Home
Patent Search
IMT Blog
REGISTER
|
SIGN IN
United States Patent
5870477
Sasaki , ; et al.
February 9, 1999
Title
Enciphering/deciphering device and method, and encryption/decryption communication system
Abstract
A plaintext file 41 is enciphered using a file key 44, to generate ciphertext 42. The file key 44 is enciphered using a secret key 47 and a management key 48, respectively, to form an enciphered key 1 (45) and an enciphered key 2 (46). An enciphered file 43 is produced from the ciphertext 42, the enciphered key 1 and the enciphered key 2. At the time of decryption, the enciphered key 1 is taken out from the enciphered file 43. The enciphered key 1 taken out is deciphered using a secret key 47, to obtain a file key 44. The ciphertext 42 is deciphered using the file key 44, to obtain the plaintext 41.
Inventors:
Sasaki; Minoru
(Atsugi,
JP
)
, Yoshikawa; Hiroharu
(Zama,
JP
)
Assignee:
Pumpkin House Incorporated
(Kanagawa-ken,
JP
)
Appl. No.:
619601
Filed:
March 29, 1996
PCT 102e Date:
March 29, 1996
PCT 371 Date:
March 29, 1996
PCT File Date:
September 29, 1994
PCT No:
PCT/JP94/01617
PCT Pub Date:
April 6, 1995
PCT Pub No:
WO95/09410
Foreign Application Priority Data
Sep 29, 1993 [JP] 5-264058
Dec 24, 1993 [JP] 5-345785
Current U.S. Class:
713/165
380/277
380/30
Field of Search:
380/25,30,21
U.S. Patent Documents
5200999
April 1993
Matyas et al.
5201000
April 1993
Matyas et al.
Foreign Patent Documents
3-265888
Nov., 1991
JP
5-289612
Nov., 1993
JP
62-287388
Dec., 1987
JP
Other References
"Protecting Public Keys and Signature Keys", by Dorothy E. Denning, Computer, vol. 16, No. 2, Feb. 1983, pp. 27-35. .
"System for Safe User Certification by Single Control Information", by Ryumei Okamoto, et al, IN83-85-92, vol. 83, No. 253, Jan. 25, 1984..~
Primary Examiner:
Cangialosi; Salvatore
Attorney, Agent or Firm:
McDermott, Will & Emery
Claims
We claim:
1. An encryption/decryption communication system in which a first enciphering/deciphering device and a second enciphering/deciphering device are connected to each other through communicating means, wherein
said first enciphering/deciphering device comprises
data encryption key forming means for forming a data encryption key used for enciphering plaintext data,
data enciphering means for enciphering said plaintext data using said data encryption key to form ciphertext data,
key enciphering means for enciphering said data encryption key using a management key to form an enciphered key,
first authenticator enciphering means for enciphering an authenticator for confirming whether or not transmitted data is correctly transmitted and received using said data encryption key to generate a first enciphered authenticator, and
transmitting means for transmitting said ciphertext data, said enciphered key and said first enciphered authenticator,
said second enciphering/deciphering device comprises
receiving means for receiving the ciphertext data, the enciphered key, and the first enciphered authenticator transmitted by said transmitting means,
key deciphering means for deciphering the enciphered key received by said receiving means using the same management key as the management key used in said first enciphering/deciphering device to form a data encryption key,
data deciphering means for deciphering the ciphertext data received by said receiving means using the data encryption key formed by said key deciphering means to form plaintext data,
authenticator deciphering means for deciphering the first enciphered authenticator received by said receiving means using the data encryption key formed by said key deciphering means,
second authenticator enciphering means for enciphering the authenticator obtained as a result of the deciphering by said authenticator deciphering means using said management key to form a second enciphered authenticator, and
returning means for returning said second enciphered authenticator to said first enciphering/deciphering device, and
said first enciphering/deciphering device deciphers the second enciphered authenticator transmitted from said second enciphering/deciphering device using said management key, and collates the deciphered authenticator with the authenticator which has been subjected to the enciphering by said first authenticator enciphering means.
2. An encryption/decryption communication system in which a first enciphering/deciphering device and a second enciphering/deciphering device are connected to each other through communicating means, wherein
said first enciphering/deciphering device comprises
data encryption key forming means for forming a data encryption key used for enciphering plaintext data,
data enciphering means for enciphering said plaintext data using said data encryption key to form ciphertext data,
key enciphering means for enciphering said data encryption key using a management key to form an enciphered key,
first authenticator enciphering means for enciphering an authenticator for confirming whether or not transmitted data is correctly transmitted and received using said management key to form a first enciphered authenticator, and
transmitting means for transmitting said ciphertext data, said enciphered key and said first enciphered authenticator,
said second enciphering/deciphering device comprises
receiving means for receiving the ciphertext data, the enciphered key, and the first enciphered authenticator transmitted by said transmitting means,
key deciphering means for deciphering the enciphered key received by said receiving means using the same management key as the management key used in said first enciphering/deciphering device to form a data encryption key,
data deciphering means for deciphering the ciphertext data received by said receiving means using the data encryption key formed by said key deciphering means to form plaintext data,
authenticator deciphering means for deciphering the first enciphered authenticator received by said receiving means using said management key,
second authenticator enciphering means for enciphering the authenticator obtained as a result of the deciphering by said authenticator deciphering means using the data encryption key formed by said key deciphering means to form a second enciphered authenticator, and
returning means for returning said second enciphered authenticator to said first enciphering/deciphering device, and
said first enciphering/deciphering device deciphers the second enciphered authenticator transmitted from said second enciphering/deciphering device using said data encryption key formed by the data encryption key forming means, and collates the deciphered authenticator with the authenticator which has been subjected to the enciphering by said first authenticator enciphering means.
3. An enciphering/deciphering device using operation storage media each storing inherent supervisor identification data and inherent operation identification data and a supervisor storage medium storing said supervisor identification data, comprising:
data encryption key forming means for forming a data encryption key used for enciphering plaintext data;
secret key forming means for forming a secret key used for enciphering the data encryption key formed by said data encryption key forming means;
management key forming means for forming a management key used for enciphering the data encryption key formed by said data encryption key forming means;
first storage controlling means for storing in said operation storage medium the secret key formed by said secret key forming means and the management key formed by said management key forming means; and
second storage controlling means for storing the management key formed by said management key forming means in said supervisor storage medium.
4. The enciphering/deciphering device according to claim 3, further comprising
data enciphering means for enciphering said plaintext data using said data encryption key to form ciphertext data,
first key enciphering means for enciphering said data encryption key using the secret key formed by said secret key forming means to form a first enciphered key,
second key enciphering means for enciphering said data encryption key using the management key formed by said management key forming means to form a second enciphered key, and
third storage controlling means for storing in a first storage medium said ciphertext data, said first enciphered key and said second enciphered key.
5. The enciphering/deciphering device according to claim 4, further comprising
fourth storage controlling means for storing the management key stored in one operation storage medium in the other operation storage medium.
6. The enciphering/deciphering device according to claim 3, further comprising
operation identification name entering means for entering an operation identification name inherent to said operation storage medium for identifying the operation storage medium, and
supervisor identification name entering means for entering a supervisor identification name inherent to said supervisor storage medium for identifying the supervisor storage medium,
said first storage controlling means storing in said operation storage medium the supervisor identification name entered by said supervisor identification name entering means and the operation identification name entered by said operation identification name entering means, and
said second storage controlling means storing in said supervisor storage medium the supervisor identification name entered by said supervisor identification name entering means.
7. The enciphering/deciphering device according to claim 6, wherein
said second storage controlling means stores in said supervisor storage medium a list of the operation identification names stored in said all operation storage media.
8. The enciphering/deciphering device according to claim 7, further comprising
first selecting means for selecting a first operation identification name from the list of the operation identification names stored in said supervisor storage medium,
second selecting means for selecting a second operation identification name, and
fifth storage controlling means for storing identification data including the first operation identification name and the management key which are stored in a first operation storage medium specified by the first operation identification name selected by said first selecting means in a second operation storage medium specified by the second operation identification name selected by said second selecting means.
9. The enciphering/deciphering device according to claim 8, wherein
said second storage controlling means stores in said supervisor storage medium the first operation identification name and the management key which are stored in said second operation storage medium in association with said second operation identification name.
10. The enciphering/deciphering device according to claim 7, further comprising
overlapped names judging means for judging whether or not the operation identification name entered from said operation identification name entering means are overlapped with the operation identification names stored as a list in the supervisor storage medium,
when said overlapped names judging means judges that they are overlapped with each other, a name obtained by adding an additive name to the operation identification name entered from said operation identification name entering means being stored in the operation storage medium.
11. The enciphering/deciphering device according to claim 3, further comprising
secret key enciphering means for enciphering the secret key formed by said secret key forming means, and
management key enciphering means for enciphering the management key formed by said management key forming means,
said first storage controlling means storing in the operation storage medium the secret key enciphered by said secret key enciphering means and said management key enciphered by said management key enciphering means,
said second storage controlling means storing in said supervisor storage medium the management key enciphered by said management key enciphering means.
12. The enciphering/deciphering device according to claim 11, wherein
said secret key enciphering means enciphers the secret key formed by said secret key forming means using the management key formed by said management key forming means.
13. An enciphering/deciphering device comprising:
first reading means for reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data, the first enciphered key and the second enciphered key;
second reading means for reading out from an operation storage medium storing inherent operation identification data and a secret key for deciphering said first enciphered key read out from said first reading means the secret key;
first key deciphering means for deciphering said first enciphered key using the secret key read out by said second reading means to form a data decryption key;
first data deciphering means for deciphering said ciphertext data using the data decryption key formed by said first key deciphering means to form plaintext data; and
storage controlling means for storing in a second storage medium the plaintext data formed by said first data deciphering means.
14. The enciphering/deciphering device according to claim 13, further comprising
third reading means for reading out from a supervisor storage medium storing said operation identification data, inherent supervisor identification data and a management key for deciphering said second enciphered key read out from said first reading means the management key;
second key deciphering means for deciphering said second enciphered key using the management key read out by said third reading means to form a data decryption key; and
second data deciphering means for deciphering said ciphertext data using the data decryption key formed by said second key deciphering means to form plaintext data,
said storage controlling means storing in said second storage medium the plaintext data formed by said second data deciphering means.
15. The enciphering/deciphering device according to claim 14, wherein
said second reading means reads out from an operation storage medium storing inherent operation identification data, a secret key for deciphering the first enciphered key, and a management key for the other operation storage medium said management key, and
said second key deciphering means deciphers said second enciphered key using said management key read out by said second reading means to form a data decryption key.
16. The enciphering/deciphering device according to claim 15, further comprising
judging means for judging whether or not said second enciphered key can be deciphered using the management key for the other operation storage medium stored in the operation storage medium, and
first enciphered key eliminating means for erasing said first enciphered key stored in said first storage medium in response to the fact that said judging means judges that the deciphering is possible.
17. The enciphering/deciphering device according to claim 16, further comprising
display controlling means for displaying the operation identification name of the operation storage medium in response to the fact that said first enciphered key is erased by said first enciphered key eliminating means.
18. The enciphering/deciphering device according to claim 14, further comprising
storage controlling means for reading out data relating to the management key stored in said supervisor storage medium and storing the data in the other storage medium.
19. The enciphering/deciphering device according to claim 18, further comprising
eliminating means for erasing the data relating to the management key in the supervisor storage medium which is stored in said other storage medium.
20. The enciphering/deciphering device according to claim 18, further comprising
means for reversely transferring the data relating to the management key stored in said other storage medium to the original supervisor storage medium to store therein and erasing the data relating to the management key in said other storage medium.
21. The enciphering/deciphering device according to claim 3, further comprising
transfer judging means for judging whether or not the data relating to the key stored in said operation storage medium or said supervisor storage medium has been transferred to the other storage medium, and
reading inhibition controlling means for inhibiting the data relating to the key stored in the original operation storage medium or supervisor storage medium from being read out in response to the fact that the transfer judging means judges that the data has been transferred to the other storage medium.
22. The enciphering/deciphering device according to claim 21, further comprising
first reading inhibition release controlling means for releasing the inhibition of the reading of the data in the operation storage medium by said reading inhibition controlling means.
23. The enciphering/deciphering device according to claim 3, wherein
said operation identification data or said supervisor identification data is random-number data or enciphered time data.
24. The enciphering/deciphering device according to claim 4, wherein
said supervisor storage medium or said operation storage medium stores a version code, and
said third storage controlling means stores in said first storage medium said version code in addition to said ciphertext data, said first enciphered key and said second enciphered key.
25. The enciphering/deciphering device according to claim 14, wherein version codes are respectively stored in said first storage medium, said operation storage medium and said supervisor storage medium, further comprising
comparing means for comparing the version code read out by said first reading means with the version code read out by said second reading means or the version code read out by said third reading means, and
key formation controlling means for allowing the formation of the data decryption key by said first key deciphering means and the formation of the data decryption key by said second key deciphering means when it is judged that the version code read out by said first reading means represents an older version than a version represented by the version code read out by said second reading means or the version code read out by said third reading means as a result of the comparison by said comparing means.
26. The enciphering/deciphering device according to claim 3, wherein
time data is fed as input data, an initial value or an enciphered key to enciphering means, and
enciphered data obtained from said enciphering means is used as said data encryption key, said secret key or said management key.
27. An enciphering/deciphering method using operation storage media each storing inherent operation identification data and a supervisor storage medium storing inherent supervisor identification data, comprising the steps of:
forming a data encryption key used for enciphering plaintext data;
forming a secret key used for enciphering the formed data encryption key;
forming a management key used for enciphering the formed data encryption key;
storing in said operation storage medium the formed secret key and the formed management key; and
storing the formed management key in said supervisor storage medium.
28. An enciphering/deciphering method using operation storage media each storing inherent operation identification data and a supervisor storage medium storing inherent supervisor identification data, comprising the steps of:
forming a data encryption key used for enciphering plaintext data;
forming a secret key used for enciphering the formed data encryption key,
forming a management key used for enciphering the formed data encryption key;
storing in said operation storage medium the formed secret key and the formed management key;
storing the formed management key in said supervisor storage medium;
enciphering said plaintext data using said data encryption key to form ciphertext data;
enciphering said data encryption key using said secret key to form a first enciphered key;
enciphering said data encryption key using said management key to form a second enciphered key; and
storing in a first storage medium said ciphertext data, said first enciphered key and said second enciphered key.
29. The enciphering/deciphering method according to claim 27, further comprising the step of
storing the management key stored in one operation storage medium in the other operation storage medium.
30. An enciphering/deciphering method comprising the steps of:
reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data, the first enciphered key and the second enciphered key;
reading out from an operation storage medium storing an inherent operation identification name, inherent operation identification data, and a secret key for deciphering said first enciphered key said secret key;
deciphering said first enciphered key using said secret key read out to form a data decryption key;
deciphering said ciphertext data using the formed data decryption key to form plaintext data; and
storing the formed plaintext data in a second storage medium.
31. The enciphering/deciphering method according to claim 30, further comprising the steps of
reading out from an operation storage medium storing inherent operation identification data, a secret key for deciphering said first enciphered key, and a management key for the other operation storage medium said management key, and
deciphering said second enciphered key using said management key read out to form a data decryption key.
32. The enciphering/deciphering method according to claim 29, comprising the step of
performing encryption processing using time data as input data, an initial value or an encryption key,
enciphered data obtained by the encryption processing being used as said data encryption key, said secret key or said management key.
33. An enciphering/deciphering method according to claim 30, further comprising the steps of
reading out from a supervisor storage medium storing said operation identification name, said operation identification data, an inherent supervisor identification name, inherent supervisor identification data and a management key for deciphering said second enciphered key said management key, and
deciphering said second enciphered key using said management key read out to form a data decryption key.
34. A computer readable operation storage medium which is used in an enciphering/deciphering device including a computer and is managed by a supervisor storage medium, the operation storage medium storing therein
supervisor identification data inherent to said supervisor storage medium,
an enciphered secret key obtained by enciphering a secret key for enciphering a data encryption key used for enciphering plaintext data,
a decryption program for deciphering said enciphered secret key to obtain the secret key,
an enciphered management key obtained by enciphering a management key for enciphering said data encryption key, and
a decryption program for deciphering said enciphered management key to obtain the management key.
35. The operation storage medium according to claim 34, said operation storage medium storing therein an enciphered management key stored in the other operation storage medium than said operation storage medium.
36. A computer readable supervisor storage medium, which is used in an enciphering/deciphering device including a computer, for managing operation storage media each storing therein an enciphered secret key obtained by enciphering a secret key for enciphering a data encryption key used for enciphering a plaintext data and a first enciphered management key obtained by enciphering a management key for enciphering the data encryption key, the supervisor storage medium storing therein
operation identification data inherent to said operation storage media,
inherent supervisor identification data,
a second enciphered management key obtained by enciphering the same management key as said management key, and
a decryption program for deciphering said second enciphered management key to obtain said management key.
37. The supervisor storage medium according to claim 36, wherein said operation identification data includes a given operation identification name,
said supervisor storage medium storing therein a program for displaying a list of the operation identification names stored therein.
38. The supervisor storage medium according to claim 36 further storing therein a program for erasing, from a storage medium storing therein ciphertext data enciphered using said data encryption key, a first enciphered key which is to be deciphered by said secret key and a second enciphered key which is to be deciphered by said management key, said first enciphered key.
39. The supervisor storage medium according to claim 36, wherein version codes are respectively stored in a storage medium, said operation storage medium and said supervisor storage medium, said supervisor storage medium further storing therein,
a comparing program for comparing the version code read out from said storage medium with the version code read out from said operation storage medium or the version code read out from said supervisor storage medium, and
a program for allowing the deciphering of said first enciphered management key and the deciphering of said second enciphered management key when it is judged that the version code read out from said storage medium represents an older version than or equal to a version represented by the version code read out from said operation storage medium or the version code read out from said supervisor storage medium as a result of the comparison by said comparing program.
Description
TECHNICAL FIELD
The present invention relates to an enciphering/deciphering device for performing at least one of encryption processing of data and decryption processing of enciphered data. Further, the present invention relates to an encryption/decryption communication system in which enciphering/deciphering devices are connected to each other through communicating means. The enciphering/deciphering device is the concept including an enciphering device for enciphering (encrypting) plaintext data, a deciphering device for deciphering (decrypting) ciphertext data, and a device for performing both encryption processing and decryption processing. Similarly, an enciphering/deciphering method is the concept including a method of enciphering plaintext data, a method of deciphering ciphertext data, and a method of performing both encryption processing and decryption processing. The encryption/decryption communication system is the concept including a communication system comprising an enciphering device, a communication system comprising a deciphering device, and a communication system comprising both the enciphering device and the deciphering device.
BACKGROUND ART
In order to prevent leakage of the contents of document data generated by a word processor, code data of a computer program, statistical data, total data, and the like, the data are enciphered.
Encryption processing has been conventionally performed using as a key used for enciphering data (an encryption key) a key entered from an input device such as a keyboard or a key selected from a key table stored in a device for performing encryption processing (a computer system, etc.).
In such a conventional method, however, an encryption key (=a decryption key) may, in some cases, be seen by a third person or orally conveyed to a third person due to carelessness of a person who performs encryption processing (a creator of ciphertext), whereby it is highly possible that the encryption key is known by the third person. Consequently, the secrecy of the data cannot be sufficiently held. When a manager of ciphertext other than the creator of ciphertext sees the contents of the ciphertext, the creator must inform the manager of a decryption key for each production of ciphertext. When the creator informs the manager of the decryption key, the decryption key may be known by the third person due to carelessness or the like. In addition, the management of a correspondence between the ciphertext and the decryption key also becomes complicated for both the creator and the manager.
Furthermore, generally in a company or the like, a staff member generates ciphertext, and his or her superior manages the ciphertext. In such a case, the superior desires to prevent the ciphertext from being deciphered and known by a third person due to carelessness of the staff member by making it impossible for the staff member to decipher the ciphertext. That is, the superior has a strong request to intensively manage the secrecy of the ciphertext.
DISCLOSURE OF THE INVENTION
An object of the present invention is to prevent a key used at the time of encryption from being easily known by a third person. An object of the present invention is to make it easy to manage a correspondence between ciphertext and a key used for encryption. An object of the present invention is to make it possible for a manager to intensively manage ciphertext.
An enciphering/deciphering device according to the first invention comprises data encryption key forming means for forming a data encryption key used for enciphering plaintext data, secret key forming means for forming a secret key used for enciphering the data encryption key formed by the data encryption key forming means, management key forming means for forming a management key used for enciphering the data encryption key formed by the data encryption key forming means, data enciphering means for enciphering the plaintext data using the data encryption key to form ciphertext data, first key enciphering means for enciphering the data encryption key using the secret key to form a first enciphered key, second key enciphering means for enciphering the data encryption key using the management key to form a second enciphered key, and first storage controlling means for storing the ciphertext data, the first enciphered key, and the second enciphered key in a first storage medium.
An enciphering/deciphering method according to the first invention comprises the steps of forming a data encryption key used for enciphering plaintext data, forming a secret key used for enciphering the formed data encryption key, forming a management key used for enciphering the formed data encryption key, enciphering the plaintext data using the data encryption key to form ciphertext data, enciphering the data encryption key using the secret key to form a first enciphered key, enciphering the data encryption key using the management key to form a second enciphered key, and storing the ciphertext data, the first enciphered key and the second enciphered key in a first storage medium.
There are several methods of forming a data encryption key by data encryption key forming means. One of them is a method of generating data used for key formation and forming a data encryption key on the basis of the generated data. Arbitrary data is generated within a computer. A counted value of a counter for counting a time interval between entries using two keys by an operator, for example, can be employed for this data. The data thus generated is enciphered. A key used for encryption will be generated, similarly to the above-mentioned data. The enciphered data becomes a data encryption key.
Another method is a method of generating a first pseudo-random number and a second pseudo-random number by software or hardware and enciphering the generated first pseudo-random number using the second pseudo-random number as a key to form a data encryption key. The first pseudo-random number and the second pseudo-random number may be the same or different from each other. Alternatively, a plurality of upper bits of one random number and a plurality of lower bits thereof can be also used as the first pseudo-random number and the second pseudo-random number, respectively.
There are several methods of forming a secret key by secret key forming means. One of them is a method of generating data used for key formation and forming a secret key on the basis of the generated data. The second method is a method of generating a first pseudo-random number and a second pseudo-random number and enciphering the generated first pseudo-random number using the second pseudo-random number as a key to form a secret key. The methods are realized by the same processing as the above-mentioned formation of the data encryption key.
The third method is a method of forming a secret key on the basis of data externally inputted. For example, an operator enters his or her password from a keyboard. The entered password becomes a secret key. In this case, secret key forming means is realized by means for accepting the entry. The entered password may be enciphered using a particular key, and the enciphered password may be a secret key. The particular key may be previously set within a computer, can be also set on the basis of a time interval between key entries, for example, as described above, and can be also obtained by generating a pseudo-random number.
The fourth method is a method of forming a secret key on the basis of data stored in a storage medium externally given. A floppy disk, an IC card, a magnetic card, an optical card, and other media are used as the storage medium. The above-mentioned data stored in the storage medium may be, of course, a secret key itself. In this case, the secret key forming means is realized by means for reading the data from the storage medium. The data stored in the storage medium may be enciphered using a particular key, and the enciphered data may be a secret key.
There are also several methods of forming a management key by management key forming means. One of them is a method of forming a management key on the basis of data previously fed. For example, particular data previously stored in a ROM, a RAM, an internal disk device, or the like within a computer becomes a management key. In this case, the management key forming means is realized by means for reading data from the ROM or the like.
The second method is a method of forming a management key on the basis of data stored in a storage medium externally given. The third method is a method of generating data used for key formation and forming a management key on the basis of the generated data. The fourth method is a method of generating a first pseudo-random number and a second pseudo-random number and enciphering the generated first pseudo-random number using the second pseudo-random number as a key to form a management key. The methods are realized by the same processing as the formation of the data encryption key or the formation of the secret key.
Examples of plaintext data include various data such as document data prepared by a word processor, code data of a computer program, statistical data and total data. When the enciphered data is further enciphered, the enciphered data is included in the plaintext data.
As a method of enciphering (deciphering) plaintext data and a key, various algorithms such as a DES (Data Encryption Standard) algorithm and FEAL (Fast Encryption Algorithm) can be used. Further, it does not matter which of a symmetric cryptosystem and an asymmetric cryptosystem (of a modulo exponentiation type, a knapsack type, etc.) is used as an algorithm, and which of a block cipher and a stream cipher (a Vernam cipher, NFSR (Non-linear Feedback Shift Register), etc.) is used.
A data encryption key for enciphering plaintext data is automatically formed. Plaintext data is enciphered using the formed data encryption key, to form ciphertext data. A secret key and a management key for enciphering the data encryption key are further formed. The data encryption key is enciphered using the formed secret key, to form a first enciphered key. Further, the data encryption key is enciphered using the formed management key, to form a second enciphered key. The ciphertext data, the first enciphered key and the second enciphered key are stored in a first storage medium.
The first storage medium may be a floppy disk or a transmission buffer. In the case of the floppy disk, the ciphertext data can be handed over from a creator of ciphertext data to another person such as a manager. In the case of the transmission buffer, the ciphertext data can be transmitted to another device or the like. Further, the first storage medium may be a storage medium such as a hard disk device, an IC card, a magnetic card, or an optical card.
According to the present embodiment, a data encryption key for enciphering plaintext data is automatically formed, whereby a creator of ciphertext data need not enter a key, and need not know the contents of the key. Consequently, the data encryption key can be prevented from leaking out to a third person due to carelessness, for example, of the creator of ciphertext data.
Furthermore, ciphertext data and a data encryption key (which is enciphered as a first or second enciphered key) for deciphering the ciphertext data are stored in a first storage medium, whereby the management of a correspondence therebetween is easy. Further, the data encryption key is enciphered using a secret key and a management key, respectively. Accordingly, even if the ciphertext data and the data encryption key for deciphering the ciphertext data are stored in one storage medium, it is possible to maintain high security.
An operator who has enciphered plaintext data can have a secret key. When the secret key is formed on the basis of data inputted by the operator, the operator (the creator of ciphertext data) can use the inputted data as a secret key because he or she reasonably knows the inputted data. When the secret key is formed on the basis of encryption of the inputted data or counting, the formed secret key is stored in a storage medium (for example, a floppy disk). Alternatively, when the secret key is previously stored in a storage medium, the operator has the storage medium. Consequently, the operator can decipher the ciphertext data using the secret key in the storage medium.
A manager who manages ciphertext data can have a management key. When the management key is formed on the basis of data previously fed to the device, the manager can reasonably form the management key on the basis of the data at the time of decryption. When the management key is formed on the basis of encryption of inputted data or counting, the formed management key is stored in a storage medium (for example, a floppy disk). Alternatively, when the management key is previously stored in the storage medium, the manager has the storage medium. Consequently, the manager can decipher the ciphertext data using the management key in the storage medium.
Preferably, the data encryption key forming means generates a first pseudo-random number and a second pseudo-random number, and enciphers the generated first pseudo-random number using the second pseudo-random number as a key to form a data encryption key. Since the data encryption key is formed by further enciphering the pseudo-random number, the data encryption key can be random data, whereby it can be difficult for a third person to presume the key.
In one embodiment of the present invention, the enciphering/deciphering device comprises second storage controlling means for storing the management key formed by the management key forming means in a second storage medium. Examples of the second storage medium include various storage media such as a hard disk, a floppy disk, an IC card, a magnetic card, an optical card, and a transmission buffer. When the second storage medium is a portable medium such as a floppy disk or an IC card, the second storage medium is handed over to a manager, whereby the manager can decipher ciphertext data using a management key stored in the handed medium. By previously distributing the medium storing the management key to the manager, the creator and the manager need not know the contents of the management key and are released from trouble in managing a correspondence between the ciphertext data and the key.
There is preferably provided eliminating means for erasing the first enciphered key or the second enciphered key from the first storage medium. In a case where a creator who creates ciphertext data manages a secret key and a manager who manages ciphertext data manages a management key, the manager eliminates the first enciphered key so that the creator becomes incapable of deciphering the ciphertext data. Consequently, plaintext data obtained by the decryption can be prevented from being known by a third person due to carelessness of the creator, whereby the manager can intensively manage the secrecy of the ciphertext data. By eliminating the second enciphered key, the manager also becomes incapable of deciphering the ciphertext data. In a case where a new person takes the place of the manager, for example, therefore, it is possible to prevent the ciphertext data from being decrypted by a person who has been a manager in the past.
In one embodiment of the present invention, in the enciphering/deciphering device, the management key forming means forms a plurality of management keys. The enciphering/deciphering device comprises selecting means for selecting one of the plurality of management keys formed by the management key forming means. The second key enciphering means enciphers the data encryption key using the management key selected by the selecting means. A creator of ciphertext can select one of the plurality of management keys formed by the management key forming means using the selecting means. The data encryption key is enciphered using the selected management key, to form a second enciphered key. When a plurality of managers respectively have different management keys, the creator of ciphertext can encipher plaintext data by selecting the management key which the manager who manages the ciphertext has.
In a preferred embodiment, there are provided first key deciphering means for deciphering the first enciphered key stored in the first storage medium using the secret key to form a data encryption key, data deciphering means for deciphering the ciphertext data stored in the first storage medium using the data encryption key formed by the first key deciphering means to form plaintext data, and third storage controlling means for storing the plaintext data formed by the data deciphering means in a third storage medium. The first enciphered key is deciphered using the secret key, to form a data encryption key. The ciphertext data is deciphered using the data encryption key, to form plaintext data. The formed plaintext data is stored in the third storage medium. When a creator of ciphertext who has the secret key desires to confirm the contents of the ciphertext data, for example, the creator can decipher the ciphertext to form plaintext.
In another preferred embodiment, there are provided second key deciphering means for deciphering the second enciphered key stored in the first storage medium using the management key to form a data encryption key, data deciphering means for deciphering the ciphertext data stored in the first storage medium using the data encryption key formed by the second key deciphering means to form plaintext data, and third storage controlling means for storing the plaintext data formed by the data deciphering means in a third storage medium. The second enciphered key is deciphered using the management key, to form a data encryption key. The ciphertext data is deciphered using the data encryption key, to form plaintext data. The formed plaintext data is stored in the third storage medium. Consequently, a manager of ciphertext who has the management key can decipher the ciphertext data to form plaintext data and know the contents thereof.
Examples of the third storage medium include an internal memory (for example, a RAM) in a computer, a hard disk, a floppy disk, an IC card, a magnetic card, an optical card, and a transmission buffer.
An enciphering/deciphering device according to the second invention comprises reading means for reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data and the first enciphered key, secret key entering means for entering a secret key used for deciphering the first enciphered key read out by the reading means, key deciphering means for deciphering the first enciphered key using the secret key entered by the secret key entering means to form a data decryption key, data deciphering means for deciphering the ciphertext data using the data decryption key formed by the key deciphering means to form plaintext data, and storage controlling means for storing the plaintext data formed by the data deciphering means in a second storage medium.
An enciphering/deciphering method according to the second invention comprises the steps of reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data and the first enciphered key, deciphering the first enciphered key using an entered secret key to form a data decryption key, deciphering the ciphertext data using the formed data decryption key to form plaintext data, and storing the formed plaintext data in a second storage medium.
Examples of the first and second storage media include various media such as an internal memory (for example, a RAM) in a computer, a transmission buffer, a magnetic disk, an optical disk, a floppy disk, an IC card, a memory card, and an optical card.
Examples of the secret key entering means include a keyboard or a pointing device for entering a secret key, and a device for reading a secret key from a storage medium (a floppy disk, an IC card, a magnetic card, an optical card, etc.). When the secret key is entered from the keyboard or the like, the same key as the secret key formed when the plaintext data is enciphered in the enciphering/deciphering device according to the first invention will be entered. The same key as the secret key formed when the plaintext data is enciphered is stored in the storage medium. The secret key may be individually stored. When the ciphertext data is stored as a file, the secret key may be stored in such a form as to have a correspondence with the name of the file.
The first enciphered key stored in the first storage medium is deciphered using the entered secret key, to form a data encryption key. The ciphertext data stored in the first storage medium is deciphered using the data encryption key, to form plaintext data. The formed plaintext data is stored in the second storage medium. According to the present invention, a person who has a secret key, that is, the above-mentioned creator of ciphertext can decipher the ciphertext data to form plaintext data. Consequently, the creator can know the contents of the ciphertext data when required.
There is preferably provided eliminating means for erasing the first enciphered key or the second enciphered key from the first storage medium. Consequently, the creator of ciphertext becomes incapable of deciphering the ciphertext data, whereby a person who has a management key, that is, the above-mentioned manager of ciphertext can intensively manage the secrecy of the ciphertext data. By eliminating the second enciphered key, the manager also becomes incapable of deciphering the ciphertext data. In a case where a new person takes the place of the manager, for example, therefore, it is possible to prevent the ciphertext data from being deciphered by a person who has been a manager in the past.
An enciphering/deciphering device according to the third invention comprises reading means for reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data and the second enciphered key, management key entering means for entering a management key used for deciphering the second enciphered key read out by the reading means, key deciphering means for deciphering the second enciphered key using the management key entered by the management key entering means to form a data decryption key, data deciphering means for deciphering the ciphertext data using a data decryption key formed by the key deciphering means to form plaintext data, and storage controlling means for storing the plaintext data formed by the data deciphering means in a second storage medium.
An enciphering/deciphering method according to the third invention comprises the steps of reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data and the second enciphered key, deciphering the second enciphered key using an entered management key to form a data decryption key, deciphering the ciphertext data using the formed data decryption key to generate plaintext data, and storing the formed plaintext data in a second storage medium.
Examples of the first and second storage media include various media such as an internal memory (for example, a RAM) in a computer, a transmission buffer, a magnetic disk, an optical disk, a floppy disk, an IC card, a memory card, and an optical card.
Examples of the management key entering means include a device for reading a management key from a storage medium. Examples of the storage medium include a floppy disk, an IC card, a magnetic card, an optical card, and a buffer for receiving transmitted data. The same key as the management key formed by the above-mentioned enciphering/deciphering device for enciphering plaintext is stored in the storage medium. The management key may be individually stored or may be stored in such a form as to have a correspondence with ciphertext data (for example, in such a form as to have a correspondence with the file name of ciphertext data).
The second enciphered key stored in the first storage medium is deciphered using the entered management key, to form a data encryption key. The ciphertext data stored in the first storing means is deciphered using the data encryption key, to form plaintext data. The formed plaintext data is stored in the second storing means. According to the present embodiment, a person who has a management key, that is, the above-mentioned manager of ciphertext can decipher the ciphertext data to form plaintext data. Consequently, the manager can know the contents of the ciphertext data when required.
There is preferably provided eliminating means for erasing the first enciphered key or the second enciphered key from the first storage medium. Consequently, a person who has a secret key, that is, the above-mentioned creator of ciphertext becomes incapable of deciphering the ciphertext data, whereby the manager of ciphertext can intensively manage the secrecy of the ciphertext data. By eliminating the second enciphered key, the manager also becomes incapable of deciphering the ciphertext data. In a case where a new person takes the place of the manager, for example, therefore, it is possible to prevent the ciphertext data from being deciphered by a person who has been a manager in the past.
An encryption/decryption communication system according to the fourth invention is an encryption/decryption communication system in which a plurality of enciphering/deciphering devices are connected to each other through communicating means. The enciphering/deciphering device comprises data encryption key forming means for generating a data encryption key used for enciphering plaintext data, management key forming means for forming a management key used for enciphering the data encryption key formed by the data encryption key forming means, data enciphering means for enciphering the plaintext data using the data encryption key to form ciphertext data, key enciphering means for enciphering the data encryption key using the management key to form an enciphered key, and first transmitting means for transmitting the ciphertext data and the enciphered key.
The formation of the data encryption key by the data encryption key forming means and the formation of the management key by the management key forming means are performed by the same processing as that in the above-mentioned first invention. A plurality of different management keys can be also formed. In this case, the data encryption key is enciphered using the management key selected from the plurality of management keys.
The data encryption key for enciphering plaintext data is automatically formed. Plaintext data is enciphered using the formed data encryption key, to form ciphertext data. Further, a management key for enciphering the data encryption key is formed. The data encryption key is enciphered using the formed management key, to form an enciphered key. The ciphertext data and the enciphered key are transmitted by the first transmitting means. According to the present invention, the ciphertext data and the enciphered key formed by the enciphering/deciphering device can be transmitted through the communicating means. Since both the ciphertext data and a data encryption key for deciphering the ciphertext data are transmitted, the management of a correspondence therebetween is easy. Further, the data encryption key is enciphered using the management key. Even if both the ciphertext data and the data encryption key for deciphering the ciphertext data are transmitted, therefore, it is possible to maintain high security.
The enciphering/deciphering device preferably comprises first receiving means for receiving the ciphertext data and the enciphered key transmitted by the first transmitting means, management key entering means for entering a management key used for deciphering the enciphered key received by the first receiving means, key deciphering means for deciphering the enciphered key received by the first receiving means using the management key entered by the management key entering means to form a data encryption key, data deciphering means for deciphering the ciphertext data received by the first receiving means using the data encryption key formed by the key deciphering means to form plaintext data, and storage controlling means for storing the plaintext data formed by the data deciphering means in a first storage medium.
The management key entered by the management key entering means is the same as that used for enciphering the data encryption key when the plaintext data is enciphered in the enciphering/deciphering device on the transmission side. Examples of the entry of the management key by the management key entering means include entry of the management key from the second storage medium externally given (a floppy disk, an IC card, a magnetic card, an optical card, etc.). In this case, the management key entering means is realized by means for reading out the management key from the second storage medium. The management key transmitted from the enciphering/deciphering device on the transmission side may, in some cases, be previously stored in the second storage medium. A receiving person may enter a management key previously distributed by mail or the like using a keyboard or the like, or may read out a management key stored in an internal memory (a ROM, an internal disk, etc.) in the device. Further, it is also possible to encipher the inputted data using a particular key and use the enciphered data as a management key.
A plurality of different management keys can be also entered. When each of the management keys and each of a plurality of devices on the transmission side correspond to each other, the management key corresponding to the device on the transmission side which has transmitted data is selected and is used for decryption. The selection may be carried out by an operator. Alternatively, when the management key is entered (stored) by establishing a correspondence with an identification code of the device on the transmission side, the management key corresponding to the identification code of the device on the transmission side and included in the transmitted data may be also selected by the selecting means. Data indicating which management key should be used can be also transmitted to the device on the receiving side by the device on the transmission side. In the device on the receiving side, the management key is selected by the operator or the selecting means in accordance with the data, and is used for decryption.
Examples of the first storage medium include an internal memory (for example, a RAM) and an internal disk storage device in the enciphering/deciphering device, or a floppy disk, an IC card, an optical card, and a magnetic card. The first storage medium and the second storage medium may be the same.
The ciphertext data and the enciphered key transmitted by the first transmitting means in the enciphering/deciphering device on the transmission side are received by the first receiving means in the enciphering/deciphering device on the receiving side. On the receiving side, the received enciphered key is deciphered using the management key entered by the management key entering means, to obtain a data encryption key. The received ciphertext data is deciphered using the data encryption key, to obtain plaintext data. According to the present invention, the ciphertext data received through the communicating means can be deciphered in the device on the receiving side, and the receiving person can know the contents of the ciphertext data. Since both the ciphertext data and the data encryption key (which is enciphered as an enciphered key using the management key) are received, the management of a correspondence therebetween is easy.
In one embodiment, there is provided second transmitting means for transmitting the management key formed by the management key forming means. In this embodiment, the management key is transmitted by the second transmitting means. A device to which the management key is to be transmitted is an enciphering/deciphering device to which the ciphertext data and the enciphered key are to be transmitted. The management key is transmitted to the enciphering/deciphering device which has received the ciphertext data, whereby the ciphertext data can be deciphered in the device on the receiving side. The management key is transmitted in secret to the device to which the ciphertext data is to be transmitted. Accordingly, even if a third person monitors ciphertext, it is possible to prevent the contents of the ciphertext data from being known by the third person.
The enciphering/deciphering device comprises second receiving means for receiving the management key transmitted by the second transmitting means, first receiving means for receiving the ciphertext data and the enciphered key transmitted by the first transmitting means, key deciphering means for deciphering the enciphered key received by the first receiving means using the management key received by the second receiving means to form a data encryption key, data deciphering means for deciphering the ciphertext data received by the first receiving means using the data encryption key formed by the key deciphering means to form plaintext data, and storage controlling means for storing the plaintext data generated by the data deciphering means in a first storage medium.
The management key is received through the communicating means in the enciphering/deciphering device on the receiving side. On the receiving side, the received enciphered key is deciphered using the received management key, to obtain a data encryption key. The received ciphertext data is deciphered using the data encryption key, to obtain plaintext data. The plaintext data is stored in the first storage medium. In a device which has received the management key, it is possible to decipher the ciphertext data and know the contents thereof.
As a preferred embodiment in the fourth invention, there is an encryption/decryption communication system transmitting or receiving an enciphered authenticator. As a first mode, the enciphering/deciphering device comprises authenticator forming means for forming a first authenticator for confirming whether or not transmitted data is correctly received, first authenticator enciphering means for enciphering the first authenticator using the data encryption key to form a first enciphered authenticator, the above-mentioned first transmitting means for transmitting the ciphertext data, the enciphered key and the first enciphered authenticator, authenticator receiving means for receiving a second enciphered authenticator transmitted from the enciphering/deciphering device which has received the ciphertext data, the enciphered key and the first enciphered authenticator transmitted by the first transmitting means, and first authenticator deciphering means for deciphering the second enciphered authenticator using the management key to form a second authenticator.
Furthermore, in the first mode, the enciphering/deciphering device comprises first receiving means for receiving the ciphertext data, the enciphered key and the first enciphered authenticator transmitted by the first transmitting means, management key entering means for entering a management key used for deciphering the enciphered key received by the first receiving means, key deciphering means for deciphering the enciphered key received by the first receiving means using the management key entered by the management key entering means to form a data encryption key, data deciphering means for deciphering the ciphertext data received by the first receiving means using the data encryption key formed by the key deciphering means to form plaintext data, storage controlling means for storing the plaintext data formed by the data deciphering means in a first storage medium, second authenticator deciphering means for deciphering the first enciphered authenticator received by the first receiving means using the data encryption key formed by the key deciphering means to form a first authenticator, second authenticator enciphering means for enciphering the first authenticator formed by the second authenticator deciphering means using the management key to form a second enciphered authenticator, and returning means for returning the second enciphered authenticator to the enciphering/deciphering device on the transmission side.
The formation of the authenticator by the authenticator forming means is performed by the same processing as the formation of the key by the secret key forming means in the first invention. The entry of the management key by the management key entering means is also performed in the above-mentioned manner.
The formed first authenticator is enciphered using the data encryption key, to form a first enciphered authenticator. The first enciphered authenticator, together with the ciphertext data and the enciphered key, is transmitted to the enciphering/deciphering device on the receiving side by the first transmitting means.
The device on the receiving side receives the ciphertext data, the enciphered key and the first enciphered authenticator by the first receiving means. The enciphered key is deciphered using the management key entered by the management key entering means, to obtain a data encryption key. The entered management key is the same as that used for enciphering the data encryption key in the device on the transmission side. The ciphertext data and the first enciphered authenticator are deciphered using the data encryption key. The first authenticator formed by deciphering the first enciphered authenticator is enciphered using the management key, to form a second enciphered authenticator. The second enciphered authenticator is returned to the device on the transmission side.
The second enciphered authenticator is received by the device on the transmission side. On the transmission side, the received second enciphered authenticator is deciphered using the management key, to obtain a second authenticator.
The first authenticator is enciphered using the data encryption key and the management key, respectively, and is transmitted (or returned). Even if a third person monitors the first or second enciphered authenticator, therefore, he or she cannot know the contents thereof. If a fair device on the receiving side receives the first enciphered authenticator transmitted by the device on the transmission side, the second authenticator obtained by deciphering the second enciphered authenticator returned from the device on the receiving side should be the same as the first authenticator. According to the present invention, therefore, the device on the transmission side can confirm whether or not transmitted data is received by the fair device on the receiving side by examining whether or not the first authenticator and the second authenticator are the same. This makes it is possible to prevent such unfair authentication that a device other than the fair receiving device (receiving person) which has received data returns an authenticator, pretending to be a correct receiving person.
As a second mode, the enciphering/deciphering device comprises second transmitting means for transmitting the management key formed by the management key forming means. The enciphering/deciphering device comprises second receiving means for receiving the management key transmitted by the second transmitting means, first receiving means for receiving the ciphertext data, the enciphered key and the first enciphered authenticator transmitted by the first transmitting means, key deciphering means for deciphering the enciphered key received by the first receiving means using the management key received by the second receiving means to form a data encryption key, data deciphering means for deciphering ciphertext data received by the first receiving means using the data encryption key formed by the key deciphering means to form plaintext data, storage controlling means for storing the plaintext data formed by the data deciphering means in a storage medium, second authenticator deciphering means for deciphering the first enciphered authenticator received by the first receiving means using the data encryption key formed by the key deciphering means to form a first authenticator, second authenticator enciphering means for enciphering the first authenticator formed by the second authenticator deciphering means using the management key to form a second enciphered authenticator, and returning means for returning the second enciphered authenticator to the enciphering/deciphering device on the transmission side.
In the second mode, the management key is transmitted from the device on the transmission side to the device on the receiving side. In the device on the receiving side, the enciphered key is deciphered using the received management key, to form a data encryption key. Processing such as the decryption of the ciphertext data and the first enciphered authenticator and the return of the second enciphered authenticator from the device on the receiving side to the device on the transmission side is performed in the same manner as that in the above-mentioned first mode.
As a third mode, the enciphering/deciphering device comprises authenticator forming means for forming a first authenticator for confirming whether or not transmitted data is correctly received, first authenticator enciphering means for enciphering the first authenticator using the management key to form a first enciphered authenticator, the first transmitting means for transmitting the ciphertext data, the enciphered key and the first enciphered authenticator, authenticator receiving means for receiving a second enciphered authenticator transmitted from the enciphering/deciphering device which has received the ciphertext data, the enciphered key and the first enciphered authenticator transmitted by the first transmitting means, and first authenticator deciphering means for deciphering the second enciphered authenticator using the data encryption key to form a second authenticator.
Furthermore, in the third mode, the enciphering/deciphering device comprises first receiving means for receiving the ciphertext data, the enciphered key and the first enciphered authenticator transmitted by the first transmitting means, management key entering means for entering a management key used for deciphering the enciphered key received by the first receiving means, key deciphering means for deciphering the enciphered key received by the first receiving means using the management key entered by the management key entering means to form a data encryption key, data deciphering means for deciphering the ciphertext data received by the first receiving means using the data encryption key generated by the key deciphering means to form plaintext data, storage controlling means for storing the plaintext data formed by the data deciphering means in a first storage medium, second authenticator deciphering means for deciphering the first enciphered authenticator received by the first receiving means using the management key to form a first authenticator, second authenticator enciphering means for enciphering the first authenticator formed by the second authenticator deciphering means using the data encryption key to form a second enciphered authenticator, and returning means for returning the second enciphered authenticator to the enciphering/deciphering device on the transmission side.
The formation of the authenticator by the authenticator forming means and the entry of the management key by the management key entering means are performed in the same manner as that in the above-mentioned first mode.
In the third mode, on the transmission side, the first authenticator is enciphered using the management key, to form a first enciphered authenticator. On the receiving side, the first enciphered authenticator is deciphered using the management key, to obtain a first authenticator. The first authenticator is enciphered using the data encryption key, to form a second enciphered authenticator. In the device on the transmission side, the returned second enciphered authenticator is deciphered using the data encryption key, to form a second authenticator. The other processing is performed in the same manner as that in the above-mentioned first mode.
Also in the third mode, it is possible to prevent such unfair authentication that a device other than the fair receiving device (receiving person) which has received data returns an authenticator, pretending to be a correct receiving person.
As a fourth mode, the enciphering/deciphering device comprises second transmitting means for transmitting the management key formed by the management key forming means. The enciphering/deciphering device further comprises second receiving means for receiving the management key transmitted by the second transmitting means, first receiving means for receiving the ciphertext data, the enciphered key and the first enciphered authenticator transmitted by the first transmitting means, key deciphering means for deciphering the enciphered key received by the first receiving means using the management key received by the second receiving means to form a data encryption key, data deciphering means for deciphering the ciphertext data received by the first receiving means using the data encryption key formed by the key deciphering means to form plaintext data, storage controlling means for storing the plaintext data formed by the data deciphering means in a storage medium, second authenticator deciphering means for deciphering the first enciphered authenticator received by the first receiving means using the management key to form a first authenticator, second authenticator enciphering means for enciphering the first authenticator formed by the second authenticator deciphering means using the data encryption key to form a second enciphered authenticator, and returning means for returning the second enciphered authenticator to the enciphering/deciphering device on the transmission side.
Also in the fourth mode, on the transmission side, the first authenticator is enciphered using the management key, to form a first enciphered authenticator. On the receiving side, the first enciphered authenticator is deciphered using the management key, to obtain a first authenticator. The first authenticator is enciphered using the data encryption key, to form a second enciphered authenticator. In the device on the transmission side, the returned second enciphered authenticator is deciphered using the data encryption key, to form a second authenticator. The other processing is performed in the same manner as that in the above-mentioned second mode.
Also in the encryption/decryption communication system, when the management key entering means is stored in the storage medium externally given, there is preferably provided eliminating means for erasing the management key.
An encryption/decryption communication system according to a fifth invention is a system in which a plurality of enciphering/deciphering devices are connected to each other through communicating means, wherein the enciphering/deciphering device comprises first storage controlling means for storing a management key previously distributed in a first storage medium, receiving means for receiving ciphertext data and an enciphered key transmitted, key deciphering means for deciphering the enciphered key received by the receiving means using the management key stored in the first storage medium to form a data encryption key, data deciphering means for deciphering the ciphertext data received by the receiving means using the data encryption key formed by the key deciphering means to form plaintext data, and second storage controlling means for storing the plaintext data formed by the data deciphering means in a second storage medium.
The entry of the management key by the management key entering means is performed in the same manner as that in the above-mentioned fourth invention. The management key is the same as that used for enciphering the data encryption key in a case where the plaintext data is enciphered in the device on the transmission side. When the management key is entered from the second storage medium externally given, there is preferably provided eliminating means for erasing the management key from the second storage medium.
Examples of the first storage medium include an internal memory (for example, a RAM) and an internal disk storage in the enciphering/deciphering device, or a floppy disk, an IC card, an optical card, a magnetic card, and a transmission buffer.
According to the fifth invention, the ciphertext data and the enciphered key transmitted from the enciphering/deciphering device on the transmission side are received by the enciphering/deciphering device on the receiving side. The enciphered key is deciphered using the management key entered by the management key entering means, to obtain a data encryption key. The ciphertext data is deciphered using the data encryption key, to obtain plaintext data. The plaintext data is stored in the first storage medium. According to the present invention, in the enciphering/deciphering device which has received the ciphertext data and the enciphered key, the ciphertext data can be deciphered, and a receiving person can know the contents thereof. Since both the ciphertext data and the data encryption key (which is enciphered as an enciphered key) are received, the management of a correspondence therebetween becomes easy. Even if the ciphertext data and the data encryption key are transmitted and received, the data encryption key has been enciphered, whereby high security is obtained.
An encryption/decryption communication system according to a sixth embodiment of the invention is a system in which a plurality of enciphering/deciphering devices are connected to each other through communicating means, wherein the enciphering/deciphering device comprises first receiving means for receiving ciphertext data and an enciphered key transmitted, second receiving means for receiving a transmitted management key, key deciphering means for deciphering the enciphered key received by the first receiving means using the management key received by the second receiving means to form a data encryption key, data deciphering means for deciphering the ciphertext data received by the first receiving means using the data encryption key formed by the key deciphering means to form plaintext data, and storing means for storing the plaintext data formed by the data deciphering means in a storage medium.
Examples of the storage medium include a RAM and an internal disk storage in the enciphering/deciphering device, or a floppy disk, an IC card, an optical card, a magnetic card, and a transmission buffer.
The management key transmitted from the enciphering/deciphering device on the transmission side is received by the enciphering/deciphering device on the receiving side. The management key is the same as the management key used for enciphering the data encryption key when the device on the transmission side enciphers the plaintext data. The ciphertext data and the enciphered key transmitted from the enciphering/deciphering device on the transmission side are received. The enciphered key is deciphered using the received management key, to obtain a data encryption key. The ciphertext data is deciphered using the data encryption key, to obtain plaintext data. The plaintext data is stored in the storage medium. According to the present invention, in the enciphering/deciphering device which has received the ciphertext data and the enciphered key, it is possible to decipher the ciphertext data using the management key sent from the device on the transmission side, and know the contents thereof. Since both the ciphertext data and the data encryption key (which is enciphered as an enciphered key) are received, the management of a correspondence therebetween becomes easy. Further, even if the ciphertext data and the data encryption key are transmitted and received, since the management key is previously transmitted and received in secret and the data encryption key is enciphered, high security is obtained.
An enciphering/deciphering device according to the seventh invention is an enciphering/deciphering device using operation storage media each storing inherent supervisor identification data and inherent operation identification data and a supervisor storage medium storing the supervisor identification data, which is characterized by comprising data encryption key forming means for forming a data encryption key used for enciphering plaintext data, secret key forming means for forming a secret key used for enciphering the data encryption key formed by the data encryption key forming means, management key forming means for forming a management key used for enciphering the data encryption key formed by the data encryption key forming means, first storage controlling means for storing in the operation storage medium the secret key formed by the secret key forming means and the management key formed by the management key forming means, and second storage controlling means for storing the management key formed by the management key forming means in the supervisor storage medium.
An enciphering/deciphering method according to the seventh invention is an enciphering/deciphering method using operation storage media each storing inherent supervisor identification data and inherent operation identification data and a supervisor storage medium storing inherent supervisor identification data, which is characterized by comprising the steps of forming a data encryption key used for enciphering plaintext data, forming a secret key used for enciphering the formed data encryption key, forming a management key used for enciphering the formed data encryption key, storing in the operation storage medium the formed secret key and the formed management key, and storing the formed management key in the supervisor storage medium.
According to the seventh invention, the secret key and the management key are stored in the operation storage medium, and the management key is stored in the supervisor storage medium for managing the operation storage medium. All the management keys stored in the plurality of operation storage media are stored in the supervisor storage medium. The supervisor storage medium and the operation storage medium constitute one closed encryption/decryption system.
The data encryption key can be enciphered using the management key and the secret key.
In the seventh invention, there are preferably provided data enciphering means for enciphering the plaintext data using the data encryption key to form ciphertext data, first key enciphering means for enciphering the data encryption key using the secret key formed by the secret key forming means to form a first enciphered key, second key enciphering means for enciphering the data encryption key using the management key formed by the management key forming means to form a second enciphered key, and third storage controlling means for storing in a first storage medium the ciphertext data, the first enciphered key and the second enciphered key.
Consequently, the first enciphered key and the second enciphered key, together with the ciphertext data, are stored in the first storage medium. When the ciphertext data is deciphered, therefore, the first enciphered key or the second enciphered key which is stored in the first storage medium is read out, whereby a secret key is deciphered from the first enciphered key, and a management key is deciphered from the second enciphered key. The data encryption key is deciphered using the secret key or the management key, and the ciphertext data is deciphered using the deciphered data encryption key.
The ciphertext data can be deciphered by reading out the management key from the supervisor storage medium besides reading out the secret key or the management key from the operation storage medium. Consequently, the ciphertext data can be deciphered by handing over the supervisor storage medium to a manager, for example, and by reading out the management key from the supervisor storage medium besides handing over the operation storage medium to each of workers, for example, to encipher the plaintext data and the worker deciphering the ciphertext data. The use of the supervisor storage medium makes it possible to decipher the ciphertext data formed by each of the workers.
An enciphering/deciphering device according to the eighth invention is an enciphering/deciphering device using operation storage media each storing inherent supervisor identification data and inherent operation identification data and a supervisor storage medium storing the supervisor identification data, which is characterized by comprising data encryption key forming means for forming a data encryption key used for enciphering plaintext data, secret key forming means for forming a secret key used for enciphering the data encryption key formed by the data encryption key forming means, management key forming means for forming a management key used for enciphering the data encryption key formed by the data encryption key forming means, first storage controlling means for storing in the operation storage medium the secret key formed by the secret key forming means and the management key formed by the management key forming means, second storage controlling means for storing in the supervisor storage medium the management key formed by the management key forming means, data enciphering means for enciphering the plaintext data using the data encryption key to form ciphertext data, first key enciphering means for enciphering the data encryption key using the secret key formed by the secret key forming means to form a first enciphered key, second key enciphering means for enciphering the data encryption key using the management key formed by the management key forming means to form a second enciphered key, and third storage controlling means for storing in a first storage medium the ciphertext data, the first enciphered key and the second enciphered key.
An enciphering/deciphering method according to the eighth invention is an enciphering/deciphering device using operation storage media each storing inherent operation identification data and a supervisor storage medium storing inherent supervisor identification data, which is characterized by comprising the steps of forming a data encryption key used for enciphering plaintext data, forming a secret key used for enciphering the formed data encryption key, forming a management key used for enciphering the formed data encryption key, storing in the operation storage medium the formed secret key and the formed management key, storing the formed management key in the supervisor storage medium, enciphering the plaintext data using the data encryption key to form ciphertext data, enciphering the data encryption key using the formed secret key to form a first enciphered key, enciphering the data encryption key using the formed management key to form a second enciphered key, and storing in a first storage medium the ciphertext data, the first enciphered key and the second enciphered key.
According to the eighth invention, the secret key and the management key are stored in the operation storage medium, and the management key is stored in the supervisor storage medium. The management key and the secret key are stored in the operation storage medium. All the management keys stored in the plurality of operation storage media are stored in the supervisor storage medium.
The management key and the secret key are used for enciphering the data encryption key. The first enciphered key and the second enciphered key, together with the ciphertext data, are stored in the first storage medium.
When the ciphertext data is deciphered, the first enciphered key or the second enciphered key stored in the first storage medium is read out, whereby a secret key is deciphered from the first enciphered key, and a management key is deciphered from the second enciphered key. The data encryption key is deciphered using the secret key or the management key, and the ciphertext data is deciphered using the deciphered data encryption key.
The ciphertext data can be deciphered by reading out the management key from the supervisor storage medium besides reading out the secret key or the management key from the operation storage medium. Consequently, the ciphertext data can be deciphered by handing over the supervisor storage medium to a manager, for example, and by reading out the management key from the supervisor storage medium besides handing over the operation storage medium to each of workers, for example, to encipher the plaintext data and the worker deciphering the ciphertext data. The use of the supervisor storage medium makes it possible to decipher the ciphertext data formed by each of the workers.
In the foregoing, the management key stored in one of the operation storage media can be also stored as a low-order key in the other operation storage medium.
By reading out the low-order key stored in the other operation storage medium, the data encryption key can be deciphered using the low-order key. The ciphertext data is deciphered from the deciphered data encryption key.
In addition to a person having the one operation storage medium, a person having the other operation storage medium can also decipher the ciphertext data.
There may be provided operation identification name entering means for entering an operation identification name inherent to the operation storage medium for identifying the operation storage medium and supervisor identification name entering means for entering a supervisor identification name inherent to the supervisor storage medium for identifying the supervisor storage medium.
In this case, the first storage controlling means is so adapted as to store in the operation storage medium the supervisor identification name entered by the supervisor identification name entering means and the operation identification name entered by the operation identification name entering means, and the second storage controlling means is so adapted as to store in the supervisor storage medium the supervisor identification name entered by the supervisor identification name entering means.
Consequently, the supervisor storage medium and the operation storage medium can be identified using desired names.
All operation identification names inherent to the operation storage media which are stored in the supervisor storage medium can be also stored in the supervisor storage medium so that they can be displayed on a display.
By reading out all the operation identification names stored in the supervisor storage medium, the operation identification names are displayed on the display. Since all the management keys for each operation storage medium are stored in the supervisor storage medium, the operation identification names displayed on the display represent the types of operation storage media which can be deciphered using the management keys stored in the supervisor storage medium out of the operation storage media each storing the secret key for enciphering plaintext data and the management key. The operation storage media which are used for such encryption that the result of the encryption can be deciphered using the supervisor storage medium can be known by seeing the operation identification names displayed on the display device.
All the operation identification names stored in the operation storage media may be also stored in the supervisor storage medium so that they can be displayed on the display.
Also in this case, by reading out all the operation identification names stored in the operation storage media, the operation identification names are displayed on the display. The operation storage medium may, in some cases, store a management key in the other operation storage medium. The operation identification names displayed on the display represent the type of one of operation storage media which can be subjected to decryption using the management key stored in the other operation storage medium out of the operation storage media each storing the secret key for enciphering plaintext data and the management key. It can be known by seeing the operation identification names displayed on the display device which of the operation storage media is used for encryption and whether or not the result of the encryption can be deciphered using the one operation storage medium.
It is also possible to provide first selecting means for selecting the operation identification name of the operation storage medium which should transfer stored data out of the operation identification names displayed on the display, second selecting means for selecting the operation identification name of the operation storage medium to which the data should be transferred, and fifth storage controlling means for storing the data stored in the operation storage medium specified by the operation identification name selected using the first selecting means in the operation storage medium specified by the operation identification name selected using the second selecting means.
The data stored in the operation storage medium having the operation identification name selected by the first selecting means is transferred to the operation storage medium having the operation identification name selected by the second selecting means and is stored therein. The data stored in the operation storage medium can be preserved by transferring the data to the other operation storage medium and by storing the transferred data therein. Since a spare operation storage medium can be produced, it is possible to cope with a case where a storage medium is lost.
The second storage controlling means may be one for storing in the supervisor storage medium the operation identification name stored in the operation storage medium so that it can be displayed on the display.
The second storage controlling means may be one for storing in the supervisor storage medium the operation identification name stored in the operation storage medium and the operation identification name in the operation storage medium storing the management key as the low-order key so that they can be displayed on the display.
Management keys for deciphering data enciphered using the management keys or the secret keys stored in the operation storage media are stored in the supervisor storage medium. Therefore, the ciphertext data obtained using the operation storage medium can be deciphered using the supervisor storage medium. Since the operation identification names are displayed, such the operation storage medium can be known that is used for such encryption that the result of the encryption can be deciphered of the operation storage media used for encryption.
The first storage controlling means may be one for storing the operation identification name stored in one of the operation storage media in the other operation storage medium so that it can be displayed on the display.
The first storage controlling means may be one for storing in the above operation storage medium its own operation identification name and the operation identification name of the operation storage medium storing the management key registered as the low-order key so that they can be displayed on the display.
The operation storage medium may, in some cases, store the management key, as a low-order key, for deciphering data enciphered using the management key or the secret key stored in the other operation storage medium. Therefore, ciphertext data obtained using the other operation storage medium can be deciphered using the low-order key. Since the operation identification names are displayed, such the operation storage medium can be known that is used for such encryption that the result of the encryption can be deciphered of the operation storage media used for encryption.
There may be provided operation storage medium identifying means for reading the supervisor identification data and the supervisor identification names respectively stored in the plurality of operation storage media and identifying the operation storage media storing the same supervisor identification data and the supervisor identification names, and overlapped names judging means for judging whether or not the operation identification names stored in the plurality of operation storage media which are judged to store the same supervisor identification data and the supervisor identification names by the operation storage medium identifying means and the operation identification name entered from the operation identification name entering means are overlapped with each other, and the first storage controlling means may be one for storing, with respect to the operation identification name which is judged to be overlapped with the operation identification names by the overlapped names judging means and entered from the operation identification name entering means, a name obtained by adding an additive name to the entered operation identification name in the operation storage medium.
In the operation storage media storing the same supervisor identification data, only one type of operation identification name is stored in each of the operation storage media. However, the same operation identification name can be also erroneously repeatedly entered, or the same operation identification name is desired to be repeatedly entered. In this case, the same operation identification name is allowed to be repeatedly entered, and a name obtained by adding an additive name to the operation identification name is stored in the operation storage media.
Since the operation identification name to which the additive name is added is stored in the operation storage media, the operation storage media can be distinguished even if the same operation identification name is repeatedly entered.
There may be also provided secret key enciphering means for enciphering the secret key formed by the secret key forming means, and management key enciphering means for enciphering the management key formed by the management key forming means, the first storage controlling means may be for storing in the operation storage medium the secret key enciphered by the secret key enciphering means and the management key enciphered by the management key enciphering means, and the second storage controlling means may be one for storing in the supervisor storage medium the management key enciphered by the management key enciphering means.
Both the secret key and the management key can be used for deciphering the data encryption key, and the secret key and the management key are high in secrecy.
Since the secret key and the management key are enciphered and are stored in one of the operation storage media, and the management key is enciphered and is stored in the supervisor storage medium, only the enciphered secret key and the enciphered management key can be read out from the operation storage medium or the supervisor storage medium. Since the secret key and the management key are enciphered, a person who has read out the keys cannot know the contents of the keys even if the keys are read out. Consequently, the secrecy of the secret key and the management key is kept high.
There may be provided secret key enciphering means for enciphering the secret key formed by the secret key forming means using the management key formed by the management key forming means. In this case, the first storage controlling means stores in the operation storage medium the secret key enciphered by the secret key enciphering means and the management key formed by the management key forming means.
Also in this case, the secret key is enciphered and is stored in the operation storage medium, whereby the secret key has high secrecy. The management key for enciphering the secret key, together with the enciphered secret key, is stored in one of the operation storage media, whereby the keys are relatively easy to manage.
A password may be stored in the operation storage medium, and there may be provided password entering means for entering a password for password judgment, and password coincidence judging means for judging whether or not the password entered by the password entering means and the password stored in the operation storage medium coincide with each other. The first storage controlling means may be one for storing in the operation storage medium the secret key formed by the secret key forming means and the management key formed by the management key forming means when the password coincidence judging means judges that the passwords coincide with each other.
Further, a password may be stored in the supervisor storage medium, and there may be provided password entering means for entering a password for password judgment, and password coincidence judging means for judging whether or not the password entered by the password entering means and the password stored in the supervisor storage medium coincide with each other. The second storage controlling means may be one for storing in the supervisor storage medium the management key formed by the management key forming means when the password coincidence judging means judges that the passwords coincide with each other.
When the secret key and the management key may be altered upon assumption that everyone can operate the enciphering/deciphering device. Consequently, it is preferable that only reliable human beings can operate the enciphering/deciphering device.
In the foregoing, a password is registered, and it is assumed that the enciphering/deciphering device can be operated so long as an entered password coincides with the registered password. By teaching the password to only a reliable person, therefore, it is possible to prevent the enciphering/deciphering device from being erroneously operated by an unreliable person.
An enciphering/deciphering device according to the ninth invention is characterized by comprising first reading means for reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data, the first enciphered key and the second enciphered key, second reading means for reading out from an operation storage medium storing inherent operation identification data and a secret key for deciphering the first enciphered key read out from the first reading means the secret key, first key deciphering means for deciphering the first enciphered key using the secret key read out by the second reading means to form a data decryption key, third reading means for reading out from a supervisor storage medium storing the operation identification data, inherent supervisor identification data and a management key for deciphering the second enciphered key read out from the first reading means the management key, second key deciphering means for deciphering the second enciphered key using the management key read out by the third reading means to form a data decryption key, data deciphering means for deciphering the ciphertext data using the data decryption key formed by the first key deciphering means or the second key deciphering means to form plaintext data, and storage controlling means for storing in a second storage medium the plaintext data formed by the data deciphering means.
The ninth invention is characterized by comprising the steps of reading out from a first storage medium storing ciphertext data, a first enciphered key and a second enciphered key the ciphertext data, the first enciphered key and the second enciphered key, reading out from an operation storage medium storing an inherent operation identification name, inherent operation identification data and a secret key for deciphering the read-out first enciphered key the secret key, deciphering the first enciphered key using the secret key read out to form a data decryption key, reading out from a supervisor storage medium storing the operation identification name, the operation identification data, an inherent supervisor identification name, inherent supervisor identification data and a management key for deciphering the read-out second enciphered key the management key, deciphering the second enciphered key using the management key read out to form a data decryption key, deciphering the ciphertext data using the formed data decryption key to form plaintext data, and storing the formed plaintext data in a second storage medium.
According to the ninth invention, the secret key stored in the operation storage medium is read out, and the data encryption key is deciphered using the secret key, to form a data decryption key. The ciphertext data is deciphered using the data decryption key to obtain plaintext data. The management key stored in the supervisor storage medium is read out, and the data encryption key is deciphered using the management key, to form a data decryption key. The ciphertext data is deciphered using the data decryption key to obtain plaintext data.
According to the ninth invention, the ciphertext data can be deciphered using the secret key stored in the operation storage medium to obtain plaintext data, and the ciphertext data can be deciphered using the management key stored in the supervisor storage medium to obtain plaintext data.
Consequently, the ciphertext data can be deciphered by handing over the supervisor storage medium to a manager, for example, and reading out the management key from the supervisor storage medium besides handing over the operation storage medium to each of workers, for example, to encipher the plaintext data and the worker deciphering the ciphertext data. The use of the supervisor storage medium makes it possible to decipher using the supervisor storage medium the ciphertext data formed by each of the workers.
The second reading means may be one for reading out from an operation storage medium storing inherent operation identification data, a secret key for deciphering the first enciphered key read out from the first reading means, and a low-order key the low-order key, and the second key deciphering means may be one for deciphering the second enciphered key using the low-order key read out by the second reading means to form a data decryption key.
It is considered that the management key stored in the operation storage medium is stored as a low-order key in the other operation storage medium, the data encryption key enciphered using the management key stored in the operation storage medium is deciphered using the low-order key, to decipher the ciphertext data to obtain the plaintext data.
In the foregoing, the management key or the low-order key is stored in the supervisor storage medium or the operation storage medium, whereby it is possible to decipher the data encryption key using the management key or the low-order key to obtain a data decryption key, and decipher the ciphertext data to obtain the plaintext data.
There can be also provided secret key eliminating means for erasing the secret key stored in the operation storage medium.
The secret key is inherent to the operation storage medium. For example, when the operation storage medium is handed over to each of the workers, and the manager holds the supervisor storage medium, the ciphertext data obtained using the secret key stored in the operation storage medium can be deciphered by each of the workers having the operation storage medium. This may introduce problems on management of the ciphertext data.
Since in the foregoing, the secret key stored in the operation storage medium can be erased, it is possible to prevent the ciphertext data from being deciphered without permission by a person having an operation storage medium, for example, a worker.
The operation identification name stored in the operation storage medium from which the secret key is erased by the secret key eliminating means may be read out from the operation storage medium.
Consequently, the operation storage medium from which the secret key is erased can be known, whereby it is possible to previously know the operation storage medium which cannot decipher the ciphertext data.
There may be provided judging means for judging whether or not the second enciphered key is enciphered using the management key stored in the operation storage medium in which the low-order key read out by the second reading means is stored as the management key, and first enciphered key eliminating means for erasing the first enciphered key stored in the first storage medium in response to the fact that the judging means judges that the second enciphered key is enciphered.
Even in this case, the first enciphered key stored in the first storage medium can be erased, whereby it is possible to prevent the ciphertext data from being deciphered without permission by a person having an operation storage medium, for example, a worker.
There may be provided displaying means for displaying the operation identification name of the operation storage medium which is read out by the second reading means in response to the fact that the first enciphered key is erased by the first enciphered key eliminating means. Consequently, it is possible to confirm a person who has inhibited decryption.
The data stored in the supervisor storage medium may be read out and stored in the other storage medium.
Consequently, a spare supervisor storage medium can be produced, whereby it is possible to previously cope with loss and damage of the supervisor storage medium.
The data stored in the other storage medium may be reversely transferred to the original supervisor storage medium and stored therein.
The data stored in the other storage medium is inhibited from being read out when it is transferred in the reverse direction to the original supervisor storage medium, whereby unfair copying of the data in the supervisor storage medium can be also prevented, and the supervisor storage medium becomes relatively easy to manage.
There may be provided eliminating means for erasing the data in the supervisor storage medium which has been stored in the other storage medium.
Since unnecessary data in the supervisor storage medium which has been stored in the other storage medium can be erased, the data in the supervisor storage medium becomes relatively easy to manage.
There are preferably provided transfer judging means for judging whether or not the data stored in the operation storage medium or the supervisor storage medium is transferred to the other storage medium, and reading inhibition controlling means for inhibiting the data stored in the original operation storage medium or the supervisor storage medium from being read out by the fact that the transfer judging means judges that the data is transferred to the other storage medium.
When the data is transferred, therefore, the data stored in the original supervisor storage medium or the operation storage medium from which data is transferred can be inhibited from being read out. Consequently, unfair copying of data can be prevented, and only a person fairly having a supervisor storage medium or an operation storage medium can decipher ciphertext data. Consequently, the storage medium becomes relatively easy to manage.
There can be also provided first reading inhibition release controlling means for releasing the inhibition of the reading of the data in the operation storage medium by the reading inhibition controlling means.
Since the inhibition of the reading of the data is released, the data can be read out from the operation storage medium from which the reading out of data was inhibited.
The supervisor identification data or the operation identification data is random-number data or enciphered time data, for example.
The random-number data or the enciphered time data is difficult to presume, whereby the secrecy of the identification data can be kept high.
It is also possible to store a version code in the supervisor storage medium or the operation storage medium, and to store in the first storage medium the version code in addition to the ciphertext data, the first enciphered key and the second enciphered key.
When encryption processing is performed using the operation storage medium storing a low version code, it is necessary that decryption processing can be performed using the supervisor storage medium or the operation storage medium storing a higher version code than the version code.
Since the version code of the operation storage medium used for encryption is stored in the first storage medium, it is possible to know the operation storage medium or the supervisor storage medium which can be used for decryption.
Version codes are stored in the first storage medium, the operation storage medium and the supervisor storage medium, and there can be also provided comparing means for comparing the version code read out by the first reading means with the version code read out by the second reading means or the version code read out by the third reading means, and key formation controlling means for allowing the formation of the data decryption key by the first key deciphering means and the formation of the data decryption key by the second key deciphering means when the version code read out by the first reading means is not more than the version code read out by the second reading means or the version code read out by the third reading means as a result of the comparison by the comparing means.
When encryption processing is performed using the operation storage medium storing a low version code, decryption processing can be performed using the supervisor storage medium or the operation storage medium storing a higher version code than the version code.
The operation storage medium may be one storing an operation identification name inherent to the operation storage medium and a supervisor identification name inherent to the supervisor storage medium, and the supervisor storage medium may be one storing the supervisor identification name.
There can be also provided operation identification name changing means for changing the operation identification name stored in the operation storage medium.
Since the operation identification name can be changed into a desired operation identification name, the application of the enciphering/deciphering device is broadened.
The plaintext data or the deciphered plaintext data can be also displayed and scrolled.
There may be also provided displaying means for displaying and scrolling the plaintext data or the deciphered plaintext data.
Consequently, the supervisor identification data or the operation identification data can be prevented from being overlapped with each other, whereby it is also possible to keep high secrecy.
The enciphering/deciphering device, the enciphering/deciphering method or the encryption/decryption system may be constructed using an enciphering device, using time data as input data, an initial value or an encryption key fed to the enciphering device, and using enciphered data obtained from the enciphering device as the data encryption key, the secret key or the management key.
The time data is used as the input data, the initial value or the encryption key, to obtain the enciphered data. The obtained enciphered data is taken as the data encryption key, the secret key or the management key.
The data encryption key, the secret key or the management key is generated utilizing the time data. The time data is data which is generally difficult to presume by a third person. When the plaintext data is enciphered using the data encryption key formed utilizing the time data, therefore, it is difficult to presume the data encryption key, whereby it is also difficult to decipher the ciphertext data.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram showing the construction of an enciphering/deciphering device in a first embodiment;
FIG. 2a illustrates one example of an encryption algorithm, and FIG. 2b illustrates one example of an S box;
FIG. 3a shows how encryption processing of a file in an enciphering/deciphering device is performed, and FIG. 3b shows how decryption processing in the enciphering/deciphering device is performed;
FIG. 4 is a flow chart showing the flow of encryption/decryption processing in the first embodiment;
FIG. 5 is a flow chart showing the flow of encryption/decryption processing in the first embodiment;
FIG. 6 is a flow chart showing the flow of encryption/decryption processing in the first embodiment;
FIG. 7 shows how decryption processing in the enciphering/deciphering device in the