1. Field of the Invention
The present invention relates to a method and apparatus for secure communication between cryptographic systems using a Real Time Clock (RTC), and more particularly, to a method and apparatus for secure communication between cryptographic systems allowing a transmitting cryptographic system to transfer partial RTC data and a receiving cryptographic system to restore entire RTC data and thereby minimizing data to be transferred between the cryptographic systems.
2. Discussion of Related Art
As network communication has become a major means for exchanging information, the necessity of securing important information, e.g., private information and a secret code, exchanged in a network has increased. However, networks are vulnerable to cyber attacks, and thus it is necessary to safely transfer important information exchanged in a network using a cryptosystem shared by both sides of communication.
There are typical cryptosystems such as a secret-key cryptosystem and a public-key cryptosystem.
According to the public-key cryptosystem, a key used for encrypting data is different from a key used for decrypting the data. In general, the key used for encryption is referred to as a public key, and the key used for decrypting a ciphertext encrypted using the public key is referred to as a private key. The private key is secured so that a user alone knows it, but the public key is published so that anyone can obtain it. A ciphertext encrypted using a public key can be decrypted using only a private key that makes a pair with the public key.
On the other hand, according to the secret-key cryptosystem, two users performing cryptographic communication share a secret key and perform encryption and decryption using the secret key. Therefore, the same key is used for encrypting and decrypting data.
In the secret-key cryptosystem, a master key is a secret key shared by two users performing secure communication. Here, when encryption and decryption is performed using only one master key, the same ciphertexts are generated from one plaintext. When the same ciphertext are generated, an outsider can find out the secret key. To prevent this, data of a number or bit string used only once, referred to as a “nonce”, is used whenever cryptographic communication is performed. Every time cryptographic communication is performed, a new encryption key or decryption key is generated using a master key and a nonce. Here, the generated key is referred to as a session key.
Two users performing secure communication insert a master key and a nonce into a Key Derivation Function (KDF) and use the output value as a session key. By constantly generating and using a new session key, it is possible to generate various ciphertexts from one plaintext.
FIG. 1 is a flowchart showing a method for cryptographic communication of a conventional secret-key-based cryptographic system.
Referring to FIG. 1, users A and B performing cryptographic communication share a master key K, and the user A generates a nonce N (step 110). Subsequently, the user A calculates KDF(K, N) using the master key K and the nonce N to generate a session key (step 120). In the next step, the user A encrypts a plaintext using the generated session key to generate a ciphertext (step 130). Then, the user A transfers the nonce N and the generated ciphertext to the user B (step 140). The user B generates the session key KDF(K, N) using the received nonce N and the shared master key K (step 150). Subsequently, the user B decrypts the received ciphertext using the session key (step 160).
To share the same session key, two cryptographic systems need to share the same nonce. To this end, in general, one cryptographic system generates a nonce and transfers it to the other cryptographic system. Here, it is necessary to minimize the size of the transferred nonce in a poor communication environment. However, when the size of a nonce is reduced, a probability of the nonce being reused increases, and the same session key as the previously used session key may be generated. Therefore, a nonce must not be reused.
To prevent a nonce from being reused, a continuously changed value, such as a counter, is used as a nonce. Here, an RTC is frequently used as a counter because it can serve as a common value that can be shared by all systems. However, due to RTC deviation among systems, it is very difficult for all the systems to share the same RTC data.