JP2009135890A - Encryption apparatus, decryption apparatus, and cryptography system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology with which an electronic document including a plurality of elements such as texts and images may be partially encrypted and decrypted. <P>SOLUTION: An encryption-processing control unit 136 receives a selection of electronic data included in an electronic document and a selection of an encryption key for encrypting the electronic data from among encryption keys stored in a storing unit 131. The encryption-processing control unit generates encrypted area data including partially encrypted data obtained by encrypting the selected electronic data with the selected encryption key, positional information for specifying a position of the selected electronic data in the electronic document, and decryption information including information that may specify a decryption key with which the partially encrypted data may be decrypted, and adds the encrypted area data to the electronic document. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a technique for encrypting an electronic document and decrypting the encrypted electronic document.

  In recent years, with the development of information communication technology, many documents have been converted into electronic data. These documents converted into electronic data (electronic documents) may include information (confidential information) that should be restricted from being disclosed to a user viewing the document, such as personal information.

  As means for preventing leakage of confidential information, a method is known in which only a user who can decrypt the electronic document can view it by encrypting the electronic document having confidential information.

  Further, in the technique described in Patent Document 1, it is possible to partially disclose or not disclose image data according to a user who browses by encrypting a part of the image data. .

JP 2007-37200 A

  Since the technique described in Patent Document 1 partially encrypts image data such as JPEG or bitmap using spatial information such as coordinates in the image data, the target electronic When a document has a plurality of components including not only image data but also a text document or the like, it is not possible to specify an area to be encrypted and decrypted.

  Therefore, an object of the present invention is to provide a technique capable of partially encrypting and decrypting an electronic document composed of a plurality of components such as text and images.

  In order to solve the above-described problems, when selection of electronic data included in the electronic document is received and an instruction to encrypt the selected electronic data is received, encrypted data obtained by encrypting the selected electronic data is selected. Position information for specifying the position of the electronic data in the electronic document and information for specifying a decryption key that can decrypt the encrypted data are generated and managed.

  For example, the present invention is an encryption device that encrypts an electronic document, and a storage unit that stores at least one management information for specifying a disclosure destination and encryption information corresponding to the disclosure destination; A first selection process for receiving selection of electronic data included in the electronic document, and at least one selection of the disclosure destination for each selected electronic data. A second selection process, and encrypted data obtained by encrypting the electronic data selected in the first selection process using encryption information corresponding to the disclosure destination selected in the second selection process, Encryption area information comprising: position information for specifying the position of the electronic data selected in the selection process in the electronic document; and decryption information for specifying information used when decrypting the encrypted data A process of generating to, and performs.

  As described above, according to the present invention, it is possible to partially encrypt and decrypt an electronic document composed of a plurality of components such as text and images.

<First embodiment>
FIG. 1 is a schematic diagram of a cryptographic system 100 according to the first embodiment of the present invention.

  As shown in the figure, the encryption system 100 includes a key management device 110, an encryption device 130, and decryption devices 150A to 150C (hereinafter referred to as a decryption device 150 when it is not necessary to distinguish each device). These are configured to be able to transmit / receive information to / from each other via the network 170.

  FIG. 2 is a schematic diagram of the key management device 110.

  As illustrated, the key management device 110 includes a storage unit 111, a control unit 113, a communication unit 116, and a read / write unit 117.

  The storage unit 111 includes a key management information storage area 112.

  The key management information storage area 112 stores information for specifying a key for encrypting or decrypting electronic data.

  For example, the key management information storage area 112 stores a key management table 112a as shown in FIG. 3 (schematic diagram of the key management table 112a).

  The key management table 112a stores information for specifying an encryption key for encrypting electronic data and a decryption key for decrypting the electronic data encrypted with the encryption key.

  Specifically, the key management table 112a includes a key ID column 112b, a decryption key column 112c, and an encryption key column 112d.

  In the key ID column 112b, there is information specifying a key ID which is identification information for uniquely identifying a pair of the decryption key specified in the decryption key column 112c and the encryption key specified in the encryption key column 112d. Stored.

  As will be described later, the key ID may be given unique identification information to the key generated at the time of key generation by the key generation unit 214. However, for example, when using RSA encryption, it is disclosed from the secret key. If the key can be easily derived, the hash value of the public key may be used as the ID.

  The decryption key column 112c stores the decryption key itself for decrypting the electronic data encrypted with the encryption key specified in the encryption key column 112d described later, or information specifying the storage location. The encryption key column 112d stores the encryption key itself for encrypting the electronic data or information for specifying the storage location.

  Here, in the present embodiment, a public key system composed of a secret key and a public key is used, and electronic data encrypted with an encryption key that is a public key is used using a decryption key that is a secret key. By decrypting, the electronic data encrypted with the public key can be browsed only by a user having a secret key paired with the public key.

  Returning to FIG. 2, the control unit 113 includes a key generation unit 114 and a key management unit 115.

  The key generation unit 114 generates a pair of an encryption key and a decryption key in response to an instruction from an operator of the key management device 110 or the decryption device 150, and generates a key ID for uniquely identifying the pair. Then, the process of storing in the corresponding column of the key management table 112a is performed.

  The key management unit 115 performs a process of distributing the decryption key stored in the key management table 112a together with the key ID in response to an instruction from an operator of the key management device 110 or the decryption device 150.

  Here, in this embodiment, since the decryption key is treated as a secret key, the distribution of the decryption key is not transmitted via the communication unit 116 and the network 170, but the portability of the port installed in the read / write unit 117. It is desirable to do so by writing to a storage medium. In addition, it is desirable for security that the secret key is stored so that it cannot be easily copied, such as a tamper-resistant device (for example, an IC card).

  Further, the key management unit 115 performs a process of distributing the encryption key stored in the key management table 112a together with the key ID in accordance with an instruction from an operator of the key management device 110 or the encryption device 130.

  Here, in this embodiment, since the encryption key is handled as a public key, the encryption key is distributed by transmitting (on the Web) via the communication unit 116 and the network 170. However, the present invention is not limited to this mode. For example, it can be performed by writing in a portable storage medium in the same manner as the decryption key.

  At this time, it is desirable to issue a public key certificate to the encryption key so that it can be confirmed that the encryption key to be transmitted is managed by the key management device 110.

  The communication unit 116 is an interface for transmitting and receiving information via the network 170.

  The read / write unit 117 is an interface for reading / writing information from / to the storage medium.

  The key management device 110 described above includes, for example, an external storage device such as a CPU (Central Processing Unit) 191, a memory 192, and an HDD (Hard Disk Drive) as shown in FIG. 4 (schematic diagram of the computer 190). 193, a reading device 195 that reads / writes information from / to a portable storage medium 204 such as a CD (Compact Disk), a DVD (Digital Versatile Disk), and an IC (Integrated Circuit) card, and a keyboard It can be realized by a general computer 190 including an input device 196 such as a mouse, an output device 197 such as a display, and a communication device 198 such as a NIC (Network Interface Card) for connecting to a communication network.

  For example, the storage unit 111 can be realized by the CPU 191 using the memory 192 or the external storage device 193, and the control unit 113 loads a predetermined program stored in the external storage device 193 into the memory 192. The communication unit 116 can be realized by the CPU 191 using the communication device 198, and the read / write unit 117 can be realized by the CPU 191 using the reading device 195. .

  This predetermined program is downloaded from the storage medium 195 via the reading device 195 or from the network via the communication device 198 to the external storage device 193 and then loaded onto the memory 192 and executed by the CPU 191. You may do it. Alternatively, the program may be directly loaded on the memory 192 from the storage medium 194 via the reading device 195 or from the network via the communication device 198 and executed by the CPU 191.

  FIG. 5 is a schematic diagram of the encryption device 130.

  As illustrated, the encryption device 130 includes a storage unit 131, a control unit 134, a communication unit 138, a read / write unit 139, an input unit 140, and a display unit 141.

  The storage unit 131 includes a key management information storage area 132 and an electronic document storage area 133.

  The key management information storage area 132 stores information for specifying an encryption key for encryption. Note that the encryption key is stored from the key management apparatus 110.

  For example, the key management information storage area 132 stores a key management table 132a as shown in FIG. 6 (key management table 132a).

  The key management table 132a includes a key ID column 132b and an encryption key column 132c.

  The key ID column 132b is information that specifies a key ID that is identification information for identifying a pair of an encryption key to be described later and a decryption key for decrypting the electronic data encrypted with the encryption key. Is stored. In the present embodiment, the key ID distributed together with the encryption key from the key management apparatus 110 is stored in this field. Further, in the present embodiment, by specifying the key ID, it is possible to specify the disclosure destination of the partially encrypted data described later.

  In the encryption key column 132c, information for specifying an encryption key for encrypting electronic data is stored. In the present embodiment, the encryption key distributed from the key management apparatus 110 is stored in this field. In the present embodiment, the encryption key is encryption information.

  Returning to FIG. 5, the electronic document storage area 133 stores an electronic document to be encrypted by the encryption device 130.

  The control unit 134 includes an electronic document processing unit 135, an encryption processing control unit 136, and an encryption processing unit 137.

  The electronic document processing unit 135 displays an electronic document composed of electronic data on the display unit 141.

  The encryption processing control unit 136 accepts the setting of the encryption target area and the encryption key for encryption via the input unit 140 in the electronic document displayed on the display unit 141 by the electronic document processing unit 135, and sets these settings. Process.

  Here, the encryption target area setting process specifies the page number and position (coordinates) from the encryption target area of the electronic document specified via the input unit 140, and uses the electronic data at the specified position. This is a process of deleting certain encryption target data from the electronic document and placing another predetermined electronic data (here, a mask image) incapable of recognizing the encryption target data at the specified position. .

  In addition, the encryption key setting process is performed by the encryption stored in the key management information storage area 132 for each received encryption target area, the encryption key for encrypting the electronic data included in the encryption target area. This process is specified from the key.

  Then, the encryption processing control unit 136 outputs the encryption target data and the encryption key, which are electronic data included in the received encryption target area, to the encryption processing unit 137.

  Further, when the encryption processing control unit 136 acquires the encryption area data from the encryption processing unit 137, the encryption process control unit 136 acquires the acquired encryption area at a predetermined position of the electronic document displayed on the display unit 141 by the electronic document processing unit 135. An encrypted electronic document is generated by adding data.

  When the encryption execution command is input via the input unit 140 in the electronic document displayed on the display unit 141 by the electronic document processing unit 135, the encryption processing unit 137 outputs the encryption output from the encryption processing control unit 136. The encryption target data is encrypted with the encryption key output from the encryption processing control unit 136, thereby generating partially encrypted data.

  Then, the encryption processing unit 137 decrypts the generated partially encrypted data, position information (recovery auxiliary data) for specifying the page number and position of the partially encrypted data in the electronic document, and decryption for each partially encrypted data. Encrypted area data including decryption information (encrypted data header) specifying a decryption key is generated and output to the encryption processing control unit 136. Details of the encrypted area data will be described later.

  The communication unit 138 is an interface for transmitting and receiving information via the network 170.

  The read / write unit 139 is an interface for reading / writing information from / to the storage medium.

  The input unit 140 receives input of information from the operator of the encryption device 130.

  The display unit 141 displays information in a predetermined format.

  The encryption device 130 described above can be realized by, for example, a general computer 190 as shown in FIG.

  For example, the storage unit 131 can be realized by the CPU 191 using the memory 192 or the external storage device 193, and the control unit 134 loads a predetermined program stored in the external storage device 193 into the memory 192. The communication unit 138 can be realized by the CPU 191 using the communication device 198, and the read / write unit 139 can be realized by the CPU 191 using the reading device 195. The input unit 140 can be realized by the CPU 191 using the input device 196, and the display unit 141 can be realized by the CPU 191 using the output device 197.

  This predetermined program is downloaded from the storage medium 195 via the reading device 195 or from the network via the communication device 198 to the external storage device 193 and then loaded onto the memory 192 and executed by the CPU 191. You may do it. Alternatively, the program may be directly loaded on the memory 192 from the storage medium 194 via the reading device 195 or from the network via the communication device 198 and executed by the CPU 191.

  As the electronic document processing unit 135, for example, Adobe (registered trademark) Acrobat (registered trademark), Microsoft (registered trademark) Word (registered trademark), Excel (registered trademark), PowerPoint (registered trademark), or General software such as Writer and Calc of OpenOffice.org may be used, or an original electronic document display program may be used.

  FIG. 7 is a schematic diagram of the decoding device 150.

  As illustrated, the decoding device 150 includes a storage unit 151, a control unit 154, a communication unit 158, a read / write unit 159, an input unit 160, and a display unit 161.

  The storage unit 151 includes a key management information storage area 152 and an electronic document storage area 153.

  The key management information storage area 152 stores information for specifying a decryption key for decrypting encrypted electronic data. The decryption key stores the one distributed from the key management apparatus 110.

  For example, the key management information storage area 152 stores a key management table 152a as shown in FIG. 8 (key management table 152a).

  The key management table 152a includes a key ID column 152b and a decryption key column 152c.

  The key ID field 152b is a key that is identification information for identifying a pair of an encryption key for encrypting electronic data and a decryption key for decrypting the electronic data encrypted with the encryption key. Information for specifying the ID is stored.

  In the present embodiment, the key ID distributed together with the decryption key from the key management apparatus 110 is stored in this field.

  The decryption key column 152c stores information for specifying a decryption key for decrypting the encrypted electronic data. In this embodiment, the decryption key distributed from the key management apparatus 110 is stored in this field.

  Returning to FIG. 7, the electronic document storage area 153 stores an electronic document to be decrypted by the decrypting device 150.

  The control unit 154 includes an electronic document processing unit 155, a decryption processing control unit 156, and an encryption processing unit 157.

  The electronic document processing unit 155 displays an electronic document composed of electronic data on the display unit 161.

  The decryption processing control unit 156 receives an instruction for decryption processing via the input unit 160 in the electronic document displayed by the electronic document processing unit 155.

  When the decryption processing control unit 156 receives the decryption processing instruction, the decryption processing control unit 156 acquires the encrypted area data added to the electronic document displayed by the electronic document processing unit 155.

  The decryption processing control unit 156 identifies the decryption key from information (here, the key ID) that identifies the decryption key included in the encrypted data header of the acquired encrypted area data, and uses the identified decryption key. Obtained from the key management table 152 a stored in the key management information storage area 152.

  Then, the decryption processing control unit 156 outputs the acquired decryption key and the partially encrypted data included in the encrypted area data to the decryption processing unit 157.

  The decryption processing control unit 156 restores the electronic document by storing the decrypted data decrypted by the decryption processing unit 157 in a predetermined position of the electronic document.

  The decryption processing unit 157 decrypts the partially encrypted data using the decryption key output from the decryption processing control unit 156 and outputs the decrypted decrypted data to the decryption processing control unit 156.

  The communication unit 158 is an interface for transmitting and receiving information via the network 170.

  The read / write unit 159 is an interface for reading / writing information from / to the storage medium.

  The input unit 160 receives input of information from the operator of the decoding device 150.

  The display unit 161 displays information in a predetermined format.

  The decoding device 150 described above can be realized by a general computer 190 as shown in FIG. 4, for example.

  For example, the storage unit 151 can be realized by the CPU 191 using the memory 192 or the external storage device 193, and the control unit 154 loads a predetermined program stored in the external storage device 193 into the memory 192. The communication unit 158 can be realized by the CPU 191 using the communication device 198, and the read / write unit 159 can be realized by the CPU 191 using the reading device 195. The input unit 160 can be realized by the CPU 191 using the input device 196, and the display unit 161 can be realized by the CPU 191 using the output device 197.

  This predetermined program is downloaded from the storage medium 195 via the reading device 195 or from the network via the communication device 198 to the external storage device 193 and then loaded onto the memory 192 and executed by the CPU 191. You may do it. Alternatively, the program may be directly loaded on the memory 192 from the storage medium 194 via the reading device 195 or from the network via the communication device 198 and executed by the CPU 191.

  As the electronic document processing unit 155, for example, Acrobat (registered trademark) of Adobe (registered trademark), Word (registered trademark) of Microsoft (registered trademark), Excel (registered trademark), PowerPoint (registered trademark), or General software such as Writer and Calc of OpenOffice.org may be used, or an original electronic document display program may be used.

  FIG. 9 is a sequence diagram showing the data flow of the electronic document in the encryption system 100.

  In the following sequence diagram, description is made using the decoding device 150A and the decoding device 150B. However, the present invention is not limited to such an example, and other decoding devices (for example, the decoding device 150C) may be used. Is possible.

  First, the encryption device 130 generates an electronic document (S10), and creates an encrypted electronic document from the generated electronic document (S11). Here, the encrypted electronic document is an encrypted part or all of the electronic document.

  Next, the encryption device 130 transmits the encrypted electronic document created in step S11 to the decryption device 150A (S12).

  Upon receiving the encrypted electronic document from the encryption device 130 (S13), the decryption device 150A decrypts the encrypted electronic document and displays the decrypted electronic document (S14).

  Note that it is desirable not to store the decrypted electronic document in the storage unit 131 in the decrypting apparatus 150A or to delete the decrypted electronic document immediately after the display process is completed even if stored. This is to prevent leakage of the disclosed information from the decrypted electronic document.

  Next, the decryption device 150A transmits the encrypted electronic document received in step S13 to the decryption device 150B (S15).

  The decrypting device 150B that has received the encrypted electronic document from the decrypting device 150A (S16) decrypts the encrypted electronic document and displays the decrypted electronic document (S17).

  In the sequence shown in FIG. 9, the decryption device 150A transmits the encrypted electronic document to the decryption device 150B. However, the present invention is not limited to this mode. For example, the decryption device 150A and the decryption device 150A Each of the encrypted electronic documents may be transmitted to the decryption device 150B, or the electronic document may be stored in the electronic document storage area 133 of the storage unit 131 of the decryption device 150A and the processing may be terminated.

  FIG. 10 is a flowchart showing an encrypted document creation process in the encryption apparatus 130.

  First, the electronic document processing unit 135 of the encryption device 130 reads an electronic document including electronic data such as an image or text and displays it on the display unit 141 (S20).

  Next, in the electronic document displayed on the display unit 141 by the electronic document processing unit 135, the encryption processing control unit 136 accepts the setting of the encryption target area and the encryption key for encryption via the input unit 140, An encryption target area setting process and an encryption key setting process are performed (S21). The encryption target area setting process will be described in detail with reference to FIG.

  Here, in step S21, the operator of the encryption device 130 sets one or more encryption target areas for the electronic document via the input unit 140, and sets each of the set encryption target areas. In order to determine a user who can decrypt the encryption target area, one or more encryption keys used for encryption are set.

  Further, the encryption target area is set by the operator using the selection tool provided by the electronic document processing unit 135 via the input unit 140 such as a mouse or a keyboard, and an encryption key for each encryption target area is set. For example, the setting may be made by specifying the key ID stored in the key management table 132a stored in the key management information storage area 132 using a file dialog or the like.

  Next, the encryption processing control unit 136 of the encryption device 130 performs the encryption target data acquired in the encryption target region setting process in step S21, the page number of the encryption target region, and the position of the encryption target region. Information, and the encryption key set in step S21 is acquired from the key management information storage area 132 and output to the encryption processing unit 137. The encryption processing unit 137 The data to be encrypted is encrypted with an encryption key (S22), and the encryption processing unit 137 generates encrypted area data using the encrypted partial encrypted data (S23).

  Here, the encrypted area data includes partial encrypted data, page number of the encryption target area and position information of the encryption target area, and decryption information for specifying a decryption key (disclosure destination) corresponding to the encryption key; , Are provided.

  Next, the encryption processing control unit 136 generates the encrypted electronic document by adding the encrypted area data generated in step S23 to a predetermined position of the electronic document (S24).

  FIG. 11 is a schematic diagram of the encrypted electronic document 180 generated in step S24 of FIG.

  As illustrated, the encrypted electronic document includes an electronic document 181 and encrypted area data 182.

  The encrypted area data 182 includes an encrypted data header area 183 and an encrypted partial area 184.

  The encrypted data header area 183 stores at least information for specifying a decryption key to be used for each partially encrypted data stored in the encrypted partial area 184.

  For example, in the encrypted data header area 183, for each piece of information (for example, key ID) designating a decryption key, identification information that can identify partially encrypted data that can be decrypted with the decryption key is stored.

  In addition, the encrypted data header area 183 stores information for specifying an algorithm name or the like used for encryption.

  The encrypted partial area 184 includes a restoration auxiliary data area 185 and a partial encrypted data area 186.

  The restoration auxiliary data area 185 stores information for specifying the position in the electronic document in which the electronic data before encryption of the partially encrypted data stored in the partially encrypted data area 186 described later is arranged. Here, in this embodiment, as the information specifying the position, information specifying the page number in the electronic document and the position (coordinates) of the page specified by the page number is stored in the auxiliary data area 185 for restoration. Is done.

  In the partially encrypted data area 186, the partially encrypted data obtained by encrypting the electronic data included in the area instructed to be encrypted in the electronic document can uniquely identify the partially encrypted data. Stored in association with identification information.

  A set of the restoration auxiliary data area 185 and the partially encrypted data area 186 is generated for each area of electronic data to be encrypted. That is, when there are a plurality of areas to be encrypted, a plurality of sets of the auxiliary data area for restoration 185 and the partially encrypted data area 186 are generated.

For example, in the case of PDF (Portable Document Format), ODF (Open Document Format), OpenXML, etc., the encrypted area data 182 can be added to an area for storing control information (meta information) defined for each format. Good.

  FIG. 12 is a schematic diagram showing a specific example of the encrypted area data. FIG. 12 shows an example of a data expression method when the encrypted area data is expressed using XML.

  The encrypted area data 282 shown in FIG. 12 includes an encrypted data header area 283 and an encrypted partial area 284.

  As shown in the figure, the encrypted area data 282 is composed of an MRES element indicating this encrypted area data.

  The MRES element includes an MRES_Param element for storing common parameters, access control information, and an AccessControlList for storing key encrypted data, which are included in the encrypted data header area 283. It consists of an EncryptedDataList element for storing auxiliary data for restoration and partially encrypted data included in the encrypted partial area 284.

  The MRES_Param element indicates a parameter used in common by the encryption processing unit 137 in the encryption device 130 and the decryption processing unit 157 in the decryption device 150. For example, a common key used for encryption Describes information that specifies an algorithm for encryption or public key encryption.

Here, a KeyEncryptionAlgorithm element for specifying an encryption algorithm of an encryption key and a DataEncryptionAlgorithm element for specifying an encryption algorithm for encrypting partial data to be encrypted are described. The Algorithm attribute in each element is for describing an identifier of an algorithm to be used. For example, when AES-128 is used in the CBC mode, “http://www.w3.org/2001/04” is used. / xmlenc # aes128-cbc ”should be described.

  The AccessibleControlList element is composed of an EncryptedKeyData element and an EncryptedKey element having a ReferenceList element.

  The EncryptedKeyData element is an element for storing information for specifying the encryption key, and a key ID that can specify the decryption key is described in the attribute key_id.

The ReferenceList element is an element for storing access control information. Here, a list of partially encrypted data that can be decrypted (a list of identification IDs assigned to the partially encrypted data) is described. In the example using this XML, it is specified by the EncryptedKeyData element by specifying the Data_ID that is the attribute value of the EncryptedData element that stores the pair of the auxiliary data area for restoration and the partially encrypted data area in the electronic document encrypted data. A list of partially encrypted data that can be decrypted using a decryption key is described.

  The EncryptedDataList element includes an EncryptedData element that stores a set of auxiliary data for restoration and partially encrypted data.

The EncryptedData element describes information for specifying the restoration position (number of pages and position (coordinates) of the electronic document) of the corresponding partially encrypted data using the LocationInfo element.

In the CipherValue element, a character string obtained by encoding partially encrypted data using BASE64 is described.

  Note that FIG. 12 shows an example of a data expression method for expressing the encrypted area data 182, and the element name and the like may be arbitrarily changed. In addition, here, an example of the implementation example has been described using XML for the ease of data representation. However, the data format of the encrypted area data is a data format suitable for the encrypted electronic document actually used. Can be used.

  FIG. 13 is a flowchart showing the encryption target area setting process.

  Here, it is assumed that the electronic document processing unit 135 of the encryption apparatus 130 reads an electronic document including electronic data and displays it on the display unit 141.

  First, the cryptographic processing control unit 136 receives designation of an area to be encrypted via the input unit 140 (S30).

  Next, the cryptographic processing control unit 136 acquires the page number and coordinate information of the selected area (S31).

  Here, if the area specified in step S30 is the entire object, the object set as the encryption target area may be specified from the page number and coordinate information of the electronic document.

  If the area specified in step S30 is a part of text instead of the entire object, in addition to information specifying the entire object, the byte position of the specified area in the object (for example, The target text information may be specified from information such as the first byte to the tenth byte).

  Further, when the area specified in step S30 is a part of the image data of the object, in addition to the information specifying the entire object, the object is searched, and the display coordinates and input of the obtained object are input. The area of the image data on the object may be specified from the coordinate information of the area specified via the unit 140.

  Next, the encryption processing control unit 136 searches for electronic data in the electronic document corresponding to the selected area, and acquires the corresponding electronic data as data to be encrypted (S32). Here, the acquired data to be encrypted is stored in the storage unit 131 as an array in the order specified in step S30, for example, and the encryption processing unit 137 performs encryption in step S22 of FIG.

  Next, the encryption processing control unit 136 deletes the data to be encrypted acquired in step S32 from the electronic document (S33).

  Next, the encryption processing control unit 136 generates a mask image and writes it in the electronic document so as to be arranged in the area designated in step S30 (S34). The arranged electronic document is displayed on the display unit 141.

  Here, in step S34, the encryption processing control unit 136 finds that when the electronic document is displayed, the area designated in step S30 is an area that cannot be browsed if the decryption key is not possessed. As described above, when the decryption processing unit 157 of the decryption apparatus 150 displays an electronic document on the display unit 161, an object including a black mask image is generated so that the region is displayed in black, and the above-described object is generated in the electronic document. Write the object.

  FIG. 14 is a flowchart showing a process of decrypting an encrypted encrypted electronic document in the decryption device 150.

  First, the electronic document processing unit 155 of the decryption apparatus 150 displays the electronic document stored in the electronic document storage area 153 on the display unit 161 (S40).

  Next, the decryption process control unit 156 detects whether or not there is encrypted area data in the electronic document, and if there is, accepts the decryption process (S41).

  Here, for example, if the electronic document has a data format such as PDF, whether or not there is encrypted area data is searched for all the objects constituting the PDF, and the type corresponding to the encrypted area data in the object. It can be determined whether or not there is an object having an ID, and if the electronic document has a data format such as XML, it can be determined whether or not an element corresponding to the encrypted area data exists. .

  Further, the reception of the decryption process may be realized by, for example, preparing a decryption execution button as a selection menu on the screen displaying the electronic document (in the case where there is no encryption area data, Just make it inactive to prevent the button from running).

  Next, the decryption processing control unit 156 acquires necessary information from the encrypted area data in the electronic document, outputs the information to the decryption processing unit 157 together with the decryption key to be used, and the decryption processing unit 157 executes the decryption processing. (S42).

  Here, the decryption processing control unit 156 obtains information (in this embodiment, a key ID) for specifying a decryption key used for decryption from the encrypted data header area of the encrypted area data, and uses the key ID as the key ID. Whether or not the corresponding information is stored in the key ID column 152b of the key management table 152a stored in the key management information storage area 152 is searched. The partially encrypted data stored correspondingly is acquired from the partially encrypted data area.

  Also, the decryption processing control unit 156 acquires information (a key ID in this embodiment) for specifying a decryption key used for decryption from the encrypted data header area of the encrypted area data, and corresponds to the key ID. The decryption key is acquired from the key management table 152 a stored in the key management information storage area 152.

  Then, the decryption processing control unit 156 outputs the acquired partially encrypted data and the decryption key to the decryption processing unit 157, and the decryption processing unit 157 performs decryption.

  Next, with respect to the decrypted data decrypted by the decryption processing unit 157, the decryption processing control unit 156 restores the electronic document by fitting it into the electronic document (S43), and the electronic document processing unit 155 restores the restored electronic document. Is displayed on the display 161 (S44). Here, the restoration process in step S43 will be described in detail with reference to FIG.

  It should be noted that when a decoding error occurs in the decoding processing unit 157, it is desirable to display a message indicating that the decoding has failed on the display unit 161.

  FIG. 15 is a flowchart showing processing for restoring an electronic document using the decrypted partial data.

  First, the decryption processing unit 157 outputs the decrypted electronic data to the decryption processing control unit 156 (S50).

  Next, the decryption processing control unit 156 refers to the page number and coordinate information in the electronic document of each decrypted electronic data from the restoration auxiliary data included in the restoration auxiliary data area of the encrypted area data, The decrypted electronic data is embedded in the electronic document (S51).

  If the object can be specified using the object identifier, the decrypted electronic data is specified as an object to be restored in the electronic document by using the object identifier as the auxiliary data for restoration in step S51. Also good.

  Next, the decoding process control unit 156 deletes the mask image corresponding to the electronic data embedded in step S51 from the electronic document (S52).

Note that the mask image is deleted from the decoded electronic data, for example, when the mask image is generated in step S34 in FIG. 13, the page number and coordinate position of the mask image corresponding to the restoration auxiliary data area in advance (or the object position). Identifier) is stored, and the object representing the corresponding mask image may be deleted based on this information.

  Note that it is desirable that the electronic document restored by the above processing, for example, disable the storage function of the electronic document processing unit 155 or prohibit copying from the displayed electronic document. This is to prevent the information of the decrypted encrypted partial data from being stored outside and causing information leakage.

  The encrypted electronic document and the restored electronic document may be prohibited from printing or editing.

  In addition, when permitting saving of the restored electronic document, for example, it is possible to delete all the partially encrypted data (partially encrypted data that has not been decrypted) remaining in the encrypted area data in the electronic document. desirable.

  FIG. 16 illustrates a case where the electronic document processing unit 135 and the encryption processing control unit 136 of the encryption device 130 and the electronic document processing unit 155 and the decryption processing control unit 156 of the decryption device 150 perform processing on the electronic document, respectively. It is the schematic of the display screen 189 displayed on the display parts 141 and 161.

  The display screen 189 is provided with an encryption menu instruction area 189a for executing encryption area setting, encryption, and decryption processing.

  The encryption menu instruction area 189a includes an area setting submenu instruction area 189b for setting an encryption area, a setting cancellation submenu instruction area 189c for canceling the selected encryption area, and a set encryption area. An encryption key setting submenu instruction area 189d for setting an encryption key, an encryption execution submenu instruction area 189e for executing an encryption process, and a decryption execution submenu instruction area 189f for performing a decryption process.

  The file menu instruction area 189g or the edit menu instruction area 189h in the drawing is a standard function provided in advance in the electronic document processing units 135 and 155 for reading, saving, copying, and the like of files. This is an area for instructing the execution of. The realization of the function via the encryption menu instruction area 189a may be provided by a plug-in or the like for the electronic document processing units 135 and 155.

  First, an operation example in the case of performing encryption on the display screen 189 shown in FIG.

  The operator of the encryption device 130 reads an electronic document to be encrypted using the file menu instruction area 189g.

  Next, the operator uses the input unit 140 to set the encryption area. Specifically, in the area where the electronic document is displayed on the display screen 189, the area to be encrypted is selected with the pointer 189i or the like, and is included in the selected area via the area setting submenu instruction area 189b. Enter instructions to encrypt existing electronic data. Upon receiving such an instruction, the cryptographic processing control unit 136 acquires electronic data from the selected area, deletes the electronic data from the electronic document, and deletes the original electronic data in the deleted area. Other electronic data (mask image) different from is embedded.

  In this way, after selecting at least one area to be encrypted, an execution command specifying the encryption key setting submenu instruction area 189d of the encryption submenu instruction area 189d is input via the input unit 140. By doing so, an encryption key for encrypting the selected area is set. Note that the encryption key is set using, for example, a file dialog or the like by displaying information for identifying the encryption key used for encryption (for example, the user name having the encryption key) on the display unit 141 and the operator. You can make it choose.

  By repeating the processing as described above, the operator of the encryption device 130 can set a plurality of sets of encryption areas, and finally inputs an execution command specifying the encryption execution submenu instruction area 189e. By performing this through the input unit 140, the electronic data corresponding to the selected area is encrypted, encrypted area data is generated, and added to the electronic document to generate an encrypted electronic document.

  When an execution command specifying the encryption execution submenu instruction area is made, the electronic document currently displayed on the display unit 141 may be overwritten and saved, or a file dialog is displayed. The destination for storing the encrypted electronic document may be designated.

  In the example of FIG. 16, after a plurality of areas to be encrypted are selected, these are processed as one encryption setting area. That is, one encryption setting area is composed of a plurality of partial areas. In this way, even when one encryption setting area is composed of a plurality of partial areas, the auxiliary data for restoration associated with each encryption setting area is managed as a multidimensional array on the program, for example, The correspondence with each partial area included in the encryption setting area may be understood.

  Specifically, when performing encryption, the partial areas included in these encryption setting areas are connected according to a predetermined format (for example, XML) and processed as one piece of partial data to be encrypted. Then, it can be easily realized by analyzing the format at the time of decryption so that individual partial areas included in the encryption setting can be obtained from the decryption result.

  Further, in the encryption area setting as described above, for example, in order to make it easy to visually recognize which key the already set encryption area is encrypted, it is already set using a pop-up display or the like. It is also possible to display a list of encryption keys for encrypting the encrypted area.

  Next, an operation example when the decryption apparatus 150 decrypts the encrypted electronic document using the display screen 189 shown in FIG. 16 will be described.

  First, the operator of the decryption apparatus 150 reads the encrypted electronic document to be decrypted using the file menu instruction area 189g, and causes the display unit 161 to display the target encrypted electronic document. At this time, the decryption processing control unit 156 performs a search to determine whether or not there is encrypted area data in the electronic document, and activates the decryption execution submenu instruction area 189a only when there is.

  Next, the operator of the decryption apparatus 150 inputs an execution command specifying the decryption execution submenu instruction area 189f via the input unit 160, thereby executing decryption processing of the encrypted electronic document.

In the display screen 189 described above, encryption and decryption are arranged on one menu, but they may be arranged separately. In the example of FIG. 16, the example in which the encryption menu instruction area 189 a is added to the display screen displayed on the display units 141 and 161 by the electronic document display units 135 and 155 is shown. As described above, for example, Adobe (registered trademark)
This is an example that can be implemented by plugging in Acrobat (registered trademark) or Microsoft (registered trademark) Word (registered trademark), etc., but is not limited to this example. Alternatively, unique electronic document processing units 135 and 155 may be used for decryption.

  Further, in the display screen 189 shown in FIG. 16, the encryption function is added as a menu, but the encryption function may be added as a toolbar or the like instead of the menu.

  In the embodiment described above, the partial data to be encrypted obtained from the set encryption area is individually encrypted with the set encryption key to generate partially encrypted data, and the partial encryption In the decryption of the encrypted data, the individual partially encrypted data is decrypted with the decryption key.

  On the other hand, an encryption process as shown in FIG. 17 or a decryption process as shown in FIG. 18 may be performed.

  FIG. 17 is a flowchart illustrating a modification of the encryption process performed by the encryption processing unit 137 of the encryption apparatus 130.

  First, the encryption processing unit 137 includes at least one encryption target data selected via the encryption processing control unit 136 and the input unit 140, and an encryption set for encrypting the encryption target data. Get the key.

  The obtained data to be encrypted is an array of M [1],..., M [n] (n is a natural number of 1 or more), and M [1],. ] Is identified as an array of pk [1],..., Pk [m] (m is a natural number of 1 or more).

  In the following description, access control information AD [i] (i is a natural number of 1 or more) used in the encryption process is a reference to each encryption target data M [j] that can be decrypted with the encryption key pk [i]. A set of indexes j (j = 1,..., N) for specifying the destination is stored. The access control information AD [i] can be easily set from the correspondence between the encryption target partial data and the public key for encrypting the area, based on the setting result of the encryption area and the encryption key.

  First, the encryption processing unit 137 applies a partial data encryption key that is a key of the common key encryption technique to the encryption target data M [i] (i = 1,..., N) to be encrypted. K [i] is randomly generated (S60).

  Next, the encryption processing unit 137 encrypts each encryption target data M [i] to be encrypted using the partial data encryption key K [i] generated in step S60 (S61). Here, the encrypted data is referred to as partially encrypted data D [i].

  Next, the encryption processing unit 137 calculates a hash value H by applying a hash function from the concatenated partial encrypted data D [1],..., D [n] (S62).

Next, the encryption processing unit 137 acquires an index set (j ₁ ,..., J _u ) (u is the above natural number) from the access control information AD [i], and partial data corresponding to the acquired index set The encryption keys K [j ₁ ], K [j ₂ ],..., K [j _u ] are acquired, and these are concatenated (S63).

Next, the encryption processing unit 137 concatenates the partial data encryption keys K [j ₁ ], K [j ₂ ],..., K [j _u ] to the hash value H calculated in step S62. Are encrypted using the encryption key (public key) pk [i] (S64). Here, it is assumed that the encrypted result is key encrypted data E [i].

  Next, the encryption processing unit 137 performs partial encryption data D [1],..., D [n], key encryption data E [1],. [1],..., AD [m] are output as a result of the encryption process (S65).

  In addition, the encryption result in step S65 is obtained by the encryption processing control unit 136 by the access control information AD [1],..., AD [m] and the key encrypted data E [1],. ] Are stored in the encrypted data header area, and the partially encrypted data D [1],..., D [n] are stored in the partially encrypted data area, thereby generating encrypted area data.

  Here, the calculation of the hash value H calculated in step S62 is performed by the decryption processing unit 157 of the decryption device 150 in the integrity of the encrypted data (whether the decryption result matches the data given at the time of encryption). The hash value is used in the above example, but the hash value is not necessarily used, and a message authenticator or an electronic signature may be used. In addition, when the completeness is not required as described above, the calculation of the hash value H may be omitted.

  FIG. 18 is a flowchart showing a processing procedure when the encrypted electronic document encrypted by the encryption processing shown in FIG. 17 is decrypted.

First, the decryption processing unit 157 acquires an index set (j ₁ ,..., J _u ) from the access control information AD [j] of the encrypted area data of the encrypted electronic document (S70).

Next, the decryption processing unit 157 decrypts the key encrypted data E [j] using the decryption key sk [j] stored in the key management information storage area 152, and the partial data encryption key K [j ₁ ], K [j ₂ ],..., K [j _u ], and the hash value H are acquired (S71).

  Next, the decryption processing unit 157 calculates a hash value H ′ from the concatenated partial encrypted data D [1],..., D [n] (S72), and the hash value acquired in step S71. It is compared whether or not it matches H (S73).

  Then, if H = H ′, the decoding processing unit 157 proceeds to step S74, and if not H = H ′, the decoding processing unit 157 ends the processing as a decoding failure.

In step S74, the decryption processing unit 157 uses the partial data encryption keys K [j ₁ ], K [j ₂ ],..., K [j _u ] acquired in step S71 to perform the partial encrypted data D. [J ₁ ], D [j ₂ ],..., D [j _u ] are decoded and the decoding result is output.

In addition, although the case where there was one decryption key sk [j] has been described above for the sake of simplicity, the above processing (steps S71 to S73) is repeated even when a plurality of decryption keys are given. As a result, decryption results for a plurality of decryption keys can be obtained. At this time, when processing is performed with two different secret keys sk [j ₁ ] and sk [j ₂ ], inconsistencies occur in the processing results (for example, the same partial encrypted data C [1] If the results of decoding are different, it is desirable to output an error and terminate the process.

  Furthermore, when the compared hash values are different and decryption failure is output in the above step S73, the decryption processing unit 157 does not display the electronic document on the display unit 161, but instead displays a message indicating decryption failure. Is preferably displayed on the display unit 161.

  As described above, according to the present embodiment, one or more encryption areas are set in an electronic document, and each encryption area is encrypted with a plurality of encryption keys. When decrypting, the encrypted electronic document is decrypted using a decryption key that can be used in the decryption device, and a part of the encrypted electronic document (part that can be decrypted with an available decryption key) ) To display the electronic document. That is, the encrypted electronic document can have a different display image of the generated electronic document according to the decryption key that can be used by each user.

  FIG. 19 (schematic diagram of the key management device 210) is a modified example in which the key management method in the key management device is changed in the embodiment described above.

  As illustrated, the key management device 210 according to the modification includes a storage unit 211, a control unit 213, a communication unit 116, and a read / write unit 117, and a storage unit as compared with the key management device 110 described above. Since 211 and the control unit 213 are different from each other, items related to these different points will be described below.

  The storage unit 211 includes a key management information storage area 212, a user key management information storage area 218, and a correspondence information storage area 219.

  The key management information storage area 212 stores information for specifying a key for encrypting or decrypting electronic data.

  For example, the key management information storage area 212 stores a key management table 212a as shown in FIG. 20 (schematic diagram of the key management table 212a).

  The key management table 212a stores information for specifying an encryption key for encrypting electronic data and a decryption key for decrypting the electronic data encrypted with the encryption key.

  Specifically, the key management table 212a includes an authority ID column 212b, a key ID column 212c, a decryption key column 212d, and an encryption key column 212e.

  The authority ID column 212b stores an authority ID that is identification information for identifying the authority (qualification) assigned to the user of the cryptographic system 100.

  The key ID column 212c stores a key ID that is identification information for identifying a pair of the decryption key specified in the decryption key column 112d and the encryption key specified in the encryption key column 112e.

  The decryption key column 212d stores a decryption key for decrypting the electronic data encrypted with the encryption key specified in the encryption key column 212d described later.

  The encryption key column 212e stores an encryption key for encrypting electronic data.

  Returning to FIG. 19, the user key management information storage area 218 stores information for specifying a key for encrypting or decrypting the key management information stored in the key management information storage area 212.

  For example, the user key management information storage area 218 stores a user key management table 218a as shown in FIG. 21 (schematic diagram of the user key management table 218a).

  The user key management table 218a stores information for specifying an encryption key for encrypting key information and a decryption key for decrypting the key information encrypted with the encryption key.

  Specifically, the user key management table 218a includes a user ID column 218b, a decryption key column 218c, and an encryption key column 218d.

  The user ID column 218b stores a user ID that is identification information for identifying the user of the cryptographic system 100.

  The decryption key column 218c stores a decryption key for decrypting key information encrypted with the encryption key specified in the encryption key column 218d described later.

  The encryption key column 218d stores an encryption key for encrypting key information.

  The correspondence information storage area 219 stores information for specifying the authority of the user of the cryptographic system 100.

  For example, the correspondence information storage area 219 stores a correspondence table 219a as shown in FIG. 22 (schematic diagram of the correspondence table 219a).

  As shown in the figure, in the correspondence table 219a, user IDs are stored in the leftmost column 219a, and authority IDs set in the encryption system 100 are stored in the uppermost row 219c. By storing the symbol “◯” in the column located at the intersection of the row corresponding to the ID and the column corresponding to the authority ID, the authority specified by the authority ID is given to the user specified by the user ID. It shows that it is given.

  The control unit 213 includes a key generation unit 214 and a key management unit 215.

  The key generation unit 214 generates an encryption key / decryption key pair for each authority in accordance with an instruction from an operator of the key management device 110 or the decryption device 150, and uniquely identifies these pairs. Is generated and stored in the corresponding column of the key management table 212a.

  Further, the key generation unit 214 generates an encryption key / decryption key pair for each user in response to an instruction from an operator of the key management device 110 or the decryption device 150, and corresponds to the user key management table 218a. Perform the process of storing in the column.

  Then, the key management unit 115 performs a process of storing the correspondence relationship between each user and each authority in the correspondence table 219a in response to an instruction from an operator of the key management device 110 or the decryption device 150.

  The key management unit 115 performs a process of distributing the decryption key stored in the user key management table 218a in response to an instruction specifying the user ID from an operator of the key management device 110 or the decryption device 150.

  Here, in the present embodiment, since the decryption key is treated as a secret key, the distribution of the decryption key is not transmitted via the communication unit 116 and the network 170, but is installed in the read / write unit 117 so as to be readable and writable. It is desirable to do this by writing to a storage medium (for example, an IC card).

  Also, the key management unit 215 specifies the authority corresponding to the user ID in the correspondence table 219a in response to an instruction specifying the user ID from the operator of the key management apparatus 110 or the decryption apparatus 150, and corresponds to the specified authority. The decryption key is obtained from the key management table 112a, and the obtained decryption key is distributed together with the key ID.

  However, when distributing the decryption key, the encryption key corresponding to the user ID is acquired from the user key management table 218a, and the decryption key corresponding to the authority is encrypted with the acquired encryption key.

  Further, the key management unit 215 specifies the authority corresponding to the user ID in the correspondence table 219a in response to the instruction specifying the user ID from the operator of the key management apparatus 110 or the decryption apparatus 150, and corresponds to the specified authority. The encryption key is acquired from the key management table 112a, and the acquired encryption key is distributed together with the key ID.

  However, when distributing the encryption key, the encryption key corresponding to the user ID is acquired from the user key management table 218a, and the encryption key corresponding to the authority is encrypted with the acquired encryption key.

  For example, when the key management unit 215 distributes the key corresponding to the authority to the user, when the authority a and the authority c are assigned to the user α as shown in the correspondence table 219a, The decryption key A and the decryption key C corresponding to the corresponding authority a and authority c are acquired from the key management table 212e, and the encryption key α of the user α is acquired from the user key management table 218a. The decryption key C is encrypted with the encryption key α and transmitted to the decryption device 150 via the network 170.

  The decryption device 150 decrypts the information transmitted from the key management device 210 using the decryption key α of the user α that has already been distributed, and decrypts and uses the decryption key A and the decryption key C. Note that it is desirable from the viewpoint of security that the secret key and the secret key C are decrypted in an IC card that stores and distributes the decryption key α.

  Even when a decryption key assigned for each authority is sent to the user, it is desirable to authenticate the user who receives the distribution, such as authentication using a personal key in the IC card.

  By distributing the decryption key to the user via the network 170 as described above, it is possible to reduce the trouble of directly delivering a physical medium such as sending and collecting the IC card. Further, since only one IC card unique to each user needs to be issued to the user, even if the authority changes, it is only necessary to rewrite the authority key in the IC card. It is possible to reduce the labor of the administrator such as reissuance and collection.

  In the embodiment described above, the encrypted partial data is described at a predetermined position in the encrypted electronic document. However, the present invention is not limited to such an aspect. For example, the encrypted area data may be created as a separate file from the electronic document. In this case, the encrypted electronic document is decrypted by associating the encrypted electronic document with the encrypted area data. In this case, decryption and restoration can be performed by referring to a file associated with the encrypted electronic document.

  In the embodiment described above, the selection of the encryption target area in the electronic document is specified by the page number and the coordinate information on the page specified by the page number. However, the present invention is not limited to such an aspect. . For example, when an identifier is assigned to an object constituting an electronic document and the object can be specified by specifying the identifier, the identifier of the object is used for restoration instead of the page number and coordinate information. It may be auxiliary data. The method for specifying this object is information necessary for specifying the object to be restored when data is restored at the time of decryption. If the object in the electronic document can be specified uniquely, such an identifier is used. It may not be used (for example, when the electronic document is described in XML, Xpath or the like may be used).

  In the embodiment described above, the partial data to be encrypted is deleted from the electronic document, but the data may be replaced by, for example, alternative text or dummy data. Specifically, when the encryption setting area is composed of text and a part of the text in the object is designated, it may be replaced with a character such as a space or “*”. Further, when the encryption setting area designates a part of the image data, it is desirable not to delete the data but to replace it with image data such as black.

  In the above processing, after deleting the partial data to be encrypted, a black mask image is inserted. For example, a mask image of another color or an image written as “inked” is used. An image may be inserted, or a mask image may not be inserted. Alternatively, by changing the color of the mask image for each encrypted area, it may be possible to distinguish areas having the same decryption key that can be decrypted.

  Further, in the embodiment described above, every time one encryption setting area is set, a so-called sanitization process is performed in which a mask image is fitted. However, the present invention is not limited to this mode. For example, the storage unit 131 temporarily stores the set encryption setting area, and when executing encryption, the stored encryption setting area is collectively summed. May be performed.

  In this embodiment, the encryption process is performed immediately after the encryption area is set. However, the encryption setting area and the encryption process are performed separately, for example, by writing the auxiliary data for restoration as a file. May be. In this way, for example, it is not necessary to set the encryption setting area separately for a plurality of electronic documents having the same format.

  In the data deletion (or replacement process) in the sanitization process, when the data in the object is compressed and stored using, for example, LZW (JPEG, PNG in the case of an image) or the like, The data in the object once compressed is expanded and the above processing is performed, the compression processing is performed again, and the object is regenerated.

  Further, when executing the decryption process, prior to the execution of the decryption process in step S42 in FIG. 14, an area that can be decrypted by the given secret key used for decryption is specified from the restoration auxiliary data, for example, blinking. Alternatively, a region that can be decoded in advance may be shown to the user by changing the color, surrounding the dotted line, or the like.

  Further, when displaying the electronic document in step S44 after the decryption process of step S42 in FIG. 14, the area decrypted with the given secret key is surrounded by a dotted line, for example, blinking or changing color. , Etc. may be made explicit.

  Further, in the embodiment described above, the public key system is adopted, the public key is used as the encryption key, and the secret key is used as the decryption key. It is also possible to use a common key in the common key technique as an encryption key and a decryption key. When using a common key, the encryption key and the decryption key are stored in a tamper-resistant device such as an IC card and distributed, for example. It is desirable from a security point of view to prevent duplication.

  Further, in the above modification, the case where the secret key is stored in the IC card has been described, but the key management information storage area 152 in the decryption device 150 may be performed in addition to the IC card. For example, the secret key is stored in the key management information storage area 152 of the decryption device 150, and the decryption key is distributed by the encrypted communication when the decryption process of step S42 in FIG. 14 is executed (before execution). You may do it.

  Alternatively, the encryption key and the decryption key are the keys of the key management apparatus 110 when executing the encryption process in step S22 of FIG. 10 (before execution) and when executing the decryption process in step S42 of FIG. 14 (before execution). It may be acquired from the management information storage area 112. In this case, the encryption key and the decryption key are temporarily stored when executing the encryption process in step S22 in FIG. 10 (before execution) and when executing the decryption process in step S42 in FIG. 14 (before execution). , Stored in the key management information storage area 132 of the encryption apparatus 130 and the key management information storage area 152 of the decryption apparatus 150, and when executing the encryption process in step S22 of FIG. 10 (after execution), FIG. The acquired encryption key and decryption key may be deleted when the decryption process is executed (after execution) in step S42.

  In such a case, as described above, the decryption key is important for decrypting and disclosing the encrypted area in the electronic document according to the user or the authority (group to which the user belongs). Since it is information, it is desirable that an unnecessary decryption key is not acquired at the time of decryption, for example, access control is performed in the key management device 110 according to a user who uses the decryption device.

As described in the present embodiment, by adopting the public key system, the user who encrypts the electronic document can encrypt the electronic document only from the encryption key that is the public information. There is an advantage that it is not necessary to share information between the user who performs the decoding and the user who performs the decoding.
<Second Embodiment>
Next, a second embodiment will be described.

  In the second embodiment, the key management device 310, the encryption device 330, and the decryption device 350 are different from those in the first embodiment. Therefore, matters related to these will be described below.

  In the present embodiment as well, as in the first embodiment, the key management device 310, the encryption device 330, and the decryption device 350 can transmit and receive information to and from each other via the network 170. Yes.

  FIG. 23 is a schematic diagram of the key management apparatus 310 according to the second embodiment.

  As illustrated, the key management device 310 includes a storage unit 311, a control unit 313, a communication unit 116, and a read / write unit 117. Compared to the first embodiment, the storage unit 311 and the control unit are provided. Since 313 is different, items related to these will be described below.

  The storage unit 311 includes a password management information storage area 312.

  The password management information storage area 312 stores information for specifying a password used when encrypting or decrypting electronic data.

  For example, the password management information storage area 312 stores a password management table 312a as shown in FIG. 24 (schematic diagram of the password management table 312a).

  The password management table 312a stores information that identifies a user who encrypts or decrypts electronic data and a password used by the user.

  Specifically, the password management table 312a includes a user ID column 312b and a password column 312c.

  The user ID column 312b stores information for identifying a user ID, which is identification information for identifying a user who decrypts the encrypted electronic data.

  Here, as the user ID, a name or an e-mail address for identifying the user may be used. Further, as the user ID, not only identification information for identifying an individual user but also identification information used by one or more users such as authority, role, or mailing list may be used.

  The password field 312c stores information for specifying a password used by the user specified in the user ID field.

  In the second embodiment, since the encrypted data is decrypted using the password, the user who can use the key management device 310 (particularly, the password field 312c) is restricted by using access control. Should not be disclosed to inappropriate users.

  Returning to FIG. 23, the control unit 313 includes a password generation unit 314 and a password management unit 315.

  The password generation unit 314 generates a password in response to an instruction from an operator of the key management device 310 or the decryption device 350.

  The password may be a random character string, but is not limited to such a mode. For example, an input of an arbitrary character string may be accepted from an operator of the key management device 310 or the decryption device 350.

  In response to an instruction from the operator of the key management device 310 or the decryption device 350, the password management unit 315 performs processing for distributing the password stored in the password management table 312a together with the user ID.

  Here, in this embodiment, since the decryption is performed using the password, the distribution of the password is not transmitted via the communication unit 116 and the network 170, but is a portable storage medium installed in the read / write unit 117. It is desirable to do so by writing to. In addition, it is desirable for security that the secret key is stored so that it cannot be easily copied, such as a tamper-resistant device (for example, an IC card).

  FIG. 25 is a schematic diagram of an encryption device 330 according to the second embodiment of the present invention.

  As illustrated, the encryption device 330 includes a storage unit 331, a control unit 334, a communication unit 138, a read / write unit 139, an input unit 140, and a display unit 141, and includes the first embodiment. Since the storage unit 331 and the control unit 334 are different from each other, matters related to these will be described below.

  The storage unit 331 includes a password management information storage area 332 and an electronic document storage area 133. Since the password management information storage area 332 is different from that of the first embodiment, the storage unit 331 is related to this. The matter will be explained.

  The password management information storage area 332 stores information for specifying a password used for encryption. The password stored from the key management apparatus 310 is stored.

  For example, the password management information storage area 332 stores a password management table 332a as shown in FIG. 26 (schematic diagram of the password management table 332a).

  The password management table 332a includes a user ID column 332b and a password column 332c.

  The user ID column 332b stores information for specifying a user ID that is identification information for specifying a user who decrypts the encrypted electronic data. In this embodiment, the user ID distributed with the password from the key management apparatus 310 is stored in this column. Further, in the present embodiment, the disclosure destination of the partially encrypted data can be specified by specifying the user ID.

  The password column 332c stores information for specifying the password used by the user specified in the user ID column 332b. In the present embodiment, the password distributed from the key management device 310 is stored in this field. In the present embodiment, the password is encryption information.

  Referring back to FIG. 25, the control unit 334 includes an electronic document processing unit 135, an encryption processing control unit 336, and an encryption processing unit 337. Compared to the first embodiment, the control unit 334 includes an encryption processing control unit 336, Since the encryption processing unit 337 is different, items related to these will be described below.

  The encryption processing control unit 336 performs setting of the user who permits the decryption of the encryption target area and the encrypted electronic data via the input unit 140 in the electronic document displayed on the display unit 141 by the electronic document processing unit 135. Accept and perform these setting processes.

  Here, the encryption target area setting process specifies the page number and position (coordinates) from the encryption target area of the electronic document specified via the input unit 140, and uses the electronic data at the specified position. This is a process of deleting certain encryption target data from the electronic document and placing another predetermined electronic data (here, a mask image) incapable of recognizing the encryption target data at the specified position. .

  In addition, the setting process of the user who permits the decryption includes, for each encryption target area that has received an input via the input unit 140, a user who can decrypt the electronic data included in the encryption target area with a password management This is a process of specifying from the user ID stored in the information storage area 332.

  Then, the encryption processing control unit 336 outputs to the encryption processing unit 337 the encryption target data that is the electronic data included in the received encryption target area, and the user ID that permits browsing of the encryption target data.

  Further, when the encryption processing control unit 336 acquires the encrypted area data from the encryption processing unit 337, the encryption processing control unit 336 acquires the acquired encryption area at a predetermined position of the electronic document displayed on the display unit 141 by the electronic document processing unit 135. An encrypted electronic document is generated by adding data.

  When the encryption execution command is input via the input unit 140 in the electronic document displayed on the display unit 141 by the electronic document processing unit 135, the encryption processing unit 337 outputs the encryption output from the encryption processing control unit 336. Partially encrypted data is generated by specifying the password in the password management table 332a from the user ID output from the encryption processing control unit 336 and encrypting the data to be encrypted using the specified password.

  Then, the encryption processing unit 337 permits decryption for each of the generated partially encrypted data, position information (recovery auxiliary data) for specifying the page number and position of the partially encrypted data in the electronic document, and each partially encrypted data. Encrypted area data including decryption information (encrypted data header) that identifies a user ID that identifies a user (disclosure destination) is generated and output to the encryption processing control unit 336.

  For example, in the present embodiment, in the encrypted area data 282 shown in FIG. 12, the EncryptedKeyData element of the encrypted data header area 283 is provided with a user_id attribute instead of the key_id attribute, and the user ID is assigned to this attribute value. Should be stored. When a mail address is used as the user ID, the mail address may be stored in the attribute value of user_id, and the attribute name of user_id can be changed as appropriate, such as mail.

  FIG. 27 is a schematic diagram of a decoding device 350 according to the second embodiment of the present invention.

  As illustrated, the decoding device 350 includes a storage unit 351, a control unit 354, a communication unit 158, a read / write unit 159, an input unit 160, and a display unit 161, and is compared with the first embodiment. Since the storage unit 351 and the control unit 354 are different, items related to these will be described below.

  The storage unit 351 includes a password management information storage area 352 and an electronic document storage area 153, and the password management information storage area 352 is different from that of the first embodiment. The matter will be explained.

  The password management information storage area 352 stores information for specifying a password used for decrypting encrypted electronic data. The password stored from the key management apparatus 310 is stored.

  For example, the password management information storage area 352 stores a password management table 352a as shown in FIG. 28 (schematic diagram of the password management table 352a).

  The password management table 352a includes a user ID column 352b and a password column 352c.

  The user ID column 352b stores information for specifying a user ID, which is identification information for specifying a user who decrypts the encrypted electronic data. In this embodiment, the user ID distributed with the password from the key management apparatus 310 is stored in this column.

  The password column 352c stores information for specifying the password used by the user specified in the user ID column 352b. In the present embodiment, the password distributed from the key management device 310 is stored in this field.

  Returning to FIG. 27, the control unit 354 includes an electronic document processing unit 155, a decryption processing control unit 356, and an encryption processing unit 357. Compared to the first embodiment, the control unit 354 and the decryption processing control unit 356 Since the decryption processing unit 357 is different, items related to these will be described below.

  The decryption processing control unit 356 receives an instruction for decryption processing via the input unit 160 in the electronic document displayed by the electronic document processing unit 155.

  When the decryption processing control unit 356 receives the decryption processing instruction, the decryption processing control unit 356 acquires the encrypted area data added to the electronic document displayed by the electronic document processing unit 155.

  The decryption process control unit 356 stores the password in the password management information storage area 352 from the information (here, user ID) that identifies the user included in the encrypted data header of the acquired encrypted area data. From the existing password management table 352a.

  Then, the decryption processing control unit 356 outputs the acquired password and the partially encrypted data included in the encrypted area data to the decryption processing unit 357.

  Further, the decryption processing control unit 356 restores the electronic document by storing the decrypted data decrypted by the decryption processing unit 357 in a predetermined position of the electronic document.

  The decryption processing unit 357 decrypts the partially encrypted data using the password output from the decryption processing control unit 356, and outputs the decrypted decrypted data to the decryption processing control unit 356.

  FIG. 29 is a flowchart showing an encrypted document creation process in the encryption device 330.

  First, the electronic document processing unit 135 of the encryption device 330 reads an electronic document including electronic data such as an image and text and displays it on the display unit 141 (S80).

  Next, in the electronic document displayed on the display unit 141 by the electronic document processing unit 135, the encryption processing control unit 336 receives the setting of the encryption target area and the user ID via the input unit 140, and sets the encryption target area setting. Processing and user ID setting processing are performed (S81). The encryption target area setting process is the same as that in FIG.

  Here, in step S81, the operator of the encryption device 330 sets one or more encryption target areas for the electronic document via the input unit 140, and sets each of the set encryption target areas. One or more user IDs are set in order to determine a user who can decrypt the encryption target area.

  The operator sets the encryption target area using the selection tool provided by the electronic document processing unit 135 via the input unit 140 such as a mouse or a keyboard, and sets the user ID for each encryption target area. For example, the user ID stored in the password management table 332a stored in the password management information storage area 332 may be set using a file dialog or the like.

  Next, the encryption processing control unit 336 of the encryption device 330 performs the encryption target data acquired in the encryption target area setting process in step S81, the page number of the encryption target area, and the position of the encryption target area. And the user ID set in step S81 is acquired from the password management information storage area 332 and output to the encryption processing unit 337. The encryption processing unit 337 The encryption target data is encrypted (S82). The encryption process will be described in detail with reference to FIG.

  Then, the encryption processing unit 337 generates encrypted area data using the encrypted partial encrypted data (S83).

  Here, the encryption area data includes partial encryption data, a page number of the encryption target area, position information of the encryption target area, and information for specifying the user ID.

  Next, the encryption processing control unit 336 generates an encrypted electronic document by adding the encrypted area data generated in step S83 to a predetermined position of the electronic document (S84).

  FIG. 30 is a flowchart showing the encryption processing performed by the encryption processing unit 337 of the encryption device 330.

  First, the encryption processing unit 337 includes one or more encryption target data selected via the encryption processing control unit 336 and the input unit 140, and a user ID set for encrypting the encryption target data. To get.

  The acquired encryption target data is identified as an array of M [1],..., M [n] (n is a natural number of 1 or more).

  In the following description, the access control information AD [i] (i is a natural number of 1 or more) used in the encryption process specifies a reference destination to each encryption target data M [j] that can be decrypted by the same user ID. A set of indexes j (j = 1,..., N) is stored.

  First, the encryption processing unit 337 applies the partial data encryption key that is a key of the common key encryption technique to the encryption target data M [i] (i = 1,..., N) to be encrypted. K [i] is randomly generated (S90).

  Next, the encryption processing unit 337 encrypts each encryption target data M [i] to be encrypted using the partial data encryption key K [i] generated in step S90 (S91). Here, the encrypted data is referred to as partially encrypted data D [i].

  Next, the encryption processing unit 337 calculates a hash value H by applying a hash function from the concatenated partial encrypted data D [1],..., D [n] (S92).

Next, the encryption processing unit 337 acquires an index set (j ₁ ,..., J _u ) (u is a natural number above) from the access control information AD [i], and partial data corresponding to the acquired index set The encryption keys K [j ₁ ], K [j ₂ ],..., K [j _u ] are acquired, and these are concatenated (S93).

  Next, the encryption processing unit 337 randomly generates a random number R (S94).

  Then, the encryption processing unit 337 concatenates the random number R generated in step S94 with the password corresponding to the user ID acquired in step S81 of FIG. 29, and uses the hash function to generate a hash value (for example, 256 bits). The generated hash value is divided into two, and one (for example, upper 128 bits) is used as a key encrypted data generation key, and the other (for example, lower 128 bits) is used as a key encrypted data check key. (S95).

Next, the encryption processing unit 337 uses the generated key encryption data generation key to share the partial data encryption keys K [j ₁ ],..., K [j _u ] acquired in step S93. Encrypt using key encryption technology. This (the ciphertext obtained as a result of encryption is referred to as key encrypted data body EB [i]).

  Further, the encryption processing unit 337 generates the MAC value of the key encrypted data body EB [i] using the key encrypted data inspection key (the obtained MAC value is converted into the key encrypted data inspection unit EC [i ]).

  Then, the encryption processing unit 337 concatenates the key encrypted data body EB [i], the key encrypted data inspection unit EC [i], and the random number R generated in step S94, thereby connecting the key encrypted data E [ i] is generated (S96).

  Note that any hash function, encryption function, or MAC function such as MD5 or SHA1, encryption for AES or DES, and MAC value generation for HMAC or the like may be used for the hash function. In addition, if the obtained hash value is smaller than the data size required for the key encryption data generation key and the key encryption data check key, the obtained hash value is passed through the hash function again. A hash value larger than the data size can be generated and the surplus can be discarded.

  The concatenated data can be divided at the time of decoding, for example, ASN. What is necessary is just to connect using formats, such as 1 and XML. Alternatively, the key encryption data inspection unit EC [i], the data size of the random number R, and the storage order are determined as parameters commonly used in the system, and the necessary data size is determined along with these parameters during decryption. The key encrypted data inspection unit EC [i] and the random number R may be extracted in order.

  Next, the encryption processing unit 337 performs partial encryption data D [1],..., D [n], key encryption data E [1],. [1],..., AD [m] are output as a result of the encryption process (S97).

  The encryption result in step S97 is obtained by the encryption processing control unit 336 by the access control information AD [1],..., AD [m] and the key encrypted data E [1],. ] Are stored in the encrypted data header area, and the partially encrypted data D [1],..., D [n] are stored in the partially encrypted data area, thereby generating encrypted area data.

  In the flowchart shown in FIG. 30, the random number R is generated prior to the generation of the hash value (step S94), and this and the password are concatenated to generate the hash value. The hash value may be generated without being connected to the random number sequence.

Further, in the flowchart shown in FIG. 30, using the encrypted key data inspection key, the partial data encryption keys _K [j 1] obtained in step S93, · · ·, K of MAC values for _{[j u]} Although the generation is performed, the key encrypted data check key is not generated and the MAC value may not be generated. Further, the MAC value is not generated for the partial data encryption keys K [j ₁ ],..., K [j _u ] acquired in step S93, but is encrypted with the key encrypted data generation key. The MAC value may be generated for the result.

  FIG. 31 is a flowchart showing a process of decrypting an encrypted encrypted electronic document in the decrypting device 350.

  First, the electronic document processing unit 155 of the decryption device 350 displays the electronic document stored in the electronic document storage area 153 on the display unit 161 (S100).

  Next, the decryption process control unit 356 detects whether or not there is encrypted area data in the electronic document, and if there is, accepts the decryption process (S101).

  Here, for example, if the electronic document has a data format such as PDF, whether or not there is encrypted area data is searched for all the objects constituting the PDF, and the type corresponding to the encrypted area data in the object. It can be determined whether or not there is an object having an ID, and if the electronic document has a data format such as XML, it can be determined whether or not an element corresponding to the encrypted area data exists. .

  Further, the reception of the decryption process may be realized by, for example, preparing a decryption execution button as a selection menu on the screen displaying the electronic document (in the case where there is no encryption area data, Just make it inactive to prevent the button from running).

  Next, the decryption processing control unit 356 acquires necessary information from the encrypted area data in the electronic document, outputs the information to the decryption processing unit 357, and the decryption processing unit 357 executes the decryption processing (S102).

  Here, the decryption processing control unit 356 obtains the user ID from the encrypted data header area of the encrypted area data, and whether the information corresponding to the user ID is stored in the user ID column 352b of the password management table 352a. If it is stored, the partially encrypted data stored corresponding to the stored user ID is acquired from the partially encrypted data area.

  Also, the decryption processing control unit 356 acquires the user ID from the encrypted data header area of the encrypted area data, and acquires the password corresponding to the user ID from the password management table 352a.

  Then, the decryption processing control unit 356 outputs the acquired partially encrypted data and password to the decryption processing unit 357, and the decryption processing unit 357 performs decryption. This decoding process will be described in detail with reference to FIG.

  Next, with respect to the decrypted data decrypted by the decryption processing unit 357, the decryption processing control unit 356 restores the electronic document by fitting it into the electronic document (S103), and the electronic document processing unit 155 restores the restored electronic document. Is displayed on the display 161 (S104). Here, the restoration process in step S103 is the same as that in FIG.

  Note that when a decoding error occurs in the decoding processing unit 357, it is desirable to display a message indicating that decoding has failed on the display unit 161.

  FIG. 32 is a flowchart showing a processing procedure when the encrypted electronic document encrypted by the encryption processing shown in FIG. 30 is decrypted.

First, the decryption processing unit 357 acquires an index set (j ₁ ,..., J _u ) from the access control information AD [j] of the encrypted area data of the encrypted electronic document (S110).

  Next, the decryption processing unit 357 divides the key encrypted data E [i] into a random number R, a key encrypted data body EB [i], and a key encrypted data inspection unit EC [i] (S111).

  Next, the decryption processing unit 357 performs processing similar to that in step S95 in FIG. 30 based on the obtained random number R and the password acquired in step S102 in FIG. 31, and generates a key encrypted data generation key, key An encrypted data inspection key is generated (S112).

  Then, the decryption processing unit 357 verifies the key encrypted data body EB [i] by the MAC using the key encrypted data inspection key and the key encrypted data inspection unit EC [i] (S113).

  Here, in step S113, the decryption processing unit 357 calculates the MAC value of the key encrypted data body EB [i] divided in step S111 using the key encrypted data check key generated in step S112. Then, the decryption processing unit 357 determines that the verification is successful when the calculated MAC value matches the key encryption data inspection unit EC [i] divided in step S111.

  If the verification in step S113 fails (No in step S114), the decoding processing unit 357 proceeds to step S115, outputs an error (decoding failure) to the display unit 161, and ends the process.

  On the other hand, when the verification is successful (Yes in step S114), the decryption processing unit 357 proceeds to step S115.

In step S115, the decryption processing unit 357 decrypts the key encrypted data body EB [i] using the key encrypted data generation key obtained in step S112, and the partial data encryption key K [j ₁ ], K [j ₂ ],..., K [j _u ], and a hash value H are acquired.

  Next, the decryption processing unit 357 calculates a hash value H ′ from the concatenated partial encrypted data D [1],..., D [n] (S116), and the hash value acquired in step S115. It is compared whether or not it matches H (S117).

  If H = H ′, the decoding processing unit 357 proceeds to step S118. If not H = H ′, the decoding processing unit 357 proceeds to step S115, outputs an error (decoding failure) to the display unit 161, and ends the processing. .

In step S118, the decryption processing unit 357 uses the partial data encryption keys K [j ₁ ], K [j ₂ ],..., K [j _u ] acquired in step S115 to perform partial encrypted data D. [J ₁ ], D [j ₂ ],..., D [j _u ] are decoded and the decoding result is output.

  In addition, the encryption using the password in the second embodiment described above, the generation of the key encryption data generation key in the decryption, and the generation of the key encryption data verification key are described in Reference Document 1 below, for example. You may carry out using the method.

Reference 1: RSA Laboratory, “PKCS # 5: Password-Based Cryptography Standard”, October 2006.
In the second embodiment described above, the key management device 310 stores a password instead of the secret key and public key stored in the key management device 110 in the first embodiment. However, for example, the key management device 310 may not be used by sharing a password used for encryption and decryption by using e-mail or the like between the user to be encrypted and the user to be decrypted.

  In the second embodiment described above, the password management information storage area 352 in the decryption device 105 may be omitted. In this case, the acquisition of the password corresponding to the user ID required for decryption (S102) may be performed by displaying a dialog and allowing the user to input the ID and password.

  30 and 32 are examples of the encryption process and the decryption process in the present embodiment, and the encryption process and the decryption process may be different from this, as in the first example. For example, as described in the first embodiment, the partial data to be encrypted obtained from the set encryption area is converted from the password corresponding to the set user ID to the key encrypted data generation key, A key-encrypted data check key is generated (S94, S95), and using this, partial data is individually encrypted to generate partially encrypted data, and decryption of the partially encrypted data in FIG. The encrypted data may be decrypted by generating a key encrypted data generation key and a key encrypted data verification key from the password (S112).

  Further, the second embodiment and the first embodiment can be shared and used. For example, in the key management information storage area 112 in the key management apparatus 110, at least one of an encryption key and a decryption key or a password is managed in association with a user ID, When corresponding to either an encryption key, a decryption key, or a password, encryption is performed using either one of them, and when both are supported, the default is used. Either one of them is used for encryption, for example, by determining which one to do.

As described above, when encryption and decryption are performed by sharing the second embodiment and the first embodiment, either public key encryption technology or common key encryption technology (or password) is used. In order to clarify whether decryption processing is performed using, for example, in the implementation example of the encryption area data 282 shown in FIG. 12, by making the KeyEncryptionAlgorithm element a child element of the EncryptedKeyData element instead of the MRES_Param element, Describe the algorithm used for decryption,
For decryption, for example, when performing decryption processing using a secret key in public key cryptography, the decryption device 150 includes both a key management information storage area 152 and a password information storage area. The private key and password are stored in both storage areas, respectively. Prior to the execution of the decryption process (step S42 in FIG. 14), the private key and password stored in these storage areas may be searched and the decryption process may be performed.

  Alternatively, as described above, the decryption device 150 includes only the key management information storage area 152, and after performing decryption processing with the private key stored in the key management information storage area 152, a dialog is displayed. The user may be allowed to input an ID and password.

  In the embodiment described above, the password generation unit 314 is provided in the key management device 310. However, for example, the operator of the key management device 310, the encryption device 330, or the decryption device 350 is designated by input or the like. In this case, it is not necessary to provide the password generation unit 314.

  In the second embodiment described above, the encryption device 330 is provided with the password management information storage area 332 and the decryption device 350 is provided with the password management information storage area 352. However, when encrypting and decrypting. In addition, when the user receives an input of a user ID and a password, it is not necessary to provide these storage areas. When the user inputs the user ID and password, the input password is not displayed on the screen, for example, the input character string is replaced with an alternative character such as “*”. desirable.

  In the decryption process (step S102 in FIG. 31) in the decryption apparatus 350 described above, the password corresponding to the user ID is stored in the password management information recording area 352 provided in the storage unit 351 of the decryption apparatus 350. If there is no password, an input of a password from the user may be accepted via the input unit 160.

Schematic diagram of a cryptographic system. Schematic diagram of a key management device. Schematic of a key management table. Schematic diagram of a computer. 1 is a schematic diagram of an encryption device. Schematic of a key management table. Schematic of a decoding apparatus. Schematic of a key management table. The sequence diagram which shows the data flow of the electronic document in a cryptographic system. 6 is a flowchart showing a process for creating an encrypted document in the encryption apparatus. Schematic diagram of an encrypted electronic document. Schematic which shows the specific example of encryption area | region data. The flowchart which shows an encryption object area | region setting process. The flowchart which shows the process which decodes the encrypted encryption electronic document. 6 is a flowchart illustrating processing for restoring an electronic document. Schematic of a display screen. The flowchart which shows the modification of an encryption process. The flowchart which shows the process sequence at the time of decrypting an encryption electronic document. Schematic diagram of a key management device. Schematic of a key management table. Schematic diagram of a user key management table. Schematic of a correspondence table. Schematic diagram of a key management device. Schematic diagram of a password management table. 1 is a schematic diagram of an encryption device. Schematic diagram of a password management table. Schematic of a decoding apparatus. Schematic diagram of a password management table. The flowchart which shows the preparation process of an encryption document. The flowchart which shows an encryption process. The flowchart which shows the process which decodes the encrypted encryption electronic document. The flowchart which shows the process sequence at the time of decrypting an encryption electronic document.

Explanation of symbols

100 Encryption system 110, 210, 310 Key management device 111, 211, 311 Storage unit 113, 213, 312 Control unit 116 Communication unit 117 Reading / writing unit 130, 330 Encryption device 131, 331 Storage unit 134, 334 Control unit 138 Communication unit 139 Read / write unit 140 Input unit 141 Display unit 150, 350 Decoding device 151, 351 Storage unit 154, 354 Control unit 158 Communication unit 159 Read / write unit 160 Input unit 161 Display unit

Claims (18)

An encryption device for encrypting an electronic document,
A storage unit that stores at least one management information that identifies a disclosure destination and encryption information corresponding to the disclosure destination, and a control unit,
The controller is
A first selection process for receiving selection of electronic data included in the electronic document;
A second selection process for accepting at least one selection of the disclosure destination for each selected electronic data;
Encrypted data obtained by encrypting the electronic data selected in the first selection process using encryption information corresponding to the disclosure destination selected in the second selection process, selected in the first selection process A process of generating encryption area information comprising position information for specifying a position of electronic data in the electronic document, and decryption information capable of specifying information used when decrypting the encrypted data;
An encryption device characterized by performing: The encryption device according to claim 1,
The encryption information is a public key in public key encryption technology,
The encrypted data is obtained by encrypting the electronic data selected in the first selection process with the public key;
An encryption device. The encryption device according to claim 1,
The encryption information is shared secret information,
The encrypted data is obtained by encrypting the electronic data selected in the first selection process with an encryption key generated from the shared secret information;
An encryption device. The encryption device according to claim 1,
The controller is
Deleting the electronic data selected in the first selection process from the electronic document;
An encryption device. The encryption device according to claim 4,
The controller is
Putting electronic data different from the deleted electronic data into the electronic document at the position of the electronic data deleted from the electronic document;
An encryption device. The encryption device according to claim 1,
The controller is
Adding the encrypted area information to a part of the electronic document;
An encryption device. Encrypted area comprising encrypted data obtained by encrypting electronic data, position information for identifying the position of the electronic data in the electronic document, and decryption information for identifying information used when decrypting the encrypted data A decryption device for decrypting the encrypted data of an electronic document associated with information,
Processing for obtaining the decryption information from the encrypted area information;
A process of decrypting the encrypted data using the decryption information;
A control unit that performs a process of putting the decrypted electronic data at a position specified by the position information of the encrypted area information;
A decoding device characterized by the above. The decoding device according to claim 7, wherein
A storage unit,
The decryption information is information indicating a secret key in public key cryptography stored in the storage unit,
The process of decrypting the encrypted data is a process of decrypting the encrypted data using a secret key indicated by the decryption information;
A decoding device characterized by the above. The decoding device according to claim 7, wherein
The decryption information is information indicating shared secret information,
The process of decrypting the encrypted data is a process of decrypting using the decryption key generated using the shared secret information indicated by the decryption information;
A decoding device characterized by the above. An encryption system comprising: an encryption device that encrypts an electronic document; and a decryption device that decrypts the electronic document encrypted by the encryption device,
The encryption device is:
A storage unit that stores at least one management information that identifies a disclosure destination and encryption information corresponding to the disclosure destination, and a control unit,
The control unit of the encryption device includes:
A first selection process for receiving selection of electronic data included in the electronic document;
A second selection process for accepting at least one selection of the disclosure destination for each selected electronic data;
Encrypted data obtained by encrypting the electronic data selected in the first selection process using encryption information corresponding to the disclosure destination selected in the second selection process, selected in the first selection process A process of generating encryption area information comprising position information for specifying a position of electronic data in the electronic document, and decryption information capable of specifying information used when decrypting the encrypted data;
A cryptographic system characterized by The cryptographic system according to claim 10,
The encryption information is a public key in public key encryption technology,
The encrypted data is obtained by encrypting the electronic data selected in the first selection process with the public key;
A cryptographic system characterized by The cryptographic system according to claim 10,
The encryption information is shared secret information,
The encrypted data is obtained by encrypting the electronic data selected in the first selection process with an encryption key generated from the shared secret information;
A cryptographic system characterized by The cryptographic system according to claim 10,
The control unit of the encryption device includes:
Deleting the electronic data selected in the first selection process from the electronic document;
A cryptographic system characterized by The cryptographic system according to claim 13,
The control unit of the encryption device includes:
Putting electronic data different from the deleted electronic data into the electronic document at the position of the electronic data deleted from the electronic document;
A cryptographic system characterized by The cryptographic system according to claim 10,
The control unit of the encryption device includes:
Adding the encrypted area information to a part of the electronic document;
A cryptographic system characterized by The cryptographic system according to claim 10,
The decoding device
Processing for obtaining the decryption information from the encrypted area information;
A process of decrypting the encrypted data using the decryption information;
A control unit that performs a process of putting the decrypted electronic data at a position specified by the position information of the encrypted area information;
A cryptographic system characterized by The cryptographic system according to claim 16, wherein
The decoding device includes a storage unit,
The decryption information is information indicating a secret key in public key encryption technology stored in the storage unit of the decryption device,
The process of decrypting the encrypted data is a process of decrypting the encrypted data using a secret key indicated by the decryption information;
A cryptographic system characterized by The cryptographic system according to claim 16, wherein
The decryption information is information indicating shared secret information,
The process of decrypting the encrypted data is a process of decrypting using the decryption key generated using the shared secret information indicated by the decryption information;
A cryptographic system characterized by

Images