JP2002314527A - Encryption system and its control method, key management server and client used in the encryption system, and their control method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an encryption system that is adaptable to the management organization of enterprises or the like and copes flexibly with variations in the management organization. SOLUTION: A server 10 is provided with a management database 15 that stores an ID, its own intrinsic key, and other intrinsic key (decoding key) that are keys of other people than the user. A client 20 is provided with an FD(floppy disk) that stores an ID, an intrinsic key corresponding to the ID, and an encrypted decoding key resulting from encrypting the decoding key corresponding to the ID by the intrinsic key. The server 10 discriminates whether or not the decoding key corresponding to the ID sent from the client 20 is revised in the management DB 15, encrypts the revised decoding key by using the particular key and distributes the resulting key to the client 20 when the discrimination indicates revision. The client 20 receiving the new encryption key replaces the encrypted decoding key stored in the FD with the received encrypted decoding key.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to a cryptographic system and a control method thereof, a key management server and a client used in the cryptographic system, and a control method thereof.

[0002]

BACKGROUND OF THE INVENTION In a company or the like, there are cases where subordinates create ciphertexts and their superiors manage the ciphertexts. In such a management system, relocation and promotion of employees,
Each time an employee resigns, it is necessary to change the distribution destination of the key used for decrypting the ciphertext. If the changed key is distributed to each of the employees every time the employees are rearranged, the procedure for the distribution becomes very complicated.

[0003]

DISCLOSURE OF THE INVENTION The present invention provides a key used for decrypting ciphertext and encrypting plaintext under a management system of a company or the like.
The purpose is to enable centralized management.

A further object of the present invention is to provide a cryptographic system and a control method thereof which can flexibly deal with promotion or resignation of an employee in a company or the like, loss of a key, and the like.

Another object of the present invention is to prevent a third party from impersonating a user of the encryption system and using the encryption system.

[0006] A control method for a cryptographic system according to a first invention is a control method for a cryptographic system comprising a key management server and a client mutually connected via a network.

[0007] The key management server includes, for each user, an ID unique to the user, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and an ID of another person other than the user. It has a management database that stores the other person's unique key that is its own unique key.

On the other hand, the client has the ID and
A unique data storage unit is provided for storing a self-unique key corresponding to the ID and an encrypted other-person unique key generated by encrypting the other-person unique key corresponding to the ID with the self-unique key.

The key management server determines whether or not the other party's unique key corresponding to the ID transmitted from the client has been changed in the management database.
If it is determined that the other party's unique key has been changed,
The changed other party unique key is encrypted with the self unique key to generate a new encrypted other party unique key, and the generated new encrypted other party unique key is delivered to the client.

The client receiving the new encrypted other party unique key replaces the encrypted other party unique key stored in the unique data storage means with the received new encrypted other party unique key.

The cryptographic system according to the first invention is a cryptographic system comprising a key management server and a client mutually connected via a network. The key management server includes, for each user, an ID unique to the user,
It has a management database that stores a self-unique key used for the plaintext encryption process and the ciphertext decryption process by the user, and another unique key that is a self-unique key of another person other than the user. The client is the ID
And a unique data storage unit for storing a self-unique key corresponding to the ID and an encrypted other-unique key generated by encrypting the other unique key corresponding to the ID with the self-unique key. I have. The key management server further includes a first determination unit that determines whether or not the other party's unique key corresponding to the ID transmitted from the client has been changed in the management database. If it is determined that the third party unique key has been changed, the changed other party unique key is encrypted with a self-unique key corresponding to the ID stored in the management database to obtain a new encrypted third party. There is provided a first distribution means for generating a unique key and distributing the generated new encrypted third party unique key to the client. The client further includes first replacement means for replacing the encrypted other party unique key stored in the unique data storage means with the received new encrypted other party unique key.

In the management database of the key management server, an ID unique to each user, a self-unique key, and another person's unique key are stored. The client includes an ID and a self-unique key managed in the management database, and further includes an encrypted other-unique key generated by encrypting the other-unique key with the self-unique key. Of course, the self-unique key is different for each ID. A self-unique key is assigned to each user (for example, an employee of a company or the like) specified by the ID.

The other party's unique key is, for example, a self-unique key of a subordinate. The boss (client operated by the boss) is the subordinate's own unique key (subordinate's unique key)
Will have. The other person's unique key may be the person's own unique key. In this case, the subordinate (the client operated by the subordinate) has the boss's own unique key (boss's unique key) encrypted. In any case, the other person's unique key is managed in the management database in accordance with the management system in the company or the like. In the following description, the other party's unique key is a subordinate's own unique key (subordinate's unique key) for simplicity.

[0014] Encrypted third party unique key (encrypted subordinate unique key)
Is encrypted with the self-unique key, and is decrypted with the self-unique key provided in the client to convert the encrypted third party unique key (encrypted subordinate unique key) into another unique key (subordinate unique key). ) Can be obtained. That is, the boss can obtain the subordinate's own unique key. The boss can decrypt the ciphertext created by the subordinate with the self-unique key.

According to the first aspect, a unique ID for each user is transmitted from the client to the key management server, and the key management server stores the other party's unique key stored in the management database corresponding to the transmitted ID. It is determined whether the (subordinate unique key) has been changed. If the subordinate unique key has been changed, the changed subordinate unique key is encrypted with the self-unique key corresponding to the ID and distributed to the client. The client replaces the received encrypted subordinate unique key with an encrypted subordinate unique key already provided in the client.

If the subordinate unique key corresponding to the ID is changed in the management database, the changed subordinate unique key is reflected on the client. For example, if a subordinate is promoted and no longer a subordinate, the contents of the unique data storage means of the client operated by the supervisor become the contents in the new management system (for the subordinate who is no longer a subordinate) The encrypted version of the self-unique key is deleted from the unique data storage means). In the client of the person who has become the boss, an encrypted version of the self-unique key of the newly subordinate is newly stored in the unique data storage means.

As described above, according to the present invention, when the contents of the management database are changed in accordance with a change in the management system in a company or the like (such as promotion of an employee, demoting, or joining a new employee),
The change is reflected on the client. By managing the key management server (management database), it is possible to manage the entire key of the encryption system including the client.

In a second embodiment of the first invention, the key management server includes, for each user, an ID unique to the user,
The client has a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user.
And a unique data storage unit for storing a self-unique key corresponding to D.

The key management server determines whether an updated self-unique key, which is a new self-unique key, is stored in the management database in accordance with the ID transmitted from the client. If it is determined that the updated self-unique key is stored, the updated self-unique key is encrypted with the self-unique key to generate an encrypted updated unique key, and the generated encrypted updated unique key is used as the encrypted updated unique key. Distribute to the above clients. The client that has received the encrypted updated unique key decrypts the encrypted updated unique key with the self-unique key stored in the unique data storage means and replaces the updated self-unique key obtained by decryption with the self-unique key. Replace.

According to the second aspect of the first invention, when a new self-unique key (updated self-unique key) is stored in the management database, the updated self-unique key is encrypted with the self-unique key. In this state, it is distributed from the key management server to the client. Since the client that has received the encrypted updated self-unique key has the self-unique key used for encryption, the client can obtain the updated self-unique key by decrypting the encrypted updated self-unique key.

For example, when the owner (user) of the client loses or deletes the self-unique key, an updated self-unique key is created in the management database. The client receives the encrypted updated self-unique key, which is decrypted at the client. The updated unique key (new self-unique key) is used, after which plaintext encryption and ciphertext decryption are performed. A key (self-unique key) that may be leaked due to loss or the like can be easily changed by managing the management database of the key management server.

Preferably, the first invention or the first invention described above.
In the second aspect of the invention, the key management server determines whether or not data indicating the revocation of the self-unique key is stored in the management database in accordance with the ID transmitted from the client. If it is determined that the data indicating the revocation is stored, it is determined whether or not the other party unique key corresponding to the ID transmitted from the client has been changed in the management database, and The data indicating the revocation is transmitted to the client without determining whether or not the updated self-unique key, which is a new self-unique key, is stored in the management database. Then, the client receiving the data indicating the revocation deletes the self-unique key and the encrypted third party unique key stored in the unique data storage means from the unique data storage means. By erasing the self-unique key (updated self-unique key) and the encrypted other party's unique key (encrypted subordinate unique key) from the client of the user who has left the organization due to resignation, retirement, etc.
It is possible to make it impossible for a user who has left the organization to perform encryption / decryption processing. In order to prevent such unauthorized use, it is only necessary to manage the management database of the key management server, and it is not necessary for individual clients to delete their own unique keys and the like.

The control method for a cryptographic system according to the second invention is a control method for a cryptographic system comprising a key management server and a client mutually connected via a network. The key management server includes, for each user, an ID unique to the user, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a self-unique key of another person other than the user. And a management database storing the other party's unique key. The client includes a unique data storage unit that stores the ID and a self-unique key corresponding to the ID. The key management server transmits the I
In response to D, it is determined whether an updated self-unique key, which is a new self-unique key, is stored in the management database. If it is determined that the updated self-unique key is not stored, the other unique key is encrypted with the self-unique key stored in the management database to generate an encrypted other unique key. The encrypted other party unique key is delivered to the client. If it is determined that the updated self-unique key is stored, the other unique key is encrypted with the updated self-unique key to generate an encrypted other unique key. The self-unique key is encrypted to generate an encrypted updated self-unique key, and the generated encrypted other person's unique key and the encrypted updated self-unique key are distributed to the client.

The client has a temporary key storage unit. When the encrypted other party unique key is distributed from the key management server, the distributed encrypted other party unique key is decrypted with the self-unique key stored in the unique data storage means, and obtained by decryption. The obtained other party's unique key is stored in the key temporary storage means. On the other hand, when the encrypted other party unique key and the encrypted updated self-unique key are distributed, the distributed encrypted updated self-unique key is decrypted with the self-unique key stored in the unique data storage unit. Then, the updated self-unique key obtained by the decryption is replaced with the self-unique key, and the distributed encrypted other-unique key is decrypted by the replaced self-unique key, and the other unique key obtained by the decryption is obtained. It is stored in the key temporary storage means.

According to the second invention, it is determined whether or not an updated self-unique key, which is a new self-unique key, is stored in the management database in accordance with the ID transmitted from the client.

If it is determined that the updated self-unique key is not stored, the other-unique key is encrypted with the self-unique key stored in the management database to generate an encrypted other-unique key. Then, the generated encrypted third party unique key is delivered to the client. By decrypting the encrypted other party's unique key with the self unique key provided in the client, another party's unique key (subordinate's unique key) can be obtained. It can decrypt ciphertexts created by subordinates.

When it is determined that the updated self-unique key is stored, the other unique key is encrypted with the updated self-unique key to generate an encrypted other unique key, and the self-unique key is generated. Then, the updated self-unique key is encrypted to generate an encrypted updated self-unique key. The encrypted other party unique key and the encrypted updated self unique key are delivered to the client. The delivered encrypted updated self-unique key is decrypted with the self-unique key stored in the unique data storage unit, and the updated self-unique key obtained by the decryption is replaced with the self-unique key. Further, it is decrypted with the distributed self-unique key (updated self-unique key) in which the encrypted third party unique key is replaced. In this way, the updated self-unique key is encrypted and securely delivered to the client. The other party's unique key is also encrypted with the updated self unique key and securely delivered to the client. The ciphertext created by the subordinate can be decrypted with the other party's unique key (subordinate unique key) obtained by decrypting the encrypted other party's unique key (encrypted subordinate unique key).

According to the present invention, the user (the client operated by the user) is not provided with the other party's unique key used for decrypting the ciphertext created by his subordinates in advance, but the key management server when necessary. Delivered from. The security of the other party's unique key is enhanced. Since the other party's unique key is encrypted and distributed from the key management server to the client, the possibility of being stolen during network distribution and being illegally used is low.

The other party's unique key obtained by the client is stored in key temporary storage means. Preferably, after the plaintext encryption process or the ciphertext decryption process is completed, the other party's unique key stored in the temporary key storage unit is deleted. The effect of preventing the leakage of the other party's unique key is enhanced.

[0030] In the second aspect of the present invention, the key management server also determines whether or not data indicating the revocation of the self-unique key is stored in the management database in accordance with the ID transmitted from the client. ,
If it is determined that the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client without determining whether the updated self-unique key is stored in the management database. You may. In the client receiving the data indicating the revocation, the self-unique key stored in the unique data storage is deleted from the unique data storage. Resignation,
It is possible to prevent unauthorized use of the encryption system by a user who has retired.

The control method for a cryptographic system according to the third invention is a control method for a cryptographic system comprising a key management server and a client mutually connected via a network. The key management server includes, for each user, an ID unique to the user, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user,
A private key generated by the client by a public key / private key generation unit for generating a public key and a private key in a public key cryptosystem is stored. It has a management database. The client includes a unique data storage unit storing the ID and a public key / private key generation unit.

The client has a public key /
A public key and a secret key are generated by a secret key generation means,
The generated public key and the ID stored in the unique data storage unit are transmitted to the key management server.

It is preferable that the transmission of the public key to the key management server is performed only once in the initial state (eg, when the client is started). The public key generated in the client is stored in the management database of the key management server. After that, the client sends an I to the key management server.
Only D is transmitted.

The key management server having received the ID determines whether or not data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID. If it is determined that the data indicating the revocation is not stored, the self-unique key and the other-party unique key are encrypted with the public key to generate an encrypted self-unique key and an encrypted other-party unique key. And distributes the generated encrypted self-unique key and the encrypted third-party unique key to the client.

When it is determined that the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client.

When the client receives the encrypted self-unique key and the encrypted other party's unique key from the key management server, the client transmits the received encrypted self-unique key and encrypted other party's unique key to the public key. / Decipher with the secret key generated by the secret key generation means and temporarily store the self-unique key and the other-unique key obtained by the decryption. When data indicating revocation is received from the key management server, the process ends without permitting plaintext encryption processing and ciphertext decryption processing.

According to the third aspect, the client has neither the self-unique key nor the other party's unique key (encrypted other party's unique key). The security of the cryptosystem is even higher. The self-unique key used for encrypting plaintext and decrypting ciphertext, and the other-person's unique key (subordinate's unique key) used for decrypting ciphertexts created by subordinates are encrypted with the public key and transmitted from the key management server. Therefore, even if a person other than the user having the private key paired with the public key obtains the encrypted self-unique key or the encrypted other person's unique key, there is a low possibility that it will be decrypted and used.

In the third invention, when the user resigns, data indicating revocation is stored in the management database of the key management server. If revocation data is sent to the client, the encrypted self-unique key will also be
The encrypted third party's unique key is also not delivered to the client. Such clients cannot encrypt plaintext and decrypt ciphertext.

Also in the third invention, it is preferable that the self-unique key and the third-party unique key that are temporarily stored are deleted after the plaintext encryption process or the ciphertext decryption process is completed in the client. It is possible to prevent unauthorized use of the self-unique key and the third-party unique key generated by being decrypted in the client. Further, as in the third invention, if a client generates a pair of a public key and a secret key in advance, stores the public key in the management database of the key management server, and stores the secret key in the client, Even if three persons impersonate the user using the ID of another person, a third party without a secret key cannot perform the encryption processing and the decryption processing. Spoofing by a third party can also be prevented.

Each time the client performs the encryption process or the decryption process, the client may generate a public key / private key. In this case, each time encryption or decryption is performed, a pair of a public key and an ID is transmitted from the client to the key management server. Of course, it is also possible for the client to generate a public key / private key pair in advance and to transmit the generated public key to the key management server every time encryption or decryption is performed.

The cryptographic system control method according to the fourth invention is a cryptographic system control method comprising a key management server and a client mutually connected via a network. The key management server includes, for each user, an ID unique to the user, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user,
It has a management database that stores another person's unique key, which is a self-unique key of another person other than the user, and a pair of a public key and a secret key in a public key encryption method. The client includes a unique data storage unit that stores the ID and the secret key. The key management server determines whether data indicating the revocation of the self-unique key is stored in the management database in accordance with the ID transmitted from the client. If it is determined that the data indicating the revocation is not stored, the public key stored in the management database is used to encrypt the self-unique key and the other person's unique key stored in the management database. Then, an encrypted self-unique key and an encrypted third party unique key are generated, and the generated encrypted self-unique key and encrypted third party unique key are delivered to the client. When it is determined that the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client.
The client, when receiving the encrypted self-unique key and the encrypted other unique key from the key management server, stores the received encrypted self-unique key and the encrypted other unique key in the unique data storage means. Decrypted with the secret key
The self unique key and the other unique key obtained by decryption are temporarily stored. When data indicating revocation is received from the key management server, the process ends without permitting plaintext encryption processing and ciphertext decryption processing.

In the fourth invention, a pair of a public key and a secret key for each user is prepared in the management database of the key management server. An ID and a secret key are prepared for the client.
When the ID is transmitted from the client, the key management server encrypts the own unique key and the other person's unique key with the public key corresponding to the ID, and transmits the encrypted unique key to the client. Only a user who has a private key corresponding to the public key used for encrypting the self-unique key and the other-person's unique key can perform the encryption process and the decryption process.

The cryptographic system control method according to the fifth invention is a cryptographic system control method comprising a key management server and a client mutually connected via a network. The key management server uses, for each user, an ID unique to the user, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a self-unique key of another person other than the user. A management database storing a certain other person's unique key and secret data; and a first public key / private key generation means for generating a pair of a first public key and a first secret key in a public key encryption method. I have. The client includes a unique data storage unit storing the ID and the secret data, and a second public key / private key generation unit for generating a pair of a second public key and a second secret key in a public key encryption method. Means.

The client generates a second public key and a second secret key by the second public key / private key generation means, and stores the generated second public key and the unique data storage means. And the transmitted ID to the key management server. The key management server that has received the second public key and the ID determines whether or not the data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID.

When it is determined that the data indicating the revocation is not stored, the first public key / first secret key is generated by the first public key / private key generation means, and the first public key and the first secret key are generated. The first public key generated by the generated second public key is encrypted to generate an encrypted first public key, and the generated encrypted first public key is distributed to the client.

The client that has received the encrypted first public key decrypts the encrypted first public key received with the second secret key to generate a first public key, and generates the generated first public key. The secret data stored in the unique data storage unit is encrypted with a public key to generate encrypted secret data, and the generated encrypted secret data is transmitted to the key management server. The key management server that has received the encrypted secret data decrypts the received encrypted secret data with the first secret key to obtain secret data, and obtains the secret data stored in the management database. The self-unique key and the other-person unique key stored in the management database are encrypted with the received second public key on condition that they are the same as the data. A key is generated, and the generated encrypted self-unique key and encrypted other party's unique key are distributed to the client.

On the other hand, if it is determined that the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client.

When the encrypted self-unique key and the encrypted other party's unique key are distributed from the key management server, the client transmits the distributed encrypted self-unique key and encrypted other party's unique key to the unique key. Decryption is performed with the secret key stored in the data storage unit, and the self-unique key and the other-unique key obtained by the decryption are temporarily stored. When data indicating revocation is received from the key management server, the process ends without permitting plaintext encryption processing and ciphertext decryption processing.

In the fifth invention, a public key / private key generation unit is provided in each of the key management server and the client. Similarly to the third and fourth inventions, it is possible to prevent a third party from acquiring an ID of another person and impersonating the person. Also, the encrypted self-unique key and the encrypted third-party unique key are provided on condition that the secret data stored in advance in the management database and the secret data (encrypted at the time of transmission) transmitted from the client to the key management server match. Since the information is distributed to the client, it is possible to strongly confirm whether the person who accesses the key management server is a valid user of the cryptographic system.

The present invention further provides a key management server and a client used in the first to fifth aspects, a control method thereof, a control program, and a medium on which the control program is recorded. The program recording medium includes a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, and the like.

[0051]

DESCRIPTION OF THE PREFERRED EMBODIMENTS First Embodiment (1) Basic Mode of Cryptographic System FIG. 1 is a block diagram showing the overall configuration of a cryptographic system according to a first embodiment. This cryptosystem uses a key management server
A computer (hereinafter referred to as a key management server) 10 and a plurality of client computers (user terminals)
(Referred to as a client) (in the cryptographic system shown in FIG. 1,
(Showing four clients 20, 30, 40 and 50) and a network 1 (including both a dedicated line and a public line) connecting the key management server 10 and a plurality of clients. I have.

In the encryption system, key management suitable for a management system in a company or the like is performed. FIG. 2 shows a general management system in a company or the like. In companies, etc., the president is at the top,
Below that, a hierarchical management system, such as a department manager, section manager, and section chief, is established. In the cryptographic system, the president, general manager, section manager,
It is assumed that each employee belonging to a company or the like has one client regardless of the post such as a chief. In the following description, in order to make the contents of the encryption system easy to understand, one key management server 10 and four clients 20
It is assumed that the encryption system is composed of ~ 50. Then, the client 20 uses the computer used by the employee A (manager A), the client 30 uses the computer used by the employee B (manager B), and the client 40 uses the employee C (manager C) as the manager. It is assumed that the computer to be used and the client 50 are computers used by the employee D (chief D) who is the chief.

In the encryption system, as described later, a unique key is distributed to each employee of a company or the like. Employees can create a ciphertext file by using a client to encrypt a plaintext file with their own unique key. Also, the created ciphertext file can be decrypted into a plaintext file with its own unique key (in this sense, the unique key can be called an encryption / decryption key). Furthermore, in the cryptographic system, as described later, the boss sends subordinates (the manager to the president,
A key (encryption) in which a superior encrypts a subordinate's unique key with his / her own unique key so that a ciphertext file created by a section manager, section manager, section manager for section manager, section manager, section manager, etc.) can be decrypted. (Referred to as a decryption key).

FIG. 3 is a block diagram showing the overall configuration of the encryption system shown in FIG. 1 in more detail. In the cryptographic system shown in FIG. 3, only two clients (client 20 and client 30) among the plurality of clients are shown.

The key management server 10 includes a control device 11, a first storage device 12, a second storage device 13, and a floppy disk drive (hereinafter referred to as FDD) 14. Control device 11
Are CPU, memory (RAM), communication device (modem, terminal adapter, router, etc.), input device (keyboard, mouse, etc.), display device (CRT display, LC
D, etc.). Generally, a hard disk (drive) is used for the first storage device 12 and the second storage device 13. The first storage device 12 and the second storage device 13 may be respectively different hard disks, or two different areas are provided in one hard disk, and each of the two areas is stored in the first storage device 12.
And the second storage device 13.

The first storage device 12 of the key management server 10 is provided with a management database 15. Management database 15
Is the ID, unique key,
This is a database storing a decryption key and the like (details will be described later). The second storage device 13 stores a management data creation program, a unique data creation program, and a key distribution program. The processing of these programs (the operation of the key management server 10 controlled by these programs) will also be described later.

The client 20 (computer of employee A (manager A)) has a CPU, a memory (RAM), a communication device,
A control device 21 including an input device, a display device, and the like, a storage device 22, and an FDD 23 are provided. Client 30 (Employee B
(The computer of section manager B) also has the same hardware configuration of the client 20 (control device 31, storage device 32 and F
DD33). Each of the storage device 22 of the client 20 and the storage device 32 of the client 30 stores an encryption program, a decryption program, and a key update program. The ciphertext file is created from the plaintext file by the encryption program, and the ciphertext file is decrypted into the plaintext file by the decryption program. A key update program is used as a sub-program of the encryption program and the decryption program. The details of the processing of the encryption program, the decryption program, and the key update program will be described later.

The FD in which the unique data 25 is recorded is stored in the manager A.
24, the section manager B has the FD34 with the unique data 35,
Each key is distributed in advance by the administrator of the key management server 10. FDs (not shown) in which unique data is recorded are also distributed to the section manager C and the section manager D in advance. The recording of the unique data on the FDs 24 and 34 is performed in the key management server 10 as described later.

FIG. 4A shows an example of the unique data 25 recorded on the FD 24 owned by the manager A, and FIG. 4B shows an example of the unique data 35 recorded on the FD 34 owned by the section manager B. ing. 4C shows an example of the unique data 45 recorded on the FD carried by the section manager C, and FIG. 4D shows an example of the unique data 55 recorded on the FD carried by the section chief D. .

The ID and unique key are recorded on the FD distributed to each employee.

"ID" is a unique identification code (number) for specifying each employee in the encryption system.
It is. ID "1" indicates employee A (manager A) and ID "2"
Is employee B (section manager B) and ID "3" is employee C (section manager C)
, And the ID “4” represents the employee D (section chief D).

The "unique key" is an encryption / decryption key (random number data) given to each employee as described above. The unique key is used to create a ciphertext file from a plaintext file and to decrypt a ciphertext file into a plaintext file. For example, the unique data 25 (hereinafter, referred to as “record 25”) recorded in the FD 24 owned by employee A (manager A)
The unique data 25 of the employee A; the same applies to other unique data) includes the unique key SK1. The unique key SK1 is used when the employee A (manager A) creates a ciphertext file by encrypting a plaintext file and decrypts the ciphertext file.

The same number of decryption keys as the number of subordinates are recorded in the FD of an employee (boss) having subordinates. The encryption / decryption key is obtained by encrypting a subordinate's unique key using its own unique key. For example, the manager A has three managers, a manager B, a manager C and a manager D. Manager B,
The unique keys of section manager C and section chief D are SK2 and SK, respectively.
3, SK4. The unique data 25 of the manager A is the unique key S
Three encrypted decryption keys SK2 <SK1>, SK3 <SK1> and SK generated by encrypting K2, SK3 and SK4 using the unique key SK1 of the manager A
4 <SK1> is included. Similarly, the unique data 35 of the section manager B stores the unique key SK4 of the section chief D,
Decryption key S generated by encrypting with the unique key SK2 of
K4 <SK2>. Section manager C's unique data 45
Is an encryption / decryption key SK4 <S generated by encrypting the unique key SK4 of the subordinate D, which is a subordinate, with the unique key SK3 of the section manager C.
K3>. Since the chief D has no subordinates, the unique data 55 of the chief D does not include the encryption / decryption key.

As described above, in the encryption system, the boss can decrypt a ciphertext file created by a subordinate (a manager for a president, a section manager, a section chief, a section manager for a section manager, a section manager, a section manager for a section manager, etc.). That is, among the users (employees) of the cryptographic system, the boss who has subordinates decrypts the encryption / decryption key using his / her own unique key to obtain the subordinate's unique key (in particular, called the decryption key) Obtainable. Therefore, the boss can decrypt the ciphertext file created by the subordinate by using the decryption key.

In the cryptographic system, unique data possessed by each employee of a company or the like is created using a management database 15 provided in the first storage device 12 of the key management server 10. FIG. 5 shows an example of the management database 15.

The management database 15 stores management data for a plurality of employees. Management data includes
"ID", "update flag", "expiration flag", "unique key", "update unique key", "decryption key 1", "decryption key 2",
"Decryption key 3" and the like are included.

As described above, "ID" identifies an employee of a company or the like that uses the encryption system, and is an identification code (number) associated with the employee on a one-to-one basis.

In the “update flag”, either the flag “F” or the flag “FS” is stored. For example, if the chief is promoted to section manager, if the section manager is promoted to section manager,
When the position of the employee changes, for example, when the section manager is demoted to the section chief, the contents of the decryption key in the management data are changed as described later. In such a case, the update flag “F” is stored. If an employee loses his or her own unique key, a new unique key is assigned to the employee. In this case, the update flag “FS” is stored.

The "expiration flag" stores a flag (expiration flag "FF") indicating that the employee's unique key has expired when the employee retires or resigns from the company.

The “unique key” is an encryption / decryption key given to each employee as described above.

The “update unique key” stores a unique key newly assigned to the employee when the employee loses (forgets) the unique key (this is called an update unique key).

The “decryption key” stores a unique key (or an updated unique key) of a subordinate (a section manager and a section chief for a section manager, a section chief for a section manager, etc.). The management data of the boss having a plurality of subordinates stores basically the same number of decryption keys (decryption key 1, decryption key 2, decryption key 3 #) as the number of subordinates.

FIG. 6 shows the second storage device 13 of the key management server 10.
5 is a flowchart showing a flow of processing of a management data creation program stored in the storage device. The management data is stored in the management database 15 according to the management data creation program.

When the administrator of the key management server 10 inputs a start command of the management data creation program from the input device, the management data creation program is read from the second storage device 13 of the key management server 10 and read into the CPU. The management data creation program is executed.

First, the administrator of the key management server 10 inputs user (employee) information such as the name of the user (employee) of the encryption system from the input device of the key management server 10 (step 101). When you have finished entering your employee information,
An ID is assigned to the user. First storage device 12
The numbered ID is registered in the ID column of the management database 15 provided in (step 102).

A random number is generated. The generated random number is registered in the unique key column as a unique key corresponding to the registered ID (step 103).

List of management data (management database 15
Is displayed on the display screen of the display device (step
104). If the management data of the subordinate is already registered in the management database 15, the display screen displays the unique key of the subordinate by an icon or the like. The administrator of the key management server 10 registers the subordinate's unique key in the decryption key field of the management data of the supervisor (step 105).

When registering management data for another employee, the above operation is repeated (N in step 106).
O, step 101). When data entry for all employees is completed, the management database 15 is completed (FIG. 5).
reference). The administrator of the key management server 10 ends the processing of the management data creation program (YES in step 106).

FIG. 7 is a flowchart showing the processing flow of the unique data creation program. The unique data recorded on the FD distributed to each employee is created by a unique data creation program executed in the key management server 10.

When the administrator of the key management server 10 inputs a command to start the unique data creation program to the input device of the key management server 10, the unique data creation program is read from the second storage device 13 and read into the CPU. The unique data creation program is executed.

First, the management data (the management database 15
Is displayed in a list on the display screen of the display device (step 111).

From the list of management data,
Either ID is selected by the administrator (step
112). The process of creating unique data for the selected ID (the employee specified by the ID) is started.

The selected ID and the unique key corresponding to the ID are recorded (copied) on the FD mounted on the FDD (step 113).

The decryption key (unique subordinate key) in the management data corresponding to the selected ID is encrypted using the unique key corresponding to the selected ID. An encryption / decryption key is generated (step 114).

The generated encryption / decryption key is recorded on the FD (step 115). This completes one routine of the unique data creation program (step 116). Other I
When creating unique data for D (employees),
The administrator of the key management server 10 repeats the above processing (NO in step 116). A new FD is mounted on the FDD, and new unique data is recorded on the FD.

For example, the ID “1” in the management database 15 shown in FIG.
It is assumed that (ID representing the manager A) is selected. In the FD,
ID “1”, unique key SK1, decryption keys SK2, SK3
Decryption key SK2 <SK1>, S generated by encrypting SK4 and SK4 with unique key SK1, respectively.
K3 <SK1> and SK4 <SK1> are recorded (FIG. 4A). When the ID “4” (ID representing the section chief D) is selected, the FD includes the ID “4” and the unique key SK4.
Is recorded (FIG. 4 (D)). Steps 114 and 115 are skipped because the unique data of the chief D does not include the decryption key.

The FD on which the unique data (ID, unique key (and encryption / decryption key)) is recorded is distributed to the employee specified by the ID recorded on the FD.

For example, section manager B, a user of client 30, receives FD 34 (in which unique data 35 of FIG. 4B is recorded). When creating a ciphertext file,
According to the encryption program, a ciphertext file is created using the unique key SK2 recorded on the FD34. The ciphertext file created in the client 30 can be decrypted using the unique key SK2 according to a decryption program. Further, the manager A, who is the manager of the manager B, encrypts the unique key SK2 of the manager B with the unique key SK1 of the manager A (self) and obtains an encryption / decryption key SK2 <SK1.
> Has the recorded FD24. The algorithm of the encryption process (step 114 in FIG. 7) for creating the encryption / decryption key in the unique data creation program and the algorithm of the decryption process of the decryption program stored in the storage device 22 of the client 20 of the manager A are described below. By using the same algorithm, the manager A obtains the decryption key SK2 (= specific key SK2 = specific key of section manager B) by decrypting the encrypted decryption key SK2 <SK1> with the specific key SK1 using the client 20. Can be. The manager A can decrypt the ciphertext file created by the manager B using the client 30.

On the other hand, section manager B, who is a subordinate of section manager A, does not have an encryption / decryption key created by encrypting section manager A's unique key SK1. The section manager B as a subordinate cannot decrypt the ciphertext file created by the manager A as the boss.

(2) Key Update Process Using Network As described above, the key management server 10 and the clients 20 to 50 are connected to each other via the network 1 so that data communication is possible. The management database 15 of the key management server 10 stores keys (unique keys and decryption keys (which are encrypted when distributed)) to be distributed to each user (employee) of the cryptographic system. Client 20-50
When performing encryption or decryption using
The clients 20 to 50 can always obtain the latest key information by inquiring the key management server 10 of management data update information from the clients 20 to 50 using the network 1.

The mode of updating the management database 15 (management data) can be classified into the following three modes.

FIG. 8 shows an example of updating the management database 15. FIG.
The management database 15 shown in the table is ID "1" (Employee A)
Is different from the content of the management data of ID “2” (employee B).

As described above, in the encryption system, the decryption key (= subordinate's unique key) is managed in the management database 15 (management data) so that the boss can decrypt the ciphertext file created by the subordinate. And, unique data is distributed to employees. Therefore, when the position of an employee changes, it is necessary to change the contents of the management database 15 (management data) and the contents of the unique data possessed by the employee.

When the employee B is a manager (section manager B), since the manager B is a subordinate of the manager A, the management data of the manager A includes the unique key SK2 of the manager B as a decryption key. (See FIG. 5). When section manager B is promoted to manager (manager B), manager B is no longer subordinate to manager A, so manager A
The decryption key SK2 is deleted from the unique data (FIG. 8).
As described above, when the content of the decryption key is changed (updated), the update flag “F” is stored in the management data of the employee.

The manager B who has been promoted becomes the manager of the section manager C and the section manager D. The section manager C's unique key SK3 is newly registered in the decryption key field as the section manager B's decryption key. The update flag “F” is also stored in the management data of the manager B.

The updating of the management database 15 (management data) is performed by the administrator of the key management server 10. The administrator of the key management server 10 can update the management data using a part of the functions of the management data creation program (FIG. 6). This is the same in other update modes of the management database 15 described below.

Update Example 2 (Update of Unique Key) FIG. 9 shows another update example of the management database 15.
The management database 15 shown in FIG. 8 includes the contents of the management data of the employee (manager A) of ID “1”, the contents of the management data of the employee (manager B) of ID “2”, and the employee of ID “3”. The contents of the management data of (section manager C) are different from each other.

The employee with ID “3” (section manager C)
When the K3 is lost or stolen (lost or stolen distributed FD, etc.), the management of the key management server 10 is notified if the fact is notified to the administrator of the key management server 10. The user creates a new unique key (updated unique key: random number data) for section manager C, and stores it in the updated unique key column in the management data of section manager C. Update unique key SK to management data of section manager C
31 (new unique key) is registered. The update flag “F” indicating that the update unique key is stored in the management data of the section manager C
S ”is stored.

The manager A, the manager of section manager C (ID "1")
In the management data of the manager B (ID “2”), the updated unique key S newly created for the manager C, who is a subordinate,
K31 is newly registered as a decryption key (SK3 / SK
31). Update flag column and manager B of management data of manager A
In the update flag column of the management data, the update flag “F” is stored.

Update Example 3 (Expiration of Unique Key (Update Unique Key)) FIG. 10 shows still another example of updating the management database 15. The management database 15 shown in FIG.
The contents of the management data of the employee (section chief D) of “4” are different.

For example, when the employee with ID “4” (chief D) retires, the manager of the key management server 10 is notified that the chief D has retired. The administrator of the key management server 10 stores the revocation flag “FF” in the revocation flag column of the management data for the section chief D (ID “4”).

(3) Encryption / Decryption Processing FIG. 11 is a flowchart showing the flow of processing of the encryption program stored in the storage device of the client.
FIG. 12 is a flowchart showing a flow of processing of a key distribution program executed in the key management server 10. FIG. 13 is a flowchart showing the flow of processing of a key update program executed as a sub-program of the encryption program.

The processing when the encryption program is executed in the client will be described with reference to FIGS. 11, 12, and 13.

When a start instruction of the encryption program is input from the input device of the client, the encryption program is read from the storage device of the client and read by the CPU. The encryption program is executed.

When the encryption program is executed, the ID in the unique data recorded on the FD mounted on the FDD of the client is transmitted to the key management server 10 (step 121). The client proceeds to the processing of the key update program (step 122, FIG. 13). The key update program is data transmitted from the key management server 10 (described later).
(Step 161 in FIG. 13).

The key distribution program of the key management server 10 (FIG. 1)
2) waits for reception of the ID transmitted from the client (step 142). When the key management server 10 receives the ID from the client, the processing of the key distribution program proceeds (YES in step 142).

The received management data including the ID is read from the management database 15 provided in the first storage device 12 (step 143). The read management data is temporarily stored in the memory of control device 11.

It is determined whether the revocation flag “FF” or the update flag “F” or “FS” is stored in the management data temporarily stored in the memory (steps 144, 145, 146).

When neither the invalidation flag nor the update flag is stored in the management data temporarily stored in the memory (that is, when the management data is not updated) (NO in step 144, NO in step 145) (NO, NO in step 146), blank data is transmitted from the key management server 10 to the client (step 147). The key distribution program waits for reception of the ID again (step
142).

As described above, the key update program (FIG. 13) called and activated by the encryption program in the client waits for data transmitted from the key management server 10 (step 161). Key management server 10
Upon receiving blank data from the client, the processing of the key update program proceeds in the client (step 161).
And YES). Expiration flag "FF" or update flag "F"
Alternatively, since none of “FS” has been received (NO in step 162, NO in step 163, N in step 164)
O), the key update program ends the processing as it is (returns to the processing of the encryption program (FIG. 11)).

It is determined again whether an invalid flag “FF” has been received (step 123). Expiration flag "F
F ”is not received (N in step 123).
O), Input of plain text file is permitted. The client user inputs a plaintext file to be encrypted to the client (step 124).

The input plaintext file is encrypted with the unique key recorded on the FD to generate a ciphertext file (step 125). Predetermined termination processing (storage processing, etc.)
After that, the processing of the encryption program ends.

For example, the management database 15 shown in FIG.
Is stored in the first storage device 12 of the key management server 10, and the manager A (ID "1") executes the encryption program using the client 20, the management data of the manager A Since neither the revocation flag nor the update flag is stored, the key management server 10
Is transmitted to the user (FIG. 12; step 147).
). Key update program at client 20 (Fig. 1
3) performs no special processing (FIG. 13; NO in step 162,
(NO in step 163, NO in step 164). When the manager A inputs the plaintext file to the client 20, the input plaintext file is encrypted with the unique key SK1. A ciphertext file is created (FIG. 11; step 125).

If the update flag “F” is stored in the management data read into the memory of the key management server 10 (FIG. 12; NO at step 144, NO at step 145, YES at step 146), The key distribution program executed in the key management server 10 moves the unique key and the decryption key in the management data stored in the memory to another area (work area) of the memory. The decryption key is encrypted with the unique key stored in the work area (step 148). An encryption / decryption key is created. The update flag “F” and the created encryption / decryption key are distributed from the key management server 10 to the client (step 149).

At the client receiving the update flag “F” and the encryption / decryption key, the client replaces the encryption / decryption key stored in the FD with a new encryption / decryption key distributed from the key management server 10. (FIG. 13; Step 162)
NO, NO in step 163, YES in step 164, step
165).

As described above, when the content of the decryption key of the management data in the management database 15 is changed, an update flag “F” is set in the changed management data. For example, when the management database 15 shown in FIG. 5 is updated to the management database 15 shown in FIG.
When "1") executes the encryption program using the client 20, the management data of the manager A has an update flag "F"
Is stored in the key management server 10, the manager A
The decryption keys SK3 and SK4 are encrypted with the unique key SK1 (FIG. 12; YES in step 146, step 148). The update flag “F” is sent from the key management server 10 to the client 20.
And the encryption / decryption keys SK3 <SK1> and SK4 <SK2
Is transmitted (step 149). As shown in FIG. 15A, the client 20 receives the encryption / decryption keys ( SK2 <SK1>, SK3 <SK1>, and SK4 <SK1>) recorded on the FD 24 . Encryption decryption key ( SK
3 <SK1> and SK4 <SK1>) (FIG. 13; YES in step 164, step 165). Manager B (ID “2”), who has been promoted from section manager to manager, is the client
When executing the encrypted program using the 30, 15 (B), the encryption decryption key recorded in the client 30 FD34 (SK4 <SK2>) is received encrypted decryption key (SK3 <SK2> and SK4 <SK2>)
(YES in step 164, step 165).

As described above, in the encryption system, the contents of the unique data distributed to each employee can be changed through the network 1 according to the change of the post.
It is possible to quickly respond to changes in the management system of a company or the like. Since the unique data is changed by executing the encryption program, the employee does not need to be aware of the process for changing the unique data.

If the update flag “FS” is stored in the management data read into the memory of the key management server 10 (FIG. 12, step 145: YES), the key management program The key, the update unique key, and the decryption key are moved to a work area of the memory. The decryption key is encrypted with the updated unique key (step 150), and the updated unique key is encrypted with the unique key (step 152). Update flag "FS"
Then, the encryption update unique key and the encryption / decryption key are distributed from the key management server 10 to the client (step 153).

At the client receiving the update flag "FS" (YES in step 163 in FIG. 13), the received encrypted update unique key is decrypted by the key update program using the unique key recorded in the FD (step 163). 166). The obtained updated unique key is replaced with a unique key already recorded on the FD (the updated unique key is recorded on the FD as a unique key) (step 167). Further, the encryption / decryption key recorded on the FD is replaced with the received encryption / decryption key (step 165).

As described above, when the update unique key is stored in the management data of the management database 15, the update flag “FS” is stored in the management data. For example,
In the state where the management database 15 shown in FIG. 8 has been updated to the management database 15 shown in FIG.
When “3”) uses the client 40 to execute the encryption program, the management data of section manager C contains an update flag “F”.
S ”is stored in the key management server 10,
The manager C updates the decryption key S in the management data with the update unique key SK31.
K4 is encrypted (step 150). Encryption decryption key S
K4 <SK31> is generated (FIG. 12; YES at step 145)
, Step 150). Further, the update unique key SK31 is encrypted with the unique key SK3, and the encrypted update unique key SK31 <SK
3> is generated (step 152). From the key management server 10 to the client 40, the update flag “FS”, the encryption update unique key SK31 <SK3>, and the encryption decryption key SK4 <S
K31> is delivered (step 153).

At the client 40, the received encrypted update unique key SK31 <SK3> is decrypted with the unique key SK3 recorded on the FD. An update unique key SK31 is obtained (FIG. 13; YES in step 163, step 166). FIG.
As shown in (A), the client 40 replaces the unique key SK3 recorded on the FD with the updated unique key SK31 (step 167). Further, the encryption / decryption key SK4 <SK3> recorded on the FD is replaced with the distributed new encryption / decryption key SK4 <SK31> (step 165).
). Thereafter, in the client 40, SK31 is used as a unique key in the encryption processing and the decryption processing.

Along with the update unique key being registered in the management data for section manager C, section manager A, the manager of section manager C,
The contents of the management data of (ID “1”) and manager B (ID “2”) are also changed (FIG. 9; the update unique key SK31 is newly registered as a decryption key, and the update flag “F” is stored). ). The encryption / decryption key ( SK3 <SK1>, SK4 <SK1>) recorded on the FD 24 of the manager A (ID "1")
Is the new encryption / decryption key ( SK3 <SK1> / SK31
<SK1>, SK4 <SK1>) (FIG. 16)
(B)). The same replacement is performed for the encryption / decryption key recorded in the FD 34 of the manager B (ID “2”) (FIG. 16C).

As described above, even when one of the employees loses the unique key, a new unique key (updated unique key) can be delivered to the employee through the network 1. Rapid renewal of the unique key is achieved. further,
With the registration of the new unique key (updated unique key), both the encrypted decryption key of the employee who is the boss and the encrypted decryption key of the employee who has lost the unique key correspond to the new unique key. In particular, for the boss, about the employee who lost the unique key,
In order to be able to decrypt both the ciphertext file encrypted with the unique key used before the loss and the ciphertext file created with the new unique key (updated unique key), the unique data (encryption decryption key ) Is updated.

If the revocation flag “FF” is stored in the management data including the received ID (FIG. 12; YES in step 144), the key distribution program sets the revocation flag “F”.
F "to the client (step 154).

In the client receiving the revocation flag "FF", the process of deleting the unique key and all the encryption / decryption keys recorded in the FD from the FD is performed (FIG. 13; YES in step 162, step 168). ), The processing of the encryption program ends (FIG. 11; YES in step 123).

As described above, when the user (employee) of the encryption system retires or resigns, the revocation flag “FF” is stored in the management data of the employee. For example, in a state where the management database 15 shown in FIG. 9 is updated to the management database 15 shown in FIG.
Suppose that the encryption program was executed using the FD distributed to D “4”). Since the revocation flag “FF” is stored in the management data of the section chief D, the key management server
The revocation flag “FF” is transmitted from 10 to the client 50 (FIG. 12; step 154). As shown in FIG. 17, in the client 50, the unique key SK of the section chief D recorded in the FD
4 is erased (FIG. 13; step 168). The encryption program terminates the processing without encrypting the plaintext file (FIG. 11; YES in step 123).

As described above, by storing the revocation flag in the management data, the encryption processing of the employee storing the revocation flag can be prohibited. It is possible to prevent an encryption process by a person who has not been permitted to use the encryption system (it is no longer permitted).

Next, the processing when the decryption program is executed will be described with reference to FIG. 14 and FIGS. 12 and 13 described above. Since the processing of the decryption program (FIG. 14) includes the same processing as the processing of the above-described encryption program (FIG. 11),
The same processes are denoted by the same reference numerals, and redundant detailed description will be avoided.

When an instruction to start the decryption program is input from the input device of the client, the decryption program is read from the storage device of the client and read by the CPU.
The decryption program is executed.

In the processing of the decryption program, the client performs the ID transmission processing (step 121) and the key update program processing (step 122, FIG. 13), and the key management server 10 executes the key distribution program processing (FIG. 12). ) Is performed. I sent from client to key management server 10
When the invalidation flag “FF” or the update flag “F” or “FS” is stored in the management data including D, the content of the unique data recorded in the FD is changed (FIG. 13; step 165). , Step 167, Step 168
).

When the revocation flag "FF" is transmitted to the client, the client deletes the unique key from the FD (step 168). The decryption program ends the processing (YES in step 123). It is possible to prevent an unauthorized ciphertext file from being decrypted by a user who has left the company.

If the revocation flag has not been transmitted (NO in step 123), the input of the ciphertext is permitted. The client user (employee) inputs the ciphertext file to the client (step 132).

The input ciphertext file is analyzed (step 133). The ciphertext file created in the encryption system is a ciphertext file created by the user (employee) of the client executing the decryption program, a ciphertext file created by a subordinate thereof, or a supervisor ( Here, it is either a ciphertext file created by a person of the same rank (for example, including managers, section managers, etc.). In the ciphertext file analysis process (step 133), the input ciphertext file is
Whether the file is a ciphertext file created by the user, a ciphertext file created by a subordinate, or a ciphertext file created by a supervisor is analyzed based on, for example, header information of the ciphertext file.

If the input ciphertext file is created by the user ("self" in step 134), the unique key recorded in the FD is used to create the ciphertext file. The input ciphertext file is decrypted with the unique key recorded in the FD. A plaintext file is obtained (step 135).

If the input ciphertext file is created by a subordinate (subordinate in step 134), the FD contains an encrypted unique key used to create the ciphertext file by the subordinate ( Since the encryption / decryption key is recorded, the client user selects the encryption / decryption key for his subordinate and decrypts the encryption / decryption key with his / her own unique key recorded on the FD. Decryption key (= subordinate's unique key)
Is obtained. The ciphertext file is decrypted with a decryption key (= subordinate's unique key) to obtain a plaintext file (step 136).

If the input ciphertext file is created by the boss (or a person of the same rank), the decryption program terminates the processing as it is (“boss” in step 134).

For example, the management database 15 shown in FIG.
Is provided in the first storage device 12 of the key management server 10, and the section manager B (ID “2”) executes the decryption program (the FD 34 of the section manager B has a unique ID shown in FIG. 4B). Data 35 is recorded). Manager B has his own unique key SK
The ciphertext file created in step 2 can be decrypted (step 135). In addition, chief D (ID
The ciphertext file created by “4”) also has the encryption decryption key S
By decrypting K4 <SK2> with the unique key SK2, the decryption key SK4 (= the unique key of the lock length D (ID "4")) can be obtained, so that it can be decrypted (step
136). The section manager B cannot decrypt the ciphertext file created by the manager A (ID “1”) and the ciphertext file created by the section manager C (ID “3”).

In the processing of the decryption program, it is not always necessary to perform the ciphertext file analysis processing (step 133). A decryption process may be performed on the input ciphertext file on a brute force basis using each of the unique key recorded on the FD and the decryption key obtained by decrypting the encrypted decryption key with the unique key. When a meaningful plaintext file is generated, it can be understood that the ciphertext file is a ciphertext file created by oneself or a subordinate. If a meaningful plaintext file cannot be generated, it is understood that the ciphertext file is a ciphertext file created by the boss.

Various flags stored in the management database 15 (update flag “F”, “FS”, revocation flag “F
F ") is access from the user to the management data in which the flag is stored (as described above, the client accesses the key management server 10 by executing the encryption program or the decryption program). After that, the information may be deleted from the management database 15.

As described above, in the encryption system, the management database 15 provided in the key management server 10 manages the unique key and the decryption key suitable for the position (management system) of the user (employee). Key management corresponding to the organization structure is realized. The unique key and the decryption key (encryption / decryption key) distributed to each user are centrally managed in the management database 15, and the unique key and the encryption / decryption key (uniqueness key) recorded on the FD distributed to each employee are stored. Since the contents of (data) can be easily changed online in accordance with the update of the management database 15, it is possible to flexibly cope with organizational reorganization, personnel changes, and changes in employees.

In the embodiment described above, the unique data (ID,
The unique key and the encryption / decryption key) are recorded on the FD in the key management server 10 and distributed to each employee. Of course, they are recorded and distributed on other rewritable recording media such as MO and CD-RW. You may make it. The unique data may be distributed to each employee via the network 1 by electronic mail or the like, and the unique data may be recorded on the hard disk of the client.

Further, in the above-described embodiment, the superior encrypts the subordinate's unique key (= decryption key) (encryption decryption key).
Of course, a subordinate may possess an encrypted version of the boss's unique key. In any case, whether or not a ciphertext file created by a subordinate or a supervisor can be decrypted is determined based on management data in the management database 15.

Second Embodiment FIG. 18 is a block diagram showing the overall configuration of a cryptographic system according to a second embodiment. The encryption system according to the first embodiment shown in FIG.
The content of the management database provided in the storage 12 differs from the content of the processing of the program stored in the second storage device 12. In addition, the contents of the program (contents of the program processing) stored in the storage devices 22 and 32 of the clients 20 and 30 # and the unique data recorded in the FD distributed by the administrator of the key management server 10 The contents are also different from the first embodiment. Other configurations are the first embodiment (FIG. 3)
Is the same as

In the encryption system of the second embodiment, each time a user (employee) of the encryption system performs an encryption process or a decryption process, an encryption / decryption key is created in the key management server 10 and distributed to the client. The encryption / decryption key distributed from the key management server 10 is stored in the memory (RAM) of the control device of the client. By decrypting the encrypted decryption key stored in the memory, a decryption key used for decrypting the ciphertext file created by the subordinate can be obtained. The storage device of the client stores an encryption / decryption program used for encrypting a plaintext file and decrypting a ciphertext file.

The management database 15A provided in the first storage device 12 of the key management server 10 has the same item columns (“ID”, “update flag”, “revoke flag”, “unique key”) as those of the management database 15 shown in FIG. , "Update unique key", "decryption key 1", "decryption key 2"). Management database 15
The difference is that only the update flag “FS” is stored in the update flag column. The update flag “F” is not stored in the update flag column. The creation of the management data stored in the management database 15A is performed in the same manner as in the first embodiment (FIG. 6) based on the management data creation program.

FIG. 19A shows an example of the unique data 25A recorded on the FD 24 owned by the manager A, and FIG. 19B shows an example of the unique data 35A recorded on the FD 34 owned by the section manager B. ing. FIG. 19 (C) shows an example of the unique data 45A recorded on the FD owned by the section manager C, and FIG. 19 (D) shows an example of the unique data 55A recorded on the FD owned by the section chief D. . FIG. 20 is a flowchart showing a flow of processing of the unique data creation program executed in the key management server 10. The flowchart shown in FIG.
The same processes as those of the specific data creation program in the embodiment) are denoted by the same reference numerals, and redundant detailed description will be avoided.

In the encryption system of the second embodiment, the ID and the unique key are recorded on the FD distributed to each user (employee) (step 113). No encryption / decryption key is recorded. The FD in which the ID and the unique key are recorded by the unique data creation program is distributed to each employee (FIG. 19).
(A) to (D)).

FIG. 21 is a flowchart showing the flow of processing of the encryption / decryption program stored in the storage device of the client. FIG. 22 is a flowchart showing a flow of processing of a key distribution program executed in the key management server 10. FIG. 23 is a flowchart showing the flow of processing of the key update program executed as a sub-program of the encryption / decryption program. The encryption / decryption program (FIG. 21) performs the same processing as the encryption program (FIG. 11) and the decryption program (FIG. 14) of the first embodiment, and the key distribution program (FIG. 22) executes the key distribution program of the first embodiment. (Figure 1
Since the key updating program (FIG. 23) includes the same processing as the key updating program (FIG. 13) of the first embodiment, the same processing is denoted by the same reference numeral and the same detailed processing is repeated. Avoid explanation. Since the plurality of clients 20 to 50 can basically perform the same processing, in the following description, the client 20 (ID “1”)
Of the employee A's computer) will be described. The management database 15A is basically in the state shown in FIG.

When the encryption / decryption program is started in the client 20, the ID “1” recorded on the FD attached to the FDD is transmitted to the key management server 10 (FIG. 21, step 121). In the key management server 10 receiving the ID “1”, the management data including the received ID “1” is read from the management database 15A (FIG. 22; Step
YES at 142, step 143).

An invalid flag “F” is added to the read management data.
If neither “F” nor the update flag “FS” is stored (NO in step 144, N in step 145)
O), the decryption keys SK2, SK3, and SK4 in the management data are encrypted using the unique key SK1 in the management data (step 148). Encryption decryption key SK2 <SK1>,
SK3 <SK1> and SK4 <SK1> are generated. The generated encryption / decryption key is distributed to the client that transmitted the ID (step 149A). Of course, if the employee has no subordinates, the decryption key is not included in the management data of the employee, so that the processing of steps 148 and 149A is skipped.

When the client 20 receives the encryption / decryption key distributed from the key management server 10, the processing of the key update program starts (FIG. 21, step 122A, FIG. 23;
YES in step 161).

The expiration flag “FF” and the update flag “F”
S has not been received (step
162, NO at step 163), the received encrypted decryption key SK2 <SK1 with the unique key SK1 recorded on the FD.
>, SK3 <SK1>, SK4 <SK1> are decoded (step 173). Decryption key (= subordinate's unique key) SK2
SK3 and SK4 are generated. The generated decryption key is temporarily stored in the memory (RAM) of the control device of the client (step 174). Return to the processing of the encryption / decryption program (FIG. 21).

If the file input to the client 20 is a plaintext file (encrypted in step 175, step 124), the plaintext file is encrypted with the unique key SK1 recorded on the FD 24 mounted on the client 20. Then, a ciphertext file is generated (step 125).

If the file input to the client 20 is a ciphertext file (decryption in step 175, step 132), the ciphertext file is analyzed (step 133). If the ciphertext file is created by itself, the ciphertext file is decrypted using the unique key SK1 recorded in the FD 24 ("self" in step 134, step 135). If the subordinate is the created ciphertext file ("subordinate" in step 134), the decryption key (subordinate's unique key) temporarily stored in the memory
The ciphertext file is decrypted in (SK2, SK3, SK4) (step 136). If the ciphertext file is created by the boss (or a peer) ("boss" in step 134), the encryption / decryption program terminates the processing as it is.

If there is another plaintext file to be encrypted or a ciphertext file to be decrypted, the client user inputs a new plaintext file or ciphertext file to the client (NO in step 176, step 176).
175). When the user of the client inputs a command for terminating the program to the client (for example, clicking an end button displayed on the display screen with a mouse), the processing of the encryption / decryption program ends (YES in step 176). .

When the update flag “FS” is stored in the management data (FIG. 22; YES in step 145), the decryption key SK is used as the update unique key (SK11) in the management data.
2, SK3 and SK4 are encrypted (step 150), and the updated unique key SK11 is further encrypted with the unique key SK1 (step 152). Update flag “FS”, encryption update unique key SK11 <SK1>, and encryption decryption key SK2 <SK
11>, SK3 <SK11>, and SK4 <SK11> are distributed to the client 20 (step 153A).

In the client 20, the update flag “FS”
Is received (FIG. 23; YES in step 163), the received encrypted update unique key SK11 <SK1> is decrypted with the unique key SK1 recorded in the FD 24 (step 166).
An update unique key SK11 is obtained. Obtained update unique key S
K11 is registered in the FD 24 as a unique key (step 16).
7).

With the new unique key (updated unique key) SK11,
Received encryption / decryption keys SK2 <SK11>, SK3 <S
K11> and SK4 <SK11> are each decoded (step 171). The decryption keys SK2, SK3, and SK4 are obtained. The obtained decryption key is stored in the memory of the control device 21 (step 172).

An invalid flag “F” is added to the read management data.
If "F" is stored (YES in step 144), a revocation flag "FF" is transmitted from the key management server 10 to the client 20 (step 154). In this case, the key update program in the client 20 deletes the unique key SK1 recorded on the FD 24 (FIG. 23; step 16).
8A). The encryption / decryption program ends the processing (FIG. 2
1; YES in step 123).

As described above, in the encryption system of the second embodiment, since only the ID and the unique key are recorded in the FD held by the user (employee), the first embodiment (the FD further includes an encryption / decryption key) Is also recorded), the security of the system is enhanced. Further, the decryption key used for decrypting the subordinate ciphertext file at the client is stored in the memory (RAM) (FIG. 23; steps 172, 17)
4), upon completion of the processing of the encryption / decryption program,
The decryption key can be deleted from memory. Leakage of the decryption key is prevented. Also, since the decryption key is delivered in an encrypted state from the key management server 10 to the client, there is a possibility that the decryption key can be generated even if someone obtains the encryption decryption key through the network 1. Low, security of cryptosystem is high.

Termination processing of encryption / decryption program (FIG. 2)
1; In accordance with step 176), a process (erasing program) for deleting the decryption key possessed by the client may be executed. FIG. 24 shows the flow of the processing of the encryption / decryption program in which the erasing processing is executed. When an end command of the encryption / decryption program is input to the client by the client user (employee) (YES in step 176)
), The decryption key held by the client is deleted (step 177). In this case, the decryption key does not necessarily need to be stored in the memory (RAM), but may be stored in another recording medium such as a hard disk. After the decryption key stored on the hard disk or the like of the client is deleted, all the processing of the encryption / decryption program ends. This is the same in other embodiments described later.

Third Embodiment FIG. 25 is a block diagram showing the overall configuration of a cryptographic system according to a third embodiment. The encryption system according to the second embodiment shown in FIG. 18 is different from the key management server 10 in the first storage device.
The contents of the management database provided in the storage 12 and the contents and processing of the program stored in the second storage device 13 are different. In addition, the storage device 2 of the client 20, 30 ‥‥
2, 32}, the contents of the program and the contents of the data recorded in the FD distributed by the administrator of the key management server 10 are different from those of the second embodiment. Other configurations are the same as those of the second embodiment (FIG. 18).

In the encryption system according to the third embodiment, the encryption / decryption program and the key update program are stored in the storage devices 22, 32 of the clients 20, 30 # together with the public key / key update program.
A secret key generation program is stored. As will be described later, the public key / private key generation program is executed by the user of the client after the FD in which the ID is recorded is distributed from the administrator of the key management server 10. A pair of a public key and a secret key (a public key and a secret key based on a public key encryption method) are created. The created secret key is held as unique data by the user of the client. On the other hand, the public key paired with the secret key is transmitted from the client to the key management server 10 and registered in the management database 15B, and an encryption / decryption key to be distributed from the key management server 10 to the client (encryption of the decryption key ).

FIG. 26 shows the first storage device 12 of the key management server 10.
4 shows the contents of the management database 15B provided in the management database 15B. The point that the item column of “public key” is newly provided, and that the item columns of “update flag” and “update unique key” do not exist, the key management database 15 of the first embodiment.
(FIG. 5). The management data to be stored in the management database 15B is basically created based on the management data creation program stored in the second storage device 13.
This is performed in the same manner as in the embodiment (FIG. 6).

FIG. 27A shows an example of the unique data 25B recorded in the FD 24 possessed by the manager A in the third embodiment.
FIG. 27B shows an example of the unique data 35B recorded on the FD 34 possessed by the section manager B. FIG. 27C shows an example of the unique data 45B recorded on the FD possessed by the section manager C, and FIG. 27D shows an example of the unique data 55B recorded on the FD possessed by the section chief D. . FIG. 28 is a flowchart showing a flow of processing of the unique data creation program executed in the key management server 10. The same processes as those in the flowchart shown in FIG. 7 (processes of the unique data creation program in the first embodiment) are denoted by the same reference numerals.
Avoid duplicate details.

In the encryption system of the third embodiment, the ID is recorded on the FD distributed to each user (employee) by the unique data creation program (step 113A).
). The unique key and the decryption key (encryption decryption key) are not recorded. The FD in which the ID is recorded is distributed to each employee.

The employee receiving the FD in which the ID is recorded executes the public key / private key generation program from the input device of the client. On the other hand, in the key management server 10, the public key receiving program prepares to receive the public key generated in the client. FIG. 29 is a side view of a flowchart showing the processing of the public key / private key generation program executed by the client and the flowchart showing the processing of the public key receiving program executed by the key management server 10.

When the client executes the public key / private key generation program, a pair of a public key and a secret key is generated (step 126). The public key / private key program reads the ID from the FD, and transmits the read ID and the generated public key to the key management server 10. Further, the generated secret key is recorded on the FD (step 127). ID for FD
And the secret key are recorded (FIGS. 27A to 27D).

The key management server 10 waits for reception of the ID and the public key transmitted from the client by the public key receiving program (NO in step 128). Upon receiving the ID and public key from the client (YE in step 128)
S), the received public key is registered in the management data corresponding to the received ID (step 129). The public key transmitted from each client is registered in the management database 15B (FIG. 26).

FIG. 30 is a flowchart showing the flow of processing of the encryption / decryption program stored in the storage device of the client. FIG. 31 is a flowchart showing a flow of processing of a key distribution program executed in the key management server 10. FIG. 32 is a flowchart showing the flow of processing of a key update program executed as a sub-program of the encryption / decryption program. Encryption of the second embodiment /
The same processes as those of the decryption program (FIG. 21), the key distribution program (FIG. 22), and the key update program (FIG. 23) are denoted by the same reference numerals, and redundant description will be avoided. The operation of the client 20 will be described.

When the encryption / decryption program is started in the client 20, the ID “1” recorded on the FD 24 attached to the FDD is transmitted to the key management server 10 (FIG. 30, step 121). The key management server 10 receiving the ID “1” reads the management data including the received ID “1” (FIG. 31; YES in step 142, step 14).
3).

If the revocation flag is not stored in the management data (NO in step 144), the key management server 10
Encrypts the unique key SK1 and the decryption keys SK2, SK3, and SK4 in the management data using the public key OP1 previously received from the client 20 and registered in the management data (step 181). Encryption unique key SK1
<OP1> and encryption / decryption key SK2 <OP1>, SK3 <
OP1> and SK4 <OP1> are generated. The generated encryption unique key and encryption / decryption key are distributed from the key management server 10 to the client 20 (Step 182).

The data encrypted with the public key OP1 can be decrypted with the private key S1 paired with the public key OP1. In the client 20, the encryption unique key SK1 <OP
1> and an encryption / decryption key SK2 <OP1>, SK3 <OP1
>, SK4 <OP1> (FIG. 31; YES in step 161 and NO in step 162), the secret key S1 recorded in the FD is used to receive the received encrypted unique key and cipher. The decryption keys are decrypted (step 18
3). Unique key SK1 and decryption keys SK2, SK3, SK
4 is generated. The generated unique key and decryption key are temporarily stored in the memory (RAM) of the control device (step 184). When encrypting the plaintext file and decrypting the ciphertext file generated by itself, the encryption or decryption process is performed using the unique key SK1 stored in the memory (FIG. 30, step 125). , Step 135). When decrypting a ciphertext file created by a subordinate, the decryption keys SK2 and SK stored in the memory are used.
3 or SK4 is used to decrypt the ciphertext file into a plaintext file (step 136A). The unique key and the decryption key temporarily stored in the memory of the control device of the client are deleted from the memory (RAM) when the processing of the encryption / decryption program ends (YES in step 176).

As described above, in the encryption system according to the third embodiment, it is not necessary for the user to possess a unique key used for the encryption processing of the plaintext file and the decryption processing of the encrypted text file. The security of the cryptographic system is further enhanced.
Since the unique key and the decryption key used in the client are encrypted with the public key in the key management server 10 and transmitted to the client, only the user having the private key paired with the public key used for the encryption has the unique key. Keys and decryption keys can be used. Even if a third party steals the encryption unique key and the encryption / decryption key, the third party cannot decrypt the encryption unique key and the encryption / decryption key, thereby maintaining the security of the encryption system. .

Of course, in the third embodiment, both the public key and the secret key generated by the public key / private key generation program are recorded in advance in the FD distributed by the administrator of the key management server 10. Is also good. In this case, the third
As in the embodiment, the public key / private key generation program only needs to be executed once, and it is not necessary to generate a public key / private key every time encryption / decryption processing is performed.

Modification In the third embodiment, a public key / private key may be created each time an encryption / decryption program is executed on a client. FIG. 33 is a flowchart showing the flow of processing of an encryption / decryption program in a modification of the third embodiment. The flowchart of the encryption / decryption program of the third embodiment shown in FIG. 30 is that the ID and the public key are transmitted (step 121A), and the public key / private key generation is performed before the transmission of the ID and the public key. The difference is that the program is executed (step 191), and the generated public key and private key are not recorded in the FD.

If the encryption / decryption program is
, The processing of the public key / private key program is started (step 191). A pair of a public key OP1 and a secret key S1 is generated. A generated pair of public keys OP
Secret key S1 is the client of the pair
It is temporarily stored in the memory (RAM) of the control device 21 of 20. The public key OP1 is transmitted to the key management server 10 together with the ID (Step 121A). The key management server 10 receives the ID and the public key each time the encryption / decryption program is executed in the client 20 (Step 142:
"Reception of ID and public key"). The secret key S1 temporarily stored in the memory of the control device 21 of the client 20 is
It is deleted from the memory when the processing of the encryption / decryption program ends.

Fourth Embodiment FIG. 34 is a block diagram showing the overall configuration of a cryptographic system according to a fourth embodiment. The encryption system according to the second embodiment shown in FIG. 18 is different from the key management server 10 in the first storage device.
The content of the management database provided in the storage device 12 and the content of the program (the content of the program processing) stored in the second storage device 13 are different. For the clients 20, 30 #, the FD distributed from the administrator of the key management server 10
The contents of the management data recorded at 24, 34 # are different from those of the second embodiment.

In the encryption system of the fourth embodiment, the public key /
The secret key generation program is the second storage device of the key management server 10.
13 is stored. The public key / private key generation program is executed in the key management server 10 in the processing of the management data creation program.

FIG. 35 shows an example of the management database 15C provided in the first storage device 12 of the key management server 10.
FIG. 36 is a flowchart showing the flow of the management data creation program processing. The difference from the management data creation program (first embodiment) shown in FIG. 6 is that a public key / private key generation process (step 201) is added.

In the management database 15C, “ID”,
A "public key / private key" item field is provided in addition to the "expiration flag", "unique key", "decryption key 1", "decryption key 2", and "decryption key 3" item fields. I have. Key management server
When ten administrators enter user information (step 101
), A new ID is assigned and registered in the ID column (step 102). After that, the management data creation program
The public key / private key generation program stored in the second storage device 13 is called. A public key / private key pair is generated by the public key / private key generation program. The generated public / private key pair is stored in the public key /
It is registered in the secret key column (step 201).

FIG. 37A shows an example of the unique data 25C recorded on the FD 24 owned by the manager A in the fourth embodiment.
FIG. 37 (B) shows an example of the unique data 35C recorded in the FD 34 possessed by the section manager B. FIG. 37 (C) shows an example of the unique data 45C recorded on the FD possessed by the section manager C, and FIG. 37 (D) shows an example of the unique data 55C recorded on the FD possessed by the section chief D. . FIG. 38 is a flowchart showing the flow of processing of the unique data creation program executed in the key management server 10. The same processes as those of the unique data creation program (first embodiment) shown in FIG. 7 are denoted by the same reference numerals, and redundant detailed description will be avoided.

In the encryption system of the fourth embodiment, the ID and the secret key are recorded on the FD distributed to each user (employee) by the unique data creation program (step 113B). The FD in which the ID and the secret key are recorded is distributed to each employee.

In the fourth embodiment, the processing of the encryption / decryption program executed by the client is shown in FIG. 30 (third embodiment), and the processing of the key update program is shown in FIG. 32 (third embodiment).
Is the same as The processing of the key distribution program executed by the key management server 10 is the same as that of the key distribution program (FIG.
It is the same as the processing of 1). The operation of the client 20 will be described.

When the ID “1” is transmitted from the client 20 and the key management server 10 receives the ID “1” (YES in step 142), the processing of the key distribution program proceeds. If the revocation flag “FF” is not stored in the management data including the reception ID (NO in step 144), the public key OP1 in the management data is used, and the unique key SK1 and the decryption key also in the management data. SK2, SK3, SK
4 is encrypted (step 181). Encryption unique key SK
1 <OP1> and encryption / decryption key SK2 <OP1>, SK3
<OP1>, SK4 <OP1> are transmitted from the key management server 10 to the client 20 (step 182). In the client 20, since the secret key S1 is recorded in the FD 24 (FIG. 37), the received encrypted unique key SK1 <OP1>
And the encryption / decryption keys SK2 <OP1>, SK3 <OP1
>, SK4 <OP1> are decrypted with the secret key S1 recorded in the FD 24 (FIG. 32; step 183). Unique key S
K1 and the decryption keys SK2, SK3, SK4 are held in the memory (RAM) of the client 20 (step 184).
). When encrypting a plaintext file and decrypting a ciphertext file generated by itself, encryption or decryption is performed using the unique key SK1 stored in the memory (FIG. 30, step 125, Step 13
Five). When decrypting a ciphertext file created by a subordinate, the decryption keys SK2, SK3, S
The ciphertext file is decrypted into a plaintext file using K4 (step 136A).

As described above, the client user has:
Since an FD in which a secret key is recorded in advance is distributed, a third party obtains an ID used by another person, transmits the ID to a key management server 10, and obtains an encryption unique key and an encryption / decryption key. However, a third party who does not have a secret key used to decrypt the encrypted unique key and the encrypted decryption key cannot obtain either the unique key or the decryption key. It is possible to prevent a third party from acquiring an ID of another person and using the encryption system.

Fifth Embodiment FIG. 39 is a block diagram showing an overall configuration of a cryptographic system according to a fifth embodiment. The encryption system according to the fourth embodiment shown in FIG. 34 is different from the key management server 10 in the first storage device.
The content of the management database provided in the storage 12 differs from the content of the processing of the program stored in the second storage device 13. For the clients 20 and 30 #, the contents of the management data recorded in the FDs 24 and 34 # distributed from the administrator of the key management server 10 and the contents of the programs stored in the storage devices 22 and 33 # (Contents of program processing) is different from the fourth embodiment.

In the encryption system of the fifth embodiment, both the key management server 10 and the clients 20, 30 # are provided with a public key / private key generation program. Hereinafter, the public key / private key generated in the key management server 10 is referred to as a first public key / first private key. The public key / private key generated in the client is referred to as a second public key / second secret key.

FIG. 40 shows an example of the management database 15D provided in the first storage device 12 of the key management server 10. FIG. 41 is a flowchart showing the flow of processing of the management data creation program. The processing (first embodiment) of the management data creation program shown in FIG.
(Steps 202 and 103).

In the management database 15D, “ID”,
There are provided “expiration flag”, “secret data”, “unique key”, and “decryption key 1”, “decryption key 2”, and “decryption key 3”. When the administrator of the key management server 10 inputs user information to the key management server 10 (step 101),
An ID is assigned and registered in the ID column (step 102
).

A first random number generation process is performed (step 202). The generated random number is registered in the secret data field as secret data.

The second random number generation processing is performed (step 103). The generated random number is used as a unique key.

FIG. 42A shows an example of the unique data 25D recorded in the FD 24 owned by the manager A in the fifth embodiment.
FIG. 42 (B) shows an example of the unique data 35D recorded on the FD 34 owned by the section manager B. FIG. 42 (C) shows an example of the unique data 45D recorded on the FD carried by the section manager C, and FIG. 42 (D) shows an example of the unique data 55D recorded on the FD carried by the section chief D. . FIG. 43 is a flowchart showing the flow of processing of the unique data creation program executed in the key management server 10. The same processes as those of the process (first embodiment) of the unique data creation program shown in FIG. 7 are denoted by the same reference numerals, and redundant detailed description will be avoided.

In the fifth embodiment, the ID and secret data (FIG. 41; step 202) created by the above-described management data creation program are recorded in the FD distributed to each employee (FIG. 41; step 202). Step 113C). The FD in which the ID and the secret data are recorded is distributed to each employee.

FIG. 44 is a flowchart showing the flow of processing of the encryption / decryption program stored in the storage device of the client. FIGS. 45 and 46 are flowcharts showing the flow of processing of the key distribution program executed in the key management server 10. FIG. 47 is a flowchart of processing of a key update program executed as a sub-program of the encryption / decryption program. FIG. 48 shows the key management server 10.
And encryption processing and decryption processing of the key and secret data in the client and the client, focusing on the function of the key. The operation of the client 20 will be described.

When the user (employee) of the client 20 activates the encryption / decryption program, the public key / private key generation program stored in the storage device 22 of the client 20 is executed. A pair of a second public key and a second secret key (O
P2 / S2) is generated (step 211). The second secret key S2 is stored in the memory of the storage device 22 of the client 20.

The second public key OP2 paired with the second secret key S2 held in the memory is the ID stored in the FD24.
It is transmitted to the key management server 10 together with "1" (step 121C). The client 20 executes the key update program (step 122C). The key update program waits for reception of data transmitted from the key management server 10 (FIG. 47; step 161).

ID “1” transmitted from client 10
When the key management server 10 receives the second public key OP2 and the second public key OP2, the key management server 10 proceeds with the processing of the key distribution program (YES in step 142B).

The management data including the reception ID is read from the management database 15D into the memory of the key management server 10 (Step 143). If the revocation flag “FF” is stored in the management data read into the memory (step 144
YES), the key management server 10 transmits the revocation flag "FF" to the client 20 (step 152). In this case, in the client 20, the key update program
The secret data SD1 recorded in the storage 24 is erased (FIG. 4
7; YES in step 162, step 237). When the secret data SD1 is deleted from the FD 24, a unique key (encrypted unique key) is not delivered from the key management server 10 to the client 10, as described later. The encryption / decryption program (FIG. 43) ends the processing (FIG. 44; step)
NO at 123).

If the revocation flag “FF” is not stored in the management data read into the memory (FIG. 45; NO in step 144), the key distribution program stores the public key stored in the second storage device 13. Call and execute the key / decryption key generation program. A pair of a first public key and a first secret key is generated (referred to as OP1 / S1). The ID “1” included in the management data read into the memory and the generated first
Is stored in the work area of the memory (step 213). The first public key OP1 paired with the first secret key S1 is encrypted with the second public key OP2 received from the client 10 (step 214). An encrypted first public key OP1 <OP2> is generated.

The generated encrypted first public key OP1 <O
P2> is distributed from the key management server 10 to the client 20 (step 215). The key distribution program waits for reception of the ID “1” to be transmitted from the client 20 and the encrypted secret data (FIG. 46; NO in step 216).

As described above, the second secret key S2 is held in the memory of the client 20 which has received the encrypted first public key OP1 <OP2> (FIG. 44; step 211).
). The client 20 receives the encrypted first public key OP1 <O
When P2> is received (FIG. 47; YES in step 161, NO in step 162), the key update program stores the received encrypted first public key OP1 <OP2> in the memory of the client 20. Decrypted with the second secret key S2.
The encrypted first public key OP1 <OP2> is a key management server
Since the data is encrypted with the second public key OP2 in FIG. 10 (FIG. 45; step 214), the encrypted first public key O
P1 <OP2> is decoded. A first public key OP1 is generated (Step 231).

Next, with the generated first public key OP1,
The secret data SD1 (see FIG. 42A) recorded on the FD 24 attached to the client 20 is encrypted,
Encrypted secret data SD1 <OP1> is generated (step 232). The key update program has the ID “1” recorded on the FD 24 and the generated encrypted secret data SD1 <
OP1> to the key management server 10 (step 233).
). The key update program waits for reception of the encryption unique key and the encryption / decryption key transmitted from the key management server 10 (NO in step 234).

When key management server 10 receives ID “1” and encrypted secret data SD1 <OP1> (FIG. 46; YES in step 216), the key distribution program returns the received ID.
"1" and the ID in the management data held in the memory
Is determined whether or not matches (step 217)
).

If the two IDs match (YES in step 217), the encrypted secret data SD1 transmitted from the client 20 using the first secret key S1 held in the memory of the key management server 10 is transmitted. <OP1> is decoded (step 218). The encrypted secret data SD1 <OP1> is
Since the data has been encrypted with the first public key OP1 in the client 20 (FIG. 47; step 232), the encrypted private data is decrypted by the decryption processing using the first private key S1.
Secret data SD1 is generated from SD1 <OP1>.

It is determined whether or not the obtained secret data SD1 matches the secret data in the management data (step 219).

If the two secret data match (YES in step 219), the management read into the memory by the second public key OP2 (FIG. 45; step 142B) received from the client 20. The unique key SK1 and the decryption keys SK2, SK3, SK4 in the data are respectively encrypted (step 220). The encryption unique key SK1 <OP2> and the encryption decryption keys SK2 <OP2>, SK3 <OP2>, SK
4 <OP2> are generated. The encryption unique key and the encryption / decryption key are transmitted to the client 20 (step 221).
).

When the client 20 receives the encryption unique key and the encryption / decryption key from the key management server 10, the processing of the key update program is resumed (FIG. 47; step 234).
YES). The key update program uses the second secret key S2 held in the memory of the client 20 to execute the key management server 10
Unique keys SK1 <OP2> and decryption keys SK2 <OP2>, SK3 <OP2>, SK4 <O received from
P2> is decoded (step 235). As described above, since the encryption unique key and the encryption / decryption key are encrypted by the second public key OP2 in the key management server 10 (FIG. 46; step 220), the encryption unique key SK1 is used.
From <OP2>, the unique key SK1 is converted to the encrypted decryption key SK2 <
OP2>, SK3 <OP2>, and SK4 <OP2>, respectively, generate decryption keys SK2, SK3, and SK4.
The generated unique key and decryption key are held in the memory of the control device of the client 20 (step 236).

In the key management server 10, if the ID received with the encrypted secret data does not match the ID in the management data stored in the memory (FIG. 46;
(NO in step 217), the key distribution program ends the processing as it is. Since the unique key (encrypted unique key) is not distributed to the client (step 221 is not processed), the user (employee) of the client cannot perform either the plaintext encryption process or the ciphertext decryption process. (FIG. 44; NO in step 123). The secret data obtained by decrypting the encrypted secret data transmitted from the client and the management database 15 of the key management server 10
Even if the secret data stored in advance in the management data of D does not match, the encryption unique key is not delivered to the client, so that the encryption processing and the decryption processing are not permitted (FIG. 46; NO, Figure 44; Step 1
NO at 23).

The user (employee) of the encryption system has secret data. Even if a third party transmits the ID and the second public key to the key management server 10 by impersonating the user of the encryption system, the encrypted secret data is not transmitted to the key management server 10 if the third party does not have the secret data. Therefore, the third party cannot obtain the unique key and the decryption key. Unauthorized use of the cryptographic system is prevented. Further, since the secret data is encrypted and transmitted from the client to the key management server 10, security can be ensured.

In the above-described first to fifth embodiments, the program for executing the processing can be managed by installing it via the network 1 or by installing a program recorded on a CD-ROM or the like. .. Can be stored in the storage device of the server 10 or the clients 20, 30,.

[Brief description of the drawings]

FIG. 1 is a block diagram showing the overall configuration of a cryptographic system.

FIG. 2 shows an example of a management system of a company or the like.

FIG. 3 shows an overall configuration of the encryption system in the first embodiment.

FIGS. 4A, 4B, 4C, and 4D show contents of management data held by an employee of ID1, an employee of ID2, an employee of ID3, and an employee of ID4, respectively.

FIG. 5 shows the contents of a management database.

FIG. 6 is a flowchart showing a flow of processing of a management data creation program.

FIG. 7 is a flowchart showing a processing flow of a unique data creation program.

FIG. 8 shows another example of the contents of the management database.

FIG. 9 shows still another example of the contents of the management database.

FIG. 10 shows still another example of the contents of the management database.

FIG. 11 is a flowchart showing the flow of processing of an encryption program.

FIG. 12 is a flowchart illustrating a flow of processing of a key distribution program.

FIG. 13 is a flowchart showing a flow of processing of a key update program.

FIG. 14 is a flowchart showing the flow of processing of a decryption program.

FIG. 15A shows how the management data of the employee of ID1 is updated, and FIG. 15B shows how the management data of the employee of ID2 is updated.

16 (A) shows how the management data of the employee with ID3 is updated, FIG. 16 (B) shows how the management data of the employee with ID1 is updated, and FIG. 16 (C) shows how the management data of the employee with ID2 is updated. Are shown, respectively.

FIG. 17 illustrates a state in which management data of an employee with ID 4 is updated.

FIG. 18 illustrates an overall configuration of a cryptographic system according to a second embodiment.

FIGS. 19 (A), (B), (C), and (D) are employees of ID1, employees of ID2, employees of ID3, respectively, in the second embodiment.
The content of the management data held by the employee of ID4 is shown.

FIG. 20 is a flowchart illustrating a processing flow of a unique data creation program according to the second embodiment.

FIG. 21 is a flowchart showing the flow of processing of an encryption / decryption program.

FIG. 22 is a flowchart illustrating a flow of processing of a key distribution program according to the second embodiment.

FIG. 23 is a flowchart illustrating a flow of processing of a key update program in the second embodiment.

FIG. 24 is a flowchart showing another processing flow of the encryption / decryption program.

FIG. 25 shows an overall configuration of a cryptographic system in a third embodiment.

FIG. 26 shows another example of the contents of the management database.

27 (A), (B), (C), and (D) are employees of ID1, employees of ID2, employees of ID3, respectively, in the third embodiment.
The content of the management data held by the employee of ID4 is shown.

FIG. 28 is a flowchart illustrating a processing flow of a unique data creation program according to the third embodiment.

FIG. 29 is a flowchart showing processing of a public key / private key generation program and processing of a public key receiving program.

FIG. 30 is a flowchart showing the flow of processing of an encryption / decryption program in the third embodiment.

FIG. 31 is a flowchart illustrating a flow of processing of a key distribution program according to a third embodiment.

FIG. 32 is a flowchart illustrating a flow of processing of a key update program in the third embodiment.

FIG. 33 is a flowchart showing the flow of processing of an encryption / decryption program in a modification of the third embodiment.

FIG. 34 shows an overall configuration of a cryptographic system in a fourth embodiment.

FIG. 35 shows another example of the content of the management database.

FIG. 36 is a flowchart illustrating a processing flow of a management data creation program according to the fourth embodiment.

FIGS. 37 (A), (B), (C), and (D) are employees of ID1, employees of ID2, employees of ID3, respectively, in the fourth embodiment.
The content of the management data held by the employee of ID4 is shown.

FIG. 38 is a flowchart showing the flow of processing of a unique data creation program in the fourth embodiment.

FIG. 39 shows an overall configuration of a cryptographic system in a fifth embodiment.

FIG. 40 shows another example of the content of the management database.

FIG. 41 is a flowchart illustrating a processing flow of a management data creation program in the fifth embodiment.

42 (A), (B), (C) and (D) are employees of ID1, employees of ID2, employees of ID3, respectively, in the fifth embodiment.
The content of the management data held by the employee of ID4 is shown.

FIG. 43 is a flowchart showing the flow of processing of a unique data creation program in the fifth embodiment.

FIG. 44 is a flowchart showing the flow of processing of an encryption / decryption program in the fifth embodiment.

FIG. 45 is a flowchart showing a flow of processing of a key distribution program in the fifth embodiment.

FIG. 46 is a flowchart showing the flow of processing of a key distribution program in the fifth embodiment.

FIG. 47 is a flowchart showing the flow of processing of a key update program in the fifth embodiment.

FIG. 48 shows an outline of encryption and decryption processing of a key and secret data in the fifth embodiment.

[Explanation of symbols]

1 Network 10 Key Management Server 11, 21, 31 Controller 12 First Storage 13 Second Storage 20, 30, 40, 50 Client 14, 23, 33 FDD 15, 15A, 15B, 15C, 15D Management Database 25, 25A, 25B, 25C, 35, 35A, 35B, 35C, 45, 45
A, 45B, 45C, 55, 55A, 55B, 55C, 55D Management data

 ──────────────────────────────────────────────────続 き Continued on the front page F term (reference) 5B017 AA07 BA07 CA16 5B082 EA12 GA02 5J104 AA16 AA34 EA01 EA04 EA17 NA02 NA05 PA07

Claims (88)

[Claims] 1. A method for controlling a cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server comprises, for each user, an ID unique to the user, It has a management database that stores a self-unique key used for plaintext encryption processing and ciphertext decryption processing by a user and another person's unique key that is a self-unique key of another person other than the user.
The client stores the ID, a self-unique key corresponding to the ID, and an encrypted third party unique key generated by encrypting the third party unique key corresponding to the ID with the self-unique key. The key management server includes data storage means, and determines whether or not the other party's unique key corresponding to the ID transmitted from the client has been changed in the management database. If it is determined that the unique key has been changed, the changed other party's unique key is encrypted with the self-unique key to generate a new encrypted other party's unique key. Distributing to the client and receiving the new encrypted other party unique key, replacing the encrypted other party unique key stored in the unique data storage means with the received new encrypted other party unique key; Dark Method of controlling the system. 2. A method for controlling a cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server includes, for each user, an ID unique to the user, The client has a management database that stores a self-unique key used for plaintext encryption processing and ciphertext decryption processing by a user, and the client stores the ID and a self-unique key corresponding to the ID. The key management server includes a unique data storage unit.
It is determined whether or not an updated self-unique key, which is a new self-unique key, is stored. If it is determined that the updated self-unique key is stored, the updated self-unique key is replaced with:
The encrypted update unique key is generated by encrypting with the self unique key, the generated encrypted update unique key is distributed to the client, and the client that has received the encrypted update unique key receives the encrypted update unique key from the client. A control method for a cryptographic system, comprising decrypting with a self-unique key stored in a unique data storage unit and replacing the updated self-unique key obtained by the decryption with the self-unique key. 3. The key management server determines whether data indicating the revocation of its own unique key is stored in the management database in accordance with the ID transmitted from the client, and indicates the revocation. If it is determined that the data is stored, it is determined whether or not the other party's unique key corresponding to the ID transmitted from the client has been changed in the management database. The client transmits the data indicating the revocation to the client without determining whether the updated self-unique key as the new self-unique key is stored, and the client receiving the data indicating the revocation stores the unique data in the unique data storage. Deleting the self-unique key and the encrypted third-party unique key stored in the means from the unique data storage means. 3. The method for controlling a cryptographic system according to claim 1, wherein 4. A cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server comprises, for each user, an ID unique to the user and a plaintext by the user. A self-unique key used for encryption and decryption of ciphertext
The client includes a management database storing a unique key of another person other than the user. The client stores the ID, a unique key corresponding to the ID, and a unique key corresponding to the ID. The key management server includes a unique data storage unit that stores an encrypted other party unique key generated by encrypting the other party unique key with the self unique key.
First determining means for determining whether or not the other party's unique key corresponding to the ID transmitted from the client has been changed in the management database; and If it is determined that the unique key is changed, the changed other party's unique key is encrypted with a self-unique key corresponding to the ID stored in the management database to generate a new encrypted other party's unique key. First distributing means for distributing the encrypted new encrypted unique key to the client. An encryption system, comprising: first replacement means for replacing with a unique key of another party. 5. A cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server comprises, for each user, an ID unique to the user and a plaintext by the user. And a management database storing a self-unique key used for encryption processing and ciphertext decryption processing, wherein the client stores a unique data storage for storing the ID and a self-unique key corresponding to the ID. Means for determining whether or not an updated self-unique key, which is a new self-unique key, is stored in the management database in accordance with the ID transmitted from the client. If it is determined that the updated self-unique key is stored by the second determination means and the second determination means, A second distribution unit for encrypting the updated self-unique key with the self-unique key corresponding to the ID to generate an encrypted updated unique key, and distributing the generated encrypted updated unique key to the client; The client
The received encrypted update unique key is decrypted with the self-unique key stored in the unique data storage means, and the updated self-unique key obtained by decryption is decrypted with the self-unique key stored in the unique data storage means. And a second replacing means for replacing the information. 6. A third determining means for determining whether or not data indicating the revocation of a self-unique key is stored in the management database in accordance with the ID transmitted from the client. And when the third determining means determines that the data indicating the revocation is stored, the first determining means determines that the other party's unique key corresponding to the ID transmitted from the client is stored. Without determining whether or not the updated self-unique key has been stored in the management database, without determining whether or not it has been changed in the management database;
Revocation data transmitting means for transmitting the data indicating the revocation to the client, wherein the client responds to the reception of the data indicating the revocation by receiving a self-unique key stored in the unique data storage means and an encryption key. 6. The encryption system according to claim 4, further comprising an erasing means for erasing the other party's unique key from the unique data storage means. 7. An ID unique to each user for each user
And a key having a management database that stores a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and another unique key that is a self-unique key of another person other than the user. A unique name that stores a management server, the ID, a self-unique key corresponding to the ID, and an encrypted other-unique key generated by encrypting the other-unique key corresponding to the ID with the self-unique key. A key management server in the cryptographic system in which clients having data storage means are connected to each other via a network, wherein the other party's unique key corresponding to the ID transmitted from the client is stored in the management database; First determining means for determining whether or not the unique key has been changed by the first determining means; , Others unique key, which is the above-mentioned change,
Encrypting with the self-unique key corresponding to the ID stored in the management database to generate a new encrypted third-party unique key;
A key distribution server that includes a first distribution unit that distributes the generated new encrypted third party unique key to the client. 8. An ID unique to each user for each user
A key management server having a management database storing self-unique keys used for plaintext encryption processing and ciphertext decryption processing by the user;
And a client having a unique data storage unit for storing a self-unique key corresponding to D. The client is a key management server in a cryptographic system configured to be mutually connected via a network, and an ID transmitted from the client.
In response to the above, second judgment means for judging whether or not an updated self-unique key which is a new self-unique key is stored in the management database, and the updated self-unique key is determined by the second judgment means. When it is determined that the ID is stored, the updated self-unique key is encrypted with the self-unique key corresponding to the ID to generate an encrypted update unique key, and the generated encrypted update unique key is transmitted to the client. And a second distribution means for distributing to the key management server. 9. A third judging means for judging whether or not data indicating the revocation of a self-unique key is stored in the management database in accordance with the ID transmitted from the client, and the third judgment means. When the determining means determines that the data indicating the revocation is stored, the first determining means changes the other party's unique key corresponding to the ID transmitted from the client in the management database. Means for transmitting the data indicating the revocation to the client without determining whether or not the updated self-unique key is stored in the management database by the second determining means. The key management server according to claim 4 or 5, further comprising: 10. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, the ID, a self-unique key corresponding to the ID, and an encrypted other-unique key generated by encrypting the other-unique key corresponding to the ID with the self-unique key are stored. A method for controlling the key management server in a cryptographic system configured by connecting clients having unique data storage means to each other via a network, wherein the other party's unique key corresponding to the ID transmitted from the client is: It is determined whether the management database has been changed. If it is determined that the other party's unique key has been changed, the changed other party's unique key is stored in the management database. The ID stored in the database
A key management server control method for generating a new encrypted other party unique key by encrypting with a self unique key corresponding to the above, and distributing the generated new encrypted other party unique key to the client. 11. For each user, an I
D, a key management server having a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, the ID, and a self-unique key corresponding to the ID. Is a method of controlling the key management server in a cryptographic system configured by mutually connecting a client having a unique data storage unit for storing the key management server via a network, and corresponding to an ID transmitted from the client, In the management database, it is determined whether an updated self-unique key, which is a new self-unique key, is stored. If it is determined that the updated self-unique key is stored, the updated self-unique key is stored. , Generating an encrypted update unique key by encrypting with the self-unique key corresponding to the ID, and transmitting the generated encrypted update unique key to the client. To deliver, control method of the key management server. 12. An ID transmitted from the client
In response to the above, it is determined whether or not data indicating the revocation of the self-unique key is stored in the management database. If it is determined that the data indicating the revocation is stored, ID to be sent
The data indicating the revocation is determined without determining whether or not the other party's unique key corresponding to the above has been changed in the management database, and without determining whether or not the updated self-unique key has been stored in the management database. 12. The key management server control method according to claim 10, wherein the key management server is transmitted to the client. 13. Each user has a unique I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, the ID, a self-unique key corresponding to the ID, and an encrypted other-unique key generated by encrypting the other-unique key corresponding to the ID with the self-unique key are stored. ID transmitting means for transmitting the ID stored in the specific data storage means to the key management server, wherein the client having the specific data storage means is the client in the cryptographic system which is connected to each other via a network. The changed other party unique key generated in the key management server when the other party unique key corresponding to the ID is changed in the management database. A first receiving means for receiving from the key management server a new encrypted other party unique key encrypted with the self unique key, and a new encrypted other party unique key received by the first receiving section. A first replacement unit that replaces the encrypted other party's unique key stored in the unique data storage unit. 14. For each user, an I
D, a key management server having a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, the ID, and a self-unique key corresponding to the ID. Is a client in a cryptographic system configured to be connected to each other via a network and transmits an ID stored in the unique data storage unit to the key management server. ID transmission means, generated by the key management server when an update unique key corresponding to the ID is stored in the management database, encrypting the update unique key with a unique key corresponding to the ID. A second receiving means for receiving the updated unique key from the key management server, and receiving the updated unique key by the second receiving means; A second replacement unit that decrypts the encrypted updated unique key with the self-unique key stored in the unique data storage unit and replaces the updated self-unique key obtained by the decryption with the self-unique key. client. 15. The management database according to claim 1, wherein
Third receiving means for receiving the data indicating the revocation, which is transmitted from the key management server when the data indicating the revocation of the self-unique key is stored corresponding to D, and the third receiving means Erasing means for erasing, from the unique data storage means, the self-unique key and the encrypted third party unique key stored in the unique data storage means in response to the reception of data representing the revocation by the unique data storage means. Item 15. The client according to item 13 or 14. 16. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, the ID, a self-unique key corresponding to the ID, and an encrypted other-unique key generated by encrypting the other-unique key corresponding to the ID with the self-unique key are stored. A method for controlling a client in a cryptographic system configured by connecting clients having unique data storage means to each other via a network, wherein the client is configured to store the ID stored in the unique data storage means.
D to the key management server, and when the other party's unique key corresponding to the ID has been changed in the management database, the changed other party's unique key generated in the key management server is transmitted to the key management server. A new encrypted other party unique key encrypted with the unique key is received from the key management server, and the received new encrypted other party unique key is stored in the unique data storage means. Client control method to replace with. 17. For each user, an I
D, a key management server having a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, the ID, and a self-unique key corresponding to the ID. Is a method for controlling a client in a cryptographic system configured by connecting clients having unique data storage means for mutually storing the same via a network, and using the ID stored in the unique data storage means as the key management server. And an encrypted unique key generated by the key management server when the updated unique key corresponding to the ID is stored in the management database and encrypted with the self unique key corresponding to the ID. Receiving the encrypted update unique key from the key management server and storing the received encrypted update unique key in the unique data storage means. Is decoded by the self-unique key is to replace the updated self inherent key obtained by the decryption with the self-unique key, a control method of the client. 18. The method according to claim 18, wherein the I
Receiving the data indicating the revocation transmitted from the key management server when the data indicating the revocation of the self-unique key is stored corresponding to D; 18. The client control method according to claim 16, wherein the self-unique key and the encrypted third-party unique key stored in the unique data storage unit are deleted from the unique data storage unit. 19. For each user, a unique I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, an ID, a self-unique key corresponding to the ID, and an encrypted other-unique key generated by encrypting the other-unique key corresponding to the ID with the self-unique key. A program for controlling the key management server in a cryptographic system constituted by clients having data storage means connected to each other via a network, wherein a third party unique key corresponding to an ID transmitted from the client is stored. , Determining whether the management database has been changed, and if it is determined that the other party's unique key has been changed, the changed other party's unique key Key management so as to generate a new encrypted other party unique key by encrypting with the self unique key corresponding to the ID stored in the management database, and to distribute the generated new encrypted other party unique key to the client. A program that controls a server. 20. For each user, a unique I
D, a key management server having a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, the ID, and a self-unique key corresponding to the ID. Is a program for controlling the key management server in a cryptographic system configured by mutually connecting a client having a unique data storage unit for storing the key management server via a network. In the management database, it is determined whether an updated self-unique key, which is a new self-unique key, is stored. If it is determined that the updated self-unique key is stored, the update self-unique key is stored. The key is encrypted with the self-unique key corresponding to the ID to generate an encrypted update unique key, and the generated encrypted update unique key is To control the key management server to be delivered to the client, program. 21. An ID transmitted from the client
In response to the above, it is determined whether or not data indicating the revocation of the self-unique key is stored in the management database. If it is determined that the data indicating the revocation is stored, ID to be sent
Without determining whether or not the other party's unique key corresponding to is updated in the management database, and without determining whether or not an updated self-unique key, which is a new self-unique key, is stored in the management database. 21. The program according to claim 19, wherein the program controls a key management server to transmit the data indicating the revocation to the client. 22. For each user, an I
D, a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and another person's unique key which is a self-unique key of another person other than the user. A key management server, the ID, a self-unique key corresponding to the ID, and an encrypted other-unique key generated by encrypting the other-unique key corresponding to the ID with the self-unique key are stored. A control program for the client in a cryptographic system configured by connecting clients having unique data storage means to each other via a network, and transmitting an ID stored in the unique data storage means to the key management server. Is generated in the key management server when the other party's unique key corresponding to the ID is changed in the management database.
A new encrypted other party unique key obtained by encrypting the changed other party unique key with the self unique key is received from the key management server, and the received new encrypted other party unique key is stored in the unique data storage means. A program that controls a client to replace an encrypted other party's unique key stored in the client. 23. For each user, an I
D, a key management server having a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, the ID, and a self-unique key corresponding to the ID. Is a control program of the client in a cryptographic system configured by connecting clients via a network with a unique data storage unit for storing the ID, and stores the ID stored in the unique data storage unit in the key management server. And an encrypted unique key generated by the key management server when the updated unique key corresponding to the ID is stored in the management database and encrypted with the self unique key corresponding to the ID. Receiving the encrypted update unique key from the key management server and storing the received encrypted update unique key in the unique data storage means. Decrypts self-specific key stored, the update self inherent key obtained by decoding controlling the client to replace the above-mentioned self-specific key, program. 24. The management database according to claim 23, wherein
Receiving the data indicating the revocation transmitted from the key management server when the data indicating the revocation of the self-unique key is stored corresponding to D; The client is controlled to delete the self-unique key and the encrypted third-party unique key stored in the unique data storage unit from the unique data storage unit.
The program according to 22 or 23. 25. For each user, a unique I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, the ID, a self-unique key corresponding to the ID, and an encrypted other-unique key generated by encrypting the other-unique key corresponding to the ID with the self-unique key are stored. A program for controlling the client in a cryptographic system in which clients having unique data storage means are connected to each other via a network, and transmitted from the key management server, indicating that there is no key update. Receiving any of the data, the new encrypted unique key, the encrypted updated self-unique key, or the data indicating the revocation of the self-unique key, and the data indicating that the key has not been updated. If it has been received, an encryption or decryption process using the self-unique key stored in the unique data storage means and an encrypted other party unique key stored in the unique data storage means are performed using the self-unique key. Decryption processing using the other party unique key obtained by decryption is permitted, and when the above-mentioned new encrypted other party unique key is received, the received new encrypted other party unique key is stored in the above unique data storage means. An encryption or decryption process using the self-unique key stored in the unique data storage unit after replacing the stored encrypted unique key with another, and a new encryption process stored in the unique data storage unit. The decryption process using the other party's unique key obtained by decrypting the encrypted other party's unique key with the self unique key is permitted, and when the encrypted updated self unique key is received, the received encrypted updated self unique key is received. Key The updated self-unique key obtained by decrypting with the self-unique key stored in the unique data storage means is replaced with the self-unique key stored in the unique data storage means and stored in the unique data storage means. Encryption or decryption processing using the obtained self-unique key, and another-party unique key obtained by decrypting the encrypted other-person unique key stored in the unique data storage means with the replaced self-unique key. When the decryption process using the unique key is permitted and data indicating the revocation of the self-unique key is received, the self-unique key and the encrypted other person's unique key stored in the unique data storage unit are deleted, and the plaintext is deleted. A program that controls a client so that it does not permit encryption processing and decryption processing of ciphertext. 26. When the decryption process is permitted, whether the input cipher text is encrypted with a self-unique key, encrypted with another person's unique key, It is determined whether or not the data is encrypted with a key. If the data is encrypted with a self-unique key, the ciphertext is decrypted with the self-unique key, and the encrypted text is encrypted with another person's unique key. In the case of the third party, the other party unique key is obtained by decrypting the encrypted third party unique key with the self unique key, the ciphertext is decrypted with the obtained third party unique key, and the other key is used. 26. The program according to claim 25, wherein the program controls the client so as not to permit the decryption processing if the data is encrypted. 27. A method for controlling a cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server comprises, for each user, an ID unique to the user; A management database that stores a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user and another person's unique key that is a self-unique key of another person other than the user; The client includes a unique data storage unit that stores the ID and a self-unique key corresponding to the ID. The key management server stores the ID in the management database in accordance with the ID transmitted from the client. It is determined whether an updated self-unique key, which is a new self-unique key, is stored, and it is determined that the updated self-unique key is not stored. If the password is specified, the other party unique key is encrypted with the self unique key stored in the management database to generate an encrypted other party unique key, and the generated encrypted other party unique key is distributed to the client. If it is determined that the updated self-unique key is stored, the other unique key is encrypted with the updated self-unique key to generate an encrypted other unique key. The updated self-unique key is encrypted to generate an encrypted updated self-unique key, and the generated encrypted other person's unique key and the encrypted updated self-unique key are distributed to the client. When the encrypted other party unique key is distributed from the key management server, the distributed encrypted other party unique key is decrypted with the self unique key stored in the unique data storage means. , Other obtained by decryption The unique key is stored in the key temporary storage means, and when the encrypted third party unique key and the encrypted updated self-unique key are distributed, the distributed encrypted updated self-unique key is stored in the unique data storage means. Decrypting the updated self-unique key obtained by the decryption with the above-described self-unique key, and decrypting the distributed encrypted other party's unique key with the replaced self-unique key. A method for controlling a cryptographic system, wherein the other party's unique key obtained by decryption is stored in the key temporary storage means. 28. The encryption system according to claim 27, wherein the client erases the other party's unique key stored in the key temporary storage means after completing the plaintext encryption process or the decryption process of the ciphertext. Control method. 29. The key management server determines whether data indicating the revocation of the self-unique key is stored in the management database in accordance with the ID transmitted from the client, and indicates the revocation. When it is determined that the data is stored, the data indicating the revocation is transmitted to the client without determining whether the updated self-unique key is stored in the management database, and the revocation is performed. 28. The control method for a cryptographic system according to claim 27, wherein the client that has received the data to be represented deletes the self-unique key stored in the unique data storage from the unique data storage. 30. An encryption system comprising a key management server and a client mutually connected via a network, wherein the key management server is provided for each user.
An ID unique to the user, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and another unique key that is a self-unique key of another person other than the user are stored. A management database, wherein the client includes a unique data storage means for storing the ID and a self-unique key corresponding to the ID;
The key management server further includes a first determination unit that determines whether an updated self-unique key that is a new self-unique key is stored in the management database in accordance with the ID transmitted from the client. If the first determining means determines that the updated self-unique key is not stored, the other unique key is encrypted with the self-unique key stored in the management database, and the encrypted other unique key is encrypted. A first distribution unit that generates a unique key and distributes the generated encrypted third party unique key to the client, and the first determination unit determines that the updated self-unique key is stored. In this case, the other party unique key is encrypted with the updated self unique key to generate an encrypted other party unique key, and the updated self unique key is encrypted with the self unique key to encrypt and update the other party unique key. A second distribution unit for generating a unique key and distributing the generated encrypted third party unique key and the encrypted updated self-unique key to the client, the client further comprising: When the encrypted other party unique key is delivered by the first delivery means, the delivered encrypted other party unique key is decrypted with the self-unique key stored in the unique data storage means and obtained by decryption. The first storage means for temporarily storing the encrypted other party unique key, and the encrypted other party unique key and the encrypted updated self unique key are distributed by the second distribution means from the key management server. In this case, the distributed encrypted self-unique key distributed is decrypted with the self-unique key stored in the unique data storage unit, and the updated self-unique key obtained by the decryption is replaced with the self-unique key. Dark Of others inherent key decrypted by the self-unique key which is substituted with, a second storage means for temporarily storing the others inherent key obtained by the decryption, the cryptographic system. 31. A client further comprising an erasing means for erasing the other party's unique key stored in the first or second storage means after completing the plaintext encryption processing or the ciphertext decryption processing. 31. The cryptographic system of claim 30, comprising: 32. A second judging means for judging whether or not data indicating the revocation of a self-unique key is stored in the management database in accordance with the ID transmitted from the client. When the second determining means determines that the data indicating the revocation is stored, the first determining means determines whether an updated self-unique key is stored in the management database. Transmitting means for transmitting the data indicating the revocation to the client, wherein the client responds to the reception of the data indicating the revocation by rewriting the self-unique key stored in the unique data storage means. 31. The encryption system according to claim 30, further comprising an erasing means for erasing from the unique data storage means. 33. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, a client having a unique data storage unit for storing the ID and a self-unique key corresponding to the ID, and a key management server in the cryptographic system configured to be mutually connected via a network. Yes, I sent from the client
In response to D, first determining means for determining whether an updated self-unique key, which is a new self-unique key, is stored in the management database. If it is determined that the unique key is not stored, the other unique key is encrypted with the self unique key stored in the management database to generate an encrypted other unique key, and the generated encrypted other unique key is generated. When the first distribution means for distributing a key to the client and the first determination means determine that the updated self-unique key is stored, the updated self-unique key is used as the other party's unique key. To generate an encrypted other party unique key, encrypt the updated self-unique key with the self-unique key to generate an encrypted updated self-unique key, and update the encrypted other party unique key with the generated encrypted unique key. Self-specific The door comprising a second delivery means for delivering to the client, the key management server. 34. An ID transmitted from the client
In response to the above, in the management database, a second determining means for determining whether data indicating the revocation of the self-unique key is stored, and the data indicating the revocation is stored by the second determining means. If it is determined that the update self-unique key is stored in the management database by the first determination means, the transmission means for transmitting the data indicating the revocation to the client is determined. Claims further provided
33. The key management server according to 33. 35. For each user, a unique I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, and a client including a unique data storage unit for storing the ID and a self-unique key corresponding to the ID, wherein the client is connected to each other via a network. A control method for determining whether or not an updated self-unique key, which is a new self-unique key, is stored in the management database in correspondence with the ID transmitted from the client; If it is determined that the other party's unique key is not encrypted, the other party's unique key is encrypted using the self unique key stored in the management database. A secret key is generated, and the generated encrypted unique key is distributed to the client. If it is determined that the updated unique key is stored, the updated unique unique key is used for the other unique key. Encrypting the key to generate an encrypted third party unique key; encrypting the updated self unique key with the self unique key to generate an encrypted updated self unique key; encrypting the encrypted third party unique key with the generated encrypted third party unique key. A key management server control method for distributing an updated self-unique key to the client. 36. An ID transmitted from the client
In response to the above, it is determined whether or not data indicating the revocation of the self-unique key is stored in the management database. If it is determined that the data indicating the revocation is stored, the management database Transmitting revocation data to the client without determining whether the updated self-unique key is stored in the client,
A method for controlling a key management server according to claim 35. 37. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A client provided with a key management server, a client having a unique data storage unit for storing the ID and a self-unique key corresponding to the ID, the client in an encryption system configured to be mutually connected via a network; ID transmitting means for transmitting the ID stored in the unique data storage means to the key management server; and determining that the updated self-unique key is not stored in the management database in correspondence with the ID; The other party's unique key is encrypted with the self unique key corresponding to the ID stored in the management database and distributed from the management server. The encryption others inherent key, the first receiving means for receiving said I in the management database
D, which is distributed from the key management server when it is determined that the updated self-unique key is stored corresponding to D, and encrypted by encrypting the other-unique key with the updated self-unique key. A second receiving unit for receiving a key and an encrypted updated self-unique key obtained by encrypting the updated self-unique key with the self-unique key, and receiving the encrypted other party's unique key by the first receiving unit. In this case, the first storage means for decrypting the received encrypted other party unique key with the self unique key stored in the unique data storage means and temporarily storing the other party unique key obtained by the decryption. And when the second receiving means receives the encrypted other person's unique key and the encrypted updated self-unique key, the received encrypted updated self-unique key is stored in the unique data storage means. Decrypt with the unique key and obtain by decryption. Replacing the updated updated self-unique key with the self-unique key, decrypting the distributed encrypted other-unique key with the replaced self-unique key, and temporarily storing the other-unique key obtained by the decryption A client comprising a second storage means. 38. An erasure device for erasing the other party's unique key stored in the first or second storage device after the plaintext encryption process or the ciphertext decryption process is completed. 38. The client of claim 37. 39. In the management database, the I
A third receiving unit for receiving data representing the revocation transmitted from the key management server when data representing the revocation of the self-unique key is stored corresponding to D, and revocation by the third receiving unit; 38. The client according to claim 37, further comprising: erasing means for erasing the self-unique key stored in the unique data storage means from the unique data storage means in response to receiving data representing the following. 40. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A method for controlling the client in a cryptographic system configured by connecting a client including a key management server, the ID, and a unique data storage unit that stores the self-unique key corresponding to the ID via a network Transmitting the ID stored in the unique data storage means to the key management server, and determining that the updated self-unique key is not stored corresponding to the ID in the management database; The other party's unique key is encrypted with a self unique key corresponding to the ID stored in the management database and distributed from the management server. Receiving the encrypted third party unique key and distributing the updated self unique key from the key management server when it is determined in the management database that the updated self unique key is stored corresponding to the ID; Receiving an encrypted other party unique key obtained by encrypting the other party unique key with a key and an encrypted updated self unique key obtained by encrypting the updated self unique key with the self unique key; When the unique key is received, the received encrypted other party's unique key is decrypted with the self unique key stored in the unique data storage means, and the other party's unique key obtained by the decryption is temporarily stored. When receiving the encrypted other party's unique key and the encrypted updated self-unique key, the received encrypted updated self-unique key is decrypted with the self-unique key stored in the unique data storage means and obtained by decryption. The updated self-unique key Was replaced with his own unique key, delivered encrypted others inherent key decrypted by the self-unique key which is substituted, for temporarily storing others inherent key obtained by decoding the control method of the client. 41. The client control method according to claim 40, wherein the temporarily stored other party's unique key is deleted after the plaintext encryption processing or the ciphertext decryption processing is completed. 42. In the management database, the I
Receiving data indicating the revocation of the self-unique key transmitted from the key management server when the data indicating the revocation of the self-unique key is stored in correspondence with D; 41. The client control method according to claim 40, wherein the self-unique key stored in the storage unit is deleted from the unique data storage unit. 43. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A key management server, and a client including a unique data storage unit for storing the ID and a self-unique key corresponding to the ID, wherein the client is connected to each other via a network. A control program for determining whether or not an updated self-unique key, which is a new self-unique key, is stored in the management database in correspondence with the ID transmitted from the client; If it is determined that it is not stored, the other party's unique key is encrypted using the self unique key stored in the management database. A third party unique key is generated, and the generated encrypted third party unique key is delivered to the client. Encrypting the unique key to generate an encrypted third party unique key, encrypting the updated self-unique key with the self-unique key to generate an encrypted updated self-unique key, and encrypting with the generated encrypted third party unique key A program for controlling the key management server to distribute the encrypted updated self-unique key to the client. 44. An ID transmitted from the client
In response to the above, it is determined whether or not data indicating the revocation of the self-unique key is stored in the management database. If it is determined that the data indicating the revocation is stored, Without determining whether the updated self-unique key is stored,
44. The program according to claim 43, wherein the program controls a key management server to transmit data indicating revocation to the client. 45. For each user, a unique I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, and a management database storing another unique key which is a self-unique key of another person other than the user. A control program for the client in a cryptographic system configured by connecting a client having a key management server and a unique data storage unit for storing the ID and a self-unique key corresponding to the ID via a network Transmitting the ID stored in the unique data storage means to the key management server,
The self-unique key corresponding to the ID stored in the management database, which is distributed from the key management server when it is determined that the updated self-unique key is not stored in correspondence with the ID in the management database. Receiving an encrypted third party unique key obtained by encrypting the third party unique key with a key, and determining that the updated self-unique key is stored in the management database in correspondence with the ID; An encrypted other party unique key, which is obtained by encrypting the other party unique key with the updated self unique key, delivered from the management server;
Receiving the encrypted updated self-unique key obtained by encrypting the updated self-unique key with the self-unique key, and receiving the encrypted other person's unique key when the encrypted other person's unique key is received; When decrypting with the self-unique key stored in the data storage unit, temporarily storing the other-party unique key obtained by the decryption, and receiving the encrypted other-party unique key and the encrypted updated self-unique key Then, the received encrypted updated self-unique key is decrypted with the self-unique key stored in the unique data storage means, and the updated self-unique key obtained by the decryption is replaced with the self-unique key. Control the client to decrypt the genuine other party's unique key with the replaced self unique key, and temporarily store the other party's unique key obtained by the decryption.
program. 46. The program according to claim 45, wherein the client is controlled so as to delete the temporarily stored other party's unique key after completing the plaintext encryption processing or the ciphertext decryption processing. 47. The system according to claim 47, wherein the I
Receiving data indicating the revocation of the self-unique key transmitted from the key management server when the data indicating the revocation of the self-unique key is stored in correspondence with D; 46. The program according to claim 45, wherein the program controls a client to delete the self-unique key stored in the storage unit from the unique data storage unit. 48. A method for controlling a cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server includes, for each user, an ID unique to the user, The self-unique key used for the plaintext encryption process and the decryption process of the ciphertext by the user, the other-person unique key that is the self-unique key of another person other than the user, and the public key and the secret key in the public key encryption method. A management database storing a public key generated by a public key / private key generating means for generating the private key; the client stores a unique data storing means storing the ID and a public key and a secret key in a public key encryption method; Public / private key generation means for generating the public key and the public key / private key generation means. And a secret key, and transmits the generated public key and the ID stored in the unique data storage means to the key management server in advance, and stores the ID stored in the unique data storage means in the key management server. The key management server, which has transmitted the ID to the server and received the ID, determines whether or not data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID, and determines whether the data indicates the revocation. When it is determined that is not stored, the self-unique key and the other-person unique key are encrypted with the received public key to generate an encrypted self-unique key and an encrypted other-person unique key. The encrypted self-unique key and the encrypted other party's unique key are distributed to the client, and when it is determined that the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client. When the client receives the encrypted self-unique key and the encrypted other party's unique key from the key management server, the client transmits the received encrypted self-unique key and encrypted other party's unique key to the above-mentioned key management server. It decrypts with the secret key generated by the public key / private key generation means, temporarily stores the self-unique key and the other's unique key obtained by the decryption, and receives data indicating revocation from the key management server. In this case, a control method for a cryptographic system, in which the processing is terminated without permitting the encryption processing of the plaintext and the decryption processing of the ciphertext. 49. The cipher according to claim 48, wherein the client deletes the self-unique key and the other-unique key temporarily stored after the plaintext encryption process or the ciphertext decryption process is completed in the client. How to control the system. 50. A cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server comprises, for each user, an ID unique to the user and a plaintext by the user. To generate a self-unique key used for encryption processing and ciphertext decryption processing, another unique key that is a self-unique key of another person other than the user, and a public key and a secret key in a public key encryption method. And a management database storing a public key generated in the client by the public key / private key generation means of the client, wherein the client is operated by the public key / private key generation means, the ID, and the public key / private key generation means. Unique data storage means for storing the generated private key, the public key generated by the public key / private key generation means, and the unique data ID stored in the data storage means
And a second transmitting means for transmitting the ID stored in the unique data storage means to the key management server, wherein the key management server comprises: 2 transmitted by the transmitting means
Receiving means for receiving the ID; determining means for determining whether data indicating the revocation of the self-unique key corresponding to the received ID is stored in the management database; storing the data indicating the revocation by the determining means. If it is determined that they have not been encrypted, the self-unique key and the other-person unique key are encrypted with the public key stored in the management database, and the encrypted self-unique key and the encrypted other-person unique key are encrypted. When the distribution means for generating and distributing the generated encrypted self-unique key and the encrypted third party unique key to the client, and the determination means determines that the data indicating the revocation is stored, Transmitting means for transmitting data indicating revocation to the client, wherein the client further transmits an encrypted self-unique key and a cipher from the key management server; When receiving the other party's unique key, the received encrypted self-unique key and encrypted other party's unique key are decrypted with the above-mentioned secret key, and the self-unique key and the other party's unique key obtained by the decryption are temporarily stored. A cipher comprising: a storage means for storing; and a processing ending means for terminating the processing without permitting the encryption processing of the plaintext and the decryption processing of the ciphertext when receiving data indicating revocation from the key management server. system. 51. An erasing means for erasing the self-unique key and the other-person unique key stored in the storage means after the plaintext encryption processing or the ciphertext decryption processing is completed in the client. The cryptographic system according to claim 50. 52. For each user, a unique I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server having a management database storing a public key generated by a client by a public key / private key generation means for generating a private key, a unique data storage means storing the ID, and a public key / private key A key management server in a cryptographic system configured by connecting a client having key generation means to each other via a network, receiving means for receiving an ID transmitted from the client, corresponding to the received ID; And determining whether or not data indicating the revocation of the self-unique key is stored in the management database. When the judging means judges that the data indicating the revocation is not stored, the public key stored in the management database encrypts the self-unique key and the other person's unique key. Distribution means for generating an encrypted self-unique key and an encrypted third party unique key, and delivering the generated encrypted self-unique key and encrypted third party unique key to the client; and data indicating the revocation by the determination means A key management server comprising: transmission means for transmitting data indicating revocation to the client when it is determined that is stored. 53. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server including a management database storing a public key generated by a client by a public key / private key generation unit for generating a secret key, a unique data storage unit storing the ID, and a public key / secret A method for controlling the key management server in a cryptographic system configured by mutually connecting a client having key generation means via a network,
An ID transmitted from the client is received, and it is determined whether data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID, and the data indicating the revocation is stored. If it is determined that they are not, the self-unique key and the other-person unique key are encrypted with the public key stored in the management database to generate an encrypted self-unique key and an encrypted other-person unique key. And distributing the generated encrypted self-unique key and the encrypted other party's unique key to the client. If the determining means determines that the data indicating the revocation is stored, the data indicating the revocation is transmitted. A method of controlling the key management server, which transmits the key management server to the client. 54. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server including a management database storing a public key generated by a client by a public key / private key generation unit for generating a secret key, a unique data storage unit storing the ID, and a public key / secret A client provided with a key generating means is the client in a cryptographic system configured to be mutually connected via a network,
First transmitting means for transmitting the public key generated by the secret key generating means and the ID stored in the unique data storage means to the key management server; The second sent to the management server
Transmitting means for transmitting the public key stored in the management database, which is delivered from the key management server when it is determined that data indicating revocation corresponding to the ID is not stored in the management database. A first receiving means for receiving an encrypted self-unique key and an encrypted other-person unique key obtained by encrypting the self-unique key and the other person's unique key in the management database; Second receiving means for receiving data indicating revocation transmitted from the key management server when it is determined that the key is stored, an encrypted self-unique key and an encrypted third party unique key from the key management server. Means for decrypting the delivered encrypted self-unique key and encrypted other party's unique key with the secret key, the self-unique key and the other party's unique key obtained by the decryption means. Storage means for temporarily storing data, and processing termination means for terminating the processing without permitting plaintext encryption processing and ciphertext decryption processing when data indicating revocation is received from the key management server. Yes, client. 55. An apparatus according to claim 54, further comprising an erasing means for erasing the self-unique key and the other-person's unique key stored in said storage means after completing the plaintext encryption processing or the ciphertext decryption processing. Client described in. 56. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server including a management database storing a public key generated by a client by a public key / private key generation unit for generating a secret key, a unique data storage unit storing the ID, and a public key / secret A method for controlling a client in a cryptographic system configured by connecting a client having key generation means to each other via a network, wherein the public key / private key generation means generates a public key and a secret key. The generated public key and the ID stored in the unique data storage unit are transmitted to the key management server in advance, and the ID stored in over data storage means
Is transmitted to the key management server, and when it is determined that data indicating revocation is not stored in the management database corresponding to the ID, the data is distributed from the key management server and stored in the management database. Receiving the encrypted self-unique key and the encrypted other-person unique key obtained by encrypting the self-unique key and the other person's unique key with the public key, and storing in the management database the revocation data corresponding to the ID. Receiving the data indicating the revocation transmitted from the key management server when it is determined that is stored, and receiving the encrypted self-unique key and the encrypted third party unique key from the key management server. , Decrypts the received encrypted self-unique key and encrypted other-person unique key with the secret key, and temporarily stores the self-unique key and the other-person unique key obtained by the decryption. When receiving the data representative of the expiration, the processing is terminated without permitting the decryption of the encrypting process and the ciphertext of the plaintext, the control method of the client. 57. The client control method according to claim 56, wherein after the plaintext encryption processing or the ciphertext decryption processing is completed, the self-unique key and the third-party unique key that are temporarily stored are deleted. . 58. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server including a management database storing a public key generated by a client by a public key / private key generation unit for generating a secret key, a unique data storage unit storing the ID, and a public key / secret A control program for the key management server in a cryptographic system configured by mutually connecting a client having key generation means via a network, receiving a public key and an ID transmitted in advance from the client, I sent from the client
D is received, and it is determined whether data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID, and it is determined that the data indicating the revocation is not stored. In this case, the public key stored in the management database is used to encrypt the self-unique key and the other person's unique key to generate an encrypted self-unique key and an encrypted other person's unique key. Distributing the self-unique key and the encrypted other party's unique key to the client, and transmitting the data indicating the revocation to the client when the determining means determines that the data indicating the revocation is stored. Program that controls the key management server. 59. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server including a management database storing a public key generated by a client by a public key / private key generation unit for generating a secret key, a unique data storage unit storing the ID, and a public key / secret A control program for the client in a cryptographic system configured by connecting a client having key generation means with each other via a network, wherein the public key / private key generation means generates a public key and a secret key; The generated public key and the ID stored in the unique data storage unit are transmitted to the key management server. The ID stored in the storage means is transmitted to the key management server. If it is determined that the management database does not store data indicating revocation corresponding to the ID, the ID is distributed from the key management server. Receiving the encrypted self-unique key and the encrypted other-person unique key obtained by encrypting the self-unique key and the other person's unique key with the public key stored in the management database, and storing the ID in the management database. When it is determined that the data indicating the revocation is stored in correspondence with the above, the data indicating the revocation transmitted from the key management server is received, and the encrypted self-unique key and the encryption etc. are transmitted from the key management server. When the private key is distributed, the distributed encrypted self-proprietary key and the encrypted private private key are decrypted with the private key, and the private private key and the private private key obtained by the decryption are decrypted. Temporarily storing, when receiving the data representative of the expiration from the key management server, controls the client to terminate the processing without permitting the decryption of the encrypting process and the ciphertext of the plaintext, the program. 60. The client according to claim 59, wherein after the encryption processing of the plaintext or the decryption processing of the ciphertext is completed, the client is controlled to delete the self-unique key and the other-unique key stored temporarily. The program described. 61. A method for controlling a cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server includes, for each user, an ID unique to the user, A management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by a user, and another person's unique key which is a self-unique key of another person other than the user; Comprises a unique data storage unit storing the ID and a pair of a public key and a secret key in a public key encryption method, wherein the client stores the ID and the public key stored in the unique data storage unit. The key management server, which has transmitted the ID to the management server and received the ID, revoked the self-unique key corresponding to the received ID in the management database. It is determined whether or not data representing the revocation is stored. If it is determined that the data representing the revocation is not stored, the received public key
The self-unique key and the other-person unique key stored in the management database are encrypted to generate an encrypted self-unique key and an encrypted other-person unique key, and the generated encrypted self-unique key and the encrypted other-person unique key are generated. The key is delivered to the client, and when it is determined that the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client. Key temporary storage means for temporarily storing the encrypted self-unique key and the encrypted self-unique key when the encrypted self-unique key and the encrypted third party unique key are distributed from the key management server. And decrypting the encrypted other party's unique key with the secret key stored in the unique data storage means, storing the self unique key and the other party's unique key obtained by the decryption in the temporary key storage means, Sa When receiving data representing expire server ends the processing without permitting the decryption of the encrypting process and the ciphertext of the plaintext, the control method of the cryptographic system. 62. A control method for a cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server includes, for each user, an ID unique to the user, A self-unique key used for plaintext encryption processing and ciphertext decryption processing by a user, another person's unique key that is a self-unique key of another person other than the user, and a public key and a private key in a public key encryption method. It has a management database that stores pairs and
The client includes a unique data storage unit that stores the ID and the secret key, and the key management server stores a unique unique key in the management database corresponding to the ID transmitted from the client. It is determined whether or not data indicating the revocation is stored. If it is determined that the data indicating the revocation is not stored, the data is stored in the management database using the public key stored in the management database. The stored self-unique key and the other's unique key are encrypted to generate an encrypted self-unique key and an encrypted other's unique key. Deliver to client,
When it is determined that the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client, and the client transmits the encrypted self-unique key and the encrypted other-unique key from the key management server. Received, the received encrypted self-unique key and encrypted other-person unique key are decrypted with the secret key stored in the unique data storage means, and the self-unique key and the other person's unique key obtained by the decryption are decrypted. A cryptographic system control method for temporarily storing a key and terminating processing without permitting plaintext encryption processing and ciphertext decryption processing when data indicating revocation is received from the key management server; . 63. The cipher according to claim 62, wherein, after the plaintext encryption processing or the ciphertext decryption processing is completed in the client, the temporarily stored self-unique key and other party's unique key are erased. How to control the system. 64. A cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server comprises, for each user, an ID unique to the user, and a plaintext by the user. The self-unique key used in the encryption process and the decryption process of the ciphertext, the other unique key that is the self-unique key of another person other than the user, and the pair of the public key and the secret key in the public key encryption method. The client has unique data storage means for storing the ID and the secret key, and the key management server corresponds to the ID transmitted from the client. Determining means for determining whether data indicating the revocation of the self-unique key is stored in the management database; When it is determined that data indicating revocation is not stored, the self-unique key and the other person's unique key stored in the management database are encrypted with the public key stored in the management database. Distribution means for generating an encrypted self-unique key and an encrypted third party unique key, and distributing the generated encrypted self-unique key and encrypted third party unique key to the client; and data indicating the revocation by the determination means. When it is determined that is stored, the transmission means for transmitting data indicating the revocation to the client, the client comprising:
When receiving the encrypted self-unique key and the encrypted other party's unique key from the key management server, the received encrypted self-unique key and encrypted other party's unique key are stored in the secret key stored in the unique data storage means. Decryption means, a storage means for temporarily storing the self-unique key and the other-person unique key obtained by the decryption, and, when data indicating revocation is received from the key management server, plaintext encryption processing and An encryption system comprising a processing termination unit that terminates processing without permitting decryption processing of cipher text. 65. The client further comprises an erasing unit for erasing the self-unique key and the other-unique key stored in the storage unit after the plaintext encryption process or the ciphertext decryption process is completed. 65. The cryptographic system of claim 64. 66. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server having a management database storing pairs of private keys and secret keys, and a client having unique data storage means storing the IDs and the secret keys are mutually connected via a network. A key management server in the configured cryptographic system, the determination means for determining whether or not data indicating the revocation of the self-unique key is stored in the management database in accordance with the ID transmitted from the client; If it is determined by the determining means that the data indicating the revocation is not stored, the data is stored in the management database. The public key encrypts the self-unique key and the other-person unique key stored in the management database to generate an encrypted self-unique key and an encrypted other-person unique key. A transmission unit that distributes the encrypted other party's unique key to the client; and a transmission that transmits data indicating the revocation to the client when the determination unit determines that the data indicating the revocation is stored. A key management server having means. 67. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is the user's own unique key, and a public key and A key management server including a management database storing a pair of secret keys and a client including a unique data storage unit storing the ID and the secret key are connected to each other via a network. This is a control method of the key management server in the cryptographic system to be executed, and corresponds to the ID transmitted from the client,
In the management database, it is determined whether data indicating the revocation of the self-unique key is stored. If it is determined that the data indicating the revocation is not stored, the data stored in the management database is determined. The public key encrypts the self-unique key and the other-person unique key stored in the management database to generate an encrypted self-unique key and an encrypted other-person unique key. A control method for a key management server, comprising: distributing an encrypted third party unique key to the client; and transmitting data indicating the revocation to the client when it is determined that the data indicating the revocation is stored. 68. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server having a management database storing pairs of private keys and secret keys, and a client having unique data storage means storing the IDs and the secret keys are mutually connected via a network. A transmission means for transmitting the ID to the key management server, and it is determined that the management database does not store data indicating the revocation of the self-unique key corresponding to the ID. Is stored in the management database with the public key stored in the management database and delivered from the key management server when the Self-specific key and others unique key encryption self inherent key and the encryption others inherent key by encrypting a first receiving means for receiving said ID to said management database
A second receiving means for receiving data indicating revocation transmitted from the key management server when it is determined that data indicating revocation is stored in correspondence with the encryption key; When receiving the key and the encrypted other party's unique key, the decryption means decrypts the received encrypted self-unique key and encrypted other party's unique key with the secret key stored in the unique data storage means. Storage means for temporarily storing the received self-unique key and other-person unique key, and permitting plaintext encryption processing and ciphertext decryption processing when data indicating revocation is received from the key management server. A client provided with processing termination means for terminating the processing without any processing. 69. An apparatus according to claim 69, further comprising an erasing means for erasing the self-unique key and the other-person's unique key stored in said storage means after completing the plaintext encryption processing or the ciphertext decryption processing. 68. The client according to 68. 70. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server having a management database storing pairs of private keys and secret keys, and a client having unique data storage means storing the IDs and the secret keys are mutually connected via a network. A method of controlling a client in a configured cryptographic system, wherein the ID is transmitted to the key management server, and it is determined that the management database does not store data indicating revocation of a self-unique key corresponding to the ID. Is stored in the management database with the public key stored in the management database and delivered from the key management server when the An encrypted self-unique key and an encrypted other-unique key, which are obtained by encrypting the self-unique key and the other unique key, are received from the key management server, and data indicating revocation corresponding to the ID is stored in the management database. When it is determined that the key is stored, data indicating revocation transmitted from the key management server is received, and when the encrypted self-unique key and the encrypted other party's unique key are received from the key management server,
The received encrypted self-unique key and encrypted other's unique key are decrypted with the secret key stored in the unique data storage means, and the self-unique key and the other's unique key obtained by the decryption are temporarily stored. And a client control method for terminating processing without permitting plaintext encryption processing and ciphertext decryption processing when data indicating revocation is received from the key management server. 71. The client control method according to claim 70, wherein after the encryption processing of the plaintext or the decryption processing of the ciphertext, the self-unique key and the other-unique key stored temporarily are deleted. . 72. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server having a management database storing pairs of private keys and secret keys, and a client having unique data storage means storing the IDs and the secret keys are mutually connected via a network. A control program for a key management server in the configured cryptographic system, which determines whether or not data indicating the revocation of the self-unique key is stored in the management database in accordance with the ID transmitted from the client; If it is determined that the data indicating the revocation is not stored, the public key stored in the management database is The self-unique key and the other-person unique key stored in the management database are encrypted to generate an encrypted self-unique key and an encrypted other-person unique key, and the generated encrypted self-unique key and the encrypted other-person unique key are generated. A program for distributing a key to the client and, when it is determined that the data indicating the revocation is stored, controls a key management server for transmitting data indicating the revocation to the client. 73. For each user, an I
D, a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and a public key in a public key encryption method. A key management server having a management database storing pairs of private keys and secret keys, and a client having unique data storage means storing the IDs and the secret keys are mutually connected via a network. A control program for the client in the configured cryptographic system, transmitting the ID to the key management server,
The public key stored in the management database and delivered from the key management server when it is determined that data indicating the revocation of the self-unique key corresponding to the ID is not stored in the management database. Receiving the encrypted self-unique key and the encrypted other-unique key generated by encrypting the self-unique key and the other-person unique key stored in the management database, and storing the ID in the management database.
When it is determined that the data indicating the revocation is stored in correspondence with the above, the data indicating the revocation transmitted from the key management server is received, and the encrypted self-unique key and the encryption etc. are transmitted from the key management server. When the third party unique key is distributed, the distributed encrypted self-unique key and the encrypted third party unique key are decrypted with the secret key stored in the unique data storage means, and the self-unique key obtained by decryption is obtained. And a client that temporarily stores the other party's unique key and terminates the process without permitting the plaintext encryption process and the ciphertext decryption process when receiving data indicating revocation from the key management server. A program that controls 74. The method according to claim 73, wherein the client is controlled so as to erase the self-unique key and the other-unique key temporarily stored after the plaintext encryption process or the ciphertext decryption process is completed. The described program. 75. A method for controlling a cryptographic system comprising a key management server and a client mutually connected via a network, wherein the key management server includes, for each user, an ID unique to the user, A management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by a user, a third-party unique key that is a self-unique key of another person other than the user, and secret data; A first public key / private key generating means for generating a first public key / first secret key pair in the method, wherein the client has a unique data storage storing the ID and the secret data. Means for generating a pair of a second public key and a second secret key in a public key cryptography method. A second public key and a second secret key are generated by the second public key / private key generation unit, and the generated second public key and the ID stored in the unique data storage unit are stored in the key management unit. The key management server, which has transmitted to the server and received the second public key and the ID,
In response to D, it is determined whether data indicating the revocation of the self-unique key is stored in the management database, and if it is determined that the data indicating the revocation is not stored, A first public key and a first secret key are generated by one public key / private key generation means;
The received first public key is encrypted with the received second public key to generate an encrypted first public key, and the generated encrypted first public key is generated.
Distributes the public key to the client and receives the encrypted first public key. The client generates the first public key by decrypting the encrypted first public key received with the second secret key. Encrypting the secret data stored in the unique data storage means with the generated first public key to generate encrypted secret data; transmitting the generated encrypted secret data to the key management server; Upon receiving the encrypted secret data, the key management server stores the received encrypted secret data in the first key.
The secret data is obtained by decrypting the secret data with the secret key stored in the management database, provided that the obtained secret data is the same as the secret data stored in the management database. The encrypted self-unique key and the other unique key are encrypted to generate an encrypted self-unique key and an encrypted other unique key, and the generated encrypted self-unique key and the encrypted other unique key are transmitted to the client. When it is determined that the data is distributed and the data indicating the revocation is stored, the data indicating the revocation is transmitted to the client, and the client transmits the encrypted self-unique key and the encryption from the key management server. When the third party unique key is distributed, the distributed encrypted self-unique key and the encrypted third party unique key are decrypted with the secret key stored in the unique data storage means, and are obtained by decryption. Temporarily stores the self-unique key and the other-unique key, and when data indicating revocation is received from the key management server, performs processing without permitting plaintext encryption processing and ciphertext decryption processing. Control method of the cryptographic system to end the process. 76. The cipher according to claim 75, wherein the client clears the self-unique key and the third-party unique key temporarily stored after the plaintext encryption process or the ciphertext decryption process is completed in the client. How to control the system. 77. An encryption system comprising a key management server and a client mutually connected via a network, wherein the key management server includes, for each user, an ID unique to the user and a plaintext by the user. A management database storing a self-unique key used for encryption and decryption of ciphertext, a unique key of another person other than the user, and secret data; A first public key / private key generating means for generating a pair of a first public key and a first secret key,
The client includes a unique data storage unit storing the ID and the secret data, and a second public key / private key generation unit that generates a pair of a second public key and a second secret key in a public key encryption method. Means, wherein the client further generates a second public key and a second secret key by means of second public key / private key generation means, and generates the second public key and the unique data storage. Transmitting means for transmitting the ID stored in the means to the key management server;
The key management server further includes a first receiving unit that receives the second public key and the ID, and whether the data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID. The first public key / first secret key generation unit determines that the first public key and the first public key have not been stored. Generating a secret key, encrypting the generated first public key with the received second public key to generate an encrypted first public key, and distributing the generated encrypted first public key to the client; Receiving means for receiving an encrypted first public key, and decrypting the encrypted first public key received by the receiving means with the second secret key. The first public Generating a key; encrypting the secret data stored in the unique data storage means with the generated first public key to generate encrypted secret data; and transmitting the generated encrypted secret data to the key management server. Transmitting means for transmitting, the key management server further decrypting the encrypted secret data received by the second receiving means with the first secret key, the second receiving means receiving the encrypted secret data; The secret data is obtained, and provided that the obtained secret data is the same as the secret data stored in the management database, the second data received by the first receiving means.
Encrypts the self-unique key and the other's unique key stored in the management database with the public key of the above, generates an encrypted self-unique key and an encrypted other's unique key, and generates the generated encrypted self-unique key and encryption. Second distributing means for distributing the authorized third party unique key to the client, and transmitting the data indicating the revocation to the client when the determining means determines that the data indicating the revocation is stored. Transmitting means, wherein the client further transmits the encrypted self-unique key and the encrypted other unique key when the encrypted self-unique key and the encrypted other unique key are distributed from the key management server. Decryption means for decrypting with the secret key stored in the unique data storage means, storage means for temporarily storing a self-unique key and another person's unique key obtained by decryption, and When receiving data representing revocation from the key management server, and a processing termination means to end the process without permitting decryption of the encryption processing and the ciphertext of the plaintext, the cryptographic system. 78. The client further comprises erasing means for erasing the self-unique key and the other-unique key stored in the storage means after completing the plaintext encryption processing or the ciphertext decryption processing. 78. The cryptographic system of claim 77, wherein: 79. For each user, an I
D, a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and secret data. A key management server including first public key / private key generation means for generating a first public key / first secret key pair in a public key encryption method, and storing the ID and the secret data. And a second public key / private key generation means for generating a pair of a second public key and a second secret key in the public key encryption method. A server in a cryptographic system configured to be connected to each other, wherein the client includes a second public key and a second First receiving means for receiving a public key, the ID stored in the specific data storage means,
A judging means for judging whether or not data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID. The judging means judges that the data indicating the revocation is not stored. The first public / private key generation means
Generates a public key and a first secret key, and encrypts the generated first public key with the received second public key to generate an encrypted first key.
A first distribution means for generating a public key of the first public key and distributing the generated encrypted first public key to the client; and transmitting the encrypted first public key received by the client to the second public key.
Receiving the encrypted secret data generated by encrypting the secret data stored in the unique data storage means with the decrypted first public key and receiving the encrypted secret data from the client. The encrypted secret data received by the second receiving means is decrypted with the first secret key to obtain secret data, and the obtained secret data is the same as the secret data stored in the management database. On the condition that the self-unique key and the other-person unique key stored in the management database are encrypted with the second public key received by the first receiving means, A second distribution means for generating an encrypted other party's unique key, and delivering the generated encrypted self-unique key and the encrypted other party's unique key to the client, and indicating the revocation by the determination means. If it is determined that the data is stored, the data representing the revocation and a transmission means for transmitting to the client, the key management server. 80. For each user, an I
D, a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and secret data. A key management server including first public key / first secret key generation means for generating a first public key / first secret key pair in a public key encryption method, and storing the ID and the secret data. And a client provided with a second public key / private key generation means for generating a pair of a second public key and a second secret key in the public key encryption method, via a network. A method for controlling the key management server in a cryptographic system configured to be connected to each other, wherein a second public key / private key generation unit generates a second public key / private key in the client.
A second public key of the public key and the second secret key of
Receiving the ID stored in the unique data storage means, determining whether data indicating the revocation of the self-unique key is stored in the management database in accordance with the received ID, and indicating the revocation; If it is determined that the data is not stored, the first public key / private key generation means generates the first public key and the first secret key, and generates the first public key and the first secret key using the received second public key. Encrypting the first public key to generate an encrypted first public key, distributing the generated encrypted first public key to the client, and encrypting the first public key received by the client. The encrypted secret data generated by encrypting the secret data stored in the unique data storage means with the decrypted first public key and the decrypted first public key is transmitted from the client. And decrypting the received encrypted secret data with the first secret key to obtain secret data, provided that the obtained secret data is the same as the secret data stored in the management database. The self-unique key and the other-person unique key stored in the management database are encrypted with the received second public key to generate an encrypted self-unique key and an encrypted other-person unique key. Distribute the unique key and the encrypted third party unique key to the client,
A method for controlling a key management server, comprising: transmitting data indicating revocation to the client when determining that the data indicating revocation is stored. 81. For each user, an I
D, a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and secret data. A key management server including first public key / first secret key generation means for generating a first public key / first secret key pair in a public key encryption method, and storing the ID and the secret data. And a client provided with a second public key / private key generation means for generating a pair of a second public key and a second secret key in the public key encryption method, via a network. A second public key and a second secret key generated by a second public key / private key generation unit, and the generated second public key; When A first transmission unit for transmitting the ID stored in the unique data storage unit to the key management server; and a case where it is determined that data indicating the revocation of the self-unique key is not stored in the management database. The first public key generated by the first public key / private key generation means and the first public key of the first secret key are encrypted with the received second public key and generated. First receiving means for receiving the encrypted first public key from the key management server, and decrypting the encrypted first public key received by the first receiving means with the second secret key. 1 is generated, the secret data stored in the unique data storage means is encrypted with the generated first public key to generate encrypted secret data, and the generated encrypted secret data is stored in the key. The second to send to the management server The secret data received by the key management server is decrypted with the first secret key, and the obtained secret data is the same as the secret data stored in the management database. The encrypted self-unique key and encrypted other-unique key generated by distributing the self-unique key and the other-unique key stored in the management database with the second public key are generated by the second public key. The second received from the key management server
Receiving means for receiving the data indicating the revocation in the management database, receiving the data indicating the revocation transmitted from the key management server, and the key management server When the encrypted self-unique key and the encrypted other-person unique key are distributed from the server, the distributed encrypted self-unique key and the encrypted other-person unique key are decrypted by the secret key stored in the unique data storage means. Decryption means, storage means for temporarily storing the self-unique key and the other-person's unique key obtained by decryption, and, when data indicating revocation is received from the key management server, plaintext encryption processing and ciphertext A client provided with processing termination means for terminating the processing without permitting the decryption processing. 82. An apparatus according to claim 82, further comprising an erasing means for erasing the self-unique key and the other-person unique key stored in said storage means after the plaintext encryption processing or the ciphertext decryption processing is completed. 81. The client according to 81. 83. For each user, an I
D, a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and secret data. A key management server including first public key / first secret key generation means for generating a first public key / first secret key pair in a public key encryption method, and storing the ID and the secret data. And a client provided with a second public key / private key generation means for generating a pair of a second public key and a second secret key in the public key encryption method, via a network. A second public key / private key generation means for generating a second public key and a second secret key, wherein the second public key and the second secret key are generated by a second public key / private key generation means. The ID stored in the public key and the specific data storage means and transmitted to the key management server,
When it is determined in the management database that data indicating the revocation of the self-unique key is not stored, the first public key and the first secret key generated by the first public key / private key generation unit are determined. An encrypted first public key generated by encrypting the first public key of the keys with the received second public key is received from the key management server, and the received encrypted first public key is received. Is decrypted with the second secret key and the first
And generates the encrypted secret data by encrypting the secret data stored in the unique data storage means with the generated first public key, and stores the generated encrypted secret data in the key management The encrypted secret data transmitted to the server and received by the key management server is decrypted with the first secret key, and the obtained secret data is the same as the secret data stored in the management database. The encrypted self-unique key and the encrypted other-person unique key, which are generated and distributed according to the condition, are obtained by encrypting the self-unique key and the other-person unique key stored in the management database with the second public key. , Data received from the key management server and transmitted from the key management server when it is determined that the data indicating the revocation is stored in the management database. Upon receiving and distributing the encrypted self-unique key and the encrypted other unique key from the key management server, the distributed encrypted self-unique key and the encrypted other unique key are stored in the unique data storage means. Decrypted with the secret key, temporarily stores the self-unique key and the other-unique key obtained by the decryption, and when data indicating revocation is received from the key management server, encrypts the plaintext. A client control method that terminates processing without permitting decryption processing of ciphertext. 84. The client control method according to claim 83, wherein after the encryption process of the plaintext or the decryption process of the ciphertext is completed, the self-unique key and the other-unique key stored temporarily are deleted. . 85. For each user, an I
D, a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and secret data. A key management server including first public key / private key generation means for generating a first public key / first secret key pair in a public key encryption method, and storing the ID and the secret data. And a second public key / private key generation means for generating a pair of a second public key and a second secret key in the public key encryption method. A control program for the key management server in a cryptographic system configured to be connected to each other. And the second public key of the second secret key and the ID stored in the unique data storage means, and in accordance with the received ID, invalidates the self-unique key in the management database. The first public key / first secret key generating means determines whether the first public key and the first public key have been stored. Generating a secret key, encrypting the generated first public key with the received second public key to generate an encrypted first public key, and distributing the generated encrypted first public key to the client; And
The encrypted first public key received by the client is decrypted with the second secret key, and the secret data stored in the unique data storage is encrypted with the decrypted first public key. Receiving the encrypted secret data generated from the client, decrypting the received encrypted secret data with the first secret key to obtain secret data,
Provided that the obtained secret data is the same as the secret data stored in the management database, the self-unique key and the other party's unique key stored in the management database are received by the received second public key. To generate an encrypted self-unique key and an encrypted third party unique key, distribute the generated encrypted self-unique key and the encrypted third party unique key to the client, and store data indicating the revocation. A program that controls the key management server to transmit data indicating revocation to the client when it is determined that the key management server is inactive. 86. For each user, an I
D, a management database storing a self-unique key used for plaintext encryption processing and ciphertext decryption processing by the user, another person's unique key that is a self-unique key of another person other than the user, and secret data. A key management server including first public key / private key generation means for generating a first public key / first secret key pair in a public key encryption method, and storing the ID and the secret data. And a client provided with a second public key / private key generation means for generating a pair of a second public key and a second secret key in the public key encryption method, via a network. A control program for the client in the cryptographic system interconnected and configured to generate a second public key and a second secret key by a second public key / private key generation unit; When the second public key and the ID stored in the unique data storage unit are transmitted to the key management server, and it is determined in the management database that data indicating the revocation of the self-unique key is not stored. The first public key generated by the first public key / private key generation means and the first public key of the first secret key are encrypted with the received second public key and generated. Receiving the encrypted first public key from the key management server, and decrypting the received encrypted first public key with the second secret key to generate a first public key. Encrypting the secret data stored in the unique data storage means with one public key to generate encrypted secret data; transmitting the generated encrypted secret data to the key management server; Received encrypted secret data Is decrypted with the first private key, and is generated and distributed on condition that the obtained secret data is the same as the secret data stored in the management database. An encrypted self-unique key and an encrypted other-person unique key obtained by encrypting the self-unique key and the other-person unique key stored in the management database are received from the key management server, and the revocation is performed in the management database. When it is determined that the data to be stored is stored, the key management server receives the data indicating the revocation and transmits the encrypted self-unique key and the encrypted other party's unique key from the key management server. In this case, the distributed encrypted self-unique key and encrypted other party's unique key are decrypted with the secret key stored in the unique data storage means, and the self-unique key and other information obtained by the decryption are decrypted. Temporarily stores the user's unique key and controls the client to terminate the process without permitting the plaintext encryption process and the ciphertext decryption process when data indicating revocation is received from the key management server. Program. 87. The method according to claim 86, wherein the client is controlled so that the self-unique key and the other-unique key stored temporarily are deleted after the plaintext encryption process or the ciphertext decryption process is completed. The program described. 88. Claims 19 to 26, Claims 43 to 47, Claims 58 to 60, and Claims 72 to 72.
74. A computer-readable recording medium recording the program according to any one of claims 85 to 87.