1. Field of the Invention
The present invention relates to an encryption process and an encryption device for encrypting character data on a character-by-character basis and a computer-readable medium storing an encryption program for encrypting character data on a character-by-character basis.
2. Description of the Related Art
Currently, the encryption technology is widely used for maintaining the confidentiality of transmitted information or stored data. The encryption methods include two types, the public-key encryption and the private-key encryption. The public-key encryption uses a pair of keys, a public key and a private key, which are used for encryption and decryption, respectively. The public-key encryption is advantageous in easiness of maintaining the encryption strength. In the private-key encryption (symmetric key encryption), a common key is shared by an encryptor and a decryptor, and used in both of encryption and decryption. The private-key encryption is advantageous in requiring smaller amounts of processing than the public-key encryption. When transmission of a great amount of data is necessary, the private-key encryption (requiring smaller amounts of processing) is generally used. The known encryption algorithms for the private-key encryption include DES (Data Encryption Standard) and AES (Advanced Encryption Standard). See, for example, Japanese Unexamined Patent Publication No. 8-227269.
Incidentally, in many cases of encryption using a computer, character data which are produced by encoding characters in accordance with a specific character encoding scheme are required to be encrypted. However, in some cases, data produced by encryption in accordance with a conventional encryption algorithm cannot be correctly handled by software which is designed to handle only character data (data represented by character codes assigned to characters), for the following reasons.
Most of the character encoding schemes have a range of character codes which are not assigned to any character. For example, in the Japanese-character encoding schemes such as shift_JIS (Japanese Industrial Standard JIS X 0208, Appendix 1), each character is represented by 16 bits, and part of the 216 (=65,536) character codes are not assigned to a character. Therefore, the software can determine whether or not each character code represents a character, on the basis of whether or not a bit sequence of one of the unused character codes is detected. However, the encrypted data produced by encrypting inputted character data (character codes assigned to characters) in accordance with the conventional encryption algorithms extend over all the character codes which can be represented by the possible bit sequences having the same lengths as the inputted character codes. Thus, the software which is designed to handle only the character data (character codes assigned to characters) cannot correctly recognize the above encrypted data.
Even in the above circumstances, there are demands for handling encrypted data by software. Therefore, techniques for producing encrypted data which are represented by only the character codes assigned to characters are currently being studied. For example, a technique for converting encrypted data (produced in accordance with an encryption algorithm) into a character code by using the Base64 encoding scheme is known. In the Base64 encoding, first, original data is divided into 24-bit sections, and each 24-bit section is converted into four character codes each representing an en-width character (ASCII codes). According to this technique, it is possible to produce encrypted data which is represented by only ASCII codes, so that a greater number of software programs are allowed to handle the encrypted data.
However, according to the technique of producing encrypted data by use of the Base64 encoding scheme, the bit length of the encrypted data becomes greater than the bit length of the original character data. Since each 24-bit (3-byte) section is converted into four ASCII codes (each having the length of 4 bytes), the Base64 encoding increases the bit length by the factor of approximately 1.3. The increase in the bit length is particularly problematic when the encrypted data is stored in a database, since the size of data stored in a database is limited to a certain extent in many cases.
In addition, conversion of the bit length before or after the encryption may be considered as another technique for limiting the range of values which the encrypted data can have. Specifically, the original character code of each character is converted into a bit sequence having a shorter bit length than the original character code before the encryption. Then, the converted bit sequence is encrypted, and the encrypted bit sequence is inversely converted into a character code. For example, all the level-1 and level-2 kanji characters (according to JIS X 0208) can be represented by 13 bits. Therefore, encryption of the level-1 and level-2 kanji characters is performed after the 16-bit character codes are converted into 13-bit sequences. Thus, it is possible to limit the range of values which the encrypted data can have, while the finally obtained encrypted data are represented by 16-bit character codes (i.e., the bit lengths of the finally obtained encrypted data and the original character data can be equalized).
Nevertheless, in the case where the number of the character codes which are defined in a character encoding scheme is not equal to 2n (where n is a natural number), and only the above technique for limiting the range of values is used, it is impossible to produce encrypted data which are represented by only the character codes. This is because the encryption can produce a bit sequence which cannot be inversely converted. For example, although the number of the level-1 and level-2 kanji characters according to JIS X 0208 is 6,879, the 13-bit sequences can represent 8,192 characters. Therefore, there is a possibility that even when the bit length is reduced to 13 bits, the encryption can produce a bit sequence to which no character is assigned. However, when the bit length is reduced to 12 bits, it is impossible to represent all the level-1 and level-2 kanji characters.