medium for vehicle-ground safety communication
US20170041133A1 (en) Encryption method, program, and system
JP2007043353A (en) Transmission / reception system and method, transmission device and method, reception device and method, and program
JP2009088641A (en) Transmission / reception method, communication system, and transmission apparatus
WO2017094561A1 (en) Encryption device, cryptographic communication system and encrypted transmission method
CN116208326A (en) Data transmission method, device, system, storage medium and electronic equipment
JP4860708B2 (en) Stream cipher method and cipher system
JP2017167390A (en) Information processing apparatus, information processing method, and program
US20140294176A1 (en) Generating device, encryption device, decryption device, generating method, encryption method, decryption method, and computer program product
KR101566416B1 (en) Method and device of data encription with increased security
JP6167721B2 (en) ENCRYPTION DEVICE, DECRYPTION DEVICE, ENCRYPTION METHOD, DECRYPTION METHOD, AND PROGRAM
CN109889327B (en) Shared key generation method and device
WO2018092313A1 (en) Communication device, communication system and communication method
US11196447B2 (en) Computer-implemented method for error-correction-encoding and encrypting of a file

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16921940

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16921940

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP