JP3701052B2 - Document transmission method and document transmission apparatus - Google Patents

Description

[0001]
[Industrial application fields]
  The present invention relates to document transmission, and more specifically,In facsimile transmission,Concerning security of transmission documents and proof of delivery.
[0002]
  This application is a continuation-in-part of US Patent Application No. 08 / 048,376 (accepted on April 15, 1993, “A Method and Apparatus for Placing Data onto Plain Paper”).
[0003]
[Prior art]
  Today, facsimile transmission of documents is a common occurrence in business. The transmitted document is often called "fax".
[0004]
  In fax transmission, when a person places a document on a facsimile ("fax") device, the document is read (scanned) into a digital format. The digital representation of the original document is transmitted through a public telephone line or some communication network and received by another facsimile machine. The latter facsimile machine prints the digital data on a piece of paper.
[0005]
  One problem with current document faxing methods is lack of security.
[0006]
  For example, there are some obstacles if you want to fax a document that contains information that only certain recipients want to see.
[0007]
  First, when both the caller and the receiver have a normal facsimile machine that operates on the public telephone network, the caller must contact the receiver to inform them that a secret fax will be sent. . Then, the recipient must go to the facsimile machine to receive and wait until it is available. When the facsimile machine is available, the recipient must contact the caller to inform him that he is waiting for a fax at the facsimile machine. At this point, the caller can send a normal fax, which is received by the recipient. Even if there is currently no person near the recipient who may see the fax, the data may be sent over a non-secure telephone network and a copy may be intercepted by a competitor. Also, if the caller dials the wrong phone number, people from other companies may see the secret fax. Worse, the recipient's facsimile machine can automatically store a certain number of faxes (for example, save the last 10 faxes) and reprint those faxes. It may be the case that others (if the recipient does not know the function) may get the secret fax.
[0008]
  Even if both the sender's facsimile machine and the recipient's facsimile machine are connected to a secure telephone unit (STU) that encrypts the telephone line, there is a problem in sending a secret fax. That is, the caller must always contact the recipient and inform him / her that he / she will send a fax, and therefore the recipient must also go to the STU to receive the fax.
[0009]
  In either of these cases, to ensure fax security, the sender and receiver must be able to communicate and coordinate actions on the sending and receiving sides of the facsimile transmission. However, this can be inconvenient. It is particularly inconvenient when one or both of the caller and the recipient are unable to contact, for example when the caller and the recipient are in different time zones, ie in different countries. This problem becomes more serious when the caller wants to send several copies to different people simultaneously.
[0010]
  The sender and receiver may have a facsimile machine with a “confidential reception” function that can send a non-printed fax unless the recipient goes to the facsimile machine and enters a secret code. However, this fax can also be intercepted by an eavesdropper when transmitted over the public telephone network, unless the facsimile machine is connected to the STU. Even if this facsimile apparatus is connected to the STU, the recipient must go to the STU and insert the key, so the same problem as described above occurs. In addition, a facsimile machine having a “confidential reception” function may have a small amount of memory and may cause a power failure. In such a case, the fax must be picked up immediately, otherwise the next confidential fax cannot be sent.
[0011]
  As pointed out in each case above, current document facsimile transmission methods are not well suited for the purpose of transmitting confidential or secret (eg personal) information. Therefore, it is desirable to be able to send and receive facsimile telegrams in a manner that protects confidentiality.
[0012]
  Another problem with current facsimile transmissions is that there is no way for the caller to know that a specific designated recipient has received the fax document. Also, there is no way for the caller to know when a fax is received and to ensure that only the intended recipient has the fax. Current facsimile machines echo the telephone number of the received fax to confirm that the transmission occurred, but there is no guarantee that the desired recipient actually received the fax or that the received fax telephone number was programmed correctly. Absent. In the office environment, many other people may have received the fax. Furthermore, there is currently no way to automatically know when the recipient has received the fax. In some cases, the recipient may receive a fax after hours, days, or weeks. The only way to confirm is by calling the recipient and the recipient by telephone or by some other communication method to confirm receipt.
[0013]
  There is a “certified letters” in the US postal system that sign the desired recipient's receipt of the letter. Similarly, other postal deliverers and rapid delivery systems often deliver documents and parcels that require "certified" signers.
[0014]
  At present, however, there is no way to certify a fax in the same way that these proof-of-delivery flights and signers certify receipts of letters and other receipts. Therefore, it would be desirable to enable proof of receipt of fax transmission.
[0015]
[Problems to be solved by the invention]
  One object of the present invention is to provide a means for document transmission that can protect the confidentiality of document contents. Another object of the present invention is to provide a means for realizing a proof such as a delivery certificate in document transmission.
[0016]
  In order to clarify the intention of the present invention, some specific examples will be described here. The present invention provides a facsimile transmission system in which the confidentiality of a document is protected. This facsimile system eliminates the need for adjustment work between multiple persons, which is necessary when there are a large number of recipients.
[0017]
  The present invention also provides a system for sending and receiving a fax message that can be delivered in a manner similar to a delivery proof mail received and sent by the US Postal System. This proof allows the caller to know that the desired recipient has received the fax document, while at the same time ensuring that only the intended recipient operates the fax.
[0018]
[Means for Solving the Problems]
  In order to achieve the above object, in the present invention, the transmission side inputs an original document, encrypts it with a secret key (encryption key), and transmits the encrypted document data to the reception side. The receiving side prints the received encrypted document data on a piece of paper to create a document that is an encrypted representation of the original document. On the receiving side, the encrypted representation document is input, decrypted with the decryption key, printed on a piece of paper, and a reproduced document of the original document is created. At this time, a delivery certification signal is transmitted to the delivery certification destination designated in the encrypted document data.
[0019]
[Action]
  According to the present invention,Since the document is transmitted after being encrypted, the confidentiality of the document can be protected even if the document is intercepted during transmission. The received and printed document is also an encrypted document, and unless it is decrypted, its contents cannot be read by anyone. If only the intended recipient can decrypt the received document, the confidentiality of the received document can be protected. As a result, it is not necessary for the receiver to be at the receiving place at the time of reception, and it is not necessary for the sender and the receiver to contact each other in advance.
[0020]
  According to the present invention,You can protect the confidentiality of the transmitted document, but also the location specified in the received document when decrypting the received documentDelivery proof signal to (delivery proof destination)Is sent. Only scheduled recipients can decrypt. Therefore, the caller or other appropriate person or institutionProof of delivery signalCan be treated as proof ("delivery proof") that the content of the document has been communicated to the intended recipient. That is, in document transmission, the same proof as delivery proof mail is possible.
[0021]
  The present invention includes various methods and apparatuses in addition to the above-described method. The configuration, operation, and advantages of the present invention will be clarified in relation to examples described later.
[0022]
【Example】
  A method and apparatus for transmitting a facsimile of a document in a secure manner and a delivery proofable manner is described.
[0023]
  In the following description, various specific details, such as encryption / decryption techniques, formatting techniques, etc., are presented in order to provide a thorough understanding of the present invention. It will be apparent to those skilled in the art that the present invention may be practiced without these details. On the other hand, well-known processes and functions have not been described in detail so as not to obscure the present invention.
[0024]
  The present invention can transmit a secure fax and a delivery proof fax. The present invention is implemented to provide such a secure fax and a delivery proof fax by recording digital data on plain paper using a facsimile machine. Since digital data is encrypted or machine-readable, the confidentiality of the data is protected even if the plain paper is exposed to the human eye. The data is subjected to other data processing such as error correction and specific formatting, as well as other processing such as compression and decompression.
[0025]
  An example of formatting used to record the encoded information on plain paper is a U.S. patent application Ser. No. 08 / 048,376 (1993), incorporated herein by reference and assigned to the assignee of the present invention. "A Method and Apparatus for Placing Data onto Plain Paper").
[0026]
  When using formatting, the facsimile apparatus of the present invention on both the receiving side and the transmitting side uses the same data formatting method so that the received digital data can be converted into information that can be read by the recipient when printed. Use.
<Secure facsimile transmission>
  FIG. 1 shows the elements of the secret facsimile system of the present invention.
[0027]
  In FIG. 1, a document 101 including a header and information that the user wants to disclose only to the recipient (for example, confidential or confidential information) is set in the facsimile apparatus 102 and read for transmission. The facsimile apparatus 102 may have an encryption function such as an encryption block 103 that encrypts data of the document 101. Note that arbitrary encryption may be performed by another apparatus before reading a document for transmission. The output of the facsimile apparatus 102 is directly or indirectly connected to a communication network such as a public telephone line or a dedicated telephone line.
[0028]
  In one embodiment, the facsimile machine 102 may connect to a communication network via a secret talk device (STU). In one embodiment, document 101 may be generated on a computer or electrically transferred to a computer. Such a document 101 is encrypted using the computer and then transmitted by a fax modem (to a normal paper output facsimile machine). Instead of encryption, the facsimile machine 102 may output a machine-readable coding so that the data of the document 101 is in a form that is not human-readable.
[0029]
  The faxed document is sent to a receiving facsimile machine, for example, a facsimile machine 106. In one embodiment, the facsimile machine 106 may be a paper output facsimile machine. The facsimile machine 106 may be a computer system. When the STU 104 is inserted, the same STU 105 is used to connect the facsimile apparatus 106 for receiving a message to the communication network. Note that the facsimile apparatus 106 may have an encryption function such as the encryption block 107 in addition to the decryption function.
[0030]
  The output of the facsimile device 106 is an encrypted document 108. The encrypted document 108 is supplied to the facsimile machine 109 (at the convenience of the recipient). Since this facsimile apparatus 109 has a decryption function like the decryption block 110, a reproduced document of the document 101 can be output. If the document 108 is in a machine-readable format, the facsimile machine 109 has a machine-readable decoding function to generate a reproduced document.
[0031]
  Note that a facsimile apparatus such as the facsimile apparatus 102, 106, 109 shown in FIG. 1 has a scanner for inputting a document, a printer for printing a received document, a transmission function, a telephone number or a code that can be recognized by the apparatus. It has general facsimile functions such as an input / output (I / O) function such as a keypad for inputting and a telephone / modem line connection mechanism for activating a communication channel by dialing another facsimile apparatus.
[0032]
  FIG. 2 illustrates a process for sending a secure fax utilizing the secure fax system 100 of FIG.
[0033]
  In FIG. 2, first, a first party (for example, a caller) sets a document in the facsimile apparatus 102 and inputs a secret key on the keypad (processing block 201). This secret key is known to the recipient and allows the recipient to decode the fax. The facsimile machine 102 reads the document information into a series of digital data values and uses the encryption block 103 to encrypt the digital data values. The encrypted information is transmitted to the facsimile apparatus 106 via a communication network (for example, a telephone network) (processing block 202). The received encrypted information is printed by the destination facsimile apparatus 106 to obtain the encrypted document 108 (processing block 203).
[0034]
  Again, computers may be used for fax generation, encryption and / or transmission.
[0035]
  The facsimile apparatus 106 prints an encrypted document 108 (secret fax) with a header. This header may contain information specifying the intended recipient of the secret fax and other information to identify one or both of the parties (eg, destination, caller's home, etc.) and may relate to the document itself May contain specific information.
[0036]
  In one embodiment, the header is not encrypted and can be read by the operator. An example of such a facsimile reproduction document having header information 301 and encryption information 303 is shown in FIG.
[0037]
  Note that the entire document may be encrypted when the recipient knows the intended recipient.
[0038]
  The document is then received by the designated recipient (processing block 204). If the encrypted fax document 108 is passed to the recipient by normal route, the recipient can take the secret fax to a computer scanner or a specific facsimile machine such as fax 109 for decryption. it can. In either case, the recipient enters a decryption key, the encrypted document is read and decrypted according to the key, and a readable fax is recorded on a tangible medium (eg, printed or computer-written). Stored in memory, etc.). Thus, the fax can be decoded at the convenience of the recipient. If such a system is used, the confidential information of the original document is protected in the facsimile transmission process.
[0039]
  As shown in FIG. 1, if the facsimile apparatus 102 includes the encryption block 103, the fax transmitted through the public telephone network is encrypted.
(STU) 104 and 105 are not necessary. In other embodiments, the facsimile machine 102 may not have the encryption block 103. In this case, encryption may be performed by encryption block 107 within facsimile device 106. However, STU 104 and STU 105 may be provided to protect the confidentiality of information on the public network. The encrypted document 108 will be generated by the facsimile machine 106 and later decrypted at the convenience of the recipient. Even if the facsimile apparatus 102 has an encryption function, STUs 104 and 105 may be provided to add an auxiliary encryption function. In another embodiment, the facsimile machine 106 may have its own decryption function along with the encryption block 107. In this case, the facsimile machine 106 decrypts the encrypted fax message, and then outputs the encrypted document 108 by its own encryption process. Thereafter, the encrypted document 108 is subjected to the same decryption processing by the decryption block 110, and the document 101 is reproduced.
[0040]
  The decryption function of the facsimile device 106 may also be used to decrypt the encrypted document 108 that is printed out and received by the user. Accordingly, the facsimile machine 106 and the facsimile machine 109 may be the same facsimile machine. In such a case, after the encrypted document 108 is received and printed by the facsimile apparatus 106, it is sent to the facsimile apparatus 106 again, and the information contained in the fax is decrypted by the decryption function, and this is the reproduction of the document 101. It will be printed out as a document. If the facsimile apparatus 106 and the facsimile apparatus 109 are separate apparatuses, the facsimile apparatus 106 need not have an encryption function and a decryption function.
[0041]
  The facsimile machine of the present invention may be used to read a pre-encrypted document and send it to another facsimile machine. At this time, the other facsimile apparatus will decode the document to obtain a reproduced document of the document 101. Such a system may be employed when an encrypted document is generated by another system such as a computer system having a printer (eg, a laser printer) and the fax is transmitted by a conventional facsimile machine system. .
[0042]
  A personal computer having a built-in facsimile machine (eg, a fax modem) may be used in the present invention. The sender can encrypt the document on the personal computer and send the encrypted document to the recipient's facsimile machine. The recipient can handle the received fax as if it was received from another facsimile machine. If the caller's computer system does not have a modem, the encrypted document may be printed by an ordinary printer. Then, this printed output may be delivered to the person who faxes it to the recipient via a normal route. The facsimile apparatus can read the encrypted document as digital data and transmit it to a communication network. After reception, the fax is handled as described above.
[0043]
  Any reliable encryption method can be used in the present invention. For example, the encryption utilized in the secure fax system of the present invention can be DES (Digital Encryption Standard), Rivest Shamir Adlemen method (RSA), or government-approved “clipper chip” or “slip jack”. “The law does n’t matter.
[0044]
  The exchange of keys according to the present invention can be performed by various methods such as DES and Diffie-Hellman methods. A public key cryptosystem may be used. The recipient has one public key (which may be printed on the recipient's business card) and anyone can use that key to send the fax, but can read the fax Only the recipient can do it.
[0045]
  Thus, the present invention securely transmits faxes between users. Faxes are transmitted securely using encryption and cannot be decoded and decrypted unless a code entered by a designated recipient is used.
[0046]
<Delivery proof facsimile transmission>
  The present invention enables the transmission of a facsimile representation that can be "delivered delivery" utilizing the digitally encrypted facsimile apparatus of the present invention.
[0047]
  In the present invention, in the fax reception process, a certification instruction for validating the delivery certification process is given to the sender. In one embodiment, the delivery proof instruction of the present invention is a delivery proof signal (or delivery proof request signal) sent back to the sender's facsimile machine using the communication network.
[0048]
  In the present invention, a delivery proof facsimile system may be configured to provide delivery proof instructions (eg, signals) at various times.
[0049]
  For example, the system may be configured to provide proof of delivery instructions before decryption.
[0050]
  In another embodiment, if the received fax is encrypted, a proof of delivery instruction is communicated to the caller via the communication line when the recipient decrypts the fax with the facsimile machine of the present invention. Thus, the sender knows that the receiver has actually decrypted the information.
[0051]
  Decoding may occur minutes after the transmission itself, hours, days, or weeks later (and may be performed on another facsimile machine). ). Thus, a delivery proof instruction is sent when the fax is decoded.
[0052]
  A proof of delivery instruction may be sent to a source fax modem, bill exchange or other suitable location that can receive these fax messages and can be individually specified. In addition, encryption may be utilized for proof of delivery for privacy and / or certainty.
[0053]
  FIG. 4 shows a block diagram of a facsimile transmission system for providing a delivery proof fax according to the present invention.
[0054]
  In FIG. 4, a source document 401 is input to a facsimile machine 402, the facsimile machine 402 sends a fax message 403 to the facsimile machine 404, and the facsimile machine 404 prints an encrypted document 405. This print document 405 is distributed to a designated recipient after an indefinite time.
[0055]
  When the designated recipient sends the encrypted document 405 to the facsimile apparatus 406, the facsimile apparatus 406 reads, decodes, and decrypts the document, and outputs a reproduction document of the source document 401.
[0056]
  When the encrypted document 405 is decrypted, a delivery certificate signal 407 is sent back to the facsimile apparatus 402 to notify that the fax has been decrypted. Alternatively, the delivery certificate signal 407 is transmitted prior to the decryption of the document 405, and the encrypted document 405 is decrypted only after the delivery certificate acknowledgment signal 408 is received by the facsimile apparatus 406.
[0057]
  FIG. 5 shows the process of sending a delivery proof fax by the system shown in FIG.
[0058]
  In FIG. 5, the caller first inserts the source document into the facsimile machine 402, inputs the secret key for encryption, and initiates the transmission of a fax, for example, by pressing a send button (processing block 501). When the source document 401 is read and encrypted by the facsimile apparatus 402, a delivery proof instruction is given.(Delivery proof signal)The telephone number designated for receiving the message is encoded along with the document information (processing block 502).
[0059]
  The facsimile machine 402 encrypts the caller's telephone number along with the information on the source document 401 and sends the fax (as a fax message 403) to the facsimile machine 404 (processing block 503). The facsimile machine 404 prints the encrypted fax, which is passed to the recipient (processing block 504).
[0060]
  Note that the encryption may be performed by the facsimile apparatus 404 instead of the facsimile apparatus 402. However, in such a case, in order to guarantee the safe transmission of the fax message 403, an STU that provides a secure telephone line between the facsimile apparatuses 402 and 404 may be necessary.
[0061]
  After the indefinite time (represented as a dotted arrow), the recipient uses the facsimile machine 406 to decrypt the encrypted document 405 and create a replay document of the source document 401 (processing block 505). Note that the facsimile machine 406 may be the same facsimile machine as the facsimile machine 404 so that the facsimile machine that receives the fax can also be used for fax decoding. A delivery proof signal 407 is returned to the facsimile machine 402 during the decryption process. In the present invention, a delivery certificate signal 407 may be sent to indicate that the document has been decrypted.
[0062]
  In another embodiment, the delivery proof signal 407 may be sent as a request to decrypt the document. In such an embodiment, decryption is performed when the destination of the delivery certification signal permits.
[0063]
  The facsimile apparatus 406 can confirm the transmission destination of the delivery proof signal using the designated telephone number encoded in the document.
[0064]
  The facsimile machine responsible for decrypting the encrypted fax attempts to send a delivery proof request signal to the facsimile machine specified by the encoded telephone number at the time of decoding and receives a busy signal or the telephone number is If there is no response, transmission of the delivery proof signal can be delayed, and then the delivery proof signal can be retransmitted at a certain time. At that time, if the caller's fax machine is no longer busy, the fax machine specified by the caller can receive a proof-of-delivery request signal, which means that the fax has been received by the specified recipient. Instruct.
[0065]
  FIG. 6 illustrates one embodiment of a delivery proof fax decryption process according to the present invention.
[0066]
  In FIG. 6, after an encrypted fax is received, the recipient inserts the encrypted fax into the facsimile machine and enters a code for decrypting the encrypted fax (processing block 601). This code may be the recipient's secret code. The facsimile machine reads the fax encryption information into the memory. The encryption information may be read as soon as the document is placed in the document feeder of the facsimile machine.
[0067]
  In process block 602, the facsimile machine contacts the certifying machine (ie, the facsimile machine specified in the encryption information). In the present invention, the facsimile apparatus transmits a delivery proof signal to the number encoded in the received fax. In one embodiment, the encrypted fax is decrypted and printed after transmitting the delivery proof signal.
[0068]
  In one embodiment, the facsimile machine sends a delivery proof signal along with a decryption key request. This request may include the public key, and may be encrypted using the recipient's private key and the proved device's public key. Facsimile identification information may be used to identify the origin of the request and / or the document that is being requested to be decrypted.
[0069]
  The certification destination device decrypts the request using the recipient's private key. The certification destination apparatus can determine whether or not to permit decryption, and transmits a decryption key if it can respond to the request. This decryption key may be encoded using the public key of the requesting facsimile machine.
[0070]
  This decryption key is received by the requesting facsimile machine (processing block 603). The facsimile machine decrypts the encrypted fax and prints the decrypted information to create a reproduction document of the original document (processing block 604).
[0071]
  The facsimile machine used to perform the decoding is permitted to decode the fax only if the facsimile machine specified by the encoded number is connected for transmission of the delivery proof signal. This facsimile machine does not decode the received fax if the sender's facsimile machine is busy.
[0072]
  In one embodiment, the decoding request facsimile device transmits the encrypted data to the location specified by the document, where the data is decoded and sent back to the decoding request facsimile device for printing.
[0073]
  The delivery certificate request signal may be sent immediately to a facsimile machine other than the facsimile machine used to send the encrypted fax. In one embodiment, this other facsimile machine may be located in various locations, such as a central bill exchange or facility for document monitoring to ensure that the document has been received by a designated party.
[0074]
  In one embodiment, even after a fax has been sent, before the recipient decrypts it, the caller can reject the request and revoke permission for the recipient. For example, if the recipient has not yet decrypted the encrypted fax message after a specified period of time, the sender can program the recipient to refuse to decrypt the fax. This prevents out-of-time information from being decoded by the recipient. In one embodiment, this may be accomplished by not having the facsimile number recognize the delivery confirmation signal.
[0075]
  In addition, the present invention provides a function that allows the caller to revoke permission to decrypt a portion of a fax document. That is, the caller can program the facsimile machine that receives the delivery proof signal to only grant permission to decrypt a portion of the fax. This may be accomplished in one embodiment by encrypting portions of the document using different encryption techniques and providing only a specific decryption key. Then, since a necessary key is not provided by the certification destination apparatus, a part of the information cannot be decrypted. This may be useful if some of the information in the original fax is no longer valid, or if the caller no longer wants the recipient to read that information.
[0076]
  In one embodiment, when encrypted data is transmitted from a decoding requesting facsimile machine to a location for decoding, the data portion that the original caller (e.g., the original fax caller) wanted to be decoded. Only the decoding request facsimile machine is returned. Further, the certification destination apparatus may transmit the updated information when receiving the delivery certification request.
[0077]
  Note that the fax decryption / delivery proof signal is different from the fax “acknowledge” signal associated with all current fax transmissions. This signal is always sent to the facsimile machine designated on the document when the recipient decrypts the message. In one embodiment, the recipient can only decrypt the encrypted fax document when the decrypted facsimile machine is available over the telephone line. It is at this point that the sender is convinced that the recipient has received the decrypted fax message.
[0078]
  As described above, the present invention can transmit information that can be proved by facsimile between two parties. The recipient does not have to be on arrival to “sign” the incoming document. The document can remain in the “Received Fax” pile until the recipient decrypts it. The recipient actually signs the document when decrypting it. Thus, a proof-of-delivery fax can be sent at any time, even if no recipient actually receives it.
[0079]
  One advantage of this proof-of-delivery fax system is that there is no need to add a large amount of memory to the facsimile machine. All information, especially the “answer” phone number of the facsimile machine specified by the caller, is stored in the encrypted document itself. The fax circuit required when adopting such a configuration is simple and inexpensive. In addition, the delivery proof fax of the present invention is faster and cheaper than an overnight delivery system or US mail.
[0080]
<One Example of Document Transmission Apparatus of the Present Invention>
  FIG. 7 is a block diagram showing an outline of an embodiment of the document transmission apparatus of the present invention.
[0081]
  This apparatus of the present invention is a digital processing apparatus. In the presently preferred embodiment, the digital processing device comprises a digital facsimile machine. In one embodiment, the operation of a digital facsimile machine is simulated using a scanner, printer, and computer.
[0082]
  In FIG. 7, the apparatus of the present invention has a bus or other communication means 701 for information communication. A controller 702 for information processing is connected to the bus 701. Also connected to bus 701 is a random access memory (RAM) or other dynamic memory device 703 (commonly referred to as main memory) for storing information and instructions for controller 702. The bus 701 is a read only memory (ROM) or other static memory device 704 for storing static information and instructions for the controller 702, and a data storage such as a magnetic disk and disk drive for storing information and instructions. A device 705 is also connected.
[0083]
  The processing apparatus also includes a scanner 706 connected to the bus 701 for reading the selected hard copy document into the facsimile apparatus. The scanner 706 can read not only ordinary images but also digital representations of images (ie, digital paper). In order to identify whether the scanner 706 is reading normal images or digital paper, some automation is employed that examines a portion of the hardcopy document being read and determines that the document is digital paper. It may be. In another embodiment, a key is entered that indicates to scanner 706 that the hard copy being read is digital paper.
[0084]
  In one embodiment, scanner 706 is a gray scale scanner. In the presently preferred embodiment, the resolution is 200 DPI. The scanner 706 converts each picture element, that is, a pixel of the scanned image into a digital value. In another embodiment, scanner 706 is a bitmap scanner that scans the image of each hardcopy input document with a predetermined spatial resolution and outputs a digital value. These digital values gather to produce a data structure called a bitmap that is well known to those skilled in the art.
[0085]
  In one embodiment, controller 702 also performs encryption and decryption. Note that the controller 702 performs error correction encoding, encoding, decoding, and error detection correction processing shown in FIGS. 8 and 9 with respect to the input of the scanner 706. Thus, in one embodiment, controller 702 serves as the encoder and decoder of the present invention.
[0086]
  A hard copy device 707 for printing hard copies is also connected to the bus 701 to provide a visual representation of received documents and documents input to the scanner (such as when an encrypted document is input for decryption by a facsimile machine). The In one embodiment, the hard copy device 707 is a printer unit of a facsimile machine. In other embodiments, the hard copy device 707 may be a plotter or printer, such as a bitmap printer that develops a bitmap image into pixels that are printed on plain paper.
[0087]
  In addition, a human or user interface 708 is included to allow the user to interact with the controller 702, scanner 706 and hardcopy device 707. The user interface 708 is an input / output device through which the user inputs control commands and telephone numbers to the facsimile machine (ie, controller 702, scanner 706, and hard copy machine 707) and receives feedback from the facsimile machine. means. This feedback indicates an action taken by the facsimile machine in response to a command input by the user.
[0088]
  The user interface 708 is also used for inputting keys for encryption processing and decryption processing, which will be described later with reference to FIGS. 8 and 9. In response to this key, the controller 702 accesses the memory and determines the type of encryption to be performed. This memory stores a code used for encryption. When sending a secret fax, a key is also entered into the decryption facsimile machine to cause a similar access to enable decryption. The use of a key for encryption / decryption is well known in the art.
[0089]
  The user interface 708 includes an alphanumeric input device having keys for information communication and command selection in addition to alphanumeric characters, a cursor control device for controlling cursor movement, and / or a CRT for displaying information to a facsimile user. It may include a display device such as a liquid crystal display.
[0090]
  The network interface 710 enables connection with a communication channel (eg, port). The network interface 710 cooperates with the controller 702 to enable fax transmission over the communication network.
[0091]
  In the presently preferred embodiment, the above components are integrated into a single facsimile machine, but these components, for example, the scanner 706 and the hard copy device 707 may be independent elements. In one embodiment, scanner 706 and / or hardcopy device 707 may be connected to bus 701 using a dedicated communication line or a switched communication network.
[0092]
  In addition to encryption / decryption, the facsimile machine used to enable the delivery of a fax message includes hardware / software necessary to implement a typical facsimile machine. Although the facsimile apparatus of the present invention includes a function for dialing and calling another facsimile apparatus, it is possible to recognize a designated answering telephone number from data obtained by reading a facsimile message and to dial the telephone number during decoding by a slight change. It becomes possible. This may be facilitated by redefining an area on the encrypted fax message so that the designated answering telephone number is always placed there. By doing so, the facsimile apparatus can confirm the answering telephone number at the predetermined place when reading the encrypted fax message.
[0093]
  Further, the facsimile apparatus of the present invention has a function of giving a delivery certification instruction to a designated facsimile apparatus. This indication may be a signal transmitted by the existing communication network via the network interface 710 and may consist of several bytes following the information already transmitted to establish a connection between the two facsimile machines. unknown. For example, these additional bytes may be transmitted with a setup protocol that determines the baud rate at which the facsimile machine operates.
[0094]
  Additional hardware utilized by the present invention includes a memory that is accessed in response to the delivery proof signal to give the facsimile machine sending the delivery proof signal the authorization necessary to decrypt the encrypted fax. .
[0095]
<Digital data encryption and formatting>
  FIG. 8 illustrates the encoding process of the present invention. This encoding process produces a sheet of paper that stores digital information. Thus, the result of the encoding process of the present invention is referred to herein as “digital” paper.
[0096]
  Please refer to FIG. In the present invention, the data source 801 consists of digital data. In one embodiment, the data source 801 is obtained by reading the data source with a scanning device. In the present invention, the scanning device is a scanner portion of a facsimile machine. In the presently preferred embodiment, the read data of the paper consists of digital data. Further, the compression applied to the data is shown by a compression process 802 in FIG. In another embodiment, the data source 801 may be an ASCII data file or a JPEG-compressed color image, and more particularly, the data is faxed using a personal computer computer and the source is the file currently stored. Sometimes it can be obtained from a binary executable. In other words, the data source 801 of the present invention may be provided from any source, and includes text, fax data, grayscale image data, and color image data.
[0097]
  In the present invention, compression may or may not be performed. When compression is performed, various methods may be used, including lossy compression methods and lossless compression methods, depending on whether the compressed data needs to be reproduced in the same way as the original.
[0098]
  If the data source 801 is in digital format and any necessary compression is performed (processing block 802), the data is encrypted (processing block 803). In one embodiment, encryption is performed using software. In one embodiment, software encryption is performed by exclusive ORing the original data with a pseudorandom sequence generated using a secret key as a seed. In this case, the decryption process (described later) is simply exclusive ORing the data with the same pseudorandom number sequence. This type of encryption process has a short key length used as a seed for a pseudo-random number sequence, and the same key may be used for two or more messages. It is not a method of conversion. There are well known ways to break this kind of encryption.
[0099]
  In order to obtain secure data by encryption, a one time pad can be employed instead of a pseudo-random number sequence. The one-time pad consists of a randomly generated bit string known to both parties (ie, the “encrypting” party and the “decrypting” party) and is used only once in the encryption process. In a one-time pad, the key length is equal to the message length and may exceed 100,000 bits. Since the one-time pad is used only once, it is not easily attacked by the same attack as that used for the pseudo-random number sequence.
[0100]
  In another embodiment, the encryption process may be performed using a digital encryption standard (DES) or RSA method. In the RSA method, as is well known in the art, digital data is encrypted using two prime numbers that are multiplied. If each of these two prime numbers is approximately 200 digits, the RSA method provides a very secure encryption method. In order to use DES in one of the feedback modes or to use the RSA method, it is necessary that no error occurs in encoding and decoding of the digital data stream. When an error occurs, all data preceding the error location can be lost. Alternatively, the encryption process can be restarted periodically, so that only a portion of the message is lost unless an excessive number of errors occur. Note that any digital encryption method may be employed in the present invention.
[0101]
  After the required compression and encryption, error correction encoding may be performed (processing block 804). Since plain paper is used as the digital channel, the error correction of the present invention can be regarded as another box of digital input and digital output. Error correction encoding (processing block 804) adds correction bits or “parity” bits to the digital information of the encrypted data source 801. In one embodiment, error correction is performed using software. The software used to perform error correction is a shortened-interleaved Reed-Solomon code above GF (256) that provides forward error correction. In a Reed-Solomon code of GF (256) or more, 1 byte of data is extracted from each box and combined using addition and multiplication within a limited field to generate a 2-byte checksum byte. In one embodiment, these checksum bytes are encoded in the last two boxes on the page.
[0102]
  For more information on Reed-Solomon coding and the terms "shortening" and "interlib", see Richard E. See Blahut, “Theory and Practice of Error Control Codes,” Addison-Wesley, 1983.
[0103]
  As will be described below, in one embodiment, data is printed in a format by the receiving facsimile machine, which stores the data in a number of boxes distributed over plain paper pages. The error correction code is interleaved by an amount equal to the number of bytes stored in one box on the page. Thus, losing an entire box will not cause an uncorrectable error. In this example, a parity bit is calculated using one byte of each box of the first 10 boxes and stored in the last two boxes. In the present invention, the parity bit box is completely different from other digital data boxes on plain paper. Just as with the data box, the entire message can be assembled even if one parity box is lost. In one embodiment, 20 data boxes are used to store data on paper.
[0104]
  There are advantages over selecting information for error correction using information about the formatter. That is, error correction can group any set of bytes, so if you know the location of those bytes on the page, the bytes used for error correction can be separate bytes on the page. Good. By doing so, it is possible to perform error correction that can sufficiently cope even when a large portion of plain paper is damaged (for example, when coffee is spilled and soiled). In addition, parameters can be selected based on the decoder. Thus, when a very high resolution scanner is used for decoding, the coder will be able to attempt to transfer more data. If the scanner has a large platen, it can decode more information (assuming others are equal). More powerful error correction methods may be used when a particular receiver is very noisy.
[0105]
  If the data source 801 is in digital form, the desired compression has been performed (processing block 802), the encryption (processing block 803) and the desired error correction encoding (processing block 804) have been performed, the digital data is printed. Formatted into possible unique color pixels (processing block 804). In one embodiment, the digital data is formatted into black and white pixels. In one embodiment, the pixels are printed by a photocopier printer.
[0106]
  The formatting step (processing block 805) of the present invention is responsible for converting a digital bit string into a format that can be scanned accurately and that can be read by a facsimile machine.
[0107]
  After formatting (processing block 805), the data is printed (processing block 806). In the present invention, data printing is performed using the printer unit of the facsimile apparatus.
[0108]
  In order to write bits on paper, a data stream to be stored on a piece of paper is first stored on paper as a block of black and white dots or data pixels. In one embodiment, “1” bits may be stored as white dots and “0” bits as black dots. The data pixels used must be larger than the scan resolution so that the scan sample fits within the printed pixels. Further, a frame (boundary) is provided around the data block so that the reading position of each pixel can be accurately determined. An example of such a digital data box is shown in FIG. If the data block is too large, it may be difficult to reproduce the original data due to paper stretch and scanner misalignment.
[0109]
  Please refer to FIG. In the presently preferred embodiment, black and white bits are placed in several boxes on the page to ensure that data spacing and alignment can be measured. In one embodiment, as shown in FIG. 11 (header information not shown), 20 data boxes are used for an 81/2 × 11 inch piece of paper. In one embodiment, each box is three data pixels thick and has a mostly black border. By providing a border around each box, the position of the edge of the box can be easily confirmed (during decoding). Also note that there are large white pixels at each corner of each box. If you examine the box, you will notice that there are pixels that alternate black and white along the left and right edges. These pixels are used to accurately measure the current position of the horizontal pixel line when reading data. Note that the alternating pattern of black and white pixels is added to the left and right edges of each box to compensate for variations in vertical spacing of the pixels. These alternating pixels are not needed if the magnitude of the vertical spacing variation between the pixel rows is not so great as to cause an error in data reading (decoding).
[0110]
  In one embodiment, 20 small boxes each storing several bytes of data are used, but an arbitrary number of boxes may be used. This is a matter of design choice. Smaller boxes increase the overhead for the frame, and the inter-box space is not utilized for data, but the amount of correction data that must be added to the encoded data is reduced (ie, the error rate is reduced). Low)
[0111]
  It should also be noted that the present invention uses grayscale ink and can store additional information at the gray level. By doing so, for example, using 8 gray densities, 3-bit data can be obtained by a gray scale printer and scanner.
[0112]
<Outline of Decoding Process of the Present Invention>
  FIG. 9 illustrates the decoding process of the present invention. The decoding process of the present invention performs the reverse operation of the encoding process one step at a time. First, a digital paper sheet is read (processing step 901). The read data is then sampled to generate a binary sequence representing the binary sequence received by the encoding process (processing step 902). Note that the result of the reading is almost the same binary sequence as that given to the encoder. The result of the reading may not produce an exact duplicate of the data sent to the encoder. This may be due to a data scan error. For example, registration errors during the scanning process, flatness, skew, and scanner failure may prevent accurate copies from being sent to the decoder.
[0113]
  After the “digital” paper is decoded (processing block 902), error detection and correction is performed (processing block 903). This error correction corrects for data loss due to paper damage or failure to accurately predict pixel locations. The error detection / correction process (processing step 903) is a reverse process of the error correction encoding performed in the encoding process (FIG. 8). Error detection / correction is performed using the parity bits added during the encoding process of FIG. 8 to correct errors that may have occurred (processing block 903). Possible causes of this error are staples, punch holes, paper fading, technical problems, and other paper defects or damage.
[0114]
  After the required error correction, the data is decoded (processing block 904). This decryption process (processing block 904) is the reverse process of the encryption performed in the encoding process (FIG. 8). In one embodiment, the decryption process needs to use the same key that was used for encryption. By using the same key, the original data is reproduced.
[0115]
  After the required error correction and decoding has been performed, the data may be decompressed (processing block 905). Whether or not to perform the expansion is determined depending on whether or not the compression is performed in the encoding process, and the expansion is performed to restore the data as close to the original as possible.
[0116]
  After decoding (processing block 902), error detection / correction (processing block 903), decoding (processing block 904) and required decompression (processing block 905), playback data is obtained, printed and displayed. Or it can be stored on disk. In one embodiment, the data is printed (processing block 906). In one embodiment, when the original data is simple scan data, a copy of the original can be printed. In other embodiments, if the original data was several pages of ASCII or Postscript data, the data can be printed or stored in a file. In another embodiment, if the original data is a JPEG compressed color image, the image can be displayed.
[0117]
  When the encryption (and decryption) method of the present invention is integrated into an encoding process and a decoding process, the present invention uses plain paper to transfer data information in a manner that maintains confidentiality and authenticity. In the present invention, this confidentiality is easily obtained by using a key or code known to the user when the document is encrypted and decrypted. In the present invention, information is encrypted using a facsimile. When utilizing the present invention, the user will set a confidential document in the facsimile machine, press the encryption button, and press the secret key. The facsimile machine will then scan the sheet and output an encrypted copy. This encrypted copy will be delivered to the intended recipient. The recipient enters the encrypted copy into the facsimile machine, presses the decryption button, and enters the same secret key. The facsimile machine then outputs a readable copy of the original document. Further, according to the present invention, an encrypted copy can be handled in the same way as a normal document, and even if copying or stapling is performed, the final decrypted document is not greatly affected.
[0118]
  According to the present invention, since a person who does not know the secret key cannot confirm the content of the encrypted document, the document can be securely encrypted.
[0119]
  Another useful application of the present invention is document authentication. In particular, the present invention can be used to authenticate a signed facsimile message. Authentication will be easier by using digital signatures. If a digital signature of a document is possible with a facsimile, the digital signature may be used for any commercial transaction. Authentication may be by adding a small block of digitally encrypted data to a human readable document. By using the secret key, the digital data in the small block can be acquired and the issuer can be confirmed. Furthermore, since the digital paper cannot be generated unless the correct key or code is used, forgery can be prevented or confidential information can be provided.
[0120]
<Scanning digital paper>
  In order to decode digital paper, the entire sheet is read at high resolution by a scanner. In one embodiment, the entire sheet is read by a gray scale scanner. Software routines are used to generate binary sequences from the read data. The result generated by this software routine is a binary sequence. A flowchart of this decoding routine is shown in FIG. FIG. 13 illustrates a part of the decoding process.
[0121]
  Please refer to FIG. When the digital paper is read in an over sampled manner, the decoding routine first detects the position of the box on the page by searching for black boundaries (processing block 1101). In one embodiment, the black boundary search is performed by scanning the rows until a predetermined number of black pixels are found. In the presently preferred embodiment, the boundary is 3 pixels thick. Let the decoding process know the number of boxes and the approximate location on the page (since the decoding process knows how the digital paper is generated). However, it is not necessary to make such assumptions because the frame can be easily identified even on full page text. Also, in one embodiment, the decoding process knows the size of the box. Thus, once the position of a boundary is detected, the position of the other boundary is detected by searching vertically and horizontally until another boundary of the box is found (processing block 1102).
[0122]
  After the position of the boundary of the data block is detected, the position of four white dots at each corner of each box is detected (processing block 1103). In one embodiment, the location of these white dots is done by searching the corners for the brightest pixel. Since the scan resolution used in one embodiment is more than twice the print resolution, several white pixels should be scanned at each corner.
[0123]
  Since the encrypted page may be copied several times, the spacing between information pixels may change. As a result, the pixel rows are not perfectly aligned with the scan rows. The brightest pixel is used as the exact location to find other parts of the data. In other words, according to the present invention, the four white corner dots are used to measure the horizontal spacing between the information pixels in the box. If the width and height (represented by the number of data pixels) of the box are known and the corner position is detected, the horizontal and vertical spacing is determined (processing block 1104).
[0124]
  To know the horizontal and vertical spacing when a corner is found, examine the alternating pattern of black and white pixels added to the left and right edges of the box during the encoding process to compensate for vertical spacing variations and Measure the direction spacing. First, the upper two corners are connected by a virtual straight line (processing block 1104A). This connection is clearly shown in FIG. Next, one synchronization column is assumed in the middle of these corner intervals (processing block 1104B). This synchronization column is shown as a virtual straight line in FIG. Next, the decoder detects all transitions on the synchronization column (processing block 1104C). In one embodiment, the decoder records the position of all transitions from black to white or from white to black. Next, a virtual straight line can be drawn from the point between the two left transition points to the point between the two right transition points (processing block 1104D). Such an imaginary straight line is shown in FIG. Even if a line in a data line is extremely short and extremely high compared to other lines, the exact position for reading the line can be determined. Finally, since the number of data pixels is known, the horizontal straight line can be divided into the correct number of parts and sampled at the correct location (processing block 1104E).
[0125]
  Using the measured vertical and horizontal spacing, a two-dimensional grid can be calculated that can sample data pixels. Finally, the data box is examined horizontally and a “0” bit is output if the sample at the predicted position is closer to black than white, otherwise a “1” bit is output (processing block 1105). In one embodiment, a four-pixel double linear interpolation close to the desired location is used to determine the data value. If the pixel value at the actual position is interpolated, the average value is compared with the expected value of the white pixel or the black pixel. When the sample pixel is close to white, the pixel is a “1” data bit, and when not, it is a “0” data bit. Note that other interpolation and sampling methods may be used and are well known to those skilled in the art. For example, a faster method would use no interpolation and use the pixel closest to the desired sample point.
[0126]
  Digital paper is similar to disk storage because binary data is expanded into space. Therefore, RLL, MFM, M²Well-known disk storage schemes such as FM can be used to improve encoding. Most of these schemes use data transitions rather than data states. In this case, the data is encoded by a position that changes from one color to another, not the color itself. Another possible refinement is to use ink transitions to accurately measure pixel spacing and data position. Thus, ink transitions provide not only data but also pixel spacing. Decoding is performed by the phase-locked loop method.
[0127]
  Many variations and modifications of this invention will be apparent to those of ordinary skill in the art upon reading the foregoing description, but should be considered limited to the embodiments shown and discussed for purposes of illustration. Not.
[0128]
【The invention's effect】
  As is apparent from the above description, according to the present invention, document transmission can be performed in which the confidentiality of the document is protected. By encrypting and transmitting the document, it is possible to protect the confidentiality of the document even if it is intercepted in the middle of transmission, and thus it is possible to use a communication network such as a public telephone network that cannot be expected to protect the security. Since the received document is unreadable unless it is decrypted by encrypting the document, the confidentiality of the document can be maintained even if the received document touches the outsider if the decryption is possible only for a specific recipient. Protected, therefore, there is no need for a particular recipient to be near the receiving device at the time of reception, thus eliminating the need for the caller and recipient to communicate and coordinate actions. In addition, in connection with decryption of the received document, it is possible to confirm that the document has been received by the intended recipient on the sender side by issuing a “delivery certificate” from the recipient to the sender or designated location. it can. In addition, in connection with this delivery proof, it is possible for the sender to take necessary measures associated with document updating and the like. Furthermore, the security document transmission and the delivery proof document transmission can be carried out only by partially changing the conventional facsimile apparatus, and so on.
[Brief description of the drawings]
FIG. 1 is a block diagram of a secure facsimile system according to the present invention.
FIG. 2 is a flow chart illustrating a secure facsimile transmission process according to the present invention.
FIG. 3 is a diagram illustrating an example of a part of a secure facsimile message.
FIG. 4 is a diagram showing an embodiment of a facsimile system having a delivery certification function.
FIG. 5 is a flowchart showing a delivery proof facsimile transmission process;
FIG. 6 is a flowchart showing an example of a process for issuing a delivery certificate to a facsimile sender.
FIG. 7 is a block diagram showing an embodiment of a facsimile apparatus of the present invention.
FIG. 8 is a flowchart showing an encoding process of the present invention including encryption processing.
FIG. 9 is a flowchart showing an example of a decoding process of the present invention including a decryption (decryption) process.
FIG. 10 is a diagram showing an example of one block of encrypted digital data created according to the present invention.
FIG. 11 is a diagram showing one digital paper according to the present invention.
FIG. 12 is a flowchart of the decoding process of the present invention.
FIG. 13 is a diagram showing an example of the data box of the present invention processed by the decoding routine of the present invention.
[Explanation of symbols]
  101 documents
  102 facsimile machine
  103 Encryption block
  104 Secret story device (STU)
  105 Secret Talk Unit (STU)
  106 facsimile machine
  107 Encryption block
  108 Encrypted documents
  109 facsimile machine
  110 Decoding block
  301 Header information
  303 Encryption information
  401 Source document
  402 facsimile machine
  403 fax message
  404 facsimile machine
  405 Encrypted document
  406 facsimile machine
  701 bus
  702 controller
  703 main memory
  704 ROM
  705 data storage device
  706 Scanner
  707 hard copy device
  708 User interface
  710 Network interface

Claims (10)

A document transmission method for transmitting a document from a transmission side to a reception side through a communication network,
When the original document is input , the sender encrypts it with the encryption key, sends the encrypted document data to the receiver,
The receiving side prints the received encrypted document data on a piece of paper and outputs an encrypted representation of the original document.When the encrypted representation document data is input, the document data is decrypted with a decryption key, A document transmission method comprising reproducing an original document and transmitting a delivery certification signal to a delivery certification destination designated in the received encrypted document data.   2. The document transmission method according to claim 1, wherein the receiving side receives the delivery certification acknowledgment signal for the delivery certification signal from the delivery certification destination, and starts the decryption process.   2. The document transmission method according to claim 1, wherein the receiving side transmits a decryption key request together with a delivery certification signal to the delivery certification destination, receives the decryption key from the delivery certification destination, and decrypts using the received decryption key. The document transmission method characterized by performing.   4. The document transmission method according to claim 3, wherein the original document is encrypted by using a different encryption key for each part, and only a part of the encrypted document is decrypted by the decryption key received from the delivery certificate destination. A document transmission method which is permitted. Article transmission wherein the at document transmission method according to any one of claims 1 to 4, proof of delivery and destination transmitting side is the same device. Article transmission wherein the at document transmission method according to any one of claims 1 to 4, proof of delivery and destination transmitting side is different devices. A document transmission device for transmitting or receiving a document via a communication network,
A function of encrypting input original document data with an encryption key and transmitting the encrypted document data to a partner device when sending a document;
A function of printing the encrypted document data received from the partner device on a piece of paper when the document is received, and outputting an encrypted representation of the original document;
When decrypting an encrypted document, a delivery certificate signal is transmitted to a delivery certification destination specified in the received encrypted document data, and a delivery certification acknowledgment signal is received from the delivery certification destination. A document transmission apparatus comprising: a function of decrypting the document data of the digitized expression with a decryption key and reproducing the original document. A document transmission device for transmitting or receiving a document via a communication network,
A function of encrypting input original document data with an encryption key and transmitting the encrypted document data to a partner device when sending a document;
A function of printing the encrypted document data received from the partner device on a piece of paper when the document is received, and outputting an encrypted representation of the original document;
When the encrypted document is decrypted, the decrypted key request is transmitted to the delivery proof destination specified in the encrypted document data together with the delivery proof signal, and the decrypted key is received from the delivery proof destination. A function of decrypting the document data with the received decryption key and reproducing the original document;
A document transmission apparatus comprising: The document transmission apparatus according to claim 8, wherein
When sending a document, the input original document data is encrypted with a different encryption key for each part .
A document transmission apparatus characterized in that when decrypting an encrypted document, a decryption process is performed on a part of the input encrypted document data using a decryption key received from a delivery certificate destination.   10. The document transmission apparatus according to claim 7, further comprising a delivery certification destination function.

Images