1. Field of the Invention
The present invention generally relates to a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text. More specifically, the present invention is directed to such a public key encryption system in which an idea of xe2x80x9cgroupxe2x80x9d is introduced, and both an encryption process of a plain text by an arbitrary member belonging to this group, and a decryption process of a cryptogram can be executed by employing such a combination key made from a group public key and a group secret key, which are produced in unit of xe2x80x9cgroupxe2x80x9d, and further an individual public key and an individual secret key. With employment of this encryption system, while high secrecies can be maintained inside and outside the group, cryptogram information can be commonly shared based upon a confirmation of a member among members within this group. Also, since an electronic signature can be made by a member belonging to this group.
2. Description of the Related Art
An encryption system called a xe2x80x9cpublic key encryptionsxe2x80x9d is described in U.S. Pat. No. 4,200,770. A public key encryption contains a public key used to encrypt a plain text, and also a secret key used to decrypt a cryptogram to obtain a plain text. The public key is different from the secret key. The public key is such a key opened to the public and set under known state. In a conventional encryption system, the same key is used in both the encryption process and the decryption process. Therefore, it is very important to keep secrecies of keys during encryption process. However, in this public key encryption system, secrecies of keys during encryption process are no longer required. In the conventional encryption/decryption common key system, assuming now that a total number of persons who communicate an encrypted document is selected to be xe2x80x9cnxe2x80x9d, nxc3x97(nxe2x88x921)/2 pieces of keys are required, whereas in the public key encryption system, there is a merit that only xe2x80x9cnxe2x80x9d pieces of keys are required. Also, this public key encryption system is featured by that the same frame combination can be utilized also in the encryption process by the signatures of the respective persons, namely by using the secret keys of the respective persons. For instance, an encryption communication member P having a secret key A converts a communication sentence X by using the secret key A, and then sends both the resultant document Y and the communication sentence X to another member Q. The member Q converts the document Y by a public key B of the member P. If the conversion result of the document Y is made coincident with the document X, then it can be confirmed that this document has been surely sent by the member P. As previously described, the public key encryption system may have several superiors merits, as compared with the conventional encryption system.
Also, Japanese Patent Unexamined Publication No. Hei. 7-297818 discloses the arrangement for allocating the public key and the secret key to a group. This system owns the following initial condition. That is, a group secret key is embedded in a physical article such as a card, and members of the group surely hold the cards. In other words, since the above-described secret key/public key encryption system is arranged by utilizing the physical article such as a card, the key management is realized by utilizing the physical article separated from the permanental presence such as an individual.
In the public key encryption system, the permanent presence such as an individual is set as an independent unit. As a consequence, this public key encryption system cannot have sufficient functions in such a case that, for instance, a plurality of members other than an individual are set as a single unit. Also, in the above-described encryption system using the card, the following problems occur. That is, this encryption system must employ the hardware such as the card, and owns the problems of card management, the authorization problems of the card owners caused when the cards are lost and/or stolen. Namely, this encryption system can hardly judge as to whether or not one card holder is an authorized card holder.
For example, an organization such as a department, a section, or a group in a firm corresponds to a unit of a joint work. Also, an organization corresponds to a unit of a joint work constructed of plural individuals called xe2x80x9ctask forcexe2x80x9d independently established from the above organization. In these joint work units, information must also be commonly shared. In other words, as to a relationship established in inside/outside of the joint work unit, a secrecy of information must be maintained, whereas the information is required to be communicated among the respective members in the joint work unit. As a consequence, it is required to employ such an encryption system that an arbitrary structural member of the joint work unit is capable of performing either a decryption process or a sign process with respect to commonly-used information.
Furthermore, since a structural member of the joint work unit may be changed (e.g., an addition or a deletion), the encryption system is required to be capable of accepting a member change. Similarly to the joint work unit, in order to play a role such as a personnel department manager in a firm, a specific/continued secrecy condition responding to this role must be maintained, independently from a specific person who plays this role at a certain stage, and this encryption system must accept a change in the person who plays this role.
The present invention has been made to solve the above-described problems, and therefore, has an object to provide an encryption system capable of realizing the following aspects. That is, while the public key encryption system is realized not by employing a unit of an individual, such an encryption system is provided which can be used in a group equal to a set of individuals and groups as structural elements, and a member belonging to a specific group can decrypt a cryptogram.
Furthermore, another object of the present invention is to provide a signature system capable of signing by an arbitrary member belonging to a specific group, and also capable of confirming that a signed document is actually signed by the member belonging to the specific group.
The present invention provides a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, comprising: a group public key PG and a group secret key SG, which are allocated in a unit of a group constituted by one or more members Mi (i=1to n) as constructive members; and one or more encrypted group secret keys PMi (SG) (i =1 to n) encrypted by executing the data conversion of the group secret key SG by each of public keys PMi specific to the members Mi, wherein the encrypted group secret keys PMi (SG)) are decrypted by a member secret key SMi specific to each of the members Mi to thereby acquire the group secret key SG and the acquired group secret key SG is used to execute a decryption process operation of cryptogram information encrypted by the group public key P.
Further, the present invention provides a public key encryption system wherein structural data is arranged as cryptogram information, and the structural data contains cryptogram information K(D) produced by encrypting at least a plain text by a common key K, and also one or more Pi(K) produced by encrypting the common key K by a public key Pi of each of members belonging to a group in which one or more members Mi (i=1 to n) are set as structural members.
Further, the present invention provides an encryption apparatus used in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, comprising: encrypting means for executing an encryption process operation by data-converting a plain text with employment of a group public key PG, which is allocated in a unit of a group constituted by one or more members Mi (i=1 to n) as constructive members; and encrypted secret key producing means for producing one or more encrypted group secret key PMi (SG) (i=1 to n) by executing a data conversion of a group secret key SG allocated in unit of the group by a public key PMi the member Mi.
Further, the present invention provides a decryption apparatus used in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, comprising secret key decrypting means for decrypting an encrypted secret key Pj(S) based upon an own secret key Sj, or a secret key of a group, the encrypted secret key Pj(S) being produced by encrypting a decryption key S used to decrypt a cryptogram sentence based upon a public key Pj of a receiver of a cryptogram; and decrypting means for decrypting the cryptogram sentence based upon a decryption key S which is decrypted by the secret key decrypting means to be acquired.
Further, the present invention provides an encryption method used in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, comprising: a step for executing a data conversion of a plain text by using a group public key PG so as to encrypt the plain text, the group public key PG being produced in unit of a group constituted by one or more members Mi (i=1 to n) as constructive members; and a step for producing one or more encrypted group secret keys PMi (SG) (i=1 to n) in such a manner that a group secret key SG produced by a public key PMi of the member Mi in unit of the group is data-converted to be encrypted.
Further, the present invention provides a decryption method used in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, comprising a step for decrypting an encrypted group secret key PMi (SG) based upon a secret key SMi of one or more members Mi (i=1 to n), the encrypted group secret key being produced by encrypting based on a public key PMi of the member a group secret key SG which is produced in unit of a group constituted by the one or more members as the constructive members; and a step for decrypting encrypted information in such a manner that information encrypted by a group public key PG produced in unit of the group is data-converted by employing the acquired group secret key SG.
Further, the present invention provides, in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, a composite lock producing method in the public key encryption system for using a composite lock including a group public key PG and a group secret key SG which are produced in unit of a group constituted by one or more members Mi (i=1 to n) as constructive members, and one or more encrypted group secret keys PMi (SG) (i=1 to n) which are encrypted by executing a data conversion of the group secret key SG based upon each of public keys PMi specific to the members Mi, comprising: a step for producing a public key PG and a secret key SG in unit of a group constituted by one or more members Mi (i=1 to n) as constructive members; a step for producing one or more encrypted group secret keys PMi (SG) (i=1 to n) which are encrypted by executing a data conversion of the group secret key SG based upon each of public keys PMi specific to the members; a step for producing one or more encrypted composite lock changing secret keys PUi (SU) which are encrypted by data-converting a composite lock changing secret key SU for controlling a change of a composite lock based upon a public key PUi specific to a member having a right to execute a change; and a step for performing an electronic signature by using the produced composite lock changing secret key SU with respect to data containing the produced public key PG, the encrypted secret key PMi (SG), and the encrypted composite lock changing secret key PUi (SU).
Further, the present invention provides a composite lock changing method for an encryption system wherein in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, the public key encryption system uses a composite lock including a group public key PG and a group secret key SG which are produced in unit of a group constituted by one or more members Mi (i=1 to n) as constructive members, one or more encrypted group secret keys PMi (SG) (i=1 to n) which are encrypted by executing a data conversion of the group secret key SG based upon each of public keys PMi specific to the members Mi, and one or more encrypted composite lock changing secret keys PUi (SU) encrypted by executing a data conversion of a composite lock changing secret key SU for controlling a change of a composite lock based upon a public key PU specific to a member having a right to change, comprising; a stop for changing a content of a composite lock; a step for obtaining a composite lock changing secret key SU by decrypting the encrypted composite lock changing secret key PUi (SU) by using the own secret key SUi; and a step for performing an electronic signature by using the produced composite lock changing secret key SU with respect to data containing the public key PG, the encrypted group secret key PMi (SU), and the encrypted composite lock changing secret key PUi (SU).
Further, the present invention provides, in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, a composite lock changing method in the public key encryption system for using a composite lock including a group public key PG and a group secret key SG which are produced in unit of a group constituted by one or more members Mi (i=1 to n) as constructive members, and one or more encrypted group secret keys PMi (SG) (i=1 to n) which are encrypted by executing a data conversion of the group secret key SG based upon each of public keys PMi specific to the members Mi, wherein in the case that a member is changed from now on, a pair of a new group public key PG and a new group secret key SG is produced, and the new group public/secret keys are used as a new public key and a new secret key of the composite lock; and in the case that a member was changed in the past, a pair of the present group public key PG and the group secret key SG is continuously used without any modification as a public key and a secret key of the composite lock.
Further, the present invention provides, in a computer readable recording medium for recording an encryption method used in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, the recording medium records a program for executing: a step for executing a data conversion of a plain text with using a group public key PG so as to encrypt the plain text, the group public key PG being produced in unit of a group constituted by one or more members Mi (i=1 to n) as constructive members; and a step for producing one or more encrypted group secret keys PMi (SG) (i=1 to n) in such a manner that a group secret key SG produced by a public key PMi of the group in unit of the group is data-converted to be encrypted.
Further, the present invention provides, in a computer readable recording medium for recording a decryption method used in a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, the recording medium records a program for executing: a step for decrypting an encrypted group secret key PMi (SG) based upon a secret key SMi of one or more members Mi (i=1 to n), the encrypted group secret key being produced by encrypting based on a public key PMi of the member a group secret key SG which is produced in unit of a group constituted by the one or more members as the constructive members; and a step for decrypting encrypted information in such a manner that information encrypted by a group public key PG produced in unit of the group is data-converted by employing the acquired group secret key SG.