METHOD FOR TRANSMITTING BINARY INFORMATION WITH
SECURITY
BACKGROUND OF THE INVENTION
Field of the Invention
The present invention relates to a method for transmitting binary information through electronic transmission media, and more particularly to a method for encrypting and deciphering binary information in transmission with the use of super- increasing matrix sequence.
Description of the Related Art
In case of transmitting information through electronic transmission media in recent, especially in data transmission between computers, security matter is being gradually amplified. Actually, data transmitted through transmission lines is relatively easily overheard, which means that important information can pass to third party's hands. In order to prevent such risk, it is necessary to encrypt information for transmission not to be easily read by a third party.
For the encryption of information, various types of encryption methods have been proposed. The encryption methods are largely classified into a symmetric-key method and a public key method. The symmetric key method is a method of using a deciphering key identical to an encrypting key, and the public key method is a method of using a deciphering key different from an encrypting key. The symmetric key method has benefits in
one-to-one data transmissions, but has some troublesome problems in multi-to-one data transmissions since different encrypting keys have to be used. The public key method requires a public key open to the public and a private key held by a receiver, so the public key method has an advantage in the multi-to-one data transmissions. That is, if anyone encrypts information to be transmitted by means of the public key, a receiver can deciphers the information with a secret key, that is, a private key the receiver has. Such public key encryption method has two important elements, which are the safety and efficiency for transmissions. The safety for transmissions is determined according to how difficult a third party who is not the receiver extracts the private key from the public key, and the efficiency for transmissions is determined according to how easily the public key can be produced.
Lots of studies on the public key transmission system have been carried out since a first introduction from Diffie and hellman in 1976, and continue to devise safer system. The RSA is a public key transmission system devised in 1978 and occupies over 90% of the world market at present. The RSA transmission system employs a mathematical matter in which the prime factorization of integers is difficult as a basic encryption method. However, the RSA transmission system has a drawback in that a lot of time is required in encryption and decryption.
That is, the RSA transmission system delays an information transmission since it takes a long time in generating a cryptographic key, which requires a large capacitor of buffers
in order to lower or control an information transmission rate of a transmitter. In case of requiring the buffers, some actions should be taken in order for information not to be lost when a signal indicating that a receiving station is not ready for receiving the information is generated.
In the meantime, as an alternative for overcoming the problem of the RSA transmission system, a public key transmission system of a knapsack type has been developed. The system is called "knapsack" since it hides the properties of a super-increasing integer sequence in the public key. The super- increasing integer sequence refers to a set of integers S=(S1, S2,
..., S
n) composed of positive integers satisfying
. The system is known to have faster encryption and decryption speeds than the RSA transmission system. Hereinafter, the public key transmission system of the knapsack type will be described in detail .
The public key transmission system of the knapsack type includes steps of: producing a private key and a public key as in the other public key transmission systems, encrypting information with the public key; transmitting the encrypted signal; and deciphering the transmitted encrypted signal with the private key.
With the steps ramified, the private key is first produced and then the public key is produced from the produced private key. Information is encrypted by using the produced public key and then transmitted. A receiver uses the private key to decipher the encrypted information. Such step is described as below with an example.
First of all, a super-increasing integer sequence B is, for example, 12, 17, 33, 74, 316, arbitrarily produced. After that, a larger number M' , for example 737, than the sum of the respective numbers of the super-increasing integer sequence is arbitrarily selected. After that, A number W, for example 635, is arbitrarily selected which is smaller than the M' and a prime number against the M' and vice versa. After that, the super- increasing integer sequence B is multiplied by the number W and an residue class operation is carried out based on the M' . If the result is put as a public key A, the A can be expressed as follows: A=(W*B) (mod M' ) = {635*(12, 17, 33, 74, 157, 316) } (mod 737) =(250, 477, 319, 559, 200, 196) Through the above step, a private key(B, ' , W) and the public key A can be obtained, but it is not easy to produce the private key(B, M' , W) from the public key A through a reverse step. The description has been made that the facilitation of the reverse operation becomes a barometer of a public key transmission system.
Now, a description is made on the steps for encrypting information E by the public key A with an example of a binary number 101101.
The information E is encrypted by multiplying the information E by the public key A. That is, if the encrypted information is put as P, the P can be expressed as follows: P=A • E =(250, 477, 319, 559, 200, 196) • (1, 0, 1, 1, 0, 1)=1324 So the encryption is accomplished.
If transmitting such encrypted signal, the information prior to the encryption is extracted from the transmitted signal in a receiving stage (deciphering) . The step is as follows. That is, the encrypted signal P is multiplied by W"1, wherein the W"1 is a positive integer of satisfying {W*^1} (mod M')=l, and then a residue class is obtained based on the ' . If the obtained value is Q, the Q is expressed as follows: Q=(W-1*P)Jmod M' ) =435 where, if the P is substituted with A • E, Q= (W_1*A • E) , and then if the A is substituted with (W*B) (mod M' ) , Q={W-1 * (W*B) (mod M' ) • E} (mod M' ) .
The W""1 is just a constant, so that the W'1 can be put in the parentheses. A residue class regarding the M' of the W_1*W is a 1, so that the result expression is (B • E) (mod M' ) . If the E is defined as (ex, e2, e3, e4, e5, e6) , the result expression is re-expressed as follows:
435={(12, 17, 33, 74, 157, 316) • (ex, e2, e3 e4, e5, e6) } (mod 737). Here, (12, 17, 33, 74, 157, 316) is the super- increasing integer sequence, so that the E can be easily obtained. That is, the information E=(l, 0, 1, 1, 0, 1) prior to the encryption can be easily extracted from 435 = 12e! + 17e2 + 33e3 + 74e4 + 157e5 + 316e6.
However, the system is severely affected in its safety by attack methods developed by Brickell, Lagarias, and Odlyzko, Schnor, et al. That is, a private key of a receiver is easily found by a third party, so that a problem information data is easily leaked has occurred. Most of such attach methods rely upon a low density attack method based on the Lattice Basis
Reduction Algorithm. A small number of the public key transmission systems of the knapsack problem so far, including one based on Chor-Rivest, are known to be safe against such attach methods .
SUMMARY OF THE INVENTION
It is an object of the present invention to provide a public key transmission system of an improved knapsack type for securing higher safety by increasing transmission efficiency by easily producing an public key and hardly extracting a private key from the public key.
The present invention provides a public key method of the knapsack type using a super-increasing matrix sequence instead of a public key of the knapsack type using a super-increasing integer sequence. The use of a super-increasing matrix sequence in the present invention causes public keys and private keys to be extended to matrix sequences having arbitrary dimensions, which provides a reason on making the extraction of a private key from a public key more difficult. Accordingly, a construction of the present invention is the same as the public key transmission system using the conventional super-increasing integer sequence as stated above, except for producing a super- increasing matrix sequence instead of the super-increasing integer sequence. A description on such construction will be described as follows. That is, the present invention is directed to a binary information auxiliary transmission method comprising, if Kx and K2 are positive integers, kxxk2 is an integer larger than 3, and n is an integer larger than 2, steps
of: producing a private key including n matrices composed of kλxk2; producing a public key including n matrices composed of kiXk2 from the private key; dividing binary information to be transmitted into n plural bit sequences E = { el t e2, ..., en} , e e {0, 1}; encrypting the plural bit sequences E by using respective public keys; forming transmission data S by incorporating encrypted information; transmitting the transmission data S to a receiving station; and extracting binary information data from the received transmission data S in the receiving station by using the private key, wherein the step for producing the private key is placed prior to the step for extracting the binary information data.
After producing the public keys, an addition of a random number to respective matrices composing of the public keys and/or the execution of an order change function can make the extraction of a private key from the public key difficult. In the above case, binary information data E to be transmitted can be exactly extracted by adding a certain number and/or executing an inverse function of the order change function before deciphering.
BRIEF DESCRIPTION OF THE DRAWINGS
The above object and other advantages of the present invention will become more apparent by describing the preferred embodiment thereof in more detail with reference to the accompanying drawings, in which:
FIG. 1 is a flow chart for showing a process of producing a private key and a public key according to an embodiment of the
present invention;
FIG. 2 is a flow chart for showing a encryption process by using the public key of FIG. 1; and
FIG. 3 is a flow chart for showing a deciphering process by using the private key of FIG. 1.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
Hereinafter, the present invention will be described in more detail with reference to the accompanying drawings.
FIG. 1 is a flow chart for showing a process of producing a private key and a public key according to an embodiment of the present invention.
The process, first, produces a private key (cct, W1 W2, M) , wherein cct indicates n KlxKl super-increasing matrix sequences, Wx is a k- k. matrix, W2 is a k2xk2 matrix, which are values corresponding to B, W, and M' , respectively, in a public key transmission system of a knapsack based on a super-increasing integer sequence. First, positive integers k:, k2, llr 12, ... , lu are arbitrarily selected to be kLxk2 > 3, 2 < u < k^^-l, which is
referred to as .
(step 110) .
Next, n super-increasing integer sequences having a length ls with respect to each s(l < s < u) are selected, which is referred to as ds = (dSιl, dSf2, ..., dSrl) , 1 < s <u(step 120). The super-increasing integer sequence means an integer sequence in
∑dSJ < dS +] ,( l < t< ls - l) which dS/- is a positive integer and J
After that, a super-increasing matrix sequence having a matrix size of k.xk2 and length n is produced as follows (step 130). If the matrix sequence is referred to as cct = [cct/ /:)] in 1 < t < n, 1 < I < klr 1 < j < k2, respective cctι(lι]) are produced as follows.
© in case of (i,j) = (l,l), cct(1/1) = d1/t in 1 < t < lj and cc td,i) nas a random positive integer satisfying
rι ^<--,(l,l)<"l,l
1 m lx+l < t < n.
© in case that (i,j) satisfies 2 < (i-l)k2+j < u-1, cct u (i,:)
has a random positive integer in
and another random positive integer satisfying
© in case that (i,j) satisfies (i-l)k2+j = u, cctl ) has a
random positive integer in
and
© in case that (i,j) satisfies u+1 < (i-l)k,+j < kχk2-l,
cc-uji has a random positive integer in 1 < t < n.
© (i,j) satisfies (i-l)k2+l = kλ x k2, cc.,.,., = 0 in 1 < t < n.
After that, an integer M is selected as follows (step 140) . That is, a positive integer M satisfying
Next, n random positive integers rl r r2, ..., rn are selected (step 150) .
After that, rt is added to respective elements of a matrix cct and then a matrix (referred to as ct in Formula 1) selecting a residue class based on the M is produced (step 160) . Formula 1 c-,,.,-, ≡ cctr(lι., + rt(mod M) After that, a permutation function π with respect to {1, 2, ..., n} -is selected to produce bt = cπ (t) (step 170) . Steps 150 and 160 for adding Rt to respective elements or a step 170 for applying the permutation function can be omitted since they are for making the extraction of a private key from public keys difficult. After that, two matrices x and W2 having sizes of kxxkx and k2xk2 respectively are arbitrarily selected to have inverse matrices when performing calculations based on a residue class of M with respect to matrix elements (step 180). Therefore, the private key cct(or bl r b2, ..., bn) , Wlf W2, M, and π are completed. Next, a public key is produced from the private key obtained from the above (step 190).
In the step 190, N matrices, at, (1 < t < n) are produced
as follows .
Respective elements exist between 0 and M with at ≡ w^w- (mod M) . Accordingly, the public key at = (alr a2, ..., an) are completed. FIG. 2 is a flow chart for showing an encryption process of information to be transmitted by using the public key of FIG. 1.
The encryption is performed by multiplying the information to be transmitted, which is divided into n bits, by the public key (steps 210 and 220).
Let E be the information containing only 0 and 1 and having a length n.
That is, E = { el f e2, ..., en) , et e {0, 1}
The encryption is carried out by multiplying information E to be transmitted by a public key a. If an encrypted signal is indicated as S, the S may be expressed as Formula 2 as below: Formula 2
FIG. 3 is a flow chart for showing a deciphering process with respect to an encrypted signal. A process for extracting E from the encrypted signal s is as follows. i"1 and W2 _1 of residue class operation inverse matrices with respect to M of : and W2 are calculated and multiplied by s to produce a cyphertext of an intermediate step (steps 310 to 330). Let such result be Sl f then formula 3 is as follows.
Formula 3
where, s- is a matrix satisfying 0 < s
1 ) < M, a formula
is established. The reason the formula
is established is because W-W
l and W
2W
2 _1 are 1, respectively.
In the meantime, if e'-. = e,"1,,.,, the following formula is effectuated becase of et = e'π (t) and bt = c„ (t, .
Next, a value of (e'x, e'2, ..., e'n) is obtained as follows by using a configuration of an appropriate equation and a mathematical induction. First, a value of (e',, e'2, ..., e'n) becomes a solution of (x., x2, ..., xn) in the equation of
, and a value of x
3 can be easily
obtained since (d1 , dlι2, ..., d1;11) is a super-increasing integer sequence.
For example, when a value obtained from the calculation of Si, (i,D _si,(i, 1.2) is "130" and a super-increasing integer sequence is {30, 74, 147}, a solution becomes "0" since "130" is smaller than "147" and a step for comparing "130" with "74" is carried out without any calculation. At this time, the solution is processed as "1" since 130-74 = 56. Lastly, the solution is set to "1" since "56" is larger than "30" when comparing "56" with "30". Accordingly, the desired final solution becomes (1, 1, 0}. This is generally known to those who are skilled in this field.
After that, if a value of (e'ιr e'2, ..., e'3) is obtained as an assumption of a mathematical induction and w = 1, + 12 + ... +lv
in v 1, 2, u-i; a value of X is obtained as follows. That is, the value is obtained from the calculation of the value of (xw+1, xw+2, ..., xw+ιv+ι) in an equation
^v,([v/A:2]+l,v+l-[v/*2]-*,) v,(A.,,*2) Xw+j^v+\J of J when w
Sv=S - tct
The use of a super-increasing property of (dv.ι,ι. dv+lj2, ..., dv+1#lv+1) enables a value of (e'w+1, e'w+2, ..., e', to be easily obtained. All the values of (e' lr e' e'n) are obtained through the mathematical induction method.
After that, the original message of E = (e17 e2, ..., en) is obtained as follows through the use of the property of et = e'π(t).
That is, E (ex ~~ (e π (1) i e π (2) e' π ( (nn)
The signal E prior to the encryption is deciphered through the above process.
The public key transmission system based on this method is much better in a speed point of view, compared to the other public key transmission system and shown in Table 1. Table 1
As shown in Table 1, the present invention has a much faster speed in the encryption and decryption, compared to the existing NTRU or RSA system. The matter of prolonging a public key length and a private key length does not cause any problem due to the improvement of the performance of system memories
employed at present.
A secure binary information transmission method according to the present invention can overcome the vulnerability with respect to a low density attack method in a public key transmission system of the knapsack type using a super- increasing integer sequence, and also overcome the vulnerability in a speed of an RSA transmission system by rapidly realizing main operations which are additions or comparisons of two numbers in a computer. Accordingly, the present invention prevents, in case that binary information is transmitted through transmission media, third parties from easy reading as well as accelerates a transmission speed, so it is directly applicable to home banking, electronic commerce business, information exchanges on the internet, and the like.
Although the preferred embodiment of the present invention has been described, it will be understood by those skilled in the art that the present invention should not be limited to the described preferred embodiment, but various changes and modifications can be made within the spirit and scope of the present invention as defined by the appended claims.