JPH1093547A - Communication equipment, system and method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To utilize a characteristic such as information and importance of service by providing a means that decides communication quality so that the quality of encryption and authentication communication relating to a higher layer is higher than the quality of encryption and authentication communication relating to a lower layer. SOLUTION: This equipment is composed of a QOS(quality of service) setting means conducting a QOS request setting means being a connection open realize means having QOS depending on each layer and a QOS storage means that receives hierarchical information and stores corresponding QOS as a table. On the occurrence of a communication request, at first highest quality QOS is requested and set based on hierarchical information K. The connection is in use and encryption and authentication communication is conducted with a highest master key. After the encryption and authentication communication is finished, the connection is closed. Then the hierarchical information K is being decreased one by one and the connection depending on the layer is requested and set again and the operation is repeated and when K reaches 0, the communication is terminated.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a communication apparatus, system and method in a multimedia network for transmitting information such as moving image data, still image data, audio data and computer data.

[0002]

2. Description of the Related Art B-ISDN (Broadband Aspects of Integr
The ated Services Digital Network (Broadband Integrated Services Digital Network) has a larger transmission capacity than the currently implemented ISDN and can provide communication services with the required transmission capacity (as long as network resources permit). Is a flexible network. Only ATM (Asynchronous Tras) can provide such services.
B-IS called nsfer mode (asynchronous transfer mode)
This is based on the core technology of DN. In ATM, as in the packet-switching transmission mode, a fixed-length cell with a header storing a label on which a destination is written is transmitted to correspond to an arbitrary speed, and the switching is switched by reading the label. . Since the packet is configured in units of fixed-length cells, high-speed synchronous communication can be performed at the physical layer level, and an arbitrary transfer speed can be secured depending on the packet transmission density.

On the other hand, in order for a user to use such a communication infrastructure with peace of mind, network security techniques such as encryption and authentication are required. This encryption and authentication uses a common key encryption method (also called a secret key encryption method, a symmetric encryption method, or a conventional encryption method) in which the same encryption key is secretly shared between the sender and the receiver, and the encryption key and the decryption key are different. It is known that this can be realized by a public key cryptosystem in which an encryption key is made public and a decryption key is kept secret (for details of each encryption system, Ikeno and Koyama, "Modern Cryptography Theory," IEICE, 198
6. reference). Various key distribution schemes have also been proposed for such a key distribution scheme (for example, Tsujii and Kasahara, "Cryptography and Information Security", Shokodo, 19).
90. reference). By using the above technology, secure communication can be realized even for B-ISDN.

[0004]

In the encryption / authentication communication as described above, keys are often hierarchized and used as shown in FIG. 6 in order to enhance the security. This is because if the key is analyzed, all subsequent data will be decrypted. Therefore, the key can be encrypted with a higher-layer key to increase security, or a key with a different use (such as a key for signature) can be used. By using a plurality of keys for encryption, etc., encryption and authentication functions are simultaneously realized. In this case, if encryption is replaced according to decryption, signature, verification, and usage, various functions can be supported.

[0005] In the figure, the first key of key encryption is called a master key, the key for directly encrypting data is called a work key, and the other keys are called key encryption keys. Some key encryption keys including the master key are keys that have been delivered to the user in advance, or public keys that can be accessed by anyone. In addition, some key encryption keys such as work keys are keys set only by the sender, receiver, or a center that manages keys on an ad-hoc basis, eliminate the need for key search, and Or a key sent with the data to identify

[0006] Such keys are often sent to recipients together with and / or separately with the encrypted or signed data. Therefore, in the encryption / authentication communication, there is communication related to the key in addition to communication related to the data. It is clear that the communication related to the upper layer in FIG. 6 is more important in the security related to the communication. This is because if the communication about the upper layer is not reliable, all the communication about the lower layers is not reliable. However, there has been proposed a method of performing communication in which the key information and the data information relating to the upper layer and the lower layer are not distinguished in the conventional communication or the information is distinguished according to the position of the information in the sense of importance of the information. I didn't.

[0007]

SUMMARY OF THE INVENTION The present invention has been made in view of the above circumstances, and aims to provide a communication apparatus, a system, and a method that can make use of characteristics such as importance of information and services. Things.

In order to solve this problem, for example, a communication device of the present invention has the following configuration.

[0009] Communication is performed by encryption / authentication in which a key belonging to an upper layer is converted by converting a key or data belonging to a lower layer to perform communication, and the quality of the encryption / authentication communication relating to the upper layer is higher. It is characterized by having means for determining the communication quality so as to be higher than the quality of the encryption / authentication communication for the lower hierarchy.

[0010]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An embodiment of the present invention will be described below in detail with reference to the accompanying drawings.

First, in the present embodiment, B-ISDN allows different media to handle different traffic characteristics in order to handle multimedia. Therefore, QOS (Quality Of Service) differs for each media.
Is required. As QOS in ATM, delay and sensitivity of delay variation, cell loss rate, and the like are defined as a set of parameters (other QOS parameters will be studied in the future).

Here, the delay is the time from when data is transmitted to when it is received, and the variation in delay is a variation in cell transfer time due to congestion or the like. For video transmission,
If the receiving side does not have enough buffer memory to cause bit fluctuations due to delay fluctuations, the screen will flicker. In addition, when the delay becomes large, a device such as voice data for conversation that requires real-time processing requires a device such as echo cancellation. Conversely, if the text data has little real-time property, the delay has no problem at all with the delay fluctuation. The cell loss rate defines the ratio of the total number of cells transmitted by the sender to the total number of cells that cannot reach the recipient, and in video transmission of a type in which data drips, dropped frames or noise may occur. The effect on communication quality is large because of Also,
It can be understood that a compression method based on predictive coding, such as MPEG, which has recently been studied, can cause even greater image quality degradation. Thus, the requirements of each parameter of the QOS differ depending on the application.

The request / setting of the QOS between the user and the network is performed as follows. The user requests a certain class of QOS from the QOS classes provided by the network (a combination of several QOS parameters). This is normally performed together with a traffic contract and the like at the communication setting stage (when possible, resetting even during communication). At this time, the network determines whether the requested traffic does not exceed the actual transmission capacity, and at the same time determines whether the requested QOS class can be secured. If communication is possible, the network notifies the terminal and enters the communication mode. . In the communication mode, the network maintains the required QOS and guarantees the required quality as long as the user complies with the traffic contract.

Various protocols (communication protocols) are defined in communication. In the B-ISDN protocol, a protocol as shown in FIG. 7 is used so that addition or change of various functions does not affect the whole. Has been hierarchized. The promise of delivery is determined between the layers, and each layer is called a layer. In FIG. 7, the physical layer literally defines the physical medium (including transmission frame configuration, cell insertion, and extraction functions in addition to cable and connector specifications), and the ATM layer multiplexes cells common to all services. And exchange. AAL (ALT
The adaptation layer handles functions dependent on each service, and a plurality of protocols are defined for each service. This AAL absorbs additions and changes of upper layer functions that depend on each service, and B-ISDN
So as not to affect the basic functions of Therefore,
The above-described conversion of the QOS requested by each service to the ATM QOS and the reverse conversion are performed in the upper layer including the AAL.

As described above, in the B-ISDN, the QO
S can be used to specify communication quality.

Therefore, in the present embodiment, importance (quality) according to the hierarchy shown in FIG. 6 is set in this QOS, that is, the communication related to the upper hierarchy in the cell loss rate and the like is the QOS more than the communication related to the lower hierarchy. The communication according to the importance of the information of the encryption / authentication communication is realized by having means for setting the quality of the communication.

FIG. 1 shows a flowchart for an embodiment of the present invention. In the figure, a QO that performs the above-described QOS request / setting procedure as shown in FIG.
It can be constituted by S setting means and QOS storage means which receives hierarchical information and stores the corresponding QOS as a table. The control of the entire flow chart of FIG. 1 and the output of the hierarchical information as a part thereof are performed by control means such as a CPU. However, it is assumed that the layer information K in the figure corresponds to the total number of layers in FIG. Therefore, when a communication request occurs, the means of FIG. 1 first requests and sets the highest quality QOS with the hierarchy information as K. Using the connection, encryption / authentication communication of the key encryption key using the highest master key is performed. The means of FIG. 1 closes the connection after the end of the encryption / authentication communication. After that, the hierarchy information K is decreased by one, and a connection according to the hierarchy is again requested and set, and the above operation is repeated. When K = 0, the process ends. However,
If the key does not require the same communication as the master key, the connection opening / closing process and the encryption / authentication communication are omitted.

If there is no key that does not require communication other than the master key, the process of determining the necessity of key communication is omitted. Further, when the QOS is the same over several layers, it is not necessary to perform the processing for opening and closing the connection for each layer. These control changes can be easily made by changing the programming of the control means. Further, the present invention can also be realized by programming the QOS according to the hierarchy in advance without the QOS storage means. Further, even if the QOS is not fixed to the hierarchy, in the case of an upper hierarchy, processing such as requesting the highest QOS that can be requested at that time may be performed. Further, the QOS can be arbitrarily set by setting the QOS storage means or programming the QOS setting means, even if the upper layer is not necessarily higher quality than the lower layer. However, since the series of communication (across a plurality of connections) in FIG. 1 is related, a communication such as an identifier can be used to distinguish other communication.

The above is effective for connection-type communication in which QOS is determined at the communication setting stage.

<Second Embodiment> In B-ISDN, in addition to various QOSs, a connection type in which communication is set prior to information transfer, and a connectionless communication in which information is transmitted to the other party when transmission information is generated. Various connection settings such as types are also provided. The above-described embodiment (first embodiment) is for connection-type communication. In the second embodiment, a case of a connectionless type in which QOS can be changed during communication will be described.

FIG. 8 shows an example of the configuration of a connectionless type protocol. In the figure, CLNAP (Connectio
nless Network Access Protocol) is a part of the upper layer shown in FIG. 7, and is a layer for realizing a connectionless protocol. The PDU (P
(Rotocol Data Unit) format is shown in FIG. A PDU indicates a data unit that defines a protocol, and a SUD (Service Data Unit) is a data unit from a user who uses the protocol. In this case, the QOS is specified as 4-bit data in the header of the PDU, and this PDU is generated in the CLNAP layer. This PDU is cellized or combined in the AAL and ATM layers and transmitted via the physical layer. Therefore, in connectionless type, QO
S can be set.

Accordingly, in the connectionless communication protocol, different PDUs are generated for each layer (for each different QOS), and the QOS is set according to the layer of the encryption information included in the PDU, so that the importance of the information is increased. (Layer) communication is realized. This can be realized by controlling the connection in FIG. 1 with a PDU.

FIG. 3 is a conceptual diagram showing the configuration according to the second embodiment. The encryption means shown in the figure receives the input data and sends the encrypted information to the QOS setting means and sends the hierarchical information to the QOS storage means. However, it is assumed that a key for each user such as a master key is managed by a well-known key management unit. If not (such as when a key is input from an external card or the like), the key is encrypted via communication or the like. Input to the conversion means. In addition, an ad-hoc key such as a work key is generated by using a known random number generation unit, a calculation unit, or the like. The encryption using these keys is realized by a known encryption processing unit, and the output encryption information is sent to the QOS setting unit.
Furthermore, the order of using those keys is predetermined,
Since the use order corresponds to the key hierarchy, the control means transmits the master key or the like or the random number generation means and the arithmetic means from the key management means (or external) based on a predetermined key use order (hierarchy). A work key or the like is given to the encryption processing means, and encryption is performed in accordance with input of data corresponding thereto (the work key or the like may be data), and the processing order is sent to the QOS storage means as hierarchical information. .

Next, the QOS storage means is constituted by a storage means for storing the QOS corresponding to the hierarchical information as a table, and provides the QOS corresponding to the input hierarchical information to the QOS setting means. The QOS setting means sets and outputs the QOS to output data (predetermined information including the encryption information) at a predetermined position and / or format.

Next, the present embodiment for the receiving side will be described with reference to FIG.

It is assumed that the receiving side receives communication by the means shown in the first embodiment. In FIG.
The S analyzing means decomposes the input data, decomposes the encrypted information and the hierarchical information from a predetermined position of the information, a format of the identification signal and the like, and sends them to the decrypting means. In the decryption means, the control means retrieves the key from the key management means and inputs it to the decryption processing means if the hierarchical information is information of the hierarchy managed by the key management means, and decrypts the encryption information. Further, if the decryption result is information of a hierarchy used as a key, the decryption result is temporarily stored in the key storage unit. When the hierarchical information is information of a hierarchy not managed by the key management means, the control means searches the held decryption result for information serving as a key of the hierarchy, and uses the information as a key for decryption processing means. To decrypt and output the encrypted information. However, there is also a case where a key is generated by the arithmetic means based on the above-mentioned decryption result. Therefore, the QOS analysis means can be realized by a combination of processing means such as a CPU and a DSP and storage means such as a RAM.
The decryption processing means can be realized by known decryption processing means corresponding to the encryption processing means of the first embodiment, the key management means can be realized by the same means as in the first embodiment, and the control means can be realized by processing means such as a CPU and a DSP. Obviously, the calculation means can also be easily realized by a CPU, a DSP and the like.

In the above description, encryption and decryption have been described. If authentication is included, if encryption is replaced with signature and decryption is replaced with verification, processing of the key can be performed by the same means for authentication communication. It is clear that communication depending on the degree is possible. In the case of a device that performs both transmission and reception,
Since the components in FIGS. 3 and 4 are the same, it is easy to use means (program) obtained by combining the means in FIGS.

<Third Embodiment> In the first and second embodiments, means for realizing communication according to the importance of information in connection-type and connectionless-type communication have been described. In the present embodiment, a communication system that realizes communication according to the importance of information, including the first and second embodiments, will be described with reference to FIG.

Here, as an example, it is assumed that the means in the first embodiment is incorporated in each of the sender terminal and / or the receiver terminal in FIG. 5, and the number of layers K in the hierarchy in FIG.
= 2, that is, only the master key and the work key are considered. In connection type communication, a case is considered in which encryption / authentication processing relating to keys and data is performed by the following ID-based key sharing scheme.

[ID-based key sharing system] There is a center that manages key distribution means. The center receives identification (ID) such as the name and telephone number of each entity, and determines a secret algorithm unique to the center. Using that I
Generate a secret key corresponding to D and send it to each entity,
Each entity calculates and obtains an encryption key to be shared from the secret key and the public ID of the communication partner. This method is called an ID-based key sharing method, in which a communication partner can be confirmed and a key can be shared at the same time.

This method is broadly classified into a method requiring call communication prior to encryption communication and a method not requiring call communication.
A method that requires the preliminary communication cannot be used like an e-mail that sends only encrypted communication text, but a method that does not require the preliminary communication can be used like an e-mail and has a wide range of use. However, the method that does not require the preliminary communication has a problem that the secret of the center is exposed when many entities collude. The Okamoto (Sakae) key distribution method is well known as a method that requires preliminary communication, and the Matsumoto / Imai key distribution method is well known as a method that does not require preliminary communication (see Tsujii for details). Kasahara, "Cryptography and Information Security", Shokodo, 1990., Chapter 4). The key distribution method of Okamoto (Sakae) is shown below as a typical method requiring the preliminary communication.

Okamoto (Sakae) key distribution method: 1) The center publishes the RSA encryption, which is one of the public key encryption methods, as a one-way function. That is, two prime numbers p,
q and the decryption key d are kept secret, and n = (p · q) and the encryption key e are made public (the encryption key e and the decryption key d are ed = 1
mod (p−1) · (q−1)). At the same time, the primitive elements g of the finite fields GF (p) and GF (q) are also released.

2) When each user j joins the network,
Register your own identifier IDj in the center and send Sj =
IDjd mod n is calculated and transmitted, and it is secretly managed.

3) The user A and the user B perform the following communication / calculation when performing key sharing. i. User A arbitrarily selects a random number kA, and CA = SA · gkA
Send mod n to user B. ii. User B arbitrarily selects random number kB, and CB = SB · gkB
Send mod n to user A. iii. User B has y = (CAe / IDA) kB mod n
(= Ge · kA · kB modn) is calculated. iv. User A has y = (CBe / IDB) kA mod n
(= Ge · kA · kB mod n) is calculated.

4) Both users A and B perform encrypted communication using y as a shared key.

Here, the master key corresponds to Sj in 2), and the work key corresponds to y in 3). Therefore,
Each user has Sj in 2) in advance, and processing in 3)
Communication is encryption / authentication communication related to a key, and 4) corresponds to encrypted communication related to data. Further, the user A corresponds to the sender in FIG. 5, and the user B corresponds to the receiver. Hereinafter, in addition to the means shown in the first embodiment, each terminal in FIG.
It is assumed that the apparatus has a based key sharing unit (normally, the above-described Sj is managed by the ID-based key sharing unit).

First, when performing the encryption / authentication communication with the user B, the user A negotiates QOS with the network using the first embodiment by setting K = 2. Open a connection with After establishing the connection, user A has a known ID with user B
Using the based key sharing means, perform the processing and communication of 3), share the work key y with each other, and temporarily terminate the connection. After that, K = 1 and the network and Q again
The OS negotiates, and if K = 2, establishes a connection with the user B having the following quality of service. Using this connection, cryptographic communication with the user B using the work key y is realized.

Next, in connectionless communication, the master key is shared in advance by the sender and the receiver and stored in each key management unit, and the work key is generated by the sender's random number generation unit. Consider a case where random numbers are used as they are. In this case, the terminal in FIG. 5 includes the second embodiment.

When the sender encrypts data with the work key and sends it to the receiver, the sender first searches the key management means for the master key shared with the receiver, and thereby outputs the master key. The work key is encrypted to form a PDU together with the layer information, and a high-quality QOS corresponding to the layer is added from the QOS storage means to be converted into an ATM cell and sent to the receiver. Further, the sender encrypts the data using the random number as a work key to form a PDU together with the layer information, and stores the PDU corresponding to the layer from the QOS storage means.
A quality QOS of S or less is added, and the cell is similarly converted into an ATM cell and sent to the receiver.

The receiver specifies encryption information, hierarchical information, a sender, an encryption number, the presence or absence of encryption, and the like from the PDU obtained by combining the cells. However, the encryption number is information used for linking a work key and data encrypted with the key. Therefore, the receiver determines whether or not the information is encrypted with the master key based on the presence / absence of encryption and the layer information, and in that case, searches for the shared master key from the sender information. Further, the encrypted information is decrypted using the key as a key, and the decrypted information is used as a work key and stored in a key storage unit together with an encryption number. If the PDU belongs to a lower layer, the work key having the same encryption number is searched from the key storage means, and the key is used as a key to decrypt the encryption information and obtain the data sent from the sender.

As described above, it can be seen that the communication system shown in FIG. 5 can be applied to communication related to various keys and data.

The above is an example for simplicity.
When the second embodiment is external, when FIG. 6 has multiple layers, when a key sharing method other than Okamoto (Sakae) 's ID-based key sharing method is used, connection-type communication and connection-type communication are performed. It is clear that a similar communication system can be realized for each of the cases where the communication system is mixed. FIG.
One terminal is a center station related to the key, and the sender, the receiver, and the center have a cryptographic key having a hierarchical structure as shown in FIG.
It is clear that the present embodiment is also effective when implementing authentication communication.

<Other Embodiments> In the above embodiment, the QOS is used to realize communication according to the importance of information. However, the means for realizing the quality of communication is not limited to the QOS and other realizations are possible. The invention also includes means. It is obvious that the embodiment can be easily realized by replacing the portion related to the QOS in FIGS.

It should be noted that the present invention may be applied to an apparatus comprising a single device, even if an apparatus for realizing the above processing is separated from a communication terminal.

Another object of the present invention is to provide a storage medium storing a program code of software for realizing the functions of the above-described embodiments to a system or an apparatus,
Computer (or CP) of the system or device
U and MPU) can read and execute the program code stored in the storage medium.

In this case, the program code itself read from the storage medium realizes the functions of the above-described embodiment, and the storage medium storing the program code constitutes the present invention.

As a storage medium for supplying the program code, for example, a floppy disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD
-R, a magnetic tape, a nonvolatile memory card, a ROM, or the like can be used.

When the computer executes the readout program code, not only the functions of the above-described embodiment are realized, but also an OS (Operating System) running on the computer based on the instruction of the program code. ) May perform some or all of the actual processing, and the processing may realize the functions of the above-described embodiments.

Further, after the program code read from the storage medium is written into a memory provided on a function expansion board inserted into the computer or a function expansion unit connected to the computer, based on the instructions of the program code, It goes without saying that the CPU included in the function expansion board or the function expansion unit performs part or all of the actual processing, and the processing realizes the functions of the above-described embodiments.

[0050]

As described above, according to the present invention, communication according to the degree of importance of information can be realized. In particular, communication having communication quality corresponding to the key layer in encryption can be realized.

[0051]

[Brief description of the drawings]

FIG. 1 is a flowchart illustrating a processing procedure for an embodiment.

FIG. 2 is a conceptual diagram of a processing configuration in the embodiment.

FIG. 3 is a conceptual diagram illustrating a configuration of a transmission side according to a second embodiment.

FIG. 4 is a diagram illustrating a conceptual configuration of a receiving side according to a second embodiment.

FIG. 5 is a diagram illustrating a configuration of a communication system according to a third embodiment.

FIG. 6 is a conceptual diagram of hierarchical encryption.

FIG. 7 is a diagram illustrating a protocol hierarchy in the embodiment.

FIG. 8 is a diagram illustrating an example of a configuration of a connectionless protocol according to the second embodiment.

FIG. 9 is a diagram showing a PDU format in the second embodiment.

Claims (5)

[Claims] 1. An encryption / authentication communication communication in which a key belonging to an upper layer is converted into a key or data belonging to a lower layer to perform communication by performing encryption / authentication, wherein the encryption / authentication communication for the upper layer is performed. A communication device comprising means for determining communication quality such that the quality is higher than the quality of said encryption / authentication communication for a lower layer. 2. The communication device according to claim 1, further comprising means for arbitrarily determining communication quality for each layer. 3. A communication system comprising the communication device according to claim 1 or 2. 4. A communication system, wherein the communication quality according to claim 1 is a parameter defined as QOS in ATM communication. 5. An encryption / authentication communication method for performing communication by converting a key or data belonging to a lower layer into a key or data belonging to a lower layer and performing communication, wherein the key belonging to the upper layer is a communication method. A communication method, comprising: means for determining communication quality such that the quality is higher than the quality of the encryption / authentication communication for a lower layer.