1. Field of the Invention
The present invention relates to a data processing apparatus for compressing/encrypting message data by use of a plurality of function algorithms. The present invention also relates to a modularization technique for the data processing apparatus.
2. Description of the Related Art
In recent years, a data compression type encryption processing function (a hash function), which is applicable to the compression/encryption processing of message data, has attracted the attention of those skilled in the art. To put this function into practice, a method that utilizes, for example, the CBC (cipher block chaining) mode of the DES (data encryption standard) has been proposed.
According to this method, message data subjected to data hashing is divided into data blocks of appropriate size (e.g., L bits) as follows: EQU {B.sub.i } (i=1 to m)
The encryption processing for the (k+1)th data block (k=0 to m-1) is defined as follows: EQU C.sub.k+1 =FK(C.sub.k +B.sub.k+1)
It is assumed that FK represents a block encryption processing function using an encryption key K (fixed). It is also assumed that where k=0, an initial vector I.sub.0 is given to C.sub.0. In this case, the hash value is defined by the processing result C.sub.m obtained in the final stage of the processing.
However, the data compression/encryption processing system utilizing the CBC mode has problems in that once the encryption key K is decoded, two different message data items having the same hash value may be easily produced.
Let it be assumed that the data blocks of the two different message data items M and M' are expressed by: EQU M={B.sub.i } EQU M'={B.sub.i '}
where i=1 to m. If, in this case, the condition expressed by EQU C.sub.m-1 +B.sub.m =C.sub.m-1 '+B.sub.m '
is satisfied, the hash values of M and M' become equal to each other though the message data items have been processed in different ways.
In other words, "C.sub.m-1 +B.sub.m " can be presumed based on hash value C.sub.m if the encryption key K is decoded. Hence, M', which has the same hash value as M, can be obtained by performing calculation, with a block group {B.sub.i '} (i=1 to m-1) appropriately determined, and by determining the final block B.sub.m ' to satisfy the condition formula. This means that data collision may easily occur in the encryption processing method which is based on the hash function utilizing the CBC mode.
An encryption LSI (large scale integration circuit) is known as a function processing module which is used to execute the function processing (e.g., encryption processing) of data, for the data security purpose. In the prior art, the function processing module of this type supports only one function algorithm. Even if it supports a plurality of function algorithms, one of them is selected for use, in response to an external switching control signal. Therefore, when a data processing apparatus of this type is fabricated as a module, it is necessary to ensure very reliable data security.