JPH0728407A - Ciphering preprocessor and deciphering postprocessor by cipher - Google Patents

Abstract

PURPOSE:To provide a ciphering device and a deciphering device which prevent a cipher key from easily being estimated even when a 3rd party knows both a plaintext and a ciphertext by inserting random bits into the plaintext by a cipher system. CONSTITUTION:The ciphering preprocessor which preprocesses the input of the ciphering device has an input means 11 which inputs an array of plaintexts to be ciphered, a block dividing means 12 which sections the inputted plaintext array by predetermined length into blocks, and a random number generating means 13 which repeatedly generate the random bits. Further, the processor has an inserting means 14 which inserts the random bits generated by the random number generating means 13 at predetermined positions of the respective blocks generated by the block dividing means 12 and an output means 15 which passes the blocks, having the random bits inserted by the inserting means 14, to the ciphering device in order.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an encryption / decryption device.

[0002]

2. Description of the Related Art DES (Sho 51-108701 cryptographic device, for example, "Modern cryptographic theory" written by Shinichi Ikeno and Kenji Koyama,
(Explanation in Chapter 3 of the Institute of Electronics, Information and Communication Engineers 1986)
The conventional cryptosystems, such as RSA and RSA (discussed in Chapter 6 of "Modern Cryptography" above), are divided into blocks by dividing plaintext into certain lengths, and each block is encrypted independently or sequentially It is characterized by obtaining the ciphertext of the whole plaintext by doing.

Generally, in the conventional encryption system as described above, when an attempt is made to encrypt a large file or communication text, the plain text is divided into many blocks. These blocks are usually encrypted with the same key. If the plaintext of many blocks encrypted with such an identical key becomes known to the decryption person, there is a risk that it may be a clue to deduce the secret key.

[0004]

SUMMARY OF THE INVENTION It is an object of the present invention to make it difficult in cryptographic systems to easily deduce the secret key even if both the ciphertext and the plaintext are known to the decrypter. It is to provide an encryption pre-processing device and a decryption post-processing device.

[0005]

According to a first aspect of the present invention, there is provided an encryption preprocessing device for inputting a plaintext string to be encrypted in an encryption preprocessing device for performing preprocessing of an input of an encryption device. A block unit that divides the input plaintext string into blocks by dividing it into predetermined lengths, a random number generator that repeatedly generates random bits, and each block that is blocked by the block unit. Inserting means for inserting a random bit generated by the random number generating means at a predetermined position, and output means for sequentially passing the block in which the random bit is inserted by the pre-inserting means to the encryption device. Is characterized by.

A decryption post-processing device according to a second aspect of the present invention is a decryption post-processing device that performs post-processing on the output of a decryption device for decrypting a ciphertext and outputs a plaintext. Input means for receiving, blocking means for dividing the input plaintext string into blocks by a predetermined length, and a predetermined position from each block blocked by the blocking means. The present invention is characterized by including redundant bit removing means for removing bits and plaintext string output means for outputting the plaintext string processed by the preceding arrival redundant bit removing means as a final plaintext.

[0007]

The pre-processing and post-processing of encryption in the present invention will be described.

Generally, a cryptosystem is required not only to be able to infer a plaintext from a ciphertext but also to be unable to easily infer an encryption key from a set of a ciphertext and a plaintext.

In the pre-encryption processing apparatus and the post-decryption processing apparatus of the present invention, a redundant bit is inserted into the original plaintext to generate a plaintext that is actually input to the encryption apparatus. Since the bit string to be inserted can be generated immediately before the encryption processing in the same device as the device that performs the encryption, the possibility that the content will be leaked to a third party is significantly smaller than that of ordinary plain text. Therefore, even if the original plaintext is leaked, there is almost no possibility that the entire plaintext actually used for encryption is known, and as a result, a known plaintext attack is less likely to occur.

Further, it is not necessary to discuss the contents of the bit to be inserted with the receiver in advance, it is sufficient to discuss only the block length and the position of the bit to be added, and the information is kept secret. There is no need.
Therefore, the secret information that the sender and the receiver have to manage does not increase.

[0011]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS FIG. 1 shows an embodiment of an encryption preprocessing device of the first invention, FIG. 2 shows an example of the configuration of a random number generating means used in the embodiment of FIG. 1, and FIG. An embodiment of the post-decoding processing device has been shown.

In FIG. 1, the encryption preprocessing apparatus comprises a plaintext string input means 11, a blocking means 12, and a random number generation means 1.
3, the insertion means 14 and the output means 15. When a plaintext string is input from the plaintext input means 11, the block forming means 12 divides the plaintext string into blocks by a predetermined number of bits. The inserting means 14 inserts the random bit generated by the random number generating means 13 into a predetermined position of each block. The output device 15 transfers the resulting bit string to the encryption device as an input of the encryption device.

FIG. 2 shows an example of the configuration of the random number generating means 13, which is a component of the encryption preprocessing device of the first invention.
In this example, DES encryption is performed using a time stamp in the computer as an encryption key and an initial constant as plaintext, and the ciphertext is regressed to repeatedly perform encryption. At this time, the leading 1 bit of the ciphertext is passed to the inserting means 14 as a random bit. The function as the random number generation means 13 is realized by performing encryption by the DES every time the insertion means 14 requests one random bit.

In FIG. 3, the post-decoding processing device comprises input means 31, blocking means 32, redundant bit removing means 33, and plaintext sequence output means 34. The input means 31 is
The decrypted bit string is received from the decryption device of the encryption device and passed to the blocking means 32. The block forming means 32 divides the bit string into blocks by a predetermined number of bits, and transfers them to the redundant bit removing means 33. The redundant bit removing means 33 removes the bit at the predetermined position of the received kernel block and delivers it to the plaintext string output means 33. The plaintext string output means 34 outputs the received bit string to the outside.

An example of the structure of each bit string in the above embodiment is shown in FIG. In FIG. 4, the original plaintext string represents the one already blocked by the blocking means 12. This block length does not necessarily have to match the block length unique to the encryption device. Original plaintext sequence (p
1, p2 ,. ． ． ) Is a plaintext string received by the plaintext string input unit 11 from the outside and a plaintext string output by the plaintext string output unit 33 to the outside in the above embodiment. 3 is a bit string that is handed to the encryption unit and the handing to the input unit 31 of FIG. 3 from the decryption unit of the cipher chaining device. The portion drawn in black is inserted by the inserting means 14 and the redundant bit removing means 33 is inserted.
Corresponds to redundant bits removed in.

[0016]

According to the present invention, a random bit is inserted as redundant information in a predetermined position of a block to be encrypted, and the redundant bit can be generated completely independently of the other bits. If it is deciphered, there is no danger of it leaking to others. Therefore, in the selective plaintext attack, this bit becomes unknown information even for a decryption person who can make a known plaintext attack, which makes the decryption difficult. A legitimate recipient of the ciphertext does not need to know this redundant bit in advance at the time of decryption, and secret information to be shared does not increase. Therefore, the security of the conventional encryption method can be further enhanced.

[Brief description of drawings]

FIG. 1 is a block diagram showing an embodiment of an encryption preprocessing apparatus of the first invention.

FIG. 2 is a block diagram showing an example of the configuration of the random number generating means in the first invention.

FIG. 3 is a block diagram showing an embodiment of a post-decoding processing device of the second invention.

FIG. 4 is a diagram showing an example of a structure of a bit string handled in the present invention.

[Explanation of symbols]

 11 Plain Text Sequence Input Means 12 Blocking Means 13 Random Number Generating Means 14 Inserting Means 15 Output Means 21 Encrypting Device DES 31 Input Means 32 Blocking Means 33 Redundant Bit Removing Means 34 Plain Text Sequence Output Means

Claims (2)

[Claims] 1. An encryption preprocessing device for performing preprocessing of an input of an encryption device, input means for inputting a plaintext string to be encrypted, and input plaintext strings for each predetermined length. Blocking means for dividing into blocks, random number generating means for repeatedly generating random bits, and random numbers generated by the random number generating means at predetermined positions of each block blocked by the blocking means. An encryption pre-processing device in encryption, comprising: an inserting means for inserting a bit, and an output means for sequentially passing blocks in which random bits are inserted by the pre-inserting means to an encryption device. 2. A decryption post-processing device that performs post-processing on the output of a decryption device for decrypting ciphertext to output plaintext, and input means for receiving the decrypted plaintext sequence from the encryption device. Blocking means for dividing the plaintext sequence into blocks by dividing it into predetermined lengths, and redundant bit removing means for removing bits at predetermined positions from each of the blocks blocked by the blocking means. A decryption post-processing device for encryption, comprising plaintext string output means for outputting the plaintext string processed by the redundant bit removing means as a final plaintext.