A technique for transmitting and receiving data via a predetermined network such as the Internet is widely used in fields such as the Internet, electronic mail, and IP telephony. Data to be transmitted and received via a network may include programs and data of contents such as moving images.
During transmission/reception of data, there is a risk that eavesdropping of data by a third party may occur between a transmission device that transmits the data and a reception device that receives the data. Encryption techniques are widely used in order to prevent such occurrences when transmitting/receiving data.
While there are various techniques for encryption, one of such techniques uses a one-time password.
A one-time password is often used for authentication. A one-time password is generally realized using a tool known as a token that generates a personal identification number or other information. A token sometimes generates the information described above in a time-dependent manner and sometimes generates the information so that the information is dependent on an order in which the information had been generated. In any case, an authentication device and a token are adapted to generate the same information. The user sends the aforementioned information generated by the user's own token to the authentication device. The authentication device validates a user by collating information generated by the device itself with the information received from the user.
Such a technique involving a one-time password can be applied to encrypted communication by having two transmission devices generate common information, and having the transmitting side use the common information for encrypting data to become an object of transmission and having the receiving side use the common information for decrypting received encrypted data. While the aforementioned common information can be used as, for example, a part of a key or an algorithm for encrypting or decrypting data, as information for newly generating a key or an algorithm, or for specifying one from a plurality of keys or algorithms, since the key or algorithm is never transmitted between the two communication devices, a relatively high encryption strength can be achieved.
A similar technique has already been proposed by the present inventor.
The technique can be described as follows.
The encrypting technique proposed by the present inventor is adapted such that a transmission device and a reception device include solution generating means that consecutively generates, based on an initial solution that is predetermined data, solutions uniquely determined by the initial solution. The transmission device is adapted to use a solution generated by the solution generating means when encrypting and converting data to be transmitted into encrypted data, and the reception device is adapted to use a solution generated by the solution generating means when decrypting received encrypted data to restore the original data. The aforementioned solution is to be appropriately used during encryption and decryption (for example, a solution may be used as one of a key when performing encryption and decryption, a solution for generating at least one of a key or an algorithm to be used when performing encryption and decryption, and a solution for selecting an appropriate key or algorithm from a plurality of already existing keys or algorithms). In any case, solutions generated by the transmission device and the reception device are to be the same when comparing solutions respectively generated in the same order. Consequently, since the reception device is now capable of reproducing a key and an algorithm used by the transmission device when performing encryption by the transmission device using the same solution that had been used when performing encryption, encrypted data generated at the transmission device by encrypting predetermined data can be decrypted even when the transmission device provides no information related to a solution, a key, and an algorithm used by the transmission device during encryption.
The aforementioned technique proposed by the present inventor is achieved by having the transmission device and the reception device generate solutions such that those generated in the same order become the same. To this end, means for generating the same solution at both the transmission device and the reception device is required. The present inventor has solved this issue by providing, in advance, the transmission device and the reception device with a particular solution (being a first solution, this solution is to be referred to as an initial solution in the present application). Specifically, the transmission device and the reception device are adapted to generate one solution after another based on a common initial solution provided in advance (a plurality of initial solutions may be provided) by performing processing in which a second solution is created using the initial solution, a third solution is created using the second and antecedent solutions, a fourth solution is created using the third and antecedent solutions, and so on.
Although the aforementioned technique proposed by the present inventor enables a method of performing encryption by the transmission device to be varied (for example, keys and algorithms can be varied), the technique is highly advantageous in that information necessary for identifying a solution, a key, or an algorithm used by the transmission device need not be exchanged between the transmission device and the reception device. In other words, a cipher created by the aforementioned technique is hard to break.
Since the aforementioned technique is based on the premise that a common initial solution is provided in advance to a transmission device that performs encryption and a reception device that performs decryption, the technique is suitable for one-on-one communication between the transmission device and the reception device. However, when the transmission device and the reception device are specified or restricted from the start, the aforementioned technique can be applied even if one of or both of the transmission device and the reception device exists in plurality.
However, it is difficult to apply the aforementioned technique when, for example, at least one of the transmission device and the reception device exists in plurality and the transmission device and the reception device are not specified. It is similarly difficult to have the transmission device and the reception device share an initial solution in advance when a transmission device or a reception device is increased. While the transmission device and the reception device are required to possess a common initial solution upon performing encryption and decryption (this requirement may be achieved by gaining knowledge of an initial solution in the possession of the other party in some way), at present, there are no suitable techniques for fulfilling this requirement.
[Patent Literature 1] Japanese Patent Laid-Open No. 2003-249929
[Patent Literature 2] Japanese Patent Laid-Open No. 2006-253745
[Patent Literature 3] Japanese Patent Laid-Open No. 2006-253746
[Patent Literature 4] Japanese Patent Laid-Open No. 2007-013506
It is an object of the present invention to enhance versatility, without undermining security, of an encryption technique in which a transmission device and a reception device use solutions generated such that those generated in the same order are to become the same.