JP2006345261A - Data processor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To share data in a group while suppressing the increase of load due to encryption/decryption processing. <P>SOLUTION: An encrypted data key obtained by encrypting a data key K for encrypting data DT by a public key KPu1 for a group is previously stored, an encrypted group secret key E (KPu1, Kg1) obtained by encrypting a secret key of the group by a public key of a user belonging to the group is previously registered, and when the user belonging to the group intends to refer to the data DT, the encrypted group secret key E (KPu1, Kg1) is decoded by a user's secret key Ku1 to acquire the group secret key Kg1, the encrypted data key is decoded by using the group secret key to acquire the data key K and the encrypted data E (K, DT) are decoded by using the data key K to obtain the plain data DT. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a data processing apparatus capable of sharing keys within a group and sharing encrypted data within the group while maintaining security by making the data encrypted data.

  When storing important documents and personal information on a recording medium in an information device such as a personal computer, it is desirable that only the designated user can view or change the contents. For this reason, it is generally used that these important data are encrypted and recorded.

  However, when data is encrypted, key data is required, and data is decrypted based on this key. Therefore, it is important to store this key securely.

  FIG. 19 shows a conventional encrypted file sharing system disclosed in Patent Document 1. FIG. 20 is an explanatory diagram showing the operation. In FIG. 19, 3 is a terminal device operated by a user, 5 is a server for storing files, and 8 is a key management device for managing keys. The terminal device 3, the server 5, and the key management device 8 are connected via a network. In the following description, encryption performed based on a predetermined algorithm is represented by the symbol E. For example, encrypting A with the key K is expressed as E (K, A). In addition, the symbol D indicates that the encrypted data or the like is decrypted based on a predetermined algorithm and returned to the original plaintext. For example, decryption of the encrypted data B using the key K is expressed as D (K, B).

  In the terminal device 3, 13 is a data key generation unit that generates a data key K for encrypting a file (data DT), 14 is a data encryption unit that encrypts a file with the generated data key K, and 15 is data A data key encryption unit that encrypts the key itself with a public department key KPg described later, 17 is a data key decryption unit that decrypts the encrypted data key sent from the server 5 when referring to the file, and 18 is a decrypted data key K. This is a data decryption unit for decrypting a file (data DT) encrypted using. Reference numeral 11 denotes a storage device connected to the terminal device 3. In the storage device 11, 111 is a public personal key KPu, and 112 is a secret personal key Ku.

  Reference numeral 21 denotes a storage device for storing the encrypted data E (K, DT) and the encrypted data key E (KPg, K) as a set, and 22 is a storage device for storing the department key. Reference numeral 221 denotes a public department key KPg, and 222 denotes an encrypted secret department key E (KPm, Kg) obtained by encrypting the secret department key Kg with the public master key KPm. The storage device 21 and the storage device 22 are each connected to the server 5. In the storage device 22, there are as many sets of public department keys and secret department keys as the number of classified sections.

  Further, in the key management device 8, reference numeral 73 denotes a secret department key decryption unit for decrypting the encrypted secret department key E (KPm, Kg) encrypted with the public master key KPm with the secret master key Km, and 74 denotes the secret department key Kg. The data key encryption unit encrypts the decrypted data key K with the public personal key KPu.

  Next, the operation will be described with reference to FIGS. When data DT is encrypted and stored in the server 5, the data encryption unit 14 and the data key encryption unit 15 of the terminal device 3 respectively store the data DT using the data key K generated by the data key generation unit 13. Encrypt E (K, DT), encrypt the data key K using the public department key KPg 221 corresponding to the designated confidential classification, E (KTg, K), and encrypt the encrypted data E (K, DT) The key E (KPg, K) is transmitted to the server 5 and stored in the storage device 21.

  Next, the data reference time when referring to the data stored in the storage device 21 will be described. When the terminal device 3 requests the server 5 to transmit the encrypted data and the encrypted data key stored in the storage device 21, the server 5 sends the encrypted data E (K, DT) and the encrypted data key E (KPg, K) are transmitted. The terminal device 3 that has received both the data transmits the public personal key KPu111 to the server 5 together with the received encrypted data key E (KPg, K). The server 5 reads the encrypted secret section key E (KPm, Kg) encrypted by the public master key KPm from the storage device 22, and decrypts it with the secret master key Km D (Km, E (KPm, Kg) ). Then, the secret department key Kg is obtained.

  On the other hand, the encrypted data key E (KPg, K) received from the terminal device 3 is decrypted with the secret department key KG obtained by the above-described decryption D (Kg, E (KPg, K)). Thereby, the data key K is obtained. The data key K is encrypted with the public personal key KPu sent from the terminal device 3 (E (KPu, K)). The encrypted data key E (KPu, K) is transmitted to the terminal device 3.

  In the terminal device 3, the received encrypted data key K (KPu, K) is decrypted with the secret personal key Ku112 D (Ku, E (KPu, K)). Thereby, the data key K is obtained. Using this data key K, D (K, E (K, DT)) for decrypting the encrypted data E (K, DT) transmitted from the server 5 described above. Then, plain text data DT is obtained.

  As described above, in the case of the first system disclosed in Patent Document 1, the number of times of performing the encryption and decryption processes is relatively large, which involves a large load.

  FIGS. 21A and 21B show a conventional encrypted file sharing system disclosed in Patent Document 2. FIG. FIGS. 21A and 21B relate to the encrypted file itself and the processing portion that handles the encrypted file, particularly focusing on the operation at the time of file decryption. In the figure, reference numeral 70 denotes an encrypted file. In the encrypted file 70, 68 is encrypted text that is the substance of the encrypted file 70, and 74 is a file encryption key E (KPu, K encrypted with the public key KPu of the user who has the authority to decrypt the encrypted file 70. ) Is a data decryption field. The data decryption field 74 has an area for a plurality of users having access authority for the file.

  84 is a private key (secret key) Pu of a user having the authority to decrypt the file, and 86 is decrypted with a secret key Ku given by the private key 84 from a plurality of file encryption keys K held in the data decryption field 74. A data decoding field extraction mechanism that extracts what can be done. 60 is a finally extracted file encryption key K, 88 is a file decryption means for decrypting the encrypted text E (K, DT) 68 using the file encryption key K60, and 64 is a decrypted non-decryption It is a cipher text DT.

  Next, the operation will be described. At the time of data storage for encrypting and storing the file DT, a file encryption key K60 is generated by a random number generator (not shown). The file 64 is encrypted with the file encryption key K60, and the encrypted file 70 is stored with the encrypted text 68 and the encrypted file E (K, DT) prepared in advance. When granting the access authority of another user to the encrypted file 70, the file encryption key K60 is encrypted with the public key KPu of the user who grants the access authority, and the encryption key E (KPu, K) is the data decryption field. Add to 74.

When data is referred to by decrypting the encrypted file 70 and referring to the file (data), first, the private key Ku84 of its own is given to the data decryption field extraction mechanism 86. The data decryption field extraction mechanism 86 finds the encrypted file encryption key E (K, DT) registered in the data decryption field 74 with the given secret key Ku84, decrypts it with the secret key Ku84, and D (Ku, E (KPu, K)), the file encryption key K60 is obtained. Subsequently, the encrypted text 68 is decrypted by the file decrypting means 88, and D (K, E (K, DT)) is obtained to obtain the unencrypted text DT64.
JP-A-9-294120 JP-T-2001-516913

  In order to obtain a data key, the first system according to Patent Document 1 decrypts an encrypted secret department key E (KPm, Kg) using a secret master key Km and uses the secret department key Kg to encrypt an encrypted data key. E (KPg, K) is decrypted, and then the decrypted data key K is once again encrypted with the public personal key KPu and sent, and the encrypted data key E (KPu, K) is decrypted with the secret personal key Ku. It is processing. In general, encryption and decryption processing using a public key cryptosystem requires a large amount of processing, and it is a very heavy load to perform these series of processing.

  In the second system according to Patent Document 2, the data decryption field 74 has an area for a plurality of users having access authority for the file, but has a key corresponding to all users having authority for each file. When the number of users with access rights and the number of files increase, there is a problem that the data size becomes very large. Moreover, since the data decryption field for controlling the access authority for each user is included in each encrypted file, it is necessary to maintain the access authority for each individual file according to, for example, increase / decrease or change of users. There was a problem that the operational load was high.

  The present invention has been conceived in view of such circumstances, and its purpose is to provide a data processing apparatus capable of sharing data within a group while suppressing an increase in load associated with encryption and decryption processing. Is to provide.

  Another object of the present invention is to provide a data processing apparatus that can easily maintain access authority accompanying addition, change, or deletion of users while suppressing an increase in data size accompanying an increase in the number of users with access authority belonging to a group. It is to be.

  The present invention according to claim 1 is a data processing apparatus for securely sharing data within a group, the encrypted data storing means for storing encrypted data encrypted with a data key, Register an encrypted data key storage means for storing an encrypted data key obtained by encrypting a data key with a public key, and an encrypted group secret key obtained by encrypting a group private key with a public key of a user belonging to the group The encryption group private key registration means and the encryption group private key encrypted with the public key of the user registered in the encryption group private key registration means when a user belonging to the group refers to the data. An encryption group private key acquisition means for obtaining from the encrypted group private key, and the encryption group private key obtained by the encryption group private key acquisition means An encryption group private key decryption unit for decryption and an encryption for decrypting the encrypted data key stored in the encrypted data key storage unit using the group private key decrypted by the encryption group private key decryption unit An encrypted data key decrypting means, and an encrypted data decrypting means for decrypting the encrypted data stored in the encrypted data storage means using the data key decrypted by the encrypted data key decrypting means. Features.

  According to such a configuration, the group secret key is encrypted and managed with the public key of each user belonging to the group. In order to acquire the key, it is only necessary to decrypt the group secret key with the user secret key and decrypt the encryption key with this group secret key, so the processing amount is small, and accompanying encryption and decryption processing Data can be shared within a group while suppressing an increase in load.

  The present invention according to claim 2 is a data processing apparatus for securely sharing data within a group, wherein an encrypted data key is obtained by encrypting a data key for encrypting data with a public key of the group Encrypted data key storage means for storing, group user registration means for registering users belonging to the group, and encrypted group secret obtained by encrypting the group secret key with the public key of the user registered in the group user registration means Encrypted group secret key registration means for registering a key, and an encrypted group secret key registration means for encrypting an encrypted group secret key encrypted with the public key of the user when a user belonging to the group refers to data The encryption group private key acquisition means for obtaining from among the encryption group private keys registered in the encryption group, and the encryption group private key acquisition means obtained by the encryption group private key acquisition means. The encrypted group secret key decrypting means for decrypting the encrypted group secret key with the user secret key and the group secret key decrypted by the encrypted group secret key decrypting means are stored in the encrypted data key storing means. An encrypted data key decrypting unit that decrypts an encrypted data key and obtains a data key, and a user registered in the group user registering unit in response to an operation of deregistering a certain user from the group User registration cancellation means for canceling registration of the user to be deleted, and the public key of the user registered by the user registration cancellation means among the encryption group private keys registered in the encryption group private key registration means And an encrypted group private key registration / deletion means for deleting the registration of the encrypted group private key obtained by encrypting the private key of the group.

  According to such a configuration, the encrypted group secret key obtained by encrypting the group secret key with the public key of each user included in the group is managed, and the data key for encrypting the data is encrypted with the group public key. In order to store the encrypted data key, even if the number of users with access authority belonging to the group increases, it is not necessary to increase the encryption data key. The increase in data size accompanying the increase in the number can be suppressed. Moreover, even if a user with access authority is added, changed, or deleted, it is not necessary to add, change, or delete the encryption data key. It becomes easy.

  According to a third aspect of the present invention, in addition to the configuration of the first or second aspect of the present invention, user identification data input means for inputting user identification data for identifying a user, and the user identification data User information registration means for registering user information generated based on user identification data input by the input means, and user secret key acquisition for acquiring a user secret key from the user information registered in the user information registration means The encrypted group secret key decrypting means decrypts the encrypted group secret key using the user secret key acquired by the user secret key acquiring means.

  According to a fourth aspect of the present invention, in addition to the configuration of the third aspect of the invention, the user identification data input means is provided with a user name input means for inputting a user name, and a user identification data input means. A password input means for inputting a user password; a user ID registration means provided in the user information registration means for generating a user ID that is a user-specific identifier and registering the user ID in association with the user name; and a password input means A password key generating means for generating a password key from the password input by the user ID registered in the user ID registration means, and a user information registration means provided for each user name input by the user name input means A pair key generation means for generating a set of the public key and the secret key of the user, and a secret key and a user ID generated by the pair key generation means A user data encryption unit that encrypts user data including a user ID registered in the recording unit using a password key generated by the password key generation unit, and a user information registration unit. Storage means for storing the encrypted user data encrypted by the encryption means and the public key generated by the pair key generation means, wherein the user secret key acquisition means is the user name input by the user name input means The user ID acquisition means for acquiring the user ID corresponding to the user ID registered in the user ID registration means, and the encrypted user data corresponding to the user name input by the user name input means in the storage means Encrypted user data acquisition means for acquiring from stored encrypted user data, and acquisition of the encrypted user data Encrypted user data decryption means for decrypting the encrypted user data obtained by the step using the password key generated by the password key generation means to obtain a secret key and a user ID, and the encrypted user data decryption And an ID collating unit that collates whether or not the user ID decrypted and acquired by the unit matches the user ID corresponding to the user name input by the user name input unit, and the encrypted group private key decrypting unit includes: The encrypted group secret key is decrypted by using the user private key decrypted and obtained by the encrypted user data decrypting means, on condition that the collation result by the ID collating means matches.

  According to a fifth aspect of the present invention, in addition to the configuration of the third or fourth aspect of the present invention, the user information registration means is a manager information for registering information of a manager user who is a group manager. It has a registration means.

  A data processing apparatus according to an embodiment of the present invention will be described with reference to FIG. FIG. 1 is a configuration diagram of the data processing device 106. The data processing device 106 has a storage device 105 and stores necessary data. The data encryption unit 100 generates an encryption key, encrypts the target data, and stores it in the storage device 105.

  Here, "encryption" means conversion of normal unencrypted data (plain text) according to some rule (algorithm) and conversion to data (cipher text) that does not know what it means to the third party. In addition, there is a decryption process in which the ciphertext can be restored to the original plaintext by some rule (which may not be the same as the first rule). Also, it is common to perform encryption processing using a “key” at the time of conversion so that the same plaintext does not always become the same ciphertext. In addition, there are common key cryptography that can be decrypted using the same “key” for decryption processing, and public key cryptography that can perform encryption processing and decryption processing using two keys in a predetermined pair. Common encryption schemes include DES (Data Encryption Standard) and AES (Advanced Encryption Standard), and public key cryptosystems include RSA cryptography and Elgamal cryptography.

  As the data encryption key (data key K) used here, it is desirable to use a different key for each data unit, for example, for each file, but it is also possible to use the same key for all.

  Further, the common key encryption unit 101 generates a unique encryption key (user public key KPu) for each user separately from the encryption key (data key K), encrypts the data key K, and The encryption key E (KPu, K) is stored in the storage device 105 together with the encrypted data E (K, DT). The public key cryptography described above is used as the cipher used here. A unique public key KPu and secret key Ku are generated for each user. Here, the encryption key (data key K) is encrypted using the public key KPu.

  The key management means 104 manages the user's private key Ku and public key KPu created above. User information including key information is created for each user and stored in the recording device 105. Further, when it is desired to decrypt the encrypted data E (K, DT), it is authenticated whether the user has the authority to decrypt the data, and when the user can decrypt the data, The encrypted key E (KPu, K) for decryption is given to the user. The common key decryption means 102 decrypts the encrypted key E (KPu, K) using the user's private key Ku. The data decrypting means 103 is configured such that the encrypted data E (K, DT) can be decrypted using the decrypted data key K.

  FIG. 2 is a diagram for explaining the configuration of the key management means 104 described above. The user input unit 201 provided in the key management unit 104 inputs and designates a user who uses data. The user information registration unit 202 creates key information KPu and Ku for each user, and stores them as user information 204 in the recording device 105. The secret key acquisition unit 203 performs a process of acquiring a user secret key Ku for decrypting data. For example, if the user name and password input by the user input unit 201 are authenticated and it is known that the user has authority to use the data, the secret key Ku is extracted from the user information 204, and the encrypted common key decryption unit 102 is obtained. Process to pass to. As described above, the data processing in the key management unit 104 can be roughly divided into processing for registering user information and processing for reading registered information.

  FIG. 3 is a configuration example of an apparatus that specifically realizes each unit of the data processing apparatus of FIG. This data processing apparatus can be easily realized by a general-purpose personal computer and its peripheral devices. Details of each component will be described below.

  A CPU (central processing unit) 500 functions in all processing units, and obtains a program in which each processing procedure is described from a main memory 503, an external memory 04, a network destination via the communication device 506, and the like. The CPU 500 performs processing while exchanging data with the display 501, keyboard 502, main memory 503, external memory 504, mouse 505, communication device 506, and the like that are mutually connected through the bus 507 including the CPU 500.

  Note that data exchange may be performed not only via the bus 507 but also via a communication cable or a wireless communication device that can transmit and receive data.

  The display 501 is usually realized in combination with a graphic chip, a video random access memory (VRAM), etc., converts data on the VRAM into a display signal, and sends it to a display (display / output medium) such as a liquid crystal. Displays the display signal as an image.

  As a means for a user to input a user name and password, there are a keyboard 502, a mouse 505, and the like, and user input data is input to each means via a bus 507. In addition, various input devices such as various operation devices and voice input using a microphone can be used. The keyboard 02 includes a mechanical or electronic switch that detects a pressed key. The mouse 505 includes a mechanical or electronic switch that detects a pressed state of a mouse button, and a mechanical or electronic sensor that detects a relative movement distance between the vertical and horizontal directions of the mouse.

  The main memory 503 is usually composed of a memory device such as a DRAM (Dynamic Random Access Memory) or a flash memory. Note that a memory or a register included in the CPU may be interpreted as a kind of main memory. The main memory 503 is used not only as a storage location for programs and data, but also as a work area necessary for executing the programs.

  The external storage 504 is storage means that can be attached and detached, such as an HDD (Hard Disk Drive) or a PC (Personal Computer) card. Alternatively, a main memory or an external memory attached to another network device connected to the CPU 00 via a network by wire or wireless can be used as the external memory 504.

  The communication device 506 is realized by a network interface card or the like, and exchanges data with other network devices connected by wireless or wired. In FIG. 3, the external storage is connected to other devices via a bus 507, but may be configured as an external storage of another network device. That is, external storage can be controlled through the communication device 506, and data can be transmitted and received via the network for data processing.

  An example of each means in FIG. 2 will be described with reference to FIG. The user input unit 201 includes a user name designation unit 301, a password generation unit 302, and a password input unit 303. The user information registration unit 202 includes a user ID generation unit 310, a user ID storage unit 314, a password key generation unit 311, a user key generation unit 312, a user secret key encryption unit 313, and a user key storage unit 315. The secret key acquisition unit 203 includes a user ID acquisition unit 320, a password key generation unit 311, a user key acquisition unit 321, a secret key decryption unit 322, and an ID verification unit 323.

  Next, the process flow will be described. First, the flow of processing for registering user information will be described with reference to the flowcharts of FIGS.

  First, in step S (hereinafter simply referred to as S) 101, a user name (U1 in FIG. 5) is input. The user name is, for example, a personal computer login name, an e-mail address, or other unique data for identifying the user. The user inputs this data using a keyboard, mouse or other input device. Next, a password is input (S102). A password is a character string arbitrarily determined by a user from specific characters and symbols, and refers to data known only to a user who is unknown to a third party. The user decides and enters a password. In FIG. 5, it is PW1. Further, the data processing apparatus newly generates a user ID and stores it in the storage device (S103). The user ID is data that can uniquely determine the user, and is generated by a random number or by a sequential number in the registration order. ID1 in FIG. A password key (Kpw1 in FIG. 5) is generated from the password and the user ID (S104). The password key Kpw1 is data calculated by a specific calculation from the password PW1 and the user ID, and is a calculation having a characteristic that both do not have the same value unless they match. For example, it is a value calculated by a hash function. In FIG. 5, the password key is indicated by Kpw1, which can be defined as, for example, Kpw1 = H (ID1 || PW1). H () represents a certain hash function, and means that data obtained by adding PW1 to ID1 is hash function processed.

  Next, a set of a user-specific private key and public key is generated (S105). In FIG. 5, Ku1 is a secret key and KPu1 is a public key. A pair of a data size private key and a public key suitable for the public key cryptosystem is generated. This secret key Ku1 and user ID1 are encrypted using the previously generated encrypted password key Kpw1 (S106). The cipher used here is a common key cipher. FIG. 5 shows an example in which the user ID 1 is added to the user secret key Ku1 for encryption, and this is represented as E (Kpw1, Ku1 || ID1). Here, E (K, D) means that the data D is encrypted with the key K. The user ID, the encrypted secret key, and the public key are stored in the storage device in association with the user name (S107). These data are called “user information” 204. As shown in FIG. 5, these data are stored in the storage device as user information 204 for each user name.

  FIG. 7 shows an example of the data structure of how data is stored in the storage medium 105. As described above, the “user information” 204 includes a user name, a user ID, a user public key, and an encrypted user secret key, and is stored for each user. Also, the key management unit 104 can efficiently grasp the user registration status by preparing a management table 701 for referring to which user is registered. However, the management table 701 is not necessarily required.

  Next, the processing of the key management means when decrypting data will be described with reference to FIG. 8 showing the data flow and FIG. Here, a case where the user U1 acquires the data key K is considered as an example. First, the user inputs a user name (S201). It is U1 in FIG. Next, the password input at the time of user registration is input (S202). Pwd1 in FIG. Since the user ID is stored as the user information, the user ID is acquired from the recording device 105 (S203). It is ID1 of FIG. A password key (Pwd1) is generated from the password (Pwd1) and the user ID (ID1). The generation method is the same as the method performed at the time of user registration. If the password and user ID are the same, the password key should be the same. The encrypted private key (E (Kpw1, (Ku1 || ID1)) is decrypted with the password key (Kpw1) (S204) Since this password key Kpw1 is used as a key for common key encryption, it is the same as during user registration. Since the data can be correctly decrypted, the encrypted private key is decrypted with the password key to obtain the user ID (ID1) and the user private key (Ku1) (S205) If the password is wrong, the password key is different. Here, it is compared whether the user ID of the decrypted data matches the user ID registered as the user information (S206), and if it can be decrypted correctly, the user ID matches, so the password If they do not match, the control ends, and if they match, the key management means has been decrypted. The user secret key Ku1 is sent to the common key decryption means 102, and the common key decryption means 102 decrypts the file encryption key E (KPu1, K) with the user secret key Ku1 (S207). A key (data key K) is obtained (S208).

  Next, the encrypted data E (K, DT) is decrypted with the data key K (S209), and plaintext data DT is obtained (S210).

  Next, a method for sharing data among groups will be described. FIG. 10 is a block diagram of the key management means 104 for realizing group sharing.

  The user input unit 201, the user information registration unit 202, and the user secret key acquisition unit 203 are processes for acquiring the above-described user registration and secret key, and have the same configuration as described above. The administrator registration unit 401 has the same configuration as user information registration, and performs user registration in the same manner as user information. An administrator is a special user who has the authority to decide whether or not to give permission to each user in all groups, and stores user information in a storage medium in the same manner as a normal user. The group input unit 402 is a unit for creating a group name to be newly created and designating a group name at the time of decrypting encrypted data. The group key generation unit 403 is a unit that generates a set of a public key KPg and a secret key Kg unique to the group. The group secret key encryption unit 404 encrypts the group secret key Kg with the administrator key KPa and each user's public key KPu. The encrypted group key storage unit 405 stores the group public key KPg and the encrypted encrypted group secret keys E (KPa1, Kg1) and E (KPu1, Kg1) in association with the administrator and the user name of each user. .

  First, the processing flow of the group key setting method will be described with reference to FIGS. FIG. 11 is a diagram for explaining the flow of data, and FIG. 12 is a flowchart showing the flow of processing.

  Before performing the process, first, if the administrator is not set, the administrator is registered. If this is not done, grouping is not possible. The registration method is the same as normal user registration. Here, the user name Admin is registered. There are one or more administrators in the data processing apparatus. Here, it is assumed that the administrator Admin has already been registered.

  First, a group name (G1) is input (S301). The group name G1 is a unique name for managing the group.

  A set of a group-specific secret key (Kg1) and public key (KPg1) is generated (S302). As a generation method, a key set corresponding to the encryption method is created by the same method as the registration of user information described above.

  Administrator information is acquired (S303). The administrator information is user information of a special user who has authority to manage keys, and is created by a method similar to that for a normal user. Only a user who knows the password of the administrator user can acquire the administrator information and can perform key management processing. In FIG. 11, the administrator Admin has administrator information. The group secret key Kg1 is encrypted using the administrator's public key KPa1 registered as administrator information (S304). By this process, an encryption group key E (KPa1, Kg1) corresponding to the administrator is generated. The encrypted group secret key E (KPa1, Kg1) and the group public key KPg1 are stored in the recording device in association with the group name (G1) (S305). The encrypted group secret key E (KPa1, Kg1) is stored together with the administrator name Admin.

  The user name U1 to be put into the group is input (S306). Next, it is checked whether the user is registered (S307). If not, a new user is registered (S308), and control proceeds to S309. If the user has already been registered, the process proceeds directly to S309. User information is acquired by the user information acquisition means (S309). This includes a user secret key Ku1. Since the user secret key Ku1 is stored in the user information, the user can acquire the user information by inputting the password. The group secret key Kg1 is encrypted with the user public key KPu1 (S310). As a result, the encryption group secret key E (KPu1, Kg1) is generated. The encrypted group secret key E (KPu1, Kg1) is stored in the recording device together with the user name U1 (S311). It is determined whether there is another user to be registered (S312). If there are others, the process returns to S306. If not, it will end.

  FIG. 17 illustrates an example of how data is stored in the storage medium 105. As described above, the “group information” is the group name, the group public key, the encrypted group private key encrypted with the administrator's public key, each registered user name, and the encrypted encrypted with the public key of each user. Consists of a group private key. In addition, the key management means can efficiently grasp the user registration status by preparing a management table for referring to which group name exists and which user is registered in each group. it can.

  A method for obtaining a group secret key and obtaining plaintext data DT will be described with reference to FIGS. FIG. 13 is a flowchart showing the data flow, and FIG. 14 is a flowchart showing the processing flow.

  A group name is acquired (S401). The group name is stored together with the encrypted data to be decrypted. In FIG. 13, it is set to G1. Next, the user name using the data is input (S402). Here, it is assumed that the user name is U1. The user U1 inputs the password and acquires user information (S403). If the password is incorrect, user information cannot be acquired and the process ends. It is determined whether or not the user U1 belongs to the group G1 (S404). This determination is made with reference to a management table 701 (see FIG. 17) that manages the group name G1 and the user name U1 belonging to it. If it does not belong to the group G1, the process ends (S405). If it belongs, the encryption group private key corresponding to the user is acquired (S406). Since it is an encryption group private key corresponding to U1, it is E (KPu1, Kg1). The obtained encryption group private key is decrypted with the user's private key Ku1 (S406). This secret key Ku1 is data included in the user information. The method for obtaining the user's private key Ku1 is the same as the method for obtaining Ku1 described with reference to FIGS. If it can be decrypted correctly, the group secret key Kg1 of the group G1 can be obtained (S408).

  Next, using the group secret key Kg1, the key E (KPg1, K) encrypted with the group public key KPg1 is decrypted (S409). Then, the data key K is obtained (S410). Using the data key K, the encrypted data E (K, DT) is decrypted (S411) to obtain plain text data DT.

  Next, a processing method for adding a new user to an existing group will be described with reference to FIGS. FIG. 15 is a data flow, and FIG. 16 is a flowchart of the process.

  The user name U2 to be added to the group G1 is input (S501). It is checked whether the user is registered (S502). A list of user names included in the group is stored in the group information 408 (see FIG. 17) and is referred to. If not registered, a new user is registered (S503). The user registration method is as described above. Next, user information is acquired (S504). Next, the administrator information is acquired by inputting the administrator password (S505). Only users who can know the administrator password can add a group. The encrypted group private key E (KPa, Kg1) corresponding to the administrator is decrypted with the administrator private key (S506). The decrypted group secret key Kg1 is encrypted with the user public key KPu2 (S507). The encrypted group secret key corresponding to the new user (U2) is added to the group information and stored in the recording device.

  Next, a method for deleting a user from a group will be described with reference to FIG. It is very easy to remove a user from a group. FIG. 18 shows an example in which user 2 is deleted from group 1. The administrator user refers to the management table 701 and deletes the user 2 area. Since this area is data that only the administrator user can refer to, this area cannot be illegal. And the area | region of the user 2 of group information is deleted. This is for deleting unnecessary data in the storage device, and even if it remains as it is, the user 2 cannot obtain a key for decrypting the data.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

It is a block diagram of a data processor. It is explanatory drawing explaining the structure of a management means. It is a block diagram of the apparatus which implement | achieves each means of a data processor concretely. It is a functional block diagram which shows an example of each means shown in FIG. It is a figure which shows the flow of the process for registering user information. It is a flowchart which shows the flow of the process for registering user information. It is a figure which shows the structure of the data currently recorded on the recording medium. It is a figure which shows the data flow about the process of a key management means. It is a flowchart which shows the data flow about the process of a key management means. It is a block diagram of the management means for implement | achieving group sharing. It is a figure which shows the flow of a process of the setting method of a group key. It is a flowchart which shows the process of the setting method of a group key. It is a figure which shows the data flow when acquiring a group private key and obtaining plaintext data. It is a flowchart which shows the process which acquires a group secret key and obtains plaintext data. It is a figure which shows the flow of a process when adding a new user to an existing group. It is a flowchart which shows a process when a new user is added to the existing group. It is a figure which shows the structure of the data preserve | saved at the recording medium. It is a figure for demonstrating the method to delete a user from a group. It is a functional block diagram which shows the conventional encryption file sharing system. It is explanatory drawing which shows the operation | movement procedure of the conventional encryption file sharing system shown in FIG. (A) is a figure which shows the structure of the conventional encryption file sharing system, (b) is a figure explaining the operation | movement procedure of the conventional encryption file sharing system.

Explanation of symbols

  106 is a data processing device, 104 is a key management means, 105 is a storage device, 103 is a data decryption means, 102 is a common key decryption means, 100 is a data encryption means, 101 is a common key encryption means, 201 is a user input means 202 is a user information registration unit, 203 is a secret key acquisition unit, 302 is a password generation unit, 301 is a user name designation unit, 303 is a password input unit, 310 is a user ID generation unit, 311 is a password key generation unit, and 312 is Secret key generation means, 314 is a user ID storage means, 315 is an encrypted secret key storage means, 313 is a secret key encryption means, 320 is a user ID acquisition means, 311 is a password key generation means, and 321 is an encryption secret key acquisition Means 322, secret key decryption means, 323 ID collation means, 204 user information, and 701 a management table.

Claims (5)

A data processing device for securely sharing data within a group,
Encrypted data storage means for storing encrypted data encrypted with a data key;
Encrypted data key storage means for storing an encrypted data key obtained by encrypting the data key with the public key of the group;
An encrypted group secret key registration means for registering an encrypted group secret key obtained by encrypting a secret key of the group with a public key of a user belonging to the group;
When a user belonging to the group refers to the data, an encrypted group private key encrypted with the public key of the user is included in the encrypted group private key registration unit. An encryption group private key acquisition means acquired from:
Encrypted group secret key decryption means for decrypting the encrypted group secret key acquired by the encrypted group secret key acquisition means with the user's secret key;
An encrypted data key decrypting means for decrypting an encrypted data key stored in the encrypted data key storing means using the secret key of the group decrypted by the encrypted group secret key decrypting means;
Data processing comprising: encrypted data decrypting means for decrypting encrypted data stored in the encrypted data storage means using the data key decrypted by the encrypted data key decrypting means apparatus. A data processing device for securely sharing data within a group,
Encrypted data key storage means for storing an encrypted data key obtained by encrypting a data key for encrypting the data with the public key of the group;
Group user registration means for registering users belonging to the group;
An encrypted group secret key registration means for registering an encrypted group secret key obtained by encrypting a secret key of the group with a user public key registered in the group user registration means;
When a user belonging to the group refers to the data, an encrypted group private key encrypted with the public key of the user is included in the encrypted group private key registration means. An encryption group private key acquisition means acquired from:
Encrypted group secret key decryption means for decrypting the encrypted group secret key acquired by the encrypted group secret key acquisition means with the user's secret key;
Encrypted data key decryption to obtain a data key by decrypting the encrypted data key stored in the encrypted data key storage means using the secret key of the group decrypted by the encrypted group secret key decryption means Means,
In response to an operation to delete registration of a certain user from the group, user registration deletion means for deleting the registration of the user who has been deleted from among the users registered in the group user registration means,
An encrypted group private key obtained by encrypting the private key of the group with the public key of the user deregistered by the user deregistration means among the encrypted group private keys registered in the encrypted group private key registration means A data processing apparatus comprising: an encryption group private key registration / deletion unit for canceling registration. User identification data input means for inputting user identification data for identifying a user;
User information registration means for registering user information generated based on the user identification data input by the user identification data input means;
User secret key acquisition means for acquiring a user secret key from the user information registered in the user information registration means,
3. The encrypted group secret key decrypting unit decrypts the encrypted group secret key using the user secret key acquired by the user secret key acquiring unit. The data processing apparatus described in 1. User name input means provided in the user identification data input means for inputting a user name;
Provided in the user identification data input means, password input means for inputting a user password;
A user ID registration means provided in the user information registration means for generating a user ID that is a user-specific identifier and registering it in association with a user name;
Password key generation means for generating a password key from the password input by the password input means and the user ID registered in the user ID registration means;
A pair key generation unit that is provided in the user information registration unit and generates a set of a public key and a private key that are unique for each user name input by the user name input unit;
User data including the secret key generated by the pair key generation unit and the user ID registered in the user ID registration unit is encrypted using the password key generated by the password key generation unit. User data encryption means;
A storage unit that is provided in the user information registration unit and stores the encrypted user data encrypted by the user data encryption unit and the public key generated by the pair key generation unit;
The user secret key acquisition means includes
User ID acquisition means for acquiring the user ID corresponding to the user name input by the user name input means from the user IDs registered in the user ID registration means;
Encrypted user data acquisition means for acquiring encrypted user data corresponding to the user name input by the user name input means from among the encrypted user data stored in the storage means;
Encrypted user data decrypting means for decrypting the encrypted user data acquired by the encrypted user data acquiring means using the password key generated by the password key generating means to acquire a secret key and a user ID When,
ID collating means for collating whether or not the user ID decrypted and acquired by the encrypted user data decrypting means matches a user ID corresponding to the user name inputted by the user name inputting means. ,
The encrypted group private key decryption means uses the user's private key decrypted and acquired by the encrypted user data decryption means on the condition that the collation result by the ID collation means matches. 4. The data processing apparatus according to claim 3, wherein the group secret key is decrypted.   5. The data processing apparatus according to claim 3, wherein the user information registration unit includes an administrator information registration unit that registers information of an administrator user who is an administrator of the group.

Images