KR20050031121A - On line encryption and decryption method and system for fair bidding and auction - Google Patents

Abstract

A method and a system for encrypting and decrypting on line for a fair bidding and auction are provided to search the bidding by the user during the bidding period without disclosing the bidding information. A system for encrypting and decrypting on line for a fair bid and auction includes a user interface unit(201), an encryption unit(202), a storage unit(205), and a data identification unit(204). The user interface unit(201) receives the first password and the first data from the user and receives the first data identification request and the third password from the user. The encryption unit(202) generates the second password by encrypting the first password based on using the non-symmetric encryption algorithm, generates the second data by encrypting the first data based on using the non-symmetric key algorithm and generates the fourth password by encrypting the third password based on using the non-symmetric encryption algorithm. The storage unit(205) stores the second password, does not store the received first password and stores the second data. And, the data identification unit(204) compares the fourth password with the second password and supplies the first data to the user by decrypting the second data based on using the symmetric key algorithm when the fourth password and the second password are matched.

Description

Online encryption and decryption method and system for fair bidding {ON LINE ENCRYPTION AND DECRYPTION METHOD AND SYSTEM FOR FAIR BIDDING AND AUCTION}

The present invention relates to a method and system for online encryption and decryption. More specifically, the data input by the user is encrypted and the user can later view the data, and also view the data only once from an online service provider's point of view. The present invention relates to an online encryption and decryption method and system capable of predetermined processing.

1 is a view for explaining an encryption and decryption method for an online service according to the prior art. First, prior to explaining the present invention, the online encryption and decryption method according to the prior art will be described.

First, we describe the encryption methods currently employed for online financial transaction services. The most widely used method for user authentication or encryption and decryption is Public Key Infrastructure (PKI). Public key cryptography has been widely used for its usefulness since it was proposed in 1976 by W. Diffie and M. Hellman. According to the public key cryptography method, a public key and a private key exist. When a function using a public key is called FPB () and a function using a private key is called FPR (), A relationship is established where FPB (FPR (X)) = FPR (FPB (X)). Several functions are already known to satisfy the above formula, and there is also a method called RSA.

Therefore, the financial information of the user 101 is encrypted by the financial institution 102 that provides an online financial service such as a bank using the public key 104. However, the public key 104 is provided only to the financial institution 102, and the financial institution 102 keeps the public key 104 thoroughly secured. Since the financial data of each individual encrypted using the public key 104 can be solved by the user using the private key 105, the user inquires his or her financial data using his private key 105. . The private key 105 is distributed to the user 101 by the authentication authority (103). This distribution of the private key 105 is distributed in the form of a so-called electronic certificate. Therefore, a user for a financial service must install a certificate including information on the private key 105 from a predetermined certification authority 103 in his PC or the like and use the same to inquire his financial data. However, this method requires installation of an electronic certificate, and since the electronic certificate requires a predetermined certification authority, there is a problem that it is difficult to apply to user authentication on various Internets. Therefore, there is a demand for an online encryption and decryption method that enables a user to view his or her data without a predetermined certification authority.

Second, we describe a method of security in an online event auction of particular interest to the present invention. Online event auctions allow users to pay a small amount (e.g., $ 10) in a bid and participate in a bid for a given item (e.g., a car worth $ 18). Is in the range of very low prices (for example, from 1 to 10,000 won). Therefore, the funds for the purchase of the goods are procured through the bid participation fee, advertising proceeds, etc., so the successful bidder can purchase the predetermined goods at a very low price. These event auction operators include Maxen, Robin, and Korean Bead.

However, in this case, information about the bid amount of the user is very important. This is because, if the user can know the amount of bid in the bid for a given item, it can be a successful bid by predicting the successful bid amount. For this reason, the event auction operators 102 encrypt and store the bid price data of the user, and leave the decryption key for decrypting the encrypted bid amount data to a third party such as an accounting corporation 103. After the bidding period ends, the bidder receives the decryption key from the third party, decrypts the bid amount data of the users 101, and selects a successful bidder based on the decryption key data.

The reason why event auction operators use the above method is that it is very cumbersome to configure the system using a public certificate, and if the user has to be issued a public certificate for the use of a simple online service, the user is uncomfortable with their service. Because we do not use, we do not use public certificate.

However, according to the related art, since only a third party owns a key capable of decrypting bidding amount data, there is no way for users to check their bidding amount during the bidding period. In other words, if the event auction operator stores a key that allows users to verify their bid amount, the event auction operators may be able to identify these keys because they may be leaked and other users may verify their bid amount. It is entrusted to the 3rd engine 103, without storing. In addition, this is to cope with the possibility that hackers can hack the server of the event auction company to hack the bid amount information of the users. However, according to the prior art, since there is no way for a bidder to check his / her bid amount during the bidding period, it is very inconvenient for the user (bidder). Accordingly, there is a demand for an online encryption and decryption method that allows a user to search his / her bid amount during a bid period without exposing a user's bid amount information even when a user is hacked without using an authorized certificate.

In addition, according to the related art, it is technically possible for the event auction company or its insider to collaborate with the third party 103 storing the decryption key to inquire the bid amount of the users. That is, after the third party 103 inquires the bid amount data of all the users using the decryption key stored in the third party 103, the third party 103 may be successful by bidding at an appropriate amount. Therefore, even if the event auction company or its insider collides with the third party 103 storing the decryption key, it is possible to technically prevent bidding based on the information after viewing the bid price data of the users. A method is requested.

In the present invention, the term auction or bidding is used, and the term is in a narrow sense that the auction is a bid value is disclosed, the bid is a difference that the bid value is not disclosed, in the present invention, both the auction and bid terms bid value is It relates to a case where it is not disclosed (in the present invention, since the term auction is generally widely used, the term is sometimes used in the present invention).

The present invention has been made in order to improve the prior art as described above, without using a public certificate, even if hacked, etc., without the user's bid price information is exposed, the user inquires his bid amount during the bid period It is an object of the present invention to provide an online encryption and decryption method and system.

Further, another object of the present invention is to technically prevent bidding based on the information after querying bid price data of users, even if the event auction company or its insider collides with a third party that stores the decryption key. It is an object of the present invention to provide a method and system.

The online encryption and decryption system of the present invention for achieving the above object and to solve the problems of the prior art, (1) receiving a first password and first data from a user, and requesting confirmation of the first data from the user and A user interface for receiving a third password, (2) generating a second password by encrypting the first password using an asymmetric encryption algorithm, and a symmetric key algorithm using the first data as the key value Encrypting to generate second data, encrypting the third password using the asymmetric encryption algorithm to generate a fourth password, (3) storing the generated second password, and receiving the A storage unit for storing the second data without storing the first password, and (4) the fourth password; Compared with a password, and if the fourth password and the second password match, the second data is decrypted using the symmetric key algorithm using the fourth password as a key value to generate the first data to generate the user. It includes a data verification unit provided to.

According to an aspect of the present invention, the first data is a bid value input by the user in an online bidding system, and the encryption unit encrypts the bid value using a predetermined encoding key and a second asymmetric key algorithm to generate a fourth value. Data is generated, the fourth data is stored in the storage unit, and after a predetermined period of time, the bid value is decoded from the fourth data using a predetermined decoding key and the second asymmetric key algorithm, and the bid value And a successful bidder selection unit for selecting a successful bidder.

Hereinafter, with reference to the accompanying drawings will be described an embodiment of the present invention;

2 is a block diagram of an online encryption and decryption system according to the present invention.

The online encryption and decryption system 200 according to the present invention includes a user interface 201, an encryption unit 202, a successful bidder selection unit 203, a data confirmation unit 204, a storage unit 205, and a decryption unit 206. ).

The user interface 201 receives a first password and first data from a user, and receives a request for confirmation of the first data and a third password from the user. For example, in an event auction, a user enters a bid value of 50 won (first data) and a password (eg, "4576"). The user interface 201 is provided in the form of a web page. The user accesses the event auction web page using his / her user terminal connected to the Internet and inputs a bid value and a password.

The encryption unit 202 encrypts the first password by using an asymmetric encryption algorithm to generate a second password, and encrypts the first data by using a symmetric key algorithm using the first password as a key value. Generate data and encrypt the third password using the asymmetric encryption algorithm.

An asymmetric encryption algorithm (asymmetric key algorithm) is a method in which the encryption key used for encryption cannot be used for decryption. One such asymmetric algorithm is a hash function. The encryption method using a hash function is an encryption method in which A cannot be obtained even if both B and the asymmetric encryption algorithm are known. For example, a hash function that maps 10000 numbers to 1000 numbers cannot extract the original data from the encrypted value because the inverse function does not hold. In practice, in addition to the simple hash function described above, various hash functions or asymmetric encryption algorithms that have been verified are used in the present invention. The second password is generated by encrypting the first password using an asymmetric encryption algorithm, but the first password cannot be extracted even if both the second password and the asymmetric encryption algorithm are known. The asymmetric encryption algorithm also includes a case where the key for encryption and the key for decryption are different. According to a preferred embodiment of the present invention, an asymmetric encryption algorithm in which no key to decrypt is used or the key to decrypt is removed (discarded and discarded). This reduces the risk of security due to the presence of the decryption key. Hash algorithms include the MD5 Message Digest Algorithm (RFC 1321) developed by Ron River of MIT, and the Secure Hash Algorithm developed by the National Institute of Standards and Technology (NIST) in the United States. There is this.

The first data (a bid value of the user) is encrypted using a symmetric key algorithm using the first password as an encryption key. The symmetric key algorithm is an encryption method that can obtain A when B is obtained by inputting A to the symmetric key algorithm, if both B and the symmetric key algorithm are known. Symmetric key algorithm is a method that can be decrypted using the key used in encryption. Symmetric key algorithms include the Data Encryption Standard (DES) proposed by IBM and adopted as the Federal Information Processing Standard 46 (FIPS PUB46), and the Advanced Encryption Standard (AES) adopted as a standard since 1998 by the US NIST. have.

The storage unit 205 stores the generated second password and the second data, but does not store the first password. By not storing the first password, even if a hacker hacks the event auction system according to the present invention, there is no way to obtain the user's first password. In addition, since the user's first password is not stored in the event auction system, neither the operator of the event auction system can obtain the user's first password. In addition, since the second password is encrypted with the asymmetric encryption algorithm, even if the stored second password and the asymmetric encryption algorithm are known, the first password input by the user is not known (that is, security is maintained). In addition, since the second data is encrypted using the first password and the symmetric key algorithm, since the first data cannot be decrypted from the second data unless the first password is obtained, security of the first data (bid value) is obtained. Is maintained.

That is, according to the present invention, even if the operator of the event auction system or the hacker who completely hacked the event auction system, the bid value data of the user cannot be obtained.

Now, a description will be given of how the user can inquire the first data (bid data) input by the user.

The user inputs a bid value confirmation request and a third password to the user interface unit 201. If the user is a normal user (for example, the same user as the user who originally entered the bidding value), the user remembers the first password entered by himself, and thus the third password entered is the same data as the first password. .

The third password input by the user is encrypted by the encryption unit 202, and the encrypted third password is called a fourth password.

The data checking unit 204 compares the fourth password generated by encrypting the third password with a second password stored in the storage unit 205, and stores the fourth password when the fourth password matches the second password. The second data stored in the block 205 is decrypted using the symmetric key algorithm using the third password as a key value, and third data is generated and provided to the user. Since the encryption of the password is performed by an asymmetric algorithm, if the data generated as a result of encrypting the third password input by the user using the same password algorithm (asymmetric algorithm) is the same as the second password stored in the storage unit 205 The user is authenticated as a legitimate user. Therefore, the bid value data stored using the third password and the symmetric key algorithm input by the user are decrypted and provided to the user.

According to a preferred embodiment of the present invention, an asymmetric algorithm is preferred in which the encrypted result is different when the user input value is different. However, even if a user's input value is different, the validity of the present invention is maintained even when an asymmetric algorithm is used, in which the encrypted result may be the same. For example, when a user inputs a password as "1234" and applies it to an asymmetric encryption algorithm, the result is encrypted as "7890", and another person inputs "5678" as a password to query the bid value of the user. If the encryption value of "5678" is also "7890", the other person is authenticated. However, in this case, since the bid value provided to the other person is the value of the stored bid value decrypted using the cipher "5678" and the symmetric key algorithm, the stored bid value is decrypted using the cipher "1234" and the symmetric key algorithm. Different from one value. In other words, if the user is not a legitimate user, the bid value information provided to the user is incorrect.

As described above, according to the present invention, even if the operator of the event auction system or the hacker who completely hacks the event auction system, the user can search his / her bid value during the bidding period while preventing the user from obtaining the bid value data.

On the other hand, in the event auction system (or normal auction system), after a predetermined period elapses, the event auction company must select a successful bidder from a plurality of bidders. Such bidding criteria may be variously determined according to event auction operators. For example, a successful bidder may be selected according to criteria such as a bidder who presented the bid amount closest to the average value of the total bid amounts or a bidder who presented the lowest amount among bidders who bid the only amount for the predetermined amount. In either case, in order to select a successful bidder, the event auction company must look up the bidder's bid data.

In the present invention, when a user inputs a bid value (first data), the bidding value data is encrypted in a predetermined encoding key and asymmetric key algorithm (password by the encryption unit 202 in parallel with the encryption method described above. You can use the same algorithm as the asymmetric encryption algorithm, but use a different algorithm. When the data generated by encrypting the first data is called fourth data, the fourth data is stored in the storage unit 205.

In the case of encrypting the password, decryption itself is not possible, but in the case of data (bid data), decryption key is stored. The decryption key may be stored by a third party independent of the event auction company to increase the reliability of security.

The decryption unit 206 decrypts the bidding value data of the users by using a predetermined decoding key and an asymmetric key algorithm, and the successful bidder selecting unit 203 selects the successful bidder according to the bidding value data and a predetermined criterion.

However, even in this case, since the bid value data may be leaked according to the third party who holds the decryption key, the decryption using the decryption key is preferably performed by a one-time password method. The one-time password method can no longer be used once the decryption key is used. According to this method, if someone has obtained the decoding key and inquired the bidding value data of the users, then it is impossible to query the bidding value data of the users again using the decoding key. That is, if a third party who holds the decoding key intentionally inquires the bidding value data of the users by using the decoding key, after the end of the bidding period, the event auction company may search the bidding value data with the same decoding key to select the successful bidder. Since it cannot be obtained, it can be known that someone has obtained the decoding key and inquired the bid value data. In addition, the bidder selection is impossible because the bid value data can no longer be queried.

Therefore, in case of using the system of the present invention, even if the event auction company or its insider collides with a third party that stores the decryption key, it is possible to technically prevent bidding based on the information after viewing the bid price data of the users. Can be.

3 is a flowchart illustrating a procedure of encrypting a user's password and data according to the present invention.

In operation 301, the UI unit 201 receives a first password and first data from the user. For example, in an event auction, the user inputs a bid value of 50 won (first data) and a password (eg, "4576") through the user interface 201.

In step 302, the encryption unit 202 encrypts the first password using an asymmetric encryption algorithm to generate a second password. According to a preferred embodiment of the present invention, an asymmetric encryption algorithm in which no key to decrypt is present or a key to decrypt is removed. This reduces the risk of security due to the presence of the decryption key.

In step 303, the encryption unit 202 encrypts the first data (a bid value of the user) using a symmetric key algorithm using the first password as an encryption key. The symmetric key algorithm is an encryption method that can obtain A when B is obtained by inputting A to the symmetric key algorithm, if both B and the symmetric key algorithm are known.

In steps 304 and 305, the storage unit 205 stores the generated second password and the second data, but does not store the first password. By not storing the first password, it is possible to fundamentally prevent the possibility of the first password being leaked, and also to be able to extract the first password from the stored second password by using an asymmetric encryption algorithm. Therefore, according to the present invention, even if the operator of the event auction system or the hacker who completely hacked the event auction system, the bid value data of the user cannot be obtained.

4 is a flowchart illustrating a procedure for enabling a user to inquire of data input by the user according to the present invention. As described above, in a bidding system, a user often wants to look up a bid value. 4 illustrates a method of supporting this.

The user (bidding participant) who stored the bid value and the password according to FIG. 3 makes a request for confirming the first data (bid value) in step 401. The request for confirmation of the bid value is performed through the user interface unit 201. The web page may be implemented as a predetermined button or the like.

After receiving the first data confirmation request from the user in step 401, the event auction system requests the user to enter a password, and in step 402 receives a password (hereinafter referred to as "third password") from the user. If the user is a normal user, the input third password is the same data as the first password.

The third password entered by the user in step 403 is encrypted by the encryption unit 202. This encrypted third password will be referred to as a fourth password.

In operation 404, the data verification unit 204 compares the fourth password generated by encrypting the third password with a second password stored in the storage unit 205. If the fourth password and the second password do not match as a result of the comparison, an error message is output to the web page in step 406.

When the fourth password and the second password match as a result of the comparison in step 404, the symmetric key in which the third password is a key value of the second data stored in the storage unit 205 in step 405. The third data is generated by decoding using an algorithm.

In step 407 the third data is provided to the user. If the user is a normal user, the third data becomes the first bid value data input by the user, and the user can check the bid value data input by the user. That is, according to the present invention, even if the operator of the event auction system or a hacker who completely hacks the event auction system, the user can query his / her bid value during the bidding period while preventing the user from obtaining the bid value data.

FIG. 5 is a flowchart illustrating a procedure for enabling an online service provider to query data once and perform a predetermined task therefrom according to the present invention.

In an event auction system (or a general auction system), after a predetermined period elapses, the event auction company must select a successful bidder from a plurality of bidders, and for this purpose, the event auction company must inquire the bid amount data of the bidders.

In step 501, when a user inputs a bid value (first data), the bidding value data is asymmetrically encoded and asymmetrically in the encryption unit 202 in parallel with the encryption method described in FIGS. 3 and 4. Encrypt using a key algorithm. If the data generated by encrypting the first data is called fourth data, the fourth data is stored in the storage unit 205 in step 502.

In the case of encrypting the password, decryption itself is not possible, but in the case of data (bid data), decryption key is stored. The decryption key may be stored by a third party independent of the event auction company to increase the reliability of security.

In step 503, the decryption unit 206 decrypts the bid value data of the users by using a predetermined decoding key and asymmetric key algorithm. In step 504, the successful bidder selection unit 203 performs the bid value data and the predetermined Select winners based on criteria.

However, even in this case, since the bid value data may be leaked according to the third party who holds the decryption key, the decryption using the decryption key is preferably performed by a one-time password method. In the case of using the system of the present invention, even if the event auction company or its insider collides with a third party that stores the decryption key, it is possible to technically prevent bidding based on the information after viewing the bid price data of the users. have.

Embodiments of the invention include a computer readable medium containing program instructions for performing various computer-implemented operations. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. The media may be those specially designed and constructed for the purposes of the present invention, or they may be of the kind well-known and available to those having skill in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks. Magneto-optical media, and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. The medium may be a transmission medium such as an optical or metal wire, a waveguide, or the like including a carrier wave for transmitting a signal specifying a program command, a data structure, or the like. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.

6 is an internal block diagram of a general purpose computer device that may be employed to perform the online encryption and decryption method according to the present invention.

Computer device 600 includes one or more processors 601 coupled with a main memory device including random access memory (RAM) 602 and read only memory (ROM) 603. The processor 601 may also be called a central processing unit (CPU). As is well known in the art, the ROM 603 serves to transfer data and instructions to the CPU unidirectionally, and the RAM 602 typically transfers data and instructions bidirectionally. Used to. RAM 602 and ROM 603 may include any suitable form of computer readable media. Mass storage 604 is bidirectionally coupled to processor 601 to provide additional data storage capability, and may be any of the computer readable recording media described above. The mass storage device 604 is used to store programs, data, and the like, and is a secondary memory device such as a hard disk which is generally slower than the main memory device. Certain mass storage devices such as CD ROM 606 may be used. The processor 601 may include one or more input / output interfaces such as a video monitor, trackball, mouse, keyboard, microphone, touchscreen display, card reader, magnetic or paper tape reader, voice or handwriting reader, joystick, or other known computer input / output device. 605 is connected. Finally, the processor 601 may be connected to a wired or wireless communication network through the network interface 607. Through this network connection, the procedure of the method described above can be performed. The apparatus and tools described above are well known to those skilled in the computer hardware and software arts.

The hardware device described above may be configured to operate as one or more software modules to perform the operations of the present invention.

According to the online encryption and decryption method and system of the present invention, a user can search his / her bid amount during a bidding period without using an authorized certificate and without revealing bid amount information of users even when hacked or the like. .

In addition, according to the present invention, even if the event auction company or its insider enters into a third party that stores the decryption key, it is possible to technically prevent bidding based on the information after viewing the bid price data of the users. .

As described above, the present invention has been described by way of limited embodiments and drawings, but the present invention is not limited to the above-described embodiments, which can be variously modified and modified by those skilled in the art to which the present invention pertains. Modifications are possible. Accordingly, the spirit of the present invention should be understood only by the claims set forth below, and all equivalent or equivalent modifications thereof will belong to the scope of the present invention.

1 is a view for explaining an encryption and decryption method for an online service according to the prior art.

2 is a block diagram of an online encryption and decryption system in accordance with the present invention.

3 is a flow chart illustrating a procedure for encrypting a user's password and data in accordance with the present invention.

4 is a flowchart illustrating a sequence of enabling a user to inquire of data input by the user according to the present invention.

FIG. 5 is a flow chart illustrating a procedure for enabling an online service provider to query data once and perform a predetermined task therefrom according to the present invention.

6 is an internal block diagram of a general purpose computer device that may be employed to perform the online encryption and decryption method in accordance with the present invention.

<Explanation of symbols for the main parts of the drawings>

200: online encryption and decryption system

201: user interface unit

202: encryption unit

203: successful bidder selection unit

204: data confirmation unit

205: storage unit

206: decryption unit

Claims (12)

In the online encryption and decryption system, A user interface configured to receive a first password and first data from a user, and to receive a confirmation request and a third password of the first data from the user; Encrypting the first password using an asymmetric encryption algorithm to generate a second password, encrypting the first data using a symmetric key algorithm using the first password as a key value, and generating second data; An encryption unit to generate a fourth password by encrypting a third password using the asymmetric encryption algorithm; A storage unit which stores the generated second password and stores the second data without storing the received first password; And The fourth password is compared with the second password, and when the fourth password and the second password match, the second data is decrypted using the symmetric key algorithm using the fourth password as a key value. A data checking unit generating first data and providing the first data to the user Online encryption and decryption system comprising a. The method of claim 1, And wherein the asymmetric encryption algorithm does not have a decryption key. The method of claim 1, The first data is a bid value input by the user in an online bidding system, The encryption unit encrypts the bid value using a predetermined encoding key and a second asymmetric key algorithm to generate fourth data, The fourth data is stored in the storage unit, Successful bidder selection unit for decoding the bidding value from the fourth data using a predetermined decoding key and the second asymmetric key algorithm after a predetermined period of time, and selecting a successful bidder based on the bidding value. Online encryption and decryption system further comprising. The method of claim 3, And said decryption using said decoding key is performed in a one-time password manner. In the online encryption and decryption method, Receiving a first password and first data from a user; Encrypting the first password using an asymmetric encryption algorithm to generate a second password; Generating second data by encrypting the first data using a symmetric key algorithm using the first password as a key value; Storing the generated second password, and not storing the received first password; And Storing the encrypted second data Online encryption and decryption method comprising a. The method of claim 5, And wherein the asymmetric encryption algorithm does not have a decryption key. 6. The method of claim 5, wherein the first data is a bid value input by the user in an online bidding system. The method of claim 5, Receiving a request for confirmation of the first data from the user; Receiving a third password from the user; Encrypting the third password using the asymmetric encryption algorithm to generate a fourth password; Comparing the fourth password with the second password; Generating the third data by decrypting the second data using the symmetric key algorithm using the third password as a key value when the fourth password and the second password match; And Providing the generated third data to the user Online encryption and decryption method comprising a. The method of claim 7, wherein Generating fourth data by encrypting the bid value using a predetermined encoding key and a second asymmetric key algorithm; Storing the generated fourth data; Generating a bid value by decrypting the fourth data using a predetermined decoding key and the second asymmetric key algorithm after a predetermined period of time; Selecting a successful bidder based on the generated bid value Online encryption and decryption method comprising a. The method of claim 9, The decryption using the encoding key is allowed only once, and it is not allowed to repeatedly decrypt the encrypted fourth data using the encoding key. The method of claim 10, And said decryption using said decoding key is performed in a one-time password manner. A computer-readable recording medium having recorded thereon a computer program for performing the method of any one of claims 5 to 11.