Secret key transfer method which is highly secure and can restrict the damage caused when the secret key is leaked or decoded
First Claim
1. A secret key transfer technique, used in an encrypted communication system composed of a transmission apparatus and a reception apparatus which perform encrypted communication using one secret key selected out of a plurality of secret keys, whereby the transmission apparatus informs the reception apparatus of the selected secret key,the transmission apparatus comprising:
- first secret key storing means for storing the plurality of secret keys;
secret key selecting means for selecting one secret key out of the plurality of secret keys stored in the first secret key storing means;
message generating means for generating a message;
first encrypting means for encrypting the message according to a first encryption algorithm using the secret key selected by the secret key selecting means as an encryption key to produce a first cryptogram;
second encrypting means for encrypting the message according to a second encryption algorithm using the message as an encryption key to produce a second cryptogram; and
transferring means for transferring the first cryptogram and the second cryptogram to the reception apparatus,and the reception apparatus comprising;
second secret key storing means for storing the plurality of secret keys;
reception means for receiving the first cryptogram and the second cryptogram transferred from the transmission apparatus;
first decrypting means for decrypting the received first cryptogram according to a first decryption algorithm using one secret key selected from the plurality of secret keys as a decryption key to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of the first encryption algorithm;
second decrypting means for decrypting the received second cryptogram according to a second decryption algorithm using the first set of decrypted data as a decryption key to produce a second set of decrypted data, wherein the second decryption algorithm is an inverse transformation of the second encryption algorithm;
judging means for judging whether the first set of decrypted data matches the second set of decrypted data and, when the sets of decrypted data match, for authorizing that the secret key used by the first decryption means is the secret key selected by the transmission apparatus; and
repetition control means for having a decryption by the first decrypting means, a decryption by the second decrypting means, and a judgement and an authorization by the judging means repeated for each of the plurality of secret keys in the second secret key storage means in order.
2 Assignments
0 Petitions
Accused Products
Abstract
A transmission apparatus 100 includes a secret key storage unit 103 that stores three secret keys K1, K2 and K3, a secret key selection unit 104 that selects one secret key Ks from the secret keys, a message generation unit 106 for generating a message M used as a carrier for indicating a secret key, an encryption module 105 for generating a cryptogram Ca by encrypting the generated message M using the secret key Ks, an encryption module 107 for generating a cryptogram Cm by encrypting the message M using the message M itself as the secret key, and two transmission units 111 and 112 for transmitting the cryptograms Ca and Cm to the reception apparatus 200 to indicate the selected secret key Ks. The reception apparatus 200 includes a decryption module, such as 221, for generating decrypted data Mi by decrypting the cryptogram Ca using a secret key Ki out of the three secret keys, and a decryption module, such as 222, for generating decrypted data Mii by decrypting the cryptogram Cm using the decrypted data Mi, and authorizes that the secret key Ki has been selected when the decrypted data Mi matches the decrypted data Mii.
-
Citations
14 Claims
-
1. A secret key transfer technique, used in an encrypted communication system composed of a transmission apparatus and a reception apparatus which perform encrypted communication using one secret key selected out of a plurality of secret keys, whereby the transmission apparatus informs the reception apparatus of the selected secret key,
the transmission apparatus comprising: -
first secret key storing means for storing the plurality of secret keys; secret key selecting means for selecting one secret key out of the plurality of secret keys stored in the first secret key storing means; message generating means for generating a message; first encrypting means for encrypting the message according to a first encryption algorithm using the secret key selected by the secret key selecting means as an encryption key to produce a first cryptogram; second encrypting means for encrypting the message according to a second encryption algorithm using the message as an encryption key to produce a second cryptogram; and transferring means for transferring the first cryptogram and the second cryptogram to the reception apparatus, and the reception apparatus comprising; second secret key storing means for storing the plurality of secret keys; reception means for receiving the first cryptogram and the second cryptogram transferred from the transmission apparatus; first decrypting means for decrypting the received first cryptogram according to a first decryption algorithm using one secret key selected from the plurality of secret keys as a decryption key to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of the first encryption algorithm; second decrypting means for decrypting the received second cryptogram according to a second decryption algorithm using the first set of decrypted data as a decryption key to produce a second set of decrypted data, wherein the second decryption algorithm is an inverse transformation of the second encryption algorithm; judging means for judging whether the first set of decrypted data matches the second set of decrypted data and, when the sets of decrypted data match, for authorizing that the secret key used by the first decryption means is the secret key selected by the transmission apparatus; and repetition control means for having a decryption by the first decrypting means, a decryption by the second decrypting means, and a judgement and an authorization by the judging means repeated for each of the plurality of secret keys in the second secret key storage means in order. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A transmission apparatus for use in an encrypted communication system composed of a transmission apparatus and a reception apparatus which perform encrypted communication using one secret key selected out of a plurality of secret keys, with the transmission apparatus informing the reception apparatus of the selected secret key,
the transmission apparatus comprising: -
secret key storing means for storing the plurality of secret keys; secret key selecting means for selecting one secret key out of the plurality of secret keys that are stored in the secret key storing means; message generating means for generating a message; first encrypting means for encrypting the message according to a first encryption algorithm using the secret key selected by the secret key selecting means as an encryption key to produce a first cryptogram; second encrypting means for encrypting the message according to a second encryption algorithm using the message as an encryption key to produce a second cryptogram; and transferring means for transferring the first cryptogram and the second cryptogram to the reception apparatus. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A reception apparatus for use in an encrypted communication system composed of a transmission apparatus and a reception apparatus which perform encrypted communication using one secret key selected out of a plurality of secret keys, the reception apparatus receiving a first cryptogram and a second cryptogram from the transmission apparatus to indicate the selected secret key,
the reception apparatus comprising: -
secret key storing means for storing the plurality of secret keys; reception means for receiving the first cryptogram and the second cryptogram transferred from the transmission apparatus; first decrypting means for decrypting the received first cryptogram according to a first decryption algorithm using one secret key selected from the plurality of secret keys as a decryption key to produce a first set of decrypted data, wherein the first decryption algorithm is an inverse transformation of a first encryption algorithm that was used to encrypt the first cryptogram; second decrypting means for decrypting the received second cryptogram according to a second decryption algorithm using the first set of decrypted data as a decryption key to produce a second set of decrypted data, wherein the second decryption algorithm is an inverse transformation of a second encryption algorithm that was used to encrypt the second cryptogram; judging means for judging whether the first set of decrypted data matches the second set of decrypted data and, when the sets of decrypted data match, for authorizing that the secret key used by the first decryption means is a secret key selected by the transmission apparatus; and repetition control means for having a decryption by the first decrypting means, a decryption by the second decrypting means, and a judging and an authorizing by the judging means repeated for each of the plurality of secret keys in the secret key storage means in order. - View Dependent Claims (14)
-
Specification