JP2010186075A - Integer encrypting and decoding method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an encrypting and decoding method of integers of high confidentiality. <P>SOLUTION: The method includes: a step of receiving an integer Xi concerning identifier information or the like referring to secrecy information as input; a step of generating two primes A and B exceeding input integer Xi by a product N, making D of the product of (A-1) and (B-1), and making K of the least common multiple of (A-1) and (B-1); a step of selecting E being a prime to D or K by using a random rule; a step of encrypting to execute residue arithmetic in a condition of generating overflow in integer operation of a computer by power (Eth power of Xi); a step of selecting F establishing E×F=m×K+1 by regarding m as an optional integer for encrypted integers; and a step of decoding in residue arithmetic of power (Fth power of Yi). <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an integer encryption and decryption method, and in particular, the present invention relates to a method for encrypting and decrypting identification information and the like for referring to confidential information with high confidentiality.

Conventionally, it is known that an identifier including a unique integer is used to identify a member in a corporate organization or the like. For example, a number of about 8 digits is used to identify a subscriber in a national health insurance system or the like. Or, a bank branch and account are used to identify a bank account with a number of about 3 to 10 digits, or a number of about 12 digits is used to identify a credit member. A format that can be easily remembered by a person to be identified using a symbol, a character string, or other information is used as appropriate.
Further, as a method capable of realizing encryption and digital signature, RSA encryption, which is public key encryption based on the fact that the problem of prime factorization of a composite number with a large number of digits is difficult, is known (Patent Literature). 1 and Non-Patent Document 1). The RSA cipher uses a power of an appropriate positive number in the encryption stage and a remainder operation that uses a product of two prime numbers as a modulus, and uses a power root that requires a prime factor of the product in decryption. If the prime factor is not known, decryption becomes difficult, and thus the security of the encryption is ensured.
Furthermore, in order to ensure security in the transmission and reception of information via a computer network, an SSL protocol having encryption, authentication, and alteration detection functions is known (Non-Patent Document 2). It is known that the authentication based on the public key certificate included in the SSL protocol can use the RSA encryption.

U.S. Pat. No. 4,405,829

“RSA encryption” [online], June 12, 2008, [July 30, 2008 search], Internet, <URL: http: // ja. wikipedia. org / wiki / RSA% E6% 9A% 97% E5% 8F% B7> “Secure Sockets Layer” [online], July 29, 2008, [July 30, 2008 search], Internet, <URL: http: // ja. wikipedia. org / wiki / Secure_Sockets_Layer>

However, in the prior art or a combination of the prior arts, the secret key paired with the public key is decrypted using the combination of the number or characters before encryption and the number or character format after decryption as a clue. However, all ciphers that use the same combination of public and private keys have the weakness of being decipherable. In RSA cryptography, the length of time required to specify a prime factor is the basis of the security of the cryptography. Therefore, by improving the performance of computer equipment and the like used for decryption, even with a certain decryption technique, There has been a problem that the possibility of leaking confidential information increases in a short time.
In addition, in a public key encryption method such as RSA encryption, when the combination of the original information and the encrypted information is leaked to a third party, the key for encryption and decryption is analyzed using the combination as a clue. There was a possibility.
In addition, information leakage via voice calls or documents such as printed materials cannot be handled by security technology such as SSL protocol for information transmitted using a computer network. Therefore, in various forms including voice or documents. There was a need for a way to conceal personal information.

  The present invention selects a key for encryption based on a random rule such as a random number while the processing time required for performing the steps of encryption and decryption is substantially the same as the prior art, and the same key is repeated. The purpose is to provide a method that makes decryption extremely difficult by using a procedure that cannot be decrypted without the information at the time the key was created. . It is an object of the present invention to perform highly confidential information conversion even for numbers that are insufficiently encrypted only by public key cryptography. Accordingly, an object of the present invention is to ensure the security of personal information transmitted and received through information communication including a computer network. It is another object of the present invention to generate encrypted information that can be transmitted and received in various forms such as a computer network, voice, or document from the same identification number.

The inventor uses a calculation procedure in which a computer intentionally generates a large number that causes overflow in the calculation process, and performs encryption and decryption while avoiding overflow in a predetermined procedure. A method for concealing personal information has been found (Japanese Patent Application No. 2008-244761). Furthermore, the present inventor introduced a method in which the same key combination cannot be created by a third party by selecting a key based on a random rule such as a random number, thereby dramatically improving confidentiality. As a result, the present invention has been completed.
The present invention provides the following solutions.

ｍを任意の整数として次式を成立するＦを用意するステップと、

次式を用いて変換した整数Ｙｉを整数Ｘｎに復号化するステップと、

を含み、式中、Ｅは暗号化のための鍵をランダムな規則により選択するステップにより選択される、整数を暗号化し復号化する方法。 (1) A method of encrypting and decrypting an integer Xi, the step of selecting a key for encryption according to a random rule, and the step of generating two prime numbers A and B having a product N exceeding Xi; The product of (A-1) and (B-1) is D, the least common multiple of (A-1) and (B-1) is K, and D or a number that is prime with K is E. Generating an integer Yi obtained by converting the integer Xi using the expansion form of the following equation under the condition that the power of the term Xi to the E power causes an overflow in the integer operation of the calculation means:

preparing F satisfying the following expression where m is an arbitrary integer;

Decoding the integer Yi converted using the following equation into an integer Xn;

A method for encrypting and decrypting an integer, wherein E is selected by selecting a key for encryption according to a random rule.

In the encryption and decryption method of the present invention, by using a computer device or the like capable of performing integer operations, an integer is input to generate an encrypted integer, and the generated encrypted integer is decrypted. The input integer can be restored.
The integer used for input may be an integer that can be processed by a computer, and may be an integer reversibly converted from a character or an image. For example, a character code or the like assigned to each computer-processable character may be handled as a hexadecimal integer such as 1 digit, 2 digits, or 4 digits. Further, for example, 26 characters included in an alphabetic alphabet may be handled as a single digit integer representing a 26-digit number. Further, for example, each pixel included in an image that can be processed by a computer may be treated as a 24-bit binary integer that is a set of 8-bit RGB RGB integers.
In one embodiment, personal information, such as a member's identification number, is reversibly converted to a computer-processable integer and used to input the method for encrypting and decrypting the integer of the present invention.

  The combination of prime numbers A and B according to the present invention may be selected such that the product N exceeds Xi and the sum is the smallest. In this way, the combination of the prime numbers A and B is set to a limited range of prime numbers, and the enormous amount of computer resources required for the subsequent calculations is suppressed, and efficient encryption and decryption calculations are performed. Can be carried out.

Both encryption and decryption keys according to the present invention may be integers. In other words, information that can be handled as an integer can be used as a key for encryption and decryption according to the present invention. For example, an integer reversibly corresponding to specific character information using a character code or the like may be used as an encryption and decryption key according to the present invention, and the association with the integer is not limited to the character code. Possible information may be used.
As a random rule for selecting an encryption key according to the present invention, a random rule including generation of a random number or the like can be used. For example, an integer obtained by using a computer program for generating an integer random number may be used as the encryption key according to the present invention. The present invention is not limited to this, and a mechanism such as a random number 、 or a numerical value associated with the intensity of electrical noise at an arbitrary time may be used as a random rule, and an integer may be selected and used based on these random rules.
Specifically, in the method for encrypting an integer according to the present invention, the integer E included in the formula (I) can be selected based on a random rule. Also, in the method for decoding an integer according to the present invention, an integer F associated with the integer E can be selected according to equation (II).
In the method of encrypting an integer according to the present invention, the integer F is also selected by selecting the integer E according to this random rule. That is, the pair of integers E and F selected in the calculation of the power residue at any point in time according to the present invention is related to the other pair of integers E and F selected during the calculation of the other power residue. It can be an inexact integer. Therefore, the present invention can provide extremely high confidentiality to a third party who does not use the correct values of the integer E and the integer F used for encryption and decryption according to the present invention.

The calculation means according to the encryption and decryption method of the present invention is a program or the like that causes a computer to perform integer arithmetic, and is generated by an assembler or compiler, converted by an interpreter, or a script or spreadsheet. It can be a machine language program called by a built-in calculation routine.
In one embodiment, overflow may occur in the arithmetic register of a central processing unit (CPU) included in the computer. Therefore, an integer operation with an effective number of digits can be performed in accordance with the number of digits in the operation register of a specific CPU. For example, in the case of a CPU having a register length of 16 bits, integers that can be used for integer operations are in the range of decimal numbers 0 to 65535, for example, as unsigned 16-bit integers. In the case of a CPU having a register length of 32 bits, similarly, an unsigned 32-bit integer is in the range of decimal 0 to 4294967295.
In another embodiment, overflow can occur in an internal function that an interpreter, script, spreadsheet, etc. provides for integer arithmetic. Therefore, an integer operation with an effective number of digits can be performed in accordance with the number of digits of an integer that can be represented by an internal function of a specific interpreter, script, spreadsheet, or the like. For example, an integer that can be represented by a variable in which a type of an unsigned 16-bit integer is defined in a specific compiler or the like is in the range of 0 to 65535 in decimal.

  In the method of the present invention, the range of the integer E is selected so as to generate an arbitrary overflow including the above-mentioned overflow in the power calculation represented by the formula (I). The overflow is performed using a method known in the art, such as detection of occurrence of overflow during integer arithmetic in the CPU, or an error processing routine for overflow that is included in the integer arithmetic library appropriately provided in a compiler or the like. It can be detected. Furthermore, in the method of the present invention, the integer E is selected from the range according to a random rule.

式中、ｓは０＜ｓ＜Ｅを満たす整数である。展開した右辺のいずれかの項が桁あふれを発生する場合は適宜さらにその項を展開してもよい。式（ＩＶ）のような展開形は整数ｓの選択に計算回数が依存しうる。このように得られたＹｉは、元のＸｉを暗号化した整数でありうる。 The expanded form used in the encryption and decryption method according to the present invention replaces the power of an integer by using an integer E that satisfies the condition for causing overflow as described above and is selected according to a random rule. Includes calculation methods. Specifically, instead of using the formula (I) directly, in order to avoid overflow in the E power of the term Xi in the formula (I), a known method of expressing the term as a product of a plurality of integers is used. Yes, but not limited to this.

In the formula, s is an integer satisfying 0 <s <E. When any term on the expanded right side overflows, the term may be further expanded as appropriate. In the expanded form such as the formula (IV), the number of calculations can depend on the selection of the integer s. Yi thus obtained may be an integer obtained by encrypting the original Xi.

  In the method of encrypting and decrypting an integer according to the present invention, the integer F represented by the formula (II) is an expression on the right side that can be generated based on the prime numbers A and B selected including any m. Anything can be used as long as it can be selected from a set of integers that are factors of (m × K + 1). The pair of integers E and F may be treated as a public key and private key pair in public key encryption technology known to those skilled in the art.

(2) The method further includes a step of converting an integer into a substitution-encrypted integer using substitution-type encryption, and a step of decrypting the substitution-encrypted integer using substitution-type decoding. To encrypt and decrypt integers.

式中、Ｒは換字式暗号化の鍵として用いる整数であり、Ｒｏｔ（）は鍵Ｒを用いて整数Ｙｉを換字式暗号化する関数である。Ｒｏｔ（）は、十進法等の記数法を用いて整数Ｙｉを記述して得られる数字の並びを文字列として扱う、公知のシーザー暗号化を用いることができる。例えば、シーザー暗号化における鍵Ｒを整数３として、十進数の数字１文字からなる集合｛０，１，２，３，４，５，６，７，８，９｝の各要素に鍵Ｒを加算し、集合｛３，４，５，６，７，８，９，０，１，２｝の各要素を同一の順番で対応させて換字することが可能である。あるいは、シーザー暗号化とは異なって、鍵Ｒはランダムな順序を用いる情報又は所定の数字の並び方の情報等と関連づけ、対応させる集合はランダムな順序又は所定の数字の並び方でもよい。またあるいは、元の集合の一部の要素に対して鍵Ｒを用いる換字式暗号化を実施してもよく、当該一部の要素の選択には乱数を用いてもよく、当該一部の要素以外の残りの要素に対して公開鍵暗号化を含む任意の暗号化を実施してもよい。これらに限定せず、記数法の桁の数字を予め用意した規則に従って、可逆的かつ一対一に対応するように換字し、整数Ｙｉを整数Ｚｉに変換してもよい。これらの換字式暗号化は、ループカウンタＬに依存せずに毎回実施してもよく、ループカウンタＬに依存して、初回のみ又は偶数回のみ等、Ｌの所定の値に基づいて実施してもよく、適宜設計しうる。 In the step of converting an integer into a substitution-encrypted integer using substitution encryption according to the method of the present invention, substitution cryptography is performed on the input integer value or digit number in the notation system. A preferred substitution encryption is Caesar encryption, but is not limited thereto. For example, in the substitution encryption of the integer Yi and the substitution encryption to the integer Zi, the following transformation can be used.

In the equation, R is an integer used as a key for substitution encryption, and Rot () is a function for substitution-encrypting the integer Yi using the key R. Rot () can use a known Caesar encryption that handles a sequence of numbers obtained by describing an integer Yi using a notation system such as a decimal system as a character string. For example, assuming that the key R in Caesar encryption is an integer 3, the key R is assigned to each element of the set {0, 1, 2, 3, 4, 5, 6, 7, 8, 9} consisting of one decimal digit. It is possible to add and replace each element of the set {3, 4, 5, 6, 7, 8, 9, 0, 1, 2} in the same order. Alternatively, unlike Caesar encryption, the key R may be associated with information using a random order or information on how to arrange a predetermined number, and the corresponding set may be in a random order or a predetermined number. Alternatively, substitution encryption using the key R may be performed on a part of the elements of the original set, and a random number may be used to select the part of the elements. Arbitrary encryption including public key encryption may be performed on the remaining elements other than. However, the present invention is not limited to this, and the integer Yi may be converted to the integer Zi by reversibly converting the numbers in the numeration system so as to correspond to each other in a one-to-one correspondence according to a rule prepared in advance. These substitutional encryption may be performed every time without depending on the loop counter L, and depending on the loop counter L, it may be performed based on a predetermined value of L, such as only the first time or only even times. It can be designed as appropriate.

式中、Ｒｏｔ^−１（）は、換字式暗号化により生成した整数Ｚｉに対して、暗号化の鍵Ｒを用いて元の整数Ｙｉに復号化する関数である。 Further, in the step of decrypting a substitution-encrypted integer using substitution decoding according to the method of the present invention, the integer before conversion is decrypted from the integer transformed using the substitution encryption described above. Is done. For example, when decoding the original integer Yi from the converted integer Zi, the substitution decoding shown in the following equation can be used.

In the equation, Rot ⁻¹ () is a function for decrypting the integer Zi generated by the substitution encryption into the original integer Yi using the encryption key R.

  The method of the present invention uses both encryption using the above power residue and substitutional encryption in encryption, and uses both in reverse order in decryption. The order of each encryption may be any, and after performing substitution-type encryption in the encryption, encryption using a power residue may be performed, or these may be replaced and encrypted. Decryption may be performed in the reverse order by the substitution procedure included in the corresponding encryption or by the power residue.

  In the method for encrypting and decrypting an integer according to the present invention, since the integer E of the formula (I) is selected under the condition that overflow occurs, the encrypted integer is used in a computer apparatus or the like that does not use the method of the present invention. Yi cannot be obtained accurately, and encryption with high information confidentiality can be performed. Further, repeating the encryption using the same method may be equivalent to one-time encryption using another key, but in the present invention, includes substitution-type encryption which is a method different from the power residue, By superimposing, multiple independent encryptions are used, and the original information can be remarkably difficult to decipher. That is, high security is ensured in the present invention based on the difficulty of deciphering because F is difficult to be known by a third party and substitution encryption and encryption using a power residue can be repeatedly used independently. Yes. Details of superposition and repetition will be described later.

  Further, in the method for encrypting and decrypting integers according to the present invention, these integers are also converted into other integers by substitution encryption for 0, 1 and N which are singular points in power residue encryption. By converting, it becomes possible to encrypt to an integer that is not a singular point of a power residue. That is, in the method according to the present invention, the singular point in the prior art may be included in the original integer, and since there is no singular point that can be used as a clue by a third party, higher confidentiality can be provided. become.

Furthermore, in the method for encrypting and decrypting integers according to the present invention, subscript encryption is performed on integers other than these, utilizing the fact that 0, 1 and N are singular points in power residue encryption. May be. Specifically, each integer digit in a range not including any of 0, 1, or N may be substituted for the integer N. Accordingly, the substitution cipher from an integer in the range of “1 or more and N or less”, “2 or more and N or less”, “1 or more (N-1) or less”, or “2 or more (N-1)” or less. An integer to be converted and combined may be selected. In this way, the method of encrypting and decrypting integers according to the present invention selects the range of substitutional encryption and decryption while keeping 0, 1 and N as singular points of encryption with a power residue. By doing so, it is possible to make the decryption by a third party more difficult.
In addition to these four ranges, ranges of “0 or more and N or less” and “0 or more and (N−1) or less” can be included in the implementation of substitutional encryption and decryption for the singular points. The selection of the range of substitutional encryption and decryption according to the present invention may be any of these six ranges, for example, a narrower range such as “(N−3) or more and N or less”, and the like. Can be designed.

(3) The method of encrypting and decrypting the integer according to (2), wherein the substitution encryption key is an integer selected according to a random rule.

  The substitution encryption key R is information with the possibility or danger of being used for decryption by a third party, and is not inferred from any information including an integer encrypted by the present invention or an encrypted integer. It is desirable. Therefore, in the method for encrypting and decrypting an integer according to the present invention, it is possible to make it difficult for a third party to decrypt the encryption by selecting a substitution encryption key R based on a randomly generated integer. .

  In one embodiment, the substitution encryption key R prepares a set of prime numbers in advance, orders the elements of this set, generates an integer random number less than the maximum order number, and generates the generated random number. It can be selected as an element having an order. In another embodiment, the substitution encryption key R generates an integer random number less than or equal to the integer to be encrypted, and can be selected from prime numbers having the smallest difference from the generated random number. The same applies to selecting values for other variables. The values of the variables may be selected not only by these selection procedures but also by a selection procedure that can be associated with the generated random number. By doing so, in the method for encrypting and decrypting integers according to the present invention, it is possible to make it more difficult for a third party to decrypt the encryption.

(4) After converting the integer Xi to the integer Yi using the expanded form, the integer Yi is converted to the integer Zi using the substitution encryption, an encryption step in which the power residue and the substitution are continuous, and the substitution decryption And decrypting the integer Yi into an integer Yi using the conversion, then decrypting the integer Yi into Xn, and decrypting the substitution and the power residue in succession, and encrypting the integer according to (2) How to decrypt.

  In this way, in the method for encrypting integers according to the present invention, by using different encryption methods in succession, it is possible to obtain a more confidential encryption that cannot be obtained by repeating the same encryption method. Can be realized. Even in the method for decrypting an integer according to the present invention, since accurate decryption cannot be performed without knowing the corresponding encryption procedure, more labor is required for decryption by a third party. Therefore, in the method for encrypting and decrypting an integer according to the present invention, it is possible to give extremely high confidentiality to the original integer.

(5) The step of encrypting the power residue and the substitution and the step of decoding the substitution of the substitution and the power residue are performed at least two times, and the integer described in (4) is encrypted. How to decrypt.

  By doing in this way, in the encryption step, the power residue and substitution are repeated alternately. Since the adjacent encryption methods are different from each other, each encryption is performed independently of each other. That is, since two adjacent encryptions cannot be replaced with an equivalent power residue or substitution encryption, an integer encrypted using successive encryption steps according to the present invention is determined by a third party. Deciphering requires a lot of work. Similarly, since two adjacent decryptions in successive decryption steps cannot be replaced with an equivalent power residue or substitution encryption, in the method of encrypting and decrypting an integer according to the present invention, It becomes possible to give very high confidentiality to the original integer.

(6) The integer Xi is an integer converted using substitution encryption, an encryption step in which substitution and power residue are continued, and substitution decoding on the integer Xn decrypted from the integer Yi. A method for decrypting by encrypting the integer according to (2), comprising: a step of decrypting the power residue and a substitution character, wherein the integer is decrypted.

  In the method for encrypting and decrypting an integer according to the present invention, substitution encryption and encryption using a power residue are alternately performed as a continuous encryption step, and decryption using a power residue as a continuous decryption step And substitutional decryption may be performed alternately in reverse order corresponding to encryption. As shown in the above (2), when the encryption using the power residue in the encryption is performed first, the substitutional decryption may be performed in the decryption first, as shown in (4) When substituting encryption is performed first in encryption, decryption using a power residue in decryption may be performed first. The fact that these sequential procedures can be performed is that the encrypted integer is correctly decrypted only on the basis of accurate information when encrypted using the method according to the present invention, and the accurate information is A non-based decryption attempt means that much time is required for decryption. Therefore, in the method for encrypting and decrypting an integer according to the present invention, it is possible to give extremely high confidentiality to the original integer.

(7) The encryption step in which the substitution character and the power residue are continued, and the decryption step in which the power residue and the substitution character are continued are performed at least two or more times. The integer according to (6) is encrypted and decrypted. How to turn.

  Similar to the encryption step shown in the above (3), in the present invention, the substitution and the power residue may be alternately repeated for encryption. Since the adjacent encryption methods are different from each other, the respective encryptions can be performed independently of each other. That is, since two adjacent encryptions cannot be replaced with an equivalent power residue or substitution encryption, an integer encrypted using successive encryption steps according to the present invention is determined by a third party. Deciphering requires a lot of work. Similarly, two adjacent decodings in successive decoding steps cannot be replaced with an equivalent power residue or substitution decoding. In the present invention, these iterative procedures can be performed, and the encrypted integer is correctly decrypted only on the basis of accurate information when encrypted using the method according to the present invention. On the other hand, in a trial of decryption by a third party that is not based on the accurate information, enormous effort is required for decryption. Therefore, in the method for encrypting and decrypting an integer according to the present invention, it is possible to give extremely high confidentiality to the original integer.

(8) The same number of times of at least two or more is selected from the group consisting of a predetermined positive integer, a positive integer obtained by encrypting the predetermined positive integer, and a randomly generated positive integer, (5) or A method of encrypting and decrypting the integer described in (7).

The number of times may be set as a numerical value stored in a loop counter or the like for control in the computer program. The number of times may be two or more, but a lower limit may be set in advance in order to ensure the strength of encryption. Further, an upper limit may be set in advance in order to shorten the time for calculation processing of encryption and decryption. Therefore, the value of the number of times in the method of encrypting and decrypting an integer according to the present invention is a positive integer obtained by encrypting a predetermined positive integer and a predetermined positive integer according to a preset lower limit and / or upper limit range. And a group consisting of randomly generated positive integers. Any method may be used to encrypt the number of times.
In this way, by making the number of times that can be a variable independent of both encryption using power residue and substitution-type encryption, the number of times becomes unknown to a third party. That is, the trouble of third party decoding can be further increased. Therefore, in the method for encrypting and decrypting an integer according to the present invention, it is possible to give extremely high confidentiality to the original integer.

(9) Substitution type encryption is selected from the group consisting of single table type encryption, multi-table type encryption and automatic key encryption, and substitution type decryption corresponds to substitution type encryption. A method for encrypting and decrypting an integer according to (2), selected from the group consisting of encryption, multi-table decryption and automatic key decryption.

  The substitution encryption according to the present invention can use substitution encryption known in the art in addition to the above-mentioned Caesar encryption. Single-table encryption may be well-known encryption including single substitution encryption, single-substitution encryption, and simple substitution encryption, and multi-table encryption includes visionnel encryption, progress key encryption, square Known encryption including encryption using a substitution table may be used, and automatic key encryption may be encryption in which the encryption key is automatically changed or updated based on the original integer and / or ciphertext. . Also in the decryption according to the present invention, substitutional decryption can be used in the same manner as encryption, and decryption procedures corresponding to various methods enumerated as encryption can be used.

(10) Further, before generating the integer Yi converted from the integer Xi, a step of adding an integer T equal to or less than the integer Xi from the integer Xi and replacing the integer Xi, and after decoding the converted integer Yi into the integer Xn Subtracting the integer T from the integer Xn and substituting the integer Xn, and encrypting and decrypting the integer according to (2).

The integer T is a so-called offset. In the encryption and decryption according to the present invention, in addition to the above-described substitutional encryption and decryption, the offset is applied by adding a numerical value and the offset is erased by subtracting the numerical value. Information can be concealed using.
In particular, in encryption and decryption using a power residue, 0, 1, and the original integer itself can be singularity without being converted in the conventional public key encryption technology, etc., but in the present invention, an offset is used. Thus, it is possible to change the numerical value of the singular point in the conventional method. Therefore, in the present invention, it is possible to perform encryption and decryption while avoiding the problems related to the singularities of the conventional method. Here, when the integer (Xi + T) obtained by adding the offset T exceeds the product N of the prime numbers A and B, the range of the integer Xi accepted as an input may be less than (N−T), and the product N The prime numbers A and B may be selected anew so as to exceed an integer (Xi + T), and can be appropriately designed.

(11) The method of encrypting and decrypting the integer according to (10), wherein the integer T is an integer selected according to a random rule.

  Like the variable E, variable F, prime number A, prime number B, prime number product N, arbitrary integer number m, etc., the integer number T is also information with the possibility or danger of being used for decryption by a third party. It can be. In the method for encrypting and decrypting an integer according to the present invention, it is possible to make it difficult for a third party to decipher the cipher by making the integer T an integer selected by a random rule using a random number or the like.

式中、Ｍは記数法の底であり、Ｃｄは下位の桁の数であり、Ｃｄは少なくとも１であり、置き換えたＸｕ又はＸｄを用いて剰余計算を実施する、（１）に記載の整数を暗号化し復号化する方法。 (12) The expanded form divides the Xi digit into two, generates an integer Xu represented by the upper digit of the divided digit and an integer Xd represented by the divided lower digit, and uses the following formula: Is to replace Xi,

Where M is the base of the numeration system, Cd is the number of the lower digits, Cd is at least 1, and the remainder calculation is performed using the replaced Xu or Xd. A method of encrypting and decrypting integers.

In this way, in the method of encrypting and decrypting an integer according to the present invention, after selecting E in the above-mentioned formula (I) under the condition that overflow occurs, Xi using the formula (VII) is used. Yi that is an encrypted integer can be obtained accurately by avoiding overflow.
Therefore, in the calculation of the power of Xi expressed as the above-described formula (I), the power integer calculation process is performed by appropriately dividing the original integer Xi into upper and lower digits using the formula (VII). It becomes possible to avoid overflowing digits.

(13) The method of encrypting and decrypting the integer according to (1), wherein the integer Xi is an integer reversibly converted from a part or all of characters or numbers included in the identifier.

  The identifier according to the present invention is typically a computer-processable character (including a number as a character) or a numerical value, and the character can be converted into a unique integer by using a known technique such as a character code. Therefore, in the method for encrypting and decrypting integers according to the present invention, characters or numerical values that can be associated with unique integers can be encrypted and decrypted as original integers.

(14) The integer Xi is an integer reversibly converted from a part or the whole of the one-dimensional image reversibly converted from the one-dimensional image or the two-dimensional image, and the integer described in (1) is encrypted. To decrypt.

  An image according to the present invention is typically image data that can be processed by a computer. For example, one pixel has an 8-bit gradation value for each color of R (red), G (green), and B (blue). It can be an unsigned 24-bit integer. A two-dimensional image may be converted into a one-dimensional image by rearranging pixels according to a predetermined procedure. In this way, an image consisting of pixels can be treated as an integer, and a particular image is associated with a unique integer. The number of pixels included in the original integer to be encrypted can be designed as appropriate. Therefore, in the method for encrypting and decrypting integers according to the present invention, a one-dimensional or two-dimensional image that can be associated with a unique integer can be encrypted and decrypted as an original integer.

(15) In addition, prior to encryption, the method further includes the step of replacing at least one digit with the original integer by adding at least one digit to the original integer, and encrypting and decrypting the integer according to (1) Method.

In this way, an integer obtained by adding an arbitrarily selected number of digits to the encrypted integer Xi can be generated and used for encryption input. The integer Wi with the increased number of digits can change depending on the increased number of digits and the number of each digit included in the integer of the number of digits even if the original integer Xi is the same. Therefore, different integers Wi can be generated and used for encryption based on the same Xi and an arbitrarily selected integer of digits.
In one embodiment, the encrypted integer Xi is an integer such as 4 digits, 6 digits, or 8 digits that is generated based on a character string that includes date of birth date information, and is an arbitrarily selected digit. The number can be, for example, a two-digit integer. The user of the method for encrypting and decrypting an integer according to the present invention can generate an integer Wi with an increased number of digits, which is generated from the same integer based on his / her date of birth and an arbitrarily selected two-digit integer. A plurality of encrypted integers can be generated and used by properly using the 2-digit integer as an input for encryption. Even if the integer to be encrypted is, for example, 10 digits, the user does not have to store all the digits for each purpose of use, and the two-digit integer may be used properly.
Therefore, in the method for encrypting and decrypting an integer according to the present invention, even if an integer is associated with a character string including personal information such as a date of birth, the number of digits selected arbitrarily is increased. By making it possible, a plurality of encrypted integers can be generated and used properly.

(16) The method for encrypting and decrypting an integer according to (15), further including a step of removing at least one digit added from the decrypted integer after decryption.

  By doing so, in the method for encrypting and decrypting an integer according to the present invention, it is possible to completely decrypt the original integer Xi from the integer Wi having an increased number of digits after decryption.

(17) A computer program for executing each step of the method according to any one of (1) to (16) using a computer.

  Thereby, each step of the method for encrypting and decrypting an integer according to the present invention can be executed by a computer. Accordingly, each step relating to encryption and decryption can be automatically processed using a computer.

(18) A computer-readable medium including a numerical value encoded using each step of the method according to any one of (1) to (17).

  Thus, using the method for encrypting and decrypting integers according to the present invention, it is included in arbitrary data to be recorded on the storage medium and / or a file allocation table for referring to a specific storage area of the storage medium. Numeric values can be encrypted and decrypted. The data or the numerical value may be anything as long as it can be regarded as an integer. That is, according to the present invention, a computer-readable medium concealed from a third party can be provided. Specifically, the computer-readable medium includes any form such as an electrical storage medium such as a flash memory, an optically readable medium such as a CD-ROM, and a magnetic storage medium such as a hard disk. The computer-readable medium that can be provided by using the method for encrypting and decrypting an integer according to the present invention does not need to go through a computer network or the like in various stages of encryption or decryption, and is in an offline state separated from the network or the like However, information encoded using the encryption and decryption methods according to the present invention can be stored. Accordingly, the present invention can provide a computer-readable medium that uses encryption and decryption methods independently, independently of security technologies that operate in cooperation with communication technologies.

ｍを任意の整数として次式を成立するＦを用意する秘密鍵生成部と、

次式を用いて変換したＹｉをＸｎに復号化する剰余復号化実行部と、

を含み、式中、Ｅは暗号化のための鍵をランダムな規則により選択するステップにより選択される、整数を暗号化し復号化する装置。 (19) A method for encrypting and decrypting an integer Xi, wherein an encryption key selection unit that selects a key for encryption according to a random rule, and two prime numbers A and B having a product N exceeding Xi are generated. The prime number generator to be used and the product of (A-1) and (B-1) as D, the least common multiple of (A-1) and (B-1) as K, and D or K and a prime number Is a residue encryption execution unit that generates an integer Yi obtained by converting the integer Xi using the expanded form of the following equation under the condition that the E power of the term Xi in the following equation causes overflow in the integer operation of the calculation means When,

a secret key generation unit that prepares F that satisfies the following expression, where m is an arbitrary integer;

A remainder decoding execution unit for decoding Yi converted using the following equation into Xn;

A device for encrypting and decrypting an integer, wherein E is selected by selecting a key for encryption according to a random rule.

In the integer encryption / decryption device according to the present invention, it is only necessary to be able to detect overflow in integer arithmetic in the CPU or detection of overflow in integer arithmetic during program execution.
In the integer encryption / decryption device according to the present invention, after selecting E in the above-described formula (I) under the condition that overflow occurs, Xi is expanded using, for example, the above-described formula (VII). Thus, Yi which is an encrypted integer can be accurately obtained while avoiding overflow.
Further, in the integer encryption and decryption device according to the present invention, the substitution method and execution unit are used in superposition on the power residue encryption and decryption, so that a single method is obtained. It is possible to perform encryption with high secrecy that cannot be obtained by repeating the above, and to generate information for correctly decrypting the integer converted by this encryption.

  Therefore, in the device for encrypting and decrypting integers according to the present invention, it is possible to generate an encrypted integer that secures high security for the integer associated with personal information, etc., and correctly decrypt the encrypted integer. To get the original integer.

ｍを任意の整数として次式を成立するＦを用意する秘密鍵生成手段と、

次式を用いて変換したＹｉをＸｎに復号化する剰余復号化手段と、

を含み、式中、Ｅは暗号化のための鍵をランダムな規則により選択するステップにより選択される、整数を暗号化し復号化するシステム。 (20) A system that encrypts and decrypts an integer Xi, and generates encryption key selection means for selecting a key for encryption according to a random rule, and two prime numbers A and B whose product N exceeds Xi The prime number generating means to perform the product of (A-1) and (B-1) is D, the least common multiple of (A-1) and (B-1) is K, and D or K is a prime number A remainder encryption means for generating an integer Yi obtained by converting the integer Xi using the expansion form of the following expression under the condition that the power of the term Xi in the following expression causes overflow in the integer operation of the calculation means in the following expression: ,

a secret key generating means for preparing F satisfying the following expression where m is an arbitrary integer;

Residue decoding means for decoding Yi converted using the following equation into Xn;

Wherein E is selected by the step of selecting a key for encryption according to a random rule. The system for encrypting and decrypting an integer.

In the system for encrypting and decrypting information according to the present invention, it is only necessary to be able to detect overflow in integer arithmetic in the CPU or detection of overflow in integer arithmetic during program execution. The integer E included in the power calculation represented by the formula (IX) may be selected.
Furthermore, in the system for encrypting and decrypting integers according to the present invention, after selecting E in the above formula (IX) under the condition that overflow occurs, Xi is calculated using, for example, the above formula (VI). Yi that is an encrypted integer can be obtained accurately by expanding and avoiding overflow.
Further, in the system for encrypting and decrypting integers according to the present invention, it is possible to repeat a single method by superimposing the processing by the substitution encryption means and the substitution decryption means on the power residue encryption and decryption. It is possible to generate information for correctly decrypting an integer converted by this encryption by performing encryption with high secrecy that cannot be obtained by.

  Therefore, in the system for encrypting and decrypting integers according to the present invention, it is possible to generate an encrypted integer that secures high security for the integer associated with personal information and the like, and correctly decrypt the encrypted integer. To get the original integer.

  The method, apparatus, system, etc. for encrypting and decrypting integers according to the present invention can be combined with existing information transmission technologies, such as computer network technologies, and such combined technologies are also included in the present invention. Included in the technical scope. Similarly, an information recording system, an information management system, an information processing system and the like including the technique of the present invention are also included in the technical scope of the present invention. In addition, the technique of the present invention allows the encryption and decryption stages to be performed in FPGA (field programmable gate array), ASIC (application specific integrated circuit), equivalent hardware logic elements, programmable. The integrated circuit or a combination thereof can be provided as a program form that can be stored, that is, as a program product. Specifically, the encryption and decryption device according to the present invention can be provided as a form of a custom LSI (large scale integrated circuit) including an input / output, a data bus, a memory bus, a system bus, etc. The form of the program product stored in the circuit is also included in the technical scope of the present invention.

  According to the present invention, to identify an individual using both a method in which a computer encrypts and decrypts an integer under conditions that cause overflow, and a method in which a key is selected based on a random rule such as a random number. An integer obtained by encrypting the identification number or the like can be generated. Therefore, according to the present invention, there is an effect that the identification number can be concealed by making it extremely difficult to estimate the identification number or the like from the integer generated for a third party. In addition, according to the present invention, decryption by a third party becomes extremely difficult by performing encryption and decryption by superimposing a method for selecting a key based on a random rule such as a random number. It is possible to improve the confidentiality of the identification number and the like. That is, the present invention can provide a form that can be concretely implemented and commercialized for a target to which random numbers can be applied, and has the effect of dramatically improving the difficulty of decoding compared to simple logic. is there. Furthermore, according to the present invention, each encryption is independently performed by alternately repeating encryption using a residue in which a key is to be selected based on a random rule such as a random number and substitutional encryption. Multiplexed encryption can be performed with extremely high confidentiality. Further, according to the present invention, an integer representing a character string including the same personal information such as date of birth and an integer selected arbitrarily are used, a randomly generated key, or an integer with an increased number of digits is used. Thus, by encrypting and decrypting, a plurality of different encrypted integers can be generated from the same personal information and used separately. Furthermore, according to the present invention, it is possible to conceal personal information in various forms including a voice call or a document such as a printed matter.

FIG. 3 is a flow diagram of a method for encrypting an integer, according to one embodiment of the invention. FIG. 4 is a flow diagram of a method for decrypting an encrypted integer, according to one embodiment of the invention. FIG. 4 is a diagram illustrating an example of a personal information hiding procedure using a method for encrypting an integer according to an embodiment of the present invention. It is a figure which shows another example of the personal information concealment procedure using the method which encrypts an integer based on one Embodiment of this invention. It is a figure which shows another example of the personal information concealment procedure using the method which encrypts an integer based on one Embodiment of this invention. FIG. 4 is a diagram illustrating an example of an encrypted integer decryption procedure according to an embodiment of the present invention. FIG. 6 illustrates an example of implementing steps of an encryption method according to an embodiment of the present invention using a spreadsheet-style calculation application package. FIG. 6 is a diagram illustrating an example of calculating and implementing the steps of the decryption method in a spreadsheet-type calculation application package according to an embodiment of the present invention.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[Flow diagram of encryption and decryption]
1 and 2 show a flow chart of a method for encrypting and decrypting an integer according to an embodiment of the present invention. FIG. 1 is an example of a flowchart of a method for encrypting an integer according to the present invention, and FIG. 2 is an example of a flowchart of a method for decrypting the encrypted integer.

[Encryption stages]
First, the encryption steps will be described with reference to FIG. The method for encrypting an integer according to the present invention secures a variable area in step S100 of FIG. Specifically, a memory area of a computer device or the like is appropriately secured for calculation using the variables listed in the following Table 1.

At this time, initial setting of the loop counter L and the like may be appropriately performed.
For example, when the combination of encryption using power remainder and substitution-type encryption is repeated three times as a whole, the integer 3 may be set in the loop counter L in step S100. Without being limited thereto, the loop counter L may be selected from the group consisting of a predetermined positive integer, a positive integer obtained by encrypting the predetermined positive integer, and a randomly generated positive integer.
The loop counter L is an independent variable for both encryption using power remainder and substitution-type encryption, affects the strength of secrecy by encryption, and may affect calculation time for encryption and decryption. .
In order to ensure the strength of confidentiality for the loop counter L, a lower limit may be set in advance. Furthermore, an upper limit may be set in advance in order to shorten the time for calculation processing of encryption and decryption. Therefore, the value of the loop counter L in the method for encrypting and decrypting an integer according to the present invention is a predetermined positive integer according to a preset lower limit and / or upper limit range, and the predetermined positive integer is encrypted. Selected from the group consisting of a positive integer and a randomly generated positive integer. By keeping the loop counter L secret from a third party, in addition to the secrecy of each encryption method, the effort of the third party to decrypt can be further increased. Therefore, in the method for encrypting and decrypting an integer according to the present invention, it is possible to give extremely high confidentiality to the original integer.

  Similarly, the offset T and the arbitrary integer m included in the encryption using the power residue and the key R which is the variable included in the substitution encryption are also selected so as to be secret from a third party. May be.

The integer to be encrypted includes an unsigned integer that can be included in an identifier or the like, but is not limited to this, and an integer in any format can be used in the method according to the present invention. Preferably, the integer to be encrypted can be any integer greater than or equal to zero.
In one embodiment, word lengths of integers Xi, Yi, Zi, Xn, and Yn in a computer device or the like used for calculation are register bits that can be used to represent one integer in an internal instruction of a CPU included in the computer device or the like. Can be within maximum width. For example, in a computer device equipped with a CPU that can execute an integer operation included in an internal instruction using a 16-bit register, the word lengths of integers Xi, Yi, Zi, Xn, and Yn are 16 bits or less. The variable may be 0 or more and 65535 or less in decimal notation.

  After securing the variable area, the method of encrypting an integer according to the present invention includes the steps of encrypting using the remainder to be included in step S10, and the steps of substitutional encryption included in step S30. Implement sequentially.

Step S10 includes steps S110 to S150. First, the method for encrypting an integer according to the present invention generates two prime numbers A and B having a product N exceeding Xi in step S110. The prime numbers A and B may be selected as appropriate by preparing a set of prime numbers in advance. Alternatively, the combination of prime numbers A and B may be automatically selected so that the product N exceeds Xi and the sum becomes the smallest. In this way, the combination of the prime numbers A and B is set to a limited range of prime numbers, and the enormous amount of computer resources required for the subsequent calculations is suppressed, and efficient encryption and decryption calculations are performed. Can be carried out.
Next, in the method for encrypting an integer according to the present invention, in step S120, the product of (A-1) and (B-1) is substituted into D, and (A-1) and (B-1) Substitute the least common multiple for K.
Next, in the method for encrypting an integer according to the present invention, in step S130, E is randomly selected from a set of numbers that are prime with D or K. For example, each element of a set of numbers that is prime with D or K is arranged in ascending order according to the size, an integer type random number is generated with the number of arranged elements as an upper limit, and an element with the generated random number as the order of arrangement The integer E may be selected.
Next, in the method for encrypting an integer according to the present invention, in step S140, whether the term on the right side of the following equation (VIII) (Xi raised to the E power) causes overflow in the integer operation of the calculation means. Determine. If the determination result is true, the process proceeds to step S150, and if it is false, the process returns to step S130.

  The overflow detection is performed by using a flag included in a specific register of the CPU (for example, an overflow flag included in the status register or the condition register) for storing the internal operation status of the CPU included in the calculation means. You may refer to the value, register exception handling in the operating system in advance using the compiler language, etc., and refer to the operation of the exception handling, or an overflow provided by a library attached to the script language or compiler language, etc. • You may refer to error handling and design accordingly.

式中、Ｍは記数法の底であり、Ｃｄは当該下位の桁の数であり、Ｃｄは少なくとも１でありうる。すなわり、このようにして置き換えたＸｕ又はＸｄを用いて、式（ＶＩＩＩ）の剰余計算を実施しうる。
このようにすることで、本発明に係る整数を暗号化し復号化する方法においては、桁あふれを発生する条件で前述の式（ＶＩＩＩ）のＥを選択した後に、式（ＩＸ）を用いてＸｉを展開し、桁あふれを避けて、暗号化した整数であるＹｉを正確に得ることができる。 Next, in step S150, the method for encrypting an integer according to the present invention may generate an integer Yi obtained by encrypting the integer Xi using the expanded form of the formula (VIII). For example, the following expression can be used as the expanded form of the expression (VIII).

Where M is the base of the numeration system, Cd is the number of the lower digits, and Cd can be at least 1. In other words, the remainder calculation of Expression (VIII) can be performed using Xu or Xd thus replaced.
In this way, in the method for encrypting and decrypting an integer according to the present invention, after selecting E in the above-mentioned formula (VIII) under the condition that overflow occurs, Xi using the formula (IX) is used. Yi that is an encrypted integer can be obtained accurately by avoiding overflow.

別の実施形態において、記数法の底であるＭを２とし、Ｘｉの桁数を１６桁、下位の桁数Ｃｔを８桁とする場合、式（ＩＸ）は次式のように表される。

In one embodiment, when M, which is the base of the number system, is 10, the number of digits of Xi is 10 digits, and the number of lower digits Ct is 5 digits, the formula (IX) is expressed as .

In another embodiment, when M, which is the base of the numeration system, is 2, the number of digits of Xi is 16 digits, and the number of lower digits Ct is 8 digits, the formula (IX) is expressed as: The

For example, when the implementation means of the method for encrypting and decrypting an integer according to the present invention is a computer device including a CPU having a 16-bit width register, the value of the original integer Xi is a decimal number 65532, etc. In some cases, in the calculation of the power of Xi, when 2 which is the smallest integer power is used, the integer upper limit value 65535 that can be expressed by using a 16-bit wide register included in the CPU is exceeded. That is, if the calculation of the Xi power of Xi included in the right side of the formula (VIII) is performed according to a normal calculation method in which the original integer is simply raised to a power, an accurate power value may not be obtained.
In the method according to the present invention, the high-order digit and the low-order digit can be separated by using Formula (IX) or its specific example, Formula (X) or Formula (XI). For example, the above-mentioned original integer Xi value 65532 is expressed as a binary number 1111111111111100 (2), divided into upper 8 digits and lower 8 digits, etc., and an integer 11111111 (2) (decimal number) included in the upper 8 digits. 255) and the integer 11111100 (2) (decimal number 252) included in the lower 8 digits, and calculating the square of 255, the product of 255 and 252 and the square of 252 respectively, the product of these integers is It is clear that both are in the range of integers that can be expressed using a 16-bit register provided in the CPU. The same applies to 32-bit wide registers, 64-bit wide registers, and the like.
Therefore, in the calculation of the power of Xi expressed as the above formula (VIII), in the case of the square of Xi that is the smallest number of times, the square of the right side of the formula (XI) is changed to the square of Xu, Xu Xd and the square of Xd are generated, and both of these can be integers less than or equal to the number of digits in the original Xi, thus avoiding overflow. That is, by repeating the procedure of the formula (XI) at an arbitrary power of Xi, it is possible to avoid overflow in the power calculation process.
The number of digits to be divided can be set as appropriate based on the bit width of a register for integer operation of the CPU provided in the calculation means or the like. Preferably, the number of upper digits and the number of lower digits obtained by equally dividing the bit width of the register for unsigned integer arithmetic can be used as the divided digits.

  Through the above steps, Yi which is an integer encrypted using a power residue is obtained from the original integer Xi. The word length required to represent the integer Yi may be the same as the word length to represent the original integer Xi, but is not limited thereto, depending on the use of the encrypted integer Yi, etc. A number or the like that increases the number of digits may be added by combining security means or methods, or an integer Yi may be converted into a character and a character including a symbol or the like may be arbitrarily added. Furthermore, the encrypted integer Yi may be offset using the offset T arbitrarily. Specifically, instead of Yi generated by the operation in step S150, an offset (Yi + T) may be used.

式中、Ｒは換字式暗号化の鍵として用いる整数であり、Ｒｏｔ（）は鍵Ｒを用いて整数Ｙｉを換字式暗号化する関数である。具体的には、Ｒｏｔ（）は、十進法等の記数法を用いて整数Ｙｉを記述して得られる数字の並びを文字列として扱う、公知のシーザー暗号化を用いることができる。例えば、シーザー暗号化における鍵Ｒを整数３として、十進数の数字１文字からなる集合｛０，１，２，３，４，５，６，７，８，９｝の各要素に鍵Ｒを加算し、集合｛３，４，５，６，７，８，９，０，１，２｝の各要素を同一の順番で対応させて換字することが可能である。あるいは、シーザー暗号化とは異なって、鍵Ｒはランダムな順序を用いる情報又は所定の数字の並び方の情報等と関連づけ、対応させる集合はランダムな順序又は所定の数字の並び方でもよい。またあるいは、元の集合の一部の要素に対して鍵Ｒを用いる換字式暗号化を実施してもよく、当該一部の要素の選択には乱数を用いてもよく、当該一部の要素以外の残りの要素に対して公開鍵暗号化を含む任意の暗号化を実施してもよい。これらに限定せず、記数法の桁の数字を予め用意した規則に従って、可逆的かつ一対一に対応するように換字し、整数Ｙｉを整数Ｚｉに変換してもよい。これらの換字式暗号化は、ループカウンタＬに依存せずに毎回実施してもよく、ループカウンタＬに依存して、初回のみ又は偶数回のみ等、Ｌの所定の値に基づいて実施してもよく、適宜設計しうる。
例えば、英字アルファベットを２６進数の１桁の数字として扱い、ｕｎｉｘ（登録商標）オペレーティング・システムが備える文字列をシーザー暗号化するためのｒｏｔ１３関数等を利用してもよい。また例えば、このｒｏｔ１３関数が有する鍵である、整数の１３に換えて任意の１桁の整数を鍵に用い、同様の関数を１０進数の整数に対するシーザー暗号化の関数として定義して用いてもよい。 Furthermore, the method for encrypting an integer according to the present invention sequentially implements the substitution encryption steps included in step S30. Step S30 includes the following steps S310 and S320. First, in the method for encrypting an integer according to the present invention, in step S310, the integer Yi is substitution-encrypted with the key R to generate the integer Zi. For example, the integer Zi is expressed by the following formula.

In the equation, R is an integer used as a key for substitution encryption, and Rot () is a function for substitution-encrypting the integer Yi using the key R. Specifically, Rot () can use a known Caesar encryption that handles a sequence of numbers obtained by describing an integer Yi using a notation system such as a decimal system as a character string. For example, assuming that the key R in Caesar encryption is an integer 3, the key R is assigned to each element of the set {0, 1, 2, 3, 4, 5, 6, 7, 8, 9} consisting of one decimal digit. It is possible to add and replace each element of the set {3, 4, 5, 6, 7, 8, 9, 0, 1, 2} in the same order. Alternatively, unlike Caesar encryption, the key R may be associated with information using a random order or information on how to arrange a predetermined number, and the corresponding set may be in a random order or a predetermined number. Alternatively, substitution encryption using the key R may be performed on a part of the elements of the original set, and a random number may be used to select the part of the elements. Arbitrary encryption including public key encryption may be performed on the remaining elements other than. However, the present invention is not limited to this, and the integer Yi may be converted to the integer Zi by reversibly converting the numbers in the numeration system so as to correspond to each other in a one-to-one correspondence according to a rule prepared in advance. These substitutional encryption may be performed every time without depending on the loop counter L, and depending on the loop counter L, it may be performed based on a predetermined value of L, such as only the first time or only even times. It can be designed as appropriate.
For example, an alphabetic alphabet may be treated as a one-digit number of 26 hexadecimal numbers, and a rot13 function or the like for Caesar encryption of a character string provided in a unix (registered trademark) operating system may be used. Further, for example, an arbitrary one-digit integer may be used as a key instead of the integer 13 which is the key of the rot13 function, and the same function may be defined and used as a Caesar encryption function for a decimal integer. Good.

  Next, the method for encrypting an integer according to the present invention retains information on the number of digits in step S320 if necessary. For example, when the most significant integer Zi generated by substitutional encryption is zero, this information may be held as the number of digits of the integer Yi before conversion. The information on the number of digits held may be used for confirmation of an integer generated at various stages of decoding to be described later.

After performing step S10 and step S30 in succession, the method for encrypting an integer according to the present invention decrements the loop counter L in step S180. In step S190, it is determined whether the loop counter L is 0 or less. If the determination result is true, the process is terminated. If the determination result is false, the process proceeds to step S195, and the steps of step S10 are repeated with the integer Zi generated from the above-described equation (XII) as Xi.
In the repetition, the same values may be reused for the variables A, B, D, and K. The same value may be reused for the pair of variables E and F, but more preferably, the pair of variables E and F is changed depending on the value of the loop counter L so that the decryption by a third party is possible. It becomes possible to make it more difficult.
In this way, the above-described steps are repeated until the determination in step S190 becomes true, and an encrypted integer Zi is obtained. For example, when the loop counter L is set to 3, the steps including the above-described steps S10 and S30 are repeated three times.

  Therefore, in the method for encrypting an integer according to the present invention, the stages of encryption using the remainder to be included in step S10 and the substitution encryption included in step S30 until the loop counter L becomes 0 or less. These steps are performed repeatedly in succession. The stages of encryption using a power residue and the stages of substitutional encryption may be interchanged. That is, after the variable initialization in step S100, the substitutional encryption steps included in step S30 are performed, and thereafter, the encryption steps using the remainder to be included in step S10 are performed. S190 and step S195 may be performed as appropriate.

  Thus, in the method for encrypting an integer according to the present invention, only one of the encryptions can be performed by superimposing the steps of encryption using a power residue and the steps of substitutional encryption. Compared with the case of using it, it becomes possible to ensure extremely high secrecy.

[Decoding stages]
Next, the decoding steps will be described. The method for encrypting an integer according to the present invention secures a variable area and initializes the loop counter L in step S200 of FIG. The securing of the variable area may be the same as that in step S100 in the above-described encryption stages, and the encryption and decryption stages are built in one computer device and the common variable area is encrypted and decrypted. It may be used in both stages. The initialization of the loop counter L can repeatedly use the value of the loop counter L in the encryption corresponding to the decryption. For example, when the loop counter L is set to 3 in encryption, the loop counter L is set to 3 in decryption as well.
Next, the method for decrypting an encrypted integer according to the present invention implements the steps of decrypting the substitution cipher included in step S40 and the steps of decryption using the remainder to be included in step S20. . Here, the number to be decrypted is the encrypted integer Zi described above with reference to FIG.

式中、Ｒｏｔ^−１（）は、換字式暗号化により生成した整数Ｚｉを、鍵Ｒを用いて元の整数Ｙｉに復号化する関数である。 Step S40 includes the steps of S410 and S420. In step S410, information on the number of digits of the integer Zi is restored if necessary. This may be done simply for verification with information held during the encryption process. In step S420, the substitution cipher is decrypted, and an integer Yi is generated from the encrypted integer Zi. For example, the integer Yi is decoded by the following equation.

In the equation, Rot ⁻¹ () is a function for decrypting the integer Zi generated by the substitution encryption into the original integer Yi using the key R.

式（ＸＩＶ）は式（ＩＩ）と同一でもよい。式（ＸＩＶ）において、整数Ｅと関連づけられる整数Ｆが選択されうる。
次いで、本発明に係る暗号化した整数を復号化する方法は、ステップＳ２２０において、次の式（ＸＶ）を用いて当該暗号化したＹｉをＸｎに復号化する。次式（ＸＶ）は前述の式（ＩＩＩ）と同一でもよい。

ステップＳ１５０においてオフセットした（Ｙｉ＋Ｔ）を用いた場合は、Ｘｎの復号化において、ステップＳ２２０の動作に先立って、整数Ｙｉに換えてオフセットを消去した（Ｙｉ−Ｔ）が用いられる。 Next, in the method for encrypting an integer according to the present invention, steps of decryption using the remainder to be included in step S20 are performed. Step S20 includes the steps of S210 and S220. First, the method for encrypting an integer according to the present invention generates F that satisfies the following expression in step S210.

Formula (XIV) may be the same as Formula (II). In formula (XIV), an integer F associated with the integer E can be selected.
Next, in the method for decrypting an encrypted integer according to the present invention, in step S220, the encrypted Yi is decrypted into Xn using the following equation (XV). The following formula (XV) may be the same as the aforementioned formula (III).

When (Yi + T) offset in step S150 is used, prior to the operation in step S220, (Yi-T) in which the offset is deleted is used instead of the integer Yi in the decoding of Xn.

In this way, in the method for encrypting and decrypting integers according to the present invention, since E in the formula (VIII) is selected under the condition that overflow occurs, a computer apparatus that does not use the method of the present invention, etc. The encrypted integer Yi cannot be obtained accurately and encryption with high information confidentiality can be performed.
Furthermore, in the method for encrypting and decrypting an integer according to the present invention, the integer F included in the expressions (XVI) and (XVII) that are not included in the expression (VIII) that is the process of encryption but is included in the expression (XVI) that is the process of decryption. Can ensure high security based on the fact that it is difficult to be known or estimated by a third party.
It should be noted that E and F included in the left side of the formula (XIV) can be used as a public / private key pair related to public key cryptography known to those skilled in the art, and a third party or the like is used for key storage or authentication. Methods relating to public key cryptography, such as being usable, are well known, and can be appropriately incorporated into the present invention.

  After performing step S40 and step S20 in succession, the method for decoding an integer according to the present invention decrements the loop counter L in step S280. In step S290, it is determined whether the loop counter L is 0 or less. If the determination result is true, the process is terminated. If the determination result is false, the process proceeds to step S295, and the steps of step S40 are repeated with the integer Xn generated from the above equation (XV) as Zi. In this way, the above-described steps are repeated until the determination in step S290 becomes true, and a decoded integer Xn is obtained. For example, when the loop counter L is set to 3, the steps consisting of the above steps S40 and S20 are repeated three times.

  Therefore, in the method for decrypting an integer according to the present invention, the stages for decrypting the substitution cipher included in step S40 and the remainder to be included in step S20 are used until the loop counter L becomes 0 or less. The decryption steps are performed repeatedly in succession. The steps of decrypting the substitution cipher and the steps of decoding using a power residue may be in the reverse order of the steps of encryption, and the whole may be exchanged. That is, after the variable initialization in step S200, the various stages of decryption using the remainder to be included in step S20 are performed, and then the various stages of decrypting the substitution cipher included in step S40 are performed, and step S280 is performed. Step S290 and step S295 may be performed as appropriate.

  Thus, in the method of decrypting an integer according to the present invention, the stages of decrypting the substitution cipher and the stages of decryption using a power residue are used in an overlapping manner, and the corresponding stages of encryption are used. It is possible to decrypt the encrypted integer Zi into an integer Xn equal to the original integer Xi.

  In the method for encrypting an integer according to the present invention shown in FIG. 1 and the method for decrypting an integer shown in FIG. 2, an identifier for identifying an individual can be received as an integer type identifier and encrypted. . The present invention is not limited to this, and in the method for encrypting and decrypting integers according to the present invention, various data that can be received by a computer device or the like capable of performing exponentiation and remainder calculation, etc. are also used for encryption and decryption. sell. For example, by encrypting and decrypting an image converted into an integer using the method of the present invention, it is possible to transmit a concealed image to a third party. In addition, for example, a storage medium or the like concealed from a third party is provided by encrypting and decrypting a file allocation table or the like for referring to a specific storage area of the storage medium using the method of the present invention. sell. These storage media that can be provided using the method for encrypting and decrypting integers according to the present invention do not need to be connected via a computer network or the like at various stages of encryption or decryption, and are separated from the network or the like. Encryption and decryption can be performed even in an offline state. Therefore, in the present invention, independent encryption and decryption methods can be provided independently of the security technology operating in cooperation with the communication technology.

[Personal information hiding procedure]
FIG. 3 shows an example of a personal information concealment procedure using an integer encryption method according to an embodiment of the present invention.
The encryption unit 100 is a unit that generates an encrypted integer from the input integer according to the present invention. The encryption unit 100 accepts an identifier including numbers and / or characters for identification possessed by a specific individual 20 as an integer type identifier 30. Specifically, the individual 20 is one of the members belonging to the business entity, and the integer type identifier 30 is an integer of a plurality of digits that is appropriately used to identify a plurality of members in the business entity. May be a member identifier or the like. For example, the form of the member identifier is assigned to each of a plurality of members including a two-digit number representing the year in which the business entity or the like has belonged and other members who have started belonging at the same time. The number is composed of 6-digit numbers and the like, and is an 8-digit number as a whole, and can be set as appropriate. Typically, a specific individual 20 and an integer type identifier 30 are associated one-to-one, and are not associated with other members. In addition, when the member identifier includes English characters, the integer identifier 30 treats all or part of the English characters and numbers as a set of computer-processable character codes, and converts each character code to hexadecimal. The integer type identifier 30 may be configured as a modulo integer. In the method of encrypting and decrypting an integer according to the present invention, the thus converted hexadecimal integer is encrypted, and a set of original computer-processable character codes from the encrypted hexadecimal integer. Can be decrypted. Even in the case where the member identifier or the like is image data, the original image data is handled as a collection of hexadecimal integers, so that encryption and decryption are possible in the same manner.

  The encryption unit 100 includes a random number generation unit 39, and can select an encryption key using a random number in the process of generating an encrypted integer from the input integer according to the present invention. A decryption key associated with the encryption key may also be selected.

  Identification application A (122), identification application B (124), and identification application C (126) can be any application that requires identification of a particular individual 20 using an integer type identifier 30. Although these three identification uses are illustrated in FIG. 1, the type, number, etc. of the identification uses can be appropriately set. It may be a computer network use within the business entity including transmission / reception or the like, an online banking business associated with the business entity, an insurance service, etc., or a recording act related to a business of a specific individual 20 by the business entity. Each identification application A (122), identification application B (124), and identification application C (126) may include information for distinguishing each other from each other in the encryption unit 100. That is, the unique information (62) for the identification application A, the unique information (64) for the identification application B, the unique information (66) for the identification application C, and the like may be different from each other. For example, the specific information for identification use may be a specific integer value, and different values may be used independently as the values of N or E included in the above formula (VIII).

  The encryption unit 100 uses the unique information (62) for the identification application A, the unique information (64) for the identification application B, or the unique information (66) for the identification application C for the received integer type identifier 30, respectively. The encryption calculation A (72), the encryption calculation B (74), or the encryption calculation C (76) can be performed independently for each unique information of the identification use. As described above, the encryption calculation is performed using the expansion form of the formula (VIII) under the condition that overflow occurs in the computer apparatus or the like used by the encryption unit 100 for the calculation including the power of the integer. Steps to generate a generalized integer. As a result of the encryption calculation, an encrypted integer A (42), an encrypted integer B (44), or an encrypted integer C (46) is generated.

Each of the generated encrypted integer A (42), encrypted integer B (44) or encrypted integer C (46) is independently associated with the corresponding identification application A (122), identification application B. (124) or for identification application C (126).
For example, when the identification application A (122) is the use of a computer network inside the business entity, the encryption unit 100 according to the present invention encrypts the identifier instead of the integer identifier 30 for identifying the specific individual 20. The converted integer A (42) can be provided to the computer network 132 of the entity through the information transmission path A (82). The information transmission path A (82) can be, for example, a local area network in the business entity.
Further, for example, when the identification use B (124) is a recording act or the like related to the business of the specific individual 20 by the business entity, the encryption unit 100 according to the present invention is an integer type for identifying the specific individual 20 The integer B (44) encrypted in place of the identifier 30 can be provided to the work management storage device 134 or the like of the business entity via the information transmission path B (84). The information transmission path B (84) can be, for example, a terminal device and a storage device for recording a visitor provided appropriately at the entrance and exit of the business entity.

The encryption unit 100 is not limited to the numerical data that can be processed by the computer, and the encryption unit 100 converts the encrypted integer C (46) in place of the integer identifier 30 for identifying the specific individual 20 into the information transmission path C ( 86) to an unspecified other person 136 or the like. The information transmission path C (86) may be in any form including oral or document. For example, the unspecified other person 136 is a person in charge of accepting a group insurance service business operated independently of the business entity, and the specific individual 20 who is a member of the business entity is informed of the information transmission path C ( 86), an encrypted integer C (46) can be transmitted as information for identifying itself in the group health service using a telephone of a general public line. This transmission includes any form such as a telephone call, a facsimile, and an electronic mail. Therefore, even if the voice of a telephone call or the like is heard by a third party around, the content of this transmission is intercepted by an irrelevant third party, the encryption means 100 according to the present invention. Since the integer C (46) encrypted by the above is an integer different from the integer identifier 30 for identifying the specific individual 20, the third party knows the integer identifier 30 from the intercepted content. I can't. That is, the personal information can be concealed by using the encryption means 100 according to the present invention.
In this way, in the encryption means 100 according to the present invention, an encrypted integer that is different for each identification purpose is generated from the integer type identifier 30 associated with the specific individual 20, and the individual of the specific individual 20 is generated. Information can be hidden.

Furthermore, the encryption unit 100 according to the present invention may collectively encrypt the identifiers of a plurality of members in a specific identification application.
The encryption means 100 according to the present invention can conceal specific personal information for specific identification applications. Since the integer type identifiers 30 received by the encryption unit 100 are different for each specific individual 20, an encrypted integer is generated for each individual integer type identifier 30. Therefore, even if the identification application A (122), the identification information A unique information (62), and the encryption calculation A (72) are constant, a plurality of members in the business entity having different integer type identifiers 30 , Each can obtain a different encrypted integer A (72).
For example, the network administrator of the business entity selects the specific information (62) of the identification use A according to the specific conditions such as the date and time of network maintenance, and thereby the network account information of a plurality of members of the business entity. Each of these can be encrypted separately and collectively. The network administrator or the like can manage the conditions for selecting the unique information (62) for the identification use A, thereby collectively storing and managing the account information of a plurality of members. Furthermore, by concealing explicit account information from a third party who does not know this value because the integer F included in the formula (XVI) and formula (XVII) is difficult to be known or estimated by a third party. Is possible.

  In FIG. 3, the encryption means 100 according to the present invention is used from a specific individual 20 toward the computer network 132 of the business entity, the work management storage device 134 of the business entity, or an unspecified other person 136. Although the integer type identifier 30 is encrypted and transmitted, the encryption unit 100 according to the present invention can be used even if the subject of transmission and reception is switched. That is, the integer type identifier 30 stored by a server device (not shown) connected to the computer network 132 of the business entity is encrypted as an input to the encryption means 100 according to the present invention according to the above-described procedure. An integer A (42) or the like may be generated and transmitted to the specific individual 20. By doing so, the business entity can encrypt the identification information of the member or information related to the business, etc., and urge the employee to use the encrypted identifier, etc., to increase security. become.

  Specifically, the encryption unit 100 according to the present invention can be implemented using an integer calculation library or the like built in an application such as a general-purpose worksheet that can be executed by a personal computer or the like. Therefore, in the method of encrypting and decrypting integers according to the present invention, it is possible to encrypt and decrypt employee numbers and the like using an existing computer without preparing a dedicated computer or the like. is there. Furthermore, in the present invention, if the method for encrypting and decrypting an integer according to the present invention is not used, overflow in any stage of encryption or decryption occurs, and accurate encryption and / or decryption is performed. Therefore, it is possible to conceal personal information such as member identifiers from a third party who does not implement the method of the present invention.

[Another form of personal information hiding procedure]
FIG. 4 shows another example of a personal information hiding procedure using a method for encrypting an integer according to an embodiment of the present invention. Descriptions of parts common to those in FIG. 3 are omitted.

In FIG. 4, the encryption unit 100 can appropriately add an additional digit 37 to the integer type identifier 30 received from a specific individual 20. This additional digit may be an integer, similar to the integer type identifier 30. The number of digits of the additional digit 37 may be any number, for example, 2 digits, 3 digits, or 4 digits. The additional digit 37 may be added to the integer type identifier 30 from the left side or from the right side. Alternatively, the integer type identifier 30 may be divided at a predetermined digit and an additional digit 37 may be inserted, and an additional mode of the additional digit 37 may be set as appropriate. Further, the value of the additional digit 37 may be any value, and may be arbitrarily prepared by an entity or system using integer encryption and decryption according to the present invention, or may be determined in advance from the integer identifier 30. It may be generated by a procedure. For example, the lower two digits of the value obtained by calculating the sum of the digits of the integer type identifier 30 may be used as the additional digits 37. Further, the additional digit 37 may be prepared independently for each identification application depending on the identification application A (122), the identification application B (124), the identification application C (126), and the like.
By adding the additional digit 37, the identifier 38 with an additional digit, which is a new integer including the integer type identifier 30 and the number of each digit included in the additional digit 37, can be generated.

式中、Ｘ_３８は桁増しした識別子３８の値、Ｘ_３０は整数型の識別子３０の値、Ｘ_３７は追加の桁３７の値であり、Ｍは記数法の底である。例えば、これらの整数が１０進法の整数であるときには、Ｘ_３８の値はＸ_３０を１００倍してＸ_３７を加えた値でありうる。記数法は１０進法に限らず、２進法、８進法又は１６進法等を任意に用いうる。桁増しする桁の数は２桁に限らず適宜設定しうる。 In one embodiment, the digitized identifier 38 is generated as an integer with an additional digit 37 added to the right of the integer type identifier 30. For example, when the integer type identifier 30 is an 8-digit integer and the additional digit 37 is a 2-digit integer, the identifier 38 with an additional digit is an integer with 10 digits, and the value of the identifier 38 with an additional digit is It is expressed by a formula.

Where X ₃₈ is the value of identifier 38 incremented by digits, X ₃₀ is the value of integer type identifier 30, X ₃₇ is the value of additional digits 37, and M is the base of numeration. For example, these integers is at an integer _decimal, the value of _{X 38} may be a value obtained by adding _{X 37} and the _{X 30} 100 times. The number system is not limited to the decimal system, and a binary system, an octal system, a hexadecimal system, or the like can be arbitrarily used. The number of digits to be added is not limited to two digits and can be set as appropriate.

  The steps of encryption for an extended identifier 38 including additional digits 37 may be performed depending on the flow diagram of one embodiment shown in FIG. 1 or the identification application of one embodiment shown in FIG. This is the same as the encryption procedure. Similarly, the encryption key is selected by a random selection rule using the random number generating means 39 or the like. That is, the encrypted integer generated by the various stages of encryption shown in FIG. 4 may be generated as computer-processable data using the computer network 132 or the work management storage device 134. You may generate | occur | produce in the form of the audio | voice or publication etc. which the specific others 136 can know.

  In one embodiment, an entity that uses a number or the like included in a member's date of birth as an identifier is included in the date of birth of the member using the method of encrypting and decrypting an integer according to the present invention. An arbitrary two-digit number can be combined as an additional digit 37 in addition to the number to be displayed. Thus, even if there are multiple members with the same date of birth, if any two-digit numbers are different from each other, the generated encrypted numbers are different from each other. The business entity or the like can identify the member using the encrypted integer.

  In this way, by adding the additional digits 37 having a predetermined number of digits, the integer input to the various stages of encryption of the encryption means 100 according to the present invention is the identification that the specific individual 20 or the like has. Is no longer the information for itself. By encrypting the integer obtained by adding digits, the encryption of the integer according to the present invention enables the encryption in which the personal information of the specific individual 20 or the like is further concealed.

[Another form of personal information hiding procedure]
FIG. 5 shows still another example of the personal information hiding procedure using the method of encrypting an integer according to an embodiment of the present invention. Descriptions of parts common to those in FIG. 3 are omitted.

  In the personal information concealment procedure shown in FIG. 5, it is shown that the encryption unit 100 according to the present invention can include the random number generation unit 39 and the offset information 40.

In one embodiment, the encryption unit 100 according to the present invention can generate a random number using the random number generation unit 39 and encrypt the integer type identifier 30 based on the generated random number.
As described above, the random number generated by the random number generation means 39 is used for selection of the encryption key according to the present invention, and further, the substitution encryption key R included in step S30 described above with reference to FIG. Can be used for selection. Specifically, the selection of the substitution encryption key R may be performed by selecting a prime number nearest to the generated random number. That is, a prime number having the smallest difference from the generated random number may be selected from a set including prime numbers without duplication. Alternatively, the selection of the key R for substitution encryption is performed by preparing a number sequence in which elements (that is, prime numbers) are arranged in ascending or descending order from a set including prime numbers without duplication, and the upper limit of the random number is set as the number of elements in the set. An element (that is, a prime number) having the generated random number as a term number may be selected from the number sequence. Not limited to these, the association between random numbers and prime numbers can be designed as appropriate.

  In another embodiment, the encryption unit 100 according to the present invention may perform the steps of encryption shown in FIG. 1 after offsetting the integer type identifier 30 using the offset information 40. That is, the encryption unit 100 according to the present invention can add or subtract a predetermined integer type constant to the integer type identifier 30. The predetermined constant to be added or subtracted is subtracted or added at the stage of decoding into the original integer, whereby the integer type identifier 30 can be correctly restored. The offset information 40 is not limited to a constant, and a different value may be selected and used each time the encryption unit 100 according to the present invention operates by accepting one integer type identifier 30. In selecting the different values, the random number generating means 39 described above may be used.

In another embodiment, the encryption unit 100 according to the present invention generates a random number using the random number generation unit 39, and selects the loop counter L in step S190 shown in FIG. 1 based on the generated random number. May be. The loop counter L in step S290 shown in FIG. 2 can be the same value as the loop counter L in step S190 shown in FIG. That is, the loop counter L can be selected from the group consisting of a predetermined positive integer, a positive integer obtained by encrypting the predetermined positive integer, and a randomly generated positive integer.
The loop counter L may set a lower limit in advance in order to ensure the strength of encryption. Further, an upper limit may be set in advance in order to shorten the time for calculation processing of encryption and decryption. Therefore, the value of the loop counter L in the method for encrypting and decrypting an integer according to the present invention is a predetermined positive integer according to a preset lower limit and / or upper limit range, and the predetermined positive integer is encrypted. Selected from the group consisting of a positive integer and a randomly generated positive integer. Thus, by making the loop counter L, which can be a variable independent of both the encryption using the power residue and the substitutional encryption, the trouble of decryption by a third party can be further increased.

  In still another embodiment, the encryption unit 100 according to the present invention may generate a public key that is offset using the offset information 40 with respect to the public key in the public key encryption technology. Specifically, after determining the variable E included in the formula (I), a predetermined integer constant may be added to or subtracted from the variable E to obtain the public key. Therefore, it is a useless procedure for a third party who does not know that this predetermined integer type constant is added or subtracted to use the public key for decryption. Therefore, by applying the offset information 40 to the public key, the confidentiality of information such as an encrypted integer is further enhanced.

  In another embodiment, the encryption unit 100 according to the present invention may encrypt the integer identifier 30 using both the random number generation unit 39 and the offset information 40 described above.

  In FIG. 5, the encryption process is shown as one arrow for each of the identification application A (122), the identification application B (124), the identification application C (126), etc., but FIG. As described above, in the encryption method according to the present invention, for each identification application, encryption using a power residue and substitution-type encryption can be alternately superimposed for a predetermined number of repetitions. The encrypted integer A (42), the encrypted integer B (44) or the encrypted integer C (46) generated for each identification application is information on random numbers generated using the random number generating means 39, If all of the encryption information using the power residue and the substitutional encryption information are not used accurately, neither can be decrypted correctly. Therefore, the personal information concealment procedure according to the embodiment of the present invention requires more types of information for accurate decryption, which further enhances the secrecy compared to known public key encryption technology and the like. Can be increased.

[Example of decryption procedure]
FIG. 6 shows an example of a procedure for decrypting an encrypted integer according to an embodiment of the present invention. In FIG. 6, with respect to numerical values that can be processed by a computer for simplification of explanation, an encrypted integer A (42) and / or an encrypted integer B (generated by the encryption means 100 shown in FIG. 44), the same applies to decryption of an encrypted integer that can be transmitted in the form of a call or a document. Descriptions of portions common to FIG. 3 or 4 are omitted.

FIG. 6 shows that the decryption means 110 according to the present invention accepts an encrypted integer A ′ (52) and / or an encrypted integer B ′ (54) and generates an integer-type decrypted identifier 41. Indicates. Here, the encrypted integer A ′ (52) is the information obtained by the encrypted integer A (42) generated by the encryption unit 100 using the encryption calculation A (72) for the integer type identifier 30. After being transmitted to the computer network 132 or the like via the transmission path A (82), it may be further transmitted to the decoding means 110 according to the present invention via the information transmission path A ′ (102). Therefore, as an integer type numerical value, the encrypted integer A ′ (52) may be the same as the corresponding encrypted integer A (42).
Similarly, the encrypted integer B ′ (54) may be the same as the encrypted integer B (44).

The decryption means 110 according to the present invention performs the steps S200 to S220 shown in FIG. 1 on the encrypted integer A ′ (52) and the encrypted integer B ′ (54), An integer-type decrypted identifier 41 may be generated.
The encrypted integer A ′ (52) is an encrypted integer A (42) generated by using the unique information (62) of the identification application A (122) in the encryption calculation A (72) by the encryption unit 100. It is possible. Since the specific information (62) can be the value of N or E and the value of K included in the above formula (VIII), for example, the value of E and the value of K used in the encryption calculation A (72) Can be used as the specific information (92) in the decoding calculation A (112).
Similarly, the value of E and the value of K used in the encryption calculation B (74) can be used as the unique information (94) in the decryption calculation B (114).
The unique information (92) and / or the unique information (94) may be stored in advance by the decryption means 110, and generated by one or both of the encryption means 100 and the decryption means 110 according to a predetermined procedure. It can be set as appropriate.

FIG. 6 illustrates a network or the like that can transmit numerical values that can be processed by a computer as the information transmission path A (82), the information transmission path B (84), the information transmission path A ′ (102), and the information transmission path B ′ (104). Although an information transmission path is shown, the encrypted integer can be transmitted from the encryption means 100 to the decryption means 110 via any transmission path or transmission means including, but not limited to, audio or a document.
In the method of encrypting and decrypting integers according to the present invention, the integers transmitted through these transmission paths or means are encrypted, and used for encryption under conditions that cause overflow. The original integer cannot be decoded unless the method of the present invention for decoding with a specific numerical value is used. Accordingly, in the present invention, personal information is concealed from a third party who may access a transmission path or a transmission means, and predetermined specific information and predetermined encryption and decryption methods are used. Only the implementation means of the present invention can correctly decrypt the personal information.

  Although FIG. 6 shows the encryption unit 100 and the decryption unit 110 separately, the present invention is not limited to this, and the encryption unit 100 and the decryption unit 110 may be integrated. The form of the transmission path or means for transmitting the encrypted integer may be a computer network, a telephone call including a public telephone line, a facsimile, an electronic mail, or the like, and can be arbitrarily set. Depending on each transmission path or transmission means, a separate encrypted integer may be generated independently from one integer-type identifier 30, and additional digits 37 shown in FIG. The random number generator 39, the offset information 40, or a combination thereof shown in the figure may be used as appropriate, and the integer identifier 30 may be processed and then encrypted. In this way, in the method of encrypting and decrypting an integer according to the present invention, an integer that conceals personal information is identified from one identifier such as a member identifier for each of various information transmission means using the identifier. Can be provided instead. Since the steps of encryption or decryption can be automatically performed using a computer device or the like, the user of the method according to the present invention can set an integer that conceals his / her personal information without being particularly conscious of these procedures. It can be used instead of its own identifier.

  FIG. 6 shows that the integer identifier 30 can be encrypted and sent to the entity's computer network 132 or the entity's work management storage device 134, etc., and then decrypted for the purposes described above. As shown, the decoding means 110 according to the present invention can be used even if the subject of transmission and reception is switched. That is, the integer identifier 30 stored in a server device (not shown) connected to the computer network 132 of the business entity is encrypted by the encryption means 100 according to the present invention and transmitted to the members, etc. The member or the like may decrypt the integer type identifier 30 using the decryption means 110 according to the present invention in accordance with the above-described procedure.

[Example 1: Example of encrypting integer using internal function of worksheet]
FIG. 7 shows an example of implementing the stages of encryption using a spreadsheet-type calculation application package according to an embodiment of the present invention. As a spreadsheet application software package, Microsoft Excel 2007 or the like can be used. However, the present invention is not limited to this, and package software that can perform integer power and remainder calculation can be arbitrarily used.
The integer cryptographic calculation worksheet 200 shown in FIG. 7 may be spreadsheet application data including cells arranged in a plurality of rows and columns. Individual cells included in the integer cryptographic calculation worksheet 200 may be identified using a set of row and column numbers.

The region of 2 rows and 1 column to 15 rows and 1 column and the region of 2 rows and 2 columns to 15 rows (2n + 1) columns included in the integer encryption calculation worksheet 200 are shown in steps S100 to S195 shown in FIG. Can be used for calculations related to encryption stages in
Specifically, the region from 2 rows and 1 column to 15 rows and 1 column is used to secure the variable region in step S100 shown in FIG. The region of 2 rows and 2 columns to 15 rows (2n + 1) columns is used for repeating step S10 and step S30 shown in FIG. FIG. 7 shows an example in which the same values are repeatedly used for the variables A, B, D, and K, and the variables E, F, and T change at each repetition depending on the loop counter.

  In an exemplary embodiment, a 2 × 1 cell may be used to store the encryption input Xi. The other cells in one column are a pair of prime numbers A and B, a product D of (A-1) and (B-1) and a least common multiple K, a public key and a secret key in decoding using a power residue. Integers Ei and Fi, substitution type encryption key Ri, offset Ti, loop counter L, and the like can be appropriately defined.

  The 3 × 1 cell and the 4 × 2 cell can be used to store two prime numbers A and B. The determination that the product of A and B exceeds the input Xi may be displayed using, for example, a cell with 3 rows and 2 columns. The product of A and B is N in the above-described formula (VIII), and N may be the base of the remainder calculation included in the integer encryption according to the present invention.

  The combination of prime numbers A and B may be automatically selected so that the product N exceeds Xi and the sum becomes the smallest. In this way, the combination of the prime numbers A and B is set to a limited range of prime numbers, and the enormous amount of computer resources required for the subsequent calculations is suppressed, and efficient encryption and decryption calculations are performed. Can be carried out.

  The cell in 7 rows and 1 column can be used to store a D value that is the product of (A-1) and (B-1). The cell of 8 rows and 1 column can be used to store a K value that is the least common multiple of (A-1) and (B-1). A cell of 9 rows and 1 column can be used to store an integer Ei that is prime with D or K. This integer Ei can be used as a public key in public key encryption technology. The cell of 11 rows and 1 column can be used to store the integer F that satisfies the above formula (XVI). This integer Fi can be used as a secret key in public key encryption technology. The cell of 13 rows and 1 column can be used to store the substitution encryption key Ri, the cell of 14 rows and 1 column can store the offset Ti, and the 15 rows and 1 column can store the loop counter L.

These integers Ei can be selected according to random rules in the method for encrypting integers according to the present invention. For example, each element of a set of numbers that is prime with D or K is arranged in ascending order according to the size, an integer type random number is generated with the number of arranged elements as an upper limit, and an element with the generated random number as the order of arrangement The integer E may be selected. The integer Fi can be selected in association with the integer Ei using, for example, the above formula (II) or formula (XIV).
Accordingly, in the present invention, Ei, E1, E2, etc. included in the 9th row in FIG. 7 are integers selected at random, and Fi, F1, F2, etc. included in the 11th row are respectively the corresponding Ei, E1. , E2 and the like and selected from a set satisfying a predetermined condition.

  Each cell in the 10 rows can be used to display whether or not the power of the integer Ei has caused an overflow in the integer operation incorporated in the worksheet. For example, the occurrence of the overflow may be represented by characters such as “error” indicating that the power value of the integer Ei exceeds the range that can be handled in the spreadsheet-type calculation application package. Alternatively, a numerical value or the like representing a false logical value may be displayed in response to the error. Similarly, each cell in the 12th row can be used to display whether or not the power of the integer Fi has overflowed in the integer operation built in the worksheet. On the condition that the power of the integer Ei or the power of the integer Fi generates an overflow, the encryption method using the power residue according to the present invention uses the expansion form shown in Equation (VII) before conversion. You can expand integers to get the exact power remainder. Specifically, it is possible to obtain an integer Y1 in 2 rows and 2 columns as an encrypted integer from an integer offset using an offset T1 of 14 rows and 2 columns with respect to the original integer Xi of 1 row and 2 columns. . At this time, the public key E1 and the secret key F1 resulting from the encryption using the power residue are stored in 9 rows and 2 columns and 11 rows and 2 columns, respectively.

  The variable with the subscript i may be an array. That is, each of Ei, Fi, Ri, and Ti assigned to one cell is {E1, E2,..., En}, {F1, F2,..., Fn}, {R1, R2,. {T1, T2, ..., Tn}, etc., or a sequence using an array format (each term may be defined by a recurrence formula or an arbitrary function as appropriate) may be included in these arrays for each row. Individual integers may be extracted and used.

In a further exemplary embodiment, two columns are used for encryption with a power residue. In FIG. 5, an integer Y1 obtained by performing encryption using a power residue once is stored in 2 rows and 2 columns. The third column is used for substitutional encryption. In FIG. 5, the converted integer Z1 generated by substitutional encryption from Y1 is stored in two rows and three columns.
The values of variables resulting from the various stages of encryption are stored appropriately in the other two columns of cells. For example, the public key E1 is stored in the 9th and 2nd column, the secret key F1 is stored in the 11th and 2nd column, and the offset T1 is stored in the 14th and 2nd column. Similarly, for the other three columns of cells, the substitution encryption key R1 is stored in row 13 and column 3, and the loop counter (L-1) decremented once is stored in row 15 and column 3.
In this way, the converted integer Y1 and other variables E1, F1, and T1 in the encryption using the power residue are stored in the second column from the input Xi, and the third column is an integer converted from the integer Y1. Z1, the other variable R1, and the decremented loop counter (L-1) are stored.

  It is known in the art that an array or the like can be defined in one cell and a plurality of constants, variables, or calculation formulas can be arbitrarily included. That is, a cell of 2 rows and 1 column may store one integer Xi, or may store a number sequence {X1, X2, X3,..., Xk} using an array format. Here, Xk is the number of encryptable integers defined depending on the absolute value of the key in encryption using a power residue, and the number of integers included in this sequence is the same value as the least common multiple K Alternatively, the number may be K-1, K-2, K-3, or the like, and can be arbitrarily set. The first term X1 of the sequence {X1, X2, X3,..., Xk} may be 0, 1 or an integer of 2 or more. For example, when the value of the first term is an integer 2 and the number of integers included in the number sequence is K-1, the number sequence can include K-2 integers as a whole. In the method for encrypting integers according to the present invention, each of such K-2 integers can be separately encrypted to obtain an encrypted sequence of numbers, but the present invention is not limited to this. The number of integers included in the number sequence can be designed as appropriate. Therefore, the user of the present invention can also use an integer that is encrypted by appropriately extracting from a previously calculated encrypted sequence.

Next, the method of encrypting an integer according to the present invention converts the integer Y1 stored in 2 rows and 2 columns into an integer Z1 of 2 rows and 3 columns using substitution-type encryption. This conversion can use R1 in 13 rows and 3 columns as a key for substitutional encryption.
After the integer Z1 is obtained by substitutional encryption, the method of encrypting an integer according to the present invention is the value obtained by decrementing the loop counter L of 15 rows and 1 column and decrementing it to 15 rows and 3 columns (L -1) is stored. If the decremented value is less than or equal to zero, the encryption steps are terminated. If the value of the decremented loop counter is greater than zero, the value of Z1 in 2 rows and 3 columns is treated like the value of Xi in 2 rows and 1 column, the various stages of encryption using the power residue, and the substitution cipher By repeating the steps, the encrypted integer is obtained as Z2 in 2 rows and 5 columns.

  In this way, the method for encrypting an integer according to the present invention repeatedly performs a combination of encryption using a power residue and substitution-type encryption, and the condition that the loop counter becomes zero or less is 2 lines ( In the 2n + 1) column, an integer encrypted as an integer Zn is obtained.

[Example 2: Decoding an integer using an internal function of a worksheet]
FIG. 8 shows an example of implementing the decryption stages using a spreadsheet-style calculation application package according to one embodiment of the present invention. The integer decryption calculation worksheet 220 shown in FIG. 8 can be spreadsheet application data including cells arranged in a plurality of rows and columns. Individual cells included in the integer decryption calculation worksheet 220 may be identified using a set of row and column numbers.

The region of 2 rows and 1 column to 15 rows and 1 column and the region of 2 rows and 2 columns to 15 rows (2n + 1) columns included in the integer decryption calculation worksheet 220 are the steps S200 to S295 shown in FIG. Can be used for calculations related to encryption stages in
Specifically, the area from 2 rows 1 column to 15 rows 1 column is used for securing the variable area and initializing the loop counter L in step S200 shown in FIG. The region of 2 rows and 2 columns to 15 rows (2n + 1) columns is used for repeating step S40 and step S20 shown in FIG.

In an exemplary embodiment, a 2 × 1 cell may be used to store the decoding input Zi. The other cells in one column are the same as the variables in the decoding using the remainder shown in FIG. That is, in the process of encryption corresponding to the decryption input Zi, the values already used can be used for the respective variables A, B, D, K, Ei, Fi, Ri, Ti. Therefore, in decryption, the value of the corresponding encryption variable may be reused to initialize the loop counter L corresponding to the input Zi.
The integer Ei included in the 9th row can be selected by a random rule, as in the case of the integer encryption calculation worksheet 200 shown in FIG.

  In the decryption of the integer according to the present invention, the original integer is decrypted from the encrypted integer by a procedure reverse to the corresponding encryption. For example, when power residue and substitution encryption are repeated in this order combination, the corresponding decryption repeats substitution and power residue decryption the same number of times in this order.

  First, a procedure for converting the input Zi using substitution decoding will be described. In substitution decoding, the integer Zn stored in 2 rows and 1 column is converted into an integer Yn in 2 rows and 2 columns. The substitution encryption key for this conversion is Rn in 13 rows and 2 columns, and the Rn is 13 rows (2n + 1) in the integer encryption calculation worksheet 200 of FIG. 7 used for the corresponding encryption. Can be the same as the Rn in the column.

Next, in the decoding of the integer according to the present invention, decoding using a power residue is performed on Yn of 2 rows and 2 columns, and the offset is eliminated to obtain the integer Xn-1 in 2 rows and 3 columns. . Fn of 11 rows and 3 columns is used as the exponent of the power residue, and Tn of 14 rows and 3 columns is used as the offset value.
After the integer Xn−1 is obtained by decoding using the power residue, the method of decoding the integer according to the present invention decrements the loop counter L of 15 rows and 1 column, and the value decremented to 15 rows and 3 columns. (L-1) is stored. If the decremented value is less than or equal to zero, the decoding steps are terminated. If the value of the decremented loop counter is greater than zero, the value of Xn-1 in 2 rows and 3 columns is treated like the value of Zi in 2 rows and 1 column, and the stages of substitution decoding and the power residue are determined. The decoding steps used are repeated to obtain an integer decoded as Xn-2 in 2 rows and 5 columns.

  Each cell in the 10th and 12th rows can be used to display whether or not the power of the integer Ei and the integer Fi has overflowed in the integer operation incorporated in the worksheet, as in the encryption. On the condition that the power by the integer Ei or the power by the integer Fi generates an overflow, the decoding method using the power residue according to the present invention uses the expansion form shown in Equation (VII) before conversion. You can expand integers to get the exact power remainder.

In a further exemplary embodiment, two columns are used for decoding with a power residue. In FIG. 5, an integer Y1 obtained by performing decoding using a power residue once is stored in 2 rows and 2 columns. Three columns are used for substitution decoding. In FIG. 5, a converted integer Z1 generated by substitution decoding from Y1 is stored in two rows and three columns.
The values of variables resulting from the various stages of encryption are stored appropriately in the other two columns of cells. For example, the public key E1 is stored in the 9th and 2nd column, the secret key F1 is stored in the 11th and 2nd column, and the offset T1 is stored in the 14th and 2nd column. Similarly, for the other three columns of cells, the substitution encryption key R1 is stored in row 13 and column 3, and the loop counter (L-1) decremented once is stored in row 15 and column 3.
In this way, from the input Xi, the converted integer Y1 and other variables E1, F1, and T1 in decoding using the power residue are stored in the second column, and the third column is an integer converted from the integer Y1. Z1, the other variable R1, and the decremented loop counter (L-1) are stored.

  In this way, the method for decoding an integer according to the present invention repeatedly executes a combination of substitution decoding and decoding using a power residue, on the condition that the loop counter becomes zero or less. An integer decoded as an integer X1 in 2n + 1) columns is obtained. By performing these decryption steps in the reverse order of the corresponding encryption steps, the integer X1 obtained in 2 rows (2n + 1) columns of the integer decryption calculation worksheet 220 shown in FIG. , Which is equal to the original integer Xi input in 2 rows and 1 column of the integer encryption calculation worksheet 200 shown in FIG.

  By using the steps of the integer encryption and decryption method according to the present invention, it is possible to generate an overflow in the calculation process at any of the steps of encryption and decryption using a power residue. In a calculation means that does not use the method of the invention, neither correct encryption nor decryption can be performed. In addition, by superimposing substitutional encryption and decryption in addition to the power residue, it is possible to dramatically improve the confidentiality of information in the method of the present invention. Furthermore, in the present invention, since the encryption key is selected according to a random rule, the confidentiality of information can be further increased. Thus, the method for encrypting and decrypting integers according to the present invention and the means for implementing the method can impart high confidentiality to information in the form of integers related to personal information and the like. .

[Time required for decoding]
The time required in the case of searching for the possibility of a decipherment with respect to the integer produced | generated using the method which encrypts the integer based on this invention is illustrated. This can be the computation time for decrypting the secret information using a so-called brute force attack.
Assuming that the computing power of the computer is 1 petaflop per second, that is, 10 15 instructions per second, the computer can execute approximately 10 22 instructions per year.
In the method for encrypting an integer according to the present invention, it is assumed that the original integer is a 6-digit decimal number, and encryption using a power residue and substitution-type encryption are continuously executed. In the case of encryption, when this continuously executed encryption is repeated five times, the total number of independent five-fold substitutional encryption combinations included in the five-time repeated encryption is 10 30 ( That is, 10 6 to the 5th power), and the time required for the brute force calculation by the computer can be calculated to be about 10 8 years (that is, about 100 million years). In the encryption method according to the present invention, encryption using a quintuple independent power residue is further performed, and the keys used for these encryptions can be randomly selected by random number generation means. The time required for decoding can be astronomical figures well over 100 million years. Therefore, the present invention can provide a form that can be concretely implemented and commercialized for a target to which random numbers can be applied, and has the effect of dramatically improving the difficulty of decoding compared to simple logic. is there.
In this way, in the present invention, it is possible to generate an encrypted integer with extremely high secrecy from the original integer by repeatedly performing encryption using a remainder and substitution-type encryption a plurality of times in succession. Is possible. In the present invention, it is possible to encrypt and decrypt identification information or the like for referring to confidential information with high confidentiality by enlarging the effort of decryption by a third party.

  As mentioned above, although demonstrated using embodiment of this invention, the technical scope of this invention is not limited to the range as described in the said embodiment. Various modifications or improvements can be added to the above embodiment. It is apparent from the scope of the claims that the embodiments added with such changes or improvements can be included in the technical scope of the present invention.

20 Specific individuals 30 Integer type identifiers 37 Additional digits 39 Random number generating means 40 Offset information 41 Integer type decrypted identifiers 42, 44, 46, 52, 54 Encrypted integers 62, 64, 66, 92, 94 Unique information 72, 74, 76 Encryption calculation 82, 84, 102, 104 Information transmission path 100 Encryption means 110 Decoding means 112, 114 Decryption calculation 122, 124, 126 Identification application

Claims (20)

A method of encrypting and decrypting an integer Xi,
Selecting a key for encryption according to a random rule;
Generating two prime numbers A and B in which the product N exceeds Xi;
The product of (A-1) and (B-1) is D, the least common multiple of (A-1) and (B-1) is K, and D or a number that is prime with K is E. Generating an integer Yi obtained by converting the integer Xi using the expansion form of the following equation under the condition that the power of the term Xi to the E power causes an overflow in the integer operation of the calculation means:

preparing F satisfying the following expression where m is an arbitrary integer;

Decoding the converted integer Yi into an integer Xn using the following equation:

Including
The E is selected by selecting a key for the encryption according to a random rule.
A method of encrypting and decrypting integers. further,
Converting the integer to a substitution-encrypted integer using substitution encryption;
Decrypting the substitution-encrypted integer using substitution decryption, and
A method for encrypting and decrypting an integer according to claim 1.   The method of encrypting and decrypting an integer according to claim 2, wherein the substitution encryption key is an integer selected according to a random rule. A step of converting the integer Xi into the integer Yi using the expanded form, and then converting the integer Yi into the integer Zi using the substitution encryption, and a step of encrypting a power residue and substitution continuously;
Decoding the integer Yi into Xn after decoding the integer Zi into the integer Yi using the substitution decoding, and successively decoding the substitution and the power residue;
A method of encrypting and decrypting an integer according to claim 2 comprising:   5. The integer is encrypted and decrypted according to claim 4, wherein the step of encrypting the power residue and substitution and the step of decrypting the substitution and power residue are performed at least the same number of times. How to turn. The integer Xi is an integer converted using the substitution encryption, and an encryption step of consecutive substitution and power residue,
Decoding the integer Xn decoded from the integer Yi using the substitution decoding, and successively decoding a power residue and substitutions;
A method of encrypting and decrypting an integer according to claim 2 comprising:   7. The integer is encrypted and decrypted according to claim 6, wherein the step of encrypting the substitution and the power residue and the step of decrypting the power and the substitution are performed at least two times. how to.   The at least two or more identical times are selected from the group consisting of a predetermined positive integer, a positive integer obtained by encrypting the predetermined positive integer, and a randomly generated positive integer. A method for encrypting and decrypting the integer described in 1. The substitution encryption is selected from the group consisting of single-table encryption, multi-table encryption and automatic key encryption,
The substitution decryption is selected from the group consisting of single table decryption, multi-table decryption and automatic key decryption corresponding to the substitution encryption,
A method for encrypting and decrypting an integer according to claim 2. Furthermore, before generating the integer Yi obtained by converting the integer Xi, adding the integer T equal to or less than the integer Xi from the integer Xi to replace the integer Xi;
Decoding the converted integer Yi into an integer Xn and then subtracting the integer T from the integer Xn to replace the integer Xn;
A method of encrypting and decrypting an integer according to claim 2 comprising:   The method of claim 10, wherein the integer T is an integer selected according to a random rule. The expanded form divides the Xi digit into two, generates an integer Xu represented by the upper digit of the divided digit and an integer Xd represented by the divided lower digit, and uses the following equation: Is to replace Xi,

Wherein M is the base of the numeration system, Cd is the number of the lower digits, Cd is at least 1, and a remainder calculation is performed using the replaced Xu or Xd. A method of encrypting and decrypting the described integer.   The method of encrypting and decrypting an integer according to claim 1, wherein the integer Xi is an integer reversibly converted from a part or all of a character or a number included in an identifier.   The integer Xi according to claim 1, wherein the integer Xi is an integer reversibly converted from a part or the whole of a one-dimensional image reversibly converted from a one-dimensional image or a two-dimensional image. How to turn.   The method of encrypting and decrypting an integer according to claim 1, further comprising the step of replacing the integer with an additional digit by adding at least one digit to the original integer prior to encryption.   The method of claim 15 further comprising the step of removing the added at least one digit from the decrypted integer after decryption.   A computer program for executing each step of the method according to claim 1 using a computer.   A computer readable medium comprising numerical values encoded using the steps of the method of any of claims 1-17. A method of encrypting and decrypting an integer Xi,
An encryption key selector that selects a key for encryption according to a random rule;
A prime number generation unit for generating two prime numbers A and B having a product N exceeding Xi;
The product of (A-1) and (B-1) is D, the least common multiple of (A-1) and (B-1) is K, and D or a number that is prime with K is E. A remainder encryption execution unit for generating an integer Yi obtained by converting the integer Xi using the expansion form of the following equation under the condition that the E power of the term Xi causes overflow in the integer operation of the calculation means:

a secret key generation unit that prepares F that satisfies the following expression, where m is an arbitrary integer;

A remainder decoding execution unit for decoding the converted integer Yi into an integer Xn using the following equation:

Including
The E is selected by selecting a key for the encryption according to a random rule.
A device that encrypts and decrypts integers. A system for encrypting and decrypting an integer Xi,
An encryption key selection means for selecting a key for encryption according to a random rule;
A prime number generating means for generating two prime numbers A and B having a product N exceeding Xi;
The product of (A-1) and (B-1) is D, the least common multiple of (A-1) and (B-1) is K, and D or a number that is prime with K is E. A remainder encryption unit that generates an integer Yi obtained by converting the integer Xi using the expansion form of the following equation under the condition that the E power of the term Xi generates overflow in the integer operation of the calculation unit:

a secret key generating means for preparing F satisfying the following expression where m is an arbitrary integer;

Residue decoding execution means for decoding the converted integer Yi into an integer Xn using the following equation:

Including
The E is selected by selecting a key for the encryption according to a random rule.
A system that encrypts and decrypts integers.

Images