The present invention relates to a cryptographic communication technique, in particular, a technique of enabling communication terminals to perform cryptographic communication on a cryptographic communication network on which a plurality of cryptographic algorithms are available.
Japanese Patent Laid-open Publication No. H7-327029 (hereinafter, referred to as Document 1) discloses an cryptographic communication system having a plurality of cryptographic keys selectively used for enciphering data. In the enciphered communication system described in Document 1, a transmitter has a cryptographic key table recorded with a plurality of cryptographic keys, appendant data affixing means which affixes some appendant data to data to be encrypted, and means which sequentially selects the cryptographic keys from the cryptographic key table to encipher data, to which the appendant data is affixed, by using the selected cryptographic keys. On the other hand, a receiver includes the same cryptographic key table as that of the transmitter, decrypting means which selects the cryptographic key from the cryptographic key table and decrypts the encrypted data with the selected cryptographic key, appendant data detecting means which detects the appendant data from the decrypted data, and cryptographic key changing means which sequentially changes the cryptographic key to be selected from the cryptographic key data when the appendant data is not accurately detected. With such a configuration, when the cryptographic key is changed or the like, the reception side can restore data by itself even if the cryptographic key number is not correctly transmitted.
Japanese Patent Laid-open Publication No. 2000-295209 (hereinafter, referred to as Document 2) also discloses a cryptographic communication system having a plurality of encryption keys selectively used for encrypting data as in the Document 1. In the cryptographic communication system described in the Document 2, a communication terminal on a transmission side uses any one of encryption keys to generate encryption data and counts the number of times of use of the encryption key. When the accumulated count reaches the limit of the allowable number of times of use, the communication terminal switches the encryption key to another one and notifies a communication terminal on the reception side of switching information of the encryption key. On the other hand, the communication terminal on the reception side uses any one of a plurality of decryption keys respectively corresponding to the plurality of encryption keys. Upon reception of the switching information from the communication terminal on the transmission side, the communication terminal on the reception side switches the decryption key actually in use to another decryption key corresponding to the new encryption key. With such a configuration, as compared with the case where only one key is prepared, it becomes difficult to decrypt encrypted data by a key brute force attack or a known plaintext attack. Furthermore, since the plurality of keys are prepared, it is not necessary to create a new key for each encryption.
In Internet RFC/STD/FYI/BCP Archives, “RFC 3740—The Multicast Group Security Architecture”, URL: http://www.faqs.org/rfcs/rfc3740.html (hereinafter, referred to as Document 3), a technique of sharing keys and setting information (Security Association) for cryptographic communication between a plurality of terminals is disclosed. In this technique, a server distributes the keys and the setting information for the cryptographic communication to the plurality of terminals.