JP5134555B2 - Key generation device, encryption device, decryption device, encryption system, key generation method, encryption method, decryption method, program, and recording medium - Google Patents

Key generation device, encryption device, decryption device, encryption system, key generation method, encryption method, decryption method, program, and recording medium Download PDF

Info

Publication number
JP5134555B2
JP5134555B2 JP2009001298A JP2009001298A JP5134555B2 JP 5134555 B2 JP5134555 B2 JP 5134555B2 JP 2009001298 A JP2009001298 A JP 2009001298A JP 2009001298 A JP2009001298 A JP 2009001298A JP 5134555 B2 JP5134555 B2 JP 5134555B2
Authority
JP
Japan
Prior art keywords
secret key
key generation
hierarchy
hierarchical
decryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2009001298A
Other languages
Japanese (ja)
Other versions
JP2010161523A (en
Inventor
美也子 大久保
鉄太郎 小林
幸太郎 鈴木
ホン ソウ チェ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nippon Telegraph and Telephone Corp
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to JP2009001298A priority Critical patent/JP5134555B2/en
Publication of JP2010161523A publication Critical patent/JP2010161523A/en
Application granted granted Critical
Publication of JP5134555B2 publication Critical patent/JP5134555B2/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Description

本発明は、階層的な復号化装置に対して、復号化装置の識別情報を用いて暗号化、復号化する階層型IDベース暗号の鍵生成装置、暗号化装置、復号化装置、暗号化システム、鍵生成方法、暗号化方法、復号化方法、プログラム、および記録媒体に関する。   The present invention relates to a hierarchical ID-based encryption key generation device, encryption device, decryption device, and encryption system that encrypts and decrypts a hierarchical decryption device using the identification information of the decryption device. , A key generation method, an encryption method, a decryption method, a program, and a recording medium.

階層型IDベース暗号は、非特許文献1で初めて提案された。しかし、非特許文献1の方式では、ID(復号化装置の識別情報)に匿名性を持たせることができなかった。また、階層の深さに依存して暗号文のサイズが増加してしまっていた。   Hierarchical ID-based encryption was first proposed in Non-Patent Document 1. However, in the method of Non-Patent Document 1, anonymity cannot be given to the ID (identification information of the decryption device). Also, the ciphertext size has increased depending on the depth of the hierarchy.

非特許文献2は、暗号文のサイズが階層の深さに依存せず、一定となる方式である。しかし、この方式ではIDを秘匿化できなかった。また、IDに秘匿性を持たせる方式として、非特許文献3が提案された。しかし、この方式では、暗号文のサイズが階層の深さに依存して増加してしまう。   Non-Patent Document 2 is a method in which the size of the ciphertext is constant without depending on the depth of the hierarchy. However, this method cannot conceal the ID. Further, Non-Patent Document 3 has been proposed as a method for providing confidentiality to the ID. However, with this method, the ciphertext size increases depending on the depth of the hierarchy.

C. Gentry, A. Silverberg, “Hierarchical ID-based cryptography,” in Proceedings of ASIACRYPT 2002, Lecture Notes in Computer Sience, Springer-Verlag, 2002.C. Gentry, A. Silverberg, “Hierarchical ID-based cryptography,” in Proceedings of ASIACRYPT 2002, Lecture Notes in Computer Sience, Springer-Verlag, 2002. Dan Boneh, Xavier Boyen, and Eu-Jin Goh, “Hierarchical identity based encryption with constant size ciphertext,” Proceedings of Eurocrypt 2005, volume 3494 of LNCS, pp.440-456, 2005.Dan Boneh, Xavier Boyen, and Eu-Jin Goh, “Hierarchical identity based encryption with constant size ciphertext,” Proceedings of Eurocrypt 2005, volume 3494 of LNCS, pp.440-456, 2005. Xavier Boyen and Brent Waters, “Anonymous hierarchical identity-based encryption (without random oracles),” Proceedings of CRYPTO 2006, volume 411 of LNCS, 2006.Xavier Boyen and Brent Waters, “Anonymous hierarchical identity-based encryption (without random oracles),” Proceedings of CRYPTO 2006, volume 411 of LNCS, 2006.

本発明は、ID(復号装置の識別情報)を秘匿化でき、かつ暗号文のサイズが階層の深さに依存しない階層型IDベース暗号技術を提供することである。   An object of the present invention is to provide a hierarchical ID-based encryption technique that can conceal an ID (identification information of a decryption device) and whose ciphertext size does not depend on the depth of the hierarchy.

まず、pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]、暗号文C(k)をC(k)=「C,C,C,C」とする。本発明の鍵生成装置は、鍵生成記録部、公開鍵生成部、鍵生成ランダム値選択部、階層秘密鍵生成部を備える。鍵生成記録部は、群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録する。公開鍵生成部は、G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する。鍵生成ランダム値選択部は、整数r,r,s,s,t,tFirst, p and q are prime orders, G ^ and G T ^ are cyclic groups having order pq, G p is a subgroup of G ^ having prime order p, and G q is G having prime order q. A subgroup of ^, e is a bilinear map such that e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is An integer for identifying a decryption device in the kth hierarchy, D is identification information for identifying K decryption devices, and D = [D 1 ,..., D K ], and ciphertext C (k ) Is C (k) = “C 1 , C 2 , C 3 , C 4 ”. The key generation device of the present invention includes a key generation recording unit, a public key generation unit, a key generation random value selection unit, and a hierarchical secret key generation unit. Key generating recording unit, data g, f, v, h 1 is an element of the group G p, ..., h K, and w, data R g is an element of the group G q, R f, R v , R 1 ,..., R K , g q and identification information D are recorded. The public key generation unit calculates G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) , [G, F, V, H 1 ,..., H K , E] are generated as public keys P. The key generation random value selector selects the integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2 .

Figure 0005134555

を満たさないように、ランダムに選択する。階層秘密鍵生成部は、復号鍵生成手段、引継情報生成手段、秘密鍵生成手段を備え、k番目の階層の階層秘密鍵S(k)を生成する。
復号鍵生成手段は、S(k)を、
Figure 0005134555
Randomly selected so as not to satisfy. The hierarchical secret key generation unit includes a decryption key generation unit, a takeover information generation unit, and a secret key generation unit, and generates a hierarchical secret key S (k) of the kth layer.
The decryption key generation means converts S d (k) to

Figure 0005134555

のように求める。引継情報生成手段は、S(k)を、
Figure 0005134555
Seek like. The takeover information generation means sets S r (k) to

Figure 0005134555

のように求める。秘密鍵生成手段は、k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める。
Figure 0005134555
Seek like. The secret key generation means converts the hierarchy secret key S (k) of the kth hierarchy to S (k) ← [S d (k), S r (k)]
Seek like.

暗号化装置は、暗号化記録部、暗号化ランダム値選択部、暗号化部を備える。暗号化記録部は、識別情報D、公開鍵P、平文Mを記録する。暗号化ランダム値選択部は、整数sと群Gの要素であるZ,Z,Zをランダムに選択する。暗号化部は、群G^の要素である平文Mから、k番目の階層の復号化装置用の暗号文C(k)を、 The encryption device includes an encryption recording unit, an encryption random value selection unit, and an encryption unit. The encryption recording unit records identification information D, public key P, and plaintext M. The encryption random value selection unit randomly selects Z 1 , Z 2 , and Z 3 that are elements of the integer s and the group G q . The encryption unit obtains the ciphertext C (k) for the decryption device in the kth layer from the plaintext M that is an element of the group G T ^.

Figure 0005134555

のように求める。
Figure 0005134555
Seek like.

k番目(ただし、2番目以降)の階層の復号化装置は、復号化記録部、復号化ランダム値選択部、階層秘密鍵生成部、復号化部を備える。復号化記録部は、k−1番目の階層の階層秘密鍵S(k−1)=[[a,a,a,b,…,b],[α,α,α,β,…,βK],[α’,α’,α’,β’,…,βK’]]、暗号文C(k)、自己の識別情報Dを記録する。復号化ランダム値選択部は、整数γ,γ,γ,δ,δ,δThe decryption device for the k-th (but second or later) layer includes a decryption recording unit, a decryption random value selection unit, a layer secret key generation unit, and a decryption unit. The decryption / recording unit includes a hierarchy secret key S (k−1) = [[a 0 , a 1 , a 2 , b k ,..., B K ], [α 0 , α 1 , α 2 , β k ,..., β K ], [α 0 ′, α 1 ′, α 2 ′, β k ′,..., β K ′]], ciphertext C (k), self identification information D k Record. The decoding random value selection unit calculates the integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , δ 3 .

Figure 0005134555

を満たさないように、ランダムに選択する。階層秘密鍵生成部は、復号鍵生成手段、引継情報生成手段、秘密鍵生成手段を備え、k番目の階層の階層秘密鍵S(k)を生成する。復号鍵生成手段は、S(k)を、
Figure 0005134555
Randomly selected so as not to satisfy. The hierarchical secret key generation unit includes a decryption key generation unit, a takeover information generation unit, and a secret key generation unit, and generates a hierarchical secret key S (k) of the kth layer. The decryption key generation means converts S d (k) to

Figure 0005134555

のように求める。引継情報生成手段は、S(k)を、
Figure 0005134555
Seek like. The takeover information generation means sets S r (k) to

Figure 0005134555

のように求める。秘密鍵生成手段はk番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める。復号化部は、階層秘密鍵S(k)のはじめの3つの要素をA,A,Aとすると、暗号文C(k)を
Figure 0005134555
Seek like. The secret key generation means obtains the hierarchy secret key S (k) of the kth hierarchy as S (k) ← [S d (k), S r (k)]
Seek like. When the first three elements of the hierarchical secret key S (k) are A 0 , A 1 and A 2 , the decryption unit converts the ciphertext C (k)

Figure 0005134555

のように平文Mに復号する。
1番目の階層の復号化装置は、復号化記録部と復号化部とを備える。復号化記録部は、1番目の階層の階層秘密鍵S(1)、暗号文C(1)を記録する。復号化部は、階層秘密鍵S(1)のはじめの3つの要素をA,A,Aとし、暗号文C(1)を
Figure 0005134555
As shown in FIG.
The first layer decoding apparatus includes a decoding recording unit and a decoding unit. The decryption recording unit records the hierarchical secret key S (1) and the ciphertext C (1) of the first hierarchy. The decryption unit sets the first three elements of the hierarchical secret key S (1) as A 0 , A 1 , A 2 , and the ciphertext C (1)

Figure 0005134555

のように平文Mに復号する。なお、1番目の階層の復号化部は鍵生成装置と同一でもよい。
Figure 0005134555
As shown in FIG. Note that the decryption unit in the first layer may be the same as the key generation device.

本発明によれば、暗号文C(k)と一緒にID(復号化装置の識別情報)を送信する必要がない。したがって、IDを秘匿化できる。また、暗号文C(k)の長さは階層に依存しない。   According to the present invention, it is not necessary to transmit the ID (identification information of the decryption device) together with the ciphertext C (k). Therefore, the ID can be concealed. The length of the ciphertext C (k) does not depend on the hierarchy.

本発明の暗号化システムの構成例を示す図。The figure which shows the structural example of the encryption system of this invention. 本発明の鍵生成装置および1番目の階層の復号化装置の機能構成例を示す図。The figure which shows the function structural example of the key generation apparatus of this invention, and the decoding apparatus of the 1st hierarchy. 本発明の鍵生成装置の処理フローの例を示す図。The figure which shows the example of the processing flow of the key generation apparatus of this invention. 本発明の暗号化装置の機能構成例を示す図。The figure which shows the function structural example of the encryption apparatus of this invention. 本発明の暗号化装置の処理フローの例を示す図。The figure which shows the example of the processing flow of the encryption apparatus of this invention. 本発明のk番目(ただし、2番目以降)の階層の復号化装置の機能構成例を示す図。The figure which shows the function structural example of the decoding apparatus of the kth (however, 2nd or later) hierarchy of this invention. 本発明のk番目(ただし、2番目以降)の階層の復号化装置の処理フローの例を示す図。The figure which shows the example of the processing flow of the decoding apparatus of the kth (however, 2nd or later) hierarchy of this invention. コンピュータの機能構成例を示す図。The figure which shows the function structural example of a computer.

以下に、本発明について図面を参照しながら説明する。なお、同じ機能を有する構成部には同じ番号を付し、重複説明を省略する。   The present invention will be described below with reference to the drawings. In addition, the same number is attached | subjected to the structure part which has the same function, and duplication description is abbreviate | omitted.

図1に本発明の暗号化システムの構成例を示す。本発明の暗号化システムは、鍵生成装置100(復号化装置300−1)、暗号化装置200、復号化装置300−2,…,Kで構成される。まず、pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置300−kを識別するための整数、DはK個の復号化装置300−1,…,Kを識別するための識別情報であってD=[D,…,D]、暗号文C(k)をC(k)=「C,C,C,C」とする。なお、このように定義すると、群G^の任意の要素gとhおよび任意の整数aとbについてe(g,h)=e(g,h)ab、および、群Gの任意の要素hと群Gの任意の要素hについてe(h,h)=1の関係が成り立つ。 FIG. 1 shows a configuration example of an encryption system of the present invention. The encryption system according to the present invention includes a key generation device 100 (decryption device 300-1), an encryption device 200, decryption devices 300-2,. First, p and q are prime orders, G ^ and G T ^ are cyclic groups having order pq, G p is a subgroup of G ^ having prime order p, and G q is G having prime order q. A subgroup of ^, e is a bilinear map such that e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is An integer for identifying the decoding device 300-k of the k-th layer, D is identification information for identifying the K decoding devices 300-1,..., K, and D = [D 1 ,. , D K ], and the ciphertext C (k) is C (k) = “C 1 , C 2 , C 3 , C 4 ”. Incidentally, defining in this way, any group G ^ elements g and h and arbitrary integers a and b for e (g a, h b) = e (g, h) ab, and any group G p The relationship of e (h p , h q ) = 1 holds for the element h p of the group G and the arbitrary element h q of the group G q .

鍵生成装置100は、マスター秘密鍵Sと復号化装置300−1,…,KのID(識別情報D=[D,…,D])を記録しており、公開鍵P、配下のすべての階層の階層秘密鍵S(k)を生成できる。暗号化装置200は、公開鍵Pと復号化装置300−kのID(識別情報D=[D,…,D])を記録している。暗号化装置200は、平文Mを、公開鍵Pと復号化装置300−1,…,kの識別情報D,…,Dを用いて暗号化し、k番目の階層の復号化装置300−k用の暗号文C(k)を得る。1番目の階層の復号化装置300−1(図1では鍵生成装置100と同一)は、受信した暗号文C(1)を、階層秘密鍵S(1)を用いて復号化し、平文Mを得る。k番目(ただし、2番目以降)の階層の復号化装置300−kは、受信した暗号文C(k)を、k−1番目の復号化装置300−k−1の階層秘密鍵S(k−1)=[[a,a,a,b,…,b],[α,α,α,β,…,βK],[α’,α’,α’,β’,…,βK’]]、暗号文C(k)、自己の識別情報Dを用いて復号化し、平文Mを得る。本発明の暗号化システムでは、暗号文C(k)と一緒に復号化装置の識別情報を送信しないので、IDを秘匿化できる。 The key generation device 100 records the master secret key S m and the IDs of the decryption devices 300-1,..., K (identification information D = [D 1 ,..., D K ]). The hierarchical secret key S (k) of all hierarchies can be generated. The encryption device 200 records the public key P and the ID (identification information D = [D 1 ,..., D K ]) of the decryption device 300-k. The encryption device 200 encrypts the plaintext M using the public key P and the identification information D 1 ,..., D k of the decryption devices 300-1,. A ciphertext C (k) for k is obtained. The decryption device 300-1 in the first hierarchy (same as the key generation device 100 in FIG. 1) decrypts the received ciphertext C (1) using the hierarchical secret key S (1), and converts the plaintext M into obtain. The decryption device 300-k in the k-th (but second or later) layer uses the received ciphertext C (k) as the hierarchical secret key S (k) of the (k-1) -th decryption device 300-k-1. −1) = [[a 0 , a 1 , a 2 , b k ,..., B K ], [α 0 , α 1 , α 2 , β k ,..., Β K ], [α 0 ′, α 1 ', Α 2 ', β k ',..., Β K ']], ciphertext C (k), and self-identification information Dk are used for decryption to obtain plaintext M. In the encryption system of the present invention, since the identification information of the decryption device is not transmitted together with the ciphertext C (k), the ID can be concealed.

図2に鍵生成装置100の機能構成例を示す。また、図3に鍵生成装置100の処理フロー例を示す。鍵生成装置100は、鍵生成記録部110、公開鍵生成部120、鍵生成ランダム値選択部130、階層秘密鍵生成部140を備える。鍵生成記録部110は、群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録する。なお、データg,f,v,h,…,h,wは、マスター秘密鍵S=[g,f,v,h,…,h,w]として記録される。公開鍵生成部120は、G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する(S120)。鍵生成ランダム値選択部130は、整数r,r,s,s,t,tを、 FIG. 2 shows a functional configuration example of the key generation device 100. FIG. 3 shows an example of the processing flow of the key generation device 100. The key generation device 100 includes a key generation recording unit 110, a public key generation unit 120, a key generation random value selection unit 130, and a hierarchical secret key generation unit 140. Key generating recording unit 110, data g, f, v, h 1 is an element of the group G p, ..., h K, w and the data R g is an element of the group G q, R f, R v , R 1 ,..., R K , g q and identification information D are recorded. It should be noted that the data g, f, v, h 1 , ..., h K, w is, the master secret key S m = [g, f, v, h 1, ..., h K, w] is recorded as. The public key generation unit 120 calculates G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) [G, F, V, H 1 ,..., H K , E] are generated as the public key P (S120). The key generation random value selection unit 130 calculates the integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2 ,

Figure 0005134555

を満たさないように、ランダムに選択する(S130)。
階層秘密鍵生成部140は、復号鍵生成手段150、引継情報生成手段160、秘密鍵生成手段170を備え、k番目の階層の階層秘密鍵S(k)を生成する(S140)。復号鍵生成手段150は、S(k)を、
Figure 0005134555
Is selected at random (S130).
The hierarchical secret key generation unit 140 includes a decryption key generation means 150, a takeover information generation means 160, and a secret key generation means 170, and generates a hierarchical secret key S (k) of the kth hierarchy (S140). The decryption key generation means 150 converts S d (k) to

Figure 0005134555

のように求める(S150)。引継情報生成手段160は、S(k)を、
Figure 0005134555
(S150). The takeover information generation means 160 replaces S r (k) with

Figure 0005134555

のように求める(S160)。秘密鍵生成手段170は、k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める(S170)。
Figure 0005134555
(S160). The secret key generation means 170 obtains the hierarchy secret key S (k) of the kth hierarchy as S (k) ← [S d (k), S r (k)].
(S170).

図4に暗号化装置の機能構成例を示す。また、図5に暗号化装置の処理フローの例を示す。暗号化装置200は、暗号化記録部210、暗号化ランダム値選択部230、暗号化部280を備える。暗号化記録部210は、K個(K層)の復号化装置を識別するための識別情報D、鍵生成装置100が公開した公開鍵P、送信対象の平文Mを記録する。暗号化ランダム値選択部230は、整数sと群Gの要素であるZ,Z,Zをランダムに選択する(S230)。暗号化部280は、群G^の要素である平文Mから、k番目の階層の復号化装置300−k用の暗号文C(k)を、 FIG. 4 shows a functional configuration example of the encryption apparatus. FIG. 5 shows an example of the processing flow of the encryption apparatus. The encryption device 200 includes an encryption recording unit 210, an encryption random value selection unit 230, and an encryption unit 280. The encryption recording unit 210 records identification information D for identifying K (K layer) decryption devices, a public key P disclosed by the key generation device 100, and plaintext M to be transmitted. The encryption random value selection unit 230 randomly selects Z 1 , Z 2 , and Z 3 that are elements of the integer s and the group G q (S230). The encryption unit 280 obtains the ciphertext C (k) for the decryption device 300-k in the k-th layer from the plaintext M that is an element of the group G T ^

Figure 0005134555

のように求め(S280)、k番目の階層の復号化装置300−kに暗号文C(k)を送信する。
Figure 0005134555
(S280), and the ciphertext C (k) is transmitted to the decryption apparatus 300-k in the kth layer.

図6にk番目(ただし、2番目以降)の階層の復号化装置の機能構成例を示す。また、図7にk番目(ただし、2番目以降)の階層の復号化装置の処理フローの例を示す。k番目(ただし、2番目以降)の階層の復号化装置300−kは、復号化記録部310−k、復号化ランダム値選択部330−k、階層秘密鍵生成部340−k、復号化部390−kを備える。復号化記録部310−kは、受信したk−1番目の階層の復号化装置300−k−1の階層秘密鍵S(k−1)=[[a,a,a,b,…,b],[α,α,α,β,…,βK],[α’,α’,α’,β’,…,βK’]]、受信した暗号文C(k)、自己の識別情報Dを記録する。復号化ランダム値選択部330−kは、整数γ,γ,γ,δ,δ,δFIG. 6 shows an example of the functional configuration of the decoding device in the k-th (but second or later) layer. FIG. 7 shows an example of the processing flow of the decoding device in the k-th (however, the second and subsequent layers) hierarchy. The decryption apparatus 300-k for the k-th (but second or later) layer includes a decryption recording unit 310-k, a decryption random value selection unit 330-k, a layer secret key generation unit 340-k, and a decryption unit. 390-k. The decryption recording unit 310-k receives the hierarchical secret key S (k−1) = [[a 0 , a 1 , a 2 , b k of the received decryption apparatus 300-k-1 of the (k−1) th layer. , ..., b K ], [α 0 , α 1 , α 2 , β k , ..., β K ], [α 0 ', α 1 ', α 2 ', β k ', ..., β K ']] The received ciphertext C (k) and its own identification information Dk are recorded. The decoding random value selection unit 330-k converts the integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , and δ 3 .

Figure 0005134555

を満たさないように、ランダムに選択する(S330−k)。例えば、復号化ランダム値選択部330−kは、整数γ,γ,γ,δ,δ,δをランダムに選択し(S331−k)、上記の式を満たすかを確認する(S332−k)。Yesの場合には、整数γ,γ,γ,δ,δ,δをランダムに選択する処理を繰り返す。Noの場合には、次の処理に進む。
Figure 0005134555
Is selected at random so as not to satisfy (S330-k). For example, the decoding random value selection unit 330-k randomly selects integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , and δ 3 (S331-k), and confirms whether the above equation is satisfied. (S332-k). In the case of Yes, the process of randomly selecting the integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , and δ 3 is repeated. In No, it progresses to the next process.

階層秘密鍵生成部340−kは、復号鍵生成手段350−k、引継情報生成手段360−k、秘密鍵生成手段370−kを備え、自己の(k番目の階層の復号化装置300−k用の)階層秘密鍵S(k)を生成する。復号鍵生成手段350−kは、S(k)を、 The hierarchical secret key generation unit 340-k includes a decryption key generation unit 350-k, a takeover information generation unit 360-k, and a secret key generation unit 370-k. A hierarchical secret key S (k) is generated. The decryption key generation means 350-k converts S d (k) to

Figure 0005134555

のように求める(S350−k)。引継情報生成手段360−kは、S(k)を、
Figure 0005134555
(S350-k). The takeover information generating means 360-k converts S r (k) to

Figure 0005134555

のように求める(S360−k)。秘密鍵生成手段370−kは自己の(k番目の階層の復号化装置300−k用の)階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める(S370−k)。復号化部390−kは、階層秘密鍵S(k)のはじめの3つの要素をA,A,Aとすると、暗号文C(k)を
Figure 0005134555
(S360-k). The secret key generation means 370-k obtains its own hierarchy secret key S (k) (for the kth hierarchy decryption apparatus 300-k) S (k) ← [S d (k), S r (k) ]
(S370-k). When the first three elements of the hierarchical secret key S (k) are A 0 , A 1 , and A 2 , the decryption unit 390-k converts the ciphertext C (k).

Figure 0005134555

のように平文Mに復号する(S390−k)。
Figure 0005134555
The plaintext M is decrypted as follows (S390-k).

1番目の階層の復号化装置300−1は、図1の例では鍵生成装置100と同一の装置である。図2中に点線で示した構成部が1番目の階層の復号化装置300−1として機能する構成部である。具体的には、復号化記録部310−1と復号化部390−1である。復号化記録部310は、階層秘密鍵生成部140が生成した1番目の階層の復号化装置用の階層秘密鍵S(1)、受信した暗号文C(1)を記録する。復号化部390−1は、階層秘密鍵S(1)のはじめの3つの要素をA,A,Aとし、暗号文C(1)を The decryption device 300-1 in the first hierarchy is the same device as the key generation device 100 in the example of FIG. The components indicated by dotted lines in FIG. 2 are components that function as the first layer decoding apparatus 300-1. Specifically, the decoding recording unit 310-1 and the decoding unit 390-1. The decryption recording unit 310 records the hierarchical secret key S (1) for the first-level decryption device generated by the hierarchical secret key generation unit 140 and the received ciphertext C (1). The decryption unit 390-1 sets the first three elements of the hierarchical secret key S (1) as A 0 , A 1 , A 2, and converts the ciphertext C (1).

Figure 0005134555

のように平文Mに復号する(S390−1)。なお、図1の例は1番目の階層の復号化装置は鍵生成装置と同一としたが、別の装置としてもよい。別の装置とする場合には、復号化装置300−1は鍵生成装置100から、1番目の階層の復号化装置用の階層秘密鍵S(1)を受け取っておく必要がある。
検証
Figure 0005134555
Is decrypted into plaintext M (S390-1). In the example of FIG. 1, the decryption device in the first layer is the same as the key generation device, but may be a different device. In the case of using another device, the decryption device 300-1 needs to receive the hierarchical secret key S (1) for the first layer decryption device from the key generation device 100.
Validation

Figure 0005134555

によって平文Mが求められることを確認する。
まず、鍵生成装置100の階層秘密鍵生成部140で求める階層秘密鍵S(k)で確認する。階層秘密鍵生成部140で求める階層秘密鍵S(k)の最初の3つの要素A,A,Aは、次のとおりである。
Figure 0005134555
To confirm that plaintext M is obtained.
First, the hierarchical secret key S (k) obtained by the hierarchical secret key generation unit 140 of the key generation device 100 is confirmed. The first three elements A 0 , A 1 , A 2 of the hierarchical secret key S (k) obtained by the hierarchical secret key generation unit 140 are as follows.

Figure 0005134555

また、C,C,C,Cは、次のとおりである。
Figure 0005134555
C 1 , C 2 , C 3 , and C 4 are as follows.

Figure 0005134555

したがって、
Figure 0005134555
Therefore,

Figure 0005134555

は、次のようになる。
Figure 0005134555
Is as follows.

Figure 0005134555
Figure 0005134555

また、階層秘密鍵生成部340−kは、自己の(k番目の階層の復号化装置300−k用の)階層秘密鍵S(k)を、k−1番目の階層の復号化装置300−k−1用の階層秘密鍵S(k−1)から生成する。また、
S(k−1)は、 Also, the hierarchical secret key generation unit 340-k uses its own (hierarchical secret key S (k) for the k-th hierarchy decryption apparatus 300-k) as the decryption apparatus 300- for the (k-1) th hierarchy. It is generated from the hierarchical secret key S (k-1) for k-1. Also,
S (k-1) is

Figure 0005134555

であり、階層秘密鍵生成部340−kが求める階層秘密鍵S(k)の最初の3つの要素A,A,Aは、次のとおりである。
Figure 0005134555
The first three elements A 0 , A 1 , A 2 of the hierarchical secret key S (k) obtained by the hierarchical secret key generation unit 340-k are as follows.

Figure 0005134555

したがって、
Figure 0005134555
Therefore,

Figure 0005134555

となる。これらは、階層秘密鍵生成部140で求める階層秘密鍵S(k)の最初の3つの要素A,A,A
Figure 0005134555
It becomes. These are the first three elements A 0 , A 1 , A 2 of the hierarchical secret key S (k) obtained by the hierarchical secret key generation unit 140.

Figure 0005134555

と同じである。
つまり、k番目(ただし、2番目以降)の階層の復号化装置は、自己(k番目)よりも上位の階層の復号化装置の識別情報D,…,Dk−1を知らなくても暗号文C(k)を復号化できる。よって、暗号文C(k)と一緒にID(復号化装置の識別情報)を送信する必要がなく、ID(復号化装置の識別情報)を秘匿化できる。また、暗号文C(k)は、
Figure 0005134555
Is the same.
That is, the decoding device in the k-th (but second or later) layer does not need to know the identification information D 1 ,..., D k−1 of the decoding device in the higher layer than itself (k-th). The ciphertext C (k) can be decrypted. Therefore, it is not necessary to transmit the ID (identification information of the decryption device) together with the ciphertext C (k), and the ID (identification information of the decryption device) can be concealed. The ciphertext C (k) is

Figure 0005134555

なので、暗号文C(k)の長さは階層に依存しない。
Figure 0005134555
Therefore, the length of the ciphertext C (k) does not depend on the hierarchy.

図8に、コンピュータの機能構成例を示す。なお、本発明の鍵生成装置、暗号化装置および復号化装置は、コンピュータ2000の記録部2020に、本発明の各構成部としてコンピュータ2000を動作させるプログラムを読み込ませ、処理部2010、入力部2030、出力部2040などを動作させることで実現できる。また、コンピュータに読み込ませる方法としては、プログラムをコンピュータ読み取り可能な記録媒体に記録しておき、記録媒体からコンピュータに読み込ませる方法、サーバ等に記録されたプログラムを、電気通信回線等を通じてコンピュータに読み込ませる方法などがある。   FIG. 8 shows a functional configuration example of a computer. Note that the key generation device, encryption device, and decryption device of the present invention causes the recording unit 2020 of the computer 2000 to read a program that causes the computer 2000 to operate as each component of the present invention, and the processing unit 2010 and the input unit 2030. This can be realized by operating the output unit 2040 or the like. In addition, as a method of causing the computer to read, the program is recorded on a computer-readable recording medium, and the program recorded on the server or the like is read into the computer through a telecommunication line or the like. There is a method to make it.

本発明は、2台以上の通信装置の間で情報を暗号化して通信するような場合などに利用できる。   The present invention can be used in a case where information is encrypted and communicated between two or more communication devices.

100 鍵生成装置 110 鍵生成記録部
120 公開鍵生成部 130 鍵生成ランダム値選択部
140 階層秘密鍵生成部 150 復号鍵生成手段
160 引継情報生成手段 170 秘密鍵生成手段
200 暗号化装置 210 暗号化記録部
230 暗号化ランダム値選択部 280 暗号化部
300 復号化装置 310 復号化記録部
330 復号化ランダム値選択部 340 階層秘密鍵生成部
350 復号鍵生成手段 360 引継情報生成手段
370 秘密鍵生成手段 390 復号化部 DESCRIPTION OF SYMBOLS 100 Key generation apparatus 110 Key generation recording part 120 Public key generation part 130 Key generation random value selection part 140 Hierarchical secret key generation part 150 Decryption key generation means 160 Takeover information generation means 170 Private key generation means 200 Encryption apparatus 210 Encryption recording Unit 230 encrypted random value selection unit 280 encryption unit 300 decryption device 310 decryption recording unit 330 decryption random value selection unit 340 hierarchical secret key generation unit 350 decryption key generation unit 360 takeover information generation unit 370 secret key generation unit 390 Decryption unit

Claims (14)

pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]とし、
群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録する鍵生成記録部と、
G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する公開鍵生成部と、
整数r,r,s,s,t,t
Figure 0005134555
を満たさない条件で、ランダムに選択する鍵生成ランダム値選択部と、
階層秘密鍵S(1)を生成する階層秘密鍵生成部と、
を備え、
前記階層秘密鍵生成部は、
(1)を、
Figure 0005134555
のように求める復号鍵生成手段と、
(1)を、
Figure 0005134555
のように求める引継情報生成手段と、
階層秘密鍵S(1)を
S(1)←[S(1),S(1)]
のように求める秘密鍵生成手段と
を備える
ことを特徴とする鍵生成装置。 p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is the kth , D is identification information for identifying K decoding devices, and D = [D 1 ,..., D K ],
Data g, f, v, h 1 is an element of the group G p, ..., h K, and w, data R g is an element of the group G q, R f, R v , R 1, ..., R K, g q , a key generation recording unit for recording the identification information D,
G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) are calculated, and [G, F, V, H 1 ,..., H K , E] as public keys P;
Integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2
Figure 0005134555
A key generation random value selection unit that randomly selects under a condition that does not satisfy
A hierarchical secret key generation unit that generates a hierarchical secret key S (1);
With
The hierarchical secret key generation unit
S d (1)
Figure 0005134555
Decryption key generation means to be obtained as follows:
S r (1)
Figure 0005134555
A takeover information generation means to obtain,
The hierarchical secret key S (1) is changed to S (1) ← [S d (1), S r (1)]
And a secret key generating means for obtaining the key. pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]とし、
群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録する鍵生成記録部と、
G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する公開鍵生成部と、
整数r,r,s,s,t,t
Figure 0005134555
を満たさないように、ランダムに選択する鍵生成ランダム値選択部と、
k番目の階層の階層秘密鍵S(k)を生成する階層秘密鍵生成部と、
を備え、
前記階層秘密鍵生成部は、
(k)を、
Figure 0005134555
のように求める復号鍵生成手段と、
(k)を、
Figure 0005134555
のように求める引継情報生成手段と、
k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める秘密鍵生成手段と
を備える
ことを特徴とする鍵生成装置。 p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is the kth , D is identification information for identifying K decoding devices, and D = [D 1 ,..., D K ],
Data g, f, v, h 1 is an element of the group G p, ..., h K, and w, data R g is an element of the group G q, R f, R v , R 1, ..., R K, g q , a key generation recording unit for recording the identification information D,
G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) are calculated, and [G, F, V, H 1 ,..., H K , E] as public keys P;
Integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2
Figure 0005134555
A key generation random value selection unit that randomly selects so as not to satisfy
a hierarchical secret key generation unit that generates a hierarchical secret key S (k) of the kth hierarchy;
With
The hierarchical secret key generation unit
S d (k)
Figure 0005134555
Decryption key generation means to be obtained as follows:
S r (k)
Figure 0005134555
A takeover information generation means to obtain,
The hierarchical secret key S (k) of the kth hierarchy is expressed as S (k) ← [S d (k), S r (k)]
And a secret key generation means for obtaining the key. pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数qを持つG^の部分群、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]、公開鍵PをP=[G,F,V,H,…,H,E]とし、
識別情報D、公開鍵P、平文Mを記録する暗号化記録部と、
整数sと群Gの要素であるZ,Z,Zをランダムに選択する暗号化ランダム値選択部と、
群G^の要素である平文Mから、k番目の階層の復号化装置用の暗号文C(k)を、
Figure 0005134555
のように求める暗号化部と
を備える暗号化装置。 p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G q is a subgroup of G ^ with prime order q, K is an integer indicating the maximum value of the hierarchy, and k is An integer of 1 ≦ k ≦ K indicating a hierarchy, D k is an integer for identifying a decoding device of the k th layer, D is identification information for identifying K decoding devices, and D = [ D 1 ,..., D K ], and the public key P is P = [G, F, V, H 1 ,..., H K , E],
An encryption recording unit for recording the identification information D, the public key P, and the plaintext M;
An encryption random value selection unit for randomly selecting Z 1 , Z 2 , Z 3 which are elements of the integer s and the group G q ;
From the plaintext M that is an element of the group G T ^, the ciphertext C (k) for the decryption device of the k-th hierarchy is obtained.
Figure 0005134555
An encryption device comprising: an encryption unit to be obtained as described above. 2番目以降の階層の復号化装置であって、
pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す2≦k≦Kの整数、k−1番目の階層の階層秘密鍵S(k−1)をS(k−1)=[[a,a,a,b,…,b],[α,α,α,β,…,βK],[α’,α’,α’,β’,…,βK’]]、暗号文C(k)をC(k)=「C,C,C,C」とし、
k−1番目の階層の階層秘密鍵S(k−1)、暗号文C(k)、自己の識別情報Dを記録する復号化記録部と、
整数γ,γ,γ,δ,δ,δ
Figure 0005134555
を満たさないように、ランダムに選択する復号化ランダム値選択部と、
k番目の階層の階層秘密鍵S(k)を生成する階層秘密鍵生成部と、
階層秘密鍵S(k)を用いて暗号文Cを平文Mに復号する復号化部
を備え、
前記階層秘密鍵生成部は、
(k)を、
Figure 0005134555
のように求める復号鍵生成手段と、
(k)を、
Figure 0005134555
のように求める引継情報生成手段と、
k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める秘密鍵生成手段と
を備え、
前記復号化部は、
,A,Aを階層秘密鍵S(k)のはじめの3つの要素とすると、
暗号文C(k)を
Figure 0005134555
のように平文Mに復号する
ことを特徴とする復号化装置。 A decoding device for the second and subsequent layers,
p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 2 ≦ k ≦ K indicating the hierarchy, k−1th The hierarchical secret key S (k−1) of the hierarchy is represented by S (k−1) = [[a 0 , a 1 , a 2 , b k ,..., B K ], [α 0 , α 1 , α 2 , β k ,..., β K ], [α 0 ′, α 1 ′, α 2 ′, β k ′,..., β K ′]], and the ciphertext C (k) C (k) = “C 1 , C 2 , C 3 , C 4
a decryption recording unit that records a hierarchical secret key S (k−1), a ciphertext C (k), and identification information D k of the k−1th hierarchy;
Integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , δ 3
Figure 0005134555
A decoding random value selection unit that randomly selects so as not to satisfy
a hierarchical secret key generation unit that generates a hierarchical secret key S (k) of the kth hierarchy;
A decryption unit that decrypts the ciphertext C into plaintext M using the hierarchical secret key S (k),
The hierarchical secret key generation unit
S d (k)
Figure 0005134555
Decryption key generation means to be obtained as follows:
S r (k)
Figure 0005134555
A takeover information generation means to obtain,
The hierarchical secret key S (k) of the kth hierarchy is expressed as S (k) ← [S d (k), S r (k)]
And a secret key generation means for obtaining
The decoding unit
If A 0 , A 1 and A 2 are the first three elements of the hierarchical secret key S (k),
Ciphertext C (k)
Figure 0005134555
A decryption device characterized by decrypting into plaintext M as follows. 1番目の階層の復号化装置であって、
pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、暗号文C(k)をC(k)=「C,C,C,C」、A,A,Aを階層秘密鍵S(1)のはじめの3つの要素とし、
1番目の階層の階層秘密鍵S(1)、暗号文C(1)を記録する復号化記録部と、
暗号文C(1)を
Figure 0005134555
のように平文Mに復号する復号化部
を備え、
整数r,r,s,s,t,tを、
Figure 0005134555
を満たさない条件で、ランダムに選択された整数とし、
(1)を、
Figure 0005134555
とし、
(1)を、
Figure 0005134555
とし、
階層秘密鍵S(1)は、
S(1)←[S(1),S(1)]
のように求められたものである
ことを特徴とする復号化装置。 A decoding device of the first hierarchy,
p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. The subgroup, e is a bilinear map in which e: G ^ × G ^ → G T ^, and the ciphertext C (k) is C (k) = “C 1 , C 2 , C 3 , C 4 ”, A 0 , A 1 , A 2 are the first three elements of the hierarchical secret key S (1),
A decryption recording unit for recording a first layer hierarchical secret key S (1) and ciphertext C (1);
Ciphertext C (1)
Figure 0005134555
And a decrypting unit for decrypting into plaintext M as shown in FIG.
Integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2 ,
Figure 0005134555
It is a randomly selected integer under the condition that does not satisfy
S d (1)
Figure 0005134555
age,
S r (1)
Figure 0005134555
age,
The hierarchical secret key S (1) is
S (1) ← [S d (1), S r (1)]
A decoding apparatus characterized by being obtained as follows. 鍵生成装置、暗号化装置、階層化されたK−1個の復号化装置で構成された暗号化システムであって、
pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]とし、
前記鍵生成装置は、
群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録する鍵生成記録部と、
G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する公開鍵生成部と、
整数r,r,s,s,t,t
Figure 0005134555
を満たさない条件で、ランダムに選択する鍵生成ランダム値選択部と、
階層秘密鍵S(1)を生成する第1階層秘密鍵生成部と、
を備え、
前記第1階層秘密鍵生成部は、
(1)を、
Figure 0005134555
のように求める第1復号鍵生成手段と、
(1)を、
Figure 0005134555
のように求める第1引継情報生成手段と、
階層秘密鍵S(1)を
S(1)←[S(1),S(1)]
のように求める第1秘密鍵生成手段と
を備え、
前記暗号化装置は、
識別情報D、公開鍵P、平文Mを記録する暗号化記録部と、
ランダムに整数sと群Gの要素であるZ,Z,Zを選択する暗号化ランダム値選択部と、
群G^の要素である平文Mから、k番目の階層の復号化装置用の暗号文C(k)を、
Figure 0005134555
のように求める暗号化部と
を備え、
2番目以降のk番目の階層の前記復号化装置は、
k−1番目の階層の階層秘密鍵S(k−1)をS(k−1)=[[a,a,a,b,…,b],[α,α,α,β,…,βK],[α’,α’,α’,β’,…,βK’]]、暗号文C(k)をC(k)=「C,C,C,C」とし、
k−1番目の階層の階層秘密鍵S(k−1)、暗号文C(k)、自己の識別情報Dを記録する復号化記録部と、
整数γ,γ,γ,δ,δ,δ
Figure 0005134555
を満たさないように、ランダムに選択する復号化ランダム値選択部と、
k番目の階層の階層秘密鍵S(k)を生成する第2階層秘密鍵生成部と、
階層秘密鍵S(k)を用いて暗号文C(k)を平文Mに復号する復号化部
を備え、
前記第2階層秘密鍵生成部は、
(k)を、
Figure 0005134555
のように求める第2復号鍵生成手段と、
(k)を、
Figure 0005134555
のように求める第2引継情報生成手段と、
k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める第2秘密鍵生成手段と
を備え、
前記復号化部は、
,A,Aを階層秘密鍵S(k)のはじめの3つの要素とすると、
暗号文C(k)を
Figure 0005134555
のように平文Mに復号する
ことを特徴とする暗号化システム。 An encryption system including a key generation device, an encryption device, and K-1 decryption devices layered,
p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is the kth , D is identification information for identifying K decoding devices, and D = [D 1 ,..., D K ],
The key generation device includes:
Data g, f, v, h 1 is an element of the group G p, ..., h K, and w, data R g is an element of the group G q, R f, R v , R 1, ..., R K, g q , a key generation recording unit for recording the identification information D,
G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) are calculated, and [G, F, V, H 1 ,..., H K , E] as public keys P;
Integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2
Figure 0005134555
A key generation random value selection unit that randomly selects under a condition that does not satisfy
A first hierarchical secret key generation unit that generates a hierarchical secret key S (1);
With
The first layer private key generation unit
S d (1)
Figure 0005134555
First decryption key generation means to be obtained as follows:
S r (1)
Figure 0005134555
First takeover information generating means for obtaining as follows:
The hierarchical secret key S (1) is changed to S (1) ← [S d (1), S r (1)]
And a first secret key generation means for obtaining
The encryption device is:
An encryption recording unit for recording the identification information D, the public key P, and the plaintext M;
An encryption random value selection unit that randomly selects Z 1 , Z 2 , and Z 3 that are elements of the integer s and the group G q ;
From the plaintext M that is an element of the group G T ^, the ciphertext C (k) for the decryption device of the k-th hierarchy is obtained.
Figure 0005134555
And the required encryption part
The decoding devices in the second and subsequent kth layers are:
The hierarchical secret key S (k−1) of the (k−1) th hierarchy is expressed as S (k−1) = [[a 0 , a 1 , a 2 , b k ,..., b K ], [α 0 , α 1 , Α 2 , β k ,..., Β K ], [α 0 ′, α 1 ′, α 2 ′, β k ′,..., Β K ′]], and the ciphertext C (k) C (k) = “C 1 , C 2 , C 3 , C 4 ”,
a decryption recording unit that records a hierarchical secret key S (k−1), a ciphertext C (k), and identification information D k of the k−1th hierarchy;
Integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , δ 3
Figure 0005134555
A decoding random value selection unit that randomly selects so as not to satisfy
a second hierarchy secret key generation unit for generating a k-th hierarchy secret key S (k);
A decryption unit that decrypts the ciphertext C (k) into plaintext M using the hierarchical secret key S (k),
The second tier secret key generation unit
S d (k)
Figure 0005134555
Second decryption key generation means to be obtained as follows:
S r (k)
Figure 0005134555
Second take- over information generation means for obtaining as follows:
The hierarchical secret key S (k) of the kth hierarchy is expressed as S (k) ← [S d (k), S r (k)]
Second secret key generation means to obtain as follows,
The decoding unit
If A 0 , A 1 and A 2 are the first three elements of the hierarchical secret key S (k),
Ciphertext C (k)
Figure 0005134555
The encryption system characterized by decrypting into plaintext M like this. pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]とし、
あらかじめ鍵生成記録部に、群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録しておき、
公開鍵生成部で、G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する公開鍵生成ステップと、
公開鍵生成部で、整数r,r,s,s,t,t
Figure 0005134555
を満たさない条件で、ランダムに選択する公開鍵生成ステップと、
階層秘密鍵生成部で、階層秘密鍵S(1)を生成する階層秘密鍵生成ステップと、
を有し、
前記階層秘密鍵生成ステップは、
(1)を、
Figure 0005134555
のように求める復号鍵生成サブステップと、
(1)を、
Figure 0005134555
のように求める引継情報生成サブステップと、
階層秘密鍵S(1)を
S(1)←[S(1),S(1)]
のように求める秘密鍵生成サブステップと
を有する
ことを特徴とする鍵生成方法。 p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is the kth , D is identification information for identifying K decoding devices, and D = [D 1 ,..., D K ],
In advance key generation recording unit, data g, f, v, h 1 is an element of the group G p, ..., h K, and w, data R g is an element of the group G q, R f, R v , R 1 ,..., R K , g q and identification information D are recorded,
The public key generation unit calculates G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) , [G, F, V, H 1 ,..., H K , E] as public keys P;
In the public key generation unit, integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2 are converted to
Figure 0005134555
A public key generation step that is randomly selected under a condition not satisfying
A hierarchical secret key generation step of generating a hierarchical secret key S (1) in the hierarchical secret key generation unit;
Have
The hierarchical secret key generation step includes:
S d (1)
Figure 0005134555
A decryption key generation sub-step obtained as follows:
S r (1)
Figure 0005134555
The takeover information generation substep to be obtained as follows:
The hierarchical secret key S (1) is changed to S (1) ← [S d (1), S r (1)]
And a secret key generation sub-step to be obtained as follows. pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]とし、
あらかじめ鍵生成記録部に、群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録しておき、
公開鍵生成部で、G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する公開鍵生成ステップと、
階層秘密鍵生成部で、整数r,r,s,s,t,t
Figure 0005134555
を満たさないように、ランダムに選択する鍵生成ランダム値選択ステップと、
階層秘密鍵生成部で、k番目の階層の階層秘密鍵S(k)を生成する階層秘密鍵生成ステップと、
を有し、
前記階層秘密鍵生成ステップは、
(k)を、
Figure 0005134555
のように求める復号鍵生成サブステップと、
(k)を、
Figure 0005134555
のように求める引継情報生成サブステップと、
k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める秘密鍵生成サブステップと
を有する
ことを特徴とする鍵生成方法。 p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is the kth , D is identification information for identifying K decoding devices, and D = [D 1 ,..., D K ],
In advance key generation recording unit, data g, f, v, h 1 is an element of the group G p, ..., h K, and w, data R g is an element of the group G q, R f, R v , R 1 ,..., R K , g q and identification information D are recorded,
The public key generation unit calculates G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) , [G, F, V, H 1 ,..., H K , E] as public keys P;
In the hierarchical secret key generation unit, integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2
Figure 0005134555
Key generation random value selection step that randomly selects so as not to satisfy
A hierarchical secret key generation step of generating a hierarchical secret key S (k) of the kth hierarchy in the hierarchical secret key generation unit;
Have
The hierarchical secret key generation step includes:
S d (k)
Figure 0005134555
A decryption key generation sub-step obtained as follows:
S r (k)
Figure 0005134555
The takeover information generation substep to be obtained as follows:
The hierarchical secret key S (k) of the kth hierarchy is expressed as S (k) ← [S d (k), S r (k)]
And a secret key generation substep to be obtained as described above. pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数qを持つG^の部分群、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]、公開鍵PをP=[G,F,V,H,…,H,E]とし、
あらかじめ暗号化記録部に、識別情報D、公開鍵P、平文Mを記録しておき、
暗号化ランダム値選択部で、整数sと群Gの要素であるZ,Z,Zをランダムに選択する暗号化ランダム値選択ステップと、
暗号化部で、群G^の要素である平文Mから、k番目の階層の復号化装置用の暗号文C(k)を、
Figure 0005134555
のように求める暗号化ステップと
を有する暗号化方法。 p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G q is a subgroup of G ^ with prime order q, K is an integer indicating the maximum value of the hierarchy, and k is An integer of 1 ≦ k ≦ K indicating a hierarchy, D k is an integer for identifying a decoding device of the k th layer, D is identification information for identifying K decoding devices, and D = [ D 1 ,..., D K ], and the public key P is P = [G, F, V, H 1 ,..., H K , E],
The identification information D, the public key P, and the plaintext M are recorded in advance in the encryption recording unit,
An encryption random value selection step of randomly selecting Z 1 , Z 2 , Z 3 which are elements of the integer s and the group G q in the encryption random value selection unit;
In the encryption unit, from the plaintext M that is an element of the group G T ^, the ciphertext C (k) for the decryption device of the kth hierarchy is obtained.
Figure 0005134555
An encryption method comprising: obtaining an encryption step as follows. 2番目以降の階層の復号化方法であって、
pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す2≦k≦Kの整数、k−1番目の階層の階層秘密鍵S(k−1)をS(k−1)=[[a,a,a,b,…,b],[α,α,α,β,…,βK],[α’,α’,α’,β’,…,βK’]]、暗号文C(k)をC(k)=「C,C,C,C」とし、
あらかじめ復号化記録部に、k−1番目の階層の階層秘密鍵S(k−1)、暗号文C(k)、自己の識別情報Dを記録しておき、
復号化ランダム値選択部で、整数γ,γ,γ,δ,δ,δ
Figure 0005134555
を満たさないように、ランダムに選択する復号化ランダム値選択ステップと、
階層秘密鍵生成部で、k番目の階層の階層秘密鍵S(k)を生成する階層秘密鍵生成ステップと、
復号化部で、階層秘密鍵S(k)を用いて暗号文Cを平文Mに復号する復号化ステップ
を有し、
前記階層秘密鍵生成ステップは、
(k)を、
Figure 0005134555
のように求める復号鍵生成サブステップと、
(k)を、
Figure 0005134555
のように求める引継情報生成サブステップと、
k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める秘密鍵生成サブステップと
を有し、
前記復号化ステップは、
,A,Aを階層秘密鍵S(k)のはじめの3つの要素とすると、
暗号文C(k)を
Figure 0005134555
のように平文Mに復号する
ことを特徴とする復号化方法。 A decoding method for the second and subsequent layers,
p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 2 ≦ k ≦ K indicating the hierarchy, k−1th The hierarchical secret key S (k−1) of the hierarchy is represented by S (k−1) = [[a 0 , a 1 , a 2 , b k ,..., B K ], [α 0 , α 1 , α 2 , β k ,..., β K ], [α 0 ′, α 1 ′, α 2 ′, β k ′,..., β K ′]], and the ciphertext C (k) C (k) = “C 1 , C 2 , C 3 , C 4
In the decryption recording unit, the hierarchical secret key S (k-1) of the (k-1) th hierarchy, the ciphertext C (k), and its own identification information Dk are recorded in advance.
In the decoding random value selection unit, integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , δ 3 are converted to
Figure 0005134555
A decoding random value selection step of randomly selecting so as not to satisfy
A hierarchical secret key generation step of generating a hierarchical secret key S (k) of the kth hierarchy in the hierarchical secret key generation unit;
A decrypting unit for decrypting the ciphertext C into plaintext M using the hierarchical secret key S (k);
The hierarchical secret key generation step includes:
S d (k)
Figure 0005134555
A decryption key generation sub-step obtained as follows:
S r (k)
Figure 0005134555
The takeover information generation substep to be obtained as follows:
The hierarchical secret key S (k) of the kth hierarchy is expressed as S (k) ← [S d (k), S r (k)]
And a secret key generation substep to obtain,
The decoding step includes
If A 0 , A 1 and A 2 are the first three elements of the hierarchical secret key S (k),
Ciphertext C (k)
Figure 0005134555
A decryption method characterized by decrypting into plaintext M as follows. 1番目の階層の復号化方法であって、
pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、暗号文C(k)をC(k)=「C,C,C,C」、A,A,Aを階層秘密鍵S(1)のはじめの3つの要素とし、
あらかじめ復号化記録部に、1番目の階層の階層秘密鍵S(1)、暗号文C(1)を記録しておき、
復号化部で、暗号文C(1)を
Figure 0005134555
のように平文Mに復号する復号化ステップ
を有し、
整数r,r,s,s,t,tを、
Figure 0005134555
を満たさない条件で、ランダムに選択された整数とし、
(1)を、
Figure 0005134555
とし、
(1)を、
Figure 0005134555
とし、
階層秘密鍵S(1)は、
S(1)←[S(1),S(1)]
のように求められたものである
ことを特徴とする復号化方法。 A first layer decoding method,
p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. The subgroup, e is a bilinear map in which e: G ^ × G ^ → G T ^, and the ciphertext C (k) is C (k) = “C 1 , C 2 , C 3 , C 4 ”, A 0 , A 1 , A 2 are the first three elements of the hierarchical secret key S (1),
First, the hierarchical secret key S (1) and ciphertext C (1) of the first hierarchy are recorded in the decryption recording unit,
In the decryption unit, the ciphertext C (1) is
Figure 0005134555
And a decrypting step for decrypting into plaintext M as follows:
Integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2 ,
Figure 0005134555
It is a randomly selected integer under the condition that does not satisfy
S d (1)
Figure 0005134555
age,
S r (1)
Figure 0005134555
age,
The hierarchical secret key S (1) is
S (1) ← [S d (1), S r (1)]
A decoding method characterized in that the decoding method is obtained as follows. 鍵生成装置、暗号化装置、階層化されたK−1個の復号化装置で構成された暗号化方法であって、
pとqは素数位数、G^とG^は位数pqを持つ巡回群、Gは素数位数pを持つG^の部分群、Gは素数位数qを持つG^の部分群、eはe:G^×G^→G^となる双線型写像、Kは階層の最大値を示す整数、kは階層を示す1≦k≦Kの整数、Dはk番目の階層の復号化装置を識別するための整数、DはK個の復号化装置を識別するための識別情報であってD=[D,…,D]とし、
前記鍵生成装置は、
群Gの要素であるデータg,f,v,h,…,h,wと、群Gの要素であるデータR,R,R,R,…,R,gと、識別情報Dを記録しておき、
G=gR、F=fR、V=vR、H=h,…,H=h、E=e(g,w)を計算し、[G,F,V,H,…,H,E]を公開鍵Pとして生成する公開鍵生成ステップと、
整数r,r,s,s,t,t
Figure 0005134555
を満たさない条件で、ランダムに選択する鍵生成ランダム値選択ステップと、
階層秘密鍵S(1)を生成する第1階層秘密鍵生成ステップと、
を有し、
前記第1階層秘密鍵生成ステップは、
(1)を、
Figure 0005134555
のように求める第1復号鍵生成サブステップと、
(1)を、
Figure 0005134555
のように求める第1引継情報生成サブステップと、
階層秘密鍵S(1)を
S(1)←[S(1),S(1)]
のように求める第1秘密鍵生成サブステップと
を有し、
前記暗号化装置は、
識別情報D、公開鍵P、平文Mを記録しておき、
ランダムに整数sと群Gの要素であるZ,Z,Zを選択する暗号化ランダム値選択ステップと、
群G^の要素である平文Mから、k番目の階層の復号化装置用の暗号文C(k)を、
Figure 0005134555
のように求める暗号化ステップと
を有し、
2番目以降のk番目の階層の前記復号化装置は、
k−1番目の階層の階層秘密鍵S(k−1)をS(k−1)=[[a,a,a,b,…,b],[α,α,α,β,…,βK],[α’,α’,α’,β’,…,βK’]]、暗号文C(k)をC(k)=「C,C,C,C」とし、
k−1番目の階層の階層秘密鍵S(k−1)、暗号文C(k)、自己の識別情報Dを記録しておき、
整数γ,γ,γ,δ,δ,δ
Figure 0005134555
を満たさないように、ランダムに選択する復号化ランダム値選択ステップと、
k番目の階層の階層秘密鍵S(k)を生成する第2階層秘密鍵生成ステップと、
階層秘密鍵S(k)を用いて暗号文C(k)を平文Mに復号する復号化ステップ
を有し、
前記第2階層秘密鍵生成ステップは、
(k)を、
Figure 0005134555
のように求める第2復号鍵生成サブステップと、
(k)を、
Figure 0005134555
のように求める第2引継情報生成サブステップと、
k番目の階層の階層秘密鍵S(k)を
S(k)←[S(k),S(k)]
のように求める第2秘密鍵生成サブステップと
を有し、
前記復号化ステップは、
,A,Aを階層秘密鍵S(k)のはじめの3つの要素とすると、
暗号文C(k)を
Figure 0005134555
のように平文Mに復号する
ことを特徴とする暗号化方法。 An encryption method comprising a key generation device, an encryption device, and K-1 decryption devices layered,
p and q are prime orders, G ^ and G T ^ are cyclic groups with order pq, G p is a subgroup of G ^ with prime order p, and G q is G ^ with prime order q. Subgroup, e is a bilinear map e: G ^ × G ^ → G T ^, K is an integer indicating the maximum value of the hierarchy, k is an integer of 1 ≦ k ≦ K indicating the hierarchy, and D k is the kth , D is identification information for identifying K decoding devices, and D = [D 1 ,..., D K ],
The key generation device includes:
Data g, f, v, h 1 is an element of the group G p, ..., h K, and w, data R g is an element of the group G q, R f, R v , R 1, ..., R K, g q and identification information D are recorded,
G = gR g , F = fR f , V = vR v , H 1 = h 1 R 1 ,..., H K = h K R K , E = e (g, w) are calculated, and [G, F, V, H 1 ,..., H K , E] as public keys P,
Integers r 1 , r 2 , s 1 , s 2 , t 1 , t 2
Figure 0005134555
A key generation random value selection step for randomly selecting under a condition not satisfying
A first layer secret key generation step of generating a hierarchical secret key S (1),
Have
The first layer private key generation step includes:
S d (1)
Figure 0005134555
A first decryption key generation substep obtained as follows:
S r (1)
Figure 0005134555
A first takeover information generation sub-step to be obtained as follows:
The hierarchical secret key S (1) is changed to S (1) ← [S d (1), S r (1)]
A first secret key generation substep to be obtained as follows:
The encryption device is:
Record identification information D, public key P, plaintext M,
An encryption random value selection step of randomly selecting Z 1 , Z 2 , Z 3 which are elements of an integer s and a group G q ;
From the plaintext M that is an element of the group G T ^, the ciphertext C (k) for the decryption device of the k-th hierarchy is obtained.
Figure 0005134555
And an encryption step to be obtained as follows,
The decoding devices in the second and subsequent kth layers are:
The hierarchical secret key S (k−1) of the (k−1) th hierarchy is expressed as S (k−1) = [[a 0 , a 1 , a 2 , b k ,..., b K ], [α 0 , α 1 , α 2, β k, ... , β K], [α 0 ', α 1', α 2 ', β k', ..., β K ']], the ciphertext C (k) C (k) = “C 1 , C 2 , C 3 , C 4 ”,
record the hierarchy secret key S (k-1), ciphertext C (k), and self identification information Dk of the (k-1) th hierarchy,
Integers γ 1 , γ 2 , γ 3 , δ 1 , δ 2 , δ 3
Figure 0005134555
A decoding random value selection step of randomly selecting so as not to satisfy
a second hierarchical secret key generation step of generating a k-th hierarchical secret key S (k);
Decrypting the ciphertext C (k) into plaintext M using the hierarchical secret key S (k),
The second hierarchical secret key generation step includes:
S d (k)
Figure 0005134555
A second decryption key generation sub-step obtained as follows:
S r (k)
Figure 0005134555
A second takeover information generation sub-step obtained as follows:
The hierarchical secret key S (k) of the kth hierarchy is expressed as S (k) ← [S d (k), S r (k)]
A second secret key generation sub-step to be obtained as follows:
The decoding step includes
If A 0 , A 1 and A 2 are the first three elements of the hierarchical secret key S (k),
Ciphertext C (k)
Figure 0005134555
An encryption method characterized by decrypting into plaintext M as follows. 請求項1から5のいずれかに記載された装置として、コンピュータを動作させるプログラム。   A program for operating a computer as the apparatus according to claim 1. 請求項13記載のプログラムを記録したコンピュータ読み取り可能な記録媒体。   A computer-readable recording medium on which the program according to claim 13 is recorded.
JP2009001298A 2009-01-07 2009-01-07 Key generation device, encryption device, decryption device, encryption system, key generation method, encryption method, decryption method, program, and recording medium Expired - Fee Related JP5134555B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2009001298A JP5134555B2 (en) 2009-01-07 2009-01-07 Key generation device, encryption device, decryption device, encryption system, key generation method, encryption method, decryption method, program, and recording medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2009001298A JP5134555B2 (en) 2009-01-07 2009-01-07 Key generation device, encryption device, decryption device, encryption system, key generation method, encryption method, decryption method, program, and recording medium

Publications (2)

Publication Number Publication Date
JP2010161523A JP2010161523A (en) 2010-07-22
JP5134555B2 true JP5134555B2 (en) 2013-01-30

Family

ID=42578374

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2009001298A Expired - Fee Related JP5134555B2 (en) 2009-01-07 2009-01-07 Key generation device, encryption device, decryption device, encryption system, key generation method, encryption method, decryption method, program, and recording medium

Country Status (1)

Country Link
JP (1) JP5134555B2 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103329478B (en) * 2011-01-18 2015-11-25 三菱电机株式会社 The cipher processing method of cryptographic system and cryptographic system
CN113824559B (en) * 2021-09-29 2023-05-12 福建师范大学 SM 9-based efficient hierarchical encryption method
CN113852465B (en) * 2021-09-29 2023-05-30 福建师范大学 SM 9-based hierarchical encryption method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7113594B2 (en) * 2001-08-13 2006-09-26 The Board Of Trustees Of The Leland Stanford University Systems and methods for identity-based encryption and related cryptographic techniques
JP4288184B2 (en) * 2004-01-09 2009-07-01 株式会社エヌ・ティ・ティ・ドコモ Key update method, cryptographic system, cryptographic server, terminal device and external device
JP2007189597A (en) * 2006-01-16 2007-07-26 Univ Of Electro-Communications Encryption device, encryption method, decoding device, and decoding method

Also Published As

Publication number Publication date
JP2010161523A (en) 2010-07-22

Similar Documents

Publication Publication Date Title
JP4859933B2 (en) Ciphertext generation apparatus, cryptographic communication system, and group parameter generation apparatus
CN102415047B (en) Encryption processing system
CN103038805B (en) Encryption processing system, key generating device, key transfer the possession of device, encryption device, decryption device, cipher processing method and program
JP5618881B2 (en) Cryptographic processing system, key generation device, encryption device, decryption device, cryptographic processing method, and cryptographic processing program
JP5680007B2 (en) Cryptographic system, cryptographic method and cryptographic program
CN103270719B (en) Encryption processing system, key generating device, encryption device, decryption device, cipher processing method
US9698984B2 (en) Re-encrypted data verification program, re-encryption apparatus and re-encryption system
CN102822883B (en) Encryption processing system, key generation device, key devolvement device, encryption device, decoding device, encryption processing method, and encryption processing program
US9813386B2 (en) Cooperation service providing system and server apparatus
JP5921410B2 (en) Cryptosystem
CN107086912B (en) Ciphertext conversion method, decryption method and system in heterogeneous storage system
CN116112244B (en) Access control method based on blockchain and attribute-based encryption
US20090034716A1 (en) Time apparatus, encryption apparatus, decryption apparatus, and encryption/decryption system
Teli et al. HIBE: hierarchical identity-based encryption
JP5135070B2 (en) Ciphertext decryption authority delegation system
JP5325755B2 (en) Ciphertext decryption authority delegation system, ciphertext decryption authority delegation method, ciphertext conversion apparatus, decryption authority holder apparatus, and ciphertext conversion program
JP5134555B2 (en) Key generation device, encryption device, decryption device, encryption system, key generation method, encryption method, decryption method, program, and recording medium
CN107070900B (en) It can search for re-encryption method based on what is obscured
JP2006227411A (en) Communications system, encryption device, key generator, key generating method, restoration device, communication method, encryption method, and cryptography restoration method
CN103873248B (en) Encryption method and device with certificate based on identity
JP5097102B2 (en) Hierarchical ID-based encryption device and decryption device, method thereof, program, and recording medium
Li et al. An efficient hierarchical identity-based encryption scheme for the key escrow
JP2010272899A (en) Key generating system, key generating method, blind server device, and program
JP7043203B2 (en) Cryptographic device, decryption device, encryption system, encryption method and encryption program
JP4143036B2 (en) Key generation system, key generation server, and key generation method

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20110228

RD03 Notification of appointment of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7423

Effective date: 20110715

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20120911

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20121005

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20121030

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20121109

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20151116

Year of fee payment: 3

R150 Certificate of patent or registration of utility model

Free format text: JAPANESE INTERMEDIATE CODE: R150

Ref document number: 5134555

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

S531 Written request for registration of change of domicile

Free format text: JAPANESE INTERMEDIATE CODE: R313531

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

LAPS Cancellation because of no payment of annual fees