Search

US-12627492-B2 - User device, method, and computer program

US12627492B2US 12627492 B2US12627492 B2US 12627492B2US-12627492-B2

Abstract

A secure technology for allowing two communication devices intending to execute encrypted communication to have a common initial solution. A large number of user devices all have a function of generating the same solution under the same condition when the user devices have the same initial solution, and can execute encrypted communication through use of a synchronized solution successively generated from the same initial solution. Each of two server devices generates synchronization information which is not the initial solution itself and which is required by the two user devices intending to execute the communication to generate the same initial solution, and transmits the synchronization information to the two user devices each of which executes predetermined calculation on the two pieces of synchronization information, to thereby generate the same initial solution. After that, the two user devices execute the encrypted communication based on the same initial solution.

Inventors

  • Takatoshi Nakamura

Assignees

  • NTI, INC.

Dates

Publication Date
20260512
Application Date
20220104
Priority Date
20210104

Claims (7)

  1. 1 . A method, which is executed by specific user devices being two user devices intending to execute encrypted communication among three or more user devices, each of the three or more user devices forming, in combination with two or more server devices, a communication system including the three or more user devices and the two or more server devices that are connected to a network and controls communication among the three or more user devices, the three or more user devices and the two or more server devices being communicable thereamong via the network, the each of the three or more user devices including: a user solution generator that generates a pseudo-random number through use of an initial solution by an appropriate method for generating a pseudo-random number by a computer, and is always the same when the string is generated under the same condition; a user encryptor configured to execute processing of encrypting transmission target data being a target of transmission into encrypted data through use of the solution generated by the user solution generator; a user transmitter/receiver configured to execute transmission and reception via the network; and a user decryptor configured to execute processing of decrypting the encrypted data received by the user transmitter/receiver into the transmission target data through use of the solution generated by the user solution generator, the specific user devices are adapted to, when the specific user devices have a common initial solution, execute the encrypted communication between the specific user devices is established by each of the user solution generators generating a common solution synchronized between the two user devices, and the own user decryptor decrypting, into the transmission target data, encrypted data that is generated by the user encryptor of an opposite party encrypting the transmission target data, is transmitted from the user transmitter/receiver of the opposite party, and is received by the own user transmitter/receiver, the method comprising: a first step of using, by any one of the specific user devices, the user transmitter/receiver to transmit specification information for specifying both of the specific user devices to a first server device being one of the two or more server devices, and using, by any one of the specific user devices, the user transmitter/receiver to transmit specification information for specifying both of the specific user devices to a second server device being another one of the two or more server devices; a second step of receiving, by the user transmitter/receiver of each of the specific user devices, first synchronization information that is generated by the first server device having received the specification information, is transmitted to both of the specific user devices specified by the specification information, is information required by the specific user devices to acquire the same initial solution to synchronize the solutions between the specific user devices, and is synchronization information unique to each of the two or more server devices; a third step of receiving, by the user transmitter/receiver of each of the specific user devices, second synchronization information that is generated by the second server device having received the specification information, is transmitted to both of the specific user devices specified by the specification information, and is the synchronization information; and a fourth step of executing, by each of the specific user devices, predetermined calculation through use only of the first synchronization information and the second synchronization information to obtain the common initial solution.
  2. 2 . The method according to claim 1 , wherein each of the two or more server devices includes: a server-device solution generator configured to generate, based on the initial solution which is the same as the initial solution in the each of the three or more user devices and is different from the initial solutions in other user devices, a solution which is the same as the solution generated by the user solution generator of the each of the three or more user devices and is synchronized with the solution generated by the user solution generator of the each of the three or more user devices, wherein the server-device solution generator generates a pseudo-random number through use of the initial solution by an appropriate method for generating a pseudo-random number by a computer; a basic information generator configured to successively generate basic information being information unique to the each of the two or more server devices, wherein the basic information generator generates a pseudo-random number by an appropriate method for generating a pseudo-random number by a computer; and a server-device calculator configured to execute reversible calculation through use of the basic information generated by the basic information generator and the solution generated by the server-device solution generator, wherein the second step includes: generating, by the first server device that has received the specification information, through use of the basic information generated by the basic information generator of the first server device and the solution that is generated by the server-device solution generator of the first server device and is generatable by the user solution generator of one of the specific user devices, the first synchronization information through calculation in the server-device calculator of the first server device, and receiving, by the user transmitter/receiver of the one of the specific user device specified by the specification information, the first synchronization information transmitted to the one of the specific user devices; and generating, by the first server device that has received the specification information, through use of the basic information generated by the basic information generator of the first server device and the solution that is generated by the server-device solution generator of the first server device is generatable by the user solution generator of another one of the specific user devices, the first synchronization information through the calculation in the server-device calculator of the first server device, and receiving, by the user transmitter/receiver of the another one of the specific user devices, the first synchronization information different from the first synchronization information transmitted to the one of the specific user devices specified by the specification information, wherein the third step includes: generating, by the second server device that has received the specification information, through use of the basic information generated by the basic information generator of the second server device and the solution that is generated by the server-device solution generator of the second server device and is generatable by the user solution generator of the one of the specific user devices, the second synchronization information through the calculation in the server-device calculator of the second server device, and receiving, by the user transmitter/receiver of the one of the specific user devices specified by the specification information, the second synchronization information transmitted to the one of the specific user devices; and generating, by the second server device that has received the specification information, through use of the basic information generated by the basic information generator of the second server device and the solution that is generated by the server-device solution generator of the second server device and is generatable by the user solution generator of the another one of the specific user devices, the second synchronization information through calculation in the server-device calculator of the second server device, and receiving, by the user transmitter/receiver of the another one of the specific user devices, the second synchronization information different from the second synchronization information transmitted to the one of the specific user devices specified by the specification information, and wherein the fourth step includes: executing, by the one of the specific user devices, through use of the solution generated by the user solution generator of the one of the specific user devices and is the same as the solution generated by the first server device when the first synchronization information is generated, reverse calculation of the calculation executed by the server-device calculator of the first server device on the first synchronization information received from the first server device, to thereby extract the basic information generated when the first synchronization information is generated in the first server device, and executing, through use of the solution generated by the user solution generator of the one of the specific user devices and is the same as the solution generated by the second server device when the second synchronization information is generated, reverse calculation of the calculation executed by the server-device calculator of the second server device on the second synchronization information received from the second server device, to thereby extract the basic information generated when the second synchronization information is generated in the second server device; executing, by the another one of the specific user devices, through use of the solution generated by the user solution generator of the another one of the specific user devices and is the same as the solution generated by the first server device when the first synchronization information is generated, reverse calculation of the calculation executed by the server-device calculator of the first server device on the first synchronization information received from the first server device, to thereby extract the basic information generated when the first synchronization information is generated in the first server device, and executing, through use of the solution generated by the user solution generator of the another one of the specific user devices and is the same as the solution generated by the second server device when the second synchronization information is generated, reverse calculation of the calculation executed by the server-device calculator of the second server device on the second synchronization information received from the second server device, to thereby extract the basic information generated when the second synchronization information is generated in the second server device; and executing, by both of the specific user devices, predetermined calculation on the two pieces of common basic information generated by the first server device and the second server device, to thereby obtain the common initial solution.
  3. 3 . The method according to claim 2 , wherein the calculation executed by the server-device calculator is to obtain exclusive-OR between the basic information and the solution.
  4. 4 . The method according to claim 2 , wherein the solution generated by the user solution generator and the solution generated by the server-device solution generator always have information amounts equal to or larger than an information amount of the basic information generated by the basic information generator.
  5. 5 . A user device, which forms, in combination with two or more server devices, a communication system including three or more user devices and the two or more server devices that are connected to a network and controls communication among the three or more user devices, the three or more user devices and the two or more server devices being communicable thereamong via the network, the user device comprising: a user solution generator that generates a pseudo-random number through use of an initial solution by an appropriate method for generating a pseudo-random number by a computer, and is always the same when the string is generated under the same condition; a user encryptor configured to execute processing of encrypting transmission target data being a target of transmission into encrypted data through use of the solution generated by the user solution generator; a user transmitter/receiver configured to execute transmission and reception via the network; and a user decryptor configured to execute processing of decrypting the encrypted data received by the user transmitter/receiver into the transmission target data through use of the solution generated by the user solution generator, wherein, when specific user devices being two user devices intending to execute encrypted communication have a common initial solution, the encrypted communication between the specific user devices is established by each of the user solution generators generating a common solution synchronized between the two user devices, and the own user decryptor decrypting, into the transmission target data, encrypted data that is generated by the user encryptor of an opposite party encrypting the transmission target data, is transmitted from the user transmitter/receiver of the opposite party, and is received by the own user transmitter/receiver, and wherein, when the user device is one of the specific user devices: any one of the specific user devices uses the user transmitter/receiver to transmit specification information for specifying both of the specific user devices to a first server device being one of the two or more server devices, and any one of the specific user devices uses the user transmitter/receiver to transmit specification information for specifying both of the specific user devices to a second server device being another one of the two or more server devices; the user transmitter/receiver of each of the specific user devices receives first synchronization information that is generated by the first server device having received the specification information, is transmitted to both of the specific user devices specified by the specification information, is information required by the specific user devices to acquire the same initial solution to synchronize the solutions between the specific user devices, and is synchronization information unique to each of the two or more server devices; the user transmitter/receiver of each of the specific user devices receives second synchronization information that is generated by the second server device having received the specification information, is transmitted to both of the specific user devices specified by the specification information, and is the synchronization information; and each of the three or more user devices executes predetermined calculation through use only of the first synchronization information and the second synchronization information to obtain the common initial solution.
  6. 6 . One or more non-transitory computer readable storage media encoded with instructions that, when executed by a processor, cause the processor to: function as a user device forming, in combination with two or more server devices, a communication system including three or more user devices and the two or more server devices that are connected to a network and controls communication among the three or more user devices, the three or more user devices and the two or more server devices being communicable thereamong via the network, the instructions causing the processor to further function as: a user solution generator that generates a pseudo-random number through use of an initial solution by an appropriate method for generating a pseudo-random number by a computer, and is always the same when the string is generated under the same condition; a user encryptor configured to execute processing of encrypting transmission target data being a target of transmission into encrypted data through use of the solution generated by the user solution generator; a user transmitter/receiver configured to execute transmission and reception via the network; and a user decryptor configured to execute processing of decrypting the encrypted data received by the user transmitter/receiver into the transmission target data through use of the solution generated by the user solution generator, wherein, when specific user devices being two user devices intending to execute encrypted communication have a common initial solution, the processor establishes the encrypted communication between the specific user devices, by causing each of the user solution generators to generate a common solution synchronized between the two user devices, and causing the own user decryptor to decrypt, into the transmission target data, encrypted data that is generated by the user encryptor of an opposite party encrypting the transmission target data, is transmitted from the user transmitter/receiver of the opposite party, and is received by the own user transmitter/receiver, and wherein, when the user device is one of the specific user devices, the processor causes: any one of the specific user devices to use the user transmitter/receiver to transmit specification information for specifying both of the specific user devices to a first server device being one of the two or more server devices, and any one of the specific user devices to use the user transmitter/receiver to transmit specification information for specifying both of the specific user devices to a second server device being another one of the two or more server devices; the user transmitter/receiver of each of the specific user devices to receive first synchronization information that is generated by the first server device having received the specification information, is transmitted to both of the specific user devices specified by the specification information, is information required by the specific user devices to acquire the same initial solution to synchronize the solutions between the specific user devices, and is synchronization information unique to each of the two or more server devices; the user transmitter/receiver of each of the specific user devices to receive second synchronization information that is generated by the second server device having received the specification information, is transmitted to both of the specific user devices specified by the specification information, and is the synchronization information; and each of the three or more user devices to execute predetermined calculation through use only of the first synchronization information and the second synchronization information to obtain the common initial solution.
  7. 7 . The method according to claim 3 , wherein the solution generated by the user solution generator and the solution generated by the server-device solution generator always have information amounts equal to or larger than an information amount of the basic information generated by the basic information generator.

Description

TECHNICAL FIELD The present invention relates to a communication technology, and more particularly, to an encrypted communication technology. BACKGROUND ART For example, when a payment is made on the Internet to a shop existing on the Internet or a balance of an own account is checked or money is transferred to a third party in Internet banking, a user conducting those activities executes communication between an own terminal and a server device of the shop or the like via the Internet. In this communication, it is, as a matter of course, required to prevent tapping of the communication by a malicious third party. A technology for encrypted communication is widely used to prevent the tapping of the communication not only in a case in which a service relating to money is received on the Internet as described above as a matter of course, but also in a case in which other general communication is executed. As one of such technologies, the inventor of the present application has already developed a certain technology, and has tried to disseminate the technology. The technology advocated by the inventor of the present application is a technology described below. To give an overview, in this technology, two communication devices execute communication over a network such as the Internet. In this case, each of the two communication devices includes a solution generator which successively generates a solution which is a string of a predetermined number of characters of at least one type of an alphabetic character, a numeric character, and a symbol. This solution generator generates the solution based on an initial solution, and is configured such that a solution generated under the same condition is always the same. That is, the solution has initial value dependency. As an example, the solution generated by the solution generator is a pseudo-random number. Moreover, each of the two communication devices includes an encryptor. The encryptor executes processing of encrypting transmission target data being a target of transmission into encrypted data through use of the solution generated by the solution generator. Moreover, each of the two communication devices includes a transmitter which transmits the encrypted data generated by the encryptor to a communication device being an opposite party of the communication. Moreover, each of the two communication devices includes a receiver which receives the encrypted data from the communication device being the opposite party of the communication. Moreover, each of the two communication devices includes a decryptor which executes processing of decrypting the received encrypted data into the transmission target data through use of the solution generated by the solution generator. The two communication devices intending to execute the encrypted communication have a common initial solution, and hence can generate the same solution in the solution generators which both thereof include. In the present invention, such a situation is referred to as “situation in which the two devices can generate synchronized solutions.” The two communication devices can generate the synchronized solutions, and hence the encrypted communication in those communication devices is extremely secure. For example, when two devices execute communication of the common key type, those two devices share an algorithm which defines processing for the encryption or the decryption and a common key used when the algorithm is executed. In the above-mentioned communication devices advocated by the inventor of the present application, new synchronized common solutions are successively generated as described above by the solution generators included in the two communication devices which execute the communication. Moreover, the encryptors and the decryptors included in the two communication devices use the common solution as the common key (or common information for generating the common key) which changes at the common timing, to thereby achieve extremely high security for the communication. The above-mentioned communication device advocated by the inventor of the present application can generate the solution not only each time of the communication, but also at a plurality of timings of the encryption of the transmission target data, and, in the most frequent case, can generate a new solution each time when one unit of data, which is a target of the processing for the encryption or the decryption executed once, is generated by dividing the transmission target data. That is, the above-mentioned communication device advocated by the inventor of the present application updates the common key for the execution of the encrypted communication each time when the communication is executed at least once or, in some cases, at more frequent timings, for example, sequentially generates disposable common keys to execute the encrypted communication, and hence strength of the cryptograph is extremely high. Note that, it is not alwa