JP2000112348A - Encryption apparatus and decryption apparatus - Google Patents

Abstract

PROBLEM TO BE SOLVED: To execute a high-speed cipher processing and to make it possible to assure the safety encrypting message data by using plural kinds of involution processing programs which are the base and arbitrary key data. SOLUTION: A cipher program A 102 is inputted from a support processor 101 to a 32-bit processor 106. An algorithm determination key A 105 of a 64-bit length and a system key A 111 of a 32-bit × 8=256 bit length are inputted to a 32-bit processor 106. The algorithm determination key B 107 of the formed 64-bit length is sent to the support processor 101 to operate a cipher program forming function 104. The formed cipher program B 103 is inputted to the 32-bit processor 106. The 32-bit processor 106 encrypts plaintext 109 with the data key 108 and the system key B 112 as parameters and outputs the ciphertext 110 obtained as a result thereof.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to an encryption processing device and an encryption processing method for encrypting a computer message and the like.

[0002]

2. Description of the Related Art At present, many companies are strengthening information network facilities for business purposes. In the near future, it is expected that information will be exchanged frequently not only within one organization but also among a plurality of organizations having various business relationships. In such a situation, encryption is indispensable for ensuring communication security.

[0003] Cryptography is roughly classified into two types: common key cryptography and public key cryptography. Symmetric key cryptography is for encrypting large amounts of data,
Used to perform decryption and create message authentication codes.

[0004] Public key cryptography is used for secretly delivering a common key and performing digital signatures on both sides of communication. Symmetric key encryption is based on the premise that the same key (common key) is shared between the sender and the receiver, and the sender encrypts and converts the message with the common key and sends the message. Is used to perform encryption / decryption conversion such that the received cipher text is decrypted and converted with the same common key and returned to the original message.

[0005] Conventional symmetric key encryption algorithms include DES (Data Encryption Standard) and FEAL-
8 (Fast Encryption Algorithm) is known.
Regarding ES, for example, (1) Koyama et al., “Modern Cryptography Theory”, The Institute of Electronics, Communication and Communication Engineers, pp. 147-181, pp. 157-177. 41-49, September 1986
For FEAL-8, see (2) Shimizu et al., "High-speed Data Encryption Algorithm FEAL", IEICE Transactions D.E. Vol. J70-D, No. 7, p
p. 1413-1423, July 1987, respectively.

In order to improve the efficiency of data disturbance and the processing speed, "High-speed encryption for multimedia" (Information Processing Society of Japan, Multimedia Communication and Distributed Processing Research Group, January 19, 1989) and JP-A-63-
No. 103919 (hereinafter, referred to as an encryption algorithm).
MULTI2) is known.

[0007] MULTI2 is the upper 3 bits of 64 bits of plaintext data.
By executing basic functions (involution functions) π _{1 to} π ₄ shown in FIG. 18 in a predetermined order with respect to 2 bits and lower 32 bits, 64 bits of cipher text are obtained.

[0008] Symbols appearing in the figure (〇 and + overlapped)

[0009]

(Equation 1)

[0010] XOR of each bit, + the sum obtained by modulo 2 ^32, - denotes calculation and modulo 2 ^{32, Rot n} is the cyclic shift of n bits, V is the logical OR of each bit .

[0011]

Generally, even if an encryption algorithm is considered to have considerable randomness, it analyzes a plaintext arbitrarily given to the encryption algorithm and a ciphertext generated from the plaintext. It is known that an encryption key can be estimated by a certain technique (so-called plaintext attack), and as a result, there is a risk that cryptography can be established.
(Boer, “Crypto-analysis of FEEL”, Proc. EUR
OCRYPTO, 1987).

Therefore, the conventional algorithm described above cannot be guaranteed to be secure in the future.

[0013] In addition, against the selected plaintext attack, a combination of operational measures such as shortening the change period of the encryption key and technical measures such as making the encryption algorithm itself more difficult to make it difficult to break the encryption are used together. It is effective to do. As the latter technical measure, DES, EFEL-8 or MU
In LTI2, it has been proposed to increase the number of times of inversion conversion (Haraki et al., "Development and use of Hisecurity-Multi2, a high-speed encryption algorithm for multimedia," IEICE, WCIS '89 -D2.
August 28-30, 1989; J. Highland, “Crack
ing the DES? ”, Computers & Security, 8, 1989, p.
p. 274-275).

However, there is no known optimum number of repetitions of the involution, that is, the number of repetitions of the involution, that is, the number of times equal to or more than this number is safe and the number of times less than this number is not safe. Therefore, it is necessary to excessively increase the number of times of the involution repetition in view of the safety margin. On the other hand, the cryptographic conversion speed decreases in inverse proportion to the increase in the number of times of inversion.

An object of the present invention is to provide a cryptographic processing apparatus and a cryptographic processing method that can perform high-speed cryptographic processing and guarantee high security.

[0016]

To achieve the above object, the cryptographic processing apparatus of the present invention uses a plurality of basic involution processing programs and arbitrary key data to generate message data (plain text). Means for generating an encryption program for encrypting the message, and means for executing the encryption program to convert the message data into cipher text.

Further, since a part of the involution processing program includes a substitution processing section and a transposition processing section, the execution order of each of the involution processing programs and the execution order of each of the involution processing programs are determined in accordance with the bit pattern of the key data. The execution order of the substitution processing unit and transposition processing unit in the involution processing program is determined.

Further, the above-mentioned plurality of transposition processes includes an operation of cyclically shifting the different numbers X and Y right or left by X bits and an operation of cyclically shifting right or left by Y bits. Specific numerical values of X and Y,
Alternatively, an instruction as to whether to shift right or left cyclically is given by key data.

Further, the plurality of substitution processing includes a right or left cyclic shift instruction and a modulo addition or subtraction instruction, and an instruction on how to combine the instructions to constitute the substitution processing is given by: Given by key data.

According to the present invention, a part of the functions constituting the encryption algorithm and the execution order of the functions change depending on the key data. As a result, an enormous number of algorithm conversion forms corresponding to the product of the number of partial changes of the function and the total number of permutation combinations in the execution order of the function are generated, and it becomes extremely difficult to break a cipher. As a result, it is possible to realize a common key encryption algorithm having high strength against cipher breaking without substantially lowering the encryption / decryption conversion speed as compared with the conventional encryption method.

[0021]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, embodiments of the present invention will be described in detail.

FIG. 1 is a diagram showing a system configuration, and FIG. 2 is a diagram showing a system processing procedure. This system includes a 32-bit processor (10
6) and a support processor (101) for generating the encryption program B. First, the processing procedure of the entire system will be described.

Step 201: Support processor (1)
01), the encryption program A (102) is input to the 32-bit processor (106).

Step 202: Algorithm determination key A (105) having a length of 64 bits and 32 bits × 8 = 256
The bit-length system key A (111) is input to the 32-bit processor 106.

Step 203: The 32-bit processor (106) is operated to generate a 64-bit algorithm determination key B (107).

Step 204: The generated algorithm determination key B (107) having a length of 64 bits is sent to the support processor (101), and the encryption program generation function (10
Operate 4).

Step 205: The encryption program generation function (104) performs the algorithm determination key B (1
07) to generate an encryption program B (103). Then, this encryption program B (103) is
Input to the bit processor (106).

Step 206: The 32-bit processor (106) controls the data key (108) and the system key B (112) under the control of the encryption program B (103).
Is used as a parameter to encrypt the plaintext (109), and the resulting encrypted text (110) is output.

FIG. 3 shows a 32-bit processor (106).
FIG. 3 is a diagram showing the configuration of FIG. 32-bit processor (10
6) a control program unit (303), a calculation unit (302) that performs calculation processing based on a control signal from the control program unit, an input buffer (301) that holds input data to the calculation unit, and , An output buffer (304) for holding output data from the operation unit.

FIG. 4 is a diagram for explaining the details of the arithmetic unit (302), and FIGS. 5 and 6 are diagrams for explaining the details of the encryption program A (102) initially stored in the control program unit (303).

Generation of Algorithm Determination Key B in FIG.
1 to 203) will be described in more detail with reference to FIGS.

In step 201, the encryption program A (10) input to the 32-bit processor (106)
2) is stored in the control program unit (303).

In step 202, the input 64
The algorithm determination key A (105) having a bit length is
The upper 32 bits are divided into 2 bits and lower 32 bits, and the upper 32 bits are stored in a 32-bit register L (40) in the operation unit (302).
1) and X (402), respectively, and the lower 32 bits are stored in a register R (403).

The system key A (111) having a length of 32 bits × 8 = 256 bits determined by the system is divided into 32 bits, and the 32-bit registers W ₁ (404) to W ₁ (404) to W (404) are input via the input buffer (301). ₈ (411).

In step 203 described above, the encryption program A (10) shown in FIGS.
Execute 2) one line at a time. The flowcharts corresponding to FIGS. 5 and 6 are shown in FIGS.

The encryption in FIGS. 5 and 6 is defined as follows.

Ln: Data is shifted to the left (lower bit direction) by n
Bit-wise shift.

Rn: Data is shifted to the right (in the direction of the upper bits) by n
Bit-wise shift.

EOR: The exclusive OR of the data stored in the register X and the data stored in another register is calculated.

[0040] +: 2 ³² modulo addition modulo using the data input to the register X stored in the data and gate A. -: 2 ³² modulo subtraction modulo using the data input to the register X stored in the data and gate A. ++ 1: 2 ³ modulo addition modulo using 1 to that added to the stored in the register X data, and other data. + -1: 2 ³ modulo addition modulo using the plus -1 stored in the register X data, and other data. - + 1: one plus the stored in the register X data and, 2 ³ modulo subtraction modulo with other data. --1: plus -1 stored in the register X data and, 2 ³ modulo subtraction modulo with other data. ∨: Logical OR for each bit ∧: Logical AND for each bit [Wn]: Register Wn is an output destination only at the time of key scheduling.

In the processing of step 501 in FIGS. 5 and 6, the register R (403) becomes an input to the gate A (412), the number of rotations is 0, and operations other than rotation are exclusive and OR. , And the operation result is
(403).

Using specific numerical values, the following is obtained. However, numerical values are displayed in hexadecimal. As a 64-bit algorithm determination key A (105), “00000000”
00000000 ", eight 32-bit system keys A (10
As 9), eight “00000000” are given.

That is, the registers L (401) and X (40
2) upper 32-bit length data "00 ... 0", register R (403) lower 32-bit length data "00 ... 0",
Registers W ₁ (404) to W ₈ (411) have “00.
0 ”is stored.

In step 501, register X (4
02) and the exclusive OR of the data stored in R (403) are obtained, and as a result "00000000" is stored in registers X (402) and R (403). In step 502, register X (402) and
The sum of the data stored in W ₁ (404) is calculated,
As a result, “00000000” is stored in the register X. In step 503, the sum of the data obtained by adding -1 to the data stored in the register X (402) and the data obtained by cyclically shifting the data stored in the register X by one bit to the left is obtained. As a result, "ffffffff To register X
(402). At step 504, the exclusive OR of the data stored in the register X (402) and the data stored in the register X (402) and shifted left by 4 bits is calculated, and the result is "00000000". Stored in the register X (402).

In step 505, register X (4
02) and the register L (401)
Is exclusive ORed with the data stored in the register X (402) and L
(401). However, the encryption program A (10
2) is for generating an algorithm determination key B (that is, a key schedule program),
It is designed to store “00000000” also in the register W ₁ (404). At step 506, register X
The data stored in (402) and the register W ₂ (40
The sum with the data stored in 5) is calculated, and as a result, “0000” is obtained.
0000 "is stored in the register X.

At step 507, register X (4
02), plus +1 to the data stored in
The data stored in the register X (402) is summed with the data obtained by cyclically shifting left by 2 bits, and as a result, "000000
00 "is stored in the register X. In step 508, the exclusive OR of the data stored in the register X (402) and the data stored in the register X (402) and shifted left by 8 bits is calculated. As a result, "00000000" is stored in the register X (402).

In step 509, register X (4
02) and the data stored in the register W ₃ (406) are summed, and the result is “00000101”
Store in register X. In step 510, the difference between the data stored in the register X (402) and shifted left by one bit and the data stored in the register X (402) is obtained. As a result, “00000101” is stored in the register X (402). To be stored. In step 511,
Data stored in register X (402) and register L
The logical sum of each bit with the data stored in (401) is calculated, and as a result, the exclusive logical sum of “00000101” and the data stored in the register X shifted left by 16 bits is calculated. 01010101 ”is stored in the register X.

In step 512, register X (4
02) and the data stored in the register R (403) are exclusive ORed, and the result is “01”
010101 "is stored in the register X (402) and R (40
Store in 3). However, because it is phase of the key schedule, stores also "01010101" in the register W _2.

At step 513, register X (4
02) and the data stored in the register W ₄ (407), and the result is “01010101”
Is stored in the register X (402). In step 514, the data stored in the register X (402) +1
And the sum of the data stored in the register X (402) and the data obtained by cyclically shifting the data by two bits to the left is obtained, and the result “05050506” is stored in the register X (402). At step 515, register X (40
Exclusive OR with the data stored in the data register L (401) stored in 2) is performed, and the result is “050505”.
06 "is stored in the registers X (402) and L (401). However, since this is a key schedule phase,
“05050506” is also stored in the register W ₃ (406).

Hereinafter, the same processing is repeated, and further, the involution π ₁ is executed. As a result, data as shown in FIG. 7 is obtained in the registers W ₇ (410) and W ₈ (411). These W ₇ (410) and W ₈ (41
The algorithm determination key B (107) is used for a total of 64 bits of 1).
Output as

Next, the processing procedure (204) for generating the encryption program B will be described in detail with reference to FIG. In step 204, the algorithm determination key B (1
07), the encryption program A (102) is converted according to the following algorithm conversion rule. Of the algorithm determination key B (107), let L ₁ be the 32 bits stored in the W ₇ (410) and let L ₂ be the 32 bits stored in the W ₈ (411). Determining the structure of L ₁ and _{L 2} as shown in FIG. 11.

The algorithm conversion rules are as follows.
You. Step 601: L₁1st to 5th bits of
Looking at (701), the first half of the MULTI2 involution π₁
~ Π₄ And L₂Bit 1 to bit 5
The second half of the involution π₁ ~ Π₄Determine the order of execution
I do. For example, the first to fifth bits (701) are
When “00000”, the execution order is π₁π₂π₃π₄age,
When “00001”, the execution order is π₁π₂π₄π₃To be
Binary number represented by 1st bit to 5th bit
But each time it increases by one, the involution π₁~ Π₄Appendage
The execution order is determined so that the character permutation increases.

Note that the first to fifth bits (701) are 4! = “11000”, the execution order is π ₁ π ₂ π ₃ π ₄
And the same assignment is performed until π ₂ π ₁ π ₄ π ₃ is assigned at “11111”.

Further, as a result, the execution order of each assigned involution is changed to the initial execution order (π ₁ ,
π ₂ , π ₃ , π ₄ ) and even to odd numbers,
Or, if you change from odd to even,
The left and right 32-bit input / output data of the left and right sides of the involution are exchanged.

Step 602: L₁6th bit to 16
Looking at the bit eyes (702-704), the first half of the involute
Pi₁~ Π₄(P21 to p23, p31
To p36, p41 to p42) are determined, and L₂
The 6th to 16th bits of
Solution π₁~ Π₄Determine the execution order of each function in.
Specifically, at the sixth to eighth bits (702), π₂Inside
Function p₂₁~ P₂₃ The execution order of
Π at the 15th bit (703)₃Function p in₃₁ ~ P₃₆
Is determined, and π is determined at the 16th bit (704).₄Inside
Function p₄₁~ P₄₂The order of execution. This execution order
Is determined in the same manner as in step 601. That is, each
If all bits are zero, the encryption program A (10
The execution order is the same as that of 2).
The numerical values of the permutations of the subscripts are sequentially divided so that
Hit it. When the permutation has completed one round, the same permutation as the starting point is assigned from the next.
Then, the same assignment is performed.

[0056] Step 603: _{L 1} of the 17th bit to 3
Looking at the second bit (705 to 709), a part of the function of the first half involutions π _{2 to} π ₄ is determined, and 1 of L ₂ is determined.
A part of the function of the latter half of the inversions π _{2 to} π ₄ is changed by the 7th to 32nd bits. For example, to change in accordance with the bit pattern of each area, as shown in FIG. 12 the function _{p 22, p 32, p 35} , p 36, p 42 operators.

Step 604: Algorithm determination key A
By looking at the upper 8 bits of (105), the number of repetitions of the involution is determined. That is, when the upper 8 bits are “00000000”, the eight involutions determined up to step 603 are executed.

In the case of "00000001", after the eight involutions, the first four involutions are further added to 1
Repeat several times. Hereinafter, each time the numerical value increases by one, the first and second four involutions are alternately added. When the upper 8 bits become “11111111”, the eight involutions determined up to step 603 are repeated 128 times, and then the first four involutions are repeated one more time.

When the bit strings of FIG. 7 are used as L ₁ and L ₂ , they are converted into algorithms as shown in FIGS. 13, 14 and 15. Also, at this time, since the upper 8 bits of the algorithm determination key A (105) are “00000000”, eight involutions are performed. In other words, this is a process of encrypting data of 64 bits per block with 30 machine instructions.

The encryption program determined as described above is executed as the encryption program B (103) for encrypting the plaintext 109.

Next, the encryption processing (205, 206) will be described.

Step 206 in FIG. 2 further includes a process of generating data execution keys (K _{1 to} K ₈ ) from the data key (108) and the system key B (112), and a plaintext using the data execution key. (109) is divided into an encryption process.

In the encryption program B generated by the support processor 101, four involution functions created from the upper 32 bits of the algorithm determination key B are _denoted by π _a , π _b , π _c , π _d and the algorithm determination key Assuming that four involution functions created from the lower 32 bits of B are π _e , π _f , π _g , and π _h , the process of generating the data execution keys (K _{1 to} K ₈ ) is 9 Let two involution functions be π _a , π
_{b, π c, π d,} π e, π f, π g, π h, is performed in [pi _a. A flow diagram of a process for generating data execution key _(K 1 ~K ₈₎ shown in FIG. 16.

The upper bits of the algorithm determination key B,
The lower bit is L shown in FIG.₁, L₂ Then the actual data
Row key (K₁~ K₈The process that produces₃,
π₁, Π₄, Π₂, Π₁, Π₃, Π₂, Π₄, Π₃To
Will consist of nine involution functions.
You.

In the process of generating the data execution keys (K _{1 to} K ₈ ), first, the system key B (112) is changed to J _{1 to} J 8.
₈ and registers W ₁ (404) to W ₈ (4
11), the upper 32 bits of the data key (108) are written to the registers L (401) and X (402), and the lower 32 bits are written to the register R (403). FIG.
3. In the program shown in FIGS. 14 and 15, the key schedule processing (register [W
And executing processes) writing to _X], the register _{W 1 (404) ~W 8 (} 411), data execution key _(K 1 ~K ₈₎ is obtained.

Next, FIG. 17 shows a flowchart of the encryption process.

FIG. 17 shows a case where the repetition of the involution is performed a plurality of times, and the involution (π _a ) at the final stage is omitted.

When the upper 8 bits of the algorithm determination key A are "00000000", the same number of involutions as in FIG.

As a precondition for the processing, the upper 32 bits of the plain data of 64 bits per block are stored in the register L (401).
Then, after writing the lower 32 bits to the register R (403), the encryption program B (processing for writing to the register [W _X ] written in brackets as output) is executed. As a result, the upper 32 bits of the ciphertext are obtained in L (401) and the lower 32 bits of the ciphertext are obtained in R (403).

The decryption is performed by reversing the execution order of the involution performed in the encryption process. In this way, the original plaintext can be obtained by decryption.

In FIG. 4, the 32-bit register 1
Although a processor including two and three 32-bit arithmetic circuits is used, software may be configured to perform processing similar to that of the embodiment using a general-purpose processor different from this configuration.

FIGS. 5, 6, 13 and 1
4, in FIG. 15, 4 bits, 8 bits, and
The 16-bit left circular shift is fixed, but 4 bits,
8-bit and 16-bit right circular shifts may be used. Alternatively, the number of left or right cyclic shift bits, such as 5 bits, 9 bits, and 17 bits, at which propagation of bit disturbance is effective may be used. Furthermore, before the encryption program conversion, the left and right rotations of 4 bits, 8 bits and 16 bits are included, and after the conversion, the left and right shifts of 3 bits, 8 bits and 18 bits are included. A bit change may occur.

In this embodiment, the bit length of the algorithm determination key A (105) and the data key (108) is 64 bits, but may be 128 bits instead.

That is, the algorithm determination key A (10
If 5) is 128 bits long, the system key A (11
1) That is, of the 32 bits × 8 pieces of data I _{1 to} I ₈ , arbitrary two I _α and I _β determined by the system are added to the original algorithm determination key A to determine an algorithm having a total length of 128 bits. The key A may be used. At this time, the remaining system key A is 32 bits × 6.

Similarly, when the data key (108) is 128 bits long, the system key B (112),
Of the 32 bits × 8 pieces of data J _{1 to} J ₈ , arbitrary two pieces of J _γ and J _δ determined by the system may be added to the original data to provide a data key having a total length of 128 bits. At this time, the remaining system key B is 32 bits × 6.

Further, in the above-described embodiment, a plurality of involutions are performed by performing the inversion conversion on certain data and then performing the same inversion conversion again to return to the original data. The execution of the encryption function and the execution of the same inversion in the reverse order realize the decryption function.

However, when the present invention is used for purposes other than encryption and decryption of plaintext, for example, when a plaintext is used as the system keys A and B to create a compressed code, the operator is changed instead. Thus, the feature of the involution may be eliminated and a one-way encryption function may be used. For example, upper 32 or lower 32 of the input data
Modulo addition, modulo multiplication, or other operations are performed instead of performing a bit-wise exclusive OR operation of the bits obtained by function conversion and the remaining upper or lower 32 bits of the input data.

[0078]

According to the present invention, the algorithm decision key A
The encryption / decryption function is determined based on the data and the data key, and the encryption / decryption of the data is divided into two stages, whereby the encryption strength can be enhanced.

[0079] Incidentally, in the case where an encryption program generated by the present invention is limited to Invocation Roussillon eight processing is, since the variations of 2 ⁶³ or more algorithms exist, chosen plaintext - robust to ciphertext attack It is. In addition, when the number of repetitions of the involution is increased by the data of the upper 8 bits of the algorithm key, the clue to decryption becomes complicated so as not to be imagined.

Furthermore, the repetition of the involution is 8
If it is larger than twice, the data effective key (K
_{Since 1 to} K ₈ ) are repeatedly used, encryption can be performed by almost processing between registers.
The decrease in cryptographic processing speed due to the increase in the number of times of involution is reduced.

For example, Hitachi Workstation 2050
When a program including 1028 involution processes is executed using / 32 (a product of Hitachi, Ltd.), an encryption processing speed of 36 Kbps or more can be obtained. This is faster than the 21 kbps predicted by the inverse proportional calculation from the 2.7 Mbps obtained when the encryption program composed of eight involution processes is executed by the same device.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a configuration of an encryption device embodying the present invention.

FIG. 2 is a diagram showing a flowchart illustrating a process of cryptographic conversion.

FIG. 3 is a diagram showing a configuration of a 32-bit processor (106).

FIG. 4 is a diagram showing details of a calculation unit (302).

FIG. 5 is a diagram for explaining details of an encryption program A;

FIG. 6 is a diagram for explaining details of an encryption program A;

FIG. 7 is a diagram showing a flowchart of an encryption program A.

FIG. 8 is a diagram showing a flowchart of an encryption program A.

FIG. 9 is a diagram showing a bit pattern of an algorithm determination key B generated by executing a cryptographic program A;

FIG. 10 is a diagram showing a processing procedure of a cryptographic program generation function.

FIG. 11 is a diagram showing a configuration of an algorithm determination key B.

FIG. 12 is a diagram showing details regarding an operator determination part.

FIG. 13 is a view showing a specific example of an encryption program B;

FIG. 14 is a view showing a specific example of an encryption program B;

FIG. 15 is a diagram showing a specific example of an encryption program B.

FIG. 16 is a view for explaining a general flowchart of an encryption program B;

FIG. 17 is a view for explaining a general flowchart of an encryption program B;

FIG. 18 is a diagram for explaining a basic involution function.

[Explanation of symbols]

 103: encryption program B, 106: 32-bit processor, 107: algorithm determination key, 108: data key, 109: plaintext, 110: ciphertext, 112: system key B, 301: input buffer, 302: arithmetic unit, 304 ... Output buffer.

────────────────────────────────────────────────── ───

[Procedure amendment]

[Submission date] December 15, 1999 (1999.12.
15)

[Procedure amendment 1]

[Document name to be amended] Statement

[Correction target item name] Name of invention

[Correction method] Change

[Correction contents]

Patent application title: Encryption device and decryption device

[Procedure amendment 2]

[Document name to be amended] Statement

[Correction target item name] Claims

[Correction method] Change

[Correction contents]

[Claims]

[Procedure amendment 3]

[Document name to be amended] Statement

[Correction target item name] 0036

[Correction method] Change

[Correction contents]

The symbols in FIG. 5 and FIG.
It is defined as:

[Procedure amendment 4]

[Document name to be amended] Drawing

[Correction target item name] Fig. 1

[Correction method] Change

[Correction contents]

FIG.

 ──────────────────────────────────────────────────続 き Continuing from the front page (72) Inventor Tsutomu Nakamura 1099 Ozenji Temple, Aso-ku, Kawasaki City, Kanagawa Prefecture Inside System Development Laboratory Hitachi, Ltd. (72) Inventor Masahiro Yamashita 1 Horiyamashita, Hadano City, Kanagawa Japan (72) Inventor Kazuo Hashimoto 1099 Ozenji Temple, Aso-ku, Kawasaki-shi, Kanagawa Prefecture Hitachi, Ltd.System Development Laboratory Co., Ltd. (72) Inventor Hiroshi Matsumoto 3-10-22 Sakae, Naka-ku, Nagoya-shi, Aichi Prefecture Sun Ritsuchubu Software Co., Ltd.

Claims (8)

[Claims] An encryption processing method for encrypting data of a fixed length by combining a plurality of substitution processing and transposition processing for data disruption, the execution order of the substitution processing or transposition processing using key data, or A cryptographic processing method characterized by changing the number of processing repetitions. 2. An encryption processing method for encrypting data of a fixed length by combining a plurality of substitution processing and transposition processing for data disruption, wherein the same key data is repeated when the substitution processing and transposition processing are repeated a certain number of times or more. A cryptographic processing method characterized by being used. 3. The transposition process includes an operation of cyclically shifting the different numbers X and Y right or left by X bits and an operation of cyclically shifting Y bits right or left, 2. The cryptographic processing method according to claim 1, wherein the specific numerical values of X and Y, or an instruction as to whether to perform a cyclic shift to the right or left is given by key data. 4. The substitution process includes a right or left cyclic shift process, a modulo addition process, a modulo subtraction process, an exclusive OR process for each bit, a logical OR process for each bit, or
2. The encryption processing method according to claim 1, further comprising a logical product process for each bit, wherein an instruction on how to combine the processes to form the substitution process is given by key data. 5. In a one-way encryption system for unidirectionally encrypting data obtained by combining a plurality of substitution processing and transposition processing for data disturbance, the execution order or processing of the substitution processing or transposition processing using key data. A one-way encryption method characterized by changing the number of times of repetition. 6. In a one-way encryption method for unidirectionally encrypting data obtained by combining a plurality of substitution processing and transposition processing for data disruption, when the substitution processing and transposition processing are repeated a certain number of times, the same key data is used. A one-way encryption method characterized by repeated use. 7. An encryption processing device for encrypting message data for each predetermined bit using a plurality of key data, wherein a plurality of types of basic involution programs are executed in an execution order according to the first key data. A cryptographic process comprising: means for generating an encryption program by combining them; and means for converting the message data into cipher text by executing the encryption program using second key data. apparatus. 8. An encryption processing method for encrypting message data for each predetermined bit by using a plurality of key data, wherein a plurality of basic involution programs recorded in advance are stored in accordance with the first key data. By generating the cryptographic program by combining
A cryptographic processing method comprising: converting the message data into a cipher text by executing the cryptographic program using the key data.