JP2023048525A - Data sharing apparatus and data sharing method - Google Patents

Abstract

To provide a data sharing apparatus configured to suppress leakage of information represented by target data while allowing a plurality of users to share the target data.SOLUTION: A data sharing apparatus 10 allows a plurality of users to share target data. Authenticity information acquisition units 111, 121 acquire authenticity information indicating that the users are authentic. A target data encryption unit 132 generates an encryption key and a decryption key, and encrypts the target data based on the encryption key to generate encrypted target data. A decryption key encryption unit 134 encrypts, for each of the users, the decryption key that can be decrypted based on the authenticity information on the users to generate an encrypted decryption key. A target data decryption unit 136 acquires a decryption key by decrypting the encrypted decryption key based on the authenticity information on the users, and decrypts the encrypted target data based on the decryption key, to acquire the target data.SELECTED DRAWING: Figure 4

Description

The present invention relates to a data sharing device and a data sharing method.

A data sharing device is known in which target data is shared by a plurality of users. For example, in the data sharing device described in Patent Literature 1, multiple users share target data representing a contract concluded between the multiple users.

JP 2013-114641 A

By the way, there are cases in which relatively high confidentiality is required for the information represented by the target data, such as when the target data represents a contract concluded between a plurality of users. Therefore, in the data sharing device, it is considered preferable to generate encrypted target data by encrypting the target data and store the encrypted target data instead of the target data.

However, in this case, it is difficult to safely notify multiple users who share the target data of the decryption key used to decrypt the encrypted target data.
As described above, the data sharing apparatus has a problem that the information represented by the target data may be leaked. It should be noted that this type of problem can also occur when the target data represents information other than contracts concluded between a plurality of users.

One of the objects of the present invention is to suppress leakage of information represented by target data while a plurality of users share the target data.

In one aspect, a data sharing device allows multiple users to share target data.
The data sharing device includes an authentic information acquisition section, a target data encryption section, a target data storage section, a decryption key encryption section, a decryption key storage section, and a target data decryption section.
The authenticity information acquisition unit acquires authenticity information for a user, which is information indicating that the user is authentic.
The target data encryption unit receives target data, generates an encryption key and a decryption key respectively used for encryption and decryption of the target data, and encrypts the target data based on the encryption key. generates encrypted target data.
The target data storage unit stores encrypted target data.

The decryption key encryption unit generates an encrypted decryption key by encrypting the decryption key for each of a plurality of users so that the decryption key can be decrypted based on the authenticity information for the user.
The decryption key storage unit stores, for each of a plurality of users, an encrypted decryption key generated for the user in association with the user.
The target data decryption unit obtains the decryption key by decrypting the encrypted decryption key stored in association with the user based on the authenticity information obtained for the user, and obtains the decryption key Based on this, the target data is obtained by decrypting the encrypted target data.

In another aspect, a data sharing method allows multiple users to share target data.
Data sharing method
Acquiring authenticity information for a user, which is information indicating that the user is authentic,
Encrypted Target Data by receiving Target Data, generating an encryption key and a decryption key to be used respectively for encryption and decryption of the Target Data, and encrypting the Target Data based on the encryption key generate and
store the encrypted target data;
generating an encrypted decryption key by encrypting the decryption key for each of a plurality of users so that decryption is possible based on authenticity information for the user;
storing, for each of a plurality of users, an encrypted decryption key generated for the user in association with the user;
Acquire a decryption key by decrypting the encrypted decryption key stored in association with the user based on the authenticity information obtained for the user, and obtain the encrypted decryption key based on the decryption key obtaining the target data by decrypting the target data;
Including.

While a plurality of users share the target data, leakage of information represented by the target data can be suppressed.

1 is a block diagram showing the configuration of a data sharing system according to a first embodiment; FIG. It is a block diagram showing the structure of the data sharing apparatus of 1st Embodiment. It is a block diagram showing the structure of the terminal device of 1st Embodiment. It is a block diagram showing the function of the data sharing system of 1st Embodiment. 4 is a flowchart showing processing executed by the data sharing device of the first embodiment; 4 is a flowchart showing processing executed by the data sharing device of the first embodiment; 4 is a flowchart showing processing executed by the data sharing device of the first embodiment; 4 is a flowchart showing processing executed by the data sharing device of the first embodiment; 4 is a flowchart showing processing executed by the data sharing device of the first embodiment; 4 is a flowchart showing processing executed by the data sharing device of the first embodiment; 4 is a flowchart showing processing executed by the data sharing device of the first embodiment;

DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiments of a data sharing apparatus and a data sharing method of the present invention will be described below with reference to FIGS. 1 to 11. FIG.

<First embodiment>
(overview)
In the data sharing device of the first embodiment, multiple users share target data.
The data sharing device includes an authentic information acquisition section, a target data encryption section, a target data storage section, a decryption key encryption section, a decryption key storage section, and a target data decryption section.

The authenticity information acquisition unit acquires authenticity information for a user, which is information indicating that the user is authentic.
The target data encryption unit receives target data, generates an encryption key and a decryption key respectively used for encryption and decryption of the target data, and encrypts the target data based on the encryption key. generates encrypted target data.
The target data storage unit stores encrypted target data.

The decryption key encryption unit generates an encrypted decryption key by encrypting the decryption key for each of a plurality of users so that the decryption key can be decrypted based on the authenticity information for the user.
The decryption key storage unit stores, for each of a plurality of users, an encrypted decryption key generated for the user in association with the user.

The target data decryption unit obtains the decryption key by decrypting the encrypted decryption key stored in association with the user based on the authenticity information obtained for the user, and obtains the decryption key Based on this, the target data is obtained by decrypting the encrypted target data.

According to this, the decryption key is obtained by decrypting the encrypted decryption key based on the authenticity information for each of a plurality of users who share the target data, and the encrypted decryption key is obtained based on the decryption key. The target data is obtained by decoding the processed target data. Therefore, each of the multiple users can acquire the target data without notifying the multiple users who share the target data of the decryption key.

Also, instead of the target data, the encrypted target data is stored. Further, an encrypted decryption key is stored instead of the decryption key used for decrypting the encrypted target data. Therefore, it is possible to prevent the target data and the decryption key from being leaked.
As described above, according to the data sharing apparatus, while a plurality of users share the target data, leakage of information represented by the target data can be suppressed.
Next, the data sharing device of the first embodiment will be described in more detail.

(composition)
As shown in FIG. 1, a data sharing system 1 includes a data sharing device 10 and a plurality of (N in this example) terminal devices 20-1, 20-2, . . . , 20-N. . N represents an integer of 2 or more. The data sharing device 10 and each of the terminal devices 20-1, 20-2, . The communication line NW may include a transmission line for wireless communication.

Each of the data sharing device 10 and the N terminal devices 20-1, 20-2, . . . , 20-N is an information processing device or a computer. For example, the computer may be at least part of a stationary game machine, a portable game machine, a television receiver, or a smart phone. For example, the data sharing device 10 may be a server computer, desktop computer, laptop computer, tablet computer, smartphone, or the like. For example, each terminal device 20-1, 20-2, . . . , 20-N may be a desktop computer, laptop computer, tablet computer, smart phone, or the like.
Note that the data sharing device 10 may be composed of a plurality of devices that are communicably connected to each other.

As shown in FIG. 2, the data sharing device 10 comprises a processing device 11, a storage device 12, an input device 13, an output device 14, and a communication device 15, which are interconnected via a bus BU1.
The processing device 11 controls the storage device 12 , the input device 13 , the output device 14 and the communication device 15 by executing programs stored in the storage device 12 . As a result, the processing device 11 implements functions to be described later.

In this example, the processing device 11 is a CPU (Central Processing Unit). The processing device 11 may include an MPU (Micro Processing Unit), a GPU (Graphics Processing Unit), or a DSP (Digital Signal Processor) in place of or in addition to the CPU.

In this example, storage device 12 includes volatile memory and non-volatile memory. For example, the storage device 12 includes at least one of RAM (Random Access Memory), ROM (Read Only Memory), semiconductor memory, organic memory, HDD (Hard Disk Drive), and SSD (Solid State Drive).

The input device 13 inputs information from outside the data sharing device 10 . In this example, the input device 13 comprises a keyboard and mouse. Note that the input device 13 may include a microphone.
The output device 14 outputs information to the outside of the data sharing device 10 . In this example, output device 14 comprises a display. Note that the output device 14 may include a speaker.
Note that the data sharing device 10 may include a touch panel display that constitutes both the input device 13 and the output device 14 .

The communication device 15 communicates with devices external to the data sharing device 10 . In this example, the communication device 15 comprises a card-type or on-board type network adapter or network interface.

As shown in FIG. 3, the terminal device 20-n comprises a processing device 21, a storage device 22, an input device 23, an output device 24, and a communication device 25 which are interconnected via a bus BU2. n represents an integer from 1 to N;
The processing device 21, the storage device 22, the input device 23, the output device 24, and the communication device 25 are the processing device 11, the storage device 12, the input device 13, the output device 14, and the communication device 15 of the data sharing device 10. Each has a similar function.

(function)
As shown in FIG. 4, the functions of the terminal device 20-n include a user information input section 201, an authentication input information input section 202, a request input section 203, and a target data output section 204.

The user information input unit 201 accepts user information input using the input device 23 by the user of the terminal device 20-n.
In this example, the user information includes user identification information and a password. For example, the user identification information that identifies the user may be the user's user ID (Identification) or the user's email address.

Additionally, the user information may include at least one of address, phone number, date of birth, and age. For example, each of the user identification information and password is a character string. A string consists of multiple character elements. Character elements are letters, numbers, or symbols.
The user information input unit 201 transmits the accepted user information to the data sharing device 10 using the communication device 25 .

The authentication input information input unit 202 accepts authentication input information input using the input device 23 by the user of the terminal device 20-n.
In this example, the authentication input information includes user identification information and a password.
The authentication input information input unit 202 transmits the accepted authentication input information to the data sharing device 10 using the communication device 25 .

The request input unit 203 accepts a processing request input using the input device 23 by the user of the terminal device 20-n. In this example, the processing request is a sharing request, an access request, an update request, or a conclusion request.

A sharing request is information requesting that a user (in other words, a sharing source user) share target data with another user (in other words, a sharing destination user). The target data represents a contract concluded between multiple users. In this example, the target data is data representing a contract document representing the details of the contract concluded between the sharing source user and the sharing destination user.
It should be noted that the number of sharing destination users may be plural. Also, the target data may represent information other than contracts concluded between a plurality of users.

In this example, the sharing request includes the target data, the sharing source user identification information that is the user identification information that identifies the sharing source user, and the sharing destination user identification information that is the user identification information that identifies the sharing destination user. . Note that the data sharing device 10 may store basic data on which the target data is based. For example, the basic data is data representing a template of a contract representing the details of a contract concluded between a plurality of users. In this case, the sharing request may contain basic data identification information for identifying the basic data instead of the target data.

If the sharing source user sets the use of the access code in sharing the target data, the sharing request includes the access code. For example, the access code is a string. A string consists of multiple character elements. Character elements are letters, numbers, or symbols.

An access request is information requesting a user (in other words, an access user) to access (eg, view) target data.
In this example, the access request includes access user identification information that identifies the access user, and target data identification information that identifies the target data.
If the use of an access code is set in the sharing of the target data to be accessed, the access request includes the access code.

An update request is information that a user (in other words, an update requesting user) requests to update target data.
In this example, the update request includes update request user identification information that identifies the update requesting user, target data identification information that identifies target data to be updated, and updated target data. include.

If the use of an access code is set in sharing the target data to be updated, the update request includes the access code. In this example, the update request is entered following the access request. When an update request is input following an access request, the access user identification information, the target data identification information, and the access code included in the access request are the update request user identification information, the target data identification information, and the access code included in the update request. They may be used as data identification information and access codes, respectively.

A conclusion request is information requesting that a user (in other words, a conclusion requesting user) conclude a contract represented by target data.
In this example, the conclusion request includes conclusion-requesting user identification information that identifies the conclusion-requesting user, and target data identification information that identifies target data to be concluded.

If the use of an access code is set in the sharing of the target data to be concluded, the conclusion request includes the access code. In this example, the closing request is entered following the access request. When an access request is followed by a conclusion request, the access user identification information, target data identification information, and access code included in the access request are the same as the conclusion request user identification information, target data identification information, and target data identification information included in the access request. They may be used as data identification information and access codes, respectively.
The request input unit 203 uses the communication device 25 to transmit the received processing request to the data sharing device 10 .

The target data output unit 204 receives target data from the data sharing device 10 using the communication device 25 . The target data output unit 204 outputs the received target data using the output device 24 (in this example, displays it on the display).

The functions of the data sharing device 10 include a user registration processing unit 110 , a user authentication processing unit 120 and a request processing unit 130 .
User registration processing unit 110 includes user information reception unit 111 , secret key encryption unit 112 , and user information storage unit 113 .

The user information accepting unit 111 receives user information from the terminal device 20-n using the communication device 15, and accepts the received user information. The user information reception unit 111 acquires authenticity information and verification reference information based on the received user information. In this example, the user information reception unit 111 acquires the authenticity information and the matching reference information by generating them.

The authenticity information is information indicating that the user is authentic. In this example, the authenticity information is generated based on the password included in the user information. In this example, the authenticity information is a password hash value generated according to a cryptographic hashing scheme.
For example, the hash value of a password is obtained by concatenating a randomly generated character string (in other words, salt) to the password, and repeatedly converting the character string using a hash function for a predetermined number of stretches (in other words, stretching generated by

Note that the user information accepting unit 111 may acquire authenticity information by receiving it from a user authentication system external to the data sharing system 1 . In this case, the user authentication system determines whether or not the user is genuine. Do not send authenticity information if not determined.

The matching reference information is generated based on the password included in the user information. In this example, the matching reference information is a password hash value generated according to an authentication hashing scheme different from the cryptographic hashing scheme. For example, the hashing scheme for authentication differs from the hashing scheme for encryption in at least one of the salt and the stretch count.

In this example, the user information receiving unit 111 corresponds to at least a part of an authenticity information acquiring unit that acquires authenticity information, which is information indicating that the user is authentic, for the user.

When user information is received by the user information receiving unit 111, the private key encryption unit 112 encrypts the user information with a public key and a secret key that are used for encryption processing and decryption processing according to the public key cryptosystem. Generate a key. For example, the public key cryptosystem is the RSA cryptosystem.

In this case, the secret key encryption unit 112 encrypts the secret key generated for the user information according to the common key cryptosystem based on the authenticity information obtained for the user information. to generate an encrypted private key by encrypting the private key. For example, the common key cryptosystem is a cryptosystem called AES (Advanced Encryption Standard).

When the user information receiving unit 111 receives user information, the user information storage unit 113 stores information other than the password included in the user information and the public key generated for the user information by the secret key encryption unit 112. A key, an encrypted secret key generated for the user information by the secret key encryption unit 112, matching reference information generated for the user information by the user information reception unit 111, and cryptographic hashing Method information and authentication hashing method information are associated with each other and stored in the storage device 12 .

The cryptographic hashing method information is information representing the cryptographic hashing method used to generate authentic information for the user information. In this example, the cryptographic hashing scheme information includes salt and information representing the number of stretches.
The authentication hashing method information is information representing the authentication hashing method used to generate the matching reference information for the user information. In this example, the authentication hashing method information includes salt and information representing the number of stretches.

In this example, the user information storage unit 113 corresponds to a public key/private key storage unit that stores, for each of a plurality of users, a user, a public key, and an encrypted private key in association with each other. do.

User authentication processing unit 120 includes authentication input information accepting unit 121 and authenticity information storage unit 122 .
The authentication input information receiving unit 121 receives the authentication input information from the terminal device 20-n using the communication device 15, and accepts the received authentication input information. The authentication input information reception unit 121 acquires matching target information based on the received authentication input information. In this example, the authentication input information receiving unit 121 acquires by generating matching target information.

The matching target information is generated based on the password included in the authentication input information. In this example, the verification target information is the password generated according to the authentication hashing method represented by the authentication hashing method information stored in the storage device 12 in association with the user identification information included in the authentication input information. is a hash value.

If the generated matching target information matches the matching reference information stored in the storage device 12 in association with the user identification information included in the authentication input information, the authentication input information accepting unit 121 Login for information (in other words, a user identified by the user identification information) is permitted, while login for the user identification information is prohibited if the collation target information is different from the collation reference information.

When the login for the user identification information included in the authentication input information is permitted, the authentication input information accepting unit 121 acquires the authenticity information based on the authentication input information. In this example, the authentication input information receiving unit 121 acquires the authenticity information by generating it.

Authenticity information is generated based on the password included in the authentication input information. In this example, the authenticity information is the hash of the password generated according to the cryptographic hashing scheme represented by the cryptographic hashing scheme information stored in the storage device 12 in association with the user identification information included in the authentication input information. value.

Note that the authentication input information accepting unit 121 may acquire authenticity information by receiving it from a user authentication system external to the data sharing system 1 .
In this example, the authentication input information receiving unit 121 corresponds to at least part of an authenticity information acquisition unit that acquires authenticity information, which is information indicating that the user is authentic, for the user.

When the authentication input information receiving unit 121 acquires the authentication information, the authentication information storage unit 122 stores the authentication information as the user identification information included in the authentication input information from which the authentication information is acquired. They are stored in the storage device 12 in association with each other. In other words, when the login for the user identification information is permitted, the authenticity information storage unit 122 starts storing the authenticity information for the user identification information.

The authenticity information storage unit 122 deletes from the storage device 12 the authenticity information stored in the storage device 12 in association with the user identification information when a predetermined retention end condition is satisfied for the user identification information. In other words, the authenticity information storage unit 122 terminates storage of authenticity information for the user identification information when a predetermined retention termination condition is satisfied for the user identification information.

In this example, the retention termination condition is satisfied when at least one of the logout condition, the timeout condition, and the session abandonment condition is satisfied.
In this example, the logout condition is that a logout is requested for the user identification information.
In this example, the time-out condition is that the time that has elapsed since the login for the user identification information was permitted is longer than a predetermined time-out time.
In this example, the session abandonment condition is that an abnormal state has occurred. For example, an abnormal state is a state in which the logged-in user is requested to log in again (in other words, multiple logins are performed), a state in which unauthorized access is performed, or a state in which the user is logged in. , the terminal device 20-n, or the data sharing device 10 has been restarted.

Note that the holding end condition may be a condition that the authentic information has been used in encryption or decryption (in other words, the authentic information has been used).
Also, the functions of the data sharing device 10 do not have to include the authenticity information storage unit 122 . In this case, the data sharing device 10 acquires authentic information each time use is requested in encryption or decryption, and after using the acquired authentic information in encryption or decryption, stores the authentic information in the storage device 12. don't remember.

The request processing unit 130 includes a request receiving unit 131, a target data encryption unit 132, a target data storage unit 133, a decryption key encryption unit 134, an access information storage unit 135, and a target data decryption unit 136. include.
The request receiving unit 131 receives a processing request from the terminal device 20-n using the communication device 15, and receives the received processing request.

When the processing request accepted by the request accepting unit 131 is a sharing request (in other words, the sharing request is accepted), the target data encryption unit 132 accepts the target data included in the sharing request and encrypts the target data. An encryption key and a decryption key are generated to be used for data encryption and decryption, respectively.

In this example, the target data encryption unit 132 performs encryption processing and decryption processing according to the common key cryptosystem when encrypting and decrypting target data, respectively. Therefore, in this example, the same encryption key and decryption key are used to encrypt and decrypt the target data. Therefore, in this example, both the encryption key and the decryption key used for encrypting and decrypting the target data may be expressed as symmetric keys. Note that the target data encryption unit 132 may perform encryption processing and decryption processing according to the public key cryptosystem in the encryption and decryption of the target data, respectively.

The target data encryption unit 132 performs encryption processing according to the common key cryptosystem on the received target data based on the generated encryption key (symmetric key in this example), thereby encrypting the target data. Generate encrypted target data by encrypting the data.

The target data storage unit 133 associates the encrypted target data generated by the target data encryption unit 132 with the target data identification information that identifies the target data from which the encrypted target data is generated. and store it in the storage device 12.

When a sharing request is accepted by the request accepting unit 131, the decryption key encryption unit 134 decrypts the target data for each of the sharing users in the sharing request based on the authenticity information for the sharing user. An encrypted decryption key is generated by encrypting the decryption key (symmetric key in this example) generated by the unit 132 .

The plurality of sharing users in the sharing request are composed of the sharing source user identified by the sharing source user identification information included in the sharing request and the sharing destination user identified by the sharing destination user identification information included in the sharing request. Become. Also, each of the sharing source user identification information and the sharing destination user identification information included in the sharing request may be represented as sharing user identification information.

If the sharing request received by the request receiving unit 131 does not include an access code, the decryption key encryption unit 134 encrypts the symmetric key with the authenticity stored in the storage device 12 in association with the sharing source user identification information. An encrypted symmetric key is generated by performing encryption processing according to the information-based common key cryptosystem. In this example, the sharer user identified by the sharer user identification information sends the share request when logged in. Therefore, in this example, the sharer user identified by the sharer user identification information is the logged-in user among the plurality of sharers.

Furthermore, in this case, the decryption key encryption unit 134 performs public key encryption based on the public key stored in the storage device 12 in association with the shared user identification information for each of the shared user identification information. An encrypted symmetric key is generated by performing encryption processing according to the scheme on the symmetric key. In this example, the sharing destination user identified by the sharing destination user identification information has not logged in when the sharing request is accepted. Therefore, in this example, the sharing destination user identified by the sharing destination user identification information is a user other than the logged-in user among the plurality of sharing users.

When the sharing request accepted by request accepting unit 131 includes an access code, decryption key encryption unit 134 accepts the access code, and encrypts the symmetric key based on the access code according to the common key cryptosystem. A provisional encrypted symmetric key is generated by performing the encryption process.

In this case, the decryption key encryption unit 134 uses a common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the sharer user identification information for the generated provisional encrypted symmetric key. Generate an encrypted symmetric key by performing the encryption process according to.

Furthermore, in this case, the decryption key encryption unit 134 performs public key encryption based on the public key stored in the storage device 12 in association with the shared user identification information for each of the shared user identification information. An encrypted symmetric key is generated by performing encryption processing according to the scheme on the provisional encrypted symmetric key.

When a sharing request is received by the request receiving unit 131, the access information storage unit 135 stores each of the sharing user identification information included in the sharing request and the sharing user identification information based on the sharing request. the encrypted symmetric key generated by the decryption key encryption unit 134 for the shared user identification information, the encryption method information, the target data identification information stored by the target data storage unit 133 based on the sharing request; are associated with each other and stored in the storage device 12 .

In this example, the cryptographic method information includes information representing the cryptographic method used to generate the encrypted symmetric key (in this example, the symmetric key cryptographic method or the public key cryptographic method), and the encrypted symmetric key. and information indicating whether the access code was used to generate the key (in other words, the use of the access code is set in sharing the target data).
In this example, the access information storage unit 135 corresponds to a decryption key storage unit that stores an encrypted decryption key generated for each of a plurality of users.

When the processing request accepted by the request accepting unit 131 is an access request (in other words, the access request is accepted), the target data decoding unit 136 decrypts the access identified by the access user identification information included in the access request. Based on the authenticity information obtained for the user, the decryption key is obtained by decrypting the encrypted decryption key stored in the storage device 12 in association with the access user.

In this example, the target data decryption unit 136 causes the encryption method information stored in the storage device 12 in association with the access user identification information and the target data identification information included in the access request to represent the common key cryptosystem and , indicates that the use of the access code is not set, the access user for the encrypted symmetric key stored in the storage device 12 in association with the access user identification information and the target data identification information A symmetric key is obtained by performing decryption processing according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the identification information.

In addition, when the encryption method information indicates the common key cryptosystem and indicates that the use of the access code is set, the target data decryption unit 136 corresponds to the access user identification information and the target data identification information. Decryption processing according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the access user identification information for the encrypted symmetric key stored in the storage device 12 with the Obtain the temporary encrypted symmetric key by doing In this case, the target data decryption unit 136 decrypts the obtained provisional encrypted symmetric key based on the access code included in the access request according to the common key cryptosystem, thereby obtaining the symmetric key. get.

In addition, when the encryption method information indicates that the access code is not set to be used while the encryption method information indicates the public key encryption method, the target data decryption unit 136 stores the data in the storage device 12 in association with the access user identification information. The stored encrypted private key is decrypted according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the access user identification information to obtain the private key. to get In this case, the target data decryption unit 136, for the encrypted symmetric key stored in the storage device 12 in association with the access user identification information and the target data identification information, based on the obtained private key, A symmetric key is obtained by performing decryption processing according to the public key cryptosystem.

When the encryption method information indicates that the access code is set to be used as well as the public key encryption method, the target data decryption unit 136 stores the data in the storage device 12 in association with the access user identification information. The stored encrypted private key is decrypted according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the access user identification information to obtain the private key. to get In this case, the target data decryption unit 136, for the encrypted symmetric key stored in the storage device 12 in association with the access user identification information and the target data identification information, based on the obtained private key, A temporary encrypted symmetric key is obtained by performing decryption processing according to the public key cryptosystem. Furthermore, in this case, the target data decryption unit 136 decrypts the obtained provisional encrypted symmetric key based on the access code included in the access request according to the common key cryptosystem. get the key.

When the symmetric key is acquired for the access request, the target data decryption unit 136 decrypts the encrypted target data stored in the storage device 12 in association with the target data identification information included in the access request. , the target data is acquired by performing decryption processing according to the common key cryptosystem based on the symmetric key.

When the target data is acquired in response to the access request, the target data decoding unit 136 uses the communication device 15 to transmit the target data to the terminal device 20-n that has transmitted the access request.

When the target data decryption unit 136 acquires the symmetric key in response to the access request, the decryption key encryption unit 134 performs decryption processing according to the public key cryptosystem in decrypting the encrypted decryption key. When the symmetric key is acquired, the symmetric key is encrypted by performing encryption processing according to the common key cryptosystem based on the authenticity information for the access user identified by the access user identification information included in the access request. By re-encrypting, an encrypted decryption key for the access user is generated. In this example, an access user identified by access user identification information sends an access request when logged in. Therefore, in this example, the access user identified by the access user identification information is the logged-in user among the plurality of shared users.

In this example, when the target data decryption unit 136 acquires a symmetric key in response to an access request, the decryption key encryption unit 134 performs decryption processing according to the public key cryptosystem in decrypting the encrypted decryption key. If the symmetric key is acquired by the access request and the access code is not included in the access request, the symmetric key is stored in the storage device 12 in association with the access user identification information included in the access request. An encrypted symmetric key is generated by performing encryption processing according to the common key cryptosystem based on the stored authenticity information.

Further, when the target data decryption unit 136 acquires the symmetric key in response to the access request, the decryption key encryption unit 134 performs decryption processing according to the public key cryptosystem in decrypting the encrypted decryption key. If the symmetric key is obtained by the above method and an access code is included in the access request, the symmetric key is encrypted according to the common key cryptosystem based on the access code to provide a provisional Generate an encrypted symmetric key. Furthermore, in this case, the decryption key encryption unit 134 associates the generated provisional encrypted symmetric key with the access user identification information included in the access request and stores the authenticity information stored in the storage device 12 in correspondence with the access user identification information. An encrypted symmetric key is generated by performing encryption processing according to the common key cryptosystem based on.

When the decryption key encryption unit 134 re-encrypts the symmetric key for the access request, the access information storage unit 135 stores the access user identification information included in the access request and the target data included in the access request. The encrypted symmetric key and the encryption method information stored in the storage device 12 in association with the identification information are converted to the encrypted symmetric key newly generated by the decryption key encryption unit 134 and the encryption each update (in this example, replace) with new encryption method information for the encrypted symmetric key.

When the request receiving unit 131 receives an update request following an access request, the target data encryption unit 132 encrypts the updated target data included in the update request with the decryption key encryption unit 134. Encrypted target data is generated by encrypting the target data by performing encryption processing according to the common key cryptosystem based on the symmetric key acquired in response to the access request.

When the request receiving unit 131 receives an update request following an access request, the target data storage unit 133 stores encrypted data stored in the storage device 12 in association with the target data identification information included in the update request. The target data is updated (in this example, replaced) with the encrypted target data generated in response to the update request by the target data encryption unit 132 .

When the request receiving unit 131 receives an access request followed by a conclusion request, the access information storage unit 135 associates the conclusion request information with the target data identification information and the conclusion request user identification information included in the conclusion request. Store in the storage device 12 . The fastening request information is information indicating that fastening is requested.

When the request receiving unit 131 receives an access request followed by a conclusion request, the target data encryption unit 132 encrypts all data stored in the storage device 12 in association with the target data identification information included in the connection request. extract the shared user identity of In this case, for each of the extracted shared user identification information, the target data encryption unit 132 determines whether or not conclusion request information is stored in the storage device 12 in association with the shared user identification information. .

When the conclusion request information is stored for all of the extracted shared user identification information (in other words, the contract represented by the target data is concluded), the target data encryption unit 132 encrypts the extracted shared user identification information. For each shared user identified by the identification information, the target data decryption unit 136 generates an encryption key and a decryption key respectively used for encryption and decryption of the target data acquired in response to the access request. As described above, in this example, the target data encryption unit 132 performs encryption processing and decryption processing according to the common key cryptosystem when encrypting and decoding target data, respectively. Therefore, in this example, the same encryption key and decryption key are used to encrypt and decrypt the target data.

The target data encryption unit 132 encrypts each of the shared users identified by the extracted shared user identification information according to the common key cryptosystem based on the generated encryption key (symmetric key in this example). Encrypted target data is generated by encrypting the target data by performing the encryption process described above on the target data.

The target data storage unit 133 stores the encrypted target data generated by the target data encryption unit 132 for each of the shared users identified by the extracted shared user identification information as newly assigned target data. It is stored in the storage device 12 in association with the identification information.

When the target data encryption unit 132 generates a decryption key for each of the shared users based on the conclusion request, the decryption key encryption unit 134 provides each of the shared users with authenticity information for the shared user. The encrypted decryption key is generated by encrypting the decryption key (the symmetric key in this example) generated by the target data encryption unit 132 so that it can be decrypted based on .

The multiple shared users based on the conclusion request are the current requesting user identified by the conclusion request user identification information included in the conclusion request, and the past request user identified by the conclusion request user identification information included in the conclusion request sent in the past. requesting user; and

The decryption key encryption unit 134, for the symmetric key generated for the current requesting user, uses the common An encrypted symmetric key is generated by performing encryption processing according to the key cryptosystem. In this example, the current requesting user transmits the conclusion request when logged in. Therefore, in this example, the requesting user this time is a logged-in user among the plurality of sharing users.

Further, the decryption key encryption unit 134 uses a public key cryptosystem based on the public key stored in the storage device 12 in association with the user identification information that identifies the past requesting user for each of the past requesting users. on the symmetric key generated for the user who requested it in the past, to generate an encrypted symmetric key. In this example, the past-requesting user has not logged in at the time the conclusion request is received. Therefore, in this example, the past requesting user is a user other than the logged-in user among the plurality of shared users.

When the decryption key encryption unit 134 generates an encrypted symmetric key for each of the shared users based on the conclusion request, the access information storage unit 135 notifies each of the shared users of the shared user. user identification information to be identified, an encrypted symmetric key generated by the decryption key encryption unit 134 for the shared user, encryption method information for the encrypted symmetric key, and the shared key based on the conclusion request The target data identification information stored by the target data storage unit 133 for the user is associated with each other and stored in the storage device 12 .

(motion)
Next, operations of the data sharing system 1 will be described with reference to FIGS. 5 to 11. FIG.
In this example, the data sharing device 10 executes the process shown in FIG. 5 in order to register user information.
The data sharing apparatus 10 waits by determining "No" in step S101 of FIG. 5 until user information is received.

Thereafter, the user of the terminal device 20-n uses the input device 23 to input user information. As a result, the terminal device 20 -n accepts the input user information and transmits the accepted user information to the data sharing device 10 .

As a result, the data sharing device 10 receives the user information from the terminal device 20-n and accepts the received user information (step S101 in FIG. 5). As a result, the data sharing apparatus 10 determines "Yes" in step S101 of FIG. A key and a private key are generated (step S102 in FIG. 5).

Next, the data sharing device 10 acquires authenticity information and verification reference information by generating them based on the received user information. Furthermore, the data sharing device 10 encrypts the generated secret key by performing encryption processing according to the common key cryptosystem based on the acquired authenticity information. generate a encrypted private key (step S103 in FIG. 5).

Next, the data sharing device 10 extracts information other than the password included in the accepted user information, the generated public key, the generated encrypted private key, the obtained verification reference information, and the cryptographic hash The hashing method information and the authentication hashing method information are associated with each other and stored in the storage device 12 (step S104 in FIG. 5).
As a result, the data sharing device 10 terminates the processing of FIG.

Further, the data sharing device 10 executes the processing shown in FIG. 6 in order to perform user authentication.
The data sharing device 10 waits by determining "No" in step S201 of FIG. 6 until receiving the input information for authentication.

After that, the user of the terminal device 20-n uses the input device 23 to input authentication input information. As a result, the terminal device 20-n accepts the entered authentication input information and transmits the accepted authentication input information to the data sharing device 10. FIG.

As a result, the data sharing device 10 receives the authentication input information from the terminal device 20-n and accepts the received authentication input information (step S201 in FIG. 6). As a result, the data sharing device 10 determines “Yes” in step S201 of FIG. 6, and generates and acquires matching target information based on the accepted input information for authentication.

Next, the data sharing device 10 matches the acquired matching target information with the matching reference information stored in the storage device 12 in association with the user identification information included in the authentication input information (in other words, if the user authenticity) (step S202 in FIG. 6).

If the matching target information is different from the matching reference information, the data sharing device 10 determines "No" in step S202 of FIG. Prohibit login for user identification information.

On the other hand, if the matching target information matches the matching reference information, the data sharing device 10 determines "Yes" in step S202 of FIG. Allows login for the user identification information contained in the .

Next, the data sharing device 10 acquires authenticity information by generating authenticity information based on the authentication input information, associates the acquired authenticity information with the user identification information included in the authentication input information, and stores the information in the storage device. 12 (step S203 in FIG. 6).

Next, the data sharing device 10 waits by determining "No" in step S204 of FIG. 6 until the holding end condition is satisfied.
After that, if the holding end condition is satisfied, the data sharing device 10 determines "Yes" in step S204 of FIG. The authenticity information stored in the storage device 12 is erased from the storage device 12 (step S205 in FIG. 6).
As a result, the data sharing device 10 terminates the processing of FIG.

Also, the data sharing device 10 executes the processing shown in FIG. 7 to process the sharing request.
The data sharing device 10 waits by judging "No" in step S301 of FIG. 7 until receiving a sharing request.

After that, the user of the terminal device 20-n uses the input device 23 to input a sharing request. As a result, the terminal device 20-n accepts the input sharing request and transmits the accepted sharing request to the data sharing device 10. FIG.

As a result, the data sharing device 10 receives the sharing request from the terminal device 20-n and accepts the received sharing request (step S301 in FIG. 7). As a result, the data sharing device 10 determines “Yes” in step S301 of FIG. 7, and login to the sharing source user identification information included in the accepted sharing request is permitted (in other words, the sharing source user is logging in) (step S302 in FIG. 7). For example, the data sharing device 10 may determine that the sharing source user is logging in when authenticity information is stored in the storage device 12 in association with the sharing source user identification information.

If the sharing source user is not logged in, the data sharing apparatus 10 determines "No" in step S302, proceeds to step S303, starts the user authentication process shown in FIG. 6, and then returns to step S302. .

If the sharing source user is logged in, the data sharing device 10 determines "Yes" in step S302, and generates a target key to be used for encryption and decryption of target data (step S304 in FIG. 7).

Next, the data sharing device 10 encrypts the target data included in the accepted sharing request by performing encryption processing according to the common key cryptosystem based on the generated symmetric key. Encrypted target data is generated by enciphering (step S305 in FIG. 7).

Next, the data sharing device 10 stores the generated encrypted target data in the storage device 12 in association with the target data identification information that identifies the target data included in the accepted sharing request (step of FIG. 7). S306).

Next, data sharing device 10 determines whether or not the accepted sharing request includes an access code (in other words, uses an access code) (step S307 in FIG. 7).
If the sharing request includes an access code, the data sharing device 10 determines "Yes" in step S307, and encrypts the generated symmetric key based on the access code according to the common key cryptosystem. By performing processing, a provisional encrypted symmetric key is generated (step S308 in FIG. 7). After that, the data sharing device 10 proceeds to step S309 in FIG.
On the other hand, if the sharing request does not include an access code, the data sharing device 10 determines "No" in step S307, and proceeds to step S309 without executing the process of step S308 in FIG.

Next, the data sharing device 10 sends the symmetric key (if no access code is used) or the provisional encrypted symmetric key (if an access code is used) to the sharing source user included in the accepted sharing request. An encrypted symmetric key is generated by performing encryption processing according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the identification information (step S309 in FIG. 7).

Next, the data sharing device 10 stores the sharing source user identification information included in the accepted sharing request, the target data identification information stored in step S306 of FIG. 7, and the encryption generated in step S309 of FIG. The encrypted symmetric key and the encryption method information for the encrypted symmetric key are associated with each other and stored in the storage device 12 (step S310 in FIG. 7).

Next, the data sharing device 10, for each of the sharing destination user identification information included in the accepted sharing request, based on the public key stored in the storage device 12 in association with the sharing destination user identification information, A symmetric key encrypted by performing encryption processing according to public key cryptography on a symmetric key (when not using an access code) or a provisional encrypted symmetric key (when using an access code) is generated (step S311 in FIG. 7).

Next, the data sharing apparatus 10, for each of the sharing destination user identification information included in the accepted sharing request, combines the sharing destination user identification information with the target data identification information stored in step S306 of FIG. , the encrypted symmetric key generated in step S311 of FIG. 7 and the encryption method information for the encrypted symmetric key are associated with each other and stored in the storage device 12 (step S312 of FIG. 7).
As a result, the data sharing device 10 terminates the processing of FIG.

In addition, the data sharing device 10 executes the processing shown in FIG. 8 in order to process access requests, update requests, and conclusion requests.
The data sharing apparatus 10 waits by determining "No" in step S401 of FIG. 8 until an access request is received.

After that, the user of the terminal device 20-n uses the input device 23 to input an access request. As a result, the terminal device 20-n accepts the input access request and transmits the accepted access request to the data sharing device 10. FIG.

As a result, the data sharing device 10 receives the access request from the terminal device 20-n and accepts the received access request (step S401 in FIG. 8). As a result, the data sharing apparatus 10 determines "Yes" in step S401 of FIG. (step S402 in FIG. 8). For example, the data sharing device 10 may determine that the accessing user is logging in when authenticity information is stored in the storage device 12 in association with the accessing user identification information.

If the accessing user is not logged in, the data sharing apparatus 10 determines "No" in step S402, proceeds to step S403, starts the user authentication process shown in FIG. 6, and then returns to step S402.

If the access user is logged in, the data sharing apparatus 10 determines "Yes" in step S402, and associates the target data identification information and the access user identification information included in the received access request with the storage device. 12 is acquired (step S404 in FIG. 8).

Next, the data sharing device 10 determines whether or not the encryption method represented by the obtained encryption method information is the common key encryption method (step S405 in FIG. 8).
If the encryption method represented by the encryption method information is the common key cryptosystem, the data sharing device 10 determines "Yes" in step S405, proceeds to step S406, and uses the common key cryptosystem shown in FIG. Execute the key decryption process.

Specifically, the data sharing device 10, with respect to the encrypted symmetric key stored in the storage device 12 in association with the access user identification information and the target data identification information included in the accepted access request, A symmetric key (if an access code is not used) or a temporary An encrypted symmetric key (when using an access code) is obtained (step S4061 in FIG. 9).

Next, the data sharing device 10 determines whether or not the encryption method information acquired in step S404 of FIG. 8 indicates that use of the access code is set (step S4062 of FIG. 9).
If the encryption method information indicates that the use of an access code is set, the data sharing device 10 determines "Yes" in step S4062, and uses the provisional encrypted symmetric key obtained in step S4061. On the other hand, the symmetric key is acquired by performing decryption processing according to the common key cryptosystem based on the access code included in the accepted access request (step S4063 in FIG. 9). Next, the data sharing device 10 proceeds to step S408 in FIG. 8 by ending the processing in FIG.

On the other hand, if the encryption method information indicates that the use of the access code is not set, the data sharing device 10 determines "No" in step S4062, and without executing step S4063 in FIG. 9, the process proceeds to step S408 in FIG.

If the encryption method indicated by the encryption method information is the public key encryption method, the data sharing device 10 determines “No” in step S405, proceeds to step S407, and performs the public key encryption method illustrated in FIG. Execute the scheme symmetric key decryption process.

Specifically, the data sharing device 10 assigns the access user identification information to the encrypted private key stored in the storage device 12 in association with the access user identification information included in the accepted access request. The secret key is acquired by performing decryption processing according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with (step S4071 in FIG. 10).

Next, the data sharing device 10 uses the acquired encrypted symmetric key stored in the storage device 12 in association with the access user identification information and the target data identification information included in the accepted access request. Obtain a symmetric key (when not using an access code) or a temporary encrypted symmetric key (when using an access code) by performing decryption processing according to public key cryptography based on the private key ( Step S4072 in FIG. 10).

Next, the data sharing device 10 determines whether or not the encryption method information acquired in step S404 of FIG. 8 indicates that use of the access code is set (step S4073 of FIG. 10).
If the encryption method information indicates that the use of the access code is set, the data sharing device 10 determines "Yes" in step S4073, and uses the provisional encrypted symmetric key obtained in step S4072. On the other hand, the symmetric key is obtained by performing decryption processing according to the common key cryptosystem based on the access code included in the accepted access request (step S4074 in FIG. 10). The data sharing device 10 then proceeds to step S4075 in FIG.

On the other hand, if the encryption method information indicates that the use of the access code is not set, the data sharing device 10 determines "No" in step S4073, and without executing step S4074 in FIG. 10 to step S4075.

Next, the data sharing device 10 determines whether or not the encryption method information acquired in step S404 of FIG. 8 indicates that use of the access code is set (step S4075 of FIG. 10).
If the encryption method information indicates that the use of the access code is set, the data sharing device 10 determines "Yes" in step S4075, and accepts the symmetric key acquired in step S4074. A temporary encrypted symmetric key is generated by performing encryption processing according to the common key cryptosystem based on the access code included in the received access request (step S4076 in FIG. 10). After that, the data sharing device 10 proceeds to step S4077 in FIG.

On the other hand, if the encryption method information indicates that the use of the access code is not set, the data sharing device 10 determines "No" in step S4075, and without executing step S4076 in FIG. 10 to step S4077.

Next, the data sharing device 10 uses the symmetric key acquired in step S4072 (when not using an access code) or the temporary encrypted symmetric key generated in step S4076 (when using an access code). On the other hand, by performing encryption processing according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the access user identification information included in the accepted access request, the encrypted symmetric A key is generated (step S4077 in FIG. 10).

Data sharing apparatus 10 may use the provisional encrypted symmetric key obtained in step S4072 in step S4077. In this case, the processing of steps S4075 and S4076 of FIG. 10 may be omitted from the processing of FIG.

Next, the data sharing device 10 uses the encrypted symmetric key and encryption method information stored in the storage device 12 in association with the access user identification information and the target data identification information included in the accepted access request, The encrypted symmetric key generated in step S4077 in FIG. 10 and the new encryption method information for the encrypted symmetric key are updated (step S4078 in FIG. 10).
Next, the data sharing device 10 proceeds to step S408 of FIG. 8 by ending the processing of FIG.

Next, the data sharing device 10 acquires in step S406 or step S407 the encrypted target data stored in the storage device 12 in association with the target data identification information included in the accepted access request. The target data is acquired by performing decryption processing according to the common key cryptosystem based on the symmetric key obtained (step S408 in FIG. 8).

Next, the data sharing device 10 transmits the acquired target data to the terminal device 20-n that transmitted the accepted access request.
As a result, the terminal device 20-n receives the target data from the data sharing device 10 and outputs the received target data (in this example, displays it on the display).

Next, the data sharing device 10 waits by judging "No" in step S409 of FIG. 8 until receiving an update request or a conclusion request following the access request.

After that, the user of the terminal device 20-n uses the input device 23 to input an update request or a conclusion request. As a result, the terminal device 20-n accepts the input update request or conclusion request and transmits the accepted update request or conclusion request to the data sharing device 10. FIG.

As a result, the data sharing device 10 receives the update request or conclusion request from the terminal device 20-n, and accepts the received update request or conclusion request (step S409 in FIG. 8). As a result, the data sharing apparatus 10 determines "Yes" in step S409 of FIG. 8, and determines whether or not the processing request accepted in step S409 is an update request (step S410 of FIG. 8). .

If the received processing request is an update request, the data sharing device 10 determines "Yes" in step S410, and performs step S406 or step S407 on the updated target data included in the update request. Encrypted target data is generated by encrypting the target data by performing encryption processing according to the common key cryptosystem based on the symmetric key obtained in (step S411 in FIG. 8).

Next, the data sharing device 10 converts the encrypted target data stored in the storage device 12 in association with the target data identification information included in the accepted update request to the encrypted target data generated in step S411. Data is updated (step S412 in FIG. 8). The data sharing device 10 then terminates the process of FIG.

On the other hand, if the received processing request is a conclusion request, the data sharing device 10 determines "No" in step S410, proceeds to step S413, and executes the conclusion processing shown in FIG.

Specifically, the data sharing apparatus 10 associates the conclusion request information with the target data identification information and the conclusion request user identification information included in the received conclusion request, and stores the conclusion request information in the storage device 12 (step S4131 in FIG. 11). ).

Next, the data sharing device 10 extracts all shared user identification information stored in the storage device 12 in association with the target data identification information included in the accepted conclusion request, and extracts the extracted shared user identification information. is stored in the storage device 12 in association with the shared user identification information (in other words, whether or not the conclusion request information of all shared users is stored). (step S4132 in FIG. 11).

If the conclusion request information is not stored for at least one of the extracted shared user identification information (in other words, the contract represented by the target data is not concluded), the data sharing device 10 in step S4132 reads " No", and the process of FIG. 8 ends by ending the process of FIG. 11 without executing the processes of steps S4133 to S4139 described later.

On the other hand, if conclusion request information is stored for all of the extracted shared user identification information (in other words, if the contract represented by the target data has been concluded), the data sharing device 10 determines in step S4132 "Yes , and generates a symmetric key to be used for encryption and decryption of the target data acquired in step S408 of FIG. 8 for each shared user identified by the extracted shared user identification information. (Step S4133 in FIG. 11).

Next, the data sharing device 10 performs encryption processing according to the common key cryptosystem based on the generated symmetric key for each shared user identified by the extracted shared user identification information. Encrypted target data is generated by encrypting the target data obtained in step S408 of FIG. 11 (step S4134 in FIG. 11).

Next, the data sharing apparatus 10 transmits the encrypted target data generated in step S4134 to each of the shared users identified by the extracted shared user identification information as the newly assigned target data identification information. , and stored in the storage device 12 (step S4135 in FIG. 11).

Next, the data sharing device 10 assigns the current requesting user to the symmetric key generated in step S4133 for the current requesting user identified by the conclusion requesting user identification information included in the currently accepted conclusion request. An encrypted symmetric key is generated by performing encryption processing according to the common key cryptosystem based on the authenticity information stored in the storage device 12 in association with the user identification information to be identified (step S4136 in FIG. 11). ).

Next, the data sharing apparatus 10 generates user identification information for identifying the current requesting user, the encrypted symmetric key generated in step S4136, encryption method information for the encrypted symmetric key, and the current requesting user. and the target data identification information stored in step S4135 are associated with each other and stored in the storage device 12 (step S4137 in FIG. 11).

Next, the data sharing device 10 selects the shared user identification information other than the conclusion request user identification information included in the conclusion request accepted this time (in other words, before the current conclusion request) among the extracted shared user identification information. For each past-requesting user identified by the conclusion-requesting user identification information included in the accepted conclusion-request, disclosure stored in the storage device 12 in association with the user identification information that identifies the past-requesting user An encrypted symmetric key is generated by performing key-based encryption processing according to the public key cryptosystem on the symmetric key generated in step S4133 for the past requesting user (step S4133 in FIG. 11). S4138).

Next, data sharing apparatus 10 sends user identification information for identifying the past requesting user, the encrypted symmetric key generated in step S4138, and the encrypted symmetric key to each of the past requesting users. and the target data identification information stored in step S4135 for the past requesting user are associated with each other and stored in the storage device 12 (step S4139 in FIG. 11).
Next, the data sharing device 10 terminates the processing of FIG. 8 by terminating the processing of FIG.

As described above, in the data sharing device 10 of the first embodiment, multiple users (shared users in this example) share target data.
The data sharing device 10 includes an authentic information acquisition unit (user information reception unit 111 and authentication input information reception unit 121 in this example), a target data encryption unit 132, a target data storage unit 133, a decryption key It includes an encryption unit 134 , a decryption key storage unit (access information storage unit 135 in this example), and a target data decryption unit 136 .

The authenticity information acquisition unit acquires authenticity information for a user, which is information indicating that the user is authentic.
The target data encryption unit 132 receives target data, generates an encryption key and a decryption key used for encryption and decryption of the target data, and encrypts the target data based on the encryption key. to generate the encrypted target data.
The target data storage unit 133 stores encrypted target data.

The decryption key encryption unit 134 generates an encrypted decryption key by encrypting the decryption key for each of a plurality of users so that the decryption key can be decrypted based on the authenticity information for the user.
The decryption key storage unit stores, for each of a plurality of users, an encrypted decryption key generated for the user in association with the user.

The target data decryption unit 136 obtains the decryption key by decrypting the encrypted decryption key stored in association with the user based on the authenticity information obtained for the user, and obtains the decryption key Based on, the target data is obtained by decrypting the encrypted target data.

According to this, the decryption key is obtained by decrypting the encrypted decryption key based on the authenticity information for each of a plurality of users who share the target data, and the encrypted decryption key is obtained based on the decryption key. The target data is obtained by decoding the processed target data. Therefore, each of the multiple users can acquire the target data without notifying the multiple users who share the target data of the decryption key.

Also, instead of the target data, the encrypted target data is stored. Further, an encrypted decryption key is stored instead of the decryption key used for decrypting the encrypted target data. Therefore, it is possible to prevent the target data and the decryption key from being leaked.
As described above, according to the data sharing device 10, it is possible to suppress the leakage of information represented by the target data while sharing the target data among a plurality of users.

Furthermore, in the data sharing device 10 of the first embodiment, the decryption key encryption unit 134 follows the common key cryptosystem in encrypting the decryption keys for at least some of the users. , encryption processing is performed based on the authenticity information for the user.

According to this, the processing load for encryption and decryption of the decryption key can be reduced more than when the public key cryptosystem is used.

Furthermore, in the data sharing device 10 of the first embodiment, the decryption key encryption unit 134 follows the public key cryptosystem in encrypting the decryption keys for at least some of the users. , performs encryption processing based on the public key associated with the user.

By the way, the data sharing device 10 is often unable to acquire authentic information for users who have not logged in. For this reason, there is a possibility that the encryption processing based on the authenticity information for the user who has not logged in cannot be performed. On the other hand, according to the data sharing device 10, even a user who has not logged in can encrypt the decryption key.

Furthermore, in the data sharing device 10 of the first embodiment, the decryption key encryption unit 134 encrypts the decryption key for a logged-in user among a plurality of users according to the common key cryptosystem. In addition to performing encryption processing based on authenticity information for each of the multiple users, in encrypting the decryption key for each user other than the logged-in user among the multiple users, in accordance with the public key cryptosystem, matching with the user Performs encryption processing based on the public key obtained.

According to this, encryption processing according to the common key cryptosystem is performed for the logged-in user. Therefore, the processing load in encrypting the decryption key can be reduced more than in the case of using the public key cryptosystem. Furthermore, encryption processing according to the public key cryptosystem is performed for users other than the logged-in user among the plurality of users.
In this way, the decryption key can be encrypted for each of a plurality of users who share target data.

Furthermore, in the data sharing device 10 of the first embodiment, the decryption key encryption unit 134 provides the encrypted decryption stored in association with the logged-in user among the plurality of users. When the decryption key is obtained by performing decryption processing according to public key cryptography in decrypting the key, decryption is performed by performing encryption processing based on authentic information for the user according to common key cryptography Re-encrypting the key produces an encrypted decryption key for the user. The decryption key storage unit stores an encrypted decryption key generated for a logged-in user in association with the user.

According to this, the encrypted decryption key according to the public key cryptosystem can be replaced with the encrypted decryption key according to the common key cryptosystem. By the way, the load of encryption processing and decryption processing according to the common key cryptosystem is smaller than that of the public key cryptosystem. Therefore, the processing load in encryption and decryption of the decryption key can be suppressed.

Further, the data sharing device 10 of the first embodiment includes a private key encryption unit 112 and a public key/private key storage unit (user information storage unit 113 in this example).
The private key encryption unit 112 generates a public key and a private key to be used for encryption processing and decryption processing according to the public key cryptosystem for each of a plurality of users, and also generates a public key and a private key according to the common key cryptosystem. Further, the encrypted secret key is generated by encrypting the secret key by performing encryption processing based on the authenticity information acquired for the user.
The public key/private key storage unit stores, for each of a plurality of users, the user, the public key, and the encrypted private key in association with each other.

The decryption key encryption unit 134 encrypts the decryption key for each of at least some users out of the plurality of users, and uses the public key stored in association with the user in accordance with the public key cryptosystem. Perform encryption processing based on

According to this, an encrypted private key is stored instead of the private key. Therefore, leakage of the private key can be suppressed. As a result, while a plurality of users share the target data, leakage of information represented by the target data can be suppressed.

Furthermore, in the data sharing device 10 of the first embodiment, the target data represents contracts concluded between a plurality of users. When a contract is concluded, the target data encryption unit 132 generates an encryption key and a decryption key used for encrypting and decrypting target data for each of a plurality of users, and encrypts the encryption key with the encryption key. Encrypted target data is generated by encrypting the target data based on.
For each of a plurality of users, the target data storage unit 133 stores the encrypted target data generated for the user in association with the user.

According to this, after the contract is concluded, the target data can be stored independently of each other for a plurality of users who have shared the target data.

Furthermore, in the data sharing device 10 of the first embodiment, the decryption key encryption unit 134 receives an access code, and encrypts the decryption key for each of a plurality of users according to the common key cryptosystem. Perform code-based cryptographic processing.
The target data decryption unit 136 receives the access code, and performs decryption processing based on the access code in accordance with the common key cryptosystem when decrypting the encrypted decryption key.

According to this, the decryption key cannot be obtained unless the access code is known. Therefore, leakage of information represented by the target data can be further suppressed.

Note that the data sharing device 10 of the modified example of the first embodiment may be configured not to use access codes.
Further, in the symmetric key encryption, the data sharing device 10 of the modified example of the first embodiment uses the public key cryptosystem based on the public key instead of the encryption process according to the common key cryptosystem based on the authenticity information. A compliant encryption process may also be used. In other words, the data sharing device 10 according to the modification of the first embodiment follows the public key cryptosystem based on the public key associated with the user in symmetric key encryption for any user. Encryption processing may be performed.

In addition, this invention is not limited to embodiment mentioned above. For example, various modifications that can be understood by those skilled in the art may be added to the above-described embodiments without departing from the scope of the present invention.

1 Data sharing system 10 Data sharing device 11 Processing device 12 Storage device 13 Input device 14 Output device 15 Communication device 110 User registration processing unit 111 User information reception unit 112 Secret key encryption unit 113 User information storage unit 120 User authentication processing unit 121 Authentication input information reception unit 122 Authenticity information storage unit 130 Request processing unit 131 Request reception unit 132 Target data encryption unit 133 Target data storage unit 134 Decryption key encryption unit 135 Access information storage unit 136 Target data decryption unit 20-1, 20-2, ..., 20-N Terminal device 21 Processing device 22 Storage device 23 Input device 24 Output device 25 Communication device 201 User information input unit 202 Authentication input information input unit 203 Request input unit 204 Target data output unit BU1 Bus BU2 Bus NW communication line

Claims (9)

A data sharing device in which a plurality of users share target data,
an authenticity information acquiring unit for acquiring authenticity information for the user, which is information indicating that the user is authentic;
Encrypted target data by receiving the target data, generating an encryption key and a decryption key respectively used for encryption and decryption of the target data, and encrypting the target data based on the encryption key a target data encryption unit that generates
a target data storage unit that stores the encrypted target data;
a decryption key encryption unit that generates an encrypted decryption key by encrypting the decryption key for each of the plurality of users so that the decryption key can be decrypted based on the authenticity information for the user;
a decryption key storage unit that stores, for each of the plurality of users, the encrypted decryption key generated for the user in association with the user;
obtaining the decryption key by decrypting the encrypted decryption key stored in association with the user based on the authenticity information obtained for the user, and obtaining the decryption key based on the decryption key , a target data decryption unit that obtains the target data by decrypting the encrypted target data;
A data sharing device comprising: The data sharing device of claim 1, comprising:
The decryption key encryption unit encrypts the decryption key for each of at least some of the plurality of users based on the authentic information for the user according to a common key cryptosystem. A data sharing device that performs processing. The data sharing device according to claim 1 or claim 2,
The decryption key encryption unit encrypts the decryption key for each of at least some of the plurality of users, using a public key associated with the user according to a public key cryptosystem. A data sharing device that performs encryption processing based on The data sharing device according to claim 3,
The decryption key encryption unit performs encryption processing based on the authenticity information for the user according to a common key cryptosystem when encrypting the decryption key for a logged-in user among the plurality of users. and, in the encryption of the decryption key for each of the plurality of users other than the logged-in user, encryption processing based on the public key associated with the user according to public key cryptography. data sharing device. The data sharing device according to claim 3 or claim 4,
The decryption key encryption unit, for a logged-in user among the plurality of users, decrypts the encrypted decryption key stored in association with the user according to public key cryptography. When the decryption key is obtained by performing the decryption process, the decryption key is re-encrypted by performing the encryption process based on the authentic information for the user in accordance with the common key cryptosystem. generate an encrypted decryption key for the user,
The data sharing device, wherein the decryption key storage unit stores the encrypted decryption key generated for the logged-in user in association with the user. The data sharing device according to any one of claims 3 to 5,
For each of the plurality of users, a public key and a private key to be used for encryption processing and decryption processing according to the public key cryptosystem are generated, and for the user according to the common key cryptosystem. a secret key encryption unit that generates an encrypted secret key by encrypting the secret key by performing encryption processing based on the acquired authenticity information;
a public key/private key storage unit that stores, for each of the plurality of users, the user, the public key, and the encrypted private key in association with each other;
with
The decryption key encryption unit stores the decryption key for each of at least some of the plurality of users in association with the user in accordance with a public key cryptosystem. A data sharing device that performs encryption processing based on the public key. The data sharing device according to any one of claims 1 to 6,
The target data represents a contract concluded between the plurality of users,
The target data encryption unit generates, for each of the plurality of users, an encryption key and a decryption key respectively used for encryption and decryption of the target data when the contract is concluded, and generating encrypted target data by encrypting the target data based on the encryption key;
The data sharing device, wherein the target data storage unit stores, for each of the plurality of users, the encrypted target data generated for the user in association with the user. The data sharing device according to any one of claims 1 to 7,
The decryption key encryption unit receives an access code and, in encrypting the decryption key for each of the plurality of users, performs encryption processing based on the access code according to a common key cryptosystem,
The data sharing device, wherein the target data decryption unit receives an access code and, in decrypting the encrypted decryption key, performs decryption processing based on the access code in accordance with a common key cryptosystem. A data sharing method in which multiple users share target data,
Obtaining authenticity information for the user, which is information indicating that the user is authentic;
Encrypted target data by receiving the target data, generating an encryption key and a decryption key respectively used for encryption and decryption of the target data, and encrypting the target data based on the encryption key to generate
storing the encrypted target data;
generating an encrypted decryption key by encrypting the decryption key for each of the plurality of users so that decryption is possible based on the authenticity information for the user;
for each of the plurality of users, storing the encrypted decryption key generated for the user in association with the user;
obtaining the decryption key by decrypting the encrypted decryption key stored in association with the user based on the authenticity information obtained for the user, and obtaining the decryption key based on the decryption key , obtaining the target data by decrypting the encrypted target data;
How we share data, including:

Images