JP6691363B2 - Two-dimensional code data encryption method and data decryption method, program, and computer-readable recording medium - Google Patents

Description

  The present invention relates to a two-dimensional code data transfer medium suitable for the transfer of information including protected information to be shown only to a specific information receiver in the transfer of information between an information provider and an information receiver. The present invention relates to a data encryption method, a two-dimensional code data decryption method, a program, and a recording medium.

  2. Description of the Related Art Conventionally, there is a method of passing information using a two-dimensional code as one of the methods of passing information. In the delivery of information using a two-dimensional code, the information provider converts the information to be delivered into a two-dimensional code and prints or displays it on paper or a display medium to provide the information. Information is passed by reading a two-dimensional code printed or displayed on a display medium with a reader.

  Information transfer using this two-dimensional code often provides the same information to an unspecified number of people, but on the other hand, it includes information that differs for each information recipient, and There is disclosed a print control system and a print control method suitable for transferring different information for each information receiver from the information provider by generating the two-dimensional code (1).

  The disclosed technique of Patent Document 1 is a voice reading for assisting easy-to-hear voice reading, including the information for each information recipient included in the passing information, with respect to the passing information passed from the information provider to the information receiver. The control information is added to generate a two-dimensional code to be passed to the information receiver, the information receiver reads the two-dimensional code, and the delivery information received from the information provider is read aloud according to the voice reading control information. This makes it possible for the information recipient to read aloud the voice easily.

  An e-mail encryption system and an e-mail encryption program have been disclosed as means for limiting the reading of delivery information to only a specific information recipient (see, for example, Patent Document 2).

  In the disclosed technology of Patent Document 2, the information provider side encrypts the delivery information, notifies the information recipient of a password for decrypting the encrypted delivery information, and sends the encrypted delivery information. By inputting the password notified by the information provider when the information recipient reads the information, only the specific information recipient can restore the original delivery information.

  Further, as a means for restricting the reading of the delivery information to only a specific information recipient, an encrypted information storage method and an information processing apparatus using a two-dimensional code (for example, refer to Patent Document 3) and a two-dimensional barcode generation apparatus. A two-dimensional bar code decoding device, a two-dimensional bar code generation method, a two-dimensional bar code decoding method and a program (for example, refer to Patent Document 4) are disclosed.

  In the disclosed techniques of Patent Documents 3 and 4, the entire original two-dimensional code cannot be restored unless another two-dimensional code is used in order to prevent the entire original two-dimensional code from being read. By doing so, the two-dimensionally encoded data to be encrypted and the password data are subjected to logical operation processing at the image level to generate encrypted data and decryption key data. Therefore, the encrypted data cannot be restored without the decryption key data, so that it is possible to restrict the reading of the delivery information to only a specific information recipient.

Japanese Patent No. 4851633 JP, 2009-171542, A JP, 2001-188469, A International Publication No. 2004/090804

  However, in the disclosed technology of Patent Document 1 described in the background art, it is possible to use the two-dimensional code to pass different information between the information provider and the information recipient for each information recipient. When passing protected information such as personal information, which is shown only to specific information recipients, the two-dimensional code of the passing information can be viewed only by the specific information recipients by confidential mail, etc. If the printed matter or the display medium of the 2D code is in a situation where it can be seen by others, the protected information for a specific information recipient can be read by a 2D code reader. The problem was that it was seen by others.

  Further, in the disclosed technology of Patent Document 1, if the disclosed technology of Patent Document 2 is applied in combination, the delivery information is encrypted and passed to the information recipient, and the information recipient side sends the encrypted delivery information. It is possible to solve this difficulty by entering the decryption key and password for decryption, but the operation of directly entering the decryption key and password is difficult for the elderly and visually impaired people. In addition, people other than the elderly and the visually impaired may not be able to accurately memorize various decryption keys and passwords, so forget the decryption key and password and see the handed information. There was a difficulty that I could not do it.

  Further, in the disclosed technology of Patent Document 3 and the disclosed technology of Patent Document 4, the two-dimensionally encoded data to be encrypted and the password data are subjected to logical operation processing at the image level to generate encrypted data and decryption key data. Since it is a thing, the entire original two-dimensional code cannot be read. Therefore, it is not possible to mix protected information that must be encrypted and non-protected information that does not need to be encrypted in the data to be encrypted.

  Furthermore, in the disclosed technology of Patent Document 3 and the disclosed technology of Patent Document 4, since the two-dimensionally encoded data to be encrypted and the password data are simply subjected to the logical operation processing at the image level, an error at the image level occurs. The correction becomes difficult and the reading accuracy may be significantly reduced. This is because the two-dimensional code usually cannot be printed or read accurately, and thus the two-dimensional code is read while being corrected by adding an error correction code.

  Further, in all of the above-described disclosed technologies, when information is delivered to a plurality of information recipients, the information provider supplies a two-dimensional code of information corresponding to each information recipient each time the information is delivered. It is necessary to individually generate the two-dimensional codes, and individually pass the generated two-dimensional codes to the corresponding information receivers.

  An object of the present invention is to transfer the information using the two-dimensional code, in case the data transfer medium including the two-dimensional code includes the protected information to be shown only to the specific information receiver. Even if the delivery medium is passed on to another person, the protected information contained in the data delivery medium can be restored only by a specific information recipient.

  Moreover, when restoring the protected information portion, it is not necessary for the elderly and visually impaired persons to perform a difficult operation such as directly inputting the decryption key and password, and forget the decryption key and password. It is to solve the difficulty that the protected information part cannot be viewed.

  Further, an object of the present invention is to transfer information to and from a plurality of information recipients, even if the information provider provides the same data delivery medium to the plurality of information recipients. That is, it is possible to read only the information permitted by the information recipient, and to enable the delivery of different information for each information recipient.

  A data delivery medium using a two-dimensional code that is a first aspect of the present invention that achieves the above-mentioned object is that only specific information recipients are included in delivery information that is generated by a data generation device and passed from an information provider to an information recipient. The two-dimensional code encoded in a state in which the protection information to be displayed is included is restored by being read by the data restoration device.

  The data transfer medium using this two-dimensional code is encrypted protection information in which the protection information is encrypted using a predetermined encryption key, and the partially encrypted transfer information generated by replacing the protection information part of the transfer information. In order to decrypt the partially encrypted encrypted delivery information contained in the first data reading medium, the two-dimensional code containing the The two-dimensional code of the encrypted key of the encrypted delivery information and the corresponding decryption key is converted into a second data readable medium which is readable by the data restoration device.

  Further, the data passing medium by the two-dimensional code according to the second aspect of the present invention is generated by the data generating device and is transmitted from the information provider to the information recipient by the same manner as the data passing medium by the two-dimensional code according to the first aspect. The two-dimensional code encoded in a state in which the delivery information to be passed to the user includes the protection information to be shown only to the specific information recipient, is restored by being read by the data restoration device.

  The data transfer medium using this two-dimensional code is encrypted protection information in which two or more protection information included in the transfer information is encrypted using a predetermined encryption key for each protection information. The two-dimensional code including the partially encrypted passing information generated by replacing the above protection information is included in the first data reading medium and the first data reading medium converted so that it can be read by the data restoration device. Of the two or more pieces of encrypted protection information of the partially encrypted passed information, the encryption protection information for decrypting the encryption protection information to be shown only to a specific information recipient. Includes encryption key information having encryption key identification information for identifying the encryption key, and the encryption key identification information of the encryption key information and the corresponding decryption key are paired with the encryption key identification information. 2-dimensional code decoding key information included in is made of a second data read medium that is readable converted by the data restoration apparatus.

  According to a third aspect of the present invention, in the data delivery medium using the two-dimensional code according to the second aspect, in the partially encrypted delivery information of the first data reading medium, the encryption protection information is respectively encrypted. Applicable condition information that defines the applicable condition of the decryption key information corresponding to the encryption key identified by the encryption key identification information included in the protection information, and the applicable condition information when the decryption key information does not match the applicable condition. Addition of decryption key update information for automatic retrieval or acquisition of decryption key information that matches the application conditions, and decryption key information and encryption key identification information on the second data reading medium. Is compared with the applicable condition information included in the encrypted protection information, and the applicable judgment target for judging whether or not the decryption key information can be used for the decryption of the encrypted protection information. One in which distribution has been added.

  According to a fourth aspect of the present invention, in a data transfer medium using a two-dimensional code according to any one of the first aspect to the third aspect, the first data reading medium and the second data reading medium are separate. A print medium for visibly displaying two-dimensional code data, an image display medium for visibly displaying two-dimensional code data, a storage medium for storing two-dimensional code data, and a data generating device and data for two-dimensional code data Any one of the communication media that can communicate with each other between the restoration devices is selected.

  Further, in the data encryption method of the two-dimensional code according to the fifth aspect of the present invention, the delivery information passed from the information provider to the information recipient includes the protection information to be shown only to the specific information recipient. The two-dimensional code encoded in the state is generated by the data generation device.

  In this two-dimensional code data encryption method, the data generation device replaces the protection information part of the original delivery information with the encrypted protection information obtained by encrypting the protection information using a predetermined encryption key. A first process of generating encrypted pass-through information, and a decryption corresponding to the encryption key of the partially encrypted pass-through information in order to decrypt the partially encrypted pass-through information generated in the first process. The second processing for generating a key and the third processing for converting the partially encrypted passing information and the decryption key into two-dimensional code data individually imaged are executed.

  In addition, the data encryption method of the two-dimensional code according to the sixth aspect of the present invention is the same as the data encryption method of the two-dimensional code according to the fifth aspect, in the delivery information passed from the information provider to the information recipient. The two-dimensional code is encoded by the data generation device in the state that the protection information to be shown only to the specific information recipient is included.

  This two-dimensional code data encryption method uses encrypted protection information in which the data generation device encrypts two or more protection information included in the transfer information using a predetermined encryption key for each protection information. A first process for replacing two or more protection information items of the delivery information to generate partially encrypted delivery information, and two or more encryption protections of the partially encrypted delivery information item generated in the first process. Of the information, in order to decrypt the encryption protection information to be shown only to the specific information recipient, this encryption protection information for decryption is the encryption key identification information for identifying the encryption key. A second process of generating decryption key information including a pair of encryption key information, the decryption key corresponding to the encryption key identification information of the encryption key information is paired with the encryption key identification information. , Partially encrypted A third process of converting information and decryption key of the two-dimensional code data imaged individually and is intended to run.

  According to a seventh aspect of the present invention, in the first process executed by the data generation device of the two-dimensional code data encryption method according to the sixth aspect, each encryption protection information is included in the encryption protection information. The applicable condition information that defines the applicable condition of the decryption key information corresponding to the encryption key identified by the encrypted key identification information and the applicable condition if the decryption key information does not match the applicable condition To obtain the decryption key information, or to add decryption key update information for automatic acquisition to generate partially encrypted delivery information, and to perform decryption in the second process executed by the data generation device. Whether the decryption key information can be used for decryption of the encryption protection information by comparing with the application condition information included in the encryption protection information whose encryption key identification information matches the key information Application determination object information for determining whether is intended to be produced is added.

  According to an eighth aspect of the present invention, in the two-dimensional code data encryption method according to any one of the fifth to seventh aspects, the two data reading media individually store the two-dimensional code data. A print medium that is visibly displayed, a screen display medium that visibly displays two-dimensional code data, a storage medium that stores two-dimensional code data, and two-dimensional code data can be mutually communicated between a data generation device and a data restoration device. One of the various communication media is selected. ”

A program according to a ninth aspect of the present invention causes a data generation device to execute each process of the two-dimensional code data encryption method according to any one of the fifth to eighth aspects. is there.
A recording medium according to a tenth aspect of the present invention is a computer-readable medium in which the program according to the ninth aspect is recorded.

  A two-dimensional code data restoration method according to an eleventh aspect of the present invention is a method for restoring a two-dimensional code data encrypted from a data reading medium encrypted by the two-dimensional code data encryption method according to the fifth aspect. It is to restore the delivery information.

  In this two-dimensional code data restoration method, when the data restoration device reads a data reading medium having the two-dimensional code data of the partially encrypted delivery information provided by the information provider, the data restoration device restores the partially encrypted delivery information. When the data reading medium having the two-dimensional code data of the decryption key information provided by the information provider is read, the second process of obtaining the decryption key and the decryption by the first process are performed. A third process of decrypting the encrypted protection information included in the encrypted partially encrypted passing information by using the decryption key acquired in the second process is performed.

  A two-dimensional code data decrypting method according to a twelfth aspect of the present invention is the same as the two-dimensional code data decrypting method according to the eleventh aspect. The original delivery information is restored by the data restoration device from the data reading medium encrypted by the encryption method.

  In this two-dimensional code data restoration method, when the data restoration device reads a data reading medium having the two-dimensional code data of the partially encrypted delivery information provided by the information provider, the data restoration device decrypts the partially encrypted delivery information. First process for converting, and a second process for acquiring the decryption key information when the data reading medium having the two-dimensional code data of the decryption key information provided by the information provider is read, and the first process Each piece of encryption protection information included in the partially encrypted pass-through information decrypted in step S1 is the decryption obtained by the second processing by the encryption key identification information included in the encryption key information included in the encryption protection information. When it matches the encryption key identification information included in the encryption key information, a third process of decrypting the corresponding encryption protection information using the decryption key paired with the encryption key identification information is executed. It is intended to.

  Furthermore, a two-dimensional code data decrypting method according to a thirteenth aspect of the present invention is a method for recovering data from a data reading medium encrypted by the two-dimensional code data encrypting method according to the seventh aspect by a data restoration device. This is to restore the delivery information of.

  This two-dimensional code data restoration method is included in the encryption key information included in the encryption protection information in the third processing executed by the data restoration device of the two-dimensional code data decryption method according to the twelfth aspect. When the encryption key identification information matches the encryption key identification information included in the decryption key information acquired in the second process, the application condition information added to the partially encrypted passed information and the decryption If it is determined that the decryption key information is applicable by matching the application determination target information added to the encryption key information and the application determination target information matches the applicable condition information, it is determined that the encryption key identification information is applicable. If the applicable encryption protection information is decrypted using the decryption key of the pair, and the applicable key information does not match the applicable condition information and it is determined that the decryption key information is not applicable, the decryption key information is not applicable. It is intended to apply the update information.

  According to a fourteenth aspect of the present invention, in the third process of the two-dimensional code data decryption method according to the thirteenth aspect, when the decryption key update information matching the application condition information can be acquired, the encryption key Decrypt the corresponding encryption protection information using the decryption key paired with the identification information, and if the decryption key update information that matches the application condition information cannot be obtained, decrypt the corresponding encryption protection information. It stops and ends.

  According to a fifteenth aspect of the present invention, in the second processing of the two-dimensional code data decoding method according to any one of the twelfth aspect to the fourteenth aspect, the information recipient is a part of the information provider. In addition to the data reading medium having the two-dimensional code data of the decryption key information received together with the data reading medium having the two-dimensional code data of the encrypted delivery information, the two-dimensional code of the decryption key information different from the decryption key When a plurality of previously obtained data reading media having data are read by the data restoration device, the decryption key information of each data reading medium is acquired, and in the third processing, the partial encryption decrypted in the first processing is performed. The encrypted protection information included in the passed information is the decryption key information acquired in the second process when the encryption key identification information included in the encryption key information included in the encrypted protection information. If it matches with the encryption key identification information included in the decryption key information of any of the above, decrypt the corresponding encryption protection information using the decryption key paired with the encryption key identification information, If none of the decryption key information obtained in the second process matches the encryption key identification information included in the decryption key information, the decryption of each encryption protection information is stopped. .

  According to a sixteenth aspect of the present invention, in the two-dimensional code data decoding method according to any one of the eleventh to fifteenth aspects, the two data reading media individually receive the two-dimensional code data. A print medium that is visibly displayed, a screen display medium that visibly displays two-dimensional code data, a storage medium that stores two-dimensional code data, and two-dimensional code data can be mutually communicated between a data generation device and a data restoration device. One of the various communication media is selected.

A program according to a seventeenth aspect of the present invention causes a data generation device to execute each process of the two-dimensional code data decoding method according to any one of the eleventh to sixteenth aspects. is there.
A recording medium according to an eighteenth aspect of the present invention is a computer-readable medium in which the program according to the seventeenth aspect is recorded.

  According to the first, fifth, and eleventh aspects of the present invention, the two-dimensional code of the partially encrypted delivery information passed from the information provider to the information recipient is the original protection information. Since the part is encrypted as encrypted protection information, even if only the two-dimensional code of the partially encrypted passing information is read by the information recipient side, the encrypted protection information part remains encrypted and the information is provided. Unless the two-dimensional code of the decryption key information separately provided from the person is obtained, the original contents of the protected information cannot be restored.

  That is, even if another person obtains the data reading medium using the two-dimensional code of the partially encrypted delivery information, the original protection information portion is restored unless the data reading medium using the two-dimensional code of the decryption key information is obtained. Therefore, when passing information using a two-dimensional code, in the unlikely event that the data is read by the two-dimensional code of the partially encrypted delivery information, the protection information to be shown only to the particular information recipient is passed, and Even if the data reading medium is passed to another person, the protection information included in the data passing medium cannot be restored.

  In addition, the specification of the decryption key information for decrypting the encryption protection information on the information recipient side does not require a complicated operation such as manually inputting the decryption key, and the partial encryption Since the two-dimensional code of the decryption key information can be designated and specified by the same operation as the reading of the data reading medium by the two-dimensional code of the transferred information, the decryption key and the Elderly people and visually impaired persons are not required to perform a difficult operation of directly entering a password or the like, and even if they forget the decryption key or password, the protected information portion can be viewed.

  Further, according to the second aspect, the sixth aspect and the twelfth aspect of the present invention, similarly to the above-mentioned first aspect, fifth aspect and eleventh aspect, from the information provider to the information recipient. The two-dimensional code of the partially encrypted delivery information passed to the device is a data reading medium using the two-dimensional code of the encrypted delivery information because the encryption protection information part included in the partially encrypted delivery information is encrypted. Even if only the information is read by the information recipient, the data protected by the two-dimensional code of the decryption key information for each information recipient, which is separately provided by the information provider, is obtained with the encrypted protected information part being encrypted. Otherwise, the contents of the encrypted protection information part cannot be decrypted.

  In addition, the data reading medium based on the two-dimensional code of the decryption key information for each information recipient, which is separately obtained by each information recipient, decrypts the encrypted protection information of the portion that the information recipient is permitted to decrypt. Since only the encryption key is included, each information recipient can decrypt only the encryption protection information of the part that the information recipient is allowed to, and the encryption protection information of the part that the information recipient is not allowed to decrypt The corresponding encrypted information cannot be viewed.

  That is, the information provider does not generate a data transfer medium with a two-dimensional code of different transfer information corresponding to each information receiver and transfer it to each information receiver individually, but the main transfer information is plural. By providing a common two-dimensional code to each information recipient and providing a data passing medium by the two-dimensional code of the decryption key information for each information recipient individually corresponding to each information recipient, Only the protected information permitted by each of the plurality of information recipients can be selectively shown.

  Further, according to the third aspect, the seventh aspect, the thirteenth aspect and the fourteenth aspect of the present invention, the decryption key information application condition information and the decryption key update information are added to the encryption protection information. Therefore, it is possible to limit the conditions for applying the decryption key information by conditions such as the expiration date, and even if the decryption key information is outside the applicable conditions, it matches the applicable conditions for the user. It is possible to prompt or automatically acquire the two-dimensional code of the decryption key information.

  Further, according to the fifteenth aspect of the present invention, the information receiver is provided with a data reading medium based on the two-dimensional code of the decryption key information of the decryption key corresponding to the encryption key of the encryption protection information included in the delivery information. Even if you do not understand, you can restore the hand-over information including the encryption protection information for the information recipient just by reading all the data reading medium with the two-dimensional code of the already-obtained plural decryption key information with the data restoring device. Will be able to.

  Further, according to the fourth aspect, the eighth aspect and the sixteenth aspect of the present invention, the following information is passed between the information provider and the information receiver based on the type of the data reading medium. Will be able to do.

  When the data reading medium is a printing medium, the information provider temporarily prints the two-dimensional code of the partially encrypted delivery information generated by the data generating device on the printing medium, and the information receiver prints on the printing medium. The two-dimensional code of the partially encrypted pass-through information that has been read is imaged and read by the camera of the data decompression device, and the two-dimensional code of the partially encrypted delivery information that is read by the camera at the data decompression device and separately. Since the original delivery information can be restored from the two-dimensional code of the decryption key information generated by the data generation device obtained from the information provider, the delivery information between the information provider and the information receiver Can be handed over.

  When the data reading medium is an image display medium, the information provider temporarily displays the two-dimensional code of the partially encrypted delivery information generated by the data generation device on the display medium, and the information receiver displays on the display medium. The two-dimensional code of the displayed partially encrypted delivery information is imaged and read by the camera of the data restoration device, and the two-dimensional code of the partially encrypted delivery information read by the camera by the data restoration device, Since the original delivery information can be restored from the two-dimensional code of the decryption key information generated by the data generation device separately obtained from the information provider, the delivery information between the information provider and the information receiver Can be handed over.

  When the data reading medium is a storage medium, the information provider stores the two-dimensional code of the partially encrypted delivery information generated by the data generation device in the storage medium as electronic image data, and the information receiver Reading the electronic image data of the two-dimensional code of the partially encrypted passing information stored in the storage medium by a data restoration device, and reading the electronic image data from the storage medium by the data restoration device. Since it is possible to restore the original delivery information from the two-dimensional code of the encrypted delivery information and the two-dimensional code of the decryption key information generated by the data generation device separately obtained from the information provider, the information provider Information can be passed between the recipient and the information recipient.

  When the data reading medium is a communication medium, the information provider transmits the two-dimensional code of the partially encrypted delivery information generated by the data generating device to the information receiver via the communication medium as electronic image data. Then, the information receiver reads the electronic image data of the two-dimensional code of the partially encrypted delivery information transmitted from the information provider by receiving the electronic image data through the communication medium by the data restoration device, From the two-dimensional code of the partially-encrypted delivery information acquired by the data restoration device via the communication medium and the two-dimensional code of the decryption key information generated by the data generation device separately obtained from the information provider. Since the original delivery information can be restored, the delivery information can be delivered between the information provider and the information recipient.

  It should be noted that the reading here means not only a camera or the like that statically prints imaged two-dimensional code data used on the transfer of information of the present invention on a medium such as paper or a signboard, but also a display. What is displayed on the device may be read by a camera or the like, or may be directly received as electronic image data of a two-dimensional code via a storage medium or a communication medium.

  Further, in each of the above-described modes, the encryption key and the decryption key are distinguished, but when the encryption key and the decryption key are paired like a public encryption key, the encryption key and the decryption key are Although the decryption key is different, both are the same when the encryption method using the same encryption key and decryption key is used.

  Further, regarding the decryption key included in the two-dimensional code of the decryption key information, no specific expression format is mentioned, but any format is acceptable as long as it can be finally converted into the decryption key. For example, the decryption key data may be the decryption key data itself, or the decryption key may be encrypted by another encryption key defined in advance by a reader.

  The encryption protection information of the partially encrypted passing information and the encryption key identification information included in the decryption key information may be any information as long as they have a corresponding relationship. For example, the identification information of each corresponding protection information may be used instead.

  Further, the decryption key information does not have to be a two-dimensional code composed only of the decryption key information, and for example, the application destination information of the decryption key information or supplementary information for managing the decryption key information. Alternatively, the two-dimensional code may also contain the decryption key information in another two-dimensional code of the partially encrypted transfer information.

  According to the two-dimensional code data transfer medium, the two-dimensional code data encryption method, the two-dimensional code data decryption method, the program, and the recording medium of the present invention, in the information transfer using the two-dimensional code, In passing data including a protection information to be shown only to a specific information recipient to a data delivery medium using a dimension code, even if the data delivery medium is passed to another person, the protection information included in the data delivery medium is , It is possible to make it impossible for anyone other than the specific information recipient to restore it. Moreover, when restoring the protected information part, it is difficult for the elderly and visually impaired people to directly enter the decryption key and password etc. You do not need it, and forget the decryption key and password, so you cannot see the protected information part. It is possible to resolve the difficulties say.

  According to the two-dimensional code data transfer medium, two-dimensional code data encryption method, two-dimensional code data decryption method, program, and recording medium of the present invention, information is transferred to and from a plurality of information recipients. In this case, even if the information provider provides the same data transfer medium to a plurality of information recipients, the information recipient can read only the information permitted by each information recipient, It is possible to transfer different information to each information recipient.

(A) is a block diagram showing a data generation device for executing the two-dimensional code data encryption method of the present invention, and (B) is a data restoration for executing the two-dimensional code data decryption method of the present invention. It is a block diagram which shows an apparatus. FIG. 3 is a processing sequence diagram showing a preferred embodiment of the two-dimensional code data encryption method and the two-dimensional code data decryption method of the present invention. It is a block diagram which shows the specific example of the original delivery information described in FIG. FIG. 3 is a configuration diagram showing a specific example of partially encrypted passing information generated by the encryption processing of the protection information described in FIG. 2. It is a block diagram which shows the specific example of the encryption key information described in FIG. 2 which described the encryption key for encrypting the protection information in the original delivery information described in FIG. FIG. 3 is a configuration diagram showing a specific example of decryption key information for decrypting the encryption protection information in the partially encrypted passing information described in FIG. 2. FIG. 3 is a flow chart diagram showing an embodiment of an encryption process of protection information described in FIG. 2. FIG. 3 is a flow chart diagram showing an example of a decryption key information generation process described in FIG. 2. FIG. 3 is a flow chart diagram showing an example of a decryption process of the protection information described in FIG. 2. It is a processing sequence diagram which shows one Example for delivering the delivery information to the 1st data reading medium which is a component of the data delivery medium of this invention using a printing medium. It is a processing sequence diagram which shows one Example for delivering delivery information to the 1st data reading medium which is a component of the data delivery medium of this invention using an image display medium. It is a processing sequence diagram which shows one Example for delivering and receiving delivery information to a 1st data reading medium which is a component of the data delivery medium of this invention using a storage medium. It is a processing sequence diagram which shows one Example for delivering and receiving delivery information to the 1st data reading medium which is a component of the data delivery medium of this invention using a communication medium. It is a processing sequence diagram which shows the example of preferable embodiment of the other data encryption method of a two-dimensional code of this invention, and the other data decryption method of a two-dimensional code. It is a block diagram which shows the specific example of the original delivery information described in FIG. FIG. 15 is a configuration diagram showing a specific example of partially-encrypted delivery information generated by the encryption processing for each protection information described in FIG. 14. 14 is a configuration diagram showing a specific example of encryption key information for encryption described in FIG. 14 in which an encryption key for encrypting each protection information in the original passing information described in FIG. 14 is described. is there. A specific example of the decryption key information for each information recipient described in FIG. 14, which describes the decryption key for decrypting the encryption protection information in the partially encrypted passing information depicted in FIG. It is a block diagram which shows. FIG. 15 is a configuration diagram showing a specific example of delivery information for each information recipient, which is obtained on the information recipient side as a result of decryption by the selective decryption processing of the protected information on the information recipient side described in FIG. 14. . FIG. 15 is a configuration diagram showing an example of information recipient selection information used as an input when selecting the decryption key information to be passed to each information recipient in the decryption key information selection generation processing described in FIG. 14. . FIG. 15 is a flow chart diagram showing an example of encryption processing by protection information described in FIG. 14. FIG. 15 is a flowchart showing an example of the decryption key information selection / generation processing described in FIG. 14. FIG. 15 is a flowchart showing an example of a decryption key information generation process for each information receiver described in FIG. 14. FIG. 15 is a flowchart diagram showing an example of a selective decryption process of protected information described in FIG. 14. FIG. 15 is a configuration diagram showing another specific example of the partially encrypted passed information generated in the encryption processing for each protection information described in FIG. 14. Configuration showing another specific example of the encryption key information for encryption described in FIG. 14 in which the encryption key for encrypting each protection information in the original transfer information described in FIG. 14 is described It is a figure. Of the decryption key information for each information recipient described in FIG. 14, which describes the decryption key for decrypting the encryption protection information in the partially encrypted passing information depicted in FIG. It is a block diagram which shows a specific example. FIG. 15 is a flowchart showing another embodiment of the protection information-specific encryption processing shown in FIG. 14. FIG. 15 is a flowchart showing another embodiment of the decryption key information generation process for each information receiver described in FIG. 14. FIG. 15 is a flowchart showing another embodiment of the selective decryption processing of protection information described in FIG. 14. It is a processing sequence diagram which shows one Example for delivering the delivery information to the 1st data reading medium which is a component of the other data delivery medium of this invention using a printing medium. It is a processing sequence diagram which shows one Example for delivering the delivery information to the 1st data reading medium which is a component of the other data delivery medium of this invention using an image display medium. It is a processing sequence diagram which shows one Example for delivering the delivery information to a 1st data reading medium which is a component of the other data delivery medium of this invention using a storage medium. It is a processing sequence diagram which shows one Example for delivering and receiving delivery information to the 1st data reading medium which is a component of the other data delivery medium of this invention using a communication medium. It is a processing sequence diagram which shows the example of preferable embodiment of the other data decoding method of the two-dimensional code of this invention. FIG. 36 is a flowchart showing one embodiment of the selective decryption processing of the protection information described in FIG. 35.

  Hereinafter, an example of a mode for carrying out a two-dimensional code data transfer medium, a two-dimensional code data encryption method, a two-dimensional code data decryption method, a program, and a recording medium of the present invention will be described with reference to the drawings.

  As shown in FIG. 1, the two-dimensional code data transfer medium, two-dimensional code data encryption method, two-dimensional code data decryption method, program, and recording medium of the present invention are passed from an information provider to an information receiver. A data generation device 70 (FIG. 1A) that generates a two-dimensional code that is encoded in a state in which the passing information is encrypted and includes the protection information to be shown only to a specific information recipient, and the data. The present invention is applied to the data restoration device 80 (FIG. 1B) that restores the original transfer information from the two-dimensional code generated by the generation device 70.

  The data generation device 70 owned by the information provider is configured as a general information processing device, and the two-dimensional code data encryption method of the present invention is realized as a data generation processing program 71 executed on the information processing device. It

  Specifically, the data generation device 70 includes a storage device 72 that stores a data generation processing program 71, a RAM (Random Access Memory) 73 that stores programs and data, and a processor 74 that executes the program on the RAM 73. A two-dimensional code output interface 75 for outputting two-dimensional code data of partially encrypted transfer information and two-dimensional code data of decryption key information, which are generated by the data generation processing program 71, to a data transfer medium, and a storage device 72. The RAM 73, the processor 74, and the two-dimensional code output interface 75 are composed of a bus 76 for exchanging data and programs.

  The data generation processing program 71 stored in the storage device 72 is read from the storage device 72 via the bus 76 and stored in the RAM 73 at the time of startup, and the data generation processing program 71 stored in the RAM 73 is stored in the bus. It is executed by the processor 74 via 76.

  As a result of executing the data generation processing program 71, the two-dimensional code data of the partially encrypted transfer information and the two-dimensional code data of the decryption key information generated on the RAM 73 are transmitted via the bus 76 to the two-dimensional code output interface 75. And is output to a data reading medium which is an output medium.

  The two-dimensional code output interface 75 differs depending on the data reading medium of the output destination. For example, for output to a print medium, a USB interface connected to a printer, for an image display medium, an image display device interface, CD / DVD / memory. A CD / DVD / memory control interface is used as a storage medium, and a communication interface is used as a communication medium.

  On the other hand, the data restoration device 80 possessed by the information receiver is configured as a general information processing device, and the two-dimensional code data decoding method of the present invention is a data restoration processing program 81 executed on the information processing device. Will be realized.

  Specifically, the data restoration device 80 includes a storage device 82 that stores a data restoration processing program 81, a RAM 83 that stores programs and data, a processor 84 that executes programs on the RAM 83, and a data restoration processing program 81. A two-dimensional code input interface 85 for inputting a two-dimensional code of partially encrypted passing information and a two-dimensional code of decryption key information to be input, a storage device 82, a RAM 83, a processor 84, 2 It is composed of a bus 86 for exchanging data and programs between the dimension code input interfaces 85.

  The data restoration processing program 81 stored in the storage device 82 is read from the storage device 82 via the bus 86 and stored in the RAM 83 at startup, and the data restoration processing program 81 stored in the RAM 83 is stored in the bus. It is executed by the processor 84 via 86.

  The executed data restoration processing program 81 inputs the two-dimensional code data of the partially encrypted delivery information and the two-dimensional code data of the decryption key information stored in the data delivery medium via the two-dimensional code input interface 85. Then, the data is further stored in the RAM 83 via the bus 86 and the processing by the two-dimensional code data decoding method of the present invention described later is executed.

  The two-dimensional code input interface 85 differs depending on the data reading medium that is an input medium. For example, if the input is from a print medium or an image display medium, it may be a camera interface connected to a camera or a storage medium such as a CD / DVD / memory. For example, a CD / DVD / memory control interface is used, and for a communication medium, a communication interface is used.

  Next, an embodiment of the two-dimensional code data encryption method of the present invention applied to the data generation device 70 and the two-dimensional code data decryption method of the present invention applied to the data restoration device 80 will be described. explain.

  First, a first embodiment of a data encryption method and a data decryption method for a two-dimensional code according to the present invention will be described with reference to FIGS. Note that FIG. 2 shows an embodiment of the data encryption method of the two-dimensional code of the present invention in the data generation processing 100 of the information provider, and the two-dimensional code of the present invention in the data restoration processing 200 of the information recipient. An example of a data decoding method is shown.

  As shown in FIG. 2, the data generation processing 100 executed by the data generation device 70 of the information provider converts the original delivery information 10 to be passed from the information provider to the information recipient and actually delivers it to the information recipient. This is a process on the information provider side for generating the two-dimensional code.

  The data generation process 100 corresponding to the two-dimensional code data encryption method of the present invention encrypts the protected information 12 portion included in the original delivery information 10 to be passed to the information recipient, and then the original delivery information 10 Of the protection information 12 to replace the encrypted protection information 22 with the encrypted protection information 22. The encryption processing 110 of the protection information and the partial encryption generated by the encryption processing 110 of the protection information. A two-dimensional code generation process 120 for partially encrypted passed information that converts the passed delivery information 20 into a two-dimensional code 40, and decryption key information 35 for decrypting the encrypted protection information 22 portion on the information recipient side. And the decryption key information 35 generated in the decryption key information generation process 130 is converted into a two-dimensional code 50. And a 2-dimensional code generation process 140 of the decryption key information.

  That is, the data generation process 100 receives the original delivery information 10 to be passed to the information receiver and the encryption key information 30 for encrypting the protection information 12 included in the original delivery information 10 as input. The two-dimensional code 40 of the partially encrypted delivery information 20 in which the protection information 12 portion of the delivery information 10 is replaced with the encrypted protection information 22 and the encrypted protection information 22 portion is decrypted by the information receiver. And the two-dimensional code 50 of the decryption key information including the decryption key information 35 for The original delivery information 10 input by the data generation processing 100 includes unprotected information 11 that is shown to all information recipients, and protected information 12 that is shown only to specific information recipients.

  In addition, the protection information encryption processing 110 of the data generation processing 100 is an encryption key for encrypting the original delivery information 10 to be passed to the information recipient and the protection information 12 portion included in the original delivery information 10. Using the information 30 as input, the protected information 12 portion of the original delivery information 10 is encrypted with the encryption key obtained from the encryption key information 30, and the unprotected information 11 portion of the delivery information 10 is copied as it is and is unprotected. The partially encrypted pass-through information 20 is generated by replacing the protected information 12 part with the encrypted protected information 22 obtained by encrypting the protected information 12 part as the information 21.

  The partially encrypted delivery information 20 generated by the protection information encryption processing 110 is further passed to the two-dimensional code generation processing 120 of the partially encrypted delivery information 20, and the image is obtained by the two-dimensional code generation processing 120. The converted two-dimensional code data is converted into the two-dimensional code 40 of the partially encrypted transfer information, which is one of the outputs of the data generation processing 100.

  On the other hand, the encryption key information 30 used when encrypting the protection information 12 part of the original delivery information 10 is also passed to the decryption key information generation process 130, and in the decryption key information generation process 130, The encryption key included in the encryption key information 30 is replaced with a decryption key corresponding to the encryption key, and the encryption protection information 22 encrypted using the encryption key information 30 is transferred to the information recipient side. The decryption key information 35 for decryption is generated.

  The decryption key information 35 generated in the decryption key information generation processing 130 is further passed to the decryption key information two-dimensional code generation processing 140, and the image is generated in the decryption key information two-dimensional code generation processing 140. The data is converted into the converted two-dimensional code data, and the data generation processing 100 generates another output, the two-dimensional code 50 of the decryption key information.

  Such data transfer of the two-dimensional code 40 of the partially encrypted passed information and the two-dimensional code 50 of the decryption key information is performed by the information provider from the information provider to the information receiver. In addition to passing the two-dimensional code 50 of the decryption key information, the information provider separately provides the information recipient.

  The data restoration process 200 executed by the data restoration device 80 possessed by the information recipient provided with the two-dimensional code 40 of the partially encrypted passing information and the two-dimensional code 50 of the decryption key information is obtained from the information provider. The two-dimensional code 40 of the partially encrypted passed information and the two-dimensional code 50 of the decryption key information, which is also separately obtained from the information provider, are input, read by the data restoration process 200, and the partial encryption is performed. The encrypted protection information 22 portion included in the two-dimensional code 40 of the completed delivery information is decrypted into the original protection information 12 by using the decryption key information 35 obtained from the two-dimensional code 50 of the decryption key information, and the original protection information 12 is decrypted. This is a process for restoring the delivery information 10 of FIG.

  The data restoration process 200 corresponding to the two-dimensional code data decryption method of the present invention is a partially encrypted delivery information reading process for reading the two-dimensional code 40 of the partially encrypted delivery information acquired from the information provider. 210, a decryption key information acquisition process 220 for reading the two-dimensional code 50 of the decryption key information acquired separately from the information provider, a partially encrypted passed information reading process 210 and a decryption key information acquisition process 220 to be read. Based on the result of the above, the encryption protection information 22 part of the partially encrypted delivery information 20 obtained in the partially encrypted delivery information reading process 210 is converted into the decryption key information 35 obtained in the decryption key information acquisition process 220. And the protection information decoding process 230 for recovering the original delivery information 10 by decrypting it.

  That is, in the data restoration process 200, first, the two-dimensional code 40 of the partially encrypted delivery information provided by the information provider is read in the partially encrypted delivery information reading process 210 and before the two-dimensional encoding. The data is converted into data, and the partially encrypted delivery information 20 in the form of the encrypted protection information 22 in which the protection information portion 12 of the original delivery information 10 is encrypted is restored from the two-dimensional code 40.

  Furthermore, the data restoration process 200 reads the two-dimensional code 50 of the decryption key information, which is another input, which is obtained from a separate information provider, in the decryption key information acquisition process 220 and reads the data before the two-dimensional encoding. And the decryption key information 35 for decrypting the encryption protection information 22 portion of the partially encrypted passing information 20 is restored from the two-dimensional code 50.

  Then, the partially-encrypted delivery information 20 restored by the partially-encrypted delivery information reading process 210 and the decryption key information 35 restored by the decryption key information acquisition process 220 are the decryption of the protection information. The encrypted protection information 22 part that is passed to the process 230 and included in the partially encrypted passed information 20 in the decryption process 230 of the protection information is converted into the original protection information 12 by using the decryption key information 35. The original delivery information 10 that was decrypted and provided by the information provider is restored.

  Next, a specific configuration example of the original delivery information 10, the partially encrypted delivery information 20, the encryption key information 30, and the decryption key information 35 will be described.

  As shown in FIG. 3, the original delivery information 10 is configured so that the information constituting the original delivery information 10 can be distinguished from each other, for example, the unprotected information 11 and the protected information 12 are in the XML format <data> </ It is described by enclosing it in XML tags of data>, and the type information indicating the type of the information is described in <data-type> </ data-type>, and in <data-body> </ data-body> Describe the data of the information in.

  For example, in the unprotected information 11, the information "unprotected-data" is described in the <data-type> tag 11a so that the information is unprotected information, and in the <data-body> tag 11b. The data of unprotected information is described in.

  Similarly, in the protection information 12, the information "protected-data" is described in the <data-type> tag 12a and the <data-body> tag 12b is described in the <data-type> tag 12a so that the information is protected information. Describe the protection information data.

  As shown in FIG. 4, the partially-encrypted delivery information 20 describes the partially-encrypted delivery information 20 in the XML format as in the original delivery information 10 of FIG. Information that is "unprotected-data" is described in the <data-type> tag 21a and data of unprotected information is described in the <data-body> tag 21b so that it can be seen that it is unprotected information. The encrypted protection information 22 describes the information "encrypted-data" in the <data-type> tag 22a so that it can be seen that the information is encrypted protection information, and the <data-body> tag 22b describes the encrypted protected data.

  As shown in FIG. 5, the encryption key information 30 is the same as the original delivery information 10 of FIG. 3 and the partially encrypted delivery information 20 of FIG. The information "encrypt-key" is described in the <data-type> tag 30a and the information "encrypt-key" is described in the <data-body> tag 30b so that the encryption key information 30 is the information describing the encryption key. , Describe the actual encryption key.

  As shown in FIG. 6, the decryption key information 35 is the same as the original delivery information 10 of FIG. 3, the partially encrypted delivery information 20 of FIG. 4, and the encryption key information 30 of FIG. 35 is also described in the XML format, and the information "decrypt-key" is described in the <data-type> tag 35a so that the decryption key information 35 is the information describing the decryption key. The actual decryption key is described in the data-body> tag 35b.

  Based on the original delivery information 10 (FIG. 3), the partially encrypted delivery information 20 (FIG. 4), the encryption key information 30 (FIG. 5), and the decryption key information 35 (FIG. 6) thus configured, An example of the protection information encryption process 110, the decryption key information generation process 130, and the protection information decryption process 230 described in FIG. 2 will be described with reference to FIGS. 7, 8 and 9, respectively.

  In the protection information encryption processing 110, as shown in FIG. 7, first, <data> tag information surrounded by <data> </ data> is acquired from the original delivery information 10 (processing 1100). If all the <data> tag information has already been acquired in the process 1100, the protection information encryption process 110 ends.

  If there is unprocessed <data> tag information, get the type information enclosed in <data-type> </ data-type> in the <data> tag, and use the relevant type information to The type of data described in the tag is determined (process 1101).

  If the type information described in the <data-type> tag is not "protected-data", the information described in the relevant <data> tag is not the protected information 12, so <data> ~ The entire <data> tag information between </ data> is directly copied to the partially encrypted transfer information 20 and output, and the process returns to the process 1100 (process 1102). By the processing 1102, the unprotected data 11 and the like are copied from the original delivery information 10 to the partially encrypted delivery information 20 as they are.

  If the type information described in the <data-type> tag is "protected-data", the information described in the <data> tag is the protected information 12, so first output from this The <data> start tag indicating the start of the encrypted protection information 22 to be output is output to the partially encrypted transfer information 20 (process 1103).

  Next, in order to show that the information to be output from now on is the encryption protection information 22, enclose "encrypted-data" which is the type information of the encryption protection information 22 in <data-type> </ data-type>. It is output to the partially encrypted delivery information 20 (process 1104).

  After outputting the <data-type> tag, next, using the encryption key in the <data-body> tag 30b of the encryption key information 30, <data-body> <of the protection information 12 in the transfer information 10 is used. The protected data enclosed in / data-body> 12b is encrypted (process 1105).

  The encrypted protected data obtained in the process 1105 is surrounded by <data-body> </ data-body> tags, and the encrypted protected data part 22b of the encrypted protected information 22 is used as the partially encrypted passed information. 20 (process 1106).

  Finally, the </ data> end tag indicating the end of the encrypted protection information 22 is output to the partially encrypted passing information 20 and the process 1100 is returned to, where the original passing information 10 has an unprocessed <data> tag. The conversion from the original delivery information 10 to the partially encrypted delivery information 20 is repeated until there is no information (process 1107).

  By the protection information encryption process 110, the protection information 12 part of the original delivery information 10 is encrypted using the encryption key described in the encryption key information 30, and the protection information 12 part of the original delivery information 10 is encrypted. The partially encrypted passing information 20 is generated by replacing the encrypted protected information 22 with the encrypted protected information 22.

  As shown in FIG. 8, the decryption key information generation processing 130 corresponds to the encryption key information 30 used for encryption of the protection information 12 part of the original delivery information 10, and the encrypted key delivery information 20 in FIG. This is for generating the decryption key information 35 for decrypting the included encryption protection information 22.

  As shown in FIG. 8, this decryption key information generation processing 130 receives the encryption key information 30 used to encrypt the protection information 12 portion of the original delivery information 10, and first, from the encryption key information 30 , <Data> </ data>, and acquires <data> tag information (process 1300). In this process 1300, if all the <data> tag information has already been acquired, the decryption key information generation process 130 ends.

  Further, in this processing 1300, if there is unprocessed <data> tag information, the type information enclosed in <data-type> </ data-type> in the <data> tag is acquired, and the type Based on the information, the type of the data described in the <data> tag is determined (process 1301).

  If the type information described in this <data-type> tag is not "encrypt-key", the information described in the <data> tag is not the encryption key information 30, The entire <data> tag information between data> and </ data> is directly copied and output to the decryption key information 35, and the process returns to the process 1300 (process 1302). That is, when the encryption key information 30 includes information of a type other than the encryption key information 30, the information is directly copied to the decryption key information 35.

  If the type information described in the <data-type> tag is "encrypt-key", the information described in the <data> tag is the encryption key information 30, so first, A <data> start tag indicating the start of the decryption key information 35 to be output is output to the decryption key information 35 (process 1303).

  Next, in order to show that the information to be output from now on is the decryption key information 35, enclose "decrypt-key" which is the type information of the decryption key information 35 in <data-type> </ data-type>. It is output to the decryption key information 35 (process 1304).

  After outputting the <data-type> tag to the decryption key information 35, next, the encryption key in the <data-body> tag 30b of the encryption key information 30 is changed to the decryption key corresponding to the encryption key. It replaces and outputs in the <data-body> </ data-body> 35b of the decryption key information 35 (process 1305). In the process 1305, when the encryption method used is an encryption method in which an encryption key and a decryption key are paired, such as a public encryption method, the encryption key is replaced with the decryption key. The process is to replace with the decryption key of the pair that corresponds to the encryption key.However, if the encryption key and the decryption key have the same encryption method, replacement does not actually occur and the encryption key Is a process for copying as is as a decryption key.

  Finally, the </ data> end tag indicating the end of the decryption key information 35 is output to the decryption key information 35, the process returns to step 1300, and the unprocessed <data> tag information is added to the encryption key information 30. The conversion from the encryption key information 30 to the decryption key information 35 is repeated until there is no more (step 1306).

  By the decryption key information generation process 130, the protection information 12 included in the partially encrypted delivery information 20 is encrypted from the encryption key information 30 used to encrypt the protection information 12 of the original delivery information 10. Decryption key information 35 for decrypting the encrypted encryption protection information 22 is generated.

  As shown in FIG. 9, the protection information decryption process 230 first acquires <data> tag information enclosed by <data> </ data> from the partially encrypted transfer information 20 (process 2300). In the process 2300, if all the <data> tag information has already been acquired, the protection information decoding process ends.

  If there is unprocessed <data> tag information, the type information enclosed in <data-type> </ data-type> in the <data> tag is acquired and the The content of the data described in the data> tag is determined (process 2301).

When the type information described in this <data-type> tag is not "encrypted-data", the information described in the relevant <data> tag is not the encryption protection information 22, so The entire <data> tag information is copied as it is to the original delivery information 10, which is an intermediate state during the restoration process, and output, and the process returns to the process 2300 (process 2302). That is, by the process 2302, the unprotected data 21 and the like are copied as they are from the partially encrypted delivery information 20 to the original delivery information 10 in the intermediate state during the restoration process.
If the type information described in the <data-type> tag is "encrypted-data", the information described in the <data> tag is the encryption protection information 22. The <data> start tag indicating the start of the protection information 12 to be output from now on is output to the original delivery information 10 in the intermediate state during the restoration process (process 2303).

  Next, in order to show that the information to be output from now on is the protection information 12, the "protected-data", which is the type information of the protection information 12, is enclosed in <data-type> </ data-type> and is being restored. It is output to the original delivery information 10 in the intermediate state (process 2304).

  After outputting the <data-type> tag to the original passing information 10 which is an intermediate state during the restoration process, next, using the decryption key in the <data-body> tag 35b of the decryption key information 35, the partial The encrypted protected data enclosed in <data-body> </ data-body> 22b of the encrypted protected information 22 in the encrypted passed information 20 is decrypted to restore the original protected data (process 2305). .

  The restored protected data obtained in the process 2305 is surrounded by <data-body> </ data-body> tags, and the protected data part 12b of the protected information 12 is passed as the original transfer in the intermediate state during the restoring process. It is output to the information 10 (process 2306).

  Finally, the </ data> end tag indicating the end of the generation process of the protection information 12 is output to the restored delivery information 10, the process 2300 is returned to, and the unprocessed <data> in the partially encrypted delivery information 20 is output. The restoration from the partially encrypted delivery information 20 to the original delivery information 10 is repeated until the tag information is lost (process 2307).

  By the protection information decrypting process 230, the encrypted protection information 22 portion of the partially encrypted delivery information 20 is decrypted by using the decryption key described in the decryption key information 35, and the partially encrypted delivery information is obtained. The original delivery information 10 can be restored from 20.

  The data generation processing 100 and the data restoration processing 200, which are the data processing procedure of the first embodiment, are executed by the processor 74 of the data generation apparatus 70 and the processor 84 of the data restoration apparatus 80, and the data restoration processing program 71 and the data restoration. By recording the processing program 81 on a computer-readable CD, DVD, or the like, the processing program 81 can be used by the plurality of data generation devices 70 and the data restoration device 80.

  According to the two-dimensional code data encryption method and data decryption method of the present invention described in the first embodiment, the partially encrypted delivery information that is passed between the information provider and the information recipient. In the two-dimensional code 40, the protection information 12 portion of the original delivery information 10 is included in the form of encrypted protection information 22 encrypted by the protection information encryption process 110, and thus is partially encrypted. A legitimate information recipient who obtains both the two-dimensional code 40 of the passing information and the two-dimensional code 50 of the decryption key information containing the decryption key information of the encryption protection information 22 part from the information provider Although the encrypted protection information 22 portion can be restored to the original protection information 12 by the information recipient's data restoration processing 200, by any chance, the two-dimensional code 40 of the partially encrypted passing information becomes normal. Even if the two-dimensional code 40 is read by anyone other than the information receiver, the two-dimensional code of the decryption key information including the decryption key information 35 of the encryption protection information 22 portion of the partially encrypted pass-through information 20. If 50 is not available, the unauthorized information recipient cannot decrypt the encrypted protected information 22 portion and cannot restore the original content of the protected information 12.

  Therefore, the two-dimensional code 50 of the decryption key information can be transmitted only to the legitimate information recipient without being seen by others in confidentiality, etc., and the original protected information 12 part is encrypted. The two-dimensional code 40 of the partially encrypted delivery information, which is the encrypted protection information 22 thus obtained, can also be delivered to the information recipient in a form that can be seen by others.

  Moreover, once the two-dimensional code 50 of the decryption key information can be passed to the legitimate information recipient without the eyes of others, then the other delivery information 10 also uses the same encryption key. If the two-dimensional code 40 of the partially encrypted pass-through information corresponding to the pass-through information 10 is generated by encrypting the protection information 12 part, the two-dimensional code 40 of the partially-encrypted pass-through information can also be seen by another person. It is possible to hand over to the information receiver by touching.

  Further, since the decryption key designation for decrypting the encryption protection information is performed by using the two-dimensional code 50 of the decryption key information, the information receiver can directly enter the decryption key by key input. Even for elderly people or visually impaired persons who do not need to operate and have complicated operations, the two-dimensional code 50 of the decryption key information can be read by the same operation as the reading of the two-dimensional code 40 of the partially encrypted transfer information. The decryption key for decrypting the encryption protection information can be easily designated by specifying the decryption key in the data restoration device 80.

  Further, by managing the two-dimensional code 50 of the decryption key information in the data restoration device 80, it is possible to decrypt the encryption protection information 22 by forgetting many decryption keys without being able to remember them. You can prevent it from disappearing.

  Further, according to the first embodiment shown in FIGS. 3 to 9, the non-protection information, the protection information, the encryption key information, and the decryption key information can all be described in the same format, and can be two-dimensionally encoded. By combining the protection information, the protection information, the encryption key information, and the decryption key information in an arbitrary pattern, supplementary non-protection information can be put together in the two-dimensional code 50 of the decryption key information, or partially encrypted. The decryption key information 35 for decrypting the encryption protection information 22 of another partially encrypted two-dimensional code 40 of the delivery information is put in the two-dimensional code 40 of the delivery information, and is passed to the information receiver. It is also possible.

  Further, according to the first embodiment shown in FIGS. 3 to 9, since the decryption key information 35 is provided to the information receiver in the form of the two-dimensional code 50, not only the decryption key itself cannot be visually recognized, On the contrary, by inserting the supplementary information for managing the decryption key information 35, such as what decryption key it is, into the two-dimensional code 50 together, the data decompression device 80 can perform the decryption. It is also possible to display the supplementary information of the deciphering key information 35, or to add the function of automatically managing the deciphering key information 35 to the data decompression device 80 by using the supplementary information. It is easy to manage the acquired decryption key information 35.

  In addition, for example, in a service such as a series subscription, the encrypted protection information part of the two-dimensional code 40 of the partially encrypted pass-through information of the next issue is decrypted to the two-dimensional code 40 of the partially encrypted pass-through information of the next issue. By receiving the decryption key information 35 for encryption and providing it to the information recipient, the information is received by subscribing continuously and holding the two-dimensional code 40 of the partially encrypted delivery information of the previous issue. Only the person in question can restore the encrypted protection information 22 portion of the next issue to the original protection information 12 and view it.

  In the first embodiment shown in FIGS. 3 to 9, as an example, each information is described by using the XML notation as the data description language, but the present invention is not limited to this, and any notation can be used to distinguish each information. However, any data description language may be used.

  Further, the two-dimensional code 40 of partially encrypted passed information and the two-dimensional code 50 of decryption key information applied to the data encryption method and data decryption method of the two-dimensional code of the present invention described in the first embodiment. Specifically, the partial encryption is generated by replacing the protection information 12 part of the original delivery information 10 with the encryption protection information 22 in which the protection information 12 is encrypted using a predetermined encryption key. The two-dimensional code 40 including the encrypted delivery information 20 is converted into a readable form by the data restoration device 200, and the partially encrypted transit information 20 included in the first data reading medium is decrypted. In order to do so, the second data reading medium in which the two-dimensional code 50 of the decryption key corresponding to the encryption key of the partially encrypted passing information 20 is converted so that it can be read by the data restoration device 200 Data transfer medium comprising a are used.

  The first data reading medium and the second data reading medium are a print medium for visually displaying the two-dimensional code data, an image display medium for visually displaying the two-dimensional code data, and a two-dimensional code data for the two-dimensional code data. Any one of a storage medium for storing and a communication medium capable of mutually communicating two-dimensional code data between the data generation device 100 and the data restoration device 200 is selected.

  When the first data reading medium is a print medium, as shown in FIG. 2, in the data generation process 100 executed by the data generation device 70, the two-dimensional code generation process 120 of the partially encrypted delivery information is imaged. The two-dimensional code data is output to the printer driver 5 (see FIG. 10) for converting it into a readable data reading medium.

  When the first data reading medium is a printing medium, as shown in FIG. 10, the data generating device 70 outputs the two-dimensional code 40 of the partially encrypted delivery information generated in the data generating process 100 of the information provider. Through the printer driver 5 included therein, the printer prints once as a print image 40p of the two-dimensional code 40 on the print medium 1 such as paper or a signboard, and the print image 40p of the two-dimensional code 40 printed on the print medium 1 is printed. The information recipient's data is read by the information recipient's camera 6 and restored to the electronic two-dimensional code 40 by the data restoration device 80, using the decryption key information two-dimensional code 50 separately obtained from the information provider. In the data restoration process 200 executed by the restoration device 80, the encrypted protection information 22 encrypted in the two-dimensional code 40 is replaced with the original protection information. Decodes the 2, to restore the original delivery information 10.

  In this case, the two-dimensional code 50 of the decryption key information is separately provided to the information recipient, and the same encryption key information 30 is used even when the plurality of delivery information 10 is passed from the information provider to the information recipient. The protection information 12 part of each original delivery information 10 is encrypted by using the two-dimensional code 40 of each partially encrypted delivery information, and each two-dimensional code 40 is printed on each print medium 1. Information to the recipient.

  Therefore, in order to transfer the two-dimensional code 40 of the partially encrypted delivery information of the present invention between the information provider and the information recipient via the print medium 1, it is necessary to send the two-dimensional code 40 via the mail, handout, signboard, or the like. You can easily exchange information in an offline environment. Here, the offline environment means an environment where communication cannot be performed, such as mountains, the sea, and underground, and a situation where communication cannot be used due to a disaster or the like.

  Moreover, since the same encryption key can be used to encrypt and deliver a plurality of pieces of delivery information 10, only the two-dimensional code 50 of the decryption key information can be received in advance without being seen by others at confidential reception. By handing it to the person, the print medium 1 on which the two-dimensional code 40 of the partially encrypted delivery information corresponding to each piece of the delivery information 10 is printed can be handed to the information recipient in a form that can be seen by others. .

  Further, if the two-dimensional code 40 of the partially encrypted delivery information is printed on a signboard or the like, the information can be transmitted to an unspecified number of people, and the two-dimensional code 50 of the decryption key information can be given to a specific information recipient in advance. It is possible to convey the additional information only to the specific information recipient by using the encryption protection information 22 of the partially encrypted passing information 20 by providing the information.

  When the first data reading medium is an image display medium, it is the same as the print medium, and as shown in FIG. 2, in the data generation process 100 executed by the data generation device 70 of the information provider, the partially encrypted delivery information is transferred. The two-dimensional code generation processing 120 outputs to the image display driver 7 (see FIG. 11) for converting the imaged two-dimensional code data into a readable data reading medium.

  When the first data reading medium is an image display medium, as shown in FIG. 11, the two-dimensional code 40 of the partially encrypted delivery information generated in the data generating process 100 of the information provider is converted into the data generating process 100. Via the image display driver 7 included in the display device, the image is temporarily displayed as a display image 40d of the two-dimensional code 40 on the image display medium 2 such as a display device, and the display image of the two-dimensional code 40 displayed on the image display medium 2 is displayed. 40d is read by the camera 6 of the information receiver, restored to the electronic two-dimensional code 40 by the data restoration device 80, and the two-dimensional code 50 of the decryption key information obtained separately from the information provider is used to receive the information. In the data restoration process 200 executed by the person's data restoration device 80, the encrypted protection information 22 included in the two-dimensional code 40 is replaced with the original protection information 1. Decoded in, to restore the original delivery information 10.

  In this case, the two-dimensional code 50 of the decryption key information is separately provided to the information receiver, and the plurality of delivery information 10 is sent from the information provider, as in the case where the first data reading medium described above is the print medium. Even when the information is passed to the information receiver, the same encryption key information 30 is used to encrypt the protection information 12 part of the original delivery information 10 to generate the two-dimensional code 40 of each partially encrypted delivery information. Then, each two-dimensional code 40 can be displayed on the display medium 2 and given to the information receiver.

  Further, in order to transfer the two-dimensional code 40 of the partially encrypted transfer information of the present invention between the information provider and the information receiver via the image display medium 2, the information via the print medium 1 is transmitted. Similar to the delivery of information, it can be provided in an offline environment, provided with a plurality of information in an environment that can be seen by others, transmitted to an unspecified number of people, and displayed on the image display medium 2. The dimension code 40 can be dynamically changed under various conditions such as time and information recipient information, and the information according to the information recipient can be delivered.

  When the first data reading medium is a storage medium, it is the same as a printing medium. As shown in FIG. 2, in the data generation processing 100 executed by the data generating device 70 of the information provider, the partially encrypted transfer information 2 The two-dimensional code generation processing 120 outputs the two-dimensional code data imaged in (2) to the storage medium driver 8 (see FIG. 12) for converting it into a readable data reading medium.

  When the first data reading medium is a storage medium, as shown in FIG. 12, the data generating process 100 generates the two-dimensional code 40 of the partially encrypted delivery information generated by the data generating process 100 of the information provider. The electronic image data 40b of the two-dimensional code 40 is once stored as it is in the storage medium 3 such as a USB memory, an SD card, a CD or a DVD via the storage medium driver 8 included therein, and then stored in the storage medium 3. The electronic image data 40b of the two-dimensional code 40 is taken out as the electronic two-dimensional code 40 on the information recipient side via the storage medium driver 8 included in the data restoration device 80 of the information recipient, and is separately provided by the information provider. Using the two-dimensional code 50 of the decryption key information obtained from the data read processing 200 executed by the data recovery device 80 of the information recipient, The ciphering information 22 included in the two-dimensional code 40 is decoded into the original protection information 12, to restore the original delivery information 10.

  In this case, the two-dimensional code 50 of the decryption key information is separately provided to the information receiver, and the plurality of delivery information 10 is sent from the information provider, as in the case where the first data reading medium described above is the print medium. Even when the information is passed to the information receiver, the same encryption key information 30 is used to encrypt the protection information 12 part of the original delivery information 10 to generate the two-dimensional code 40 of each partially encrypted delivery information. Then, each two-dimensional code 40 can be stored in the storage medium 3 and given to the information receiver.

  Further, in order to pass the two-dimensional code 40 of the partially encrypted delivery information of the present invention between the information provider and the information recipient via the storage medium 3, the information transmitted via the print medium 1 is stored. Similar to passing, not only can it be provided in an offline environment, provided with multiple pieces of information in an environment that can be seen by others, communicated to an unspecified large number, etc. It is possible to put the two-dimensional code 40 of the encrypted delivery information in the storage medium 3 and pass it to the information recipient, and as additional information of the programs and data contained therein, special additional information for the particular information recipient. Can be passed.

  When the first data reading medium is a communication medium, it is the same as the print medium. As shown in FIG. 2, in the data generation process 100 executed by the data generation device 70 of the information provider, the partially encrypted transfer information 2 The dimensional code generation processing 120 outputs the imaged two-dimensional code data to the communication driver 8 (see FIG. 13) for converting it into a readable data reading medium.

  When the first data reading medium is a communication medium, as shown in FIG. 13, the two-dimensional code 40 of the partially encrypted delivery information generated in the data generating process 100 executed by the data generating device 70 of the information provider. Is transmitted from the information provider via the communication driver 9 of the data generation device 70 as it is as the electronic image data 40b of the two-dimensional code 40 via the communication medium 4 such as wired / wireless to provide the information. The electronic image data 40b transmitted from a person is received as the electronic two-dimensional code 40 via the communication driver 9 of the data restoration device 80 of the information recipient, and the decryption is separately obtained from the information provider. It is included in the two-dimensional code 40 in the data restoration processing 200 executed by the data restoration device 80 of the information recipient using the two-dimensional code 50 of the key information. The issue of protection information 22 decoded into the original protection information 12, to restore the original delivery information 10.

  In this case, the two-dimensional code 50 of the decryption key information is separately provided to the information receiver, and the plurality of delivery information 10 is sent from the information provider, as in the case where the first data reading medium described above is the print medium. Even when the information is passed to the information receiver, the same encryption key information 30 is used to encrypt the protection information 12 part of the original delivery information 10 to generate the two-dimensional code 40 of each partially encrypted delivery information. Then, each two-dimensional code 40 can be passed to the information receiver via the communication medium 4.

  Further, in order to pass the two-dimensional code 40 of the partially encrypted delivery information of the present invention between the information provider and the information recipient via the communication medium 4, the information transmitted via the print medium 1 is transferred. As with delivery, not only can multiple delivery information be provided in an environment where other people can see it, and it can also be communicated to an unspecified number of people, but also immediately when requested by an information recipient or at a designated time. The information protected by the two-dimensional code 40 of the encrypted delivery information can be delivered to the information recipient.

  In the embodiment based on FIGS. 10 to 13 described above, only the two-dimensional code 40 of the partially encrypted delivery information, which is the first data reading medium, is shown as a concrete delivery medium example. Regarding the delivery medium of the two-dimensional code 50 of the decryption key information, which is a data reading medium, no specific medium was specified, but the two-dimensional code 50 of the decryption key information is also included in the delivery information of the partially encrypted delivery information. In the same manner as the two-dimensional code 40, it is possible to communicate between the information provider and the information receiver via various media.

  As described above, in the first embodiment described above, when the protection information to be displayed is different for each information recipient, the original delivery information 10 corresponding to each information recipient is prepared, and the respective delivery information 10 corresponding to each original recipient is prepared. The two-dimensional code 40 of the partially encrypted delivery information and the two-dimensional code 50 of the decryption key information are generated, and the two-dimensional code 40 of the partially encrypted delivery information and the two of the decryption key information corresponding to the information recipient. The dimension code 50 and the two-dimensional code 40 of the partially encrypted delivery information 20 generated from the same delivery information 10 need not be passed from the information provider to each information recipient. The information may be commonly passed to the information recipients, and the information that is partially different for each information recipient may be allowed to be passed.

  An embodiment of a data encryption method and a data decryption method of a two-dimensional code of the present invention which can exchange such data will be described with reference to FIGS. 14 to 24. Note that, similar to FIG. 2, FIG. 14 shows an embodiment of the two-dimensional code data encryption method of the present invention in the data generation processing 100 of the information provider, and the present invention in the data restoration processing 200 of the information recipient. An embodiment of the data decoding method of the two-dimensional code of is shown.

In the second embodiment, the original delivery information 10 to be delivered to the information receiver includes two or more pieces of protection information 12.
The data generation process 100 executed by the data generation device 70 of the information provider encrypts the protection information 12 part of the original delivery information 10 with the encryption key for each protection information 12 as the information to be passed to the information receiver. Select the two-dimensional code 40 of the partially encrypted pass-through information 20 and the encrypted protection information 22 that allows the decryption according to each information recipient, which is commonly passed to each information recipient, and receives the information. This is a process for generating, for each information recipient, the two-dimensional code 50 of the decryption key information 32 for each information recipient, which collects the decryption key information 35 of the encryption protection information 22 selected for each person. .

  The two-dimensional code 40 of the partially encrypted delivery information 20 generated in the data generation processing 100 is commonly passed to each information recipient, and is decrypted for each information recipient generated in the data generation processing 100. The two-dimensional code 50 of the encrypted key information 32 is separated from the two-dimensional code 40 of the partially encrypted delivery information 20 and the two-dimensional code of the decryption key information 32 for each information recipient corresponding to each information recipient. The code 50 is individually passed to each information receiver.

  The data generation process 100 corresponding to the two-dimensional code data encryption method of the present invention uses two or more pieces of protection information 12 included in the original delivery information 10 with an encryption key for each protection information 12. Protected information-specific encryption processing 111 that generates partially encrypted passed information 20 that is included in the form of being replaced with the encrypted encrypted protected information 22, and partially encrypted passed information that is generated by the protected information-based encryption processing 111 The information 20 is converted into a two-dimensional code and the two-dimensional code 40 of the partially encrypted delivery information is generated, and the two-dimensional code generation processing 120 of the partially encrypted delivery information and the portion generated by the protection information-based encryption processing 111 Of the two or more pieces of protection information 12 of the encrypted delivery information 20, this decryption is performed in order to decrypt the encrypted protection information 22 to be shown only to a specific information recipient. The encryption protection information 22 for storing includes the encryption key information 30 having the encryption key identification information for identifying the encryption key, and the decryption corresponding to the encryption key identification information of the encryption key information 30. The decryption key information selection / generation process 131 in which the decryption key is included in a pair with the encryption key identification information, and the decryption key information 32 for each information recipient generated in the decryption key information selection / generation process 131 And a two-dimensional code generation processing 140 of the decryption key information for converting the two-dimensional code into the two-dimensional code and generating the two-dimensional code 50 of the decryption key information for each information recipient.

  The protection information-based encryption processing 111 is for encryption at the time of enumerating the original delivery information 10 and the encryption key information 30 indicating the encryption key of each protection information 12 in the original delivery information 10 in the order of the protection information 12. The encryption key information 31 (hereinafter, referred to as “encryption key information 31 for encryption”) is used as an input, and each protection information 12 part of the original transfer information 10 is encrypted with a corresponding encryption key, and encrypted. The partially encrypted pass-through information 20 is generated by replacing each protected information 12 with the encrypted protected information 22 obtained as a result of the encryption.

  The partially encrypted passing information 20 generated by the protection information-based encryption processing 111 is further passed to the two-dimensional code generating processing 120 of the partially encrypted passing information 20, and the two-dimensional code generating processing 120 A two-dimensional code 40 of the partially encrypted transfer information, which is one of the outputs of the data generation processing 100, is generated by converting the data into a dimension code.

  On the other hand, each encryption key information 30 used when encrypting each protection information 12 part of the original delivery information 10 is also passed to the decryption key information selection generation process 131, and the decryption key information selection generation process At 131, it is determined whether the encryption key information 31 for encryption and whether or not the decryption of each encryption protection information 22 of the partially encrypted passing information 20 corresponding to each information recipient is permitted. Using the information recipient selection information 33 shown, the encryption protection information 22 that allows decryption is selected according to each information recipient, and the decryption key information of the encryption protection information 22 selected for each information recipient 35 is generated from the corresponding encryption key information 30 included in the encryption key information 31 for encryption, and the decryption key information 35 selected for each information recipient is collected for each information recipient. Decryption key information for information recipient To generate two.

  The decryption key information 32 for each information recipient generated in the decryption key information selection generation process 131 is further passed to the decryption key information two-dimensional code generation process 140, and the two-dimensional decryption key information In the code generation process 140, the decryption key information 35 for each information recipient is converted into a two-dimensional code, and the data generation process 100 receives the other output, the two-dimensional code 50 of the decryption key information. Generate for each person.

  The data restoration process 200 executed by the data restoration device 80 of each information recipient provided with the two-dimensional code 40 of the partially encrypted passing information and the two-dimensional code 50 of the decryption key information 35 for each information recipient Is the encrypted protection information 22 in which each protection information 12 part of the original delivery information 10 from the two-dimensional code 40 of the partially encrypted delivery information 20 acquired from the information provider is encrypted with an individual encryption key. The partially encrypted encrypted delivery information 20 is read, and the information obtained by reading the two-dimensional code 50 of the decryption key information 32 for the information recipient individually provided to the information recipient. Using the decryption key information 32 for the recipient, the decryption key information 32 for the information recipient is used for each piece of the encryption protection information 22 of the partially encrypted passing information 20. Decrypts only the encrypted protection information 22 decoded key information 35 is provided for issue, a process for restoring the delivery information 60 of the information recipient's.

  In the data restoration processing 200 corresponding to the two-dimensional code data restoration method of the present invention, when the two-dimensional code 40 of the partially encrypted delivery information provided by the information provider is read, the partially encrypted delivery information is obtained. When the partially encrypted passed information reading process 210 for restoring to 20 and the two-dimensional code 50 of the decryption key information for the information recipient separately provided by the information provider are read, the decryption key information 35 is acquired. Each piece of encryption protection information 22 included in the decryption key information acquisition processing 220 and the partially encrypted delivery information 20 decrypted by the partially encrypted delivery information reading processing 210 has the encryption included in the encryption protection information 22. The encryption key identification information included in the decryption key information 30 is the encryption key identification included in the decryption key information 35 acquired in the decryption key information acquisition process 220. If it matches the information, the corresponding encrypted protection information 22 is decrypted using the decryption key paired with the encryption key identification information, and the selective decryption of the protection information that restores the delivery information 60 for the information recipient. The conversion processing 231 is included.

  That is, in the data restoration process 200, first, the two-dimensional code 40 of the partially encrypted delivery information provided by the information provider is read in the partially encrypted delivery information reading process 210 and before the two-dimensional encoding. The partially encrypted delivery information 20 is converted into data, and each protection information portion 12 of the original delivery information 10 is in the form of encrypted protection information 22 encrypted with the encryption key for each protection information. It is restored from the two-dimensional code 40.

  Further, the data restoration process 200 reads the two-dimensional code 50 of the decryption key information for the information recipient, which is another input data, which is separately obtained from the information provider, in the decryption key information acquisition process 220, Of the encryption protection information 22 included in the partially encrypted passing information 20, the information selectively including only the decryption key information 35 of the encryption protection information 22 that the information recipient is allowed to decrypt. The decryption key information 32 for the recipient is restored from the two-dimensional code 50.

  The partially encrypted delivery information 20 restored in the partially encrypted delivery information reading process 210 and the decryption key information 32 for the information recipient restored in the decryption key information acquisition process 220 are the protection information. Is passed to the selective decryption process 231 of the protection information, and in the selective decryption process 231 of the protection information, the encrypted protection information 22 part included in the partially encrypted passing information 20 is decrypted by the decryption key for the information recipient. The decryption key information 35 included in the information 32 is used to selectively decrypt the encryption protection information 22 that the information recipient is permitted to decrypt, and restore the delivery information 60 for the information recipient.

  Next, a specific configuration example of the original delivery information 10, the partially encrypted delivery information 20, the encryption key information 31 for encryption, and the decryption key information 32 for each information recipient will be described.

  As shown in FIG. 15, the original delivery information 10 is similar to the original delivery information 10 of FIG. 3 of the first embodiment, so that the information constituting the original delivery information 10 can be distinguished from each other. 11 and the protection information 12 are described in XML format by enclosing them with XML tags of <data> </ data>, and further, type information indicating the type of the information in <data-type> </ data-type>. Describe and describe the data of the information in <data-body> </ data-body>. The difference between the configuration example of the original delivery information 10 in FIG. 3 and this configuration example is that in this configuration example, not only one protection information 12 but also a plurality of protection information 12 may be described. .

  As shown in FIG. 16, the partially-encrypted delivery information 20 describes the partially-encrypted delivery information 20 in the XML format as in the original delivery information 10 of FIG. 1 has a configuration similar to the configuration example of the partially encrypted delivery information 20 of FIG. 4, and the difference between the configuration example of the partially encrypted delivery information 20 of FIG. In the configuration example, similar to the original delivery information 10 in FIG. 15, not only one piece of encrypted protection information 22 but also a plurality of pieces of protection information 12 in FIG. 14 can be described, and The encryption key identification information for uniquely identifying the encryption key information 30 used when encrypting the encryption protection information 22 is added to the encryption protection information 22 as <key-id> </ key-id>. It is only that a <key-id> tag 22c described by enclosing with is added.

  As shown in FIG. 17, the encryption key information 31 for encryption is a configuration example in which an encryption key used when encrypting each protection information 12 is described. As the encryption key information 31 for encryption, the encryption key information 30 describing the encryption key used when encrypting each protection information 12 of the original transfer information 10 in FIG. 14 is the protection information 12 concerned. Each encryption key information 30 is arranged in order, and the encryption key information 30 has encryption key identification information <key-id> for uniquely identifying each encryption key information 30. The configuration is the same as that of the encryption key information 30 of FIG. 5 of the first embodiment, except that the <key-id> tag 30c surrounded by </ key-id> is added in this configuration example.

  As shown in FIG. 18, the decryption key information 32 for each information recipient includes the decryption key information 35 that describes the decryption key corresponding to the encryption protection information 22 permitted to be decrypted for each information recipient. It has a lined up shape.

  In this configuration example, similarly to the configuration examples of the original delivery information 10, the partially encrypted delivery information 20 and the encryption key information 31 for encryption described above, each decryption key information 35 also uses the XML format, Describe each decryption key information 35 by enclosing it in <data> </ data>, so that the decryption key information 35 is the information that describes the decryption key, the <data-type> tag The information "decrypt-key" is described in 35a, and the corresponding encryption key information 30 is identified in the <key-id> tag 35c so that the corresponding encryption key information 30 can be known. The encryption key identification information of the encryption key information 30 is described, and the actual decryption key is described in the <data-body> tag 35b.

  Note that the difference between the configuration example of the decryption key information 35 of FIG. 6 of the first embodiment and this configuration example is that in this configuration example, when the encryption protection information 22 is encrypted, the encryption protection information 22 is encrypted. A <key-id> tag 35c in which the encryption key identification information for uniquely identifying the used encryption key information 30 is surrounded by <key-id> </ key-id> and described is added. Only.

  Next, as a result of the decryption by the selective decryption processing 231 (FIG. 14) of the protection information executed by the data restoration device 80 possessed by the information recipient, one of the delivery information 60 for each information recipient obtained by the information recipient. As shown in FIG. 19, a configuration example is as follows: unprotected information 21 obtained by directly copying unprotected information 21 out of partially encrypted passing information 20 provided by an information provider by protected information selective decryption processing 231; As for the encrypted protection information 22 part, since the protection information 12 obtained by decrypting only the encrypted protection information 22 that the information recipient is allowed to decrypt is output, the delivery information 60 for each information recipient is: The protected information 12 part is the same as the configuration example of the original delivery information 10 of the information provider of FIG. 15 except that only the protected information 12 that the information recipient is permitted to decrypt is output. That is, it is described in XML format.

  Information used as an input when selecting the decryption key information 35 to be passed to each information recipient in the decryption key information selection generation processing 131 (FIG. 14) executed by the data restoration device 80 of the information recipient. As a configuration example of the recipient selection information 33, a table as shown in FIG. 20 is used. This table uniquely identifies the information recipient information in the row direction and the encryption key information 30 used when generating the respective encryption protection information 22 included in the partially encrypted delivery information 20 in the column direction. Each of the information recipients uses each of the encrypted key identification information as a key, and decrypts each of the encrypted protection information 22 encrypted with the encryption key corresponding to the encryption key identification information into the original protection information 12. 5 is a table in which selection information entries 331 for each information recipient indicating whether or not to allow the above are arranged for the number of information recipients.

  The original delivery information 10 (FIG. 15) thus configured, the partially encrypted delivery information 20 (FIG. 16), the encryption key information 31 for encryption (FIG. 17), and the decryption for each information recipient Based on the encryption key information 32 (FIG. 18), the information recipient selection information 33 (FIG. 20), and the delivery information 60 (FIG. 19) for each information recipient, the protection information-specific encryption processing 111 described in FIG. An example of the decryption key information selection / generation process 131 and the protection information selection / decryption process 231 will be described with reference to FIGS. 21, 22, 23, and 24, respectively.

  As shown in FIG. 21, the protection information-based encryption processing 111 first acquires <data> tag information surrounded by <data> </ data> from the original delivery information 10 (processing 1110). In process 1110, if all the <data> tag information has already been acquired, the protection information-based encryption process 111 ends.

  If there is unprocessed <data> tag information, get the type information enclosed in <data-type> </ data-type> in the <data> tag, and use the relevant type information to The type of data described in the tag is determined (process 1111).

  If the type information described in the <data-type> tag is not "protected-data", the information described in the <data> tag is not the protected information 12 and is acquired in process 1110. The entire <data> tag information from <data> to </ data> is directly copied to the partially encrypted transfer information 20 and output, and the process returns to the process 1110 (process 1112). By the processing 1112, the unprotected data 11 and the like are copied from the original delivery information 10 to the partially encrypted delivery information 20 as they are.

  If the type information described in the <data-type> tag is "protected-data", the information described in the <data> tag is the protected information 12, so first output from this The <data> start tag indicating the start of the encrypted protection information 22 is output to the partially encrypted transfer information 20 (process 1113).

  Next, in order to show that the information to be output from now on is the encryption protection information 22, enclose "encrypted-data" which is the type information of the encryption protection information 22 in <data-type> </ data-type>. The information is output to the partially encrypted delivery information 20 (process 1114).

  After outputting the <data-type> tag, next, all the encryption key information 30 enclosed by <data> </ data> is acquired from the encryption key information 31 for encryption (process 1115).

  The encryption key identification information 30c between <key-id> to </ key-id> described in the obtained encryption key information 30 is used as the encryption key identification information 22c as it is, and the partially encrypted passing information 20 is obtained. (Processing 1116).

  Enclosed in the <data-body> </ data-body> 12b of the protection information 12 in the original transfer information 10 by using the encryption key in the <data-body> tag 30b of the acquired encryption key information 30. The protected data thus generated is encrypted (process 1117).

  The encrypted protected data obtained in step 1117 is surrounded by <data-body> </ data-body> tags, and the encrypted protected data part 22b of the encrypted protected information 22 is used as the partially encrypted passed information. 20 (process 1118).

  Finally, the </ data> end tag indicating the end of the encrypted protection information 22 is output to the partially encrypted passing information 20 and the process 1110 is returned to, where the original passing information 10 has an unprocessed <data> tag. The conversion from the original delivery information 10 to the partially encrypted delivery information 20 is repeated until there is no information (process 1119).

  By the protection information-based encryption processing 111, the protection information 12 part of the original delivery information 10 is encrypted using the encryption key described in the encryption key information 30 corresponding to each protection information, and the original delivery information is transferred. Partially encrypted passing information 20 is generated by replacing the protected information 12 part of the information 10 with the encrypted protected information 22 encrypted with the encryption key for each protected information.

  As shown in FIG. 22, the decryption key information selection / generation processing 131 first acquires an unprocessed selection information entry 331 (FIG. 20) for the information recipient from the information recipient selection information 33 (processing 132). In the process 132, if all the selection information entries 331 have already been processed, the decryption key information selection generation process 131 ends.

  If there is an unprocessed selection information entry 331, the selection information entry 331 information is used to generate the decryption key information 32 for the information recipient corresponding to the information recipient of the selection information entry 331 (processing. 133). In the process 133, the process returns to the process 132 until there are no unprocessed selection information entries 331, and the generation of the decryption key information 32 for each information recipient is repeated.

  Next, the decryption key information generation process 133 (FIG. 23) for generating the decryption key information 32 for each information recipient will be described. The decryption key information generation processing 133 is the processing 133 of the decryption key information selection generation processing 131 shown in FIG.

  As shown in FIG. 23, the decryption key information generation process 133 first acquires unprocessed <data> tag information enclosed by <data> </ data> from the encryption key information 31 for encryption. (Process 1330). In the process 1330, if all the <data> tag information has already been acquired, the decryption key information generation process 133 ends.

  If there is unprocessed <data> tag information, get the type information enclosed in <data-type> </ data-type> in the <data> tag, and use the relevant type information to The type of data described in the tag is determined (process 1331).

  If the type information described in this <data-type> tag is not "encrypt-key", the information described in the relevant <data> tag is not the encryption key information 30, so processing The entire <data> tag information from <data> to </ data> acquired in 1330 is directly copied to the decryption key information 32 for the information recipient and output, and the process 1330 is returned (process 1332). ).

  When the type information described in the <data-type> tag is "encrypt-key", the selection information entry 331 for the information recipient passed as an input to the decryption key information generation processing 133 is input. By referring to the information in the selection information entry 331 of the column corresponding to the encryption key identification information indicated by the <key-id> tag of the encryption key information 30 acquired in the process 1330, the encryption key information 30 It is determined whether the decryption key information 35 for decrypting the corresponding encrypted protection information 22 in the partially encrypted passing information 20 encrypted by using can be provided to the information recipient (process 1333). .

  When the information in the selection information entry 331 in the column corresponding to the encryption key identification information is “non-permitted”, the decryption key information 35 corresponding to the encryption key information 30 acquired in the process 1330 is It does not output the decryption key information 32 for the information recipient, skips the encryption key information 30 and returns to the process 1330 (process 1334).

  When the information in the selection information entry 331 in the column corresponding to the encryption key identification information is “permitted”, “in the <data-type> tag 30a of the encryption key information 30 acquired in the process 1330” Replace "encrypt-key" with "decrypt-key", replace the encryption key in the <data-body> tag 30b with the decryption key corresponding to the encryption key, and correspond to the encryption key information 30 The decryption key information 35 is output to the decryption key information 32 for the information recipient, and the process returns to step 1330 to decrypt the decryption key information 35 permitted by the information recipient for the information recipient. The output to the activation key information 32 is repeated (process 1335).

  In the process 1335, the process of replacing the encryption key in the <data-body> tag 30b of the encryption key information 30 with the decryption key in the <data-body> tag 35b of the decryption key information 35 is performed using the encryption key to be used. When the encryption method is an encryption method in which the encryption key and the decryption key are paired, such as the public encryption method, the process is to replace with the decryption key of the pair corresponding to the encryption key. If the encryption key and the decryption key have the same encryption method, the replacement does not actually occur, and the encryption key is directly copied as the decryption key.

  As shown in FIG. 24, the selective decryption process 231 of the protection information first acquires the <data> tag information enclosed by <data> </ data> from the partially encrypted passing information 20 (process 2310). . If all the <data> tag information has already been acquired in the processing 2310, the protection information selective decoding processing 231 ends.

  If there is unprocessed <data> tag information, the type information enclosed in <data-type> </ data-type> in the <data> tag is acquired and the The content of the data described in the data> tag is determined (process 2311).

  If the type information described in this <data-type> tag is not “encrypted-data”, the information described in the <data> tag acquired in step 2310 is not the encrypted protection information 22. Since there is no such information, the entire <data> tag information is copied as it is to the delivery information 60 for the information recipient and output, and the process returns to the process 2310 (process 2312). That is, by the process 2312, the unprotected data 21 and the like are copied from the partially encrypted delivery information 20 as they are to the delivery information 60 for the information recipient.

  If the type information described in the <data-type> tag is "encrypted-data", to decrypt the encryption protection information 22 described in the <data> tag acquired in process 2310 , The decryption key information 32 for the information recipient obtained in the decryption key information acquisition process 220 is referred to, and the decryption key information 32 for the information recipient is stored in the encryption protection information 22. An attempt is made to obtain the decryption key information 35 whose encryption key identification information matches the encryption key identification information described in the <key-id> tag (process 2313).

  In the processing 2313, if the corresponding decryption key information 35 for decrypting the encryption protection information 22 is not found in the decryption key information 32 for the information recipient, the information recipient is It is determined that the decryption of the encryption protection information 22 is not permitted, and the encryption protection information 22 acquired in the process 2310 is not output to the delivery information 60 for the information recipient, and skipped. The process returns to the process 2310 (process 2314).

  On the other hand, when the corresponding decryption key information 35 for decrypting the encryption protection information 22 is found in the decryption key information 32 for the information recipient in the process 2313, the protection information 12 to be output from now on. The <data> start tag indicating the start of the <data> is output to the delivery information 60 for the information recipient (process 2315).

  Next, in order to indicate that the information to be output from now on is the protected information 12, enclose the "protected-data" which is the type information of the protected information 12 with <data-type> </ data-type> and receive the information. It is output to the delivery information 60 for the destination (process 2316).

  After outputting the <data-type> tag, next, using the decryption key in the <data-body> tag 35b of the decryption key information 35 acquired in the process 2313, the encryption in the partially encrypted passing information 20 is performed. The encrypted protected data enclosed in <data-body> </ data-body> 22b of the encrypted protection information 22 is decrypted (process 2317).

  The restored protected data obtained in processing 2317 is enclosed in <data-body> </ data-body> tags and output as the protected data portion 12b of the protected information 12 to the delivery information 60 for the information recipient. (Processing 2318).

  Finally, the </ data> end tag indicating the end of the protection information 12 is output to the delivery information 60 for the relevant information recipient, the process returns to step 2310, and the unprocessed <data> in the partially encrypted delivery information 20 is returned. > Until the tag information is exhausted, the partially encrypted delivery information 20 is repeatedly restored to the delivery information 60 for the information recipient (process 2319).

  By the selective decryption processing 231 of the protection information, the unprotected information 21 and the encrypted protection information 22 of the partially encrypted passing information 20 are only the encrypted protection information 22 that the information recipient is allowed to decrypt. Can be selectively decrypted to restore the delivery information 60 for the information recipient.

  According to the two-dimensional code data encryption method and data decryption method of the present invention described in the second embodiment, the partially-encrypted delivery information passed between the information provider and the information recipient. Even if the two-dimensional code 40 of is passed to all the information receivers in common, the encrypted protection information 22 included in the two-dimensional code 40 of the partially encrypted passing information is Each piece of information that is encrypted with the encryption key and that selectively includes only the decryption key information 35 of the encryption protection information 22 that the information recipient is allowed to decrypt. Since the two-dimensional code 50 of the decryption key information for the recipient is separately provided to each information recipient, each information recipient can decrypt the unprotected information 11 that anyone can see and the information recipient. Encryption protection Protection information 11 corresponding to the information 22 can only be seen.

  Therefore, even if the information provider gives the same two-dimensional code 40 of the partially encrypted delivery information to all the information recipients, the two-dimensional code 50 of the decryption key information for each information recipient is separately provided for each information. By distributing the information to the recipients, the information provider can show different information for each recipient.

  Further, in the second embodiment described above, when the partially encrypted delivery information 20 and the decryption key information 32 for each information recipient are generated, only the protection information 12 and the encryption key information 30 of the original delivery information 10 are generated. Since it is copied as it is to the partially encrypted delivery information 20 and the decryption key information 32 for each information recipient, the supplementary information is added to the decryption key information 32 for each information recipient as in the first embodiment. It is also possible to put in and pass it, or to put the decryption key information 35 for another piece of delivery information 10 in the partially encrypted delivery information 20 and pass it to the information receiver.

  Furthermore, in the above-described second embodiment, since the encryption protection information 22 and the decryption key information 35 can be associated with each other by the encryption key identification information 22c and 35c, for example, the decryption key acquired by the information receiver. The two-dimensional code 50 of information is managed by the data recovery device 80, which is a two-dimensional code reader, and the two-dimensional code 50 of the decryption key information managed by the data recovery device 80 is automatically selected. It is also possible to find the decryption key information 35 corresponding to the decryption target encryption protection information 22.

  In the above-described second embodiment, further, in the protection information selective decryption processing 231, the encryption key identification information included in the encryption key information included in the encryption protection information 22 is processed by the decryption key information acquisition processing 220. When it matches the encryption key identification information included in the acquired decryption key information 35, the application condition information 22d (FIG. 25) added to the partially encrypted passing information 20 and the decryption key information 35 are further added. When the application determination target information 35d is compared with the added application determination target information 35d (FIG. 27) and it is determined that the decryption key information 35 is applicable because the application determination target information 35d matches the applicable condition information 22d. The corresponding encryption protection information 22 is decrypted using the key identification information and the pair of decryption keys, and the applicable determination target information 35d does not match the applicable condition information 22d and is restored. Of If the key information 35 is determined to not applicable, may be applied a decryption key update information 22e.

  An embodiment of a data encryption method and a data decryption method for a two-dimensional code according to the present invention that can perform such data transfer will be described with reference to FIGS. 25 to 30.

  As shown in FIG. 25, the partially encrypted delivery information 20 to which the application condition information 22d is added is, in addition to the configuration example of the partially encrypted delivery information 20 shown in FIG. 22 is applied condition information 22d for applying the decryption key information 35 corresponding to the encryption protection information 22 and the condition of the applicable condition information 22d when the condition shown in the applicable article information 22d does not match. It additionally includes the decryption key update information 22e for prompting or automatically obtaining the decryption key information 35 that matches with.

  In the configuration example shown in FIG. 25, the application condition information 22d is described by being enclosed in <key-cond> </ key-cond>, and the expiration date information of the decryption key information 35 to be applied is described as an application condition example. An example is shown. The decryption key update information 22e is described by enclosing it in <key-update> </ key-update>, and the access URL information for updating the decryption key information 35 is described as the decryption key update information. An example is shown.

  Further, the encryption key information 31 for encryption shown in FIG. 17 of the second embodiment which describes the encryption key used when encrypting each protection information 12 of the original delivery information 10 is as shown in FIG. 25. In addition to the configuration example of the encryption key information 31 for encryption, each encryption key information 30 includes the application condition information 22d and the decryption key update of the encryption protection information 22 shown in the configuration example of FIG. The application condition information 30d corresponding to the information 22e and the decryption key update information 30e are additionally included. In this configuration example, like the example shown in FIG. 25, the application condition information 30d is described by being enclosed in <key-cond> </ key-cond>, and the decryption key information 35 to be applied is applied as an application condition example. 7 shows an example in which expiration date information of is described. Similarly, the decryption key update information 30e is also described by being enclosed by <key-update> </ key-update>, and the access URL information for updating the decryption key information 35 is used as the decryption key update information. The example described is shown.

  The application condition information 30d and the decryption key update information 30e added to each encryption key information 30 are partially encrypted passing information 20 in a protection information encryption process 111 of the second embodiment described later. Are directly copied as the application condition information 22d and the decryption key update information 22e of the corresponding encrypted protection information 22 part of

  As shown in FIG. 27, the decryption key information 35 to which the application determination target information 35d is added is in addition to the configuration example of the decryption key information 32 for each information recipient shown in FIG. An application determination target for comparing the decryption key information 35 with the application condition information 22d in the encryption protection information 22 shown in the configuration example of FIG. 25 to determine whether or not the decryption key information 35 is within the application condition. Information 35d is additionally included.

  In the present configuration example, the application determination target information 35d is described by being enclosed in <key-attr> </ key-attr>, and the decryption key is the information to be compared with the application condition information 22d in the encryption protection information 22. The example which described the production | generation date information of the information 35 is shown.

  For example, in the case of the second embodiment, the generation date / time information described in the application determination target information 35d of each decryption key information 35 corresponds to the corresponding encryption code in which the encryption key identification information in the partially encrypted passing information 20 matches. The decryption key information 35 is compared with the application condition information 22d in the protection protection information 22 and whether the generation date / time information described in the application determination target information 35d is within the expiration date described in the applicable condition information 22d. Is applicable for decryption of the encryption protection information 22.

  Next, the original delivery information 10 (FIG. 15), the information recipient selection information 33 (FIG. 20) and the delivery information 60 (FIG. 19) for each information recipient, together with the application condition information 22d and the decryption key update information 22e. Partially encrypted delivery information 20 (FIG. 25) added with, the application condition information 30d and the decryption key update information 30e added with the encryption key information 31 for encryption (FIG. 26), and the application determination target. Based on the decryption key information 32 (FIG. 27) for each information recipient to which the information 35d is added, the protection information-specific encryption processing 111, the decryption key information selection generation processing 131, and the protection information shown in FIG. An example of the selective decoding process 231 will be described with reference to FIGS. 28, 29, and 30, respectively.

  As shown in FIG. 28, the protection information-specific encryption processing 111 is almost the same as the protection information-specific encryption processing 111 shown in FIG. 21 of the second embodiment, and when outputting each encrypted protection information 22, this embodiment Since the application condition information 22d and the decryption key update information 22e added in No. 3 are output to the encryption protection information 22, the encryption key information 30 obtained in the process 1115 between the process 1116 and the process 1117 < The applicable condition information 30d part of the decryption key information between key-cond> to </ key-cond> and the decryption key update information 30e part between <key-update> to </ key-update> are In the second embodiment, only the processing 11161 that outputs the decryption key information application condition information 22d and the decryption key update information 22e in the encryption protection information 22 to the encryption protection information 22 as it is is added. Encryption processing by protection information shown in FIG. 21 Different from 111.

  As shown in FIG. 29, the decryption key information generation process 133 which is the process 133 of the decryption key information selection generation process 131 (FIG. 22) is almost the same as the decryption key information generation process 133 shown in FIG. 23 of the second embodiment. Similarly, in the process 1335 of FIG. 23, when outputting the selected decryption key information 35 to the decryption key information 32 for each information recipient, the <data-type> tag 30a of the corresponding encryption key information 30 is output. Replace "encrypt-key" with "decrypt-key" in the output and output as <data-type> tag 35a that represents the data type information of the decryption key information, and describe the <key-id that describes the encryption key identification information. The> tag 30c is copied as it is as the <key-id> tag 35c and output 60, and the <key-cond> tag 30d and <key-update> tag 30e of the encryption key information 30 are deleted and replaced. In addition, the application determination target information 3 of the added decryption key information 35 As d, the information such as the generation date / time information of the decryption key information 32 is output enclosed by <key-attr> </ key-attr>, and the encryption key in the <data-body> tag 30b is decrypted by the corresponding decryption key. 23 in the processing 13351 of replacing with the encryption key and outputting as the <data-body> tag 35b, only the point that the processing 1335 of FIG. 23 is replaced is the decryption key information generation processing 133 shown in FIG. 23 of the second embodiment. Is different from.

  As shown in FIG. 30, the protection information selective decryption processing 231 is almost the same as the protection information selective decryption processing 231 shown in FIG. 24 of the second embodiment, and decrypts the encrypted protection information 22 obtained in the processing 2310. When the information is converted into the delivery information 60 for the information receiver, the corresponding decryption key information 35 is applied by the application condition information 22d and the application determination target information 35d added in the third embodiment. If it is determined that the decryption is acceptable, and if the decryption key is not applicable, the decryption key update information 22e that is also added in the third embodiment is used to obtain the decryption key information 35 that matches the application condition information 22d. The difference from the protection information selection / decoding process 231 shown in FIG. 24 of the second embodiment is that only a process of calling or automatically acquiring is added.

  Specifically, if the decryption key information 35 corresponding to the encryption protection information 22 acquired in the process 2310 is present in the decryption key information 32 for the information recipient in the process 2313 of FIG. The third embodiment is different from the protection information selective decoding process 231 shown in FIG. 24 of the second embodiment in that the processes 23131 and 23132 are added later.

  In this processing 23131, the application determination target information 35d of the <key-attr> tag included in the corresponding decryption key information 35 acquired in the processing 2313 and the encryption protection information 22 of the <data> tag acquired in the processing 2310 are set. The applicable condition information 22d described in the included <key-cond> tag is compared to determine whether the decryption key information 35 is applicable to decrypt the encryption protection information 22.

  For example, in the form shown in the configuration examples of FIGS. 25 and 27, the expiration date information to which the decryption key information 35 is applied is included in the application condition information 22d, and the decryption key is included in the application determination target information 35d. In the case where the information generation date / time information is included, if the generation date / time information of the application determination target information 35d is within the expiration date of the application condition information 22d, it is determined to be applicable, and if it is outside the expiration date, it is not applicable. to decide.

  When it is determined that the decryption key information 35 is applicable as a result of the process 23131, the processes following the process 2315 are executed in the same manner as the protection information selective decryption process 231 shown in FIG. 24 of the second embodiment. The decryption key information 35 is used to decrypt the encryption protection information 22 and output it as the delivery information 60 for the information recipient.

  If it is determined that the decryption key information 35 is not applicable as a result of the process 23131, the decryption key update described in the <key-update> tag included in the encryption protection information 22 is updated in the process 23132. Using the information 22e, the information recipient is prompted to obtain the decryption key information 35 that matches the application condition information 22d, or the decryption key information 35 that matches the application condition information 22d is automatically obtained.

  For example, when the decryption key update information 22e has URL information for acquiring the decryption key information 35 that matches the application condition 22d in the form shown in the configuration example of FIG. 25, the URL information is received. Displayed to the user and urge the information recipient to obtain the decryption key information 35 that matches the application condition 22d, or automatically obtain the decryption key information 35 that matches the application condition 22d using the URL information. .

  As a result of the processing 23132, when the decryption key information 35 that matches the application condition information 22d can be automatically acquired, the processing after the processing 2315 is executed by using the automatically acquired decryption key information 35, and the encryption protection is performed. The information 22 is decrypted and output as the delivery information 60 for the information recipient. Further, as a result of the processing 23132, when the decryption key information 35 matching the application condition information 22d cannot be automatically acquired, the selective decryption processing 231 of the protection information is stopped and terminated.

  According to the two-dimensional code data encryption method and data restoration method of the present invention described in the third embodiment, the decryption key information for each information recipient held by each information recipient is stored. The application condition of the decryption key information 35 included in the two-dimensional code 50 can be restricted. For example, by inserting the expiration date information as the application condition information 22d, the two-dimensional code 50 of the decryption key information for the legitimate information recipient. Even if the information is stored, the period in which the encrypted protection information 22 in the partially encrypted passing information 20 obtained by the information recipient can be restored to the original protection information 12 and viewed can be limited.

  That is, for example, expiration date information is put in the application condition information 22d of the decryption key included in each encryption protection information 22 of the two-dimensional code 40 of the partially encrypted delivery information, and the decryption key for each information recipient is obtained. In the application determination target information 35d included in each decryption key information 35 of the information two-dimensional code 50, for example, generation date / time information of the decryption key information 35 is inserted, and the application determination target information 35d of the decryption key information 35 is added. Whether or not the applicable decryption key information 35 is applicable is determined by whether the described generation date / time information is within the expiration date described in the application condition information 22d of the encryption protection information 22. The application conditions of the activation key information can be restricted.

  If the application condition information 22d is out of the application condition, the decryption key update information 22e is used to urge the information recipient to update the decryption key information 35 held by the information recipient, or , Can be automatically obtained, and can be used as license management and license updating means for viewing the protected information 12.

  Therefore, even with the protection information 12 of the same type, for example, the encryption key is updated every period, the protection information of the new period is encrypted with the new encryption key, and the encryption result of the protection information 12 is encrypted. By updating the expiration date information described in the application condition information 22d of the encryption protection information 22 as well, for the information recipient who has read using the two-dimensional code 50 of the decryption key information corresponding to the old encryption key. Can use the decryption key update information 22e included in the encryption protection information 22 outside the expiration date to prompt or automatically obtain the two-dimensional code 50 of the decryption key information corresponding to the new period. it can.

  That is, the information receiver uses the two-dimensional code 40 of the partially encrypted delivery information acquired during the license period, and the two-dimensional code 50 of the decryption key information acquired for the license period, under the offline environment. In the state, the encrypted protection information 22 permitted by the license can be decrypted and the original protection information 12 can be viewed, but the two-dimensional code 40 of the partially encrypted passing information outside the license period can be obtained. When the reading is performed using the two-dimensional code 50 of the old decryption key information that has already been used, the license update prompt message is output. Therefore, the license is manually or automatically updated to update the two-dimensional code of the new decryption key information. If the code 50 is not acquired, the encrypted protection information 22 of the new license period cannot be decrypted, so the period-based information providing service can be implemented. It becomes possible way.

  Note that, in the second embodiment shown in FIGS. 15 to 19 and the third embodiment shown in FIGS. 25 to 27, as in the first embodiment, as an example, each information is written using XML notation as the data description language. Although an example of description is shown, the present invention is not limited to this, and any data description language may be used as long as it is a notation that can distinguish each information.

  Further, the two-dimensional code 40 of the partially encrypted passed information and the two-dimensional code 50 of the decryption key information applied to the data encryption method and the data decryption method of the two-dimensional code of the present invention described in the second embodiment. Specifically, two or more pieces of protection information 12 included in the original delivery information 10 are encrypted protection information 22 obtained by encrypting each piece of protection information using a predetermined encryption key. A first data reading medium in which a two-dimensional code 40 including partially encrypted passing information 20 generated by replacing two or more protection information 12 of the information 10 is converted so that it can be read by the data restoration device 200; To decrypt the encrypted protection information 22 to be shown only to a specific information recipient among the two or more pieces of encrypted protection information 22 of the partially encrypted passing information 20 included in the first data reading medium. The encryption protection information 22 for decryption includes the encryption key information 30 having the encryption key identification information for identifying the encryption key, and the encryption key information 30 of the encryption key information 30 A data passing medium including a second data reading medium in which the two-dimensional code 50 of the decryption key information in which the corresponding decryption key is paired with the encryption key identification information is converted so as to be readable by the data restoration device 200. Is used.

  Further, the two-dimensional code 40 of partially encrypted passing information and the two-dimensional code 50 of decryption key information applied to the data encryption method and data decryption method of the two-dimensional code of the present invention described in the third embodiment. Specifically, other information is added to the first data reading medium and the second data reading medium of the data passing medium used in the second embodiment.

  In the partially encrypted pass-through information 20 of the first data reading medium, each encryption protection information 22 corresponds to the encryption key identified by the encryption key identification information included in the encryption protection information 22. The application condition information 22d in which the application condition of the decryption key information 35 is defined, and if the decryption key information 35 does not match the application condition, the acquisition key information that prompts the acquisition or automatic acquisition of the decryption key information that matches the application condition is performed. The decryption key update information 22e for adding the encryption key update information 22e is added, and the application condition information 22d included in the encryption protection information 22 in which the encryption key identification information matches the decryption key information 35 on the second data reading medium. Compared with, the application determination target information 35d for determining whether or not the decryption key information 35 can be used for decrypting the encryption protection information 22 is added.

  The first data reading medium and the second data reading medium are a print medium for visually displaying the two-dimensional code data, an image display medium for visually displaying the two-dimensional code data, and a two-dimensional code data for the two-dimensional code data. Any one of a storage medium for storing and a communication medium capable of mutually communicating two-dimensional code data between the data generation device 100 and the data restoration device 200 is selected.

  When the first data reading medium is a printing medium, as shown in FIG. 14, in the data generating process 100 executed by the data generating device 70, the two-dimensional code generating process 120 of the partially encrypted transfer information is converted into an image. The two-dimensional code data is output to the printer driver 5 (see FIG. 31) for converting it into a readable data reading medium.

  When the first data reading medium is a print medium, as shown in FIG. 31, the data generation device 70 outputs the two-dimensional code 40 of the partially encrypted delivery information generated in the data generation process 100 of the information provider. Through the printer driver 5 included therein, the printer prints once as a print image 40p of the two-dimensional code 40 on the print medium 1 such as paper or a signboard, and the print image 40p of the two-dimensional code 40 printed on the print medium 1 is printed. The information recipient's data is read by the information recipient's camera 6 and restored to the electronic two-dimensional code 40 by the data restoration device 80, using the decryption key information two-dimensional code 50 separately obtained from the information provider. In the data restoration process 200 executed by the restoration device 80, the encrypted protection information 22 included in the two-dimensional code 40 is selectively restored to the original state. Mamoru decodes the information 12, and unprotected information 11 can be viewed by anyone, to restore the delivery information 60 of the information recipient for containing and protecting information 12 that has been permitted by the information recipient to see.

  In this case, the information provider uses the data generation device 70 to generate the two-dimensional code 40 of the partially-encrypted delivery information common to the plurality of information recipients from the original delivery information 10 and the generated 2 The two-dimensional code 50, in which the dimension code 40 is printed as the print image 40p on the print medium 1 and passed to a plurality of information recipients, and the decryption key information 32 for each information recipient is included, is the data generation device. 70 is used for each information recipient, and the generated two-dimensional code 50 for each information recipient is individually passed to each information recipient.

  Therefore, in order to transfer the two-dimensional code 40 of the partially encrypted delivery information of the present invention between the information provider and the information recipient via the print medium 1, it is necessary to send the two-dimensional code 40 via the mail, handout, signboard, or the like. You can easily exchange information in an offline environment.

  Also, if the two-dimensional code 50 of the decryption key information for each information recipient is separately passed to each information recipient, the same partially encrypted delivery information commonly generated for multiple information recipients The two-dimensional code 40 is printed as a print image 40p on the print medium 1 and can be passed to a plurality of information recipients, and the portion that can be restored to the original delivery information 10 for each information recipient is controlled. Therefore, the same data can be distributed to a large number of information recipients at one time, and different information can be delivered to each information recipient.

  Further, when a signboard or a printed matter to be distributed to an unspecified large number is used as a medium, for example, it is possible to realize a service of showing additional information to a specific information recipient according to the license level of the information recipient. .

  When the first data reading medium is an image display medium, it is the same as the printing medium. As shown in FIG. 14, in the data generation process 100 executed by the data generating device 70 of the information provider, the partially encrypted delivery information is transferred. The two-dimensional code generation processing 120 outputs the imaged two-dimensional code data to the image display driver 7 (see FIG. 32) for converting it into a readable data reading medium.

  When the first data reading medium is an image display medium, as shown in FIG. 32, the two-dimensional code 40 of the partially encrypted delivery information generated in the data generating process 100 of the information provider is converted into the data generating process 100. Via the image display driver 7 included in the display device, the image is temporarily displayed as a display image 40d of the two-dimensional code 40 on the image display medium 2 such as a display device, and the display image of the two-dimensional code 40 displayed on the image display medium 2 is displayed. 40d is read by the camera 6 of the information receiver, restored to the electronic two-dimensional code 40 by the data restoration device 80, and the two-dimensional code 50 of the decryption key information obtained separately from the information provider is used to receive the information. In the data restoration process 200 executed by the person's data restoration device 80, the encrypted protection information 22 included in the two-dimensional code 40 is selectively preserved in the original state. Decodes the information 12, and unprotected information 11 can be viewed by anyone, to restore the delivery information 60 of the information recipient for containing and protecting information 12 that has been permitted by the information recipient to see. The original delivery information 10 is restored.

  In this case, the information provider uses the data generation device 70 to generate the two-dimensional code 40 of the partially-encrypted delivery information common to the plurality of information recipients from the original delivery information 10 and the generated 2 The dimensional code 40 is printed on the image display medium 2 as an image display image 40d and is passed to a plurality of information recipients. The two-dimensional code 50 containing the decryption key information 32 for each information recipient is the data. The information is generated for each information recipient using the generation device 70, and the generated two-dimensional code 50 for each information recipient is individually passed to each information recipient.

  Further, in order to transfer the two-dimensional code 40 of the partially encrypted transfer information of the present invention between the information provider and the information receiver via the image display medium 2, the information via the print medium 1 is transmitted. Similar to the delivery of information, it can be provided in an offline environment, provided with a plurality of information in an environment that can be seen by others, transmitted to an unspecified number of people, and displayed on the image display medium 2. The dimension code 40 can be dynamically changed under various conditions such as time and information recipient information, and the information according to the information recipient can be delivered.

  When the first data reading medium is a storage medium, it is the same as the printing medium. As shown in FIG. 14, in the data generating process 100 executed by the data generating device 70 of the information provider, the partially encrypted transfer information 2 The dimensional code generation processing 120 outputs the imaged two-dimensional code data to the storage medium driver 8 (see FIG. 33) for converting it into a readable data reading medium.

  When the first data reading medium is a storage medium, as shown in FIG. 33, the data generation process 100 converts the two-dimensional code 40 of the partially encrypted delivery information generated by the data generation process 100 of the information provider. The electronic image data 40b of the two-dimensional code 40 is once stored as it is in the storage medium 3 such as a USB memory, an SD card, a CD or a DVD via the storage medium driver 8 included therein, and then stored in the storage medium 3. The electronic image data 40b of the two-dimensional code 40 is taken out as the electronic two-dimensional code 40 on the information recipient side via the storage medium driver 8 included in the data restoration device 80 of the information recipient, and is separately provided by the information provider. Using the two-dimensional code 50 of the decryption key information obtained from the data read processing 200 executed by the data recovery device 80 of the information recipient, The encrypted protection information 22 included in the two-dimensional code 40 is selectively decrypted into the original protection information 12, and the unprotected information 11 that anyone can see and the protection that the information recipient is allowed to see The delivery information 60 for the information recipient including the information 12 is restored. The original delivery information 10 is restored.

  In this case, the information provider uses the data generation device 70 to generate the two-dimensional code 40 of the partially-encrypted delivery information common to the plurality of information recipients from the original delivery information 10 and the generated 2 The two-dimensional code 50 that stores the dimensional code 40 as electronic image data 40b in the storage medium 3 and passes it to a plurality of information recipients, and the decryption key information 32 for each information recipient is The data generating device 70 is used to generate each information recipient, and the generated two-dimensional code 50 for each information recipient is individually passed to each information recipient.

  Further, in order to pass the two-dimensional code 40 of the partially encrypted delivery information of the present invention between the information provider and the information recipient via the storage medium 3, the information transmitted via the print medium 1 is stored. Similar to passing, not only can it be provided in an offline environment, provided with multiple pieces of information in an environment that can be seen by others, communicated to an unspecified large number, etc. It is possible to put the two-dimensional code 40 of the encrypted delivery information in the storage medium 3 and pass it to the information recipient, and as additional information of the programs and data contained therein, special additional information for the particular information recipient. Can be passed.

  When the first data reading medium is a communication medium, it is the same as the print medium. As shown in FIG. 14, in the data generation process 100 executed by the data generation device 70 of the information provider, the partially encrypted transfer information 2 The dimensional code generation process 120 outputs the imaged two-dimensional code data to the communication driver 8 (see FIG. 34) for converting it into a readable data reading medium.

  When the first data reading medium is a communication medium, as shown in FIG. 34, the two-dimensional code 40 of the partially encrypted delivery information generated in the data generating process 100 executed by the data generating device 70 of the information provider. Is transmitted from the information provider via the communication driver 9 of the data generation device 70 as it is as the electronic image data 40b of the two-dimensional code 40 via the communication medium 4 such as wired / wireless to provide the information. The electronic image data 40b transmitted from a person is received as the electronic two-dimensional code 40 via the communication driver 9 of the data restoration device 80 of the information recipient, and the decryption is separately obtained from the information provider. It is included in the two-dimensional code 40 in the data restoration processing 200 executed by the data restoration device 80 of the information recipient using the two-dimensional code 50 of the key information. Receiving the information including the unprotected information 11 that anyone can see and the protected information 12 that the information recipient is allowed to see by selectively decrypting the encrypted protected information 22 into the original protected information 12. The delivery information 60 for persons is restored.

  In this case, the information provider uses the data generation device 70 to generate the two-dimensional code 40 of the partially-encrypted delivery information common to the plurality of information recipients from the original delivery information 10 and the generated 2 The two-dimensional code 50 including the decryption key information 32 for each information recipient is passed to the information recipients through the communication medium 4 as the electronic image data 40b as the electronic image data 40b. The information is generated for each information recipient using the generation device 70, and the generated two-dimensional code 50 for each information recipient is individually passed to each information recipient.

  Further, in order to pass the two-dimensional code 40 of the partially encrypted delivery information of the present invention between the information provider and the information recipient via the communication medium 4, the information transmitted via the print medium 1 is transferred. As with delivery, not only can multiple delivery information be provided in an environment where other people can see it, and it can also be communicated to an unspecified number of people, but also immediately when requested by an information recipient or at a designated time. The information protected by the two-dimensional code 40 of the encrypted delivery information can be delivered to the information recipient.

  Note that in the embodiment based on FIGS. 31 to 34 described above, only the two-dimensional code 40 of the partially encrypted delivery information, which is the first data reading medium, shows a concrete delivery medium example, and Regarding the delivery medium of the two-dimensional code 50 of the decryption key information, which is a data reading medium, no specific medium was specified, but the two-dimensional code 50 of the decryption key information is also included in the delivery information of the partially encrypted delivery information. In the same manner as the two-dimensional code 40, it is possible to communicate between the information provider and the information receiver via various media.

  According to the second and third embodiments, the original delivery information 10 includes one or more pieces of protection information 12, and each piece of protection information 12 is a plurality of results obtained by encrypting with the encryption key for each protection information. The two-dimensional code 40 of the partially encrypted pass-through information including the encrypted protection information 22 is created, and the decryption key information 35 that can decrypt only the encrypted protection information 22 required for each information recipient is provided. Since the two-dimensional code 50 of the decryption key information for each information recipient corresponding to the information recipient can be separately distributed to each information recipient, the information provider includes one or more pieces of encryption protection information 22. A two-dimensional code 40 of partially encrypted passing information is created so that the created two-dimensional code 40 can be commonly distributed or viewed by a plurality of information recipients. Decryption distributed separately The 2-dimensional code 50 of the key information, by limiting the ciphering information 22 to decode each information recipient, can change the information that can be seen for each information recipient.

  Therefore, if only the two-dimensional code 50 of the decryption key information for each information recipient corresponding to each information recipient is distributed to the necessary information recipients, the two-dimensional information of the partially encrypted delivery information will be obtained. Even if the code 40 is placed on a printed matter or a signboard that can be seen by an unspecified number of people or distributed all at once, the encrypted protection information 22 included in the two-dimensional code 40 of the partially encrypted delivery information 22 Regarding the part, only the information recipient who has obtained the two-dimensional code 50 of the decryption key information for the information recipient from the information provider can decrypt the information and the two-dimensional decryption key information for the information recipient. According to the code 50, the original protected information 10 can be viewed by selectively decrypting only the specific encrypted protected information 22 permitted to be decrypted by the information recipient, so that it is differentiated for each information recipient. information So that it is subjected to the service.

  In the second and third embodiments described above, in the data generation process 100 executed by the data recovery device 80 of the information recipient, the two-dimensional code 40 of the partially encrypted delivery information is used for the information recipient. Although the embodiment has been shown in which only one two-dimensional code 50 of the decryption key information is designated, the present invention is not limited to this, and the two-dimensional code of another decryption key information already obtained in advance by the data recovery device 80 of the information recipient. The code may be specified together.

  As shown in FIG. 35, the two-dimensional code data decrypting method of the present invention as described above, the decryption key information acquisition process 220 and the protection information of the information recipient data restoration process 200 shown in FIG. The only difference is the processing method of the selective decoding processing 231 of.

  The decryption key information acquisition processing 220 of the fourth embodiment is the same as the decryption key information acquisition processing 220 of FIG. 14, in which the information receiver receives the two-dimensional code data of the partially encrypted delivery information from the information provider together with the data reading medium. In addition to the received data reading medium having the two-dimensional code data of the decryption key information, the data restoration device 200 uses the data reading medium which has already obtained the two-dimensional code data of the decryption key information different from the decryption key. When a plurality of data is read, the decryption key information 50 of each data reading medium is acquired.

  In the protected information selective decryption processing 231 of the fourth embodiment, the partially encrypted passed information 20 decrypted by the partially encrypted passed information reading processing 210 in the protected information selective decryption processing 231 of FIG. Each of the encryption protection information 22 included in the encrypted decryption information obtained by the decryption key information acquisition process 220 of the fourth embodiment is the encryption key identification information included in the encryption key information included in the encryption protection information 22. When any of the key information 35 matches the encryption key identification information included in the corresponding decryption key information 35, the corresponding encryption protection information is obtained by using the decryption key paired with the corresponding encryption key identification information. No. 22 is decrypted, and each of the decryption key information 35 acquired in the decryption key information acquisition process 220 of the fourth embodiment matches the encryption key identification information included in the decryption key information 35. If there is adapted to stop the decoding of the encrypted protected information 22.

  That is, in the data reading process 200 according to the fourth embodiment, the two-dimensional code 40 of the partially encrypted delivery information and the decryption key for the information recipient corresponding to the two-dimensional code 40 of the partially encrypted delivery information. In addition to the two-dimensional code 50 of the information, the two-dimensional code 50 of the other decryption key information already obtained by the information recipient is also designated, and the two-dimensional code 50 of the plurality of decryption key information is subjected to the data reading process 200. Specified as an input to.

  The two-dimensional code 50 of the designated plurality of pieces of decryption key information is read in the decryption key information acquisition process 220, and decrypted into the corresponding decryption key information 32 for the information recipient.

  The plurality of pieces of decryption key information 32 for the information recipients obtained in the decryption key information acquisition processing 220 are passed to the protection information selection decryption processing 231, and decrypted in the partially encrypted passing information reading processing 210. It is used to decrypt the encrypted protection information 22 portion of the encrypted partially encrypted passing information 20.

  The protection information selective decryption process 231 is different from the second and third embodiments in that it is not the one decryption key information 32 for the information recipient obtained in the decryption key information acquisition process 220, but an input. Retrieving the designated plurality of decryption key information 32 for the information recipient, selectively decrypting the encrypted protection information 22 permitted to be decrypted by the information recipient, and passing to the information recipient The information 60 is restored.

An example of the protection information selective decoding process 231 will be described with reference to FIG.
The protection information selective decoding process 231 shown in FIG. 36 is almost the same as the protection information selective decoding process 231 shown in FIG. 24 of the second embodiment, and the process 2313 in the protection information selective decoding process 231 of FIG. In contrast, one piece of the decryption key information 32 for the information receiver is searched, whereas in the processing 23132 of the fourth embodiment, all the input information obtained in the decryption key information acquisition processing 220 is input. In the decryption key information 32 for the relevant information recipient of, the encryption key identification information described in the <key-id> tag in the encryption protection information 22 matches the encryption key identification information. The only difference is that the acquisition of the decryption key information 35 is tried. That is, the processing 2313 in the selective decryption processing 231 of protection information shown in FIG. 24 of the second embodiment is simply replaced with the processing 23132 of the fourth embodiment.

  In the fourth embodiment described above, a modification of the selective decoding processing 231 of the protection information shown in FIG. 24 of the second embodiment is shown, but the modification is not limited to this, and the protection shown in FIG. 30 of the third embodiment is shown. Only by replacing the process 2313 in the selective decryption process 231 of information with the process 23132 of the fourth embodiment, the decryption for all the input information recipients obtained in the decryption key information acquisition process 220 is performed. The encryption key information 32 is searched to obtain the encryption key identification information described in the <key-id> tag in the encryption protection information 22 and the decryption key information 35 having the same encryption key identification information. You can try.

  According to the fourth embodiment as described above, the information receiver receives 2 pieces of the partially-encrypted delivery information to be decrypted from the separately obtained two-dimensional code 50 of the decryption key information for the information recipient. It is not necessary to selectively specify the two-dimensional code 50 of the decryption key information for the information recipient corresponding to the dimension code 40, and the two-dimensional decryption key information for all the information recipients already acquired. If the code 50 is designated in the data reading process 200, the corresponding two-dimensional code 50 of the decryption key information for the information recipient can be automatically retrieved, and the delivery information 60 for the information recipient can be restored.

  That is, even if the information recipient does not store the corresponding decryption key, if he / she specifies all the two-dimensional codes 50 of the decryption key information for the information recipient already obtained, the information recipient The delivery information 60 can be restored.

  A data generation processing program in which the data generation processing 100 and the data restoration processing 200, which are the data processing procedures of the second, third, and fourth embodiments, are executed by the processor 74 of the data generation apparatus 70 and the processor 84 of the data restoration apparatus 80. The computer 71 and the data restoration processing program 81 can be used by a plurality of data generation devices 70 and data restoration devices 80 by recording them on a computer-readable CD, DVD, or the like.

  In addition, in the above-described first to fourth embodiments, since the protection information of the delivery information 10 is encrypted before the two-dimensional encoding, the delivery information must be encrypted, and Unprotected information that may not be necessary can be mixed.

In addition, in the above-described first to fourth embodiments, the two-dimensional code of the corresponding decryption key information is separately obtained for the two-dimensional code including the partially encrypted delivery information passed from the information provider to the information receiver. In addition to the protected information that can be restored only by the already-received information recipient, non-protected information that can be restored by all the information recipients who received the former two-dimensional code is included.
Therefore, in the above-described first to fourth embodiments, another two-dimensional code is always necessary to restore all the information included in the two-dimensional code. Unlike the disclosed technology, all information recipients can restore the unprotected information included in the two-dimensional code including the partially encrypted transfer information, even if the two-dimensional code of the decryption key information is not obtained. You can
Further, in the disclosed technologies of Patent Document 3 and Patent Document 4 described in the background art, two-dimensionally encoded data to be encrypted and password data are simply subjected to logical operation processing at an image level to obtain encrypted data and a decryption key. Since data is generated, it is difficult to correct errors at the image level and the reading accuracy is significantly reduced. On the other hand, in the above-described first to fourth embodiments, partial encryption is performed. Since the two-dimensional code of the passed / received information and the two-dimensional code of the decryption key information are both ordinary two-dimensional codes, the error correction function as the two-dimensional code can be used as it is, so that the reading accuracy decreases. It is possible to prevent it.

  According to the two-dimensional code data transfer medium, the two-dimensional code data encryption method, the two-dimensional code data decryption method, the program, and the recording medium of the present invention, it is possible for elderly people who are not good at complicated key operations. It can be applied not only to passing information, but also to passing information to a visually impaired person by combining a two-dimensional code voice reading device. That is, when the information restoration device 80 of the information receiver restores the information, the information can be read aloud by the two-dimensional code voice reading device.

1 ... Printing medium 2 ... Screen display medium 3 ... Storage medium 4 ... Communication medium 10 ... Original delivery information 12 ... Transmission information protection information 20 ... Partially encrypted delivery information 22 ... Partial encryption Encryption protection information of encrypted passing information 22c ... Encryption key identification information 22d ... Application condition information of decryption key information 30 ... Encryption key information 30c ... Encryption key identification information 30d ... Decryption key information Application condition information 30e ... Decryption key update information 35 ... Decryption key information 35b ... Decryption key 35c ... Encryption key identification information 35d ... Application judgment target information 40 ... Partially encrypted passing information Two-dimensional code 50 ... Two-dimensional code of decryption key information 70 ... Data generation device 80 ... Data restoration device

Claims (9)

Data of a two-dimensional code generated by a data generation device in which a two-dimensional code is encoded in a state in which the passing information passed from the information provider to the information receiver includes protection information to be shown only to a specific information receiver. An encryption method,
The data generation device,
Replacing the two or more protection information of the delivery information with the encrypted protection information obtained by encrypting the two or more protection information included in the delivery information using a predetermined encryption key for each protection information. And a first process for generating partially encrypted passing information,
To decrypt the encrypted protection information to be shown only to the specific information recipient among the two or more pieces of encrypted protection information of the partially encrypted passing information generated in the first process. The encryption protection information for decryption includes encryption key information having encryption key identification information for identifying the encryption key, and the encryption key identification information of the encryption key information A second process of generating decryption key information in which a corresponding decryption key is included in a pair with the encryption key identification information;
A third process for converting the partially encrypted passing information and the decryption key information into two-dimensional code data individually imaged,
Run
In the first process executed by the data generation device, the decryption corresponding to each encryption protection information corresponding to the encryption key identified by the encryption key identification information included in the encryption protection information. To apply for automatic acquisition of application condition information in which the application conditions of the decryption key information are defined, and when the decryption key information does not match the application conditions, acquisition of decryption key information that matches the application conditions Decryption key update information is added to generate the partially encrypted delivery information,
In the second process executed by the data generation device, the decryption key information is compared with the application condition information included in the encryption protection information in which the encryption key identification information matches, and the decryption is performed. A data encryption method for a two-dimensional code, characterized in that application determination target information for determining whether or not the key information can be used for decryption of the encryption protection information is added. A program for causing the data generation device to execute each of the processes of the two-dimensional code data encryption method according to claim 1 . A computer-readable recording medium on which the program according to claim 2 is recorded. The pass-through information generated by the data generation device by the two-dimensional code data encryption method according to claim 1 and passed from the information provider to the information receiver is protected so as to be shown only to the specific information receiver. A data decoding method of a two-dimensional code, wherein the passing information is restored by a data restoring device from a two-dimensional code encoded in a state where information is included ,
The data restoration device,
A first process for decrypting the partially encrypted delivery information when the data reading medium having the two-dimensional code data of the partially encrypted delivery information provided by the information provider is read;
A second process of acquiring the decryption key information when the data reading medium having the two-dimensional code data of the decryption key information provided by the information provider is read;
The respective encryption protection information included in the partially encrypted passing information decrypted in the first process is the encryption key identification information included in the encryption key information included in the encryption protection information. , If the encryption key identification information included in the decryption key information acquired in the second process matches, the corresponding encryption protection information is obtained by using the decryption key paired with the encryption key identification information. A third process for decrypting
The execution,
In the third process executed by the data restoration device, the encryption key identification information included in the encryption key information included in the encryption protection information is the decryption key information acquired in the second process. If it matches with the encryption key identification information included in the, further, the application condition information added to the partially encrypted passing information, and the application determination target information added to the decryption key information, When it is determined that the applicable determination target information matches the applicable condition information and the decryption key information is applicable, the corresponding encryption is performed using the decryption key paired with the encryption key identification information. decrypts the reduction protection information, this relevant application determining subject information if the decryption key information without match with the application condition information is determined to not applicable, of applying the decryption key update information Data decoding method of two-dimensional code according to claim. In the third process executed by the data restoration device, if the decryption key update information matching the application condition information can be acquired, the decryption key paired with the encryption key identification information is used to obtain the decryption key update information. decrypts the corresponding encrypted protection information, the application conditions if it can not acquire the decryption key update information that matches the information, according to claim 4 in which ends to stop the decoding of the corresponding ciphering information A data decoding method of the described two-dimensional code. In the second processing executed by the data restoration device, the decryption key information received by the information receiver together with the data reading medium having the two-dimensional code data of the partially encrypted delivery information from the information provider. In addition to the data reading medium having the two-dimensional code data, when a plurality of previously obtained data reading media having the two-dimensional code data of the decryption key information different from the decryption key are read by the data restoration device, Obtain the decryption key information of the data reading medium,
In the third process executed by the data restoration device, the respective encryption protection information included in the partially encrypted passing information decrypted in the first process is included in the encryption protection information. The encryption key identification information included in the encryption key information is the encryption key identification information included in the decryption key information of any of the decryption key information acquired in the second process. When they match, the corresponding encryption protection information is decrypted using the decryption key paired with the encryption key identification information, and each of the decryption key information acquired in the second process is associated with the decryption key information. The two-dimensional code data decryption method according to claim 4 or 5 , wherein when the encryption key identification information included in the decryption key information does not match, the decryption of each of the encryption protection information is stopped. Before Kide over data reading medium, the print medium to visibly display a two-dimensional code data, the screen display medium which visibly displaying the 2-dimensional code data, a storage medium for storing the 2-dimensional code data, and 7. The data according to any one of claims 4 to 6 , wherein any one of communication media capable of mutually communicating the two-dimensional code data between the data generation device and the data restoration device is selected. Decryption method. Each of said processing of the data decoding method according to any one of claims 4 to 7, program characterized by executing the data recovery equipment. A computer-readable recording medium on which the program according to claim 8 is recorded.

Images