Encrypted communication system that limits the damage caused when a secret key has been leaked
First Claim
1. An encrypted communication system composed of n reception apparatuses and a single transmission apparatus for transferring digital information to the n reception apparatuses, wherein the n reception apparatuses are classified into m groups, and k secret keys selected from a total of m*k secret keys are exclusively distributed to each group,the transmission apparatus comprising:
- secret key storage means for storing the m*k secret keys associated with the groups to which the secret keys are distributed;
secret key selecting means for selecting one secret key for each group out of the k secret keys which are stored in the secret key storage means corresponding to each group;
first encrypting means for encrypting a plaintext using each of the m secret keys read by the secret key selecting means to produce m type 1 cryptograms;
second encrypting means for generating a type 2 cryptogram that helps identify the m secret keys used by the first encrypting means; and
transfer means for transferring m pairs that each include(1) one of the type 1 cryptograms, and(2) the type 2 cryptogramto the n reception apparatuses,each pair of one type 1 cryptogram and the type 2 cryptogram being transferred to every reception apparatus to which the secret key used to generate the type 1 cryptogram has been distributed,and each of the n reception apparatuses comprising;
secret key storage means for storing k secret keys that have been distributed to the group to which the reception apparatus belongs;
reception means for receiving a pair of a type 1 cryptogram and a type 2 cryptogram for the transmission apparatus;
first decrypting means for decrypting the received type 1 cryptogram using each of the k secret keys in the secret key storage means separately to generate k type 1 decrypted texts; and
judging means for judging whether any of the k type 1 decrypted texts generated by the first decrypting means has predetermined relation with the type 2 cryptogram and, on judging that at last one type 1 decrypted text has the predetermined relation, confirming that the secret key used to generate the type 1 decrypted text that has the predetermined relation is identical to the secret key that was used to generate the type 1 cryptogram,wherein the type 2 cryptogram has a content that is unrelated to the m secret keys used by the first encrypting means,wherein the second encrypting means generates the type 2 cryptogram by encrypting the plaintext,wherein the judging means includes a second decrypting means for generating a type 2 decrypted text, judges whether any of the k type 1 decrypted texts matches the generated type 2 decrypted text, and when at least one of the k type 1 decrypted texts matches the type 2 decrypted text, confirms that the secret key used to generate the matching type 1 decrypted text is identical to the secret key that was used to generate the type 1 cryptogram, andwherein the second encrypting means encrypts the plaintext using the plaintext as an encryption key, and the second decrypting means decrypts the type 2 cryptogram separately using each of the type 1 decrypted tests as a decryption key.
0 Assignments
0 Petitions
Accused Products
Abstract
In an encrypted transmission system composed of one transmission apparatus 10 and twenty-eight reception apparatuses A1-G4 that are classified into seven groups A-G, two secret key exclusively selected out of a total of fourteen secret keys are distributed beforehand to each group. The transmission apparatus 10 encrypts the same message M using one of the two secret keys distributed to each group and sends each group a message M encrypted with one of the group'"'"'s secret keys. The reception apparatuses each decrypt the received cryptogram separately using each of the secret keys assigned to the of group to which each reception apparatus belongs, judge whether either of the two decryption results conforms to a predetermined rule, and specify the correct decryption result.
33 Citations
3 Claims
-
1. An encrypted communication system composed of n reception apparatuses and a single transmission apparatus for transferring digital information to the n reception apparatuses, wherein the n reception apparatuses are classified into m groups, and k secret keys selected from a total of m*k secret keys are exclusively distributed to each group,
the transmission apparatus comprising: -
secret key storage means for storing the m*k secret keys associated with the groups to which the secret keys are distributed; secret key selecting means for selecting one secret key for each group out of the k secret keys which are stored in the secret key storage means corresponding to each group; first encrypting means for encrypting a plaintext using each of the m secret keys read by the secret key selecting means to produce m type 1 cryptograms; second encrypting means for generating a type 2 cryptogram that helps identify the m secret keys used by the first encrypting means; and transfer means for transferring m pairs that each include (1) one of the type 1 cryptograms, and (2) the type 2 cryptogram to the n reception apparatuses, each pair of one type 1 cryptogram and the type 2 cryptogram being transferred to every reception apparatus to which the secret key used to generate the type 1 cryptogram has been distributed, and each of the n reception apparatuses comprising; secret key storage means for storing k secret keys that have been distributed to the group to which the reception apparatus belongs; reception means for receiving a pair of a type 1 cryptogram and a type 2 cryptogram for the transmission apparatus; first decrypting means for decrypting the received type 1 cryptogram using each of the k secret keys in the secret key storage means separately to generate k type 1 decrypted texts; and judging means for judging whether any of the k type 1 decrypted texts generated by the first decrypting means has predetermined relation with the type 2 cryptogram and, on judging that at last one type 1 decrypted text has the predetermined relation, confirming that the secret key used to generate the type 1 decrypted text that has the predetermined relation is identical to the secret key that was used to generate the type 1 cryptogram, wherein the type 2 cryptogram has a content that is unrelated to the m secret keys used by the first encrypting means, wherein the second encrypting means generates the type 2 cryptogram by encrypting the plaintext, wherein the judging means includes a second decrypting means for generating a type 2 decrypted text, judges whether any of the k type 1 decrypted texts matches the generated type 2 decrypted text, and when at least one of the k type 1 decrypted texts matches the type 2 decrypted text, confirms that the secret key used to generate the matching type 1 decrypted text is identical to the secret key that was used to generate the type 1 cryptogram, and wherein the second encrypting means encrypts the plaintext using the plaintext as an encryption key, and the second decrypting means decrypts the type 2 cryptogram separately using each of the type 1 decrypted tests as a decryption key.
-
-
2. A transmission apparatus for transferring digital information to n reception apparatuses, wherein the n reception apparatuses are classified into m groups, and k secret keys selected from a total of m*k secret keys are exclusively distributed to each group, comprising:
-
secret key storage means for storing the m*k secret keys associated with the groups to which the secret keys are distributed; secret key selecting means for selecting one secret key for each group out of the k secret keys which are stored in the secret key storage means corresponding to each group; first encrypting means for encrypting a plaintext using each of the m secret keys read by the secret key selecting means to produce m type 1 cryptograms; second encrypting means for generating a type 2 cryptogram that helps identify the m secret keys used by the first encrypting means; and transfer means for transferring m pairs that each include (1) one of the type 1 cryptograms, and (2) the type 2 cryptogram to the n reception apparatuses, each pair of one type 1 cryptogram and the type 2 cryptogram being transferred to every reception apparatus to which the secret key used to generate the type 1 cryptogram has been distributed, wherein the type 2 cryptogram has a content that is unrelated to the m secret keys used by the first encrypting means, wherein the second encrypting means generates the type 2 cryptogram by encrypting the plaintext, and wherein the second encrypting means encrypts the plaintext using the plaintext as an encryption key.
-
-
3. A reception apparatus for receiving digital information transferred from one transmission apparatus, comprising:
-
secret key storage means for storing k secret keys that have been distributed to the reception apparatus beforehand; reception means for receiving a pair of a type 1 cryptogram and a type 2 cryptogram for the transmission apparatus; first decrypting means for decrypting the received type 1 cryptogram using each of the k secret keys in the secret key storage means separately to generate k type 1 decrypted texts; and judging means for judging whether any of the k type 1 decrypted texts generated by the first decrypting means has a predetermined relation with the type 2 cryptogram and, on judging that at least one type 1 decrypted text has the predetermined relation, confirming that the secret key used to generate the type 1 decrypted text that has the predetermined relation is identical to a secret key that was used to generate the type 1 cryptogram, wherein the type 2 cryptogram has a content that is unrelated to the k secret keys, wherein the type 2 cryptogram is generated by encrypting a plaintext which was encrypted into the type 1 cryptogram, wherein the judging means includes a second decrypting means for generating a type 2 decrypted text, judges whether any of the k type 1 decrypted texts matches the generated type 2 decrypted text, and when at least one of the k type 1 decrypted texts matches the type 2 decrypted text, confirms that the secret key used to generate the matching type 1 decrypted text is identical to the secret key that was used to generate the type 1 cryptogram, and wherein the plaintext is encrypted using the plaintext as an encryption key, and the second decrypting means decrypts the type 2 cryptogram separately using each of the type 1 decrypted texts as a decryption key.
-
Specification