Apparatus and method for performing different cryptographic algorithms in a communication system

摘要

A communication apparatus performs encryption on data transmitted from another communication apparatus by using first or second cryptographic algorithm, or performs decryption on the data that has been encrypted using the first or second cryptographic algorithm, by using one of the first and second cryptographic algorithms used for the encryption, where the second cryptographic algorithm provides a higher security level than the first cryptographic algorithm. The communication apparatus includes an encryption unit configured to perform, upon receiving the data including a cryptographic class identifying a parameter to be used for performing the encryption or the decryption, the encryption or the decryption by using one of the first and second cryptographic algorithms, based on the cryptographic class.

主权项

1. A cryptographic algorithm execution method in a communication system including first and second communication apparatuses, the second communication apparatus comprising at least one processor and a hardware security block and being configured to perform encryption on data transmitted from the first communication apparatus by using a first or second cryptographic algorithm, or perform decryption on the data that has been encrypted using the first or second cryptographic algorithm, the second cryptographic algorithm being configured to be executed by the at least one processor and to provide a higher security level than the first cryptographic algorithm that is configured to be executed by the hardware security block, the cryptographic algorithm execution method comprising:
causing the first communication apparatus to assign first cryptographic classes to a parameter to be used for the encryption or the decryption by the second communication apparatus and to transmit data including one of the first cryptographic classes, that is permitted by the second communication apparatus, to the second communication apparatus, the first cryptographic classes being each configured to identify security parameters to be used for cryptographic processing and the security parameters including a type of service and queuing information for the data for the cryptographic processing, wherein the queuing information provides an indication as to whether the cryptographic processing is based on software or whether the cryptographic processing is subject to buffering; and causing the second communication apparatus to perform, upon receiving the data including the one of the first cryptographic classes, the encryption or the decryption on the data by using the first or second cryptographic algorithm, based on the one of the first cryptographic classes.