JPH0276331A - Method and device for continuous encipherment which is responded continuously - Google Patents

Abstract

PURPOSE: To eliminate the need for a public key or a predetermined secret key by adopting the configuration such that a message itself communicated between stations provides a ciphering key and a message sent from each station provides a deciphering key. CONSTITUTION: In a station 1, a bit A of a 1st bit stream is mixed with a bit (B-1) of a 2nd bit stream received from a station 3 to produce a ciphered bit A, and it is sent to the station 3 as part of a 3rd bit stream. Then the station 3 receives it and mixes it with the bit (B-1) of the 2nd bit stream to produce a deciphered bit A in the 1st bit stream. Moreover, the bit B of the 2nd bit stream is mixed with the deciphered bit A of the 1st bit stream to produce a 4th bit stream including the ciphered bit B and it is sent to the station 1. The station 1 receives it and mixes it with the bit A of the 1st bit stream to produce the deciphered bit B in the 2nd bit stream. Exclusive OR gates 7, 11, 13, 19 are used for mixers.

Description

[Detailed Description of the Invention] [Field of Industrial Application] The present invention provides a method and apparatus for encrypting confidential information and transmitting the encrypted information through public or private communication equipment without using a predetermined encryption signal. It is related to. Such encryption signals are called "keys" and are electronically added to confidential information to encrypt the information before it is transmitted, thereby preventing illegal interception of the information. Upon receipt, the same key is electronically bound to the received message to decrypt, or decipher, the information by separating the key from the received information.

The present invention relates to facsimile communications and computer networks where it is desirable to carry out confidential communications.

It can also be applied in all other types of digital communications.

BACKGROUND OF THE INVENTION In order to prevent illegal access to information, information is encrypted before it is transmitted to the public or over private communication media that does not have confidentiality measures in place. As described in the prior art, a simple method for encrypting such information is to use a key signal modulo 2 (submodulo) of a character or series of characters to encrypt the information to be encrypted. -2) Addition. This applies to exclusive logic gates such as the standard TTL7486 EXCLUSIVB OR gate manufactured by companies such as National Semiconductor Corporation, 2900 Semiconductor Drive, Santa Clara, California. This can be done using a sum logic gate.

The results of the exclusive OR logical operation are as shown in the truth table below.

B.C. i1 Encryption methods generally use two different key signals.

That is, a private key and a public key.
c) a key is used. In the secret key system, a key is predetermined between the parties and is delivered by messenger or other secret method from the sender to the recipient of the encrypted message. The sender then encrypts the confidential message and transmits the message in encrypted form over public or private communication lines.

The recipient decrypts the encrypted message using a predetermined key.

For example, the series of bits that make up digital message A is 1010, and key B is the series of bits l too
Assuming that, when each bit of message A is passed through an exclusive OR circuit together with key B at the sending station, an encrypted message C, 0110 is obtained. When message C is passed through an exclusive OR circuit together with key B at the receiving station, message A is decrypted as 1010.

[Problems to be Solved by the Invention] The problem with this private key encryption method is that the predetermined key must be notified in advance. That is, unless the recipient is previously notified of the encryption key by some method, messages cannot be sent unilaterally between the parties.

Public key schemes can be used to solve the problems inherent in private key schemes. In this scheme, the sender and receiver each use a public key for encryption and a private key for decryption. Each party sends a message encrypted using the recipient's public encryption key and decrypts the message it receives using its own private decryption key. However, if the eavesdropper obtains the decryption key, he or she can decrypt the message. Therefore, once the public encryption key is made widely public, it cannot be easily changed, so there is a greater risk of eavesdropping than with the private key system.

The present invention provides a system that does not require a public key and does not require a private key to be determined in advance before sending a message.

The system of the invention described herein is a full-duplex communication system between stations, in which the messages being exchanged themselves contain the encryption keys necessary for encrypting the messages and transmitting them from each station. This is what we provide. Messages originating from each station provide the decryption keys needed to decrypt messages received from other stations.

Therefore, the object of this invention was published.

or without the need for a predetermined private key,
It provides an encryption method for confidentially communicating information through public communication systems.

Another object of the invention is to provide relatively inexpensive secure two-way communications.

Yet another object of the invention is to provide an encryption method that is easy to use.

SUMMARY OF THE INVENTION In the embodiments described herein, messages are transmitted in binary form. Bit synchronization protocols are provided by standard communication terminal equipment used with this invention and are appended to and removed from messages independent of the encryption/decryption scheme of this invention. is known in the art, which uses a synchronization signal to synchronize timing devices in the terminal hardware of both transmitting and receiving stations, so that the receiving station can keep track of the bits of data transmitted by the transmitting station. are recognized in the same order as they were transmitted or in the time-compensated order.

In embodiments of the invention, two transmission lines are always used. This is known as full duplex communication. The first line is used to transmit a signal from station X to station Y, and the second line is used to transmit a second signal from station Y to station X.

In the present invention, successful encryption and decoding requires that the transmission and reception of both signals by each stasicon occur substantially simultaneously along both lines. Each character, or information word, is made up of binary bits. Each station transmits one bit of information to the other station. At each station, the previously transmitted bit of information serves as the decryption key for the most recently received bit of information, and the received bit in turn serves as the encryption key for the next transmitted bit. He works as a.

Accordingly, a feature of the invention is to provide for secure exchange of information between stations using full duplex communication methods.

Another feature of the invention is that the key used to encrypt the messages transmitted by each station is the message received and decrypted from the other station.

A further feature of the invention is that the key used to decrypt messages received at each station is the message originating from each station.

Yet another feature of the invention is that it can be used in conjunction with other scrambling and descrampling methods to increase message confidentiality.

These and other objects and features of the invention will become more apparent with reference to the following description and drawings. Like terms used in the description and the drawings refer to the same parts, and the drawings are considered to be a part of this specification.

EXAMPLE 1 Since standard communication terminal equipment is used as an interface between each station and the transmission line, such terminal equipment is not specifically described below. The circuitry and description of the bit synchronization protocol provided in the communication terminals of each station are well known and are therefore omitted from the following description for the purpose of brevity.

In the drawing, exclusive OR gate 7.1! .

13.19 is a mixing device (sixer) for various signals.
) and provide a means for encrypting and decoding signals. “■” indicates an exclusive OR logical operation. For purposes of this discussion, assume that station XI is attempting to communicate with station Y3.

Station X1 initiates communication by transmitting a binary data sequence constituting signal A over line 5 to station Y3.

Signal A is a first bit string, consisting of random data of non-sensitive nature, and is input to station Xi at input 9. Station Y3 has not yet started transmitting, so station xt is not receiving the signal transmitted by line 6 at this moment. Exclusive OR gate 11 comprises a known switch circuit and is therefore not activated unless a signal is detected on line 6. Similarly, the exclusive OR gate 13 in the station Y3 is not activated until the signal is received on the line 5.

If no signal is present on the line 6, the decryption exclusive OR gate 11 will not operate, and therefore only the signal A will be input to the encryption exclusive OR gate 7. A second bit sequence, signal B, is generated at input 15.

The third bit sequence, signal C, is obtained by logically mixing signal A and the output of gate 11 in gate 7. When no signal is detected on line 6 by station x1, the output of gate 11 is therefore a logic "0" and signal C is equal to input signal A.

The signal C is transmitted to the station controller Y3 by the line 5,
It is mixed with signal B by a decoding exclusive OR game (13). The gate 13 is activated only when the incoming signal C is detected on the line 5. Signal B is input 1 of station Y3
5, the output of gate 13 is equal to signal A. Up to this point, since signal B is not present, signal A is transmitted completely in plain text, ie, in unencrypted form.

Therefore, station Y3 is initially a gate! 3 receives only the random data bits that make up signal A as output 17 from A.

When signal A is detected at output 17, station Y3 starts transmitting signal B input at input 15. The signal B, which is a binary data string, may be a meaningful message or random data.

In either case, it is passed through an exclusive OR circuit in the encryption exclusive OR gate 19, mixed bit by bit with the data of the received signal A, and then in the fourth data string. A data stream signal is sent to station x1.

As shown in FIG. 1, bit An of signal A is gate 1
9, it is passed through an exclusive OR circuit together with bit Bn of signal B. Output of gate 19.

That is, the bit Dn is therefore equal to rBr+■AnJ and is transmitted through the line 6 to the station controller XI.

In the station controller XI, when a signal is detected on the line 6, the gate 11 is activated, and the bit Dn is passed through the exclusive OR circuit together with the bit An by the gate 11.

Bit Dn is equal to rBnΦAnJ. therefore,
The output of game) 11 is ``(Bn■An)■AnJ, which is equal to bit Bn, which is thus decoded and appears at output 21.

In this way, the station controller x1 receives the data stream B.
, it begins to encrypt the next bit into the signal using the decoded bits of signal B. At this point, stage 3 x1 begins transmitting message bits rather than random data bits.

The next bit of data stream A, i.e. bit A
n+1 is passed through an exclusive OR circuit with bit Bn by gate 7 to produce Biff)Cn+1. This is equal to "(A n+ 1) Bn J and is transmitted by line 5 to station Y3.

At station Y3, bit Cn+1 is passed through an exclusive OR circuit together with bit Bn in gate 13;
Resulting at output 17 is the decoded bit An+1.

This process is repeated for each subsequent bit of signals A and B until both messages have been exchanged.

As long as both stations continue transmitting to each other at approximately the same time, data streams C and D remain encrypted.

In order to maintain secrecy, the transmission and reception of signals between stations xl and Y3 and the encryption and decryption of gates 7.11.about.13.19 must be performed pit by pit at approximately the same time. As used herein, "nearly the same time" means that the transmission of message bits between both stations occurs within the same time interval. That is, each message is encrypted bit by bit by the other messages within this same time interval, which takes into account initial startup delays and delays due to distance and circuit limitations between stations. . Of course, it is understood that storage and/or delay means can be used at each station to temporarily store the message bits, so long as the encryption and decoding is done bit by bit.

FIG. 2 shows an embodiment of the invention, which includes means of a system for compensating for transmission delays caused by each communication line, i.e., due to distance, circuits, etc.

To initiate communication, the originating station, station X1 in this example, must confirm the round trip delay time between it and station Y3. this is,
It is measured by transmitting a signal by line 5 and measuring the delay time between the transmission and the reception of the echo signal returning by line 6. This is done while station Y3 is not operating. A method for calculating this delay time is publicly known. In this example, assume that the total round trip time is 27 (T for both lines 5 and 6). However, the transmission time (T) on the line 5 is different from the transmission time (1) on the line 6, and the round trip time is rT+
It is also possible that it becomes tJ.

Station x1 transmits its delay means 2 according to delay 2T.
Adjust 3. The delay means 23 and 25 may be a shift register, a charge-coupled device, a magnetic core, a tape, a disk or a diskette, an ultrasonic delay means, or any other suitable storage device.

The delay means may also be a programmable microprocessor, which may be programmed in a known manner to perform the signal delay function. The delay times of these delay means can be adjusted using known methods.

Unless the distance between stations is large, the delay 2T is
It is generally a very short period of time.

After station Xi has adjusted its delay means 23, station X1 stops transmitting and station Y3 determines the delay 2T in the same process and sets its delay means 25 according to delay 2T.

Once station Y3 has adjusted its delay means 25, it stops transmitting. Here, station X1 and station Y3 start communicating with signals A and B, respectively.

For the purpose of the following explanation, messages are exchanged between stations and Ant (bit n of signal A delayed by transmission time T) is received by station Y3, decoded by gate 13, and transmitted by delay means. 25 and gate 19 are used to encrypt bits Bn of signal B input to both gates 25 and 19.

It also appears at output 17 as one decoded bit into the signal.

As shown in FIG. 2, gate 19 passes bit AnT along with bit Bn through an exclusive OR circuit. rAnT■
BnJ is transmitted by line 6 to station XI. After a delay of time T, rAn2T■BnT (rAnT■Bn J delayed by T) J is received at the stasicon XI and input to the gate 11. Delay means 2
The output An2T from 3 (An delayed by 2T) is also input to gate 11, where rAn2T BnTJ
is passed through an exclusive OR circuit with r(An2T■B
nT)■An2TJ is obtained. This is bit BnT (
Delayed by time fL'JT, the decoded Biγ)Bn)
and appears at output 21 as one decoded bit of signal B.

Station XI manually inputs subsequent bits of signal A
Continue to work hard against it. Bit An+1 is input to gate 7, where it is passed through an exclusive OR circuit together with bit BnT to produce rAn+l*BnTJ. rAn
+1eBnTJ is transmitted by line 5 to station Y3 after time T and is received as rAn+l■Bn2TJ. rAn+1■Bn2TJ is the output of the delay means 25 at the gate 13, that is, Bn2T (time 2T
It is passed through an exclusive OR circuit together with the bit Bn) which is delayed by . Therefore, the manpower to gate 13 is [(
An+IT■Bn2T)ωBn2TJ. gate 1
The output of 3 is the decoded bit A delayed by time T.
n+1 and appears at output 17.

FIG. 3 shows the embodiment shown in FIG. 2 with the addition of means by which each station can adjust its delay means without the other station stopping transmission. As shown in the figure, this is an exclusive OR game) 10
0. This is achieved by connecting the inverter 102 and the inverter 102.

The output of inverter 102 is added to lamp 103. A warning sound device can also be used instead of the lamp 103.

The output BnT of the gate 11 (decoded pip of the signal B delayed by the time T), together with the encrypted signal An2T+BnT being transmitted from the station Y3 to the station Xl by the communication line 6, gate 10
It is input to 0.

The output of 100 is rBnTΦ(An2T■BnT
) -An)T. This output is manually input to gate lO1. The output An2T of the delay means 23 is
Game) It is another human power for 101. Game) 1
The output of 01 is connected to inverter 102. The output of inverter 102 is connected to lamp 103.

When both gate forces (ie, An2T) are the same, the output of gate 101 is a logic "0". Logic rOJ is inverted by inverter 102 and the resulting logic “l” lights lamp 103. The delay means 23 are adjustable and are adjusted until the lamp 103 is lit continuously, so that the delay means 23 is able to reduce the delay introduced into the stored bits of the signal A by the round trip transmission introduced by the lines 5, 6. Indicates that it has been set to match the time delay, 2T. With a suitable scale, the delay means 23 will ensure that before the received and encrypted bit)Bn is transmitted by the line 6,
It ensures that bits Bn are mixed with the same bits of signal A that were used at station Y3 to encrypt.

A means for visually displaying incoming messages is achieved by connecting lamp 104 to output 21.

Although not shown, pulse extension means can be inserted between the inverter 102 and the lamp 103 and between the output 21 and the lamp 104 to prevent blinking that would confuse the current status display.

Even by logically connecting lines 5 and 6, no usable information can be obtained.

Although specific embodiments of the invention have been described above, it will be understood that various changes can be made without departing from the spirit of the invention.

[Brief explanation of the drawing]

FIG. 1 shows a basic embodiment of this invention. diagram. FIG. 2 is a block diagram of an embodiment of the present invention. FIG. 3 is a block diagram of one station shown in FIG. 2 in which a device for displaying the settings of the delay means and for displaying incoming messages is added. FIG. 4 is a series of truth tables (a) to e) related to FIGS. 1 and 2; FIG. 4(a) is a truth table of the exclusive OR gate 7. FIG. 4(b) is a truth table of the exclusive OR gate 13. FIG. 4(C) is a truth table of the exclusive OR gate 19. FIG. 4(d) is a truth table of exclusive OR gate II. Figure 4(e) shows lines 5 and 6.
is activated and the data is to be passed through an exclusive OR circuit to confirm either message A or B. l...Station X13...Station Y, 5
゜6...Communication line, 7,11.13,19,100゜101...Exclusive OR gate, 9,15...Input,
17.21...Output, 23.25...Delay means, 1
02...Inverter, 103,104...Lamp.

Claims (12)

[Claims] (1) A method for secretly communicating first and second message bit strings between first and second stations via first and second communication lines, the method comprising: (a) at the first station; , generating an encrypted bit A by mixing bit A of the first bit stream with bit B-1 of a second bit stream received from a second station; (b) producing an encrypted bit A; (c) receiving the encrypted bit A of the third bit stream at the second station; producing a decoded bit A of the first bit stream by mixing the bit stream with bit B-1 of the second bit stream; (d) at a second station, bit B of the second bit stream is mixed with bit B-1 of the second bit stream; (e) generating a fourth bit stream of encrypted bits B by mixing it with decrypted bit A of the bit stream; (f) receiving the encrypted bit B of the fourth bit stream at the first station, where the fourth bit stream is mixed with bit A of the first bit stream to encrypt the second bit stream; (g) incrementing bit A by 1 and mixing bit A of the first bit stream with decoded bit B of the second bit stream at a first station; (h) incrementing bit B by 1; and (i) repeating steps (a) through (h) until bit A is at least equal to n and bit B is at least equal to n. A method for continuous encryption with continuous response, characterized by: (2) A method according to claim 1, characterized in that the mixing of the first and second signals is performed by passing them through an exclusive OR circuit. (3) A method for transmitting confidential signals between a plurality of locations, the method comprising: generating a first bit string of message bits to be transmitted from a first location; and transmitting each of the bits to the first location. the first and second bits mixed at the first location constitute a third bit string; and the first and second bits mixed at the first location constitute a third bit string; bit string is transmitted to the second location, where each bit of the third bit string is mixed with each bit of the second message bit string, such that the first message bit string is transmitted to the second location. obtained, each bit of the first message bit string is mixed with the second message bit string in the second location, and the first and second bits mixed in the second location are mixed in a fourth forming a bit string, said fourth bit string being transmitted to said first location, where each bit of said fourth bit string is mixed with each bit of said first message bit string, thereby A method for continuously responsive sequential encryption, characterized in that said second message bit stream is obtained at a location and each mixing step is performed bit by bit. (4) An apparatus for transmitting a confidential message between a plurality of locations, the device comprising: transmitting, at a first location, each bit of a first message bit string generated at the first location to a second location; means for generating a third bit stream for transmission to said second location mixed with each bit of a second message bit stream generated at said second location and received from said second location; , mixing each bit of the third bit string with each bit of the second message bit string;
means for thereby obtaining said first message bit string at said second location; at said second location, mixing each bit of said first message bit string with each bit of said second message bit string; , means for generating a fourth bitstream for transmission to the first location, and mixing each bit of the fourth bitstream with each bit of the first message bitstream at the first location. ,
An apparatus for continuously responsive continuous encryption, characterized in that it comprises: means for obtaining the second message bit stream at the first location. (5) Further comprising delay means for determining and inserting a predetermined delay before mixing the bit strings at the first and second locations. The device described in. (6) A device according to claim 5, characterized in that the delay means include an adjustable delay time. (7) The device according to claim 5, characterized in that the delay means includes a shift register. (8) The device according to claim 5, characterized in that the delay means includes a charge-coupled device. (9) The device according to claim 5, characterized in that the delay means includes a programmable microcomputer. (10) The apparatus according to claim 5, wherein the delay means includes a magnetic disk drive. (11) The device according to claim 5, further comprising means for displaying the incoming signal. (12) The apparatus according to claim 5, further comprising means for indicating that the delay means has been adjusted to a desired delay time.