1. Field of the Invention
This invention relates to an encryption apparatus capable of keeping data-confidentiality in data communication or data accumulation and relates also to a recording medium for recording a program for realizing the above encryption apparatus.
This application is based on Patent Application No. Hei 9-213274 filed in Japan, and the content of which is incorporated herein by reference.
2. Background Art
A representative example of common-key cryptosystems (one example is disclosed in Japanese Patent Application, First application No. 51-108701, "Encryption Apparatus") is a cryptosystem called DES (Data Encryption Standard). The DES is characterized in that it realizes a complicated encryption by repeating comparatively simple conversion processing. A variety of improvements are proposed in order to secure higher confidentiality of ciphers.
An example of such systems is the CBC mode of DES (disclosed in, for example, "Modern Cryptography" edited by Shinichi Ikeno and Kenji Koyama, an explanation of which is described in "Electronic Communication Society" p.66 (1986)). The CBC mode of DES is developed so as to make it difficult to perform decryption of the cipher, due to the fact that encryption of a block of the plaintext is affected by a result of the preceding encryption, and, as a result, the statistical characteristics of the plaintext are altered.
However, this cryptosystem has unsolved drawbacks in that encryption of one block cannot start unless encryption of the previous block is completed, and, in that there is still remaining a danger that this system suggests clues to a cryptoanalyst who intend to decrypt a cipher, since this system uses the same key for encryption of a number of blocks, which results in lack of confidentiality.
One of measures for solving these drawbacks is proposed as the "cipher chaining system", disclosed in Japanese Patent Application, First Publication No. Hei 6-266284. The cipher chaining is a system in which an intermediate-key for acting on a conversion means performing encryption is updated for every plaintext according to an initial-value and a parcel of update-information of the intermediate-key.
However, this system is provided with only one series of initial-values for the intermediate-key.
In the conventional cipher chaining system, when a chosen plaintext cryptanalysis is performed by inputting the same plaintext successively, since all of the intermediate-key update-information is identical, and since the initial-value of the intermediate-key is fixed, the intermediate-key will not be updated. Consequently, there is a remaining danger that one can identify a change whether or not the intermediate-key is updated by observing the cipher while inputting the same plaintext successively.
Therefore, it is the object of the present invention to provide an encryption apparatus, which does not give a large tract of ciphertext encrypted by the same key and which makes it difficult for a cryptoanalyst to presume the intermediate-key update information stored in the apparatus. The encryption apparatus of the present invention is capable of high speed encryption by a parallel encryption system, and is also capable of maintaining an encryption speed, because it is possible to adopt a multiple parallel encryption mode in the case when there is the number of steps for a repetitive conversion.