1. Field of the Invention
Methods and apparatuses consistent with the present invention relate to encrypting a message, and more particularly to encrypting a message for maintaining message integrity.
2. Description of the Related Art
Recently, an encryption algorithm has been widely used so as to protect data. Typically, the encryption algorithm is used to guarantee security, integrity, and authentication.
The security indicates that only predetermined individuals can use the data. The integrity indicates whether data is altered or not while processing the data. The authentication indicates by whom data is generated.
In order to guarantee security of data, an encryption algorithm has been widely used. In order to guarantee integrity of data, a hash algorithm, a message authentication code (MAC), and a digital signature may be used. In order to guarantee authentication, the MAC or digital signature may be used. In order to guarantee all of them, a combination of them may be used.
For example, in order to guarantee security and integrity for a message M, as shown in Equation 1, data processed by using the MAC, the hash function, and the like may be used.Ek[M], MACk(M) Ek[M], MACk(Ek[M]) Ek[M,H(M)]  [Equation 1]
That is, first data of Equation 1 is obtained by encrypting the message M by using a private key K, calculating a MAC for the message M, and combining the encrypted message Ek[M] with the MACk(M) which is MAC for the message M.
In addition, second data of Equation 1 is obtained by encrypting the message M by using the private key K, calculating a MAC for the encrypted message Ek[M], and combining the encrypted message Ek[M] with the MACk(Ek[M]) which is MAC for the encrypted message Ek[M].
Finally, third data is obtained by encrypting the message M and a hash value H(M) of the message M by using the private key K.
It is possible to guarantee the security and integrity of data by constructing the transmitted data as shown in Equation 1. That is, since only a user who has a private key K can extract the message M by decrypting the encrypted data by using the private key K, it is possible to achieve the security of the data. In addition, it is possible to guarantee the integrity of the data from a characteristic (collision free) of the MAC and the hash function.
However, in the aforementioned related art encryption method, it is impossible to protect data against an attack, when an attacker attacks the data by intentionally omitting a procedure of examining whether the integrity of the transmitted data is maintained.
In addition, in the related art technique, in order to safely delete the data of which the integrity is broken, the data is overwritten with 0 or 1 many times (for example, seven times). However, when the size of the data of which security is broken is large or when the number of the data of which security is broken is large, the overwriting procedure may overload a system. In this case, it is inefficient to perform the overwrite procedure.