Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Having particular address related cryptography
Reexamination Certificate
1998-06-18
2003-03-04
Hayes, Gail (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Having particular address related cryptography
C380S278000, C380S279000, C380S282000, C380S284000
Reexamination Certificate
active
06530020
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention generally relates to a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text. More specifically, the present invention is directed to such a public key encryption system in which an idea of “group” is introduced, and both an encryption process of a plain text by an arbitrary member belonging to this group, and a decryption process of a cryptogram can be executed by employing such a combination key made from a group public key and a group secret key, which are produced in unit of “group”, and further an individual public key and an individual secret key. With employment of this encryption system, while high secrecies can be maintained inside and outside the group, cryptogram information can be commonly shared based upon a confirmation of a member among members within this group. Also, since an electronic signature can be made by a member belonging to this group.
2. Description of the Related Art
An encryption system called a “public key encryptions” is described in U.S. Pat. No. 4,200,770. A public key encryption contains a public key used to encrypt a plain text, and also a secret key used to decrypt a cryptogram to obtain a plain text. The public key is different from the secret key. The public key is such a key opened to the public and set under known state. In a conventional encryption system, the same key is used in both the encryption process and the decryption process. Therefore, it is very important to keep secrecies of keys during encryption process. However, in this public key encryption system, secrecies of keys during encryption process are no longer required. In the conventional encryption/decryption common key system, assuming now that a total number of persons who communicate an encrypted document is selected to be “n”, n×(n−1)/2 pieces of keys are required, whereas in the public key encryption system, there is a merit that only “n” pieces of keys are required. Also, this public key encryption system is featured by that the same frame combination can be utilized also in the encryption process by the signatures of the respective persons, namely by using the secret keys of the respective persons. For instance, an encryption communication member P having a secret key A converts a communication sentence X by using the secret key A, and then sends both the resultant document Y and the communication sentence X to another member Q. The member Q converts the document Y by a public key B of the member P. If the conversion result of the document Y is made coincident with the document X, then it can be confirmed that this document has been surely sent by the member P. As previously described, the public key encryption system may have several superiors merits, as compared with the conventional encryption system.
Also, Japanese Patent Unexamined Publication No. Hei. 7-297818 discloses the arrangement for allocating the public key and the secret key to a group. This system owns the following initial condition. That is, a group secret key is embedded in a physical article such as a card, and members of the group surely hold the cards. In other words, since the above-described secret key/public key encryption system is arranged by utilizing the physical article such as a card, the key management is realized by utilizing the physical article separated from the permanental presence such as an individual.
In the public key encryption system, the permanent presence such as an individual is set as an independent unit. As a consequence, this public key encryption system cannot have sufficient functions in such a case that, for instance, a plurality of members other than an individual are set as a single unit. Also, in the above-described encryption system using the card, the following problems occur. That is, this encryption system must employ the hardware such as the card, and owns the problems of card management, the authorization problems of the card owners caused when the cards are lost and/or stolen. Namely, this encryption system can hardly judge as to whether or not one card holder is an authorized card holder.
For example, an organization such as a department, a section, or a group in a firm corresponds to a unit of a joint work. Also, an organization corresponds to a unit of a joint work constructed of plural individuals called “task force” independently established from the above organization. In these joint work units, information must also be commonly shared. In other words, as to a relationship established in inside/outside of the joint work unit, a secrecy of information must be maintained, whereas the information is required to be communicated among the respective members in the joint work unit. As a consequence, it is required to employ such an encryption system that an arbitrary structural member of the joint work unit is capable of performing either a decryption process or a sign process with respect to commonly-used information.
Furthermore, since a structural member of the joint work unit may be changed (e.g., an addition or a deletion), the encryption system is required to be capable of accepting a member change. Similarly to the joint work unit, in order to play a role such as a personnel department manager in a firm, a specific/continued secrecy condition responding to this role must be maintained, independently from a specific person who plays this role at a certain stage, and this encryption system must accept a change in the person who plays this role.
SUMMARY OF THE INVENTION
The present invention has been made to solve the above-described problems, and therefore, has an object to provide an encryption system capable of realizing the following aspects. That is, while the public key encryption system is realized not by employing a unit of an individual, such an encryption system is provided which can be used in a group equal to a set of individuals and groups as structural elements, and a member belonging to a specific group can decrypt a cryptogram.
Furthermore, another object of the present invention is to provide a signature system capable of signing by an arbitrary member belonging to a specific group, and also capable of confirming that a signed document is actually signed by the member belonging to the specific group.
The present invention provides a public key encryption system arranged by a combination between a first key P and a second key S, the first key P being used in a data conversion for encrypting a plain text, and the second key S being different from the first key P and being used in a data conversion for decrypting a cryptogram to produce a plain text, comprising: a group public key P
G
and a group secret key S
G
, which are allocated in a unit of a group constituted by one or more members Mi (i=1to n) as constructive members; and one or more encrypted group secret keys P
Mi
(S
G
) (i =1 to n) encrypted by executing the data conversion of the group secret key S
G
by each of public keys P
Mi
specific to the members Mi, wherein the encrypted group secret keys P
Mi
(S
G
)) are decrypted by a member secret key S
Mi
specific to each of the members Mi to thereby acquire the group secret key S
G
and the acquired group secret key S
G
is used to execute a decryption process operation of cryptogram information encrypted by the group public key P.
Further, the present invention provides a public key encryption system wherein structural data is arranged as cryptogram information, and the structural data contains cryptogram information K(D) produced by encrypting at least a plain text by a common key K, and also one or more Pi(K) produced by encrypting the common key K by a public key Pi of each of members belonging to a group in which one or more members Mi (i=1 to n) are set
Fuji 'Xerox Co., Ltd.
Hayes Gail
Seal James
LandOfFree
Group oriented public key encryption and key management system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Group oriented public key encryption and key management system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Group oriented public key encryption and key management system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3016170