JP4733793B2 - Encryption / decryption system, encryption device, decryption device, encryption method, decryption method, and program - Google Patents

Description

  The present invention relates to an encryption / decryption system that encrypts plaintext data and decrypts the encrypted data into plaintext data.

  In recent years, music data has been downloaded and business data has been actively exchanged over the Internet, and at the same time, the need to maintain the confidentiality of data sent and received over the network. Is also growing.

  Generally, a user who transmits data via a network encrypts the data so that the content of the data is not disclosed to a third party who does not have a decryption key. Typical examples of conventional encryption methods include RSA, which is a public key encryption method, and DES (Data Encryption Standard), which is a common key encryption method.

In addition, for example, in Patent Document 1, a function that depends on the contents of a character string of plaintext data and the position of the character string is adopted as an encryption function, and a random number used for encryption processing is expressed in plaintext. An encryption method selected according to the contents of a character string has been proposed.
Japanese Patent Laid-Open No. 2001-203585

  However, in the conventional encryption method described above, data is changed in a complicated manner using many bit operations such as XOR, multiplication, and division, and a high bit change rate and encryption strength are obtained. Due to such complicated calculations, there is a problem that the total calculation amount increases, and the processing speed for performing the encryption processing becomes slow. Further, the method as described in Patent Document 1 is a simple method of switching and encrypting the corresponding random number table for each character of the plaintext data, and it is necessary to prepare many patterns of random number tables. It cannot be said that the complexity of the mechanism and the encryption strength are sufficient.

  Accordingly, an object of the present invention is to provide an encryption / decryption system that realizes a high bit change rate and encryption strength while reducing the amount of calculation when performing encryption processing or decryption processing.

  Another object of the present invention is to provide an encryption / decryption system that realizes encryption processing with simpler logic by using the contents of plaintext data as an index when accessing the encryption key table. There is to do. Also, the decryption process is realized with simple logic.

According to a first embodiment of the present invention, an encryption key table storing different encryption keys in each entry, encryption means for encrypting plaintext data in plaintext units to generate ciphertext data, and ciphertext data An encryption / decryption system comprising decryption means for decrypting. Here, the encryption means sequentially extracts plaintext characters from the plaintext data, determines the order of entries in the encryption key table based on the contents of the plaintext characters, and stores the encryption keys stored in the entries in the determined order. The encryption key corresponding to the plaintext character is determined based on the value of the table, and the determined encryption key is configured to be set at the position of the encrypted text data specified by the first index, while the decryption means , from the ciphertext data, sequentially extracted cipher text in the same units as plain text characters, based on the contents of the cipher text, the decryption key determines the order of the entries in the decryption key table is stored in the entry of the determined order Based on the value of the table, a decryption key corresponding to the encrypted character is determined, and the determined decryption key is set at the position of the plaintext data designated by the second index. The first index is determined based on the position of the plaintext character in the plaintext data, and the second index is determined based on the position of the encrypted character in the ciphertext data.

In the second embodiment of the present invention, in the first embodiment described above, the decryption key table is reverse to the encryption key table with respect to the relationship between the value representing the entry order and the value stored in the entry. Configured as follows.

A third embodiment of the present invention is an encryption apparatus comprising: an encryption key table that stores different encryption keys in each entry; and an encryption unit that encrypts plaintext data in plaintext units to generate ciphertext data. It is. Here, the encryption means sequentially extracts plaintext characters from the plaintext data, determines the order of entries in the encryption key table based on the contents of the plaintext characters, and stores the encryption keys stored in the entries in the determined order. The encryption key corresponding to the plaintext character is determined based on the value of the table, and the determined encryption key is set to the position of the encrypted text data specified by the index. The index is the plaintext in the plaintext data. Determined based on character position.

  According to a fourth embodiment of the present invention, in the third embodiment, the index is calculated using the position of the plaintext character in the plaintext data and the size of the plaintext data, and the size is an n multiplier of 2. The calculation is performed in a manner that does not use division.

  According to a fifth embodiment of the present invention, in the third embodiment described above, the encrypting means encrypts the generated ciphertext data by the same procedure, thereby encrypting the plaintext data a plurality of times. Configured to control. Further, in each of the plurality of times of encryption processing, control can be performed so as to change the position in the ciphertext data where the determined encryption key is set.

According to a sixth embodiment of the present invention, in the third embodiment described above, the encrypting means determines the encryption key corresponding to the plain text character and the value of the encryption key table stored in the order entry previously. It is comprised so that it may determine using an encryption key.

A seventh embodiment of the present invention is a decryption apparatus comprising a decryption key table storing different decryption keys in each entry, and decryption means for decrypting ciphertext in units of cipher characters to generate plaintext data. is there. Here, the decryption means sequentially extracts the cipher characters from the ciphertext data, determines the order of the entries in the decryption key table based on the contents of the cipher characters, and stores the decryption stored in the entries in the determined order. Based on the value in the key table, the decryption key corresponding to the cipher character is determined, and the determined decryption key is set at the position of the plaintext data designated by the index. The index is determined based on the position of the cipher character in the ciphertext data.

The eighth embodiment of the present invention is an encryption method used in an encryption apparatus that encrypts plaintext data. This encryption apparatus has an encryption key table for storing different encryption keys in each entry, and the encryption method extracts a plaintext character of a predetermined unit sequentially from plaintext data, the order of entries, determining determining based on the contents of the plaintext characters, based on the value of the encryption key table stored in the entry of the determined order, the encryption key corresponding to the plaintext characters, determined Generating ciphertext data by setting the encrypted key at the position of the ciphertext data designated by the index . Here, the index is determined based on the position of the plaintext character in the plaintext data.

The ninth embodiment of the present invention is a decryption method used in a decryption device for decrypting ciphertext data. This decryption apparatus has a decryption key table for storing different decryption keys in each entry, and the decryption method includes a step of sequentially extracting a predetermined unit of cipher characters from ciphertext data, and a decryption key table. a step of the order of entries, determining based on the contents of the cipher text, based on the value of the decryption key table stored in the entry of the determined order, determines a decryption key corresponding to the encryption character, the determined decoding key, by setting the position of the plaintext data specified by the index, which chromatic and generating plaintext data. Here, the index is determined based on the position of the encrypted character in the ciphertext data.

The tenth embodiment of the present invention is a program for an encryption device that encrypts plaintext data. This encryption apparatus has an encryption key table for storing different encryption keys in each entry. The program sequentially extracts plaintext characters from plaintext data to the computer of the encryption apparatus ; the order of entries in the key table, and determining based on the contents of the plaintext characters, based on the value of the encryption key table stored in the entry of the determined order to determine the encryption key corresponding to the plaintext characters step And generating the ciphertext data by setting the determined cipher key at the position of the ciphertext data specified by the index . The index is determined based on the position of the plaintext character in the plaintext data.

  With the encryption / decryption system according to the present invention, the amount of calculation when performing encryption processing or decryption processing is reduced, and at the same time, a high bit change rate and encryption strength are realized. Further, the encryption / decryption system according to the present invention realizes encryption processing and decryption processing with simpler logic. This is a processing method in which, for example, the content of plaintext data is used as an index when accessing the encryption key table, or operations that are expensive such as multiplication and division are effectively eliminated in the calculation of encryption. This is achieved by the various devices above.

  First, an outline of an encryption / decryption system according to an embodiment of the present invention will be described with reference to the functional block diagram of FIG. The encryption / decryption system 1 of the present invention is configured to include a control unit 100, an encryption processing unit 110, and a decryption processing unit 120.

  When encryption is performed, the control unit 100 provides the plaintext data 10 to the encryption processing unit 110 and records the data output from the encryption processing unit 110 as the ciphertext data 20 or provides the data to the outside. Or In addition, when performing the decryption, the control unit 100 provides the ciphertext data 20 to the decryption processing unit 120 and records the data output from the decryption processing unit 120 as the plaintext data 10 or externally. Or provide.

  In the encryption and decryption of the present invention, the plaintext data 10 and the ciphertext data 20 are provided to the encryption processing unit 110 and the decryption processing unit 120, respectively, in a size of 2 n multipliers. Of course, the calculation is performed by a method that does not use division, and as a result, the amount of calculation is significantly reduced. Therefore, the control unit 100 provides the plaintext data 10 to the encryption processing unit 110 or the ciphertext data. When 20 is provided to the decryption processing unit 120, these data are blocked into data having a size of a predetermined “n-multiplier of 2”. When the control unit 100 receives ciphertext data obtained by encrypting the blocked plaintext data from the encryption processing unit 110, the control unit 100 combines these ciphertext data to correspond to the original plaintext data 10. The ciphertext data 20 is assumed. The same applies when plaintext data obtained by decrypting the block ciphertext data is received from the decryption processing unit 120.

  If the plaintext data 10 and the ciphertext data 20 cannot be divided by the predetermined “2n multiplier”, the data having a size other than the “2n multiplier” is sent at least once to the encryption processing unit 110 or It is necessary to provide it to the decryption processing unit 120. However, the control unit 100 adds dummy data to the end of the plaintext data 10 or the ciphertext data 20 so that each data becomes a multiple of “n multiplier of 2”, and the encryption processing unit 110 or the decryption processing unit 120. In addition, it is also possible to control so that data having a size other than “2n multiplier” is never provided.

  When the encryption processing unit 110 receives all or part of the plaintext data 10, the encryption processing unit 110 refers to the encryption key table 210, encrypts the received plaintext data 10 in units of predetermined plaintext characters, and performs this processing as necessary. Repeatedly, finally encrypted data (ciphertext data) is generated.

  Here, if plaintext data is encrypted using a plaintext character having a size of 1 byte (8 bits) as an encryption unit, the number of bit patterns represented by 8 bits is 256. The encryption key table 210 has 256 entries so that encryption characters can be associated with all patterns. Each entry of the encryption key table 210 is composed of the same 1 byte (8 bits) as the encryption unit for encrypting plaintext data, and the value (encryption key) stored in each entry is another entry. Therefore, the number is 0 to 255 (that is, all 8 bits (256 patterns)). In the present specification, the term “character” is used for convenience, such as plain text characters and encrypted characters, but these data may be data of any size.

  Further, in this specification, data stored in the first array (entry) is represented by an expression such as data of the 0th entry (or simply 0th data), and the last array (entry) is represented by, for example, 256 pieces of data. When there is an array, it is expressed by an expression such as data of the 255th entry (or simply the 255th data). Such expressions are common to the encryption key table 210, the decryption key table 220, the plaintext data, and the ciphertext data.

  When receiving all or a part of the ciphertext data 20, the decryption processing unit 120 refers to the decryption key table 220 and decrypts the received ciphertext data in units of cipher characters having the same size as the above-described plaintext characters. This process is repeated as necessary, and finally decrypted data (plaintext data) is generated. Similarly to the encryption key table 210, the decryption key table 220 is an array including the same number of elements (entries) as a predetermined “n-th power of 2”, and each entry has a value (decryption key) that does not overlap with other entries. ) Is stored. The value stored in each entry has a predetermined relationship with the value stored in each entry of the encryption key table 210. Details will be described later.

  As described above, the encryption / decryption system 1 of the present invention can be configured as a stand-alone computer system including the control unit 100, the encryption processing unit 110, and the decryption processing unit 120. It is not limited to. For example, it can be configured individually as an encryption device including the control unit 100 and the encryption processing unit 110, or as a decryption device including the control unit 100 and the decryption processing unit 120.

  In addition, the encryption / decryption system 1 in FIG. 1 shows an example in which the control unit 100, the encryption processing unit 110, and the decryption processing unit 120 are realized by a computer program. Predetermined processing portions of the encryption processing unit 110 and the decryption processing unit 120 can be configured by circuits.

  Further, in the encryption / decryption system 1 of FIG. 1, the control unit 100 controls the provision of the plaintext data 10 and the ciphertext data 20 to each processing unit, but the control processing is performed by the encryption processing unit 110. Alternatively, the decoding processing unit 120 may be configured to perform the processing. Further, each processing unit shown in FIG. 1 may be configured to be performed by one processing unit.

  Next, a basic example of an encryption method executed by the encryption processing unit 110 of the encryption / decryption system 1 according to an embodiment of the present invention will be described with reference to the flowchart of FIG. First, in step S10, it is determined whether the size (number of bytes) of the received plaintext data is an n multiplier of 2. Whether the size is an n multiplier of 2 is determined by, for example, the result of logical product (AND operation) of the size and a negative number (generally, 2's complement representation) of the size. It is grasped by judging whether or not. In this example, encryption is performed in units of 1 byte (8 bits), that is, in units of 1 character, and the received plaintext data is handled as an array having the same number of elements (entries) as the size (number of bytes). Each element stores 1 byte (8 bits) of data.

  In step S10, when the size is an n multiplier of 2, the process proceeds to step S20, and the loop 1A from step S20 to step S25 is executed. As described with reference to FIG. 1, since the plaintext data 10 is blocked by the control unit 100 in a size of an n-multiplier of 2 and provided to the encryption processing unit 110, the loop 1A is executed for most plaintext data blocks. Will be. In the loop 1A, the counter c that is incremented by 1 starts from 0 and is repeated until it becomes a number obtained by subtracting 1 from the size. That is, in each of the loops 1A, the counter c indicates plaintext data having a size of 2 n multipliers, one character (one byte character) in order from the first entry to the last entry. One character at a time is subject to encryption in the loop.

  Next, in step S21, the index i is determined. The index i is an entry of ciphertext data that stores one character of the encrypted plaintext data, whereby the c-th character of the plaintext data is encrypted and stored in the i-th portion of the ciphertext data. It is decided. Here, the index i needs to be obtained so that each character of the plaintext data can be assigned to different entries of the ciphertext data. Here, the counter c is divided by the size (size) of the plaintext data. The remainder (that is, c mod size) is the index i. The calculation formula for obtaining this is, for example, the logical product (AND operation) of the counter c and the number obtained by subtracting 1 from the size of the plaintext data (that is, i = c & (size-1)). When the size is an n-multiplier of 2, it is possible to obtain a remainder without using division by such a calculation formula, and it is possible to avoid using a division that is a heavy load in the encryption processing.

  Thereafter, in step S22, the c-th character of the plaintext data is extracted from the plaintext data that has been blocked as the plaintext character h, and in step S23, an encrypted character (encryption key) e corresponding to the plaintext character h is calculated. To do. Here, the encryption character e is data stored in the h-th entry of the encryption key table. For example, since the plaintext character h is 1 byte (8 bits), there are 256 possible bit string patterns from 0x00 ("0x" means that the subsequent number is a hexadecimal number) to 0xFF. . This is associated with an index of 256 entries from 0 to 255 in the encryption key table. When the plaintext data is English data consisting of single-byte alphanumeric characters, the plaintext character h can be considered as a 1-byte character code such as an ASCII code, but even if a 2-byte character code is stored. It may be any other data.

  Therefore, when the bit string of the plaintext character h is 0x42 (66 in decimal), the character stored in the 66th entry in the encryption key table is obtained as a result of the encryption of the plaintext character h. Next, in step S24, the cipher character e obtained in step S23 is stored in the i-th entry of the ciphertext data. Similarly, the processing from step S21 to step S24 is repeated for each character of other plaintext data (loop 1A).

  On the other hand, if the size is not an n multiplier of 2 in step S10, the process proceeds to step S30, and the loop 1B from step S30 to step S35 is executed. As described with reference to FIG. 1, the plaintext data 10 is blocked by the control unit 100 in a size of 2n multipliers and sent to the encryption processing unit 110, so plaintext data is provided by such control. In this case, in the encryption processing of the plaintext data 10, the determination in step S10 is NO at most.

  In step S31 of the loop 1B, a calculation formula different from that in step S21 of the loop 1A is used. That is, in step S31, the calculation formula for obtaining the index i is (i = c% size) (“%” returns the remainder obtained by dividing c by size). In this case, division is used. Become.

  Since the other part of the loop 1B is the same as the loop 1A, description is abbreviate | omitted. With the processing procedure shown in the flowchart of FIG. 2, the number of executions of heavy multiplication and division (particularly, division) can be significantly reduced from the viewpoint of calculation amount (processing time) in the encryption processing. Further, when the plaintext data 10 is a multiple of 2n multiplier or the plaintext data 10 is adjusted to a multiple of 2n multiplier by the control unit 100, the process of step S31 is not performed. In the encryption process, division is not used at all.

  As described above, in the example of this specification, the plaintext data is blocked to a size of 256 (bytes), which is an n multiplier of 2, and is provided to the encryption processing unit 110. You may block by the size (for example, 1024, 2048, etc.). In this example, the plaintext data is encrypted with an encryption unit such as 1 byte (8 bits), but may be encrypted with another encryption unit (for example, 4 bits or 2 bytes). it can. However, when encryption is performed in units of 4 bits, the encryption key table 210 preferably includes 16 entries so as to correspond to all the 4-bit bit patterns, and each entry is preferably configured with 4 bits. When encryption is performed in units of 2 bytes, the encryption key table 210 preferably includes 65536 entries so as to correspond to all 2-byte bit patterns, and each entry is preferably configured with 2 bytes. In this example, when plaintext data having a size of 2n multiplier is provided, the calculation is performed in such a way as to avoid multiplication or division. In the encryption / decryption system 1 of the present invention, It has some other features and does not necessarily require such an operation to avoid multiplication and division.

  Next, the encryption process shown in the flowchart of FIG. 2 will be described more specifically with reference to the example of FIG. In FIG. 3, the contents of the data are displayed in the order of plaintext data, encryption key table, and ciphertext data from the top, and the plaintext data and the result of encrypting the plaintext data as a summary at the bottom. The obtained ciphertext data is shown. Arrows in the figure indicate data association, operation targets, and the like.

  In this example, the plaintext data is provided after being blocked in units of 256 bytes, and when the plaintext data is 256 bytes, the process of loop 1A is performed. The 256-byte plaintext data is an array composed of 256 entries from entry 0 to entry 255. In the plaintext data, an ASCII code is stored, and when displayed or printed by a predetermined program, characters such as “CBADFG... GFBA” are output in order from entry 0. When the plaintext data is expressed in hexadecimal, it becomes 0x434424144647... Here, the encryption unit is 1 byte, and plaintext data is encrypted for each byte.

  The encryption processing shown in the flowchart of FIG. 2 is executed for this plaintext data. First, encryption processing is performed when the counter c is 0 in the first loop of the loop 1A. First, the index i is calculated (i = 0 mod 256), and i = 0 is obtained (step S21). Next, entry 0 of plaintext data is extracted (step S22). The entry 0 stores data of 0x43 (character “C”), which is 67 in decimal. Here, the character “F” stored in the 67th entry of the encryption key table is determined as the encryption character e (step S23). Finally, “F” is stored in entry 0 of the ciphertext data with index i = 0 (step S24).

  Next, encryption processing is performed when the counter c is 1 in the second loop of the loop 1A. First, an index i is calculated (i = 1 mod 256), and i = 1 is obtained (step S21). Next, entry 1 of plaintext data is extracted (step S22). Entry 1 stores data of 0x42 (character “B”), which is 66 in decimal. Here, the character “C” stored in the 66th entry of the encryption key table is determined as the encryption character e (step S23). Finally, “C” is stored in entry 1 of the ciphertext data with index i = 1 (step S24).

  Similarly, by repeating the process in the loop 1A 256 times in total, each character (byte data) of the 256-byte plaintext data provided is replaced with a corresponding character (byte data) in the encryption key table. (Encrypted). Each character in the plaintext data is replaced by the character stored in the corresponding encryption key table entry when the encryption key table is accessed using the character code as an index. As a result, the plaintext data “CBADFG... GFBA” is encrypted into ciphertext data “FCBAEH... HECB” as shown at the bottom of FIG. When the provided plaintext data is not 256 bytes, the loop 1B is executed, but there is no difference except for the calculation method for obtaining the index i as described above.

  Next, an example of two bit operations used in the present invention will be described with reference to FIG. The first calculation example is a calculation for determining whether or not the size of the provided plaintext data is an n multiplier of 2 in the encryption processing unit 110. In step S10 of FIG. 2, if the result of the logical product (AND operation) between the size of the plaintext data and the negative size is the same as the size of the plaintext data, the size is n. Judged to be a power.

  FIG. 4A shows bit operations when the size indicated as bit string A has 256 values. The bit string B represents the bit string A as a negative number (2's complement expression). Here, when a logical product (AND operation) of the bit string A and the bit string B is performed, it can be seen that the calculation result is the same as that of the bit string A, and the value 256 is 2 to the nth power.

  FIG. 4B shows bit operations when the size shown as bit string A has a value of 258. The bit string B represents the bit string A as a negative number (2's complement expression). Here, when the logical product (AND operation) of the bit string A and the bit string B is performed, the calculation result is not the same as that of the bit string A. Therefore, it can be seen that the value 258 is not 2 to the power of n.

  FIG. 4C shows bit operations when the size shown as the bit string A has a value of 128. The bit string B represents the bit string A as a negative number (2's complement expression). Here, when the logical product (AND operation) of the bit string A and the bit string B is performed, the calculation result is the same as that of the bit string A, and it can be seen that the value 128 is 2 to the nth power.

  The second calculation example is a calculation for obtaining the remainder obtained by dividing the counter c by the size of the plain text data in the encryption processing unit 110. In step S21 of FIG. 2, the result of the logical product (AND operation) of the counter c and the number obtained by subtracting 1 from the size of the plaintext data is a remainder (the remainder obtained by dividing the counter c by the size of the plaintext data). to decide.

  FIG. 4D shows bit operations when the counter c shown as the bit string A has a value of 2. The bit string B represents a number 255 obtained by subtracting 1 from the size of the plain text data. Here, when the logical product (AND operation) of the bit string A and the bit string B is performed, the operation result is 2, and the remainder obtained by dividing 2 by 256 is obtained.

  FIG. 4E shows bit operation when the counter c shown as the bit string A has 256 values. The bit string B represents a number 255 obtained by subtracting 1 from the size of the plain text data. Here, when the logical product (AND operation) of the bit string A and the bit string B is performed, the operation result is 0, and the remainder is obtained by dividing 256 by 256.

  Next, an example of another encryption method executed by the encryption processing unit 110 of the encryption / decryption system 1 according to an embodiment of the present invention will be described with reference to the flowchart of FIG. In this example, the encryption method shown in the flowchart of FIG. 2 is repeated a plurality of times by controlling the path value. Also in this case, the encryption unit is 1 byte, and plaintext data is encrypted for each byte.

  First, in step S40, the process is repeated four times (loop 2A) until the path p is changed from 0 to 3. Next, the ciphertext data is copied to the plaintext data after the second loop in the loop 2A. This is because the encrypted plaintext data is stored in the ciphertext data in the first loop in the loop 2A. In order to further encrypt the encrypted data in the second and subsequent loops. The ciphertext data is copied as plaintext data, and the plaintext data is further encrypted.

  Thereafter, the same processing as the encryption method shown in the flowchart of FIG. 2 is performed. However, in the calculation of the index i (steps S51 and S61), the remainder obtained by dividing the sum of the counter c and the path p by the size of the plaintext data is obtained as the index i. In step S51, as described above, the index i is obtained without using division.

  Next, the encryption process shown in the flowchart of FIG. 5 will be described more specifically with reference to the example of FIG. In FIG. 6, the contents of the data are displayed in the order of plaintext data, encryption key table, and ciphertext data from the top. At the bottom, the plaintext data and the plaintext data are encrypted with pass 0 as a summary. The ciphertext data obtained as a result of processing and the ciphertext data obtained as a result of encrypting the ciphertext data in pass 1 are shown. Arrows in the figure represent data association and replacement.

  In this example, the state of the second loop in the loop 2A of FIG. 5 is shown, and the provided plaintext data has already been encrypted once (as shown in FIG. 3). The character “FCBAEH... HECB” is stored in order from the entry 0. Further, when this plaintext data is expressed in hexadecimal, it becomes 0x464434414548 ... 48454342 in order from entry 0.

  For this plaintext data, the loop 2B in the loop 2A (second loop) of the encryption process shown in the flowchart of FIG. 5 is executed. First, encryption processing is performed when the counter c is 0 and the path p is 1 in the first loop of the loop 2B. First, an index i is calculated (i = 1 mod 256), and i = 1 is obtained (step S51). Next, entry 0 of plaintext data is extracted (step S52). Entry 0 stores data of 0x46 (character “F”), which is 70 in decimal. Here, the character “E” stored in the 70th entry of the encryption key table is determined as the encryption character (encryption key) e (step S53). Finally, “E” is stored in entry 1 of the ciphertext data with index i = 1 (step S54).

  Thereafter, the processing is repeated in the same manner, and encryption processing is performed when the counter c is 255 and the path p is 1 in the final loop of the loop 2B in the loop 2A (second loop). First, an index i is calculated (i = 256 mod 256), and i = 0 is obtained (step S51). Next, the plaintext data entry 255 is extracted (step S52). The entry 255 stores data of 0x42 (character “B”), which is 66 in decimal. Here, the character “C” stored in the 66th entry of the encryption key table is determined as the encryption character e (step S53). Finally, “C” is stored in entry 0 of the ciphertext data with index i = 0 (step S54). When the provided plaintext data is not 256 bytes, the loop 2C is executed, but there is no difference except for the calculation method for obtaining the index i.

  As a result, the plaintext data “CBADFG... GFBA” is encrypted into the ciphertext data “FCBAEH... HECB” in the encryption process with the path p = 0 as shown in the bottom of FIG. In the encryption process of p = 1, the ciphertext data “CEFCBDG... GDF” is further encrypted. Finally, in the encryption process of the flowchart shown in FIG. 5, the encryption process of the flowchart shown in FIG. 2 is repeated four times from the path p = 0 to 3, and is encrypted by the path p each time. The position where the plaintext data is stored in the ciphertext data is shifted.

  By repeating such encryption processing a plurality of times, a cipher having a high bit change rate and high strength is generated. In this example, the encryption process is repeated four times with the path p = 0 to 3, but the number of times can be arbitrarily set. However, if the number of times is increased, a suitable bit change rate can be expected, but the processing time becomes longer.

  Next, another example of the encryption method executed by the encryption processing unit 110 of the encryption / decryption system 1 according to an embodiment of the present invention will be described with reference to the flowchart of FIG. In this example, similar to the encryption method shown in the flowchart of FIG. 5, the encryption method shown in the flowchart of FIG. 2 is repeated by controlling the path value, and the encrypted character obtained in the previous loop is also obtained. Encryption characters are calculated using a value (base B) that depends on (encryption key). Also in this case, the encryption unit is 1 byte, and plaintext data is encrypted for each byte.

  Regarding the base B, first, in step S84, the base B is set as the path p, and initial setting before starting the loop 3B and the loop 3C is performed. Then, the base B is used to obtain the cipher character e in step S93 of the loop 3B (or step S103 of the loop 3C). That is, it is obtained by the encryption character e = encryption key table [h] + B. Further, e obtained in step S93 (or step S103) is substituted into the base B in step S94 (or step S104), and used for obtaining the cipher character e in the next loop. In this way, by using the base B, the encryption strength can be further increased. Here, the encryption character e is an 8-bit storage area, and when the value exceeds 255 by the addition of the base B (when overflow occurs), it returns to 0 again and wraps around.

  Next, the encryption process shown in the flowchart of FIG. 7 will be described more specifically with reference to the example of FIG. In FIG. 8, the contents of the data are displayed in the order of plaintext data, encryption key table, and ciphertext data from the top, and the plaintext data and the result of encrypting the plaintext data as a summary at the bottom. The obtained ciphertext data is shown. The arrows in the figure represent data association and replacement.

  In this example, plain text data is provided in a block form of 256 bytes, and the process of loop 3B is performed. The 256-byte plaintext data is an array composed of 256 entries from entry 0 to entry 255. In the plaintext data, an ASCII code is stored, and when displayed or printed by a predetermined program, characters such as “CBADFG... GFBA” are output in order from entry 0. When the plaintext data is expressed in hexadecimal, it becomes 0x434424144647...

  The encryption processing shown in the flowchart of FIG. 7 is executed for this plaintext data. First, in the first loop of the loop 3A, the encryption process is started when the counter c is 0, the path P is 0, and the base B is 0. Thereafter, the process proceeds to loop 3B, the index i is calculated (i = 0 mod 256), and i = 0 is obtained (step S91). Next, entry 0 of plaintext data is extracted (step S92). The entry 0 stores data of 0x43 (character “C”), which is 67 in decimal. Here, a value obtained by adding the data 0x46 (character “F”) stored in the 67th entry of the encryption key table and the base B is determined as the encryption character e (step S93). In this case, e = 0x46 + 0x00 = 0x46 (decimal number 70). Next, 0x46 is set in the base B. Finally, 0x46 (character “F”) is stored in entry 0 of the ciphertext data with index i = 0 (step S95).

  Next, encryption processing is performed when the counter c is 1, the path P is 0, and the base B is 0x70 in the second loop of the loop 3B. First, an index i is calculated (i = 1 mod 256), and i = 1 is obtained (step S91). Next, entry 1 of plaintext data is extracted (step S92). Entry 1 stores data of 0x42 (character “B”), which is 66 in decimal. Here, data 0x43 (character) stored in the 66th entry in the encryption key table is stored. The value obtained by adding “C”) and the base B is determined as the encrypted character e (step S93). In this case, e = 0x43 + 0x46 = 0x89 (decimal number 137). Next, 0x89 is set in the base B. Finally, 0x89 (character “A”) is stored in entry 1 of the ciphertext data with index i = 1 (step S95).

  Thereafter, the processing is repeated in the same manner, and the plaintext data “CBADFG... GFBA” is encrypted in the encryption process of the path p = 0 as shown in the lowermost part of FIG. (The result of the encryption process after the pass p = 1 is omitted). As described above, as in the encryption processing shown in FIG. 5, the encryption processing is repeated four times from pass p = 0 to 3, and each time the storage position of the ciphertext data is shifted by the pass p. The base B determines the cipher characters in association with the previously determined cipher characters. By performing such an encryption process, a stronger cipher is generated. In FIG. 8, “A”, “I”, “U”, and “E” are illustrated as characters stored in the ciphertext data. However, this is a display for convenience, and what is displayed by an actual ASCII code? Is different.

  Next, decryption processing of the encryption / decryption system 1 according to an embodiment of the present invention will be described with reference to the flowchart of FIG. The decryption process shown in FIG. 9 decrypts the ciphertext data generated by the encryption process shown in the flowchart of FIG. 7, and decrypts the provided ciphertext data into plaintext data. In this decryption process, the reverse procedure of the encryption process shown in the flowchart of FIG. 7 is executed. The decryption process corresponding to the encryption process shown in the flowchart of FIG. 2 and the decryption process corresponding to the encryption process shown in the flowchart of FIG. 5 are both realized by partially omitting the decryption process of FIG. Since it can be easily analogized, detailed description is omitted here. Here, as in the above-described encryption process, the decryption unit is 1 byte, and the ciphertext data is decrypted for each byte.

  The decoding process loops 4 times from the path p = 3 to 0 in the loop 4A (steps S120 to S150). When the loop 4A is started, the plaintext data is copied to the ciphertext data in step S122 except for the case of the first loop, that is, when the path p <3. This is the same as the reason why the ciphertext data is copied to the plaintext data in step S82 of FIG. Next, in step S124, the path p is set in the base B.

  Thereafter, in step S126, it is determined whether the size of the provided ciphertext data is an n multiplier of 2. If the size of the ciphertext data is an n multiplier of 2 in step S126, the process proceeds to step S130, and the loop 4B from step S130 to step S136 is executed. As described with reference to FIG. 1, since the ciphertext data 20 is blocked by the control unit 100 in a size of an n-multiplier of 2 and provided to the decryption processing unit 120, the loop 4B for most ciphertext data blocks is provided. Will be executed. In the loop 4B, the counter c incremented by 1 starts from 0 and is repeated until the number is obtained by subtracting 1 from the size of the ciphertext data. That is, in each loop, the counter c points to the ciphertext data having a size of 2 n multipliers one by one from the first entry to the last entry. In the loop, it becomes a target of decoding.

  Next, in step S131, an index i is determined. As a result, it is determined that the i-th character in the ciphertext data is decrypted and stored in the c-th plaintext data. Here, the index i is a remainder (that is, (c + p) mod size) obtained by dividing the sum of the counter c and the path p by the size (size) of the ciphertext data. The calculation formula for obtaining this is i = (c + p) & (size−1), as in the encryption process, and such a remainder can be obtained without using division.

  Thereafter, in step S132, the i-th character of the ciphertext data is extracted as an encrypted character (encryption key) e, and in step S133, a plaintext character h corresponding to the encrypted character e is calculated. Here, the plaintext character h is data stored in the (e-B) th entry of the decryption key table. Next, in step S134, the encryption character e is set in the base B.

  Next, in step S135, the plaintext character h obtained in step S133 is stored in the c-th entry of the plaintext data. Similarly, the processing from step S130 to step S136 is repeated for each character of the other ciphertext data (loop 4B). Further, the decryption processing of the next pass (p = 2, 1, 0) is performed using the decrypted plaintext data as ciphertext data.

  On the other hand, if the size of the ciphertext data is not an n multiplier of 2 in step S126, the process proceeds to step S140, and the loop 4C from step S140 to step S146 is executed. As described with reference to FIG. 1, the ciphertext data 20 is blocked by the control unit 100 in the size of the n-th power of 2 and sent to the decryption processing unit 120, so that ciphertext data is provided by such control. In the case where the ciphertext data 20 is decrypted, the determination in step S126 is NO at most.

  The processing of the loop 4B and the processing of the loop 4C are almost the same, but in step S131 of the loop 4B, division is not used to obtain the index i, whereas in step S141 of the loop 4C, the calculation formula for obtaining the index i. (I = c% size) (“%” returns the remainder of c divided by size), and division is used.

  Further, when the ciphertext data 20 is a multiple of 2 n multipliers or the ciphertext data 20 is adjusted to a multiple of 2 n multipliers by the control unit 100, the process of step S141 is not performed and this decryption is performed. Division is not used at all.

  Next, the decoding process shown in the flowchart of FIG. 9 will be described more specifically with reference to FIG. In FIG. 10, the data contents are displayed in the order of ciphertext data, decryption key table, and plaintext data from the top, and at the bottom, the ciphertext data and the ciphertext data are decrypted as a summary. The plaintext data obtained as a result is shown. The arrows in the figure represent data association and replacement.

  In this example, the ciphertext data is provided by being blocked in 256 bytes, and the process of the loop 4B is performed. The 256-byte ciphertext data is an array composed of 256 entries from entry 0 to entry 255. In the ciphertext data, an ASCII code is stored. When displayed or printed by a predetermined program, characters such as “F that Q ...” are output in order from entry 0.

  For this ciphertext data, the decryption process shown in the flowchart of FIG. 9 is executed. FIG. 10 shows a decoding process when the counter c is 0, the path P is 0, and the base B is 0 in the fourth loop of the loop 4A in FIG. When the fourth loop of the loop 4A is started, the process proceeds to the loop 4B, where the index i is calculated (i = (0 + 0) mod 256), and i = 0 is obtained (step S131). Next, entry 0 of the ciphertext data is extracted as the cipher character e (step S132). Entry 0 stores data of character “F”, which is 70 in decimal. Here, base B is subtracted from 70 (the result is 70 because base B is 0 at this time), and the data (character “C”) stored in the 70th entry of the decryption key table is plaintext. The character h is determined (step S133). Next, in step S134, the encryption character e (decimal number 70) is set in the base B. Finally, the plaintext character h (character “C”) is stored in entry 0 of the plaintext data with the index c = 0 (step S135).

  Next, in the second loop of the loop 4B, decoding processing is performed when the counter c is 1, the path P is 0, and the base B is 70. First, an index i is calculated (i = (1 + 0) mod 256), and i = 1 is obtained (step S131). Next, entry 1 of the ciphertext data is extracted as the cipher character e (step S132). Entry 1 stores data of (character “A”), which is 137 in decimal. Here, base B (70) is subtracted from this 137 (result is 67), and the data (character “B”) stored in the 67th entry in the decryption key table is determined as plaintext character h (step). S133). Next, in step S134, the encryption character e (decimal number 137) is set in the base B. Finally, the plaintext character h (character “B”) is stored in entry 1 of the plaintext data with the index c = 1 (step S135).

  Thereafter, the processing is repeated in the same manner, and the ciphertext data (plaintext data obtained with the path p = 1) “F that Qe ...” is decrypted with the path p = 0 as shown at the bottom of FIG. The plaintext data “CBADFG... GFBA” is decrypted by the conversion processing. This decryption processing is just data conversion opposite to the encryption shown in FIG. In FIG. 10, as in FIG. 8, “a”, “i”, “u”, “e” are illustrated as characters stored in the ciphertext data, but this is a display for convenience and actual ASCII. It is different from the code display.

  Next, an example of processing for creating the encryption key table 210 will be described with reference to FIG. Each entry of the encryption key table 210 only needs to store a unique value different from other entries, and the method of creating the encryption key table 210 by shuffling as shown in this figure is merely an example. For example, if a random value is generated for each entry and the value is duplicated, a similar table can be created even if the value is generated again, and it is incremented by 1 (or decreased by 1) in the order of entry. It can also be generated by simply storing numbers.

  The flowchart in FIG. 11A shows a processing procedure for creating the encryption key table 210. In this example, the encryption key table 210 has 256 entries from entry 0 to entry 255, and in the initial state, numbers from 0 to 255 are stored in the order of entry. The common key table, like the encryption key table 210, has 256 entries, and each entry is randomly assigned a unique value (an integer from 0 to 255 in this case) different from the other entries. Stored.

  In this state, the processing from step S160 to step S164 is repeated 256 times from index i = 0 to 255 (loop 5). When the loop 5 is entered, the encryption key is shuffled in step S162. That is, here, the value stored in the i-th entry of the encryption key table 210 and the value stored in the j-th entry of the encryption key table 210 are exchanged. Here, j is a value stored in the i-th entry of the common key table.

  Next, an example of a processing procedure for creating the encryption key table 210 will be described more specifically with reference to FIG. 11B. Here, both the common key table and the encryption key table 210 have five entries from entry 0 to entry 4. The common key table stores values 3, 4, 1, 2, 0 in order from entry 0, and the encryption key table 210 stores 0, 1 in order from entry 0 in the initial state, that is, before shuffling. Each value of 2, 3, 4 is stored.

  In the first loop (shuffle (1)) of loop 5, the value “0” stored in the 0th entry of the encryption key table 210 and the 3rd (3 is the 0th of the common key table) of the encryption key table 210. The value “3” stored in the entry) is exchanged. Next, in the second loop (shuffle (2)) of the loop 5, the value “1” stored in the first entry of the encryption key table 210 and the fourth (4 is the common key table) of the encryption key table 210. The value “4” stored in the first entry) is exchanged.

  Next, in the third loop (shuffle (3)) of loop 5, the value “2” stored in the second entry of the encryption key table 210 and the first (1 is the common key table) of the encryption key table 210. The value “4” stored in the second entry) is exchanged. Next, in the fourth loop of loop 5 (shuffle (4)), the value “0” stored in the third entry of the encryption key table 210 and the second (2 is the common key table) of the encryption key table 210. The value “4” stored in the third entry) is exchanged.

  Finally, in the fifth loop (shuffle (5)) of loop 5, the value “1” stored in the fourth entry of the encryption key table 210 and the 0th (0 is the common key table) of the encryption key table 210 The value “3” stored in the fourth entry) is exchanged. To summarize the shuffle results, the shuffled cipher key table 210 is 1, 2, 0, 4, 3 in order from entry 0.

  Next, an example of processing for creating the decryption key table 220 will be described with reference to FIG. Each entry of the decryption key table 220 needs to store a unique value different from the other entries as in the encryption key table 210. Furthermore, based on the corresponding encryption key table 210, a certain rule is stored. Must be created with.

  The flowchart in FIG. 12A shows a processing procedure for creating the decryption key table 220. In this example, it is assumed that the encryption key table 210 and the decryption key table 220 have 256 entries from entry 0 to entry 255, respectively. Each entry of the encryption key table 210 is assumed to store a unique value (in this case, an integer from 0 to 255) different from the other entries by the process shown in the flowchart of FIG. 11A. In this state, the processing from step S170 to step S174 is repeated 256 times from index i = 0 to 255 (loop 6). When loop 6 is entered, a decryption key is set in step S172. That is, the i value itself is stored in the j-th entry of the decryption key table 220. Here, j is a value (that is, any one of 0 to 255) stored in the i-th entry of the encryption key table 210.

  Next, an example of a processing procedure for creating the decryption key table 220 will be described more specifically with reference to FIG. 12B. Here, both the encryption key table 210 and the decryption key table 220 have five entries from entry 0 to entry 4. Also, the encryption key table 210 stores values 1, 2, 0, 4, 3 in order from entry 0 by shuffling, and nothing is stored in each entry of the decryption key table 220. State.

  In the first loop of loop 6 (set (1)), the value “0” is set in the first entry (1 is the value stored in the 0th of the encryption key table 210) of the decryption key table 220. The Next, in the second loop (set (2)) of the loop 6, the value “1” is entered in the second entry (2 is the first value stored in the encryption key table 210) of the decryption key table 220. In the third loop of loop 6 (set (3)), the value “2” is entered in the 0th entry of the decryption key table 220 (0 is the second value stored in the encryption key table 210). Is set.

  Thereafter, in the fourth loop (set (4)) of the loop 6, the value “3” is entered in the fourth entry (4 is the third value stored in the encryption key table 210) of the decryption key table 220. Next, in the fifth loop of loop 6 (set (5)), a value is entered in the third entry of the decryption key table 220 (3 is the fourth value stored in the encryption key table 210). “4” is set. To summarize the results of this process, the final decryption key table 220 is 2, 0, 1, 4, 3 in order from entry 0.

  As described above, the value stored in each entry of the decryption key table 220 is obtained and set with the predetermined relationship as described above with respect to the value stored in each entry of the encryption key table 210. That is, in the decryption key table 220, the relationship between the number of values indicating data storage positions (values representing entries) and the values stored in the entries is opposite to that of the encryption key table 210. For example, in the example of FIG. 12B, the value “2” is stored in the entry “0” of the decryption key table 220, and the value “0” is stored in the entry “2” of the encryption key table 210.

  Then, by preparing the encryption key table 210 and the decryption key table 220 in such a relationship, as shown in FIG. 10, the encrypted text data 20 encrypted using the encryption key table 210 is converted into the decryption key table. 220 can be used to decrypt the plaintext data 10.

  Next, an example of the hardware configuration of a computer that implements the encryption / decryption system 1 of the present invention will be described with reference to FIG. However, the computer 300 in FIG. 13 merely illustrates a typical configuration as a computer for realizing the encryption / decryption system 1. The encryption / decryption system 1 can also be configured by individual computers for each process, such as an encryption device and a decryption device, and these computers are also configured by similar components. Further, the encryption / decryption system 1 of the present invention can be realized by various types of computers including a CPU, such as a personal computer (desktop type, notebook type), a mobile phone, a PDA, a memory card, and an IC card. .

  The computer 300 includes a CPU (Central Processing Unit) 301, a memory 302, an audio output device 303, a network interface 304, a display controller 305, a display 306, an input device interface 307, a keyboard 308, a mouse 309, an external storage device 310, and an external recording medium. It includes a drive 311 and a bus 312 that connects these components to each other.

  The CPU 301 controls the operation of each component of the computer 300, and executes the functions of the encryption / decryption system 1 according to the present invention under the control of the OS. For example, the control unit 100 controls the handling of the plaintext data 10 and the ciphertext data 20, the encryption processing in the encryption processing unit 110, and the decryption processing in the decryption processing unit 120.

  The memory 302 is generally composed of a ROM (Read Only Memory) that is a nonvolatile memory and a RAM (Random Access Memory) that is a volatile memory. The ROM stores a program executed when the computer 300 is started up. The RAM temporarily stores programs for realizing the functions executed by the CPU 301 and data used during the execution of these programs.

  The audio output device 303 is, for example, a device such as a speaker, and receives audio data from a video player or the like and outputs audio. The network interface 304 is an interface for connecting to the network 320. The network 320 is a network such as a LAN or the Internet, for example.

  The display controller 305 is a dedicated controller for actually processing a drawing command issued by the CPU 301. The drawing data processed by the display controller 305 is once written in the graphic memory and then output to the display 306. The display 306 is a display device configured by, for example, an LCD (Liquid Crystal Display) or a CRT (Cathode Ray Tube).

  The input device interface 307 receives a signal input from the keyboard 308 or the mouse 309 and transmits a predetermined command to the CPU 301 according to the signal pattern.

  The external storage device 310 is, for example, a storage device such as a hard disk drive (HDD), in which the above-described programs and data are recorded, and loaded from there to the RAM of the memory 302 as necessary at the time of execution. Is done. For example, the encryption key table 210 and the decryption key table 220 are stored in this storage device.

  The external recording medium driving device 311 accesses the recording surface of a portable external recording medium 330 such as a CD (Compact Disc), an MO (Magneto-Optical Disc), or a DVD (Digital Versatile Disc) and is recorded there. It is a device that reads data. The external recording medium 330 can also record an encryption program and a decryption program for realizing the encryption / decryption system 1 according to the present invention. Data recorded in the external recording medium 330 is stored in the external storage device 310 via the external recording medium driving device 311. If it is a program, it is loaded into the RAM of the memory 302 at the time of execution.

  As another distribution form of the program for realizing the encryption / decryption system 1 according to the present invention, it is stored in the external storage device 310 via a network 320 and a network interface 304 from a predetermined server on the network. Such routes are also conceivable. The program stored in this manner is loaded into the RAM of the memory 302 at the time of execution and executed in the same manner as described above.

  For example, the user of the computer 300 can provide the data to the encryption processing unit 110 by inputting the plaintext data 10 using the keyboard 308 or the like. On the other hand, the decryption processing unit 120 displays the output plaintext data 10 on the display 306 or stores it in the external storage device 310 based on a user instruction.

  Further, as described above, the encryption / decryption system 1 according to the present invention can be configured by a circuit without using such a program-based computer system.

It is a functional block diagram which shows the outline | summary of the encryption / decryption system which concerns on one Embodiment of this invention. It is a flowchart which shows an example of the encryption process performed in the encryption / decryption system which concerns on one Embodiment of this invention. FIG. 3 is a schematic diagram illustrating a process in which plaintext data is encrypted by the encryption processing illustrated in the flowchart of FIG. 2. It is a basic diagram which shows the example of the bit operation used with the encryption / decryption system which concerns on one Embodiment of this invention. It is a flowchart which shows another example of the encryption process performed in the encryption / decryption system which concerns on one Embodiment of this invention. FIG. 6 is a schematic diagram showing a process in which plaintext data is encrypted by the encryption processing shown in the flowchart of FIG. 5. It is a flowchart which shows another example of the encryption process performed in the encryption / decryption system which concerns on one Embodiment of this invention. It is a basic diagram which showed the process in which plaintext data is encrypted by the encryption process shown in the flowchart of FIG. It is a flowchart which shows the example of the decoding process performed in the encryption / decryption system which concerns on one Embodiment of this invention. FIG. 10 is a schematic diagram illustrating a process in which ciphertext data is decrypted by the encryption processing illustrated in the flowchart of FIG. 9. It is the basic diagram which showed the flowchart for producing the encryption key table used with the encryption / decryption system which concerns on one Embodiment of this invention, and the process in which an encryption key table is created. FIG. 5 is a flowchart for creating a decryption key table used in the encryption / decryption system according to an embodiment of the present invention, and a schematic diagram showing a process of creating the decryption key table. It is a basic diagram which shows the example of the hardware constitutions of the computer which comprises the encryption / decryption system which concerns on one Embodiment of this invention.

DESCRIPTION OF SYMBOLS 1 ... Encryption / decryption system, 10 ... Plaintext data, 20 ... Ciphertext data, 100 ... Control part, 110 ... Encryption processing part, 120 ... Decryption processing part , 210 ... Encryption key table, 220 ... Decryption key table, 300 ... Computer, 301 ... CPU, 302 ... Memory, 303 ... Audio output device, 304 ... Network interface, 305 ... Display controller, 306 ... Display, 307 ... Input device interface, 308 ... Keyboard, 309 ... Mouse, 310 ... External storage device, 311 ... External recording medium drive device 312 ... Bus 320 ... Network 330 ... External recording medium

Claims (9)

An encryption key table storing different encryption keys in each entry; and
Plaintext data, and an encryption unit that performs encryption processing for generating the encrypted ciphertext data in plaintext character by character,
The encryption processing by the encryption means is
Extracting plaintext characters sequentially from the plaintext data,
Based on the contents of the plaintext characters, determine the order of the encryption key table entries,
Determining an encryption key corresponding to the plaintext character based on an addition value of the value of the encryption key table stored in the determined order entry and the value of the encryption key determined previously ;
Generating the ciphertext data by setting the determined cipher key at the position of the ciphertext data specified by the index ;
The encryption means repeats the encryption process using the ciphertext data as plaintext data,
When repeatedly performing the encryption process, the index is sequentially shifted, and the determined encryption key is set at a position of ciphertext data different from the position of the corresponding plaintext character in the plaintext data,
When determining the encryption key, if the value based on the added value exceeds the size of the encryption unit, the encryption apparatus is adjusted to wrap around. The encryption device according to claim 1,
The encryption processing by the encryption means is
A value based on the added value further includes a value set for each repetition of the encryption process. The encryption device according to claim 1 ,
The index is calculated using the position of the plaintext character in the plaintext data and the size of the plaintext data,
When the size is an n multiplier of 2, the calculation is performed by a method that does not use division. A decryption key table storing a different decryption key in each entry; and
Decryption means for decrypting the ciphertext in units of cipher characters and generating plaintext data,
The decoding means includes
Extracting the cipher characters from the ciphertext data;
Based on the subtracted value obtained by subtracting the previously obtained value of the encrypted character from the value of the encrypted character, the order of entries in the decryption key table is determined,
Based on the value of the decryption key table stored in the determined order entry, determine a decryption key corresponding to the encrypted character;
Generating plaintext data by setting the determined decryption key at the position of the plaintext data specified by the index ;
The decryption means repeatedly performs the decryption process using the plaintext data as ciphertext data,
When repeatedly performing the decryption process, the index is sequentially shifted, and the determined decryption key is set at a position of plaintext data different from the position of the corresponding cipher character in the ciphertext data,
In determining the order of entries in the decryption key table value based on the subtraction value is, if a negative value, the decoding device according to claim Rukoto be adjusted to wrap around. An encryption key table storing different encryption keys in each entry; and
Encryption means for performing encryption processing for encrypting plaintext data in plaintext characters and generating ciphertext data;
Decrypting means for performing decryption processing for decrypting the ciphertext data,
The encryption means includes
Extracting plaintext characters sequentially from the plaintext data,
Based on the contents of the plaintext characters, determine the order of the encryption key table entries,
Determining an encryption key corresponding to the plaintext character based on an addition value of the value of the encryption key table stored in the determined order entry and the value of the encryption key determined previously ;
Generating the ciphertext data by setting the determined cipher key at the position of the ciphertext data designated by the first index ;
The encryption means repeats the encryption process using the ciphertext data as plaintext data,
When repeatedly performing the encryption process, the first index is sequentially shifted, and the determined encryption key is set to a position of ciphertext data different from the position of the corresponding plaintext character in the plaintext data,
When determining the encryption key, if the value based on the added value exceeds the size of the encryption unit, it is adjusted to wrap around,
The decoding means includes
From the ciphertext data, sequentially extract cipher characters in the same units as the plaintext characters,
Based on the subtracted value obtained by subtracting the previously obtained value of the encrypted character from the value of the encrypted character, the order of entries in the decryption key table is determined,
Based on the value of the decryption key table stored in the determined order entry, determine a decryption key corresponding to the encrypted character;
Generating plaintext data by setting the determined decryption key at the position of the plaintext data specified by the second index ;
The decryption means repeatedly performs the decryption process using the plaintext data as ciphertext data,
When repeatedly performing the decryption process, the second index is sequentially shifted, and the determined decryption key is set to a position of plaintext data different from the position of the corresponding cipher character in the ciphertext data,
In determining the order of entries in the decryption key table value based on the subtraction value is, if a negative value, the encryption-decryption system according to claim Rukoto adjusted to wrap around . The encryption / decryption system according to claim 5 ,
The encryption / decryption is characterized in that the decryption key table is set so that a relationship between a value representing an entry order and a value stored in the entry is opposite to that of the encryption key table. System. An encryption method used in an encryption device for encrypting plaintext data,
The encryption device has an encryption key table for storing different encryption keys in each entry,
The encryption method is:
(1) extracting plaintext characters sequentially from the plaintext data;
(2) determining the order of entries in the encryption key table based on the contents of the plaintext characters;
(3) Determine an encryption key corresponding to the plaintext character based on an addition value of the value of the encryption key table stored in the determined entry in the determined order and the value of the encryption key determined previously. Steps,
(4) generating the ciphertext data by setting the determined cipher key at the position of the ciphertext data specified by the index;
(5) repetitively performing the steps (1) to (4) using the ciphertext data as plaintext data,
When the steps (1) to (4) are repeatedly performed, the index is sequentially shifted, and the determined encryption key is set at a position of ciphertext data different from the position of the corresponding plaintext character in the plaintext data. And
When determining the encryption key, if the value based on the added value exceeds the size of the encryption unit, the encryption method is adjusted to wrap around. A decryption method used in a decryption device for decrypting ciphertext data,
The decryption device has a decryption key table storing different decryption keys in each entry,
The decoding method is:
(1) extracting the cipher characters from the ciphertext data;
(2) determining the order of entries in the decryption key table based on a subtraction value obtained by subtracting the value of the encryption character obtained previously from the value of the encryption character;
(3) determining a decryption key corresponding to the encrypted character based on a value of the decryption key table stored in the determined entry of the order;
(4) generating plaintext data by setting the determined decryption key at a position of plaintext data specified by an index;
(5) Repeating steps (1) to (4) using the plaintext data as ciphertext data,
When the steps (1) to (4) are repeatedly performed, the index is sequentially shifted, and the determined decryption key is set at a position of plaintext data different from the position of the corresponding cipher character in the ciphertext data. And
When the order of entries in the decryption key table is determined, if the value based on the subtraction value becomes a negative value, the decryption method is adjusted to wrap around. A program for an encryption device for encrypting plaintext data,
The encryption device has an encryption key table for storing different encryption keys in each entry,
The program is for the computer of the encryption device.
(1) extracting plaintext characters sequentially from the plaintext data;
(2) determining the order of entries in the encryption key table based on the contents of the plaintext characters;
(3) Determine an encryption key corresponding to the plaintext character based on an addition value of the value of the encryption key table stored in the determined entry in the determined order and the value of the encryption key determined previously. Steps,
(4) generating the ciphertext data by setting the determined cipher key at the position of the ciphertext data specified by the index;
(5) repetitively performing the steps (1) to (4) using the ciphertext data as plaintext data,
When the steps (1) to (4) are repeatedly performed, the index is sequentially shifted, and the determined encryption key is set at a position of ciphertext data different from the position of the corresponding plaintext character in the plaintext data. And
When determining the encryption key, if the value based on the added value exceeds the size of the encryption unit, the program is controlled to be adjusted so as to wrap around.