MXPA01009243A - Method and apparatus for encryption, method and apparatus for decryption, and computer-readable medium storing program - Google Patents

Abstract

In order to encipher data while enciphering other data, a memory (55) is arranged in parallel to a feedback line (65) for feedback to a selector (54) from an enciphering module (51) using an encryption key (K). If an interrupt (IT) for processing plaintext block data (Ni) occurs during the processing of plaintext block data (Mi), the cryptogram block data (Ci) being in process when the interrupt (IT) occurs is stored in a register (56). When the processing of the plaintext block data Ni is completed, a selector (54) selects the cryptogram block data (Ci) stored in the memory (55), and the processing of plaintext block data (Mi+1) is started.

Description

ENCRYPTER, METHOD OF ENCRYPTING, DECRYPTING, METHOD OF DESCRIBING AND RECORDABLE MEANS OF RECORDING COMPUTER THAT HAS PROGRAM STORED IN THE SAME TECHNICAL FIELD The present invention relates to an encryption apparatus, a decryption apparatus, and an encryption / decryption method, in particular, to an invention that allows encrypting / decrypting another piece of data insofar as a certain encryption / decryption is encrypted. piece of data.

BACKGROUND The Fiqura 43 shows a block diagram of an encryptor that performs the encryption of the Encryption Block Mode (later referred to as the CBC mode). CBC mode encryption is performed as follows: first, the 64 bit unencrypted text block M_ data is entered per block unit; the input data is encrypted by an encryption module 51 using an encryption key K; the data Cj. of encrypted text block and data M_ +? of unencrypted text block, subsequent to the M data, an exclusive O operation is performed; and the result with exclusive 0 operation is supplied to the encryption module 51, for encryption using the encryption key K, as a next entry for the encryption process. Then, this process is repeatedly chained, and the complete, unencrypted text M data will be encrypted in the C data of encrypted text. Figure 44 shows a block diagram of a decryption apparatus performing decryption of the CBC mode. The decryption apparatus shown in Figure 44 is an apparatus for decrypting the encrypted text data encrypted by the encryption apparatus shown in Figure 43. The encrypted text c and c data c and c are entered into a description module 71 for the description using the encryption key K, an exclusive O operation is performed with an initial value IV, and decrypted in the text data of the unencrypted text block. When the encrypted text block data C2 is entered, the block data C2 is decrypted by the decryption module 71 using the encryption key K, an exclusive O operation is performed with the data Ci of the encrypted text block, which have been previously entered and stored in a register 111, and decrypted in the M2 data of the clear text block. Here, the register 111 can be provided within a selector 73. The CBC mode can be represented by the following expressions where the unencrypted text block data is i (i = l, 2, ... n), the data of encrypted text block C_ (i = 1, 2, ... n), the encryption process using the encryption key K is defined as Ek, and the decryption process using the encryption key K is defined as Dk.

Ci = Ek (i EXR IV) Ci = Ek (My EXR Ci-i) (i = 2,3, ... n) Mi = Dk (C_) EXR IV i = Dk (Ci) EXR IV Ci _? (I = 2.3, ... n) Here, EXR represents an exclusive O operation. IV represents an initial value that will be used for an initial step of the encryption and decryption process. The same initial value IV is used in both the encryptor and the decryptor. Figure 45 shows an encrypter that performs the encryption of the Output Feedback Mode (later, referred to as the OFB mode).

Figure 46 shows a decryptor performing the decryption of the OFB mode. Figure 47 shows an encrypter that encrypts the Encrypted Feedback Mode (later referred to as CFB mode). Figure 48 shows a decryptor performing the decryption according to the CFB mode. Here, the register 111 can be provided within the selector 73. Figure 49 is a block diagram showing a method for encrypting the M data of unencrypted text and the N data of unencrypted text using the CBC mode encryptor. Later in the present, a case will be explained in which the M data of unencrypted text including the data i of the unencrypted text block, the M2 data of the unencrypted text block, and the M3 data of the unencrypted text block and the N data of the unencrypted text including only the data Ni of the block of unencrypted text. When the encryption of the unencrypted text block data Mi is started, the encrypted text block data Ei is transferred and the encrypted text block data Ci is also used for the encryption process of the block data M2. unencrypted text In this way, the Ci data of the encrypted text block are fed back to the data encryption process M_ +? of the unencrypted text block, which performs a chained process. Accordingly, it is not possible to encrypt the data or the clear text block unless the encryption process of the unencrypted text block data Mi is terminated through the unencrypted text block M3 data. Figure 50 shows the encryption process of the CBC mode as well as Figure 49. In the case of Figure 50, it takes' time to prepare each of the data Mi of block of text unencrypted, the M2 data of block of text without encrypt and M3 data from block of text without encryption. Meanwhile, the encryption has been terminated before the next Mi + data is prepared? of block of text without encryption, that generates an inactive time (time between Tl to T2, T3 to T4). In this way, even if the idle time is generated, the chaining process has to be performed such that the data d of the encrypted text block must be fed back into the encryption process of the Mi + data? of block of text without encryption. Therefore, the process for the data of the unencrypted text block Ni can not be performed until the encryption process of the unencrypted text block M3 data is completed. Figure 51 shows a data confidentiality process and a data integrity assurance process. The M data of unencrypted text, for example, is encrypted in the C data of text encrypted by the OFB mode encryptor. A message authentication code (MAC) P is computed by the CBC mode encryptor, and is appended to the last bit of the encrypted text data C. In the case of the reception of the data that is encrypted and to which the MAC P is appended, as well as of the decryption of the C data of encrypted text in the M data of unencrypted text by the decryption of the OFB mode, the MAC P is computed from the C data of encrypted text by the CBC mode decryptor. It is possible to confirm the C data of unaltered cipher text by comparing the MAC P obtained with the MAC P transmitted and received. Figure 52 shows a procedure for the confidentiality process and the MAC computation process shown in Figure 51. The data from the unencrypted text block to the unencrypted text block M3 data is serially encrypted in the data Encrypted text block Ci to C3 data of encrypted text block.

Subsequently, the MAC P is computed by serially entering the encrypted text block data Ci to the encrypted text block data C3. The encryptor and decryptor of each mode shown in Figures 42 through 48 has a problem that is as follows: the data obtained by the process of encryption and decryption of the previous block data must be fed back and used to encrypt and decrypt the data of the next block; there is a problem because once the encryption process or the decryption process is started, another encryption process or other decryption process can not be started, unless the complete steps of the encryption process or the process are completed of decryption. Therefore, if the encryption / decryption process, which is previously initiated, requires a lot of time, the subsequent encryption / decryption process must wait a long time. Additionally, in the case of conducting the confidentiality process and the integrity assurance process, the integrity assurance process must be performed after the confidentiality process takes a long time to process.

It is an object of the preferred embodiment of the present invention to obtain an encryptor, a decryptor, an encryption method and a decryption method that can perform the encryption / decryption process of another piece of data as long as the encryption process is performed. encryption / decryption of a certain piece of data. Additionally, it is another object of the preferred embodiment of the present invention to perform the encryption / decryption of data having a greater plurality before other data. Additionally, it is another object of the preferred embodiment of the present invention to perform the confidentiality process and the integrity assurance process in parallel at a high speed.

DESCRIPTION OF THE INVENTION According to the present invention, an encryption apparatus that encrypts first processing data and second processing data, includes: a memory for storing the encryption process state, and the encryption apparatus initiates the encryption process of the second processing data before the process of encrypting the first processing data is completed, the encryption apparatus causes the memory to store the state of the encryption process of the first processing data when the encryption apparatus initiates the encryption process. encryption process of the second processing data, the encryption apparatus returns the state of the encryption process of the encryption apparatus to the status of the encryption process of the first processing data stored in the memory when the encryption apparatus restarts the encryption of the encryption device. the first processing data and the encryption device restarts the process of encrypting the first processing data. The encryption apparatus restarts the encryption process of the first processing data before the encryption process of the second processing data is finished, the memory stores the status of the encryption process of the second processing data when the apparatus of encryption restarts the encryption process of the first processing data, the encryption apparatus returns to the state of the encryption process of the encryption apparatus to the status of the encryption process of the second processing data stored in the memory when the encryption device resets the encryption process of the second processing data, and the encryption apparatus restarts the encryption process of the second processing data. The first processing data is the first unencrypted text data and the second processing data is second text data without encryption. The encryption apparatus initiates the process of encrypting the second processing data by means of an interruption. An encryption apparatus that encrypts the M data of unencrypted text including the data of the unencrypted text block Mi (i = 1, 2, 3, ...) and the data N of unencrypted text including the unencrypted text block data Nj (j = 1, 2, 3, ...), the encryption apparatus includes: a mechanism for receive a request to encrypt the data N of unencrypted text during the encryption process for the M data of unencrypted text; an encryption unit for encrypting the data of the unencrypted text block Mi to transfer the data C_ of the encrypted text block; a feedback circuit for feedback of the data Ci of the encrypted text block transferred from the encryption unit to the encryption unit through a feedback line; a memory, provided in parallel with the feedback loop of the feedback circuit, to receive a request to encrypt the data N of unencrypted text and store the data C_ of the encrypted text block fed back when the data M? +? block of unencrypted text are not encrypted subsequent to the M_ data of the unencrypted text block so that the encryption process of any of the data in the clear text block of the text data N is unencrypted; and a selector for selecting and supplying the unencrypted text block data C_supported from the feedback loop of the feedback circuit to the feedback circuit in case the scrambled text block Mi + i data is encrypted subsequent to the My text block data unencrypted and to select and supply the data Ci of block of encrypted text stored in the memory to the feedback circuit in case the data Mi + i of block of text without encryption are not encrypted subsequent to the Mi + i data of unencrypted text block and My + data? block of unencrypted text are encrypted after any of the unencrypted text block data of the unencrypted text data N are encrypted. The memory includes: plural records that correspond to plural pieces of unencrypted text data; and a switch for switching the plural registers corresponding to the unencrypted text data to be encrypted. according to the present invention, an encryption method includes the steps of: encrypting the unencrypted text block data Mi (i = 1, 2, 3, ...) of the first unencrypted text M data using the cipher text block data Ci (i = 1, 2, 3, ...) transferred from an encryption module; store the data C_ of the block of encrypted text to be used to encrypt the data M? +? unencrypted text block of the first M data of unencrypted text in a memory during or after the process of encrypting the data Mi of the text block unencrypted; encrypt at least the unencrypted text block data of the second unencrypted text data N after storing the encrypted text block data Ci to be used to encrypt the scrambled text block i + i data the memory; and encrypt the Mi + data? code block of the first unencrypted text data M when entering the data Ci of the block of encrypted text to be used for the unblocked text block Mi + i data stored in the memory and using the module of encryption after encrypting at least the unencrypted text block data of the second data N of unencrypted text. According to the present invention, an encryption apparatus that encrypts unencrypted text data that includes at least unencrypted text block data in encrypted text data using an encryption unit in general a message authentication code (MAC) to ensure the integrity of the encrypted text data, the encryption apparatus includes: an encryption unit, which has a first feedback circuit for feedback C_ data of encrypted text block transferred by the encryption unit to the encryption unit when the unencrypted text block data is encrypted by the encryption unit, to enter the text data without encryption, performing an encryption process by feeding back the C_ data of the encrypted text block through the first feedback loop, and transferring the encrypted text block data; a Message Authentication Code (MAC) generator, having a second feedback circuit for feedback to an intermediate, computed MAC result, for entering the encrypted text block data each time the encrypted text block data is transferred from the encryption unit, process the data, feed back the intermediate MAC result, computed, by the second feedback loop, in general the MAC to ensure the integrity of the encrypted text data. The encryption unit and the MAC generator alternately perform the encryption process and a MAC generation process by sharing an encryption module and a feedback loop, and the feedback circuit includes: a memory for respectively storing and transferring the results of the encryption process and the MAC generation process; and a selector to alternately select the results of the encryption process and the MAC generation process from the memory to alternately perform the encryption process. and the MAC generation process. In accordance with the present invention, an encryption method for encrypting unencrypted text data that includes at least unencrypted text block data in encrypted text data using an encryption unit and generating a message authentication code (MAC) to ensure the integrity of the encrypted text data, the encryption method includes: an encryption step, which includes a first feedback step for feedback of the encrypted text block data Ci transferred from the encryption unit when the decryption unit of the first processing data, the decryption apparatus causes the memory to store the state of the decryption process of the first processing data when the decryption process of the second processing data is initiated, and the decryption apparatus returns to the state from the decryption process of the decryption device to the state of the pr decryption process of the first processing data stored in the memory when the decryption process of the first processing data is restarted, and the decryption apparatus restarts the decryption process of the first processing data. The decryption apparatus restarts the decryption process of the first processing data before the decryption process of the second processing data is completed, the memory stores the decryption state of the second processing data when the processing process is restarted. decryption of the first processing data, the decryption apparatus returns the decryption state of the decryption apparatus to the decryption state of the second processing data stored in the memory when the decryption process of the second processing data is restarted, and the decryption apparatus restarts the decryption process of the second processing data. The first processing data is first encrypted text data, and the second processing data is second encrypted text data. The decryption apparatus initiates the process of decrypting the first block data of the second processing data by an interruption. According to the present invention, a decryption apparatus decrypts the encrypted text block data C_ (i = 1, 2, 3, ...) included in the encrypted text data C and the encrypted text block data D (j = 1, 2, 3, ...) included in the encrypted text data D, the decryption apparatus includes: a mechanism for receiving a request to decrypt the encrypted text data D in an arbitrary synchronization during a process of decryption of data C of encrypted text; a decryption unit for performing the decryption process of the Ci data of the encrypted text block for transferring the data of the text block unencrypted; a feedback loop for feedback of the Ci data of the encrypted text block to be used to decrypt the encrypted text block Ci + i data to the decryption unit through a feedback line; a memory, provided in parallel with the feedback loop of the feedback circuit, to receive the request to decrypt the encrypted text data D and store the ciphered text block data Ci when the Ci + data is not decrypted? of encrypted text block subsequent to the Ci data of the encrypted text block, so that the decryption process of any of the encrypted text block data of the encrypted text data D is initiated; and a selector for selecting and supplying the data Ci of the ciphered text block fed back from the feedback line of the feedback circuit in the event that the data Ci + i of the encrypted text block is decrypted subsequent to the data Ci of the text block encryption, and to select and supply the Ci data of encrypted text block stored in the memory in case the Ci + data is not decrypted? of subsequent encrypted text block to Ci data of encrypted text block and Ci + data? of encrypted text block are decrypted after any of the encrypted text block data of the encrypted text data D is decrypted. The memory includes: plural records that correspond to plural pieces of encrypted text data; and a switch that switches registers corresponding to the encrypted text data to be decrypted. According to the present invention, a decryption method includes the steps of: decrypting the encrypted text block data Ci (i = 1, 2, 3, ...) of the first C data of ciphertext using a module of decryption; storing the encrypted text block data C_ to be used to decrypt the encrypted text block data Ci + i in a memory during or after decrypting the encrypted text block data Ci; decrypting at least the encrypted text block data of the second encrypted text data D after storing the encrypted text block data Ci to be used to decrypt the data C_ +? of encrypted text block; and entering the encrypted text block data C to be used to decrypt the Ci + i data of the encrypted text block stored in the memory after decrypting at least the encrypted text block data of the encrypted text data D and decrypt the Ci + data? of encrypted text block of the first C data of encrypted text using the decryption module. According to the present invention, a decryption apparatus decrypts the encrypted text data including at least the text block data encrypted in clear text data, and generates a message authentication code (MAC) to ensure an integrity of the encrypted text data, the decryption apparatus includes: a decryption unit, which includes a first feedback circuit for feedback of the module output block data Ti generated in the decryption data by a decryption module, to introduce the encrypted text block data, decrypting the encrypted text block data using the module output block Tx data fed back through the first feedback loop and transferring the text block data unencrypted; a MAC generator, which includes a second feedback circuit to feed a MAC result, intermediate, computed, to input the encrypted text block data identical to the encrypted text block data input to the decryption unit, process the data, transfer the intermediate MAC result, computed, feed back the intermediate MAC result, computed through the second feedback circuit, and generate the MAC to ensure the integrity of the encrypted text data. The decryption unit and the MAC generator share a decryption module and a feedback loop and alternately perform a decryption process and a MAC generation process, and the feedback circuit includes: a memory that stores and transfers the results of the decryption process and the MAC generation process; and a selector for alternately selecting the results of the decryption process and the MAC generation process for the transfer to the decryption module to alternately perform the decryption process and the MAC generation process. According to the present invention, a decryption method that decrypts the encrypted text data that includes at least text block data in encrypted text data and generate a message authentication code (MAC) to ensure the integrity of the text. the encrypted text data, the decryption method includes: a decryption step including a first feedback step for feedback of the module output block Tx data generated in the decryption data by a decryption module, entering the data of encrypted text block, decrypting the encrypted text block data using the module output block data Ti fed back through the first feedback loop and transferring the text block data unencrypted; a MAC generation step including a second feedback step for feedback to an intermediate, computed MAC result, entering encrypted text block data identical to the encrypted text block data entered into the decryption unit, processing the data, entering the intermediate MAC result, computed, feedback the intermediate MAC result, computed by the second feedback circuit, and generate the MAC to ensure the integrity of the encrypted text data. In accordance with the present invention, an encryption apparatus that encrypts the M data of unencrypted text that includes the data i (i = 1, 2, 3, ...) of the unencrypted text block and the text N data unencrypted, including the data Nj (j = 1, 2, 3, ...) of the unencrypted text block, the encryption apparatus includes: a mechanism for receiving a request to encrypt the data N of unencrypted text during the process of encrypting the data M of unencrypted text before the end of the process of encryption of the data M of unencrypted text; an encryption module for transferring encrypted data as data of module output block Ti; a feedback circuit for feedback of the module output block data Ti transferred from the encryption module to the encryption module via a feedback line; a memory, provided in parallel with the feedback loop of the feedback circuit, to receive the request to encrypt the data N of unencrypted text, and store the data Ti of the output block of the feedback module when the data Mi + _ of the block unencrypted text files are not encrypted subsequent to the data of the unencrypted text block so that an encryption process of any unencrypted text block data of the unencrypted text data N is initiated; and a selector for selecting and supplying the feedback module output block data Ti through the feedback loop of the feedback circuit to the feedback circuit in case the unencrypted text block Mi + i data is subsequently encrypted. to the data Mi of the clear text block, and to select and supply the data T_ of the module output block stored to the memory to the feedback circuit in case the Mi + i data of the unencrypted text block is not encrypt subsequent to My data of unencrypted text block and My + data? block of unencrypted text are encrypted after any of the unencrypted text block data of the unencrypted text data N are encrypted. The memory includes: plural records that correspond to plural pieces of unencrypted text data; and a switch that switches the registers corresponding to the unencrypted text data to be encrypted. According to the present invention, an encryption method includes the steps of: encrypting data Mi (i = 1, 2, 3, ...) of unencrypted text block of first M data of unencrypted text using Ti data (i = 1, 2, 3, ...) of the module output block transferred from an encryption module; store the Ti data of the module output block to be used to encrypt the M_ + data? of unencrypted text block of the first M data of unencrypted text during or after encryption of the data Mi of the text block unencrypted; encrypt at least data of unencrypted text block of second data N of unencrypted text after storage of the data Ti of the module output block to be used to encrypt the data of the text block Mi + i unencrypted; and enter the Ti data of the module output block to be used to encrypt the M1 + data? block of text blocks stored in the memory after encrypting at least data of the unencrypted text block of the second data N of unencrypted text and encrypting the data of the text block of the first unencrypted text M data without encrypt using the encryption module. According to the present invention, an encryption apparatus that encrypts unencrypted text data that includes at least unencrypted text block data and generates a message authentication code (MAC) to ensure the integrity of the encrypted text data. , the encryption apparatus includes: an encryption unit, having a first feedback circuit for feedback of the data Ti from the module output block transferred from the encryption module to the encryption module when the data of the text block is not encrypted. encrypt by the encryption unit, to enter the text data without encryption, carry out the encryption process by feedback the T data from the module output block through the first feedback circuit and transfer the data of encrypted text block; a MAC generator that has a second feedback loop to feed back an intermediate MAC result, computed, to enter the encrypted text block data wherever the encrypted text block data is transferred from the encryption unit, process the data, feed back the intermediate MAC result, computed through the second feedback loop and generate the MAC to ensure the integrity of the encrypted text data. The encryption unit and the MAC generator share an encryption module and a feedback circuit to alternately perform the encryption process and a MAC generation process, and the feedback circuit includes: a memory for storing and transferring respectively the results of the encryption process and the MAC generation process; and a selector to alternately select the results of the encryption process and the MAC generation process from the memory to alternately perform the encryption process and the MAC generation process. According to the present invention, an encryption method for encrypting unencrypted text data which includes at least unencrypted text block data in encrypted text data using an encryption unit and generating a message authentication code (MAC). to ensure the integrity of the encrypted text data, it includes: An encryption step, which has a first feedback step to feedback Ti data from the module output block transferred from an encryption module when the text block data is encrypted unencrypted, to enter the text block data without encryption, performing an encryption process by feedback the data Ti from the module output block through a first feedback circuit and transfer the data from the encrypted text block; and a MAC generation step, which has a second feedback step to feed back an intermediate, computed MAC result to enter the encrypted text block data whenever the encrypted text block data is transferred from the pass of encryption, process the data, feed back the intermediate MAC result, computed through the second feedback step, and generate the MAC to ensure the integrity of the encrypted text data. According to the present invention, a decryption apparatus decrypts C data of encrypted text that includes data Ci (i = 1, 2, 3, ...) of encrypted text block and D data of encrypted text including data Dj (j = 1, 2, 3, ...) of encrypted text block, the decryption apparatus includes: a mechanism for receiving a request to decrypt the data D of encrypted text during a decryption process of the data C of encrypted text; a decryption module for transferring decrypted data as data Ti from module output block; a feedback circuit for feedback of the module output block data Ti transferred from the decryption module to the decryption module through a feedback line; a memory, provided in parallel with the feedback loop of the feedback circuit, to receive a request to decrypt the encrypted text data D and store the feedback module output block data Ti in case the data Ci + i of the encrypted text block is not decrypted subsequent to the data Ci of the encrypted text block, so that the decryption process of any of the data of the encrypted text block of the data D of the encrypted text is initiated; and a selector for selecting and supplying the data Ti of the feedback module output block via the feedback loop of the feedback circuit to the feedback circuit in the event that the C + i data of the encrypted text block is decrypted subsequent to the C_ data of the encrypted text block, and for selecting and supplying the data T_ of the module output block stored in the memory to supply the feedback circuit in case the data Ci +? of the encrypted text block are not decrypted subsequent to the Cx data of the encrypted text block and the data C1 +? of the encrypted text block are decrypted after any of the encrypted text block data of the encrypted text data D is decrypted. 'The memory includes: plural records that correspond to plural data of encrypted text; and a switch for switching-the plural registers corresponding to the encrypted text data to be decrypted. According to the present invention, a decryption method includes the steps of: decrypting the data Ci (i = 1, 2, 3, ...) of the encrypted text block of the first C data of encrypted text using the data T_ (i = 1, 2, 3, ...) of the module output block transferred from a decryption module; store the module output block Ti data that will be used to decrypt the C_ + data? of the encrypted text block of the first C data of encrypted text in a memory during or after a decryption process of the data C_ of the encrypted text block; decrypt at least the encrypted text block data of the second encrypted text data D after storing the module output block Ti data to be used to decrypt the data C_ +? of the encrypted text block in the memory; and decrypt the C1 + data? of encrypted text block of the first C data of encrypted text using the decryption module when entering the module output block Tx data to be used for the ciphered text block data Ci + i stored in the memory after of decrypting at least the encrypted text block data of the second data D of encrypted text. According to the present invention, a decryption apparatus decrypts encrypted text data that includes at least text block data encrypted in encrypted text data using a decryption module and generating a message authentication code (MAC) to ensure the integrity of the encrypted text data, the decryption apparatus includes: a decryption unit, which has a first feedback circuit for feedback Ci data from the encrypted text block transferred from the decryption unit to the decryption unit when the data of encrypted text block are decrypted by the decryption unit, to enter the encrypted text data, performing a decryption process when feedback the module output block data Ti through the first feedback circuit, and transfer the data from encrypted text block; a message authentication code (MAC) generator having a second feedback circuit for feedback to an intermediate, computed MAC result to input the encrypted text block data identical to the encrypted text block data input to the unit of decryption, processing the data, feeding back the intermediate MAC result, computed through the second feedback loop, and generating the MAC to ensure the integrity of the encrypted text data. The decryption unit and the MAC generator share a decryption module and a feedback circuit to alternately perform the decryption process and a MAC generation process, and the feedback circuit includes: a memory for respectively storing and transferring the results of the decryption process and the MAC generation process; and a selector to alternately select the results of the decryption process and the MAC generation process of the memory to alternately perform the decryption process and the MAC generation process. According to the present invention, a decryption method for decrypting the encrypted text data including at least data of encrypted text block in text data without encryption using a decryption unit and generating a message authentication code (MAC) for To ensure the integrity of the encrypted text data, the decryption method includes: a decryption step, which has a first feedback step to feed back the C_ data of the encrypted text block, to enter the ciphertext block data, perform a decryption process of the C_ data of the encrypted text block fed back through the first feedback loop and transfer the text block data without encryption; and a MAC generation step, which has a second feedback step to feed back an intermediate, computed MAC result, to input the encrypted text block data identical to the encrypted text block data input to the decryption step, to process data to transfer the intermediate MAC result, computed, feed back the intermediate MAC result, computed through the second feedback step and generate the MAC to ensure the integrity of the encrypted text data. The encryption process is done using an algorithm deciphered in block. The encryption process is done using the block decryption algorithm. The memory stores an intermediate encryption result of the first processing data and an encryption key to be used to encrypt the first processing data as the status of the encryption process. The memory stores an intermediate decryption result of the second processing data and an encryption key that is to be used to decrypt the second processing data as the state of the decryption process.

According to the present invention, an encryption apparatus includes: an encryption unit for entering data for encrypting and transferring encrypted data; and a message authentication code (MAC) generator for inputting the encrypted data transferred from the encryption unit and generating a MAC to ensure an integrity of the encryption data, and the MAC generator initiates the generation of MAC before the end of the encryption of the data by the encryption unit. According to the present invention, a decryption apparatus includes: a decryption unit for entering data to decrypt and to transfer decrypted data; and a message authentication code (MAC) generator for entering the decrypted data transferred from the decryption unit and generating a MAC to ensure the integrity of the encrypted data, and the MAC generator initiates generation of the MAC before the end of the decryption of the data by the decryption unit.

According to the present invention, an encryption method includes: an encryption step for entering data for encrypting and for transferring encrypted data; and a MAC generation step to input the encrypted data transferred from the encryption step and generate a MAC to ensure the integrity of the encrypted data, and the MAC generation step initiates MAC generation before the end of the encryption of the encrypted data. the data by the encryption step. According to the present invention, a decryption method comprising: a decryption step for entering data to be decrypted and for transferring the decrypted data; and a MAC generation step to enter the decrypted data transferred from the decryption step and generate a MAC to ensure the integrity of the encrypted steps, and the MAC generation step initiates MAC generation before the end of the decryption of the data by the decryption step. The present invention provides a program for making a computer execute the encryption apparatus process and the steps for the encryption method. Additionally, the invention provides a computer-readable storage medium that stores the program. The present invention provides a program for causing a computer to execute processes of the encryption apparatus and the steps for the decryption method. Additionally, the invention provides a computer-readable storage medium that stores the program.

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 shows a CBC mode encryptor according to the first modality. Figure 2 shows an operation procedure of the CBC mode encryptor. Figure 3 is a flow diagram showing an operation of the CBC mode encryptor. Figure 4 is a flowchart showing an operation of a selector 54. Figure 5 is a flowchart showing an interruption process of a switch 57. Figure 6 shows another example of a memory 55.

Figure 7 is a flowchart showing a process of interrupting the memory 55. - • Figure 8 shows another example of the memory 55. Figure 9 shows a priority processing. Figure 10 shows another priority processing. Figure 11 shows another priority processing. Figure 12 shows a case in which the memory 55 is provided in parallel with a feedback line 66. Figure 13 shows an operation procedure of the encryptor of Figure 12. Figure 14 shows a case in which the memory 55 is provided in parallel with a feedback line 67. Figure 15 shows an operation procedure of the encrypting device of Figure 14. Figure 16 shows an encrypting device of the OFB mode. Figure 17 shows an operation procedure of the encryptor of Figure 16. Figure 18 shows a mode 42 encryptor encryption and a MAC generator 200. Figure 31 shows a flowchart of a scrambler having an encryption unit 100 and a MAC generator 200. Figure 32 shows an encrypter in which an encryption unit 100 and a MAC generator 200 are joined as a unit. Figure 33 shows an encryption operation procedure in which an encryption unit 100 and a MAC generator 200 are joined as a unit. Figure 34 shows a decryptor having a decryption unit 300 and a MAC generator 400. Figure 35 shows a decryptor in which a decryption unit 300 and a MAC generator 400 are joined as a unit. Figure 36 shows a decryptor operation procedure in which a decryption unit 300 and a MAC generator 400 are joined as a unit. Figure 37 shows an encrypter that has 43 it has a decryption unit 300 and a MAC generator 400. Figure 39 shows a model configuration of an encryption module 51 using an encryption key K. Figure 40 shows an example of implementation of a physical equipment of a encryptor and a decryptor. Figure 41 shows an example of implementation of a physical computer of a • encryptor and a decryptor. Figure 42 shows a case in which an encrypted program 47 is called by an application program 46. Figure 43 shows a conventional CBC mode encryptor. Figure 44 shows a conventional CBC mode decryptor. Figure 45 shows a conventional encryptor of the OFB mode. Figure 46 shows a conventional decryptor of the OFB mode. Figure 47 shows a conventional CFB mode encryptor. Figure 48 shows a conventional CFB mode decryptor. Figure 49 shows a conventional encryption procedure. Figure 50 shows a conventional encryption method. Figure 51 explains a confidentiality process and an integrity assurance process. Figure 52 shows an operation procedure of a conventional confidentiality process and a conventional integrity assurance process.

BEST MODE FOR CARRYING OUT THE INVENTION Modality 1. Figure 1 shows a CBC mode encryptor according to the present modality. The encryptor of the present embodiment is configured by a selector 54, an exclusive OR operation circuit 58 (XOR), an encryption module 51 using an encryption key K, and a memory 55. An encryption unit 52 that includes the exclusive OR operation circuit 58 and the encryption module 51 using the encryption key K. The selector 54 and the encryption module 51 using 45 the encryption key K forms a feedback loop with lines 65, 66 and 67 of feedback. The encrypted text block data Ci encrypted by the encryption module 51 using the encryption key K is input to the exclusive 0 operation circuit 58 again through the feedback circuit, and the module input data Si is generated in circuit 58 of exclusive 0 operation. Then, the input data of generated modules are supplied to the encryption module 51 using the encryption key K. The memory 55 is provided in parallel with the feedback line 65. The memory 55 includes a register 56 and a switch 57. The switch 57 switches the input to the register 56 or ignores an output or transfer of the encryption module 51 using the encryption key K. This switching is performed for example by an IT interrupt. When the IT interrupt is generated, the switch 57 is connected to E, and when the interruption is resolved, the switch 57 is connected to F. The register 56 inputs and stores the ciphered text block data Ci supplied through E. The encrypted text block data Ci is transferred to the selector 54. The selector 54 is provided with three inputs A, B and C and selects a 46 of three. This selection is dependent on the IT interrupt. Figure 2 shows an operating procedure of the encrypter shown in Figure 1. Figure 3 is a flow diagram showing an operation of the encryptor shown in Figure 1. The input of the selector 54 is set to A when the electrical power is it supplies the encryptor, and the switch 57 is connected to E. Additionally, when the encrypted text N data is requested to be encrypted, an IT interrupt is generated. The interrupt IT keeps ON unless the request to encrypt the data N of clear text is resolved. Additionally, the unencrypted text M data is encrypted using the key Ki, and the unencrypted text data N is encrypted using the key K2. When the interruption in IT is generated or the IT interrupt is resolved, the key Kx or the key K2 is again supplied to the encryption module. At the time of TO, the key Ki is supplied, and the process of encrypting the data Mi of clear text, starts. When the process of encrypting the data and clear text is initiated at the time of TO, the input of the selector 54 47 it is switched to B after the initial value IT is entered once from the input A of the selector 54. Additionally, at the time of X during which the data Mi of clear text is being encrypted using the key Ki, it is assumed that an IT interrupt is generated to ask to encrypt the data or block of text without encrypting. The Ci data of the clear text block becomes stored in the memory 55 for the time of Tl. Then, at the time of Tl, the key K2 is supplied to the encryption module 51 due to the generation of the IT interrupt. Additionally, selector 54 adjusts input A at time Tl. The switch 57 is connected to F at the time of Tl. After the time of Tl, the data Ni of the clear text block is encrypted using the key K2 and the data Di of the encrypted text block is transferred. At the time of Y, it is assumed that the encryption of the data Ni of the unencrypted text block is terminated, and the IT interrupt is resolved. Due to the resolution of the IT interrupt, at the time of T2, the key Ki is supplied to the encryption module 51, the input of the selector 54 is switched to C and the switch 57 is connected to E. When switching the selector 54 to C, the Ci data of the encrypted text block stored in the memory 55 are entered for encrypting the M2 data of the clear text block, the unencrypted text block M2 data is encrypted by the encryption module using the key Ki, and the C2 data of the encrypted text block is transferred. Before the time of T3, the input of the selector 54 is switched to B. In the case of the encryption of data M3 of the clear text block, the data C2 of the encrypted text block is fed back from a feedback line 65 of a feedback circuit and are entered, the unencrypted text block M3 data is encrypted by the encryption module using the key Ki, and the C3 data is transferred from the encrypted text block. When the same keys are used to encrypt the M data of unencrypted text and the N data of unencrypted text (Ki = K2), it is sufficient to supply the key only once at the time of initiation in the encryption process. A complete operation will be explained with reference to the flow chart of Figure 3. In step SI, the process of encrypting the M data of unencrypted text is started and continued. When the end block data is processed, the encryption process ends. In step S2, a 49 IT interrupt generated at an arbitrary synchronization. When the IT interrupt is generated while processing the data M_ of the clear text block, in step S3, the CS data of the encrypted text block being processed is stored in the register 56 of the memory 55. In step S4, the process of encrypting the N data of unencrypted text, which is requested to be encrypted by the IT interrupt, is performed. This encryption process of step S4 is performed continuously until the IT interrupt is released as shown in step S5. When the IT interrupt is released, in step S6, the Mi data of the clear text block is encrypted using the Ci data of the encrypted text block stored in the register 56 of the memory 55. Then, the process returns to step YES. , and will continue the encryption step. Figure 4 shows an operation of the selector 54. When the electric power is turned ON, the input is set to A as shown in step Sil. When the encryption process starts in step S12, the input is set to B in step S13. Specifically, the Cx data of the encrypted text block fed back from line 65 of 50 Feedback from the feedback loop, are used. In step S14, if it is detected that the block data being processed is the final data, the process returns to step Sil in which the state is the same since the electrical power is ON. In step S15, if it is detected that the IT interrupt is generated, the input is set to A in step Sld, and if the encryption process is initiated, the input is set to B in step S18. Until the IT interrupt is resolved, the input is maintained at B. That is to say, the data Ci of the feedback-encrypted text block is used from the feedback line 65 of the feedback circuit. In step S19, if it is detected that the IT interrupt is resolved, the input is set to C in step S20. By adjusting the input to C, the encrypted text block data Ci stored in the memory 55 is entered. When the encryption process uses the input from C, the process returns to step S13 and the input is set to B. As described above, the selector 54 can be switched based on the generation of the IT interrupt. The process of encrypting the M data of unencrypted text can also be initiated at a time 51 arbitrary based on the generation of the IT interrupt. Figure 5 is a flow diagram showing the processing of the interrupt by the switch 57. When the electric power is turned ON and in the case of the encryption process of the first unencrypted text subsequently, the switch 57 is connected to E. When the IT interrupt is generated in step S31, the switch 57 is switched to F. Then, in step S33, it is detected that the IT interrupt is resolved, the switch 57 is switched from FAE. In this way, the switch 57 ignores the data C_ of the encrypted text block from generation to resolution of the interruption. Accordingly, the register 56 of the memory 55 stops the data Ci from the block of encrypted text, which were generated at the time of generation of the IT interrupt. As described above, the operations of the encrypter illustrated in Figures 1 through 5 show the processing mechanism of the interrupts that the request receives to encrypt the data N of unencrypted text before the end of the encryption of the text M data without encrypt in the encryptor to encrypt the data i (i = 1, 2, 52 3, ...) of the unencrypted text block included in the data M of the unencrypted text and the data Mj (j = 1, 2, 3, ...) of the text block unencrypted included in the data N of unencrypted text Additionally, the encryptor shown in Figures 1 through 5 includes the encryption module 51 for encrypting the data of the unencrypted text block Mi and transferring the data Ci of the encrypted text block, the feedback circuit 65 and 66 for feeding the data. Ci of block of encrypted text transferred from the encryption module 51 back to the encryption unit 52 via the feedback line 65, and 'the memory 55, provided in parallel with the feedback line 65 of the feedback circuit, to receive the request for encryption of the data N of unencrypted text by the interruption, and store the data Ci of text block encrypted feedback if the data Mi +? of unencrypted text block are not encrypted subsequent to the data of the unencrypted text block at the start of the encryption process of any of the data N of the unencrypted text block. Additionally, the encrypter shown in Figures 1 through 5 includes selector 54 for 53 selecting the data Ci from the block of encrypted text, fed back by the feedback line 65 of the feedback circuit and supplying the data Ci of the text block ciphered through the feedback circuit when the data M_ +? of the clear text block are encrypted subsequent to the data of the text block My unencrypted and to select the data Ci of the block of encrypted text stored in the memory 55 and supplying the encryption unit 52 through the feedback circuit when My data? of unencrypted text blocks are not encrypted subsequent to the data My block of text unencrypted, and any piece of data N of unencrypted text. The memory 55 stores the state of the encryptor in the event that the IT interrupt is generated. By storing the state of the encryption process, it becomes possible to return the original state of the encryption to a certain piece of data even if the encryption to another piece of data is done when the certain piece of data is encrypted. Specifically, by using the data stored in the memory, the state of the encryptor can return to the state that is completely identical to the state at the time when the encryption is interrupted, which allows the interrupted encryption process. Figure 6 shows another example of configuration of memory 55. Memory 55 includes an interrupt control unit 52, an input switch 96, an output switch 97 and plural registers (REG 1, 2, 3). By providing plural records in this way, it becomes possible to receive plural interruptions. Figure 7 shows the processing of the interrupt performed by the memory 55. When the IT interrupt is generated, in step S41, the number k, which is the number of the record k that is currently being used, is stored. In step S42, the input switch 96 and the output switch 97 are connected to register 1, which is one of the registers except the register k. In this state, the process of encrypting the N data of unencrypted text is performed. Additionally, it is observed if another interruption is generated during which the N data of unencrypted text is encrypted. When another IT interrupt is detected that is generated in step S43, step S40, which is the process for processing the interrupt, is called again. In this way, if the IT interrupt is generated, it is recursively called 55 Step S40. Consequently, plural hierarchical processes can be performed to process the interruption. In step S44, it is verified whether the interruption is resolved. If the interruption is resolved, the input switch 96 and the output switch 97 are switched to the register k using the number k stored in the memory. In the case of Figure 6, the memory 55 includes three registers, so that 3-layer hierarchical processes can be performed to process the interrupt. Figure 8 shows another example of configuration of the memory 55. The memory 55 includes a stack 64. The stack 64 is a first-in, last-out (FILO) record. When the IT interrupt is generated during which a stack 1 is used, the data stored in stack 1 is transferred to a stack 2, and the data is subsequently stacked in stack 1. When the IT interrupt is resolved, the data stacked in stack 1 they are transferred, and the data stored in stack 2 is returned to stack 1. Figure 8 shows a case in which four-layer hierarchical processes can be performed for processing the interrupt. As shown in Figure 6, when it is 56 possible to perform plural hierarchical processes to process the interruption, a priority can be assigned to each of the interruptions. For example, a priority is assigned to interrupt 1 IT1, and a priority 2, which means a lower priority than priority 1, is assigned to interrupt IT2. By assigning priority in this way, it is possible to postpone the process for priority 2 when the interrupt IT1 that has priority 1 is generated. Figure 9 shows a case in which the encryption process having priority 1 is done before of the encryption process that has priority 2. In this case, the encryption process that has priority 1 ends first. Figure 10 shows a case in which both encryption processes have the same priorities. When the priorities are the same, each of the unencrypted text block data of both encryption processes is encrypted alternately. Figure 11 shows a case in which data that has priority 1 and data that has priority 2 is encrypted. By assigning priority to each interruption 57 As shown in Figures 9 through 11, it is possible to perform the encryption process that is desirable for the user. In the case of processing data in an urgent manner or data with a short length, effective processing can be performed by assigning a higher priority to this data. Figure 12 shows a case in which the memory 55 is placed in parallel with the feedback line 66. The exclusive OR operation circuit 58 and the encryption module 51 using the encryption key K constitutes the encryption unit 52. Figure 13 shows an operation processing of the encryptor of Figure 12. When the following connections are selected by the first selector 61 and the second selector 62, which allows these selectors to operate in the same manner as the selector 54 of Figure 1 The first selector 61 + the second selector 62 = selector 54.

A + D = A B + D = B A + C = C B + C = C 58 In Figure 13, when the second selector 62 is selected D, the selection (A or B) of the first selector 61 becomes effective and when the second selector 62 selects C, the contents of the memory 55 are transferred. Specifically, the second selector 62 should select C if the contents of the memory 55 are to be used (when the encryption process is returned from the data N of clear text to the data M of clear text due to the resolution of the IT interrupt ). Figure 14 shows a case in which the memory 55 is placed in parallel with the feedback line 67. Figure 15 shows an operation processing of the encrypter of Figure 14. If the time X when the IT interrupt is generated is before the exclusive OR operation by the exclusive OR operation circuit 58, the memory 55 stores the S data. module input to which the exclusive OR operation has been performed by the exclusive OR operation circuit 58. Then, the data from the unencrypted text block is encrypted. Subsequently, the second selector 62 is made to select and enter the 59 data Si of module input to the encryption module 51 using the encryption key K, and decrypts them to transfer the Ci data of the encrypted text block. As shown in Figures 1, 12 and 14, the memory 55 can be placed in parallel with any feedback line 65, the feedback line 66 and the feedback line 67. The memory 55 stores the state which is only before the encrypter initiates the encryption of another piece of data during the encryption of a certain piece of data. The memory 55 can be placed anywhere while the encryptor can return to the original state using the data stored in the memory 55 when the encrypter terminates the encryption of the other data. Additionally, memory 55 may be provided in plural locations. As described above, the encryptor according to the present embodiment performs the process of encrypting the first processing data (unencrypted texts M) including at least the data of the Mi block (i = 1, 2, 3, ... m) and the second processing data (unencrypted text N) including at least the block data Nj (j = 1, 2, 60 3, ... n) and the encryptor includes the memory 55 for storing the state of the encryption process. The encryptor initiates the encryption of the first block data of the second processing data before encrypting all block data (M? -Mm) of the first processing data. And at the time when the encryptor initiates the encryption of the first data Ni of the block of the second processing data, the status of the encryption of the first processing data (for example, Ci data of the encrypted text block) is stored in the memory 55. When the encrypter performs the encryption of the first processing data, the encryption status of the encryptor is returned to the stored state of the encryption of the first processing data, and then the encryptor restarts the encryption processing of the encryption. the first processing data. Additionally, the encrypter restarts the encryption of the first processing data before terminating the encryption of the data of all the blocks (N? -Nn) of the second processing data and simultaneously the memory 55 stores the status of the encryption of the data. second processing data (for example, the data in Dj of block 61 encrypted text) when the encrypter restarts the encryption of the first processing data. When the encrypter restarts the encryption of the second processing data, the encryption status of the encryptor is returned to the stored state of the encryption of the second processing data., and the encrypter restarts the encryption of the second processing data. Figure 16 shows a configuration of the OFB mode encryptor. The figure is characterized by additionally including the memory 55. The memory 55 stores the module output data Ti supplied from the encryption module 51. Figure 16 shows a scrambler to encrypt the data Mi (i = 1, 2, 3, ...) of the unencrypted text block included in the M data of unencrypted text and the data Nj (j = 1, 2, 3, ...) of the unencrypted text block included in the data N of the unencrypted text. The encryptor includes an interrupt processing mechanism that receives the request to encrypt the data N of unencrypted text during the encryption of the M data of unencrypted text before the end of the encryption of the M data of the unencrypted text and the encryption module 51 for 62 transfer the encrypted data as the module output block Tx data. The encryptor further includes the feedback circuits 65 and 66 for feedback of data T from the module output block supplied from the encryption module 51 to the encryption module via the feedback line 65 and the memory 55 provided in parallel with the line 65 of the feedback loop and to receive a request to encrypt the data N of unencrypted text and store the data Ti of the module output block with feedback when the data M1 +? per block of unencrypted text are not encrypted subsequent to the My data of the unencrypted text block because the encrypter initiates the encryption of any of the unencrypted text block data of the unencrypted text N data. Still further, the encryptor includes the selector 54 which selects the module output block data Ti fed back by the feedback line 65 of the feedback circuit to supply the encryption module 51 through the feedback circuit when the data Mi and the block of unencrypted text are encrypted subsequent to the My data of the clear text block and select the 63 data Ti of the module output block stored in the memory 55 for supplying the encryption module 51 through the feedback circuit when the data M_ +? of the unencrypted text block are not encrypted subsequent to the My data of the unencrypted text block but after any of the unencrypted text block data of the unencrypted text N data. Figure 17 explains the OFB mode encryptor shown in Figure 16. In Figure 17, the CBC mode operation of Figure 2 is changed to the OFB mode operation, and the other operations are the same as those in Figure 2. Figure 18 shows a mode encryptor CFB. In comparison with Figure 47, the encrypter of Figure 18 further includes the memory 55. The memory 55 stores the C data of the encrypted text block transferred from the circuit 58 of operation OR exclusive. Additionally, an encryption unit 52 is configured by the exclusive OR operation circuit 58 and the encryption module 51 using the encryption key K. 64 Figure 18 shows a scrambler to encrypt the data Mi (i = 1, 2, 3, ...) of the clear text block included in the data M of the unencrypted text and the data N-, (j = 1, 2, 3, ...) of clear text block included in the data N of clear text. The encryptor includes an interrupt processing mechanism that receives the request to encrypt the data N of unencrypted text during the encryption of the M data of unencrypted text before the end of the encryption of the M data of the unencrypted text and the encryption unit 52 for encrypting the Mi data of the unencrypted text block and transferring the Ci data from the unencrypted text block. The encrypter further includes the feedback circuits 65 and 66 for feedback of the data Ti from the module output block supplied from the encryption module 51 to the encryption module via the feedback line 65, and the memory 55 provided in parallel with the feedback line 65 of the feedback circuit, to receive a request to encrypt the data N of unencrypted text and store the data T_ of the output block of the feedback module when the data Mi +? of the text block without encryption are not encrypted subsequent to the data Mi of the text block without 65 encrypt because the encrypter initiates certain unencrypted text block data from the unencrypted text N data. Still further, the encrypter includes the selector 54 which selects the data Ti from the module output block fed back by the feedback line 65 of the feedback circuit for supplying the encryption module 51 through the feedback circuit when the data Mi of the unencrypted text block is encrypted subsequent to the My data from the unencrypted text block, and selects the data Ti from the module output block stored in the memory 55 for supplying the encryption module 51 through the feedback circuit when the data M_ +? of the unencrypted text block are not encrypted subsequent to the M_ data of the unencrypted text block but after certain unencrypted text block data of the unencrypted text N data. Figure 19 explains the OFB mode encrypter shown in Figure 18. In Figure 19, the operation of the CBC mode of Figure 2 changes to the operation of the OFB mode, and the other operations are the same as Figure 2. Figure 20 shows a CBC mode decryptor. 66 In comparison with Figure 44, the decryptor of Figure 20 further includes memory 7. The memory 75 includes a register 76 and a switch 77. Additionally, a decryption unit 72 is configured by a unique operation OR circuit 78 and a decryption module 71 using the key K. A register 111 can be provided within a selector 74. The decryptor shown in Figure 20, which decrypts the data Ci (i = 1, 2, 3, ...) of the encrypted text block included in the C data of encrypted text and the data Nj (j = 1, 2, 3, ...) of the encrypted text block included in the encrypted text data D and includes an interrupt processing mechanism that receives a request to decrypt the encrypted text data D during the data decryption process C of encrypted text. Additionally, the decryptor shown in Figure 20 further includes the decryption module 71 for transferring the decrypted data from the C ± data of text block 67. encryption, such as the module output block data Ti, the feedback circuits 85, 111, 82 and 86 for feedback of the data Ci from the encrypted text block to the decryption unit 72 via lines 85, 111 and 82 of feedback to decrypt the Ci + i data from the encrypted text block. The decryptor additionally includes the memory 71 provided in parallel by the feedback circuit feedback line 85, 111, 82 and 86 and for receiving a request to decrypt the encrypted text data D and store the feedback data block when the data Ci + i of the encrypted text block are not decrypted subsequent to the Ci data of the encrypted text block because the decryptor initiates the decryption of any of the encrypted text block data of the encrypted text data D. Additionally, the decryptor shown in Figure 20 includes the selector 74 that selects the data Ci from the encrypted text block, fed back by the feedback loop feedback lines 85, 111, 82 for the supply to the encryption unit 72 through the feedback circuit when the Ci data of the encrypted text block is encrypted subsequent to the Ci 68 data of the encrypted text block, and selects the encrypted text block data Ci stored in the memory for delivery to the encryption unit 72 through the feedback circuit when the Ci + i data of the encrypted text block is not encrypted subsequent to the Ci data of the encrypted text block but after any of the encrypted text block data of the encrypted text data D. The "feedback line" and the "feedback loop" used in the above explanation of Figure 20 does not mean "feedback" that "inputs the data transferred from itself". Here, "feedback" means supplying the Ci data of the encrypted text block again to decrypt the Ci + data? of the encrypted text block after decrypting the Ci data from the encrypted text block. Figure 21 shows an operation procedure of the decryptor shown in Figure 20. When the IT interrupt is generated during decryption of the C data from the encrypted text block using the encryption key (also called decryption key) Ki, the data Ci of block of encrypted text are stored in registry 76 69 of the memory 75. Subsequently, the encrypted text block data Di is decrypted using the encryption key (also called decryption key) K2 in the unencrypted text block data Ni. Then, the data Ci of the encrypted text block stored in the register 76 of the memory 75 is read, the data C2 of the encrypted text block is decrypted in the M2 data of the clear text block. The operation of the selector 74 is the same as that shown in Figure 4. Additionally, the operation of the switch 77 is the same as that shown in Figure 5. Figure 22 shows the decryptor of the OFB mode. The decryptor shown in Figure 22, which decrypts the data C_ (i = 1, 2, 3, ...) of the encrypted text block included in the C data of ciphertext and the data D-, (j = 1, 2, 3, ...) of the encrypted text block included in the encrypted text data D, includes an interrupt processing mechanism that receives a request to decrypt the encrypted text data D during the decryption of the data C of Encrypted text at an arbitrary synchronization point. The decryptor additionally includes the decryption module 71 for transferring the decrypted data such as the data Ti from the module output block, the feedback circuits 85, 86 for feedback of the data Ti from the module output block to the decryption module 71 via the feedback lines 85. The decryption further includes the memory 75 provided in parallel with the feedback line 85, the feedback circuit, and for receiving a request to decrypt the encrypted text data D and storing the feedback module output block data Ti when the data d + i of the encrypted text block is not decrypted subsequent to the Ci data of the encrypted text block because the decryptor initiates the decryption of any of the encrypted text block data of the encrypted text data D. Additionally, the decryptor shown in Figure 20 includes the selector 74 that selects the module output block data Ti fed back by feedback line 85 of the feedback circuit for delivery to the decryption module 71 through the feedback circuit when the data Ci of the block of encrypted text is encrypted subsequent to the data Ci of the block of encrypted text and selects the data T 71 of the module output block stored in the memory 75 for supplying the decryption module 71 through the feedback circuit when the data Ci + i of the encrypted text block is not encrypted subsequent to the data Ci of the encrypted text block but after any of the encrypted text block data of the encrypted text data D. Figure 23 explains the operation of the OFB mode encrypter shown in Figure 22. The operation of Figure 23 is the same as that of the CBC mode encrypter shown in Figure 21 except that the operation is performed in the OFB mode instead of the CBC mode. Figure 24 shows a CFB mode decryptor. A decryption unit 72 is configured by the exclusive operation 0 circuit 78 of a decryption module 71. Here, the register 111 can be provided within the selector 74. The decryptor shown in Figure 24, which decrypts the data Ci (i = 1, 2, 3, ...) of the encrypted text block included in the data C of encrypted text and the data Dj (j = 1, 2, 3, ...) of 72 Encrypted text block included in the encrypted text data D include an input processing mechanism that receives a request to decrypt the encrypted text data D during decryption of the encrypted text data C at an arbitrary synchronization point. The decryptor additionally includes the decryption module 71 for transferring the decrypted data such as the data Ti from the module output block, the feedback circuits 85, 111, 82, 86 for feedback of the Ti data from the module output block to the module 71 of decryption through the lines 85, 111, 82 of feedback. The decryptor further includes the memory 75 provided in parallel with the feedback line 85, 111, 82 to the feedback circuit and for receiving a request to decrypt the encrypted text data D and store the feedback module output block T data when the data C? +? of encrypted text block are not decrypted subsequent to the unencrypted text block data Ci because the decryptor initiates decryption of any of the encrypted text data of the encrypted text data D. Additionally, the decryptor shown in Figure 24 includes the selector 74 that selects the 73 data Ti of the module output block fed back by the feedback circuit feedback line 85 for supplying the decryption module 71 through the feedback circuit when the data Ci of the encrypted text block is encrypted subsequent to the data Ci of the encrypted text block, and selects the data Ti from the stored module output block to the memory 75 for supplying the decryption module 71 through the feedback circuit when the data C + i of the encrypted text block is not encrypted subsequent to the data Ci of the block of encrypted text but after any of the data of the encrypted text block of the encrypted text data D. The "feedback line" and the "feedback loop" used in the previous explanation of Figure 24 do not mean "feedback" that "inputs data transferred from itself". Here, "feedback" means supplying ciphered text block data C again to decrypt the Ci + i data from the encrypted text block after decrypting the encrypted text block data. Figure 25 explains an operation of 74 CFB mode encryptor shown in Figure 24. In Figure 25, the operation in CBC mode shown in Figure 21 is replaced with the operation in CFB mode and the other operations are the same as those shown in Figure 21. Figure 26 shows an example of improvement of the CBC mode encryptor shown in Figure 1. A selector 154 and a memory 155 are added to the encryptor of Figure 26. Figure 1 shows a case in which the key Kx is supplied from the outside if the IT interrupt is solved, while the Ki supplied from the outside is stored and used again here. The memory 155 includes a register 156 and a switch 157. The switch 157 switches the ignoring or entering the encryption key K to the register 156.

This switching is carried out, for example, by the IT interrupt. When the IT interrupt is generated, the switch 157 is connected to E and when the IT interrupt is resolved, the switch 157 is connected to F. The register 156 enters the key K supplied through E and stores it. The key K stored in register 156 is transferred to the selector 154. The selector 154 has two inputs of A and C, of which one selects the selector 154. The 75 selection depends on the IT interrupt, which will be described later. Figure 27 shows an operation procedure of the encrypter shown in Figure 26. When the electric power of the encrypter is supplied, the inputs to the selector 54 and the selector 154 are set to A, and the switch 57 and the switch 157 are connected to E. Additionally, insofar as there is a request to encrypt the data N of unencrypted text, the IT interrupt is generated and kept ON until the request to encrypt the data N of unencrypted text is resolved. Additionally, the M data of unencrypted text to be encrypted using the key Ki, and the data N of the unencrypted text are to be encrypted using the key K2. The keys Ki and K2 are supplied to the encryption module 51. At the time TO, the key Kx is supplied from the outside as the key Kl. As the switch 157 is connected to E, the key Kx is' stored in the register 156. Then, the encryption process for the text data of the unencrypted text block is stored. When the data of the unencrypted text block is started at the time TO, the selector 54 enters an initial value IV up to A, and then the 76 selector 54 is switched to B. At time X during the process of encrypting the data i of the unencrypted text block using the key Ki, it is assumed that the IT interrupt for the request to encrypt the data Ni of text block without code. Up to the time Tl, the data Ci of the encrypted text block becomes stored in the memory 55. Then, the key K2 is supplied to the encryption module 51 from the outside as the key Kl in the time Tl due to the generation of IT interruption. At time Tl, the input to selector 54 is set to A. And at time Tl, switch 57 and switch 157 are connected to F. Accordingly, key K2 is not stored in register 156. After time Tl, the encryption of the data Ni of the clear text block is done using the key K2, and the data Di is transferred from the block of encrypted text. At time Y, the encryption of the data i of the unencrypted text block is terminated and the IT interrupt is resolved. Due to this resolution of the IT interrupt, at time T2, the input to the selector 54 is switched to C, and the switch 57 is connected to E. Accordingly, the key Ki is transferred to the selector 154 from the register 156 as the key Kl and the key Ki is supplied to the encryption module 51 from 77 selector 154 as the key Ki. Additionally, since the selector 54 is switched to C, the data Ci of the encrypted text block stored in the memory 55 is entered for the encryption of the M2 data of the unencrypted text block., and the M2 data of the clear text block is encrypted by the encryption module 51 using the key Ki, and the C2 data is transferred from the encrypted text block. Before time T3, the input to the selector 54 is switched B, and when the data M3 of the clear text block is encrypted, the data C2 of the feedback text block from the feedback line 65 of the feedback circuit is input, the unencrypted text block M3 data is encrypted by the encryption module 51 using the key Ki, and the encrypted text block data C3 is transferred. Additionally, before the time T3, the input to the selector 154 is switched to A. An operation of the selector 154. Will be described. When the electric power is turned ON, the input to the selector 154 is set to A. Additionally, also when generation is detected of the interruption, IT, the input remains set to A. Until the IT interrupt is resolved, the selector 154 operates with the setting of its input to A. When the resolution of the IT interrupt is detected, the selector 154 adjusts the input C. Due to the setting of the input to C, the key Ki stored in the memory 55 is introduced to the encryption module 51 as the key K. When the encryption using the key entered from C is initiated, the selector adjusts the input to A. As described above, the selector 154 can be switched based on the generation of the IT interrupt. Next, an interrupt processing operation of the switch 157 will be explained. When the electric power is turned ON and in the first encryption process of the text data M unencrypted, the switch 157 is connected to E, and the key K_ for the unencrypted text M is stored in register 156. And when the IT interrupt is generated at time X, switch 157 connects to F from E at time Ti, and key K2 for clear text N is ignore Additionally, when the resolution of the IT interrupt is detected at time Y, switch 157 is connected to E from F at time T2. In this way, the switch 157 ignores the key K2 for the data N of unencrypted text from the generation to the resolution of the interruption 79 ITEM. Accordingly, the key Kx for the text M data of unencrypted text is kept stored in the register 156 of the memory 155. Figure 28 shows a configuration of the decryptor shown in Figure 20 when the key Ki to be reused is stored. . Figure 28 shows a case in which a selector 174 and a memory 175 are added to the descriptor of Figure 20. The operations of the selector 174 and the memory 175 are the same as those of the selector 154 and the memory 155 shown in the Figure 26. The memory 55 and the memory 155 are examples of the memory for storing the state of the encryptor when the IT interrupt is generated. In this way, the state of the encryption process is stored to memory 55 and memory 155, which allows the encrypter to return to the encryption status of certain data even when the encryption of other data is performed during which certain data is encrypted. . Specifically, by using the data stored in the memory 55 and the key K stored in the memory 155, the state of the encryptor can be returned to the identical state when the encryption is interrupted, and the encryption process can be continued. interrupted. The memory 155 and the memory 175 can be configured as identically to the memory 55 shown in Figures 6 and 8. 0, the key Ki can be stored by adding the configuration such as those shown in Figures 26 and 28 to Figures 16. , 18, 22 and 24. Additionally, since memories 55 and 155 shown in Figure 26 operate the same, these memories can be integrated into a memory. As it has been analyzed, the decryptor in relation to the present modality performs the decryption of the first processing data (encrypted text data C) including at least the data of block Ci (i = 1, 2, 3, ..., m) and the second processing data (encrypted text data D) including at least block data D-, (j = 1, 2, 3, ..., n). The decryption includes in the memory 75 that stores the state of the decryption process. The decryptor initiates the process of decrypting the initial block data of the second processing data before the end of the decryption process of all the block data (Ci to Cn) of the first processing data. When the decryptor initiates the process of decrypting the initial block data of the second processing data, the decryptor causes the previous memory to store the decryption state of the first processing data and when the decryptor restarts the decryption of the first data. processing data, the state of the decryptor is returned to the decryption state of the decryptor stored in the memory 75 the decryptor restarts the decryption process of the first processing data. Additionally, the decryption restarts the process of decrypting the first processing data before the end of all the block data (Di to Dn) of the second processing data and the memory 74 stores the decryption state of the second processing data. when the decryptor restarts the process of decrypting the first processing data. When the decryptor restarts the decryption process of the second processing data, the state of the decryptor is returned to the decryption state of the second processing data stored in the memory and the decryptor restarts the decryption process of the second processing data. 82 Here, the status of the encryption process is, for example. Encrypted block data Ci (and the key Ki) in the case of the CBC mode shown in Figure 1, Module output Ti data (and the Ki key) in the case of the OFB mode shown in Figure 16, and Ci data of the encrypted block (and the key Ki) in the case of the CFB mode shown in Figure 18. The decryption state is for example, Encrypted block data Ci (and the key Ki) in the case of the CBC mode shown in the Figure 20. The module output data Ti (and the key Ki) in the case of the OFB mode shown in Figure 22, and Encrypted block data Ci (and the key Kx) in the case of the CFB mode shown in Figure 24. In the previous decryption, the encryptor and the decryptor have been explained in three cases, respectively. The three modes are only examples, the present embodiment can be applied to the encryptor and the decryptor in another mode such as the improved mode or the transformed mode. In particular, the characteristics of the modality is that in the encryption / decryption method, in which the block Ci, Mi or Ti data generated in the time of encryption / decryption of the data 83 Previous ones are used for a process of encryption / decryption of the next data Mi + i or Ci +? of block as the feedback data, the memory 55 is provided for the storage of the state of the encryption / decryption process, so that the state of the encrypting / decryptor can be returned to the original state using the data Ci, Mi or Ti of the block after the process of encrypting / decrypting another piece of data. Therefore, what mode of encryption / decryption is used is beyond doubt. Here, instead of the IT interrupt, the request for encryption using another mechanism such as a shoring system or a signal obtaining system can be received, and a parallel or interactive processing of at least two encryption / decryption processes is required. can do. Additionally, the previous mode, the encryption key K is used for the encryption / decryption process, however, the mode can be applied to the encryption / decryption process without using the encryption key. 84 Modality 2 In the following modality, another case will be explained, which the encrypter performs a confidentiality process and a data integrity assurance process. The process of data confidentiality means encrypting data in order to make data insignificant even when data is intercepted or stolen. Additionally, the process of securing data integrity means ensuring that the data is not replaced by anyone. In the case of data transfer, the integrity of the data sometimes needs to be secured as well as to perform the data confidentiality process. The process of confidentiality of data is done by encrypting the data. The data integrity assurance process is performed by attaching a MAC (Message Authentication Code) to the last bit of the data and verifying the MAC to detect the theft. Figure 29 shows a case in which an encryption unit 100 of the OFB mode performs the confidentiality process, and a MAC generator 200 of the CBC mode generates the MAC. Figure 29 shows the encryptor that encrypts the text data without encryption including 85 less data from the unencrypted text block using the encryption module and generates the MAC to ensure the integrity of the encrypted text data. The encryptor includes an encryption unit 100 having a first feedback circuit 65 which feeds back the data Ti from the module output block supplied from the encryption module 51 in the encryption of the text data of the unencrypted text block by the module 51 of encryption to the 51 encryption module. The encryption unit 100 enters the text block data without encryption, feeds back the data Ti and the module output block using the first feedback circuit 65 to perform the encryption process to transfer the data Ci from the block of encrypted text. The encryptor includes a MAC generator 200 having a second feedback circuit 66 that feeds back an intermediate MAC result Ti, computed. The MAC generator 200 inputs the data Ci of the encrypted text block into any output of the data Ci of the encrypted text block from the encryption unit 100, computes the MAC, renders the result Ti. of intermediate MAC, computed is fed back using the second feedback circuit 66, and generates a MAC P to ensure the integrity of the encrypted text data. 86 Figure 30 shows an encryption operation procedure shown in Figure 29. The unencrypted text block data i is first encrypted in the Ci data of the encrypted text block. Then, the M2 data of the unencrypted text block is entered to be encrypted in the C2 data of the encrypted text block. Simultaneously the encryption of the Mi data of the unencrypted text block, the Ci data of the encrypted text block are entered and the MAC computation is initiated. Between the time T1 and the time T2, and the encryption process of the M2 data of the unencrypted text block and the computation of the MAC based on the data Ci of the encrypted text block are performed. Between the time T2 and the time T3, the encryption process of the encrypted text block M3 data and the MAC computation based on the C2 data of the encrypted text block are performed. At time T3, the MAC computation based on the encrypted text block data C3 is performed and the MAC P is transferred. The configuration of Figure 29 is characterized in that the encrypted text block data Ci transferred from the exclusive OR operation circuit 58 is input to the exclusive OR operation circuit 59 by a line 69 of 87. feeding. The power line 69 combines the encryption processes of the OFB mode and the CBC mode, so that the confidentiality process and the integrity assurance process are performed by online processing. In the case of Figure 52, the processing of time T6 requires a lot of processing time, however, in the case of Figure 30, the processing is terminated at time T4, which shows that a high speed processing has been performed. . Fig. 31 is a flow diagram showing the operation of the encrypter shown in Fig. 29. In S51, a block data counter i is initialized to 1. S52 shows the operation of the encryption unit 100. The encryption unit 100 introduces the data of the text block Mi without encryption, encrypts the data Mi of the unencrypted text in the data Ci of the block of encrypted text and transfers the data of the block of encrypted text. S53 shows the operation of the MAC generator 200. The MAC generator 200 enters and encrypts the data Ci of the encrypted text block and computes the MAC. S54 verifies whether the block data counter i indicates the last block data n. When the counter does not, the counter i of 88 Block data is incremented in S55, and the operation is returned to the S52 process. Specifically, the processes of the encryption unit 100 and the MAC generator 200 are repeated. When S54 is detected that the process of the last block data is terminated, the last MAC computed with S53 becomes the final MAC, and the last bit of the C_ text of the encrypted text block is appended to the final MAC in S56. As shown in Figure 31, in each generation of the data Ci of the text block encrypted by the encryption unit 100, the MAC generator 200 inputs the data Ci of the encrypted text block to compute the MAC, which allows the processing of line at a high speed. Figure 32 shows a convincing configuration of the encryption unit 100 and the MAC generator 200 shown in Figure 29. That is, the encryption module 51 is shared by the encryption unit 100 and the MAC generator 200, and the Exclusive OR operation circuit is used as the exclusive OR operation circuit 58 of the encryption unit 100 and the exclusive OR operation circuit 59 of the MAC generator 200. Additionally, the feedback line is used as much as the feedback line 65 of the unit 100 of 89 encryption as the feedback line 66 of the MAC generator 200. A first selector 61 selects an initial value IV at the time of initiation of the confidentiality process. A second selector selects the initial value IV at the start time of the integrity assurance process. A third selector 63 alternately selects the confidentiality process and the integrity assurance process. The confidentiality process can be performed by adjusting the input of the third selector to E. Additionally, the integrity assurance process can be performed by adjusting the input of the third selector to F. A memory 93 stores the module output data Ti transferred from the encryption module 51 using the encryption key K. The memory 93 includes an input switch 96, an output switch 97, a first register 98 and a second register 99. The input switch 96 and the output switch 97 are synchronized with the switching of the third selector 63. On each switch of the third selector 63, both the input switch 96 and the output switch 97 are switched. Figure 33 shows a procedure of 90 encryption operation shown in Figure 32. Between the time TO and the time Tl, the process of confidentiality of the data Mi of block of text without encryption is performed. The module output data generated during the confidentiality process is stored in the first register 98. Between the time Ti and the time T2, the MAC is computed based on the data Ci of the encrypted text block. The intermediate, computed MAC result generated by the integrity assurance process is stored in the second register 99. Then, between the time T2 and the time T3, the confidentiality process of the M2 data of the unencrypted text block is performed based on the module output data stored in the first register 98 and the M2 data of the unencrypted text block. Then, between the time T3 and the time T4, the computed intermediate MAC result stored in the second register 99 and the encrypted text block data C2 are entered and the MAC is computed. By repeating these operations, the confidentiality process and the integrity assurance process are terminated and the encrypted text data and the MAC P are transferred. In the case of leak 33, the process is terminated at time T6 and the processing time is not reduced. However, as shown in the 91 Figure 32, the encryption module 51 using the encryption key K, the exclusive 0 operation circuit 58, and the feedback line 67, 68 (feedback circuit) are shared by the encryption unit and the MAC generator , so that the scale of the circuit can be reduced. Figure 34 shows a decryptor including a decryption unit 300 of the OFB mode and a MAC generator 400 of the CBC mode. The MAC generator 400 is configured the same as the MAC generator 200. Figure 34 shows the decryptor decrypting the encrypted text data including at least ciphered text block data in the clear text data and generating the MAC to ensure the integrity of the encrypted text data. The decryptor includes a decryption unit 300 having a first feedback circuit 65 that feeds the module output block data T generated in the decryption process of the encrypted text block data Ci using the decryption module 71. The decryption unit 300 inputs the data Ci of the encrypted text block which causes the module output block data Ti to be fed back by the data block.

The first 65 feedback circuit will decrypt and transfer the data My block of text without encrypting. The decryptor further discloses a MAC generator 400 having a second feedback circuit 66 that feeds back the computed intermediate MAC result Ti. The MAC generator 400 introduces the same encrypted text block data with the Ci data of the encrypted text block input to the decryption unit 300, performs the MAC computation to transfer the intermediate, computed MAC result, makes the second feedback circuit 66 feedback the intermediate MAC result Ti, computed, and generates the Q of MAC to ensure the integrity of the encrypted text data. The encrypted text block data Ci is input to the exclusive OR operation circuit 78 in the decryption unit 300, and at the same time, the encrypted text block data Ci is input to the MAC generator 400 by the line 69 of feeding. By this configuration, the processes of the decryption unit 300 and the MAC generator 400 are performed simultaneously, so that the processing speed can be increased. Figure 35 shows a configuration at 93 which integrates the decryption unit 300 and the MAC generator 400 of the decryptor shown in Figure 34. Figure 35 shows a case in which the decryption module 71 and the lines 87, 88 feedback (feedback loop) are shared. A first selector 81 selects the initial value IV at the start time of the decryption process. A second selector 82 selects the initial value IV at the start time of the integrity assurance process. A third selector 83 alternately selects the decryption process and the integrity assurance process. The decryption can be done by adjusting the input of the third selector 83 to E. Additionally, the integrity assurance process can be performed by adjusting the input of the third 83 AF selector. The memory 93 stores the data Ti the module output transferred from the encryption module 51 using the encryption key K. The memory 93 includes an input switch 96, an output switch 97, a first register 98 and a second register 99. The input switch 96 and the 94 output switch 97 are synchronized to the switching of the third selector 83. At each switching of the third selector 83, the input switch 96 and the output switch 97 are also switched. Figure 36 shows an operation procedure of the decryptor shown in Figure 35. The decryptor enters the data of the encrypted text and the MAC P. Between the time TO and the time Tl, the encrypted text block data Ci is decrypted and the encrypted text block data Ci is stored in the register 111. The module output data generated during the decryption process is stored in the register 98. Between the time T1 and the time T2, the MAC is computed based on the data Ci of the encrypted text block stored in the register 111. The intermediate, computed MAC result generated during the integrity assurance process is stored in the second register 99. Then, between the time T2 and the time T3, the data C2 of the closed text block is stored in the register 111, the process of decryption of the data M2 of the encrypted text block is performed on the basis of to the module output data stored in the first register 98 and the C2 data of the encrypted text block. Then, between the time 95 T3 and time T4, the intermediate MAC result, computed, stored in the second register 99 and the encrypted text block data C2 stored in the register 111 are entered and the MAC is computed. By repeating these operations, the clear text data and the MAC Q are transferred. The Q of MAC is compared to the P of MAC. If the MAC P corresponds to the MAC Q, the integrity of the data can be ensured. In this way, the decryption process and the integrity assurance process is completed. Figure 37 shows a configuration in which the CBC mode encryption unit 100 is used in place of the encryption unit 100 of the OFB mode shown in Figure 29. Figure 37 shows the encryptor that encrypts the text data unencrypted including at least the unencrypted text block data using the encryption module and generating the MAC to ensure the integrity of the encrypted text data. The encryptor includes an encryption unit 100 having a first feedback circuit 65 which feeds the encrypted text block data Ci transferred from the encryption module 51 at the time of encryption of the unencrypted text block data by the encryption unit 52. The unit 96 100 of encryption introduces the data Mi of block of text without encryption, causes the data Ci of the block of encrypted text to be fed back using the first feedback circuit 65 to perform the encryption process, and transfers the Ci data of the encrypted text block . The encryptor further includes a MAC generator 400 having a second feedback circuit 66 that feeds back an intermediate MAC result, computed. The MAC generator 400 inputs the encrypted text block data Ci in each output of the encrypted text block data Ci from the encryption unit 100, computes the MAC, causes the intermediate computed MAC result T to be fed back using the second feedback circuit 66 and generates a MAC P to ensure the integrity of the encrypted text data. Figure 38 shows a configuration in which the CBC mode decryption unit 300 is provided in place of the decryption unit 300 of the OFB mode shown in Figure 34. Figure 38 shows the decryptor decrypting the encrypted text data. including at least the text block data encrypted in the text data without encryption and generates the MAC to ensure the 97 integrity of encrypted text data. The decryptor includes a decryption unit 300 having a first feedback circuit 85, 82 for feedback of the cipher text block data Ci, and the decryption unit 300 inputs the data Ci of the encrypted text block and causes the data Ci of the encrypted text block to be fed back by the first feedback circuits 82, 85 to decrypt, and transfers the data Mi of the text block unencrypted The decryptor further includes a MAC generator 400 having a second feedback circuit 66 for feedback to the intermediate MAC result Ti, computed and the MAC generator 400 inputs the encrypted text block data Ci which are identical to the data Ci of encrypted text block entered into the decryption unit 300, computes the MAC, transfers the intermediate MAC result, computed, causes the intermediate MAC result Ti, computed to be fed back by the second feedback circuit, and generates the MAC for ensure the integrity of the encrypted text data. As described above, Figures 29 and 37 show the encrypters, each of the 98 which includes the encryption unit that introduces the data to encrypt and which transfers the data and the MAC generator that introduces the encrypted data transferred from the encryption unit and that generates the MAC to ensure the integrity of the encrypted text data, in where the MAC generator initiates the generation of the MAC before the encryption of the data by the encryption unit is finished. Additionally, Figures 34 and 38 show the decryptors, each of which includes the decryption unit that enters the data to be decrypted and that transfers the data and the MAC generator that enters the data entered by the decryption unit. and that the MAC generates to ensure the integrity of the encrypted text data, wherein the MAC generator initiates the generation of the MAC before the decryption of the data by the decryption unit is finished. The encryption unit 100 or the OFB mode decryption unit 300, which is not shown in the Figures, can be used in the previous encrypting / decrypting device. The MAC generator 200 of the OFB or 99 mode OFB mode, which is not shown in the Figures, can be used in the previous encrypter / decryptor. Figure 39 shows a configuration of the encryption module 51 or the decryption module 71. The encryption module 51 includes a key programmer 511 and a data scrambler 512. Key programmer 511 introduces a K key to generate n extended key numbers ExtKx to ExtKn. The data scrambler 512 generates a random number using a function F and an exclusive O operation circuit. Function F introduces the extended key and performs the non-linear transformation of the data. In the encryption module 51 of the previous encrypter, the algorithm decrypted into blocks as such: (1) DES (Data Encryption Standard), (2) MISTY, the decrypted block algorithm described by International Patent Publication No.

W097 / 9705 (U.S. Patent Application No. 08/83640). (3) KASUMI, encrypted in blocks of 64 bits developed based on the algorithm decrypted in blocks MISTY, which was determined to be applied to the encryption of 100 international standard for next-generation cell phones (IMT2000) (more details, please visit: http: / www .3gpp. org / About_3GPP / 3gpp. htm), or (4) Camellia, the algorithm deciphered in blocks described in the Japanese Patent Application No. 2000-64614 (filed March 9, 2000). Additionally, in the decryption decryption module, the decryption algorithm in blocks such as DES, MISTY, KASUMI, or Camellia can be applied. Figure 40 shows a form of implementation of the encryptor or decryptor. Figure 40 shows a case in which the encryptor and decryptor are installed in FPGA, IC, or LSI. Specifically, the aforementioned encrypter and decryptor can be implemented by the physical equipment. Additionally, the encryptor and decryptor can be increased by a printed circuit board, which is not shown in the Figure. Figure 41 shows a case in which the encryptor and decryptor are incremented by the computer program. The above encryptor can be implemented by an encryption program 47. The encryption program 47 is stored in ROM (Reading Memory 101 Only) 42 (an example of storage). The encryption program 47 can be stored in another storage class such as RAM (Random Access Memory), a floppy disk, or a fixed disk. Additionally, the encryption program 47 can be downloaded to a server computer. The encryption program 47 operates as a sub-routine. The encryption program 47 is called from an application program 46 stored in RAM 45 by a sub-routine call that is executed to the encryption program 47. OR, the encryption program 47 can be activated with the generation of an interrupt received by the interrupt control unit 43. The memory 55 may be part of the RAM 45. The application program 46 and the encryption program 47. are programs executed by the CPU. Figure 42 shows mechanism by which the application program 46 calls the encryption program 47. The application program 46 calls the program 47 using the key K, the initial value IV, the data M of clear text, and the data C of encrypted text, as parameters. The encryption program 47 introduces the key K, the initial value IV and the data M of clear text and returns the data C of text 102 encryption When the encryption program 47 and the decryption program are the same, the encryption program is called using the K key, the initial value IV and the C data of encrypted text, and the M data of the unencrypted text, as parameters. The encryption program 47 can be implemented by a digital signal processor and a program that is read and executed by the digital signal processor. Specifically, the encryption program 47 can be implemented by the combination of the physical equipment and the computer program. Figures 40, 41 and 42 mainly explain cases for the encryptor, however, the decryptor can be implemented in the same way. The encryptor and decryptor shown in Figures 40 and 41 can be installed in an electronic device. For example, the encryptor and the decryptor can be installed in all kinds of electronic devices such as a personal computer, a Facsimile machine, a cell phone, a video camera, a digital camera, a T.V. camera. In particular, the characteristics of the present modality can be traced effectively in case of the 103 encryption / decryption of data from plural channels. Or, the application of the modality is effective when plural pieces of data are received from plural users that are going to be decrypted, when the plural pieces of data are generated from random plural users and the data must be encrypted in real time. Specifically, the encrypting and decrypting mode is really effective when the number of devices for encryption / decryption is small compared to the number of pieces of data to be encrypted / decrypted. For example, the encryptor and decryptor are very effective for the server computer that requires supporting many client computers, a base station or a line controller that requires collecting data from all cell phone lots. Instead of parallel processing of encryption processes and decryption processes, the encryption process and decryption process can be performed in parallel. Additionally, the above explanation shows a case of the combination of the encryption unit (or decryption unit), the OFB mode, and the MAC generator of the CBC mode, however, it is not possible to use the encryption unit. you can use any combination of modes such as OFB mode, CFC mode, CFB mode, improved mode of these modes, and so on. Additionally, the above explanation shows a case in which the MAC generator performs encryption using the encryption key K, however, the MAC generator can perform data coding, data calculation, or other processing of data. the data. Industrial application As described, according to the preferred embodiment of the present invention, the process of encrypting the data N of unencrypted text can be initiated during the process of encrypting the M data of unencrypted text. Additionally, the decryption process of the encrypted text data D can be initiated during the decryption process of the encrypted text data C. Furthermore, according to the preferred embodiment of the present invention, priorities can be assigned to the data to be encrypted / decrypted, high speed processing can be performed based on the data priorities. Still, also, according to the modality 105 Preferred of the present invention, the confidentiality process and the integrity assurance process can be performed in parallel, which allows high-speed processing. Additionally, the confidentiality process and the integrity assurance process can be performed by an integrated physical team.

Claims (50)

106 CLAIMS 1. An encryption apparatus for encrypting first processing data and second processing data, comprising: a memory for storing the state of the encryption process, and wherein the encryption apparatus initiates the encryption process of the second data of processing before the process of encrypting the first processing data is completed, the encryption apparatus causes the memory to store the state of the encryption process of the first processing data when the encryption apparatus initiates the process of encryption of the data. second processing data, the encryption apparatus returns the state of the encryption process of the encryption apparatus to the state of the encryption process of the first processing data stored in the memory when the encryption apparatus restarts the encryption of the first processing data , and the encryption device rein the process of encriupting the first processing data.

2. The encryption device according to 107 claim 1, wherein the encryption apparatus restarts the encryption process of the first processing data before the encryption process of the second processing data is terminated, the memory stores the status of the encryption process of the second processing data. processing when the encryption apparatus restarts the encryption process of the first processing data, the encryption apparatus returns the state of the encryption process of the encryption apparatus to the status of the encryption process of the second processing data stored in the memory when the encryption apparatus restarts the encryption process of the second processing data, and the encryption apparatus restarts the encryption process of the second processing data.

3. The encryption apparatus according to claim 1, wherein the first processing data is the first unencrypted text data and the second processing data is the second unencrypted text data.

4. The encryption apparatus according to claim 1, wherein the encryption apparatus 108 initiates the process of encrypting the second processing data by an interruption.

5. An encryption apparatus that encrypts M data from unencrypted text that includes the data Mi (i = 1, 2, 3, ...) of the unencrypted text block and data N of unencrypted text including the data N -, (J = 1, 2, 3, ...) of the unencrypted text block, the encryption apparatus comprises: a mechanism for receiving a request to encrypt the data N of unencrypted text during the encryption process of the M data of unencrypted text; an encryption unit for encrypting the data of the unencrypted text block Mi to transfer the encrypted text block data C; a feedback loop for feedback of the encrypted text block data C transferred from the encryption unit to the encryption unit via a feedback line; a memory, provided in parallel with the feedback loop of the feedback circuit, to receive a request to encrypt the data N of unencrypted text and store the data C_ of the feedback-encrypted text block 109 when the data M_ +? block of unencrypted text are not encrypted subsequent to the data My of text block unencrypted, so that the encryption process of any of the data of the unencrypted text block of the data N of unencrypted text is initiated; and a selector for selecting and supplying the data Ci of the ciphered text block fed back from the feedback line of the feedback circuit to the feedback circuit in case the data M_ +? of unencrypted text blocks are encrypted subsequent to the data M_ of the unencrypted text block and to select and supply the data Ci of the block of encrypted text stored in the memory to the feedback circuit in the event that the data M_ +? of unencrypted text block are not encrypted subsequent to the M_ data of the unencrypted text block and the M1 + data? block of the unencrypted text are encrypted after some of the unencrypted text block data of the unencrypted text data N are encrypted.

6. The encryption apparatus according to claim 5, where the memory includes: plural records that correspond to plural pieces of unencrypted text data; and a switch for switching registers 110 plurals that correspond to the unencrypted text data to be encrypted.

7. An encryption method comprising the steps of: encrypting data Mi (i = 1, 2, 3, ...) of unencrypted text block of the first M data of unencrypted text using the data Ci (i = 1, 2, 3, ...) of encrypted text block transferred from an encryption module; store encrypted text block Cx data that will be used to encrypt the My + data? of unencrypted text block of the first M data of unencrypted text in a memory during or after the data encryption process. encrypt at least one unencrypted text block data of the second unencrypted text data N after storage of the encrypted text block data Ci to be used to encrypt the Mi + data? of block of text without encrypting in the memory; and encrypt the Mi + data? block of unencrypted text block of the first M data of unencrypted text when entering the data Ci of block of encrypted text to be used for the text block Mi + i data 111 unencrypted stored in the memory and using the encryption module after encrypting at least the unencrypted text block data of the second unencrypted text N data.

8. An encryption apparatus for encrypting unencrypted text data that includes at least unencrypted text block data in the encrypted text data using an encryption unit generating a message authentication code (MAC) to ensure the integrity of the data. the data of the encrypted text, the encryption apparatus comprises: an encryption unit, which has a first feedback circuit for feedback Ci data of encrypted text block transferred by the encryption unit to the encryption unit when the data of the encryption is encrypted. block of unencrypted text by the encryption unit, to enter the text data without encryption, performing an encryption process by feeding back the Ci data of the encrypted text block through the first feedback loop, and transferring the block data from encrypted text; a Message Authentication Code Generator (MAC), which has a second feedback loop to feedback a result of 112 Intermediate MAC, computed, for transferring the encrypted text block data each time the encrypted text block data is transferred from the encryption unit, processing the data, feeding back the intermediate MAC result, computed, by the second circuit of feedback, and generating the MAC to ensure the integrity of the encrypted text data.

9. The encryption apparatus according to claim 8, wherein the encryption unit and the MAC generator alternately perform the encryption process and a MAC generation process by sharing an encryption module and a feedback loop, and the circuit Feedback includes: a memory for respectively storing and transferring the results of the encryption process and the MAC generation process; and a selector to alternately select the results of the encryption process and the MAC generation process of the memory to alternately perform the encryption process and the MAC generation process.

10. An encryption method to encrypt 113 unencrypted text data which includes at least unencrypted text block data in encrypted text data using an encryption unit and generating a message authentication code (MAC) to ensure the integrity of the encrypted text data, the method of encryption comprises: an encryption method, including a first feedback step for feedback Ci data of encrypted text block, transferred from the encryption unit when the encryption unit encrypts the data of unencrypted text block, enter the data of clear text block, perform an encryption process when feedback C_ data of encrypted text block through a first feedback loop, and transfer data from encrypted text block; and a MAC generation step, which includes a second feedback step 'to feed back an intermediate, computed MAC result, to enter the encrypted text block data each time the encrypted text block data is transferred from the step of encryption, process the data, feed back the intermediate MAC result, computed, through the second feedback step, and generate the MAC to ensure theintegrity of encrypted text data.

11. A decryption apparatus that decrypts first processing data and second processing data, comprising: a memory for storing a state of a decryption process, and wherein the decryption apparatus initiates the process of decrypting the second data of processing before the process of decrypting the first processing data is completed, the decryption apparatus causes the memory to store the state of the process of decrypting the first processing data when the process of decrypting the second data is initiated. processing, and the decryption apparatus returns the state of the decryption process of the decryption apparatus to the state of the decryption process of the first processing data stored in the memory when the decryption process of the first processing data is restarted, and the decryption device rei starts the process of decrypting the first processing data. 115

12. The decryption apparatus according to claim 11, wherein the decryption apparatus restarts the decryption process of the first processing data before the process of decrypting the second processing data is completed, the memory stores the decryption state of the the second processing data when the decryption process of the first processing data is restarted, the decryption apparatus returns the decryption state of the decryption apparatus to the decryption state of the second processing data stored in the memory when the process of decryption of the second processing data is restarted, and the decryption apparatus restarts the decryption process of the second processing data.

The decryption apparatus according to claim 11, wherein the first processing data is first data of the encrypted text, and the second processing data is second data of the encrypted text.

14. The decryption device according to 116 claim 11, wherein the decryption apparatus initiates the first block decryption process of the second processing data by an interruption.

15. A decryption device that decrypts data C_ (i = 1, 2, 3, ...) of the block of encrypted text included in the data C of ciphertext and data Dj (j = 1, 2, 3, .. .) of encrypted text block included in the encrypted text data D, the decryption apparatus comprises: a mechanism for receiving a request to decrypt the data D from the encrypted text in an arbitrary synchronization during a decryption process of the data C of encrypted text; a decryption unit for performing the decryption process of the encrypted text block data Ci to transfer the text data of the unencrypted text block Mi; a feedback loop to feed back the Ci data from the ciphertext block that will be used to decrypt the C1 + data? from encrypted text block to the decryption unit through a feedback line; a memory, provided in parallel with the 117 circuit feedback line feedback, to receive the request to decrypt the encrypted text data D and store the encrypted text block data Ci fed back when the encrypted text block data Ci + i is not decrypted subsequent to the data of the encrypted text block Ci so that the decryption process of any of the encrypted text block data of the encrypted text data D is initiated; and a selector for selecting and supplying the data Ci of the encrypted text block fed back from the feedback line of the feedback circuit in case the data Ci + i of the encrypted text block is decrypted subsequent to the data Ci of the text block encryption, and for selecting and supplying the Ci data of the encrypted text block stored in the memory in the event that the Ci + i data and the encrypted text block are not decrypted subsequent to the Ci data of the encrypted text block and the Ci + data. Encrypted text block is decrypted after any of the encrypted text block data of the encrypted text data D is decrypted.

16. The decryption apparatus according to claim 15, wherein the memory includes: 118 plural records corresponding to plural pieces of encrypted text data; and a switch that switches registers corresponding to the encrypted text data to be decrypted.

17. A decryption method comprising the steps of: decrypting Cx data (i = 1, 2, 3, ...) of encrypted text block of first C data of encrypted text using a decryption module; storing encrypted text block data Ci to be used for decrypting encrypted text block Ci + i data in a memory during or after decrypting the encrypted text block data Ci; decrypting at least one encrypted text block data of a second encrypted text data D after storing the encrypted text block CL data to be used to decrypt the data Ci + i of encrypted text block; and enter the Ci data of the encrypted text block to be used to decrypt the data C? +? of encrypted text block stored in the memory after decrypting at least data from the encrypted text block of the encrypted text data D and decrypting the encrypted text block data Ci + i 119 of the first C data of encrypted text using the decryption module.

18. A decryption apparatus that decrypts encrypted text data including at least one text block data encrypted in clear text data, and generates a message authentication code (MAC) to ensure the integrity of the encrypted text data, the decryption apparatus comprises: a decryption unit including a first feedback circuit for feedback to the module output block data Tx generated in the decryption data by a decryption module, for entering the encrypted text block data, decrypting the encrypted text block data using the module output block T_ data fed back through the first feedback circuit, and transferring the text block data without encryption; a MAC generator, which includes a feedback circuit for feedback of an intermediate, computed MAC result, for inputting the encrypted text block data identical to the encrypted text block data input to the decryption unit, processing the data transferring the intermediate MAC results, computed, feedback 120 the intermediate MAC result, computed through the second feedback loop, and generate the MAC to ensure the integrity of the encrypted text data.

19. The decryption apparatus according to claim 18, wherein the decryption unit and the MAC generator share a decryption module and a feedback circuit and alternately perform the decryption process and a MAC generation process, and wherein the feedback loop includes: a memory that stores and transfers the results of the decryption process and the MAC generation process; and a selector for alternately selecting the results of the decryption process and the MAC generation process to be transferred to the decryption module for the alternative realization of the decryption process and the MAC generation process.

20. A decryption method that decrypts encrypted text data that includes at least text block data encrypted into text data without encrypting and generating a message authentication code (MAC) to ensure the integrity of the encrypted text data, the decryption method comprises: a decryption step that includes a first feedback step to feed back the data Ti block and output module generated in the decryption data by a decryption module, entering the encrypted text block data, decrypting the encrypted text block data using the feedback module block output Ti data through the first feedback circuit, and transfer the text block data unencrypted; a MAC generation step including a second feedback step for feedback of an intermediate, computed MAC result, entering the encrypted text block data identical to the encrypted text block data entered into the decryption unit, processing the data , transfer the intermediate MAC result, computed, feed back the intermediate MAC result, computed by the second feedback circuit, and generate the MAC to ensure the integrity of the encrypted text data.

21. An encryption device that encrypts 122 the M data of unencrypted text including the data Mi (i = 1, 2, 3, ...) of the clear text block and the data N of the unencrypted text including the data N-, (j = 1 , 2, 3, ...) of the unencrypted text block, the encryption apparatus comprises: a mechanism for receiving a request to encrypt the data N of unencrypted text during the process of encryption of the data M of unencrypted text before the end of the encryption process of the M data of unencrypted text; an encryption module for transferring encrypted data as Ti data from the output block of the module; a feedback circuit for feedback of the module output block data Ti transferred from the encryption module to the encryption module via a feedback line; a memory, provided in parallel with the feedback line of the feedback circuit, to receive the request to encrypt the data N of unencrypted text and to store the data Ti of the output block of the feedback module when the data M1 + is not encrypted? of unencrypted text blocks subsequent to My 123 data of clear text block, so that the encryption process of any of the unencrypted text block data of the unencrypted text N is initiated; and a selector for selecting and supplying the Ci data of the module output block fed back through the feedback loop of the feedback circuit to the feedback circuit in the event that the data M? +? of unencrypted text block are encrypted subsequent to the data My text block unencrypted and to select and supply the data Ci of module output block stored in the memory to the feedback circuit in case the data? +? of unencrypted text block are not encrypted subsequent to My data of unencrypted text block and My + data? block of the unencrypted text are encrypted after any of the unencrypted text block data of the unencrypted text data N are encrypted.

22. The encryption apparatus according to claim 21, wherein the memory includes: plural registers corresponding to plural pieces of unencrypted text data; and a switch that switches registers that 124 correspond to the unencrypted text data to be encrypted

23. An encryption method comprising the steps of: encrypting M_ data (i = 1, 2, 3, ...) of unencrypted text block of first data M of unencrypted text using the data T_ (i = 1, 2, 3, ...) of module output block transferred from an encryption module; store Ti data from module output block to be used to encrypt M1 + data? of clear text block of the first M data of unencrypted text during or after the encryption of the data M_ of block of text without encryption; encrypt at least clear text block data of the second clear text N data after storing the module output block Ti data to be used to encrypt the data? +? of block of text without encryption; and enter the module output block data T_ that will be used to encrypt the M_ + data? of unencrypted text block stored in the memory after encrypting at least the unencrypted text block data of the second text N data without 125 encrypt and encrypt the data My unencrypted text block of the first M data of unencrypted text using the encryption module.

24. An encryption apparatus that encrypts unencrypted text data that includes at least unencrypted text block data and generates a message authentication code (MAC) to ensure the integrity of the encrypted text data, the encryption device comprises: an encryption unit, having a first feedback circuit for feedback to the module output block data Ti transferred from the encryption module to the encryption module when the unencrypted text block data is encrypted by the encryption unit. encryption, to transfer the text data without encryption, perform the encryption process by feedback the module output block T_ data through the first feedback loop and transfer the encrypted text block data; a MAC generator, which has a second feedback loop to feed back an intermediate, computed MAC result, to transfer the encrypted text block data whenever it wants to. the encrypted text block data is transferred from the encryption unit, processing the data, feeding back the intermediate MAC result, computed, through a second feedback loop and generating the MAC to ensure the integrity of the encrypted text data .

25. The encryption apparatus according to claim 24, wherein the encryption unit and the MAC generator share an encryption module and a feedback circuit for alternately performing the encryption process and a MAC generation process, and wherein the feedback circuit includes: a memory for storing and transferring, respectively, the results of the encryption process and the MAC generation process; and a selector to alternately select the results of the encryption process and the MAC generation process of the memory to alternately perform the encryption process and the MAC generation process.

26. An encryption method for encrypting unencrypted text data that includes at least 127 data unencrypted text block in encrypted text data using an encryption unit and generating a message authentication code (MAC) by ensuring the integrity of the encrypted text data, comprising: an encryption step, which has a first step of feedback to feedback the module output block data Ti transferred from an encryption module when the unencrypted text block data is encrypted, to transfer the text block data without encryption, to perform an encryption process when feedback is received. Ti data of module output block through a first feedback circuit and transfer data of encrypted text block; and a MAC generation step, which has a second feedback step to feed back an intermediate, computed MAC result to enter the encrypted text block data whenever the encrypted text block data is transferred from the pass of encryption, process the data, feed back the intermediate MAC result, computed through the second feedback step, and generate the MAC to ensure the integrity of the encrypted text data. 128

27. A decryption apparatus decrypting encrypted text C data including Ci data (i = 1, 2, 3, ...) of encrypted text block and encrypted text D data including data D-, (j = 1 , 2, 3, ...), of the encrypted text block, the decryption apparatus comprises: a mechanism for receiving a request to decrypt the encrypted text data D during a decryption process of the encrypted text data C; a decryption module for transferring the decrypted data as data Ti from module output block; a feedback circuit for feedback of the module output block data Ti transferred from the decryption module to the decryption module through a feedback line; a memory, provided in parallel with the feedback loop of the feedback circuit, to receive a request to decrypt the data D of the encrypted text and store the feedback module output block data Ti in case the data Cx +? of encrypted text blocks are not decrypted subsequent to the 129 Ci data of encrypted text block so that the decryption process of any of the encrypted text block data of the encrypted text data D is initiated; and a selector for selecting and supplying the feedback module output block data Ti through the feedback loop of the feedback circuit to the feedback circuit in case the data C? +? Encrypted text blocks are decrypted subsequent to the C_ text of the encrypted text block, and to select and supply the Tx data of the output block of the module stored in the memory to supply the feedback circuit in case the data C1 +? of encrypted text block are not decrypted subsequent to the Ci data of the encrypted text block and the Ci + data? of encrypted text block are decrypted after any of the encrypted text block data of the encrypted text data D is decrypted.

28. The decryption apparatus according to claim 27, where the memory includes: plural records that correspond to plural data of encrypted text; and 130 a switch for switching the plural registers corresponding to the encrypted text data to be decrypted.

29. A decryption method comprising the steps of: decrypting data C_ (i = 1, 2, 3, ...) of encrypted text block of the first C data of ciphertext using the data Ti (i = 1, 2, 3, ...) of module output block transferred from a decryption module; store the module output block T_ data that will be used to decrypt the C1 + data? encrypted text of the first C data of encrypted text in a memory during or after a process of decrypting the data C_ of block of text ci frado; decrypting at least the data from the encrypted text block of the second encrypted text data D after storing the module output block T_ data to be used to decrypt the data C1 +? of text block encrypted in memory; and decipher the C_ + data? of encrypted text block of the first C data of encrypted text using the decryption module when entering the module output block Tx data to be used for the data C? +? of the encrypted text block stored in the memory after decrypting at least the encrypted text block data of the second D data of encrypted text.

30. A decryption apparatus decrypting encrypted text data including at least one text block data encrypted in encrypted text data using a decryption module and generating a message authentication code (MAC) to ensure the integrity of the data of encrypted text, the decryption apparatus comprises: a decryption unit having a first feedback circuit for feedback of data Ci of encrypted text block transferred from the decryption unit to the decryption unit when the encrypted text block data is decrypted by the decryption unit, to enter the encrypted text data, perform a decryption process by feedback the module output block data Ti through the first feedback circuit, and transfer the encrypted text block data; a message authentication code generator (MAC) having a second circuit of 132 feedback to feedback a computed intermediate MAC result, to enter the encrypted text block data identical to the encrypted text block data entered into the decryption unit, process the data, feed back the intermediate MAC results, computed through the second feedback loop and generate the MAC to ensure the integrity of the encrypted text data.

31. The decryption apparatus according to claim 30, wherein the decryption unit and the MAC generator share a decryption module of a feedback circuit to alternately perform the decryption process and a MAC generation process, and wherein the feedback circuit includes: a memory for respectively storing and transferring the results of the decryption process and the MAC generation process; and a selector to alternatively select the results of the decryption process and the MAC generation process of the memory to alternately perform the decryption process 133 and the MAC generation process.

32. A decryption method for decrypting the encrypted text data including at least one text block data encrypted in clear text data using a decryption unit generating a message authentication code (MAC) to ensure the integrity of the data of encrypted text, the decryption method comprises: a decryption step, which has a first feedback step to feed back the data Ci of the encrypted text block, to enter the data of the encrypted text block, performing a decryption process of the Ci data of encrypted text block fed back through the first feedback loop and transfer the text block data unencrypted; and a MAC generation step, which has a second feedback step to feed back an intermediate, computed MAC result, to input the encrypted text block data identical to the encrypted text block data input to the decryption step, to process the data to transfer the intermediate MAC result, computed, feedback the intermediate MAC result, computed through the second step of 134 feedback, and generate the MAC to ensure the integrity of the encrypted text data.

33. A computer-readable storage medium that stores a program for making a computer execute steps for the encryption method described in claim 7.

34. A computer-readable storage medium that stores a program to make a computer run steps for the encryption method described in claim 10.

35. A computer-readable storage medium that stores a program for causing a computer to execute steps for the decryption method described in claim 17.

36. A readable storage medium by computer storing a program for causing a computer to execute steps for the decryption method described in claim 20.

37. A computer-readable storage medium that stores a program to cause a computer to execute steps for the encryption method described in claim 23.

38. A storage medium computer-readable information that stores a program to make a computer execute steps for the method of encryption described in claim 26.

39. A computer-readable storage medium that stores a program for causing a computer to execute steps for the decryption method described in claim 29.

40. A computer-readable storage medium that stores a computer. program for causing a computer to execute steps for the decryption method described in claim 32.

41. The encryption apparatus according to claim 1, wherein the encryption process is performed using the algorithm decrypted in blocks.

42. The decryption apparatus according to claim 11, wherein the decryption process is performed using the block decrypted algorithm.

43. The encryption apparatus according to claim 1, wherein the memory stores an intermediate encryption result of the first processing data and an encryption key to be used to encrypt the first processing data as the state of the encryption. encryption process.

44. The decryption apparatus according to claim 11, wherein the memory stores a 136 result of intermediate decryption in the second processing data and an encryption key to be used to decrypt the second processing data as the state of the decryption process.

45. An encryption apparatus comprising: an encryption unit for transferring data to encrypt and transfer the encrypted data; and a message authentication code (MAC) generator for entering the encrypted data transferred from the encryption unit and generating a MAC to ensure the integrity of the encrypted data and where the MAC generator initiates MAC generation before the end of the encryption of the data by the encryption unit.

46. A decryption apparatus comprising: a decryption unit for entering data for decrypting and transferring decrypted data; and a message authentication code (MAC) generator for entering the decrypted data transferred from the decryption unit and 137 generating a MAC to ensure the integrity of the encrypted data, and wherein the MAC generator initiates the generation of the MAC before the end of the decryption of the data by the decryption unit.

47. An encryption method comprising: an encryption step for transferring data to encrypt and transfer the encrypted data; and a MAC generation step for transferring the encrypted data transferred from the encryption step and generating a MAC to ensure the integrity of the encrypted data, and wherein the MAC generation step initiates MAC generation before the end of the Encryption of the data by the encryption step.

48. A decryption method comprising: a decryption step to enter the data to decrypt and transfer the decrypted data; and a MAC generation step for transferring the decrypted data transferred from the decryption step and generating a MAC to ensure the integrity of the encrypted data, and wherein the MAC generation step initiates the generation of the MAC before the end of the decryption of the data by the decryption step.

49. A computer-readable storage medium storing a program for a computer to execute steps for the encryption method described in claim 47.

50. A computer-readable storage medium that stores a program to make a computer run steps for the decryption method described in claim 48.