WO2015156145A1 - Procédé de re-chiffrement, système de re-chiffrement et dispositif de re-chiffrement - Google Patents

Procédé de re-chiffrement, système de re-chiffrement et dispositif de re-chiffrement Download PDF

Info

Publication number
WO2015156145A1
WO2015156145A1 PCT/JP2015/059535 JP2015059535W WO2015156145A1 WO 2015156145 A1 WO2015156145 A1 WO 2015156145A1 JP 2015059535 W JP2015059535 W JP 2015059535W WO 2015156145 A1 WO2015156145 A1 WO 2015156145A1
Authority
WO
WIPO (PCT)
Prior art keywords
user terminal
message
network
key
encryption
Prior art date
Application number
PCT/JP2015/059535
Other languages
English (en)
Japanese (ja)
Inventor
尚生 坂崎
木下 照己
Original Assignee
株式会社日立製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社日立製作所 filed Critical 株式会社日立製作所
Priority to CN201580011026.9A priority Critical patent/CN106031083A/zh
Publication of WO2015156145A1 publication Critical patent/WO2015156145A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Definitions

  • the present invention relates to a re-encryption method, a re-encryption system, and a re-encryption device that re-encrypt ciphertext.
  • a message can be sent safely by re-encrypting it into a ciphertext that can be decrypted with the private key of another user terminal without decrypting the ciphertext of a message addressed to a user terminal during transmission.
  • a technique called proxy re-encryption technique is known (for example, see Patent Document 1).
  • this proxy re-encryption technique has attracted attention as a technique that allows data to be shared more securely on a cloud service.
  • a certain citizen is notified only of a message regarding the tax field from the National Tax Agency or a local government, and does not want to notify a message from another message sender or a message in another field.
  • the ciphertext generated for the specific user device can be decrypted by all user devices having the re-encryption key, The browsing of messages by message recipients cannot be controlled by message sender and message field.
  • the agent may perform various processes on behalf of the principal, and if the data is encrypted for the principal, the agent may not be able to perform the act of proxy. Therefore, an encryption technology is also desired in which encrypted data addressed to the principal can be viewed by the representative of the principal.
  • a user device that sends a message is a device that is managed by the NTA and local government
  • a first user device is a device that is managed by a taxpayer
  • a second user device is a device that is managed by an agent such as a tax accountant.
  • the agent can decrypt all the ciphertext addressed to the taxpayer regardless of the contents.
  • the taxpayer has given the agent the authority to act on taxes
  • only the ciphertext sent to the taxpayer from the National Tax Agency or the ciphertext sent to the taxpayer from the local government is related to the tax field.
  • the present invention has been made in view of such circumstances, and a re-encryption method, a re-encryption system, and a re-encryption for controlling message viewing by a message receiver for each message sender and message field.
  • An object is to provide an apparatus.
  • the present invention is a re-encryption method in a re-encryption system including a plurality of user terminals and a re-encryption apparatus connected to the user terminals via a network.
  • the first user terminal includes a secret key of the first user terminal, information for identifying the second user terminal of the communication partner, and information for identifying the field of the message addressed to the second user terminal
  • An encryption key is generated, the message is encrypted using the encryption key, and the encrypted message is transmitted to the re-encryption device via the network.
  • the re-encryption device receives the encrypted message from the first user terminal via the network, and uses the first conversion key stored in the storage unit for the received encrypted message.
  • Re-encryption is performed, and the re-encrypted message is stored in the storage unit.
  • the second user terminal receives the re-encrypted message from the re-encryption device via the network, the second user terminal's private key, and the communication partner's first user terminal
  • a decryption key including information identifying the message and information identifying the field of the message is generated, and the re-encrypted message is decrypted using the decryption key to obtain the original message.
  • FIG. 10 is a sequence diagram showing a conversion key registration method used when the conversion server 20 re-encrypts the ciphertext relating to the message field ⁇ .
  • the user terminal 10-3 generates a message M related to the message field ⁇ addressed to the user terminal 10-1 and its ciphertext, transmits the generated ciphertext to the conversion server 20, and the conversion server 20 re-encrypts the ciphertext.
  • FIG. 10 is a sequence diagram showing a conversion key registration method used when the conversion server 20 re-encrypts the ciphertext relating to the message field ⁇ .
  • the user terminal 10-3 generates a message M related to the message field ⁇ addressed to the user terminal 10-1 and its ciphertext, transmits the generated ciphertext to the conversion server 20, and the conversion server 20 re-encrypts the ciphertext.
  • FIG. 6 is a sequence diagram showing a flow from decrypting a re-ciphertext by the user terminal 10-1 to obtaining a message M in the message field ⁇ .
  • 6 is a sequence diagram showing a flow until registration of a conversion key for proxy browsing of a message M in the conversion server 20.
  • FIG. FIG. 6 is a sequence diagram showing a flow from when a re-ciphertext is received as a proxy by the user terminal 10-2 to obtain a message M in the message field ⁇ . It is a figure for demonstrating the meaning of the operator used by this embodiment.
  • FIG. 1 is a diagram showing an example of the overall configuration of a re-encryption system according to an embodiment of the present invention and an example of the functional configuration of each computer constituting the re-encryption system.
  • a plurality of user terminals (10-1, 10-2, 10-3) and a conversion server (re-encryption device) 20 are mutually connected via a network 30 such as the Internet.
  • a computer network system configured to be connected.
  • the user terminal 10-3 encrypts data (hereinafter referred to as a message) addressed to the user terminal 10-1 of the user A regarding a specific field (hereinafter referred to as a message field ⁇ ), and the encrypted message (hereinafter referred to as a message).
  • a mechanism for the user terminal 10-2 of the user B who is permitted to browse to acquire the message will be described.
  • each user terminal (10-1, 10-2, 10-3) As shown in FIG. 1, each user terminal (10-1, 10-2, 10-3) generates a secret key managed by each user terminal (10-1, 10-2, 10-3).
  • Secret key generation unit 101 generates information for dynamically generating an encryption key / decryption key, etc., and registering an encryption key (hereinafter referred to as a conversion key) necessary for generating a re-encrypted text related to the message field ⁇ .
  • a key calculation unit 102 that performs communication, a public ID storage unit 103 that stores message attribute information such as an ID (identification) that identifies a communication partner terminal and an ID that identifies a message field ⁇ , and a secret generated by the secret key generation unit 101
  • a key storage unit 104 that securely manages a key; an information generation unit 105 that generates a message to a communication partner terminal; an encryption processing unit 106 that generates a ciphertext by encrypting a message using an encryption key; Send and receive ciphertext And parts 107, a primary storage device 108 using a semiconductor (also referred to as memory), can be configured from the information display unit 109 to display a message.
  • the ID for identifying the communication partner is not limited as long as it can identify the individual publicly, such as an e-mail address or identification number, and is assumed to be notified to the user in advance for each system to be used.
  • the ID for identifying the message field ⁇ is information for identifying the field to which the message belongs, such as the tax field and the social welfare field, and is notified to the user in advance for each system to be used.
  • Each user terminal (10-1, 10-2, 10-3) having such a function can be realized by a general computer.
  • the secret key generation unit 101, the key calculation unit 102, the information generation unit 105, the cryptographic processing unit 106, and the ciphertext transmission / reception unit 107 can be realized as a computer program executed by a control unit such as a CPU (Central Processing Unit).
  • the computer program can be distributed via a recording medium such as the network 30, a hard disk, or a flash memory device.
  • the public ID storage unit 103 and the key storage unit 104 can be realized as, for example, a hard disk or a flash memory device.
  • the information display unit 109 can be realized as a liquid crystal display device or an organic EL (Electro Luminescence) display, for example.
  • the conversion server 20 includes a ciphertext transmission / reception unit 201 that transmits and receives ciphertext, a ciphertext uploaded to the conversion server 20 from which user terminal to which user terminal, and which A sender / receiver control unit 202 that controls whether the message is in a message field, a conversion key storage unit 203 that manages a conversion key used for re-encryption, a re-ciphertext storage unit 204 that stores a re-ciphertext, and a conversion key From a key calculation unit 205 that generates information for registering a random number, a re-encryption processing unit 206 that performs re-encryption processing, and a primary storage device 207 (also referred to as a memory) using a semiconductor.
  • a ciphertext transmission / reception unit 201 that transmits and receives ciphertext
  • a ciphertext uploaded to the conversion server 20 from which user terminal to which user terminal and which A sender / receiver control unit 202
  • the conversion server 20 having such a function can be realized by a general computer.
  • the ciphertext transmission / reception unit 201, the sender / receiver control unit 202, the key calculation unit 205, and the re-encryption processing unit 206 can be realized as a computer program executed by a control unit such as a CPU.
  • This computer program can be distributed via a recording medium such as the network 30, a hard disk, or a flash memory device.
  • the conversion key storage unit 203 and the re-ciphertext storage unit 204 can be realized as, for example, a hard disk or a flash memory device.
  • FIG. 7 is a diagram for explaining the meaning of the operators used in this embodiment.
  • three operators of ⁇ (901), f (,) (902), and h (,,) (903) are used.
  • the operator ⁇ (901) is an operator for commutative mask processing. For example, performing mask processing of data A with data B is represented as B • A.
  • the mask process refers to a process in which data B is applied to data A and converted to another value.
  • the operator ⁇ (901) has the following properties.
  • Operator f (,) (902) is an encryption processing operator that is commutative with respect to the encryption key. For example, the encryption of data A with the encryption key K (f (K, A) ).
  • the operator f (,) (902) has the following properties.
  • the operator ⁇ (901) and the operator f (,) (902) may be used as operators for performing the same arithmetic processing, or may be used as operators for performing different arithmetic processing satisfying the above properties. Also good.
  • the data A can be decrypted by re-encrypting the ciphertext using the reciprocal number (also referred to as the inverse element) of the encryption key due to the property (c).
  • FIG. 2 is a sequence diagram showing a conversion key registration method used when the conversion server 20 re-encrypts the ciphertext relating to the message field ⁇ .
  • the user terminal 10-3 of the user C notifies the user terminal 10-1 of the user A of the content of the message related to the message field ⁇ .
  • An application for registration of a conversion key used when re-encrypting the ciphertext is made (step S001).
  • the conversion server 20 Upon receiving the conversion key registration application information, the conversion server 20 generates a random number p (step S002) and transmits the random number p to the user terminal 10-3 that is the conversion key registration application source (step S003).
  • the conversion server 20 has its own private key Kc managed by the key storage unit 104, IDa which is a public ID for identifying the user terminal 10-1 managed by the public ID storage unit 103, and hash value h by entering the ID [delta] identifies the hash function areas [delta] of the user terminal 10-1 addressed message (Kc, IDa, ID [delta]) were calculated, and generates an encryption key (step S004).
  • the user terminal 10-3 masks the reciprocal number h (Kc, IDa, ID ⁇ ) ⁇ 1 of the encryption key using the random number p received in step S003, and the value p ⁇ h (Kc, IDa, ID ⁇ ) ⁇ 1 is generated and transmitted to the user terminal 10-1 (step S005).
  • the operator f (,) to be used is described as an xor function, the reciprocal number of the encryption key is masked using the random number p.
  • the reciprocal number of the encryption key is not necessarily required. If the operator f (,) to be used is different, the value generated from the encryption key may be masked using the random number p as necessary.
  • the user terminal 10-1 Upon receiving the value p-1h (Kc, IDa, ID ⁇ ) ⁇ 1 obtained by masking the value generated from the encryption key using the random number p, the user terminal 10-1 manages it in the key storage unit 104. Own secret key Ka, IDc which is a public ID for identifying the user terminal 10-3 managed by the public ID storage unit 103, and ID ⁇ for identifying the message field ⁇ are input to the hash function. A hash value h (Ka, IDc, ID ⁇ ) is calculated and a decryption key is generated (step S006).
  • the user terminal 10-1 masks the value h (Ka, IDc, ID) obtained by masking ph (Kc, IDa, ID ⁇ ) ⁇ 1 received from the user terminal 10-3 using the decryption key.
  • ⁇ ) ⁇ p ⁇ h (Kc, IDa, ID ⁇ ) ⁇ 1 is generated and transmitted to the conversion server 20 (step S007).
  • the conversion server 20 sends the conversion key h (Ka, IDc, ID ⁇ ) ⁇ h (Kc, IDa, ID ⁇ ) ⁇ 1 to the field of the message addressed to the user terminal 10-1 from the user terminal 10-3.
  • the conversion key relating to ⁇ is registered in the conversion key storage unit 203 (step S009).
  • the conversion key registration method described above it is possible to prevent the secret key Ka managed by the user terminal 10-1 and the secret key Kc managed by the user terminal 10-3 from leaking to the conversion server 20. Thereby, it is possible to prevent the content of the message from leaking to a third party.
  • the conversion server 20 receives the conversion key deletion application from the user terminal 10-1 or the user terminal 10-3, the conversion server 20 deletes the corresponding conversion key from the conversion key storage unit 203.
  • the message M related to the message field ⁇ addressed to the user terminal 10-1 and its ciphertext are generated by the user terminal 10-3, the generated ciphertext is transmitted to the conversion server 20, and the conversion server 20 It is a sequence diagram which shows the flow of a process until it re-encrypts a ciphertext.
  • the user terminal 10-3 generates a message M related to the message field ⁇ addressed to the user terminal 10-1 (step S201).
  • the user terminal 10-3 has its own private key Kc managed by the key storage unit 104 and a public ID for identifying the user terminal 10-1 managed by the public ID storage unit 103.
  • there IDa and message M hash value h by entering the ID [delta] identifies the hash function message field [delta] of (Kc, IDa, ID [delta]) were calculated, and generates an encryption key (step S202).
  • the user terminal 10-3 encrypts the message M using the generated encryption key h (Kc, IDa, ID ⁇ ), and generates a ciphertext f (h (Kc, IDa, ID ⁇ ), M). (Step S203). Next, the user terminal 10-3 transmits the ciphertext relating to the message field ⁇ addressed to the user terminal 10-1 to the conversion server 20 (step S204).
  • the conversion server 20 When the conversion server 20 receives the ciphertext f (h (Kc, IDa, ID ⁇ ), M), the conversion server 20 sends the field of the message addressed to the user terminal 10-1 from the user terminal 10-3 from the conversion key storage unit 203.
  • a conversion key h (Ka, IDc, ID ⁇ ) ⁇ h (Kc, IDa, ID ⁇ ) ⁇ 1 for ⁇ is acquired (step S205), and ciphertext f (h (Kc, IDa, ID ⁇ ), M) is re-encrypted (step S206).
  • the re-ciphertext generated at this time is as follows due to the nature of each operator.
  • the conversion server 20 After generating the re-ciphertext, the conversion server 20 stores the re-ciphertext in the re-ciphertext storage unit 204.
  • FIG. 4 shows a flow from the user terminal 10-1 to decrypting the re-ciphertext including the message in the message field ⁇ addressed to the user terminal 10-1 from the user terminal 10-3 and acquiring the message M.
  • the user terminal 10-1 checks whether or not a new arrival message exists in the conversion server 20 (step S301). If there is a new message, the user terminal 10-1 acquires the re-ciphertext f (h (Ka, IDc, ID ⁇ ), M) from the re-ciphertext storage unit 204 of the conversion server 20 (step S302). This ciphertext includes the message M in the message field ⁇ addressed from the user terminal 10-3 to the user terminal 10-1.
  • the user terminal 10-1 generates a decryption key for decrypting the re-ciphertext (step S303). Specifically, the user terminal 10-1 identifies its own secret key Ka managed by the key storage unit 104 and the user terminal 10-3 managed by the public ID storage unit 103.
  • a decryption key is generated by calculating a hash value h (Ka, IDc, ID ⁇ ) obtained by inputting IDc, which is a public ID, and ID ⁇ identifying the message field into a hash function.
  • the user terminal 10-1 decrypts the reciphered text f (h (Ka, IDc, ID ⁇ ), M) using the reciprocal h (Ka, IDc, ID ⁇ ) ⁇ 1 of the generated decryption key.
  • the message M is acquired (step S304).
  • the re-ciphertext decryption process is as follows.
  • the user terminal 10-3 identifies the secret key Kc of the user terminal 10-3 and the user terminal 10-1 that is the communication partner. to IDa and the user generates an encryption key and a ID [delta] identifies the message field [delta] of the terminal 101 addressed message M, encrypts the message M using the encryption key, the conversion server 20 and the ciphertext Send to.
  • the conversion server 20 re-encrypts the ciphertext using the conversion key generated in advance, and stores the re-ciphertext in the re-ciphertext storage unit 204.
  • the user terminal 10-1 When the user terminal 10-1 confirms the existence of the new message M addressed to the user terminal 10-1 at the conversion server 20, the user terminal 10-1 acquires the ciphertext from the re-ciphertext storage unit 204 of the conversion server 20. The user terminal 10-1 then transmits the secret key Ka of the user terminal 10-1, the IDc for identifying the user terminal 10-3 that is the communication partner, and the message field ⁇ of the message M addressed to the user terminal 10-1. A decryption key including ID ⁇ for identifying is generated, and the re-ciphertext is decrypted using this decryption key to obtain the original message M.
  • the user terminal 10-3 of the user C encrypts the message M addressed to the user terminal 10-1 of the user A related to the specific message field ⁇ , and the ciphertext is re-encrypted by the conversion server 20.
  • the mechanism for acquiring the message M by decrypting the re-ciphertext at the user terminal 10-1 has been described. By such a mechanism, only the message M related to the specific message field ⁇ addressed to the user terminal 10-1 among the messages generated by the user terminal 10-3 is not leaked to a third party. It can be acquired at the user terminal 10-1. *
  • FIG. 5 is a sequence diagram showing a flow until registration of the conversion key for proxy browsing of the message M in the conversion server 20.
  • the user terminal 10-1 of the user A gives the conversion server 20 the authority to proxy-receive the message M in the message field ⁇ from the user terminal 10-3 to the user terminal 10-2 of the user B.
  • An agent registration application is sent to inform the effect (step S401).
  • the conversion server 20 Upon receiving the agent registration application information, the conversion server 20 generates a random number p ′ (step S402) and transmits the random number p ′ to the user terminal 10-1 (step S403).
  • the user terminal 10-1 When the user terminal 10-1 receives the random number p ′, the user terminal 10-1 stores its own private key Ka managed by the key storage unit 104 and the user terminal 10-3 managed by the public ID storage unit 103. a public ID identifying IDc and message fields hash value by inputting the ID [delta] identifies the hash function [delta] h calculated (Ka, IDc, ID [delta]), and generates an encryption key (step S404). Next, the user terminal 10-1 uses the random number p ′ received from the conversion server 20 to generate a value p ′ ⁇ h (Ka, IDc, ID ⁇ ) ⁇ 1 by masking the reciprocal of the decryption key, This is transmitted to the user terminal 10-2 (step S405).
  • a hash value h (Kb, IDa, ID ⁇ ) is calculated by inputting IDa, which is a public ID that identifies the managed user terminal 10-1, and ID ⁇ , which identifies the message field ⁇ , into a hash function, and decryption A key is generated (step S406).
  • the user terminal 10-2 masks the value p ′ ⁇ h (Ka, IDc, ID ⁇ ) ⁇ 1 received from the user terminal 10-1 using the decryption key h (Kb, IDa). , ID ⁇ ) • p ′ • h (Ka, IDc, ID ⁇ ) ⁇ 1 is generated and transmitted to the conversion server 20 (step S407).
  • the conversion server 20 deletes the corresponding conversion key from the conversion key storage unit 203 when receiving the application for deleting the conversion key for proxy browsing of the message M from the user terminal 10-1 or the user terminal 10-3.
  • FIG. 6 is a sequence diagram showing a flow from when the user terminal 10-2 receives the re-ciphertext including the message M in the message field ⁇ addressed to the user terminal 10-1 as a proxy and acquires the message M. .
  • the user terminal 10-2 confirms whether or not a new message M regarding the message field ⁇ addressed to the user terminal 10-1 from the user terminal 10-3 exists in the conversion server 20 (application for proxy browsing). (Step S501).
  • the conversion server 20 converts the conversion key h (Kb, IDa, ID ⁇ ) ⁇ h (Ka, IDc, ID ⁇ ) ⁇ 1 for proxy browsing of the message M from the conversion key storage unit 203. (Step S502), and using this conversion key, the re-ciphertext relating to the message field ⁇ addressed to the user terminal 10-1 generated in step S207 of FIG. Re-encryption is performed again to generate a ciphertext (step S503).
  • the re-ciphertext generated at this time is as follows due to the nature of each operator.
  • the user terminal 10-2 After confirming the new arrival message M, the user terminal 10-2 acquires the ciphertext f (h (Kb, IDa, ID ⁇ ), M) again from the conversion server 20 (step S504).
  • the user terminal 10-2 has its own private key Kb managed by the key storage unit 104 and a public ID for identifying the user terminal 10-1 managed by the public ID storage unit 103.
  • hash enter the ID [delta] identifies the hash function IDa and message fields [delta] value h (Kb, IDa, ID [delta]) were calculated, and generates the decryption key (step S505).
  • the user terminal 10-2 decrypts the ciphertext again using the reciprocal h (Kb, IDa, ID ⁇ ) ⁇ 1 of the decryption key, and obtains the message M (step S506).
  • the ciphertext of the message M addressed to the user terminal 10-1 from the user terminal 10-3 is re-encrypted by the conversion server 20, and the re-ciphertext is sent from the user terminal 10-2.
  • the encrypted message is re-encrypted to generate a re-encrypted text
  • the user terminal 10-2 decrypts the re-encrypted text without using the private key of the user terminal 10-1, and the original message M Can be obtained.
  • the ciphertext of the message M addressed to the user terminal 10-1 is not decrypted in the middle of transmission, so that information is prevented from being leaked due to third party fraud. it can.
  • the mechanism in which the user terminal 10-2 receives the re-ciphertext including the message M in the message field ⁇ addressed to the user terminal 10-1 as a proxy and acquires the message M has been described.
  • the user terminal of the message generating source when encrypting the generated message, does not encrypt the message only with the encryption key of the own user terminal, but instead of encrypting the generated message.
  • Data including an encryption key, information for identifying a communication partner terminal, and information for identifying a message field is generated as an encryption key, and the message is encrypted using the encryption key.
  • the decryption key of the own terminal information for identifying the user terminal of the message generation source that is the communication partner terminal, and information for identifying the message field are included. Necessary. Therefore, the message receiving terminal and its proxy terminal cannot decrypt the ciphertext if the communication partner and the message field are different.
  • each user terminal since each user terminal only needs to manage its own secret key, it becomes easy to manage the secret key.
  • the ID for identifying the communication partner and the message field are used as the identifier ID, but other IDs indicating the validity period of the message are also used.
  • a user terminal that performs proxy browsing of messages by using a plurality of IDs that identify message attributes may be used to finely control the range in which proxy browsing is possible.
  • the key generation process may be dynamically generated at the time of message encryption / decryption, or may be generated in advance and managed by each user terminal.
  • the above embodiment can also be applied to the My Portal system in the social security / tax number system that the Japanese government is considering.
  • the function of the conversion server 20 according to the present embodiment may be constructed on the same physical device as one function of My Portal, or physically separated from My Portal.
  • the portal may construct the function of the conversion server 20 according to the present embodiment on another device only by bridging data.
  • the above embodiment can also be applied to a system for sharing data on a cloud service.

Abstract

Pour chaque expéditeur de messages et pour chaque champ de message, la visualisation d'un message est commandée par un récepteur de messages. Dans un terminal d'utilisateur (10-3) d'un utilisateur C en tant qu'expéditeur de messages, une clé secrète d'un terminal utilisateur (10-1) d'un utilisateur A en tant que récepteur de messages et une clé de chiffrement comprenant un identifiant servant à identifier le terminal d'utilisateur (10-1) en tant que partenaire de communication du terminal d'utilisateur (10-3) et un identifiant pour identifier un champ de message (δ) sont utilisées pour chiffrer un message. Dans le terminal d'utilisateur (10-1) qui reçoit le message, un message chiffré généré à l'aide d'une clé de conversion par un serveur de conversion (20) est déchiffré avec la clé secrète du terminal d'utilisateur (10-1) et avec une clé de déchiffrement comprenant un identifiant servant à identifier le terminal d'utilisateur (10-3) en tant que partenaire de communication du terminal d'utilisateur (10-1) et l'identifiant pour identifier le champ de message (δ), et un message original est extrait.
PCT/JP2015/059535 2014-04-09 2015-03-27 Procédé de re-chiffrement, système de re-chiffrement et dispositif de re-chiffrement WO2015156145A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201580011026.9A CN106031083A (zh) 2014-04-09 2015-03-27 再加密方法、再加密系统以及再加密装置

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2014-079832 2014-04-09
JP2014079832A JP2015201773A (ja) 2014-04-09 2014-04-09 再暗号化方法,再暗号化システム及び再暗号化装置

Publications (1)

Publication Number Publication Date
WO2015156145A1 true WO2015156145A1 (fr) 2015-10-15

Family

ID=54287722

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2015/059535 WO2015156145A1 (fr) 2014-04-09 2015-03-27 Procédé de re-chiffrement, système de re-chiffrement et dispositif de re-chiffrement

Country Status (3)

Country Link
JP (1) JP2015201773A (fr)
CN (1) CN106031083A (fr)
WO (1) WO2015156145A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112889240A (zh) * 2018-10-24 2021-06-01 日本电信电话株式会社 服务器装置、通信终端、通信系统、以及程序
CN116028979A (zh) * 2023-03-22 2023-04-28 新兴际华集团财务有限公司 密钥安全管理方法、装置、电子设备和计算机可读介质

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6385721B2 (ja) * 2014-06-04 2018-09-05 株式会社日立製作所 再暗号化鍵生成方法、再暗号化方法、再暗号化鍵生成システム及び再暗号化システム

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060215839A1 (en) * 2004-12-22 2006-09-28 Oliver Augenstein Method for handling data
JP2010114682A (ja) * 2008-11-06 2010-05-20 Japan Science & Technology Agency ストレージノード用再暗号化システム及び方法
JP2014027413A (ja) * 2012-07-25 2014-02-06 Toshiba Tec Corp コード生成装置及びコード復号装置

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SG194762A1 (en) * 2011-04-27 2013-12-30 Toshiba Kk Re-encryption key generator, re-encryption apparatus, and program

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060215839A1 (en) * 2004-12-22 2006-09-28 Oliver Augenstein Method for handling data
JP2010114682A (ja) * 2008-11-06 2010-05-20 Japan Science & Technology Agency ストレージノード用再暗号化システム及び方法
JP2014027413A (ja) * 2012-07-25 2014-02-06 Toshiba Tec Corp コード生成装置及びコード復号装置

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
EIJI OKAMOTO: "Cryptogram technology for realization of a bright information society 5. Distribution management of a cipher key", BIT, vol. 23, no. 12, 1 November 1991 (1991-11-01), pages 51 - 59 *
HISAO SAKAZAKI ET AL.: "Kyotsu Kagi Ango Base no Saiango Hoshiki no Kento", 2014 NEN SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY SCIS2014, vol. 2D4-1, 21 January 2014 (2014-01-21), pages 1 - 8 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112889240A (zh) * 2018-10-24 2021-06-01 日本电信电话株式会社 服务器装置、通信终端、通信系统、以及程序
CN116028979A (zh) * 2023-03-22 2023-04-28 新兴际华集团财务有限公司 密钥安全管理方法、装置、电子设备和计算机可读介质

Also Published As

Publication number Publication date
CN106031083A (zh) 2016-10-12
JP2015201773A (ja) 2015-11-12

Similar Documents

Publication Publication Date Title
US11146391B2 (en) Orthogonal access control for groups via multi-hop transform encryption
US8948391B2 (en) Secure communication method
US10177909B1 (en) Managing private key access in multiple nodes
US20150365382A1 (en) Method and apparatus for enforcing storage encryption for data stored in a cloud
WO2016136024A1 (fr) Système de commande de direction de remplacement de clés, et procédé de commande de direction de remplacement de clés
KR101648364B1 (ko) 대칭키 암호화와 비대칭키 이중 암호화를 복합적으로 적용한 암/복호화 속도개선 방법
CN106790037A (zh) 一种用户态加密的即时通讯方法与系统
JP6302851B2 (ja) 再暗号化方法、再暗号化システム、および再暗号化装置
JP6058514B2 (ja) 暗号処理方法、暗号システム、およびサーバ
Reshma et al. Pairing-free CP-ABE based cryptography combined with steganography for multimedia applications
CN113300999A (zh) 信息处理方法、电子设备和可读存储介质
WO2015156145A1 (fr) Procédé de re-chiffrement, système de re-chiffrement et dispositif de re-chiffrement
KR101695361B1 (ko) 페어링 연산 및 비밀키를 이용한 술어 암호화 방법
KR101812311B1 (ko) 사용자 단말 및 속성 재암호 기반의 사용자 단말 데이터 공유 방법
JP5491713B2 (ja) 暗号化装置、暗号化プログラム及び方法
KR102526114B1 (ko) 암호화 및 복호화를 위한 장치 및 방법
US11177949B2 (en) Data sharing method, data sharing system, data sharing server, communication terminal and program
CN111953480A (zh) 密钥生成装置以及方法、运算密钥生成装置以及方法
JP6385721B2 (ja) 再暗号化鍵生成方法、再暗号化方法、再暗号化鍵生成システム及び再暗号化システム
KR102507864B1 (ko) 보안 인스턴트 메시징 방법 및 장치
JP7254296B2 (ja) 鍵交換システム、情報処理装置、鍵交換方法及びプログラム
JP6723908B2 (ja) 暗号化データ流通システム及び方法
CN115426331A (zh) 邮件传输方法、装置、计算机设备和存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15777167

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15777167

Country of ref document: EP

Kind code of ref document: A1