Top > Search of International Patents > ENCRYPTION CONTROL SYSTEM, ENCRYPTION CONTROL METHOD, AND ENCRYPTION CONTROL PROGRAM

ENCRYPTION CONTROL SYSTEM, ENCRYPTION CONTROL METHOD, AND ENCRYPTION CONTROL PROGRAM

Foreign code F200010254
File No. (S2019-0270-N0)
Posted date Nov 5, 2020
Country WIPO
International application number 2020JP008362
International publication number WO2020179672
Date of international filing Feb 28, 2020
Date of international publication Sep 10, 2020
Priority data
  • P2019-039026 (Mar 4, 2019) JP
Title ENCRYPTION CONTROL SYSTEM, ENCRYPTION CONTROL METHOD, AND ENCRYPTION CONTROL PROGRAM
Abstract Disclosed is an encryption control system for making it possible to prevent all keys from being deciphered within the service life of a controlling system even if the key length of cryptographic keys used for encryption control is relatively short, the encryption control system controlling a control target by an encryption controller capable of concealing information in the controlling system by cryptography. The encryption control system comprises: a cryptographic key updating unit that dynamically updates a private key and a public key in every encryption step; and a ciphertext updating unit that dynamically updates a ciphertext in every encryption step. The cryptographic key updating unit and the ciphertext updating unit each include a random number generator, and are configured so that the same random number is generated when updating the cryptographic keys and the ciphertext.
Outline of related art and contending technology BACKGROUND ART
In recent years, with the development of information technology such as the Internet, control systems using information technology have been becoming networked in important infrastructure such as electric power and water supply and large-scale control systems such as chemical plants. In such a networked control system (control system), various devices in the system are interconnected via a network.
In such a control system, various devices are interconnected, so that the processing speed of the entire system can be improved and the processing contents can be enhanced. Further, since the manager of the system can monitor and control the plant from a remote place through the network, many benefits can be obtained in terms of system management.
However, networking in the control system improves convenience and may damage the system and its surroundings. In fact, cyber attacks on control systems for monitoring or controlling plant operations such as power plants and factories appear, and there is concern as social important problems. For example, in Australia in 2000 years, a networked sewage treatment facility attacks and 100 million liters of sewage overflow the city. In addition, in 2010 years, the nuclear facilities of Iran are infected with Stuxnet virus, and the facilities are destroyed.
As described above, damage due to cyber attack tends to become serious, and technology development for protecting networked control systems from cyber attack is urgent. Therefore, in the field of control engineering, research for diverting information system security technology and detection of cyber attack have been carried out. For example, in network communication between the controller (controller) and the controlled (plant), research for preventing eavesdropping or tampering of a signal by encrypting the signal has been carried out.
The inventors have already developed an encryption control system technology which eliminates the need for a private key on the controller side by directly performing arithmetic processing on encrypted input data and output data by a controller corresponding to the core portion of the control system without decrypting the encrypted input data and output data once, and obtaining a patent). In the technology described in Patent Document 1, the secret key may be provided only on the plant side, and the secret key need not be moved to the controller or the plant. thus, the risk of loss or leakage of the secret key can be reduced.
Non-Patent Document 1) proposes a method of determining a control input while keeping signals and parameters inside the controller (Controller) secret by encryption. Furthermore, The inventors conducted experiments on encryption control using a key of 128 (bit) or less by ElGamal encryption, and verified real-time properties of (Non-Patent Document 2). In this Non-Patent Document 2, the inventors have reported that there is a trade-off relationship between security and processing time since the processing time increases as the encryption key used in the encryption control system becomes longer. The processing time is a time required for "encryption and decryption" processing, and it is known that when the encryption key is lengthened, not only decryption but also encryption processing time is increased.
The real-time property will now be described. The real-time property refers to a temporal constraint on the processing time from the start of 1 processes to the end of the system. For example, if a certain control system is designed to perform encryption control 1 times per 10 (ms), the processing time must always be within 10 (ms). In the verification method, encryption control is actually repeatedly executed by 1 million times and 10 million times by using an experimental device to measure the processing time. When the processing time does not exceed the temporal restriction of 10 (ms) during the control, the control system guarantees the real-time performance at the sampling period of 10 (ms).
Generally, when the privacy such as the account number of an individual is managed, the privacy such as the account number of the individual must be kept secret at least over the life of the individual. Therefore, it is necessary to make it impossible to decrypt the cipher for an extremely long period of time such as during the life of an individual, and in order to achieve this, it is necessary to prepare a strong cipher system which is practically difficult to decrypt the cipher.
On the other hand, in many control systems, the service life of about ~ 20 years has been set. That is, as long as cyber attack can be prevented within the service life, there are many cases where there are no problems even if the secret key and the input/output signal are exposed after the service life of the control object exceeds the service life. Therefore, in key length design problems used in existing encryption control systems, secrecy which is difficult to decrypt is important. in encryption control systems for preventing cyber attacks within the service life, a new key length design index which combines secrecy and availability of the control systems is required.
Scope of claims (In Japanese)[請求項1]
 制御系内の情報を暗号理論により秘匿可能とする暗号化コントローラにより制御対象を制御する暗号化制御システムであって、
 暗号化するステップ毎に、離散対数問題の解となる条件を満たす更新則により秘密鍵および公開鍵を動的に更新する暗号鍵更新部と、
 暗号化するステップ毎に、暗号文を動的に更新する暗号文更新部と、を備え、
 前記暗号鍵更新部および前記暗号文更新部はそれぞれ乱数生成器を有しており、前記それぞれの乱数生成器は前記暗号化する同時刻のステップで同じ乱数を生成し、前記それぞれの乱数生成器で生成された乱数と暗号化制御パラメータとの乗算剰余処理を行うことにより、前記秘密鍵、前記公開鍵および前記暗号文を更新する
 暗号化制御システム。

[請求項2]
 前記暗号鍵更新部は、現在のステップで使用した暗号鍵から前記制御系の制御則に基づいて、次回のステップで用いる暗号鍵を演算により作成して暗号鍵を更新し、
 前記暗号文更新部は、現在時刻で使用した暗号文から制御系の制御則に基づいて、次回のステップで用いる暗号文を演算により作成して暗号文を更新する、
 請求項1に記載の暗号化制御システム。

[請求項3]
 前記制御系の秘密鍵をs(t)、公開鍵をh(t)および暗号文をc 1(t) c 2(t)としたとき、前記秘密鍵、前記公開鍵および前記暗号文の更新に関する前記制御則は、次式に従うものである、
 請求項2に記載の暗号化制御システム。  

 但し、f 1は秘密鍵s(t)を更新する写像、f 2は公開鍵h(t)を更新する写像、f 3、f 4は暗号文c 1(t) c 2(t)を更新する写像、w(t)、v(t)は秘密鍵s(t)、公開鍵h(t)および暗号文c 1(t) c 2(t)の更新に用いる乱数、p、qは素数(p=2q+1)、gは巡回群の生成元である。

[請求項4]
 前記暗号鍵更新部および前記暗号文更新部で用いられる暗号は、ElGamal暗号である、請求項1~3のいずれか1項に記載の暗号化制御システム。

[請求項5]
 前記暗号鍵および前記暗号文を更新するステップ数は、前記制御系の耐用年数L u(sec)を、前記制御対象をセンシングするサンプリング周期T s(sec)で割った値L u(sec)/T s(sec)である、
 請求項2または3に記載の暗号化制御システム。

[請求項6]
 制御系内の情報を暗号理論により秘匿可能とする暗号化コントローラにより制御対象を制御する暗号化制御方法であって、
 暗号化するステップ毎に、暗号鍵更新部において、前記暗号鍵更新部が備える乱数発生器で生成される乱数と1ステップ前の秘密鍵および公開鍵を乗算剰余することにより、秘密鍵および公開鍵を動的に更新する手順と、
 暗号化するステップ毎に、暗号文更新部において、前記暗号文更新部が備える乱数発生器で生成される乱数で、かつ前記暗号鍵更新部が備える乱数発生器で生成される乱数同じ乱数と1ステップ前の暗号化制御パラメータとを乗算剰余することにより、暗号文を動的に更新する手順を含む、
 暗号化制御方法。

[請求項7]
 前記秘密鍵および前記公開鍵を動的に更新する手順においては、現在のステップtで私用した秘密鍵および公開鍵と、乱数を用いて次式に示す制御系の制御則に基づいて、次回の時刻(t+1)で使用する秘密鍵および公開鍵を生成し、
 前記暗号文を動的に更新する手順では、現在の時刻tで使用した暗号文と乱数を用いて次式に示す制御系の制御則に基づいて、次回の時刻(t+1)で用いる暗号文を生成する、
 請求項6に記載の暗号化制御方法。

 但し、f 1は秘密鍵s(t)を更新する写像、f 2は公開鍵h(t)を更新する写像、f 3、f 4は暗号文c 1(t) c 2(t)を更新する写像、w(t)、v(t)は秘密鍵s(t)、公開鍵h(t)および暗号文c 1(t) c 2(t)の更新に用いる乱数、p、qは素数(p=2q+1)、gは巡回群の生成元である。

[請求項8]
 制御系内の情報を暗号理論により秘匿可能とする暗号化コントローラにより制御対象を制御する暗号化制御をコンピュータに実行させる暗号化制御プログラムであって、
 暗号化するステップ毎に、暗号鍵更新部において、前記暗号鍵更新部が備える乱数発生器で生成される乱数と1ステップ前の秘密鍵および公開鍵を乗算剰余することにより、秘密鍵および公開鍵を動的に更新する手順と、
 暗号化するステップ毎に、暗号文更新部において、前記暗号文更新部が備える乱数発生器で生成される乱数で、かつ前記暗号鍵更新部が備える乱数発生器で生成される乱数同じ乱数を1ステップ前の暗号化制御パラメータを乗算剰余することにより、暗号文を動的に更新する手順と、
 をコンピュータに実行させる暗号化制御プログラム。

[請求項9]
 前記秘密鍵および前記公開鍵を動的に更新する手順においては、現在のステップtで使用した暗号鍵と乱数を用いて次式に示す制御系の制御則に基づいて、次回のステップ(t+1)で用いる秘密鍵および公開鍵を生成し、
 前記暗号文を動的に更新する手順では、現在のステップtで使用した暗号文と乱数とから次式に示す制御系の制御則に基づいて、次回のステップ(t+1)で用いる暗号文を生成する、
 請求項8に記載の暗号化制御プログラム。  

 但し、f 1は秘密鍵s(t)を更新する写像、f 2は公開鍵h(t)を更新する写像、f 3、f 4は暗号文c 1(t) c 2(t)を更新する写像、w(t)、v(t)は秘密鍵s(t)、公開鍵h(t)および暗号文c 1(t) c 2(t)の更新に用いる乱数、p、qは素数(p=2q+1)、gは巡回群の生成元である。
  • Applicant
  • ※All designated countries except for US in the data before July 2012
  • THE UNIVERSITY OF ELECTRO-COMMUNICATIONS
  • Inventor
  • KOGISO Kiminao
  • KUSAKA Masahiro
IPC(International Patent Classification)
Specified countries National States: AE AG AL AM AO AT AU AZ BA BB BG BH BN BR BW BY BZ CA CH CL CN CO CR CU CZ DE DJ DK DM DO DZ EC EE EG ES FI GB GD GE GH GM GT HN HR HU ID IL IN IR IS JO JP KE KG KH KN KP KR KW KZ LA LC LK LR LS LU LY MA MD ME MG MK MN MW MX MY MZ NA NG NI NO NZ OM PA PE PG PH PL PT QA RO RS RU RW SA SC SD SE SG SK SL ST SV SY TH TJ TM TN TR TT TZ UA UG US UZ VC VN WS ZA ZM ZW
ARIPO: BW GH GM KE LR LS MW MZ NA RW SD SL SZ TZ UG ZM ZW
EAPO: AM AZ BY KG KZ RU TJ TM
EPO: AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR
OAPI: BF BJ CF CG CI CM GA GN GQ GW KM ML MR NE SN ST TD TG
Please contact us by E-mail or facsimile if you have any interests on this patent.

PAGE TOP

close
close
close
close
close
close