JP6128627B1 - Encrypted information storage system - Google Patents

Abstract

To provide an encrypted information storage system capable of safely storing and retrieving a plurality of pieces of data having different contents and related contents. First storage target data and second storage target data that are related to each other, first encrypted data obtained by encrypting the first storage target data with a first key, and Encrypted information storage system for storing second encrypted data obtained by encrypting second storage target data using a second key, and third encrypted data obtained by further encrypting with the first key The output means performs output of the first storage target data and output of the second storage target data decrypted by the decryption means. [Selection] Figure 8

Description

  The present invention relates to an encrypted information storage system that stores data in an encrypted state.

  There are various services on the Internet, and an individual can be identified and used by a user ID (email address or the like) and a password. It is preferable to change the user ID and password for each service (site) from the viewpoint of security, but it is troublesome to store the user ID and password for each service, and many users use the same combination. There is a present situation.

  In response to such a situation, a service for storing a combination of URL, user ID, password and the like for each site on the Internet is also provided. In such a service, measures are taken such that information on each user stored in the server is encrypted in preparation for unauthorized access from the outside and stored in the server together with the encryption key.

  The measures described above are based on the idea that even if the encryption information is stolen, it is safe if the encryption method and the encryption key are not known. For this reason, the server is sufficiently secured to prevent unauthorized intrusion from the outside, and in the unlikely event that unauthorized access from the inside is permitted, the encryption key may be distributed or the encryption key itself The system is constructed from the viewpoint of how to protect the encryption key by, for example, performing encryption.

  For example, in Patent Document 1, as a method of uploading a file to a network storage system, an input of an encryption key is accepted from a user, and the encryption key itself is encrypted by processing using JavaScript (registered trademark) on a browser. A technique is disclosed in which an encrypted encryption key and an upload target file are transmitted to a server, the file is encrypted on the server, and the encrypted encryption key is stored on a client terminal.

  Patent Document 2 includes a client terminal connected to an intra-organization network, a key management server, and an online service server connected to the client terminal via a public network, and the encryption acquired by the client terminal from the key management server. A technology related to a data protection system is disclosed in which encryption is performed using an encryption script and an encryption key, and encrypted data is transmitted to an online service server.

JP 2011-54028 A JP 2010-72916 A

  It is reasonable to store data that needs to be used as a set, such as the user ID and password for each service or site, as a set of data.

  However, in that case, if the stored data is illegally acquired, both the user ID and the password are leaked, which increases the risk of unauthorized use.

  In addition, depending on the service content, the user ID may be seen by other users in normal use, but the data with different importance levels such as that the password will not be seen by anyone other than the user himself / herself is paired. Often handled.

  Therefore, an object of the present invention is to provide an encrypted information storage system that can safely store and retrieve a plurality of data items of different importance and related contents.

In order to solve the above-described problem, an encrypted information storage system according to the present invention includes:
First storage target data and second storage target data that are related to each other, the first encrypted data obtained by encrypting the first storage target data with a first key, and the second Is an encrypted information storage system for storing the second encrypted data obtained by encrypting the storage target data with the second key as the third encrypted data obtained by further encrypting with the first key. And
An encrypted data storage unit that holds the first encrypted data and the third encrypted data;
Input receiving means for receiving inputs of the first storage target data, the second storage target data, the first key, and the second key;
By generating the first encrypted data by encrypting the first storage target data using the first key and by encrypting the second storage target data using the second key Encryption means for generating the second encrypted data and generating the third encrypted data by encrypting the second encrypted data using the first key; ,
Recording means for recording the first encrypted data and the third encrypted data in the encrypted data storage unit;
Restoring the first data to be stored by decrypting the first encrypted data using the first key and decrypting the third encrypted data using the first key Decryption means for performing the restoration of the second encrypted data by the method and the restoration of the second storage target data by decrypting the second encrypted data using the second key; ,
And an output unit configured to output the first storage target data and the second storage target data.

  In this way, with respect to two related storage target data, one is encrypted with the first key, and the other is configured to perform double encryption with the first and second keys. It is possible to efficiently manage a plurality of data having different importance levels. As a result, for example, for a set of related information such as a user ID and a password for logging in to a website or the like, it is possible to use such that the password is more securely protected than the user ID and stored.

In a preferred embodiment of the present invention, the input receiving means receives input of third storage target data,
The recording means records the third storage target data in the encrypted data storage unit;
The output means outputs the third storage target data.
In this way, by further adding the storage target data to be stored in the plaintext state, it is possible to use such as providing a key hint to prevent the key from being lost.

In a preferred embodiment of the present invention, the encrypted information storage system is configured such that the encrypted information storage server device and the user terminal device can communicate with each other via a network,
The user terminal device includes the encryption unit and the decryption unit.
As described above, by performing encryption / decryption on the user terminal device and not transmitting / receiving the key via the network, the risk of unauthorized acquisition of the key by a third party can be reduced. .

In a preferred embodiment of the present invention, the encryption unit and the decryption unit are realized by a script that operates on the user terminal device,
The output means outputs the contents of the script.
In this way, the encryption / decryption process is performed by a script, and the contents are disclosed to the user, so that the user can obtain the key, the pre-encryption data, and the decrypted data in the encryption / decryption process. It can be confirmed that data is not transmitted / received via the network. As a result, it is ensured that unauthorized information has not been acquired during the encryption / decryption process, and the user can use the encrypted information storage system according to the present invention with peace of mind.

In a preferred embodiment of the present invention, the first storage target data is hint information reminiscent of the second storage target data.
By adopting such a configuration, if the second storage target data can be recalled based on the contents at the time when the user refers to the first storage target data, the data is more strongly encrypted and stored. In other words, the user can obtain necessary information without decrypting or displaying the second storage target data that is more important data. Therefore, it is possible to reduce the risk of information leakage when displaying the storage target data.

In a preferred aspect of the present invention, the first storage target data is hint information reminiscent of the second key.
Thus, by using the first storage target data as hint information of the second key used for decrypting the second storage target data, the key is lost while using the first and second plurality of keys. Risk can be reduced.

The data retrieval method according to the present invention includes:
The first storage target data and the second storage target data that are related to each other, the first encrypted data obtained by encrypting the first storage target data using a first key; Encrypted information storage for storing second encrypted data obtained by encrypting second storage target data using a second key, and third encrypted data obtained by encrypting the second encrypted data using the first key. A method for retrieving data to be stored from a system,
A first input receiving step for receiving an input of the first key;
A first decryption step of decrypting the first encrypted data using the first key and restoring the first storage target data;
A first output step of outputting the first storage target data;
A second input receiving step for receiving an input of the second key;
A second decryption step of decrypting the third encrypted data using the first key and restoring the second encrypted data;
A third decryption step of decrypting the second encrypted data using the second key and restoring the second storage target data;
And a second output step for outputting the second storage target data.

In a preferred form of the data retrieval method according to the present invention, the encrypted information storage system further stores third storage target data,
A third output step of outputting the third storage target data is provided.

In a preferred form of the data retrieval method according to the present invention, the encrypted information storage system is configured such that the encrypted information storage server device and the user terminal device can communicate with each other via a network,
The first decoding step, the first decoding step, the second decoding step, the third decoding step, and the second output step are performed by the user terminal device. It is characterized by performing.

  It is possible to provide an encrypted information storage system capable of safely storing and retrieving a plurality of pieces of data having different importance and related contents.

It is a block diagram of the encryption information storage system which concerns on one Embodiment of this invention. It is a functional block diagram of the encryption information storage system which concerns on one Embodiment of this invention. It is a figure which shows the structure of the encryption HTML file which concerns on one Embodiment of this invention. It is a figure which shows the structure of each part of the encryption HTML file which concerns on one Embodiment of this invention. It is a flowchart which shows the encryption process in one Embodiment of this invention. It is a figure which shows the structure of the decoding HTML file which concerns on one Embodiment of this invention. It is a figure which shows the structure of each part of the decoding HTML file which concerns on one Embodiment of this invention. It is a flowchart which shows the decoding process in one Embodiment of this invention. It is a figure which shows the structure of the key / data update HTML file which concerns on one Embodiment of this invention. It is a figure which shows the structure of each part of the key / data update HTML file which concerns on one Embodiment of this invention. It is a flowchart which shows the encryption key / data update process in one Embodiment of this invention. It is a figure which shows the storage object data in Example 1. FIG. 6 is a diagram illustrating a display example of an input form of an encrypted HTML file in Embodiment 1. FIG. It is a figure which shows the example of a display of the input form of the decoding HTML file in Example 1. FIG. It is a figure which shows the example of a display of the storage object data display area | region of the decoding HTML file in Example 1. FIG. It is a figure which shows the storage object data in Example 2. FIG. It is a figure which shows the example of a display of the input form of the decoding HTML file in Example 2. FIG. It is a figure which shows the example of a display of the storage object data display area | region of the decoding HTML file in Example 2. FIG. FIG. 10 is a diagram illustrating an example of a screen display in the third embodiment. FIG. 10 is a diagram illustrating an example of a screen display in the third embodiment. FIG. 10 is a diagram illustrating an example of display of a random number table in the third embodiment. It is a figure which shows typically the level of encryption of the storage object data in one Embodiment of this invention. It is a figure which shows the example of the storage object data in one Embodiment of this invention. It is a figure which shows the example of the storage object data in one Embodiment of this invention. It is a figure which shows the example of the storage object data in one Embodiment of this invention. It is a figure which shows the example of the storage object data in one Embodiment of this invention.

(One embodiment)
Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings. FIG. 1 is a configuration diagram of an encrypted information storage system according to the present embodiment.

  As shown in FIG. 1, the encrypted information storage system according to the present embodiment is configured such that an encrypted information storage server device 1 and a plurality of user terminal devices 2 can communicate via a network 3. As the network 3, the Internet, a LAN (Local Area Network), or the like can be used.

  FIG. 2 is a functional block diagram of the encrypted information storage system according to the present embodiment. The encrypted information storage server device 1 includes an encrypted data storage unit 101 that stores encrypted data that a user desires to store using an encrypted information storage system, and an encrypted HTML (Hyper for encryption). (Text Markup Language) file for transmitting the encrypted HTML file 102 to the user terminal device 2 and the encrypted data transmitted by the encrypted HTML file from the user terminal device 2 and receiving the encrypted data storage unit 101 The encrypted data recording means 103 for recording the encrypted data, the identification information generating means 104 for generating the identification information of the encrypted data when the encrypted data recording means 103 records the encrypted data, and the encrypted data Encrypted data search means 105 for retrieving encrypted data from the data storage unit 101, and encrypted data Generates a decrypted HTML file for decryption and transmits it to the user terminal device 2 and generates a key / data update HTML file for updating the key and / or storage target data. The key / data update HTML generation means 107 for transmission to the user terminal device 2, the authentication information storage unit 108 for storing user authentication information, the transmission of the authentication HTML file to the user terminal device 2, the user User authentication means 109 for receiving authentication information from the terminal device 2, collating the authentication information received from the user terminal device 2 with the information held in the authentication information storage unit 108, and the encryption included in the encrypted HTML file To explain the encryption / decryption algorithm using the decryption script included in the script or decryption HTML file It includes an algorithm description providing means 110 for providing an algorithm description HTML, and script description providing means 111 for providing a script description HTML for performing commentary encryption script and decryption script, the.

  The user terminal device 2 is an HTML file such as an encrypted HTML file, a decrypted HTML file, a key / data update HTML file, an authentication HTML file, an algorithm description HTML, or a script description HTML transmitted from the encrypted information storage server device 1. HTML receiving means 21 for receiving the data, input receiving means 22 for accepting input of data to be stored, a key, etc. from the user, an encryption script included in the encrypted HTML file, a decryption script included in the decrypted HTML file, Script execution means 23 for executing the key / data update script included in the key / data update HTML file, encrypted data transmission means 24 for transmitting the encrypted data to the encrypted information storage server device 1, and decryption The data to be stored Comprising a tube target data display unit 25.

  The encrypted information storage server device 1 includes various input / output devices including a computing device (CPU), a main storage device (RAM), an auxiliary storage device such as an HDD, an SSD, a flash memory, and a connection means to the network 3. It can implement | achieve by a general purpose server apparatus provided with these. Also, a configuration may be adopted in which a plurality of server devices are operated in a coordinated manner, such as providing the encrypted data storage unit 101 and the authentication information storage unit 108 in different server devices.

  Further, the user terminal device 2 includes an arithmetic device (CPU), a main storage device (RAM), an auxiliary storage device such as an HDD, an SSD, and a flash memory, and various input / output devices including a connection means to the network 3. Various computer devices such as a personal computer, a smartphone terminal, and a mobile phone can be used.

  In this embodiment, reception of the HTML file from the encrypted information storage server device 1 and transmission of data to be stored are performed by HTTP (Hyper Text Transfer Protocol), and JavaScript (decryption script) is used for the encryption script and the decryption script. (Registered trademark) is used, but the format of the file or script is not limited to this. However, by using an HTML file and JavaScript (registered trademark) in this way, the encryption information storage system according to the present embodiment can be used without introducing a special program or the like by many computer devices having a general web browser. Can be used. Furthermore, communication can be performed more safely by using HTTPS (Hypertext Transfer Protocol Secure) instead of HTTP for data transmission / reception.

  In addition, JavaScript (registered trademark) can be included in an HTML file in a state in which the user can confirm the processing contents when intentionally not obfuscating. As a result, if the user has the knowledge to understand the contents of the script, it becomes an open state in which the contents of the encryption and decryption processing can be grasped, so that the encrypted information storage system can be used with confidence.

  JavaScript may be directly described in the header or body of the HTML file, or a part or all of the JavaScript for encryption or decryption is provided as a JavaScript file, and the HTML file header is provided. A description may be made such that a JavaScript is included in an HTML file for encryption or decryption by describing a link to the JavaScript file.

  When using the encryption information storage system according to the present embodiment, the user ID and password are registered in advance, and the user authentication using the authentication information storage unit 108 and the user authentication unit 109 described above is performed by the user. It is preferable to obtain the above. Or it is good also as a structure which identifies a user by the method of using the identification information of the user terminal device 2, etc.

<Encrypted HTML file>
FIG. 3 is a diagram showing a configuration of the encrypted HTML file H1 according to the present embodiment. As shown in FIG. 3, the encrypted HTML file H <b> 1 is encrypted by the encryption script F <b> 11 executed by the script execution unit 23, the input form F <b> 12 that receives input from the user by the input reception unit 22, and the user terminal device 2. The transmission form F13 for transmitting the storage target data to the encrypted information storage server device 1 and the encrypted script display area L14 for displaying the encrypted script so as to be viewable to the user.

  The encryption script F11 includes a data encryption script F111 that encrypts part or all of the storage target data, and a data transmission script F112 that transmits the transmission form F13 to the encrypted information storage server device 1. The data encryption script F111 can be a script that performs encryption of an arbitrary method such as encryption using AES (Advanced Encryption Standard). The data transmission script F112 may be omitted, and the storage target data may be transmitted only by the function of the web browser of the user terminal device 2.

  The input form F12 includes a key input area I121 for receiving a key input used when encrypting the storage target data, a storage target data input area I122 for receiving input of the storage target data, a key, and storage target data. Is sent, and a transmission button B123 for receiving an instruction to execute the encryption script F11 is provided.

  FIG. 4A shows the configuration of the key input area I121. As shown here, the key input area I121 has two key input areas, a first key input area I121a and a second key input area I121b. Also, a first key hint information input area I121c for receiving input of first key hint information, and a second key plaintext hint information input area I121d for receiving input of information to be stored in a plaintext state as second key hint information Similarly, the second key hint information includes a second key encryption hint information input area I121e that accepts input of information to be stored in a state where the encryption process using the first key is performed.

  FIG. 4B is a diagram showing the configuration of the storage target data input area I122. As shown here, the storage target data input area I122 includes a level 0 data input area I122a that accepts input of data to be stored as level 0 data (third storage target data), and level 1 data (first storage target). Level 1 data input area I122b for receiving input of data to be stored as (data), and level 2 data input area I122c for receiving input of data to be stored as level 2 data (second storage target data).

  Here, each of level 0 to level 2 indicates a data storage method on the encrypted data storage unit 101. FIG. 22 schematically shows the handling of each data of level 0 to level 2 in the encrypted information storage system according to the present embodiment. As shown here, in the present embodiment, level 0 data is not encrypted and is in a plain text state, and level 1 data is encrypted once with the first key to be encrypted level 1 data. The level 2 data is further encrypted with the first key after being encrypted with the second key, and the encrypted information management server apparatus 1 in a state where the encrypted level 2 data has been double-encrypted. And is recorded in the encrypted data storage unit 101.

  An example of data to be stored that is handled in this embodiment is shown in FIG. This is because when the login information of the site is stored by the encrypted information storage system according to the present embodiment, the login page URL is used as level 0 data, the user ID used for login as level 1 data, and login as level 2 data. This is an example of storing the password used for. As described above, the encrypted information management system according to the present embodiment can be used such that the level of each piece of data is set according to the importance.

  FIG. 24 shows another example of using the level setting of the storage target data. FIG. 24A shows “A *” that clarifies only the first character as level 0 data when a character string that the user actually needs to store, for example, a password is a character string “ABC123”. Use for storing the character string "******", the character string "ABC ***" that clarifies the alphabet part as level 1 data, and the character string "ABC123" that clarifies the full text as level 2 data An example is given. In this way, the character string to be actually stored is set as the highest level level 2 data, and the data with a part of the character string is set as the level 1 data and level 0 data, respectively. Or level 1 data can be used as hint information for remembering level 2 data. Thus, for example, if the user can remember the character string using the level 0 data or the level 1 data as a clue at the stage of referring to the level 0 data, there is no need to perform the subsequent decoding process. Therefore, when handling an important character string such as a password, it is possible to reduce the risk of peeping from the surroundings by displaying all the character strings on the user terminal device 2.

  In addition, when the level 0 data or the level 1 data is used as hint information for the user to remember the level 2 data as described above, a character string in which a part of the level 2 data is made into a hidden character as described above is used. Other than setting to data and level 1 data, a character string that is not a part of level 2 data but is reminiscent of level 2 data is used as level 2 data hint information as level 0 data. It is also possible to use data or level 1 data. FIG. 24B shows an example in which such use is performed.

  In the present embodiment, an example is shown in which three data of levels 0 to 2 are handled as a set, but the present invention is not limited to this. For example, for a set including more data, a configuration is set to further set information on which level each data included in the set is to be handled. It is good also as a structure which can be handled by another level setting. For example, when storing the login information of the site as exemplified in FIG. 23 as a set, as shown in FIG. 25, the URL of the login page is set as level 0 data (1), and the hint of the user ID used for the login of the site is shown. The information is level 0 data (2), the user ID itself is level 1 data (2), the first hint information of the password used for site login is level 0 data (3), and the second password A large number of sets of data are stored at different encryption levels, such as handling hint information as level 1 data (3), password itself as level 2 data (3), and so on. It is good also as a form to do.

  Alternatively, the first key hint information input area I121c, the second key plaintext hint information I121d, and the second key encryption hint information input area I121e are omitted, and the first key hint information as level 0 data and the first key hint information as level 1 data are omitted. 2 It is good also as a structure which handles encryption hint information. FIG. 26 shows an example in which such data is handled as each of level 0 to level 2 data. Here, when the first key is a character string “DEF456” and the second key is a character string “GHI789”, the level 0 data is “D ** 4 **” with a part of the first key as a letter. A character string as level 1 data, a character string “GH *** 9” with a part of the second key as an abbreviated character, and a character string “ABC123” actually stored as level 2 data This is an example of setting. With this configuration, the user first refers to the hint of the first key as level 0 data, inputs it, and then refers to the hint of the second key as level 1 data decrypted thereby. Two keys are input, and finally, level 2 data decrypted by the first key and the second key can be obtained. Thereby, since the user can input while obtaining the hint of the key, the risk of loss of the key can be reduced.

  Note that the storage target data in the present embodiment handles text information such as user IDs and passwords in various services, but the encryption processing by the encryption script F11 and the user terminal device 2 and the encrypted information storage server device. As long as the data capacity does not cause a problem in communication with the mobile phone 1, an arbitrary binary file such as image information may be handled.

  The transmission form F13 includes transmission destination URI information F131 which is URI (Uniform Resource Identifier) information indicating the encrypted data recording means 103 which is a transmission destination, user ID information F132 for identifying the user, and storage target data input And encrypted data F133 obtained by encrypting a part or all of the storage target data input to the area I122 by the data encryption script F111.

  Alternatively, the transmission form F13 does not exist when the encrypted HTML file H1 is received by the HTML receiving unit 21, and the transmission form F13 may be generated when the data transmission script F112 is executed.

  FIG. 4C is a diagram showing a configuration of the encrypted data F133. As shown here, encrypted data F133 includes level 0 data F133a, encrypted level 1 data F133b obtained by encrypting level 1 data using the first key, and level 2 data encrypted using the second key. Thereafter, the encrypted level 2 data F133c encrypted with the first key, the first key hint information F133d, the second key plaintext hint information F133e, and the second key encryption hint information are encrypted with the first key. Second key plaintext hint information F133f.

  The encryption script display area L14 is an area for displaying the data encryption script F111 and the data transmission script F112. In the present embodiment, as described above, since JavaScript is used for the encryption script or the like, the user can confirm the processing contents by displaying the script for actually encrypting or transmitting the data. . Thereby, the user can confirm that the encryption is reliably performed and that the key and the data before the encryption are not illegally transmitted.

  The configuration of the encrypted HTML file H1 shown in FIG. 3 is merely an example, and the configuration may be changed, for example, by including other forms (not shown). However, the input form F12 that holds the storage target data and the encryption key in plain text and the transmission form F13 for transmitting the encrypted storage target data to the encrypted information storage server device 1 are separated. Is preferred.

  Alternatively, the input form F12 and the transmission form F13 are configured as a single form by including the encrypted data F133, user ID information, etc. of the transmission form F13 in the input form F12, and the encrypted information storage server device When transmitting encrypted data to 1, the storage target data and the encryption key are prevented from being transmitted in a plain text state by a method such as deleting the storage target data and the encryption key from the form by the data transmission script F112. It is good also as a simple structure.

  Further, the input form F12 is simply referred to as “form” for the sake of convenience. If it can be referred to from the data encryption script F111, the “form” in the specification of the HTML file, which is always specified by the FORM tag. Need not be. However, the transmission form F13 is preferably a “form” in the specification of the HTML file that is defined by the FORM tag and uses the transmission destination URI information F131 as the data transmission destination. With this configuration, data can be transmitted in a simple form using the POST method and the GET method, so that the system can be opened to the user.

<Encryption processing>
FIG. 5 is a flowchart showing data encryption processing by the encryption information storage system according to the present embodiment. In the encryption process, first, request information of the encrypted HTML file H1 is transmitted from the user terminal device 2 in step S101. This is because, for example, the web browser is operated by a user clicking on a hyperlink from a top page or a menu screen provided by the encrypted information storage server device 1 or another web server device (not shown). Generates and sends request information.

  When the encrypted information storage server device 1 receives the request information in step S102, the process proceeds to step S103, and the encrypted HTML file H1 is transmitted to the user terminal device 2.

  Then, the user terminal device 2 receives the encrypted HTML file H1 in step S104, and in step S105, an input screen is displayed by the web browser, and each of the data of level 0 to the input form F12, first, The input of the second key is accepted.

  When a key is input, a display using an arbitrary symbol such as “*” or “●” is displayed on the screen of the user terminal device 2 instead of the actually input character string. Is preferred. Thereby, it is possible to reduce a risk that the key is known to a person other than the user when setting the key. In addition, when a key is entered, the user is prompted twice to enter the same content, so that even if the key character string cannot be confirmed on the screen as described above, an input error may occur. It is possible to reduce the risk that a key unintended by the user is set.

  In addition, it is preferable that the key for receiving the input here is individual for each set of storage target data. By doing so, even if the key of a certain storage target data set is leaked to a third party, the confidentiality of the other storage target data can be maintained, so it is more secure according to this embodiment. An encrypted information storage system can be used.

  When the transmission button B123 is pressed by the user, the process proceeds to step S106, and the level 1 and 2 data input to the storage target data input area I122 using the data encryption script F111 is input to the key input area I121. The encryption process using the first and second keys is executed. Here, in more detail, generation of encrypted level 1 data by encryption of level 1 data using the first key, encryption of level 2 data using the second key, and further adding the first key Generation of encrypted level 2 data by encryption using the first key encryption, and generation of second key encrypted hint information by encryption of the second key encryption hint information using the first key.

  In step S107, the data transmission script F112 receives the level 0 data, the first key hint information, the second key plaintext hint information received in step S105, and the encrypted data that has been encrypted in step S106. Necessary information such as level 1 data, encrypted level 2 data, and second key encrypted hint information is set in the transmission form F13, and transmission to the encrypted information storage server device 1 is performed as encrypted data. Do.

  The encrypted data transmission process here is preferably performed by the POST method or the GET method as described above.

  When the encrypted information storage server device 1 receives the encrypted data in step S108, the encrypted data recording unit 103 executes a recording process in the encrypted data storage unit 101. At this time, identification information is generated by the identification information generation unit 104 and stored in association with the encrypted data. This completes the data encryption process.

  In this way, level 1 and level 2 data can be encrypted and recorded in the encrypted information storage server device 1 together with unencrypted level 0 data and the like. Here, the encryption process in step S106 is performed on the user terminal device 2, and the encrypted storage target data is transmitted to the encrypted information storage server device 1, that is, the encryption input in the input form F12 The previous storage target data and the encryption key itself are not transmitted to the encrypted information storage server device. This eliminates the risk that data to be stored and its encryption key are illegally obtained by a third party on the network 3, or that the encrypted information storage server device 1 is attacked and the information is leaked. can do.

<Decrypted HTML file>
FIG. 6 is a diagram showing a configuration of the decrypted HTML file H2 according to the present embodiment. As shown in FIG. 6, the decrypted HTML file H2 includes a decryption script F21 executed by the script execution means 23, an encrypted data storage form F22 for storing encrypted data to be decrypted. The input receiving unit 22 has an input form F23 for receiving input from the user, and a display form F24 for displaying data decrypted by the decryption script F21.

  The decryption script F21 includes a data decryption script F211 for decrypting data included in the encrypted data storage form F22. This is configured such that data that has been encrypted by the data encryption script F111 can be decrypted using a key. In the present embodiment, the data encryption script F111 performs common key encryption, and the encryption key used in the data encryption script F111 and the decryption key used in the data decryption script F211 are the same key. Although shown, the present invention is not limited to this. For example, if encryption such as a public key method is performed, the encryption key and the decryption key are different.

  The encrypted data storage form F22 has an encrypted data storage area H221 in which encrypted data set by the encrypted information storage server device 1 is stored. It is sufficient that the encrypted data storage area H221 is configured so that the stored encrypted data can be acquired by the decryption script F21, and when the decrypted HTML file H2 is displayed by the web browser. It may be made invisible.

  FIG. 7A shows the configuration of the encrypted data storage area H221. Level 0 data H221a in plaintext state, encrypted level 1 data H221b encrypted with the first key, and encrypted level 2 data H221c encrypted with the first key after encryption with the second key , Plaintext state first key hint information H221d, plaintext state second key plaintext hint information H221e, and second key encrypted hint information H221f encrypted with the first key.

  FIG. 7B is a diagram showing the configuration of the input form F23. As shown here, the input form F23 includes a key input area I231, a decryption button B232, a first key hint information display button B233a for instructing display of first key hint information, and display of second key hint information. A second key hint information display button B233b for instructing, a first key hint information display area L234a for displaying the first key hint information, a second key plaintext hint information, and a second key encryption hint information. A second key hint information display area L234b. Furthermore, the key input area I231 includes a first key input area I231a that receives input of the first key and a second key input area I231b that receives input of the second key.

  The display form F24 includes a storage target data display area L241 for displaying the result of the decryption process by the decryption script F21 on the encrypted data stored in the encrypted data storage form F22.

  FIG. 7C is a diagram showing the configuration of the storage target data display area L241. As shown here, the storage target data display area L241 includes a level 0 data display area L241a for displaying level 0 data, a level 1 data display area L241b for displaying decrypted level 1 data, and a decrypted level 2 A level 2 data display area L241c for displaying data.

  The decryption script display area L25 is an area for displaying the contents of the data decryption script F211 as with the encryption script display area L14 in the encrypted HTML file H1.

  Although the encrypted data storage form F22, the input form F23, and the display form F24 are shown as independent forms here, the encrypted data storage form F22 and the input form F23 are shown. Of course, any configuration may be used, such as a single form, or an encrypted data storage form F22 and a display form F24 as a single form.

  Also, the encrypted data storage form F22 and the input form F23 here do not need to be “forms” in the specification of the HTML file as in the input form F12 in the encrypted HTML file H1, and data decryption is performed. What is necessary is just to be comprised as an element which can be referred from script F211.

<Decryption process>
FIG. 8 is a flowchart showing the decryption processing of the encrypted data by the encryption information storage system according to this embodiment. In the decryption process, first, request information of the decrypted HTML file H2 is transmitted from the user terminal device 2 in step S201. For example, the web browser generates and transmits request information by an operation such as a user clicking a hyperlink from a menu screen or the like by the web browser. The request information of the decrypted HTML file H2 includes identification information of encrypted data to be decrypted.

  When the encrypted information storage server device 1 receives the request information in step S202, the process proceeds to step S203, and a decrypted HTML file H2 including the encrypted data to be decrypted is generated. More specifically, the encrypted data specified by the identification information included in the request information from the user terminal device 2 is acquired from the encrypted data storage unit 101 by the encrypted data search unit 105 and encrypted. To the completed data storage form F22.

  In step S204, the decrypted HTML file H2 generated in step S203 is transmitted to the user terminal device 2.

  Then, the user terminal device 2 receives the decrypted HTML file H2 in step S205, and in step S206, the level 0 data, the first key hint information, and the second key plain text hint information included in the decrypted HTML file in a plain text state. Is displayed. The first key hint information and the second key plaintext hint information may be displayed when the first hint information display button B233b and the second key hint information display button B233b are pressed, respectively. .

  In subsequent step S207, the input of the first key is received from the user. Here, the user can input the first key using the first key hint information displayed in step S206 as a clue.

  When the decryption button B232 is pressed by the user after inputting the first key, the process proceeds to step S208, and decryption processing of the encrypted level 1 data using the first key using the data decryption script F211; Decrypt the second key encrypted hint information by the first key.

  In step S209, the level 1 data obtained from the result of the decryption process and the second key encryption hint information are displayed. In step S210, the input of the second key is accepted. Here, the user can input the second key based on the second key plaintext hint information displayed in step S206 and the second key encryption hint information displayed in step S209. The display of the second key encryption hint information in step S209 may be configured to be performed when the second key hint information display button B233b is pressed. In the present embodiment, the second key hint information display button B233b and the second key hint information display area L234b are used in common for displaying the second key plaintext hint information and the second key encryption hint information. Although the configuration is shown, a configuration may be adopted in which buttons for displaying instructions and display areas are individually provided.

  Thereafter, in step S211, decryption processing of the encrypted level 2 data with the second key is performed using the data decryption script F211. The resulting level 2 data is displayed in step S212 and encrypted. The decryption process of the digitized data ends.

  If an invalid key is input in step S207 or S210, an arbitrary exception process is performed such as detecting the failure of the decryption process in steps S208 and S211 and notifying the user of the failure of the decryption process. It is preferable.

  In this way, encrypted data can be obtained from the encrypted information storage server device 1 and decrypted on the user terminal device 2. Here, the decryption process in step S207 is performed on the user terminal device 2, and the key is not transmitted to the encrypted information storage server device 1. It is possible to eliminate the risk that the decrypted storage target data is illegally obtained, or that the encrypted information storage server device 1 is attacked and the information is leaked.

<Encryption key / data update HTML>
FIG. 9 is a diagram showing a configuration of the key / data update HTML file H3 according to the present embodiment. As shown in FIG. 9, the key / data update HTML file H3 includes a key / data update script F31 executed by the script execution unit 23 and a cipher that stores encrypted data to be updated with the key and / or data. A data storage form F32, an input form F33 for receiving input from the user by the input receiving means 22, and a transmission form F34 for transmitting storage target data from the user terminal device 2 to the encrypted information storage server device 1. Have.

  The key / data update script F31 includes a data decryption script F311 for decrypting data stored in the encrypted data storage form F32, and a data encryption script F312 for encrypting part or all of the storage target data. And a data transmission script F313 for transmitting the transmission form F34 to the encrypted information storage server device 1. The data transmission script F313 may be omitted, and the storage target data may be transmitted only by the function of the web web browser of the user terminal device 2.

  The data decryption script F311 is the data decryption script F211 in the decryption HTML file H2, the data encryption script F312 and the data transmission script F313 are the data encryption script F111 and the data transmission script F112 in the encrypted HTML file H1. And the same script can be used for each.

  The encrypted data storage form F32 has an encrypted data storage area H321 in which encrypted data set by the encrypted information storage server device 1 is stored. The encrypted data storage area H321 only needs to be configured so that the stored encrypted data can be acquired by the data decryption script F311, and the encryption key / data update HTML file H3 displayed by the web browser is displayed. In this case, it may be made invisible. Further, the encrypted data storage area H321 has the same configuration as the encrypted data storage area H221 of the decrypted HTML file H2 shown in FIG.

  FIG. 10A shows the configuration of the input form F33. As shown here, the input form F33 includes a key input area I331, a decryption button B332 for accepting an instruction to execute the data decryption script F311 after the decryption key is input, and an encryption of the encrypted data storage form F32. Decrypted data display / data change input area for receiving input of storage target data after change when displaying the result of the decryption processing by the data decryption script F311 and changing the storage target data I333, a first key hint information display button B335a for instructing display of the first key hint information, a second key plaintext hint information display button B335b for instructing display of the second key plaintext hint information, and the second key encryption A second key encryption hint information display button B335c for instructing display of hint information; A first key hint information display / update input area L336a for receiving display and change input, and a second key plaintext hint information display / update input area L336b for displaying second key plaintext hint information and receiving change input. And a second key encryption hint information display / update input area L336c for displaying the second key encryption hint information and receiving a change input. Further, the key input area I331 includes a first key input area I331a that receives an input of a first key and a second key input area I331b that receives an input of a second key.

  FIG. 10B is a diagram showing a more detailed configuration of the storage target data display / change input receiving area I333. As shown here, the storage target data display / change input area I333 includes a level 0 data display / change input area I333a for receiving level 0 data display and change input, and a level 1 data display / change input. Level 1 data display / change input area I333b, and level 2 data display / change input area I333c for receiving level 2 data display and change input.

  The transmission form F34 includes transmission destination URI information F341 which is URI information indicating the encrypted data recording means 103 which is a transmission destination, user ID information F342 for identifying the user, and decrypted data display / data change input. Encrypted data F343 obtained by encrypting part or all of the storage target data input to the area I333 by the data encryption script F312 and encrypted data identification information F344 for uniquely identifying the encrypted data And comprising. The encrypted data identification information F344 is acquired from the encrypted data storage unit 101 when the key / data update HTML generation unit 107 generates the key / data update HTML file H3 by the key / data update HTML generation unit 107, and Set in the transmission form F34 in advance, or include it in the encrypted data storage area H221 when generating the key / data update HTML file H3, and set it in the transmission form F34 when executing the data transmission script F313. What is necessary is just to set it as the structure set at the time.

  The encryption / decryption script display area L35 is similar to the encryption script display area L14 in the encrypted HTML file H1 and the decryption script display area L25 in the decrypted HTML file H2, and the data decryption script F311 and the data encryption script F312. This is an area for displaying the contents of the data transmission script F313.

  Similarly to the transmission form F13 in the encrypted HTML file H1, the transmission form F34 does not exist when the encryption key / data update HTML file H3 is received by the HTML receiving means 21, and is generated when the data transmission script F313 is executed. It is good also as a simple structure.

  The configuration of the key / data update HTML file H3 shown in FIG. 9 is merely an example, and the configuration may be changed by including other forms (not shown). However, the input form F33 for storing the storage target data and the key in plain text and the transmission form F34 for transmitting the encrypted storage target data to the encrypted information storage server device 1 may be separated. preferable. Alternatively, when the input form F33 and the transmission form F34 are made into a single form and the encrypted data is transmitted to the encrypted information storage server device 1, the storage target data and the encryption key are deleted from the form. The storage target data and the encryption key may be configured to avoid transmission in a plain text state.

  The encrypted data storage form F32 and the input form F33 here do not have to be “forms” in the specification of the HTML file, like the input form F12 in the encrypted HTML file H1, but the transmission form F34 is preferably a “form” in the HTML file specification that is defined by the FORM tag and can be transmitted by the POST method or the GET method, like the transmission form F13 in the encrypted HTML file H1.

<Key / data update processing>
FIG. 11 is a flowchart showing a key and / or storage target data update process by the encryption information storage system according to the present embodiment. In the update process of the key and / or storage target data, first, the request information of the key / data update HTML file H3 is transmitted from the user terminal device 2 in step S301. This is because, for example, the web browser is operated by a user clicking on a hyperlink from a top page or a menu screen provided by the encrypted information storage server device 1 or another web server device (not shown). Generates and sends request information. The request information of the encryption key / data update HTML file H3 here includes the encryption key and / or the identification information of the encrypted data to be updated of the storage target data.

  When the encrypted information storage server device 1 receives the request information in step S302, the process proceeds to step S303, and a key / data update HTML file H3 including encrypted data to be updated of the key and / or storage target data is generated. . More specifically, the encrypted data specified by the identification information included in the request information from the user terminal device 2 is acquired from the encrypted data storage unit 101 by the encrypted data search unit 105 and encrypted. To the completed data storage form F32.

  In step S304, the key / data update HTML file H3 generated in step S303 is transmitted to the user terminal device 2.

  In step S305, the user terminal device 2 receives the key / data update HTML file H3. In step S306, the user terminal device 2 displays an input screen by the web browser and accepts input of the decryption key to the key input area I331.

  When the decryption button B332 is pressed by the user, the process proceeds to step S307, where the encrypted data stored in the encrypted data storage area H321 is decrypted using the data decryption script F311, and step S308 is performed. Thus, the data obtained as a result of the decryption process is displayed in the storage target data display / data change input area I333.

  In subsequent step S309, the input of the key change to the key input area I331 and the input of the change of the storage target data to the storage target data display / data change input area I333 are received from the user. Here, since the storage target data is displayed in the storage target data display / data change input area I333 in step S308, the user can make changes.

  When the transmission button B334 is pressed by the user, the process proceeds to step S310, and the data to be stored in the storage target data display / data change input area I333 using the data encryption script F312 is held in the key input area I331. Performs encryption processing using a key.

  In step S311, the data transmission script F313 sets necessary information such as the encrypted data encrypted in step S310 in the transmission form F34, and the encryption to the encrypted information storage server device 1 is performed. Transmit identification data and data to be stored.

  When the encrypted information storage server device 1 receives the encrypted data in step S312, the encrypted data recording unit 103 records the encrypted data in the encrypted data storage unit 101, that is, the encryption key and / or the storage target data. The update is executed and the update process ends.

  The key input area I331 serves as both the key input area set before the change and the key input area set after the change. These input areas are provided separately, and the key input area is set in step S309. If there is no input by the user in the input area, the encryption process using the key used for the decryption process is performed in step S310, and if the key is input in step S309, it is used in step S310. It is also possible to adopt a configuration for performing the encryption processing, that is, the key update.

  As described above, in step S307, the encrypted data is decrypted on the user terminal device 2, and if necessary, the key and / or storage target data is changed in step S309. By re-encrypting on the device 2, the key and the data to be stored can be updated safely without transmitting / receiving the key before and after the change, the level 1 data in the plaintext state, and the level 2 data via the network 3. Can do. Then, by periodically updating the key using the key / data update HTML file H3, the user can manage the storage target data more safely.

  As described above, in the encrypted information storage system according to the present embodiment, encryption is performed by performing both encryption processing and decryption processing on the user terminal device 2 instead of the encryption information storage server device 1. / It is possible to prevent the key used for the decryption process from leaking to a third party and the data to be stored in plain text, and the user can safely manage the data to be stored. Become.

  The algorithm explanation HTML provided by the algorithm explanation providing means 110 includes a mechanism of encryption processing using the encrypted HTML file H1, decryption processing using the decryption HTML file H2, and key and data update processing using the key / data update HTML file H3. , To explain to the user. That is, each process described with reference to the flowcharts shown in FIGS. 5, 8, and 7 is explained to the user.

  The script explanation HTML provided by the script explanation providing means 111 displays source codes such as an encryption script, a decryption script, and a data transmission script, and explains the contents in more detail. Further, when these scripts are configured to refer to an external library, it is preferable to explain what kind of library is being referenced.

  In the encrypted information storage system according to the present embodiment, as described above, since an HTML file and JavaScript are used, the user actually refers to the source code of the HTML file or JavaScript, and is explained by an algorithm explanation means. It is possible to confirm that the script explained by the script explanation means is being used, and to perform encryption and decryption of data safely.

  In addition, comments and scores regarding the algorithm and script safety from the user as evaluation information by the encrypted information storage server device 1 and other server devices that can communicate with the user terminal device 2 via the network 3 It is good also as a structure which can collect and provide to another user. With such a configuration, a user who is familiar with a technology such as an HTML file or JavaScript makes a comment, and a user who is not familiar with such a technology also refers to the comment, so that the encrypted information storage system according to the present embodiment can be relieved Can be used. In particular, if the configuration is such that algorithm and script evaluation information is collected and provided by an external review site or the like operated by a third party different from the operator who manages the encrypted information storage server device 1 or the like. The reliability of the evaluation information can be made higher.

  In addition, an electronic certificate is given to a file including an encryption script and a decryption script to be provided to the user terminal device 2, and the user terminal device 2 checks that the file has not been tampered with using the electronic certificate. If the configuration is such that the script is executed, the security of the encrypted information storage system according to the present invention can be further enhanced. Furthermore, when collecting evaluation information of algorithms and scripts as described above, evaluation information by other users is provided by releasing a file with an electronic certificate and collecting evaluation information for the file. It can be ensured that the script actually executed on the user terminal device 2 is the same, and the user can use the encrypted information storage system according to the present invention with peace of mind.

  Note that, in the present embodiment, as described above, a configuration in which processing related to encryption and decryption is executed on the user terminal device using an HTML file and JavaScript has been described. However, for example, Java (registered trademark) or PHP is used. The encrypted information storage server device 1 may be encrypted or decrypted using a program language such as Ruby. By adopting such a configuration, the dependence on the operating environment among a plurality of user terminal devices 2 such as processing capability and whether or not JavaScript can be executed can be reduced, and the encryption according to the present invention can be achieved with more user terminal devices 2. The information storage system can be used.

  Alternatively, each user terminal device 2 can selectively execute encryption / decryption processing on the user terminal device 2 and encryption / decryption processing on the encrypted information storage server device 1. Also good. For example, in the user terminal device 2 that can execute JavaScript, the encryption / decryption processing is performed on the user terminal device 2, and when the other user terminal device 2 is used, the encrypted information storage server device 1 The above-described encryption / decryption process is performed. By adopting such a configuration, when encryption / decryption processing on the user terminal device 2 is possible, it can be used more safely and can also be used in other user terminal devices 2. A secure encrypted information storage system.

  EXAMPLES Next, although an Example is shown and this invention is demonstrated further in detail, this invention is not limited to a following example.

Example 1
This embodiment is an example of managing the login information D1 of the website as shown in FIG. 12 by the encryption information storage system according to the present invention. The login information D1 includes arbitrary title D101, first key hint information D102, second key hint information D103 stored in plain text, second key hint information D104 stored encrypted, site URL D105, arbitrary Encryption level information D107, level 0 data D108 stored in plain text, level 1 data D109 encrypted with the first key, and first after encryption with the second key for each of the memo D106, login ID, password, and Email It is assumed that level 2 data D110 encrypted with a key is included.

  FIG. 13 is a display example on the user terminal device 2 of the input form F12 included in the encrypted HTML file H1 in the present embodiment. In this way, the key and its hint information, the encryption level of each item, input fields for data of each level, and the like, and a send button are provided.

  FIG. 14 is a display example on the user terminal device 2 of the input form F23 included in the decrypted HTML file H2 in the present embodiment. As described above, the input form F23 includes input areas for the first and second keys, a transmission button and a display area for the hint information, and a decryption button.

  Then, the result of the decryption process is provided to the user by the decrypted data display area L241 of the decrypted HTML file H2 as shown in FIG.

  In this way, the user can use the encrypted information storage system more conveniently by setting an arbitrary set like the login information to the website and handling the storage target data.

(Example 2)
In this embodiment, as shown in FIG. 16, bank account information D2 is managed by the encryption information storage system according to the present invention. The bank account information D2 includes arbitrary title D201, first key hint information D202, second key hint information D203 stored in plain text, second key hint information D204 stored encrypted, bank name, bank Number, branch name, branch number, account type, account number, personal identification number, subject of any user-specified item, value of any user-specified item, and encryption level information D205 for the contents of the random number table, in plain text Level 0 data D206 to be stored, level 1 data D207 to be encrypted with the first key, and level 2 data D208 to be encrypted with the first key after being encrypted with the second key.

  Here, the random number table is a matrix form of 5 columns from “A” to “O” and 5 rows from “1” to “5”, and all 25 from “A1” to “O5”. It shall have the value of For authentication in recent Internet banking systems and the like, authentication using a value in an arbitrary column designated by the system from a random number table of such a format is often used.

  FIG. 17 is a display example on the user terminal device 2 of the input form F12 included in the encrypted HTML file H1 in the present embodiment. In this way, the key and its hint information, the encryption level of each item, input fields for data of each level, and the like, and a send button are provided.

  Here, for an item that does not need to have a plurality of encryption level values, only the encryption level value selected for the item may be set in the transmission form. In that case, it is possible to set an arbitrary value such as an empty character string or a symbol designated in advance in the storage area for data of other encryption levels in the transmission form so that it can be determined that the value is not meaningful. preferable. In the present embodiment, the account type corresponds to such an item, and as shown in FIG. 17, an input of only one value is accepted by a drop-down list.

  Then, the result of the decryption process is provided to the user by the decrypted data display area L241 of the decrypted HTML file H2 as shown in FIG.

  Thus, data such as a random number table can be handled as data to be stored, and various data can be managed by the encrypted information storage system.

(Example 3)
The present embodiment is an example in the case where information on a plurality of websites and banks is managed by the encryption information storage system according to the present invention. In the present embodiment, as shown in FIG. 19A, a list of a plurality of storage target data stored by the user is generated by the encrypted information storage server device 1 and displayed on the user terminal device 2.

  The list shown in FIG. 19A includes titles of respective sites and banks, ID level 0 data, and password level 0 data, and the user can browse the information.

  Then, each title is set as a hyperlink, and a click from the user, such as a site or bank designation, is accepted, and a key input and decrypted data display screen as shown in FIG. 19B is displayed. To do.

  Since FIG. 19B is a display screen for level 0 data, ID and password level 0 data are displayed.

  When the decryption button is pressed after the input of the first key, the screen shifts to a level 1 data display screen as shown in FIG.

  Further, when the decryption button is pressed after the second key is input, the screen shifts to a level 2 data display screen as shown in FIG.

  Also, after receiving the input of the second key and the pressing of the decryption button on the level 1 data display screen as shown in FIG. 19C, as shown in FIG. It is also possible to make a transition to a level 1 data display screen with values as hyperlinks, and transition to a display screen with only the respective values as shown in FIG. 19 (f) by clicking each hyperlink. Good. With such a configuration, since only necessary information can be decrypted and displayed, the screen is viewed by a third party while the user terminal device 2 is being used, and the decrypted information is transmitted to the third party. Can be reduced.

  As another configuration, after receiving designation of a site, a bank, etc. from the user on the list screen as shown in FIG. 19A, a level having an input area of only the first key as shown in FIG. You may make it change to the display screen of 0 data. In this case, after receiving the input of the first key on the level 0 data display screen and pressing the decryption button, the level 1 data of ID and password are hyperlinked as shown in FIG. 20B. Display as. When a hyperlink is clicked, a transition is made to a screen having level 1 data and a second key input area for the selected item, as shown in FIG. When the key is input and the decryption button is pressed, the level 2 data of a single item is displayed as shown in FIG. With such a configuration, it is possible to reduce the risk that the decrypted information leaks to a third party, and by requesting the second key every time when displaying each item, Information can be protected more firmly.

  When displaying the random number table data of the bank information, the level 0 data is displayed in the format of the random number table as shown in FIG. 21A at the level 0, and after the decryption processing by the first key, The screen transits to a screen displaying level 1 decrypted data as shown in 21 (b). Then, by receiving selection from the level 1 data, the level 2 decrypted data is displayed for one value in the random number table, as shown in FIG.

  As described above, the level 0 data is provided to the user in a form that is highly viewable such as a list, and the level 2 data is provided with only necessary data such as individual display. By doing so, the difference in data handling due to the setting of the encryption level can be used more effectively.

DESCRIPTION OF SYMBOLS 1 Encryption information storage server apparatus 101 Encrypted data storage part 102 Encrypted HTML transmission means 103 Encrypted data recording means 104 Identification information generation means 105 Encrypted data search means 106 Decryption HTML generation means 107 Key / data update HTML generation means 108 Authentication information storage section 109 User authentication means 110 Algorithm explanation providing means 111 Script explanation providing means 2 User terminal device 21 HTML receiving means 22 Input receiving means 23 Script execution means 24 Encrypted data sending means 25 Storage target data display Means 26 Authentication information transmission means 3 Network H1 Encryption HTML file F11 Encryption script F111 Data encryption script F112 Data transmission script F12 Input form I121 Encryption key input area I121a First key input area I121b Second key input area I121c First key hint information input area I121d Second key plaintext hint information input area I121e Second key encryption hint information input area I122 Storage target data input area I122a Level 0 data input area I122b Level 1 data input Area I122c Level 2 data input area I122d First key hint information input area I122e Second key plaintext hint information input area I122f Second key encryption hint information input area B123 Send button F13 Send form F131 Destination URI information F132 User ID information F133 Encrypted data F133a Level 0 data F133b Encrypted level 1 data F133c Encrypted level 2 data F133d First key hint information F133e Second key plaintext hint information F133f Second key encrypted hint Information L14 Encryption script display area H2 Decryption HTML file F21 Decryption script F211 Data decryption script F22 Encrypted data storage form H221 Encrypted data storage area H221a Level 0 data H221b Encrypted level 1 data H221c Encrypted Level 2 data H221d First encryption key hint information H221e Second key plaintext hint information H221f Second key encrypted hint information F23 Input form I231 Key input area I231a First key input area I231b Second key input area B232 Decryption button B233a First 1 key hint information display button B233b second key hint information display button L234a first key hint information display area L234b second key hint information display area F24 display form L241 storage target data display area L2 41a Level 0 data display area L241b Level 1 data display area L241c Level 2 data display area L25 Decryption script display area H3 Encryption key / data update HTML file F31 Encryption key / data update script F311 Data decryption script F312 Data encryption script F313 Data transmission script F32 Encrypted data storage form H321 Encrypted data storage area F33 Input form I331 Key input area I331a First key input area I331b Second key input area B332 Decryption button I333 Storage target data display / data change input area I333a Level 0 data display / change input area I333b Level 1 data display / change input area I333c Level 2 data display / change input area B334 Send button B335a First Key hint information display button B335b Second key plaintext hint information display button B335c Second key encryption hint information display button L336a First key hint information display / update input area L336b Second key plaintext hint information display / update input area L336c Second Key encryption hint information display / update input area F34 Transmission form F341 Transmission destination URI information F342 User ID information F343 Encrypted data F344 Encrypted data identification information L35 Encryption / decryption script display area

Claims (9)

First storage target data and second storage target data that are related to each other, first encrypted data obtained by encrypting the first storage target data with a first key, and the second Is an encrypted information storage system for storing the second encrypted data obtained by encrypting the storage target data with the second key as the third encrypted data obtained by further encrypting with the first key. And
An encrypted data storage unit that holds the first encrypted data and the third encrypted data;
Input receiving means for receiving inputs of the first storage target data, the second storage target data, the first key, and the second key;
By generating the first encrypted data by encrypting the first storage target data using the first key and by encrypting the second storage target data using the second key Encryption means for generating the second encrypted data and generating the third encrypted data by encrypting the second encrypted data using the first key; ,
Recording means for recording the first encrypted data and the third encrypted data in the encrypted data storage unit;
Restoring the first data to be stored by decrypting the first encrypted data using the first key and decrypting the third encrypted data using the first key Decryption means for performing the restoration of the second encrypted data by the method and the restoration of the second storage target data by decrypting the second encrypted data using the second key; ,
An encryption information storage system comprising: an output unit configured to output the first storage target data and output the second storage target data. The input receiving means receives input of third storage target data;
The recording means records the third storage target data in the encrypted data storage unit;
The encrypted information storage system according to claim 1, wherein the output unit outputs the third storage target data. The encrypted information storage system is configured such that the encrypted information storage server device and the user terminal device can communicate with each other via a network,
The encrypted information storage system according to claim 1, wherein the user terminal device includes the encryption unit and the decryption unit. The encryption unit and the decryption unit are realized by a script that operates on the user terminal device,
The encrypted information storage system according to claim 3, wherein the output means outputs the contents of the script.   The encrypted information storage system according to any one of claims 1 to 4, wherein the first storage target data is hint information reminiscent of the second storage target data.   5. The encrypted information storage system according to claim 1, wherein the first storage target data is hint information reminiscent of the second key. The first storage target data and the second storage target data that are related to each other, the first encrypted data obtained by encrypting the first storage target data using a first key; Encrypted information storage for storing second encrypted data obtained by encrypting second storage target data using a second key, and third encrypted data obtained by encrypting the second encrypted data using the first key. A method for retrieving data to be stored from a system,
A first input receiving step for receiving an input of the first key;
A first decryption step of decrypting the first encrypted data using the first key and restoring the first storage target data;
A first output step of outputting the first storage target data;
A second input receiving step for receiving an input of the second key;
A second decryption step of decrypting the third encrypted data using the first key and restoring the second encrypted data;
A third decryption step of decrypting the second encrypted data using the second key and restoring the second storage target data;
A data output method comprising: a second output step of outputting the second storage target data. The encrypted information storage system further stores third storage target data;
The data extraction method according to claim 7, further comprising a third output step of outputting the third storage target data. The encrypted information storage system is configured such that the encrypted information storage server device and the user terminal device can communicate with each other via a network,
The first decoding step, the first decoding step, the second decoding step, the third decoding step, and the second output step are performed by the user terminal device. 9. The data extracting method according to claim 7, wherein the data extracting method is performed.