1. Field of the Invention
The present invention generally relates to a multi-level data encryption and decryption system and a method thereof.
2. Description of Related Art
In recent years, various wireless transmission techniques, such as wireless sensor network (WSN), Zigbee, and Bluetooth, have been broadly applied to different data transmission environments thanks to the development of the wireless transmission techniques and the characteristics of wireless nodes. For example, WSN has been broadly applied to the state monitoring of different sites or objects, such as the monitoring of a shopping mall, the monitoring of environmental contamination, and the security monitoring of a construction site (for example, the construction site of a subway). To ensure the security of a monitored site or object, a wireless sensor constantly sends the state of the monitored site or object it detects back to a control center so that a user can connect to the control center and download related data to monitor the state of the monitored site or object.
Data security is a very important issue in a wireless transmission environment. Thus, the data transmitted in a wireless transmission environment is usually encrypted with a key in order to prevent unauthorized users from accessing the data. However, in a multi-user system, each user can access different data. Accordingly, multiple keys are usually used for encrypting data of different levels, and a user can use his own keys to decrypt the authorized data. In such a system, a user has to manage multiple keys, and the more levels the data is divided, the more keys the user has to manage. As a result, key management becomes very inconvenient.
Additionally, the keys are usually updated periodically to prevent a user having terminated authorization from accessing the data by using his original key or a newly authorized user from accessing previously encrypted data. Namely, in such a system, data is encrypted with different key at different time so as to achieve forward and backward data security. However, according to such a data encryption mechanism, all the encryption devices for encrypting data and all the end-user devices have to be synchronized to ensure that the encryption devices and the end-user devices use correct keys for encrypting and decrypting data. This synchronizing action increases the load of the system. Moreover, because different key is used for encrypting data at different time, both level-oriented keys and time-oriented keys have to be managed by a user. As a result, key management is made even more inconvenient.
A data encryption method is disclosed in U.S. Patent No. 2002/0191796 to resolve foregoing problems. According to this method, a data is divided into a plurality of sequential data blocks. When a data block is encrypted, the key for encrypting a next data block is encrypted together with the current data block. Thus, when a user decrypts the current data block, the user can obtain the key for decrypting the next data block, and accordingly forward and backward data security is achieved.