In recent years, electronic mail, electronic bulletin boards, and so on have begun to be frequently used as means for exchanging and offering information under network environments.
In this kind of network, a system is built, based on an open architecture and so unauthorized access to electronic mail and leakage of confidential information to a third party have ever posed problems.
Furthermore, commercial services relying on the use of networks such as online shopping and home banking have been put into practical use. Under these circumstances, leakage of secret information to unauthorized persons might induce crimes.
In view of the foregoing, various cryptocommunication systems have been studied to enhance data security on networks. In particular, a sender encrypts data and transmits it over a network. A recipient deciphers the received encrypted data so as to restore it to its original format.
In multiaddress communication, information is transmitted from a single sender to a plurality of receivers. Crypto-communication used in such multiaddress communication employs either common keys or private keys.
Where a common key is used., a common public key used for encipherment and a secret key used for decipherment are shared by all subscribers, i.e., senders and receivers. A sender encrypts information, using the public key common to all the subscribers, and transmits the encrypted information. A subscriber who receives this information decodes the encrypted information into plaintext that is in a plainly readable form, using the secret key common to all the subscribers.
Where private keys are employed, all the subscribers share a list of subscribers and a list of all private keys for their respective subscribers. When a sender transmits information to receivers, the sender encrypts the information with the public keys for the receivers, respectively. The receivers decrypt the codetext with their own secret keys so that the information is intelligible. These prior art techniques have the following problems.
Where a common key is utilized as described above, the secret key common to all the subscribers are managed by all of them and, therefore, it is highly likely that a third person gains acquaintance with the secret key. Hence, secrecy is liable to be breached. Furthermore, the possibility that a malicious subscriber deliberately makes use of the secret key in an illegal manner cannot be eliminated.
When a subscriber withdraws from this multiaddress communication system, a new secret key common to all the remaining subscribers must be created and distributed to them to prevent leakage of information. If the number of the subscribers of this multiaddress communication system increases, the management may be rendered more complex. In addition, an unexpected third party is able to transmit information to this multiaddress communication system, because the public key is made public. This may spoil the confinement of transmission of information among certain persons.
Where private keys are exploited as mentioned above, the following problems arise. The burden imposed on the storage portion of an encryption device for each subscriber may be increased unless each individual subscriber manages a list of all subscribers and the public keys. When a new user participates in the multiaddress communication system or some subscriber withdraws from this system, such information about the public keys for the subscribers which is held by the remaining subscribers must be updated. In this way, where the number of subscribers of the multiaddress communication system increases or decreases, it will become very cumbersome to manage and maintain the system.
Moreover, where the subscribers are distributed remotely, it takes a long time to transmit updated information. As a result, the contents of the information will become different among remaining subscribers. This would make it difficult to run the system smoothly.