JP2000019959A - Cipher communication system, cipher communication method and storage medium recording cipher communication program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a cipher communication system capable of decrypting encrypted ciphers and reducing the cost for management and distribution of keys by providing the system with a key formation means, an encryption means for forming ciphertext by encryption of plaintext and transmitting the formed ciphertext and a cryptoanalysis means for cryptoanalyzing the transmitted ciphertext. SOLUTION: An encryption section 143 forms the ciphertext by encrypting the plaintext read out by using a prescribed encryption algorithm and outputs an instruction for starting the cipher transmission to a transmission and reception section 145. The key formation section 112 of a cryptoanalysis device 110 of a level 1 outputs a calculated integer b1 as a decryption key to a data storage section 114, outputs an integer a1 as an encryption key and the calculated n1 to a transmission and reception section 111 and transmits the decryption key, etc., through the communication circuit 161 to the key formation section 112 of the cryptoanalysis device 110 of the level 1. A cryptoanalysis section 123 forms the common key by using the decryption key 127 received from an input section 125 and the cipher common key, cryptoanalyzes the ciphertext by using the formed common key and forms the plaintext.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a cryptographic communication system for transmitting a ciphertext generated using a publicly available encryption key and decrypting the transmitted ciphertext using a decryption key.
The present invention relates to an encryption communication method and a recording medium on which an encryption communication program is recorded.

[0002]

2. Description of the Related Art In recent years, various encryption schemes have been proposed in order to enhance communication security. As shown below, there are two main types of encryption schemes. The sender and receiver have a common secret key, the sender encrypts with that key, and the receiver decrypts with the same key, and the sender and receiver have different keys, and the sender is public This is a public key system in which the receiver encrypts with a given encryption key and decrypts the receiver with a decryption key known only to him / her. The methods included in the common key method include DES (Data EncryptionSt).
and FEAL (Fast Data En)
chipAlgorithm) and IDEA
(International DataEncrypt
and the public key method includes RSA and ElGamal methods described later. In general, encryption and decryption by the common key method can be performed at high speed because of a small amount of calculation, and encryption and decryption by the public key method are slow because of the large amount of calculation. Also, in the common key method, both the sender and the receiver must have a secret key.To ensure that both parties have the same key, the key must be delivered so that it cannot be eavesdropped on by a third party prior to encrypted communication. There must be. On the other hand, in the public key method, the encryption key is open to the public, and the receiver only has to manage the secret key. Therefore, the latter is more advantageous in terms of security. Therefore,
PGP (Pretty Good P) which is one of computer programs used for encrypted communication using the Internet and providing a security function to e-mail.
In the case of “live”, the text itself is encrypted by a common key method (IDEA), but the common key is distributed by a public key method (RSA). For example, a method combining a common key and a public key is used. Can be

[0003] In the following, "A method of ob
taining digitalsignatures
and public key cryptosystems
tems "(RL Riverst, A. Sharmi
r and L.L. Adleman, Comm. of
ACM Magazine, Feb, 1978) and US Patent 4,40.
5 and 829 show an example of an RSA encryption system. The RSA scheme is a public key scheme based on the difficulty of factoring integers. For any prime numbers p and q, an integer n that satisfies (Equation 1) n = p * q is determined, and its Euler function is defined as φ (n). (Equation 2) φ (n) = (p−1 ) * (Q-1). Here, the Euler function φ (n) is the total number of integers less than or equal to n and relatively prime to n. At this time, the integers a and b satisfying a * b≡1 (mod (φ (n)) are defined as an encryption key and a decryption key, respectively. ciphertext y is obtained. (equation ^{4) y ≡ x a (mod} n) ciphertext y is decrypted by (equation 5), the plaintext z is obtained. (5) z ≡ y ^b (mod n) thus The obtained plaintext z is the same as the plaintext x.

[0004] The reason why the plaintext z becomes equal to the plaintext x will be briefly described below. According to Euler's theorem, if a and q are relatively prime, then

[Equation 14] So that

(Equation 15) It is. Here, (Equation 8) Since a * b = 1 + k * φ (n),

(Equation 16) And

[Equation 17] Becomes Therefore, plaintext Z is equal to plaintext X.

[0005] In this manner, encryption and decryption can be performed by the RSA method. FIG. 13 shows a case where the sender of the ciphertext transmits the same text after encrypting the same text to a plurality of recipients.
As shown in, using the cryptogram 1604 generated by encrypting the text using the common key K, the encryption key transmitted from a plurality of receivers a _1, a _2, · · ·, the a _n, a common A plurality of ciphertexts 1601, 1602,... Generated by encrypting the key K;
.., And 1603 to each recipient. As described above, since the public key method requires a large amount of calculation for encryption and decryption, the entire text is rarely encrypted with the public key. In PGP, the text itself is encrypted using IEDA, which is a common key method, and only the common key is used for RDA.
Encrypt by SA. As a result, the cost of encryption can be reduced, and the problem that occurs when the common key is delivered is also solved.

[0006]

As described above, the use of the above-mentioned conventional public key cryptosystem can reduce the cost of encryption and solve the problems that occur when the common key is delivered. However, when sending ciphertext to multiple levels of recipients who have hierarchical decryption authority, it is necessary to encrypt the common key by the number of recipients and add it to the ciphertext of the text before sending it There is a problem. Here, the hierarchical decryption authority means that a receiver belonging to a higher level can decrypt a ciphertext transmitted to a lower-level recipient using his / her own decryption key. For example, when a company organization sends ciphertexts to multiple recipients who have a relationship between a boss and a subordinate, the boss decrypts the ciphertext created for the subordinate using an encryption key that the subordinate can decrypt. Say something that can be decrypted using a key. The present invention has been made in view of the above problems, and in the case of transmitting ciphertext to a plurality of levels of recipients having hierarchical decryption authority, using a decryption key of an upper level recipient, a lower level recipient It is an object of the present invention to provide a cryptographic communication system, a cryptographic communication method, and a recording medium on which a cryptographic communication program can be decrypted, which can decrypt a code encrypted using the cryptographic key, and can reduce the key management and distribution costs.

[0007]

In order to achieve the above object, the present invention transmits a cipher text generated using a publicly available encryption key, and transmits the cipher text using a decryption key. A ciphertext encrypted using a first level of encryption key based on a predetermined operation, wherein a ciphertext equal to or higher than said first level. Key generation means for generating an encryption key and a decryption key comprising a plurality of levels that can be decrypted using a decryption key of a level, and transmitting the generated encryption key comprising the plurality of levels; Encrypting means for receiving the encryption key, encrypting the plaintext using the third-level encryption key among the received encryption keys to generate a ciphertext, and transmitting the generated ciphertext; Using a fourth level decryption key among the generated decryption keys, If serial fourth level is higher than or equal to the third level, characterized in that it comprises a decoding means for decoding the transmitted ciphertext.

Here, the key generation means determines a level 1 encryption key a ₁ and a decryption key b _{1 according} to the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ -1) × (q ₁ -1), and the level i (i>
The decryption key b _i 1), was determined by the following equation,

(Equation 18) The encryption key a _i of level i (i> 1) is determined by the following equation, and a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and the encryption unit encrypts the plain text x by the following formula to generate a cipher text y,

[Equation 19] Here, a _i is an encryption key of level i, and n _i =
p _i × q _i and outputs a level i, and the decryption means receives the level i from the encryption means, decrypts the cipher text y by the following equation to generate a plain text z,

(Equation 20) Here, b _j is the encryption key levels j (j ≧ i), may be the _{n i = p i × q i} .

Further, the present invention provides a cryptographic communication system comprising L different-level decryption devices for generating an encryption key and a decryption key and decrypting a ciphertext, and an encryption device for generating a ciphertext. In the system, a level 1 decryption device determines a level 1 encryption key a ₁ and a decryption key b _{1 according} to the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ −1) × (q ₁ −1), and transmits the determined encryption key a ₁ to the encryption device and determines the determined decryption key b ₁
And φ (n ₁ ) are output to a level 2 decryption device, and a level 1 key generation unit and a decryption unit are provided.
The decryption device of i <L) determines the decryption key bi of level _i by the following equation:

(Equation 21) A level i encryption key a _i is determined by the following equation: a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and transmits the determined encryption key a _i to the encryption device and determines the determined decryption key b.
a level i key generating means for outputting _i , φ (n ₁ ), φ (n ₂ ),..., φ (n _i ) to a level i + 1 decryption device, and decryption means; The apparatus determines a level L decryption key b _L by the following equation:

(Equation 22) A level L encryption key a _L is determined by the following equation: a _L × b _L １ 1 (mod φ (n _L )
Here, for any prime numbers p _L and q _L , φ (n _L ) =
(P _L −1) × (q _L −1), comprising: a level L key generation unit that transmits the determined encryption key a _L to the encryption device; and a decryption unit. , Encrypts the plaintext x by the following formula to generate a ciphertext y,

(Equation 23) Here, a _m is an encryption key of the level m (1 ≦ m ≦ L) , a _{n m = p m × q m} , comprises an encryption means for outputting a level m, the level from said level 1 L, the decryption means receives the level m from the encryption means, decrypts the ciphertext y by the following equation to generate a plaintext z,

(Equation 24) Here, b _j is the encryption key levels j (j ≧ m), characterized in that it is a _{n m = p m × q m} .

[0010] Further, according to the present invention, an encryption key and a decryption key are used.
Key generation device for generating and encryption device for generating ciphertext
And L different levels of decryption devices for decrypting ciphertexts
A cryptographic communication system comprising:
The device has a level 1 encryption key a ₁ And decryption key b₁ And
Determined by the following formula, a₁ × b₁  ≡ 1 (mod φ (n₁ )
 ), Where any prime p₁ , Q₁ For φ (n₁ ) =
(P₁ -1) × (q₁ -1) and level i (1 <i
<L) decryption key b_i Is determined by the following equation,

(Equation 25) A level i encryption key a _i is determined by the following equation: a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and transmits the determined encryption keys a ₁ , a ₂ ,..., A _L to the encryption device, and determines the determined decryption key b. _1, b _2, ..., respectively b _L, level 1, level 2, ..., includes a key generation unit for outputting to the decrypted device level L, the encryption device, a plain text x using the following equation Encrypt to generate a ciphertext y,

(Equation 26) Here, a _m is an encryption key of levels m, n _m =
p _m × q _m , comprising an encryption means for outputting a level m, wherein the level 1 to level L decryption device receives the level m from the encryption means and decrypts the cipher text y by the following equation. To generate plaintext z,

[Equation 27] Here, b _j is the encryption key levels j (j ≧ m), characterized in that it comprises a decoding means is _{n m = p m × q m} .

[0011]

BEST MODE FOR CARRYING OUT THE INVENTION First Embodiment Cryptographic communication system 1 according to one embodiment of the present invention
00 will be described with reference to the drawings. As shown in FIG. 1, the cryptographic communication system 100
, The decryption device 12 at level i
, 0,..., Level L decryption device 130, encryption device 140, communication lines 151,.
153, communication lines 161,..., 162, 163,
.., 164. Communication line 161,
, 162, 163, ..., 164 are special communication lines in which communication contents are not eavesdropped by a third party during communication. For example, a line provided exclusively without passing through a public network. Here, each decryption device has a hierarchical decryption authority, and a recipient using a higher-level decryption device has:
Using the decryption key assigned to oneself, the ciphertext sent to oneself and the ciphertext sent to lower-level recipients can be decrypted.

1.1 Configuration of Encryption Device 140 The encryption device 140 includes an input unit 141, a display unit 142, an encryption unit 143, a data storage unit 144, and a transmission / reception unit 145. The transmission / reception unit 145 includes a communication line 151,.
, 152,..., 153, the transmission / reception units 111,... Of the level 1 decryption device 110, the transmission / reception units 121 of the level i decryption device 120,. The transmission / reception unit 131 of the device 130 is connected.

1.1.1 Input Unit 141 The input unit 141 receives an input of an encryption key display request from the sender of the ciphertext, and outputs the display request to the display unit 142. The input unit 141 receives the plaintext X1 from the sender of the ciphertext.
49, and the received plaintext X149 is output to the data storage unit 144. Further, the input unit 141 receives a request 172 for transmitting a ciphertext generated by encrypting a plaintext from the sender of the ciphertext, an encryption key 147, and an encryption key 14.
7 and an input of the common key K171, and outputs the received request 172, the encryption key 147, the level I170 of the encryption key 147, and the common key K171 to the encryption unit 143.

1.1.2 Display Unit 142 The display unit 142 receives an encryption key display request from the input unit 141. When the display unit 142 receives the display request of the encryption key from the input unit 141, the display unit 142 transmits the encryption keys a ₁ 201 and a ₂ 20 from the data storage unit 144.
, A _L 206 are read, and the read encryption keys a ₁ 201, a ₂ 202,..., A _L 206 are displayed as encryption keys 148.

1.1.3 Data Storage Unit 144 The data storage unit 144 receives the encryption key a from the transmission / reception unit 145.
_{1 201, a 2 202, ···} , a and _{L 206, n 1 212, n} 2 213 to be described later, ..., receives the n _L 214, received encryption key a ₁ 201, a ₂ 202,
..., a _L 206, n ₁ 212, n ₂ 213, ...
, N _L 214, and receives the ciphertext Y209 from the encryption unit 143, and stores the received ciphertext Y209. The data storage unit 144 receives the level I210 and the encrypted common key K′211 from the encryption unit 143, and receives the received level I210 and the encrypted common key K′21.
1 is stored. Also, the data storage unit 144 stores the input unit 1
Receives plaintext X208 from 41 and receives plaintext X2
08 is stored. FIG. 2 shows the contents stored in the data storage unit 144.

1.1.4 Encryption Unit 143 The encryption unit 143 encrypts a plaintext from the input unit 141 and transmits a request 172 to transmit the generated encrypted text, and an encryption key 147.
And the level I170 of the encryption key 147 and the common key K17
1 and receive. A request 172 for encrypting the plaintext from the input unit 141 and transmitting the generated encrypted text.
, An encryption key 147, and a level I17 of the encryption key 147
0 and the common key K171, the encryption unit 143
Is the plaintext X208 from the data storage unit 144 and the level I
Reads the n _i corresponding to 170, the common key K171 said received using a predetermined encryption algorithm, encryption to encrypt the read plaintext X208 sentence Y20
9 is generated.

Next, the encryption unit 143 calculates an encrypted common key K ′ 211 that satisfies the following equation.

[Equation 28] Here, A _i is the received encryption key 147. Further, encryption section 143 outputs an instruction to start encryption transmission to transmission / reception section 145. Further, the encryption unit 143
Outputs the level I 170, the encrypted common key K ′ 211, and the cipher text Y to the data storage unit 144.

1.1.5 Transmitting / Receiving Unit 145 The transmitting / receiving unit 145 transmits and receives the level 1 decryption device 110
, The transmission and reception of the decryption device 120 of level i
.., The transmission and reception of the level L decryption device 130
From the unit 131, the encryption key a₁201, ...
・, Encryption key a_i204,..., Encryption key a₁206
And n₁212, n_Two213,..., N _L214 and
Received and received encryption key a₁201, ..., dark
Encryption key a_i204,..., Encryption key a_L 206 and n
₁212, n_Two213,..., N _L214 and data
Output to the storage unit 144. Also, the transmitting / receiving unit 145
An encryption transmission start instruction is received from the encryption unit 143. Sending and receiving
The communication unit 145 issues an instruction to start encryption transmission from the encryption unit 143.
Upon receipt, the transmission / reception unit 145
Level I210, encrypted common key K'211 and ciphertext
Y209 is read, and the read level I210, encryption
The encrypted common key K'211 and the ciphertext Y209 to the level I21
The data is transmitted to the transmission / reception unit of the decryption device specified by “0”.

1.2 Level 1 Decryption Device 110 The level 1 decryption device 110 includes a transmission / reception unit 111, a key creation unit 112, a decryption unit 113, a data storage unit 114, an input unit 115, and a display unit 116. Transmitting / receiving unit 111
Is connected to the transmission / reception unit 145 of the encryption device 140 via the communication line 151, and the key generation unit 112 is connected to the key generation unit of the level-2 decryption device (not shown) via the communication line 161. Is connected to

1.2.1 Key Generation Unit 112 The key generation unit 112 generates a level 1 encryption key a ₁ and a level 1 decryption key b ₁ as described below. The key generation unit 112 selects any two prime numbers p ₁ and q ₁ , and (expression 12) n ₁ = p ₁ × q ₁ and (expression 13) φ (n ₁ ) = (p ₁ −1) × (Q ₁ −1), is used to calculate n ₁ and φ (n ₁ ). Then, key generator 112, selects any integer a _1, by the extended Euclidean algorithm, calculates the integer b ₁ to be (Equation _{14) a 1 × b 1 ≡} 1 (mod φ (n 1)). Since the extended Euclidean algorithm is known, its description is omitted. The extended Euclidean algorithm is described as a modern cryptographic theory pp17-1 as a mutual aid method of the extended Euclidean algorithm.
8 (IEICE, published in 1987). The key creation unit 112 outputs the calculated integer b ₁ to the data storage unit 114 as the decryption key 611, and outputs the integer a ₁ as the encryption key and the calculated n ₁ to the transmission / reception unit 111. The decryption key b ₁ 611 and the calculated φ
(N ₁ ) is transmitted to the key generation unit of the level-2 decryption device via the communication line 161.

1.2.2 Transmission / Reception Unit 111 The transmission / reception unit 111 transmits the encryption key a ₁ output from the key generation unit 112 and the calculated n ₁ to the transmission / reception unit 145 of the encryption device 140. Further, the transmission / reception unit 111 receives the ciphertext Y614, the encrypted common key K'613, and the level I612 transmitted from the transmission / reception unit 145 of the encryption device 140, and receives the received ciphertext Y614 and the encrypted common key K '.
613 and the level I 612 are output to the data storage unit 114.

1.2.3 Data Storage Unit 114 The data storage unit 114 receives the decryption key b ₁ 611 output from the key creation unit 112, and receives the decryption key b
₁ 611 is stored. Further, the data storage unit 114 receives the ciphertext Y614, the encrypted common key K'613, and the level I612 output from the transmitting / receiving unit 111, and receives the received ciphertext Y614, the encrypted common key K'613, and the level I612. Is stored. FIG. 3 shows the contents 610 stored in the data storage unit 114. The content 610 includes the decryption key b
₁ 611, level I 612, encrypted common key K'613,
Ciphertext Y614, n ₁ 616 is included. Further, the data storage unit 114 stores plain text (not shown) output from the decryption unit 113.

1.2.4 Decryption Unit 113 The decryption unit 113 receives the decryption key 117 from the input unit 115. Moreover, when the decryption unit 113 receives the decryption key 117 from the input unit 115, decryption unit 113 encrypts the common key stored in the data storage unit 114 K'613, reads the ciphertext Y614, n ₁ 616. Next, the decryption unit 11
3 uses the decryption key 117, the encrypted common key K ′ 613, and n ₁ 616 received from the input unit 115 to generate a common key K ″ that satisfies the following equation: (Equation 15) K ″ { K ′ ＾ B ₁ (mod (n ₁ )) Here, B ₁ is the decryption key 117.

If a decryption key that does not correspond to the encryption key obtained by encrypting the encryption common key K ′ 613 is used to generate the common key K ″, an incorrect common key K ″ is generated. . Further, the decryption unit 113 decrypts the ciphertext Y614 using the generated common key K ″ to generate a plaintext Z.
At this time, if an incorrect common key K ″ is used, a meaningless plaintext Z is generated. The decryption unit 113 outputs the generated plaintext Z to the data storage unit 114.

1.2.5 Input Unit 115 The input unit 115 receives an input of a display request for a level 1 decryption key from a level 1 recipient, and sends the display request to the display unit 1.
16 is output. Also, the input unit 115 receives an input of the decryption key 117 from the level 1 recipient and outputs the received decryption key 117 to the decryption unit 113.

1.2.6 Display Unit 116 The display unit 116 receives a display request for the level 1 decryption key from the input unit 115. The display unit 116 is an input unit 115
When receiving a display request of the decoding key from level 1, the display unit 116 reads the decryption key b ₁ 611 from the data storage unit 114, the read decryption key b ₁ 611
Is displayed as the decryption key 118.

1.3 Level i Decryption Device 120 The level i decryption device 120 includes a transmission / reception unit 121, a key creation unit 122, a decryption unit 123, a data storage unit 124, an input unit 125, and a display unit 126. Transmitting / receiving section 121
Is connected to the transmission / reception unit 145 of the encryption device 140 via the communication line 152, and the key generation unit 122 transmits the level (i-
It is connected to the key generation unit of the decryption device of 1), and is connected to the key generation unit of the level (i + 1) decryption device (not shown) via the communication line 163. Here, 1 <i <
L, and the following description is applied to a decoding device of level 2 or higher and lower than level L.

[0028] 1.3.1 key generator 122 key generation unit 122, as described below, to generate a decryption key b _i encryption key a _i and level i of level i. The key creation unit 122 selects any two prime numbers p _i and q _i , and (Equation 16) _ni = p _i × q _i , and (Equation 17) φ (n _i ) = (p _i −1) × (q _i -1), is used to calculate the n _i and phi (n _i). Next, the key creation unit 122

(Equation 29) Is calculated (step S904), and then the key generation unit 122
Calculates an integer a _i that satisfies (Equation 19) a _i × b _i １ 1 (mod φ (n _i )) by an extended Euclidean algorithm. The key creation unit 122 uses the calculated integer b _i as the decryption key 641
4 and an integer a _i as the encryption key and the calculated n
_i to the transmission / reception unit 121 and outputs the decryption key b _i 64
Φ (n ₁ ), φ (n ₂ ),..., Φ calculated as ₁
(N _i ) via communication line 161 to level i + 1
To the key generation unit of the decryption device.

[0029] 1.3.2 transceiver 121 transmitting and receiving unit 121, and n _i and the calculated encryption key a _i outputted from the key generator 122, and transmits to the transceiver unit 145 of the encryption device 140. The transmitting / receiving section 121 receives the ciphertext Y644, the encrypted common key K'643, and the level I642 transmitted from the transmitting / receiving section 145 of the encryption device 140, and receives the received ciphertext Y644 and the encrypted common key K '.
643 and the level I642 are output to the data storage unit 124.

[0030] 1.3.3 Data storage unit 124 data storing unit 124 receives the decryption key b _i 641 outputted from the key generator 122, a decryption key b received
_i 641 is stored. The data storage unit 124 receives the ciphertext Y644, the encryption common key K'643, and the level I642 output from the transmission / reception unit 121, and receives the received ciphertext Y644, the encryption common key K'643, the level I642, Is stored. FIG. 3 shows the contents 640 stored in the data storage unit 124. The content 640 includes the decryption key b
_i 641, level I 642, encryption common key K′643,
A ciphertext Y644, a plaintext Z645, and n _i 646 are included.

1.3.4 Decryption Unit 123 The decryption unit 123 receives the decryption key 127 from the input unit 125. Moreover, when the decryption unit 123 receives the decryption key 127 from the input unit 125, decryption unit 123 encrypts the common key stored in the data storage unit 124 K'643, I read the ciphertext Y644, n _i 646. Next, the decryption unit 12
3 uses the decryption key 127, the encrypted common key K'643, and the n _i 646 received from the input unit 125 to generate a common key K ″ satisfying the following expression.

[Equation 30] Here, _Bi is the decryption key 127.

If a decryption key that does not correspond to the encryption key obtained by encrypting the encryption common key K'643 is used to generate the common key K ", an incorrect common key K" is generated. . Further, the decryption unit 123 decrypts the ciphertext Y644 using the generated common key K ″ to generate a plaintext Z645. At this time, if an incorrect common key K ″ is used, No plaintext Z is generated. The decryption unit 123
The generated plaintext Z645 is output to the data storage unit 124.

1.3.5 Input Unit 125 The input unit 125 receives an input of a request for displaying the decryption key of level i from the receiver of level i, and sends the display request to the display unit 1.
26. Also, the input unit 125 receives an input of the decryption key 127 from the recipient at the level i, and outputs the received decryption key 127 to the decryption unit 123.

1.3.6 Display Unit 126 The display unit 126 receives from the input unit 125 a request to display a level i decryption key. The display unit 126 is an input unit 125
When receiving a display request of the decoding key level i from the display unit 126 reads the decryption key b _i 641 from the data storage unit 124, the read decryption key b _i 641
Is displayed as the decryption key 128.

1.4 Level L Decryption Device 130 The level L decryption device 130 includes a transmission / reception unit 131, a key creation unit 132, a decryption unit 133, a data storage unit 134, an input unit 135, and a display unit 136. Transmitting / receiving unit 131
Is connected to the transmission / reception unit 145 of the encryption device 140 via the communication line 153, and the key generation unit 132 transmits the level (L-
It is connected to the key generation unit of the decryption device of 1).

1.4.1 Key Creation Unit 132 The key creation unit 132 generates a level L encryption key a _L and a level L decryption key b _L as described below. The key creation unit 132 selects any two prime numbers p _L and q _L , and (Expression 21) n _L = p _L × q _L , and (Expression 22) φ (n _L ) = (p _L −1) × (Q _L −1), is used to calculate n _L and φ (n _L ),

(Equation 31) Is calculated. Next, the key creation unit 132 calculates an integer a _L that satisfies (Equation 24) a _L × b _L １ 1 (mod φ (n _L )) by the extended Euclidean algorithm. The key creation unit 132 uses the calculated integer b _L as the decryption key
4 and an integer a _L as the encryption key and the calculated n
_{And L} to the transmission / reception unit 131.

1.4.2 Transmission / Reception Unit 131 The transmission / reception unit 131 transmits the encryption key a _L output from the key creation unit 132 and the calculated n _L to the transmission / reception unit 145 of the encryption device 140. The transmitting / receiving unit 131 receives the ciphertext Y664, the encrypted common key K'663, and the level I662 transmitted from the transmitting / receiving unit 145 of the encryption device 140, and receives the received ciphertext Y664 and the encrypted common key K '.
663 and the level I662 are output to the data storage unit 134.

1.4.3 Data Storage Unit 134 The data storage unit 134 receives the decryption key b _L 661 output from the key creation unit 132, and receives the received decryption key b _L 661.
_L 661 is stored. Further, the data storage unit 134 receives the encrypted text Y664, the encrypted common key K′663, and the level I662 output from the transmitting / receiving unit 131, and receives the received encrypted text Y664, the encrypted common key K′663, and the level I662. Is stored. FIG. 3 shows the contents 660 stored in the data storage unit 134. The content 660 includes the decryption key b
_L 661, level I662, encrypted common key K'663,
Ciphertext Y664, include plain text Z665, n _L 666.

1.4.4 Decryption Unit 133 The decryption unit 133 receives the decryption key 137 from the input unit 135. Moreover, when the decryption unit 133 receives the decryption key 137 from the input unit 135, decryption unit 133 encrypts the common key stored in the data storage unit 134 K'663, reads the ciphertext Y664, n _L 666. Next, the decryption unit 13
3 uses the decryption key 137, the encrypted common key K'663, and the n _L 666 received from the input unit 135 to generate a common key K ″ that satisfies the following equation: (Equation 25) K ″ { K ′ ＾ B _L (mod (n _L )) Here, B _L is the decryption key 137.

If a decryption key that does not correspond to the encryption key obtained by encrypting the encryption common key K'663 is used to generate the common key K ", an incorrect common key K" is generated. . Further, the decryption unit 133 decrypts the ciphertext Y664 using the generated common key K ″ to generate a plaintext Z665. At this time, if an incorrect common key K ″ is used, the No plaintext Z is generated. The decryption unit 133
The generated plaintext Z665 is output to the data storage unit 134.

1.4.5 Input Unit 135 The input unit 135 receives an input of a request for displaying a level L decryption key from a receiver of level L, and sends the display request to the display unit 1.
36. Further, the input unit 135 receives an input of the decryption key 137 from the receiver at the level L, and outputs the received decryption key 137 to the decryption unit 133.

1.4.6 Display Unit 136 The display unit 136 receives a request to display a level L decryption key from the input unit 135. The display unit 136 is connected to the input unit 135.
When receiving a display request of the decoding key level L from the display unit 136 reads the decryption key b _L 661 from the data storage unit 134, the read decryption key b _L 661
Is displayed as the decryption key 138.

1.5 Operation of Cryptographic Communication System 100 The operation of creating a key, the operation of encryption, and the operation of decryption of the cryptographic communication system 1000 will be described. 1.5.1 Key Creation Operation Here, a key creation operation by the cryptographic communication system 100 will be described. In the cryptographic communication system 100,
As shown in the flowchart of FIG. 4, a key is created by the decryption device 110 of level 1 (step S70).
1) A key is created by the decryption device 120 at the level i from the level 2 to the level L-1 (steps S702 to S702).
In step S704, a key is created by the level-L decrypting device 130 (step S705). Next, the operation of generating a key by the decryption device at each level will be described.

(1) Operation of Key Creation by Level 1 Decryption Device 110 The level 1 decryption device 110 generates a key as shown in the flowchart of FIG. The key generation unit 112 of the level 1 decryption device 110
The key generation unit 112 selects any two prime numbers p ₁ and q ₁ (step S801), and (expression 26) n ₁ = p ₁ × q ₁ and (expression 27) φ (n ₁ ) = (p ₁ −1) × (q ₁ −1), is used to calculate n ₁ and φ (n ₁ ) (step S802). Next, the key creation unit 112 determines that any integer a ₁
The select (step S803), by the extended Euclidean algorithm, calculates the integer b ₁ to be (Equation _{28) a 1 × b 1 ≡} 1 (mod φ (n 1)) ( step S803).

The key creation unit 112 outputs the calculated integer b ₁ to the data storage unit 114 as the decryption key 611, and the data storage unit 114 stores the integer b ₁ (step S1).
805). The key generation unit 112 generates an integer a as an encryption key.
_The transmission unit 111 outputs ₁ and the calculated n ₁ to the transmission / reception unit 111, and the transmission / reception unit 111 transmits the integer a ₁ and the calculated n ₁ to the encryption device (step S806). Key creation unit 112
Transmits the decryption key b ₁ 611 and the calculated φ (n ₁ ) to the key generation unit of the level 2 decryption device via the communication line 161 (step S807).

(2) Operation of Generating Key by Decryption Device 120 of Level i The decryption device 120 of level i generates a key as shown in the flowchart of FIG. The key generation unit 122 outputs the integer b _i−1 and φ (n) from the key generation unit of the level i−1 decryption device.
₁ ), φ (n ₂ ),..., Φ (n _i-1 ) (step S901), and the key generation unit 122 selects any two prime numbers p _i and q _i (step S902). ), (formula _{29) n i = p i ×} q i and, (formula _{30) φ (n i) =} (p i -1) × (q i -1), with, n _i and phi (n _i ) and (Step S)
903),

(Equation 32) Is calculated (step S904), and the key generation unit 122 calculates an integer a _i that satisfies (expression 32) a _i × b _i ≡ 1 (mod φ (n _i )) by an extended Euclidean algorithm (step S905). .

Next, the key creation unit 122 calculates the calculated integer
b_iAs the decryption key 641 to the data storage unit 124
Then, the data storage unit 124 stores the decryption key 641
(Step S906). The key creation unit 122 sends the encryption key
Integer a_iCalculated as_iTo the transmitting / receiving unit 121
The transmitting and receiving unit 121 outputs the integer a_iCalculated as _i
Is transmitted to the encryption device 140 (step S90).
7). The key creation unit 122 calculates the decryption key b_i641
The released φ (n₁), Φ (n_Two),..., Φ (n _i)
Through the communication line 161 to decode the level i + 1
The key is transmitted to the key generation unit (step S908).

(3) Operation of Key Generation by Level L Decryption Device 130 The level L decryption device 130 generates a key as shown in the flowchart of FIG. Key generator 1
32 indicates the integer b _L-1 and φ (n ₁ ), φ (n ₂ ),..., Φ from the key generation unit of the level L-1 decryption device.
(N _{L -1} ) (step S1001), the key creation unit 132 selects any two prime numbers p _L and q _L (step S1002), and (Equation 33) n _L = p _L × q _L , And (Formula 34) φ (n _L ) = (p _L −1) × (q _L −1), to calculate n _L and φ (n _L ) (step S).
1003),

[Equation 33] Is calculated (step S1004).

Next, the key creation unit 132 calculates an integer a _L that satisfies (Equation 36) a _L × b _L １ 1 (mod φ (n _L )) by the extended Euclidean algorithm (step S1005). The key creation unit 132 converts the calculated integer b _L into a decryption key 661
Is output to the data storage unit 134, and the data storage unit 13
4 stores the integer b _L (step S1006). The key creation unit 132 outputs the integer a _L as the encryption key and the calculated n _L to the transmission / reception unit 131, and
Transmits the integer a _L and the calculated n _L to the encryption device 140 (step S1007).

1.5.2 Encryption Operation by Encrypting Apparatus 140 The following describes an encryption operation performed by the encrypting apparatus 140 with reference to the flowchart shown in FIG. The encryption unit 143 receives the level I170 of the encryption key 147 from the input unit 141 (Step S1101),
The common key K171 is received from the server 41 (step S110).
2). The encryption unit 143 reads the plaintext X208 and n _i corresponding to the level I170 from the data storage unit 144, and encrypts the read plaintext X208 using the received common key K171 using a predetermined encryption algorithm. To generate a ciphertext Y209 (step S110).
3). Next, the encryption unit 143 calculates an encrypted common key K′211 that satisfies the following equation (step S1).
104). (Equation 37) K '≡ K ^ A i (mod n i) Next, the encryption unit 143, level I170, and outputs the encrypted common key K'211, the ciphertext Y to the data storage unit 144, transceiver 145 sends these to the decryption device identified by level I170 (step S1104).

1.5.3 Encrypting Operation by Decryption Device Here, the operation of decryption of a ciphertext by the decryption device will be described with reference to the flowchart shown in FIG. Here, i takes a value from 1 to L, and the operation of decrypting the cipher text by the decryption device described below is performed by the level 1 decryption device 11.
This operation is common from 0 to the level L decoding device 130. In the following description, the elements of the level i decoding device 120 are used. The transmitting / receiving unit 121 transmits the level I, the encrypted common key K ′, the ciphertext Y, and _ni to the encryption device 1.
Received from 40 (step S1201), the data storage unit 124, the received level I, the encrypted common key K ', and stores the ciphertext Y, n _i (step S1202). Decryption unit 123 receives the decryption key 127 from the input unit 125, decryption unit 123 encrypts the common key K stored in the data storage unit 124 ', the ciphertext Y, with n _i, the following equation Is generated (step S120).
3). (Equation 38) K ″ ≡K ′ ＾ B _i (mod (n _i )) Here, _Bi is the decryption key 127. Next, the decryption unit 123 uses the generated common key K ″. And ciphertext Y6
44, and generates a plaintext Z645.
24 stores the plaintext Z (step S1204).

[0052] 1.6 plaintext Z by using the encryption key a _i at level i determined by the method described above proof that matches the plaintext X, the ciphertext Y of plaintext X is generated by encrypting
Can be decrypted using the decryption key b _j at level j where i ≦ j. This is proved correct by: (1) For i = j (Equation 39) Z ≡ Y ^ (b j) (mod n i) ≡ X ^ (a i · b j) (mod n i) ≡ X ^ (a i · b i) (mod n _i) = X

[0053] (2) i <For j (Equation 40) Z ≡ Y ^ (b j) at _{(mod n i) ≡ X ^} (a i b j) (mod n i) Here,

(Equation 34) So that

(Equation 35)

[Equation 36]

(37) In this way, it is proved that the plaintext Z matches the plaintext X.

1.7 Example of Two Hierarchical Levels Here, in the case of two hierarchical levels, generation of an encryption key and a decryption key by the key generation unit of the decryption device, and encryption unit of the encryption device Will be described using a specific example. Key generator of the level 1 decryption apparatus, as follows, to produce a cryptographic key a ₁ and decryption key b _1. Assuming that p ₁ = 3 and q ₁ = 53 as two prime numbers, Is obtained. As a ₁ and b ₁ , an encryption key a ₁ = 7 and a decryption key b ₁ = 15 are obtained.

Next, the key generation unit of the level 2 decryption apparatus
As it follows, to produce a cryptographic key a ₂ and decryption key b _2. Decryption key b ₂ is calculated as follows. Next, assuming that p ₂ = 11 and q ₂ = 37 as two prime numbers, As a ₂ as the encryption key a ₂ = 239 is obtained.

When encrypting plaintext X = 19, the encrypting unit of the encrypting apparatus uses n ₂ = 407 and encryption key a ₂ = 239 so that only the recipient of level 2 can decrypt it. . Therefore, the ciphertext Y can be calculated as follows. Y≡X ＾ 239 (mod 407) = 348 The decryption unit of the decryption apparatus at level 2 calculates the plaintext Z as follows using n ₂ = 407 and the decryption key b ₂ = 119. Z≡348 ＾ 119 (mod 407) = 19 The encryption unit of the encryption device encrypts n ₁ when encrypting plaintext X = 19 so that both level 1 and level 2 recipients can decrypt it. = 159 and the encryption key a ₁ = 7. Therefore, the ciphertext Y can be calculated as follows. Y≡X ＾ 7 (mod 159) = 133 The decryption unit of the decryption apparatus at level 1 calculates the plain text Z as follows using n ₁ = 159 and the decryption key b ₁ = 15. Z≡133 ＾ 15 (mod 159) = 19 The decryption unit of the level-2 decryption device calculates the plaintext Z as follows using n ₁ = 159 and the decryption key b ₂ = 119. Z≡133 ＾ 119 (mod 159) = 19

2. Other Embodiments Although the present invention has been described based on the above embodiment, it is needless to say that the present invention is not limited to the above embodiment. That is, the following cases are also included in the present invention. (1) As shown in FIG.
0 is composed of an encryption device 1340, a key generation device 1350, a level 1 decryption device 1310, ..., a level i decryption device 1320, ..., a level L decryption device 1330. The key creation device 1350 includes a key creation unit 1351. The encryption device 1340 includes an input unit 134
1, a display unit 1342, an encryption unit 1343, a data storage unit 1344, and a transmission / reception unit 1345. Level 1
The decryption device 1310 includes a transmission / reception unit 1311 and a key reception unit 1
312, a decoding unit 1313, a data storage unit 1314, an input unit 1315, and a display unit 1316. Level 2
To the level L decryption device, the level 1 decryption device 131
The configuration is the same as that of 0.

The key creation unit 1351 is connected to the key reception unit of each decryption device via a special communication line that does not eavesdrop on the communication contents during communication. The transmission / reception unit 1345 of the encryption device is connected to the transmission / reception unit of each decryption device via a communication line. The key generation unit 1351 of the key generation device 1350 generates keys from level 1 to level L and other information, and transmits the keys and other information of each level to the corresponding key receiving unit of the decryption device of each level. . The key generation method of the key generation unit 1351 of the key generation device 1350, the generated key and other information are described in the cryptographic communication system 100.
Is the same as the key generation unit of the decryption device of each level. The key receiving unit of each level decryption device receives the key and other information transmitted from the key generation unit 1351, and outputs the received key and other information to the transmission / reception unit and data storage unit of each level decryption device. I do. The keys and other information output to the transmission / reception unit and the data storage unit of each level of the decryption device are the same as those of the key generation unit of each level of the decryption device of the cryptographic communication system 100.

The other components of the decryption device at each level have the same function as the other components of the decryption device at each level of the cryptographic communication system 100 having the same name. Also,
Each component of the encryption device 1340 has the same function as each component of the encryption device 140 of the encryption communication system 100 having the same name. The operation of key generation by the key generation unit 1351 will be described with reference to the flowcharts of FIGS. The key generation unit 1351 selects any two prime numbers p ₁ and q ₁ (step S1401), (Expression 43) n ₁ = p ₁ × q ₁ , and (Expression 44) φ (n ₁ ) = (p ₁ −1) × (q ₁ −1), is used to calculate n ₁ and φ (n ₁ ) (step S1402). Then, key generator 1351, select any integer a ₁ (step S1403), the extended Euclidean algorithm, (Equation _{45) a 1 × b 1 ≡} 1 (mod φ (n 1)) and made integral b ₁ Is calculated (step S1404). The key creation unit 1351 outputs the integer a ₁ and the integer b ₁ to the key receiving unit 1312 of the level 1 decryption device 1310.

The key creation unit 1351 sets the level i to 2 (step S1406), and when i is greater than L (step S1407), ends the processing. If i is less than or equal to L (step S1407), the key creation unit 1351, any two prime numbers p _i, select q _i (step S1501), (Formula _{46) n i = p i ×} q i , and (formula _{47) φ (n i) =} (p i -1) × (q i -1), with, n _i and phi (n _i) and calculates (step S
1502),

(38) Is calculated (step S1503), and the key creation unit 1351 is calculated.
Calculates an integer a _i that satisfies (Equation 49) a _i × b _i ≡ 1 (mod φ (n _i )) by the extended Euclidean algorithm (step S1504).

The key creation unit 1351 calculates the integer a _i and the integer b _i
Is output to the key receiving unit 1312 of the decryption device 1320 at level i (step S1505), 1 is added to i (step S1506), and the control returns to step S1407. (2) In the above-described embodiment, the encryption key, the decryption key, and the ciphertext are transmitted via the communication line. However, the encryption key, the decryption key, and the ciphertext are transmitted to a floppy disk or the like. You may make it write on a recording medium and distribute the said recording medium. (3) Another embodiment is a computer-readable recording medium including an encryption communication program for causing a computer to execute the encryption communication method indicated by the above procedure. Further, the encryption communication program may be transmitted via a communication line.

[0062]

As described above, the present invention provides a cipher communication in which a cipher text generated using a publicly available encryption key is transmitted, and the transmitted cipher text is decrypted using a decryption key. A ciphertext encrypted using a first level encryption key, based on a predetermined operation, to generate a second level decryption key equal to or higher than said first level. Key generating means for generating a plurality of encryption keys and decryption keys comprising a plurality of levels which can be decrypted by using the encryption key and transmitting the generated encryption keys comprising a plurality of levels; and Encrypting means for encrypting the plaintext using the third-level encryption key among the received encryption keys to generate a ciphertext, and transmitting the generated ciphertext; and the generated decryption. Using a fourth level decryption key of the keys, the fourth level If the serial third higher than or equal to the level of, and a decoding means for decoding the transmitted ciphertext. According to this configuration, when transmitting the ciphertext to a plurality of levels of recipients having hierarchical decryption authority, using the decryption key of the upper-level recipient and using the encryption key of the lower-level recipient Thus, there is an effect that the encrypted data can be decrypted and the key management and distribution costs can be reduced.

Here, the key generation means determines a level 1 encryption key a ₁ and a decryption key b ₁ by the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ -1) × (q ₁ -1), and the level i (i>
The decryption key b _i 1), was determined by the following equation,

[Equation 39] The encryption key a _i of level i (i> 1) is determined by the following equation, and a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and the encryption unit encrypts the plain text x by the following formula to generate a cipher text y,

(Equation 40) Here, a _i is an encryption key of level i, and n _i =
p _i × q _i and outputs a level i, and the decryption means receives the level i from the encryption means, decrypts the cipher text y by the following equation to generate a plain text z,

[Equation 41] Here, b _j is an encryption key of level j (j ≧ i), and may be configured such that n _i = p _i × q _i . According to this configuration, when transmitting the ciphertext to a plurality of levels of recipients having hierarchical decryption authority, using the decryption key of the upper-level recipient and using the encryption key of the lower-level recipient Thus, it is possible to decrypt the encrypted data, and the number of common keys included in the cipher text addressed to a plurality of recipients is always one. This has an effect that the key management and the delivery cost can be reduced.

The present invention also provides a cryptographic communication system comprising L different-level decryption devices for generating an encryption key and a decryption key and decrypting a ciphertext, and an encryption device for generating a ciphertext. In the system, a level 1 decryption device determines a level 1 encryption key a ₁ and a decryption key b _{1 according} to the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ −1) × (q ₁ −1), and transmits the determined encryption key a ₁ to the encryption device and determines the determined decryption key b ₁
And φ (n ₁ ) are output to a level 2 decryption device, and a level 1 key generation unit and a decryption unit are provided.
The decryption device of i <L) determines the decryption key bi of level _i by the following equation:

(Equation 42) A level i encryption key a _i is determined by the following equation: a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and transmits the determined encryption key a _i to the encryption device and determines the determined decryption key b.
a level i key generating means for outputting _i , φ (n ₁ ), φ (n ₂ ),..., φ (n _i ) to a level i + 1 decryption device, and decryption means; The apparatus determines a level L decryption key b _L by the following equation:

[Equation 43] A level L encryption key a _L is determined by the following equation: a _L × b _L １ 1 (mod φ (n _L )
Here, for any prime numbers p _L and q _L , φ (n _L ) =
(P _L −1) × (q _L −1), comprising: a level L key generation unit that transmits the determined encryption key a _L to the encryption device; and a decryption unit. , Encrypts the plaintext x by the following formula to generate a ciphertext y,

[Equation 44] Here, a _m is an encryption key of the level m (1 ≦ m ≦ L) , a _{n m = p m × q m} , comprises an encryption means for outputting a level m, the level from said level 1 L, the decryption means receives the level m from the encryption means, decrypts the ciphertext y by the following equation to generate a plaintext z,

[Equation 45] Here, b _j is the encryption key levels j (j ≧ m), characterized in that it is a _{n m = p m × q m} .
According to this configuration, when transmitting the ciphertext to a plurality of levels of recipients having hierarchical decryption authority, using the decryption key of the upper-level recipient and using the encryption key of the lower-level recipient Thus, there is an effect that the encrypted data can be decrypted and the key management and distribution costs can be reduced.

Further, the present invention provides an encryption key and a decryption key.
Key generation device for generating and encryption device for generating ciphertext
And L different levels of decryption devices for decrypting ciphertexts
A cryptographic communication system comprising:
The device has a level 1 encryption key a ₁ And decryption key b₁ And
Determined by the following formula, a₁ × b₁  ≡ 1 (mod φ (n₁ )
 ), Where any prime p₁ , Q₁ For φ (n₁ ) =
(P₁ -1) × (q₁ -1) and level i (1 <i
<L) decryption key b_i Is determined by the following equation,

[Equation 46] A level i encryption key a _i is determined by the following equation: a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and transmits the determined encryption keys a ₁ , a ₂ ,..., A _L to the encryption device, and determines the determined decryption key b. _1, b _2, ..., respectively b _L, level 1, level 2, ..., includes a key generation unit for outputting to the decrypted device level L, the encryption device, a plain text x using the following equation Encrypt to generate a ciphertext y,

[Equation 47] Here, a _m is an encryption key of levels m, n _m =
p _m × q _m , comprising an encryption means for outputting a level m, wherein the level 1 to level L decryption device receives the level m from the encryption means and decrypts the cipher text y by the following equation. To generate plaintext z,

[Equation 48] Here, b _j is the encryption key levels j (j ≧ m), characterized in that it comprises a decoding means is _{n m = p m × q m} . According to this configuration, when transmitting the ciphertext to a plurality of levels of recipients having hierarchical decryption authority, using the decryption key of the upper-level recipient and using the encryption key of the lower-level recipient Thus, there is an effect that the encrypted data can be decrypted and the key management and distribution costs can be reduced.

The present invention also relates to a cryptographic communication method for transmitting a ciphertext generated using a publicly available encryption key and decrypting the transmitted ciphertext using a decryption key. , The ciphertext encrypted using the first level encryption key can be decrypted using the second level decryption key equal to or higher than the first level, Generating a plurality of encryption keys and decryption keys comprising a plurality of levels, a key generation step of transmitting the generated encryption keys comprising the plurality of levels, receiving the encryption key, An encryption step of encrypting the plaintext to generate a ciphertext using the third-level encryption key among the received encryption keys, and transmitting the generated ciphertext; Using the fourth level of decryption key, the fourth level is If the serial third higher than or equal to the level of, characterized in that it comprises a decryption step for decrypting the transmitted ciphertext. By using this method, when transmitting ciphertext to a plurality of levels of recipients having a hierarchical decryption authority, the decryption key of the upper level recipient is used to replace the encryption key of the lower level recipient. There is an effect that the encryption encrypted by using the key can be decrypted, and the management and delivery cost of the key can be reduced.

Here, the key generation step is performed at level 1
The encryption key a ₁ and the decryption key b ₁ are determined by the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ -1) × (q ₁ -1), and the level i (i>
The decryption key b _i 1), was determined by the following equation,

[Equation 49] The encryption key a _i of level i (i> 1) is determined by the following equation, and a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and the encrypting step generates a cipher text y by encrypting the plain text x by the following equation:

[Equation 50] Here, a _i is an encryption key of level i, and n _i =
p _i × q _i , outputting a level i, wherein the decryption step receives the level i from the encryption step;
Decrypt ciphertext y by the following formula to generate plaintext z,

(Equation 51) Here, b _j is an encryption key of level j (j ≧ i), and may be configured such that n _i = p _i × q _i . Using this method, when sending ciphertext to multiple levels of recipients with hierarchical decryption authority,
Using the decryption key of the upper-level recipient, decrypts the encryption encrypted using the encryption key of the lower-level recipient,
This has the effect of reducing key management and distribution costs.

Further, the present invention transmits a cipher text generated using a public encryption key and causes a computer to execute a cryptographic communication method for decrypting the transmitted cipher text using a decryption key. A computer-readable medium that stores a program for causing a computer to execute the above-described cryptographic communication method. By causing a computer to execute the program recorded on this medium, in the case of transmitting ciphertext to a plurality of levels of recipients having hierarchical decryption authority, using a decryption key of a higher-level recipient, There is an effect that the encryption encrypted by using the encryption key of the lower-level recipient can be decrypted, and the key management and delivery cost can be reduced.

[Brief description of the drawings]

FIG. 1 is a block diagram of a cryptographic communication system as one embodiment of the present invention.

FIG. 2 shows contents stored in a data storage unit of the encryption device of the encryption communication system shown in FIG.

FIG. 3 shows contents stored in a data storage unit of each decryption device of the cryptographic communication system shown in FIG. 1;

FIG. 4 is a flowchart showing an operation of generating a key by each decryption device of the cryptographic communication system shown in FIG. 1;

FIG. 5 is a flowchart showing an operation of creating a key by the level 1 decryption device of the cryptographic communication system shown in FIG. 1;

FIG. 6 is a flowchart showing an operation of generating a key by the level i decryption device of the cryptographic communication system shown in FIG. 1;

FIG. 7 is a flowchart showing an operation of generating a key by the level-L decrypting device of the cryptographic communication system shown in FIG. 1;

FIG. 8 is a flowchart showing an encryption operation performed by the encryption device of the encryption communication system shown in FIG. 1;

FIG. 9 is a flowchart showing an operation of decrypting a cipher by each decrypting device of the cryptographic communication system shown in FIG. 1;

FIG. 10 is a block diagram of a cryptographic communication system as another embodiment of the present invention.

FIG. 11 is a flowchart showing a key generation operation of the cryptographic communication system shown in FIG.

FIG. 12 is a flowchart showing a key generation operation of the cryptographic communication system shown in FIG. 10;

FIG. 13 is a diagram showing a configuration of a cipher text in a conventional cryptographic communication system.

Claims (7)

[Claims] 1. A cryptographic communication system for transmitting a ciphertext generated using a publicly available encryption key and decrypting the transmitted ciphertext using a decryption key, based on a predetermined operation. A ciphertext encrypted using a first level encryption key and having a plurality of levels which can be decrypted using a second level decryption key equal to or higher than the first level. Key generating means for generating a plurality of encryption keys and decryption keys, and transmitting an encryption key comprising the generated plurality of levels; receiving the encryption key, and Encryption means for encrypting the plaintext using the encryption key of level 3 to generate a ciphertext, and transmitting the generated ciphertext; and a decryption key of the fourth level among the generated decryption keys. If the fourth level is higher than the third level or And a decryption means for decrypting the transmitted ciphertext when necessary. 2. The key generation means determines a level 1 encryption key a ₁ and a decryption key b _{1 according} to the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) = (p ₁ −1) × (q ₁ −1) and the decryption key b _{i at} level i (i> 1) Is determined by the following equation: The encryption key a _i of level i (i> 1) is determined by the following equation, and a _i × b _i １ 1 (mod φ (n _i )
Here, for any prime numbers p _i and q _i , φ (n _i ) = (p _i −1) × (q _i −1), and the encryption means encrypts the plain text x by the following equation. And ciphertext y
Is generated, and Here, a _i is an encryption key of level i, and n _i =
p _i × q _i , outputs a level i, and the decryption means receives the level i from the encryption means, decrypts the cipher text y by the following formula to generate a plain text z, and Here, b _j is the encryption key levels j (j ≧ i), the cryptographic communication system according to claim 1, wherein the a _{n i = p i × q i} . 3. A cryptographic communication system comprising: L different levels of decryption devices for generating an encryption key and a decryption key to decrypt a ciphertext; and an encryption device for generating a ciphertext. , The level 1 decryption apparatus uses the level 1 encryption key a
₁ and the decryption key b ₁ are determined by the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ −1) × (q ₁ −1), and transmits the determined encryption key a ₁ to the encryption device and determines the determined decryption key b ₁
And φ (n ₁ ) are output to a level 2 decryption device, and a level 1 key generation unit and a decryption unit are provided.
The decryption device of i <L) determines the decryption key b _i of level _i by the following equation: A level i encryption key a _i is determined by the following equation: a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and transmits the determined encryption key a _i to the encryption device and determines the determined decryption key b.
a level i key generating means for outputting _i , φ (n ₁ ), φ (n ₂ ),..., φ (n _i ) to a level i + 1 decryption device, and a decryption means; The apparatus determines the level L decryption key b _{L according} to the following equation: A level L encryption key a _L is determined by the following equation: a _L × b _L １ 1 (mod φ (n _L )
Here, for any prime numbers p _L and q _L , φ (n _L ) =
(P _L −1) × (q _L −1), comprising: a level L key generation unit that transmits the determined encryption key a _L to the encryption device; and a decryption unit. And encrypts the plaintext x by the following formula to generate a ciphertext y. Here, a _m is an encryption key of the level m (1 ≦ m ≦ L) , a _{n m = p m × q m} , comprises an encryption means for outputting a level m, the level from said level 1 In the decryption device of L, the decryption means receives the level m from the encryption means, decrypts the ciphertext y by the following formula to generate a plaintext z, Here, b _j is the encryption key levels j (j ≧ m), cryptographic communication system, characterized in that the _{n m = p m × q m} . 4. A cipher comprising: a key generation device for generating an encryption key and a decryption key; an encryption device for generating a ciphertext; and L different-level decryption devices for decrypting the ciphertext. A communication system, wherein the key generation device is a level 1
The encryption key a ₁ and the decryption key b ₁ are determined by the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ -1) × (q ₁ -1), and the level i (1 <i
<L) The decryption key b _i is determined by the following equation. A level i encryption key a _i is determined by the following equation: a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and transmits the determined encryption keys a ₁ , a ₂ ,..., A _L to the encryption device, and determines the determined decryption key b. _1, b _2, ..., respectively b _L, level 1, level 2, ..., includes a key generation unit for outputting to the decrypted device level L, the encryption device, a plain text x using the following equation Encrypted to generate a ciphertext y, Here, a _m is an encryption key of levels m, n _m =
p _m × q _m , comprising an encryption means for outputting a level m, wherein the level 1 to level L decryption device receives the level m from the encryption means and decrypts the cipher text y by the following equation. To generate a plaintext z, and Here, b _j is the encryption key levels j (j ≧ m), cryptographic communication system, characterized in that it comprises a decoding means is _{n m = p m × q m} . 5. A cryptographic communication method for transmitting a ciphertext generated using a publicly available encryption key and decrypting the transmitted ciphertext using a decryption key, comprising the steps of: A plurality of levels wherein a ciphertext encrypted using a first level encryption key can be decrypted using a second level decryption key equal to or higher than said first level. A key generation step of generating the plurality of encryption keys and decryption keys consisting of: and transmitting the generated plurality of levels of encryption keys; and receiving the encryption key and receiving the received encryption key. An encryption step of encrypting the plaintext to generate a ciphertext by using a third-level encryption key among the keys and transmitting the generated ciphertext; and a fourth step of the generated decryption key. The fourth level is used for the third level using the decryption key of the level. Decrypting the transmitted cipher text if the value is higher than or equal to the cipher text. 6. The key generation step determines a level 1 encryption key a ₁ and a decryption key b ₁ by the following equation: a ₁ × b ₁ １ 1 (mod φ (n ₁ )
Here, for any prime numbers p ₁ and q ₁ , φ (n ₁ ) =
(P ₁ -1) × (q ₁ -1), and the level i (i>
The decryption key b _i 1), was determined by the following equation, Equation 11] The encryption key a _i of level i (i> 1) is determined by the following equation, and a _i × b _i １ 1 (mod φ (n _i )
Here, for any primes p _i and q _i , φ (n _i ) =
(P _i −1) × (q _i −1), and the encrypting step generates a cipher text y by encrypting the plain text x according to the following equation: Here, a _i is an encryption key of level i, and n _i =
p _i × q _i , outputting a level i, wherein the decryption step receives the level i from the encryption step;
The plaintext z is generated by decrypting the ciphertext y by the following formula, and Here, b _j is the encryption key levels j (j ≧ i), n i = p i × cryptographic communication method according to claim 5, wherein the a q _i. 7. A program for transmitting a ciphertext generated using a publicly available encryption key and causing a computer to execute a cryptographic communication method for decrypting the transmitted ciphertext using a decryption key. A recording medium readable by a computer, comprising a program for causing a computer to execute the encryption communication method according to claim 5.