Data encryption and decryption method and apparatus
First Claim
1. A data encryption method, the method including the following steps:
- Step A;
constructing a security class database for storing a plurality of entries of records of data, each of the entries of records including a data attribute description field and a corresponding encryption definition field, the encryption definition field including a plurality of encryption algorithm module indicators;
Step B;
inputting digital data to be encrypted;
Step C;
from the security class database, finding a data attribute description that matches attribute of the digital data, and retrieving the corresponding encryption definition data;
Step D;
from the retrieved encryption definition data, selecting at random an encryption algorithm module indicator;
Step E;
with the selected encryption algorithm module indicator as a guide, controlling encryption processing of the inputted digital data; and
Step F;
appending decryption information to the digital data that has undergone encryption processing for subsequent output.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a data encryption method and apparatus, in which an encryption algorithm module combination is selected from among a plurality of encryption algorithm module combinations predetermined by the user in cooperation with data attribute matching and a dynamic selection mechanism to perform encryption processing of data. The encryption of data through such alternate use of different encryption algorithm module combinations not only enhances the complexity in decryption of the data, the processing speed is not sacrificed due to use of relatively complicated encryption algorithms to ensure security. Furthermore, in the data decryption method and apparatus according to the present invention, data is decrypted using decryption algorithm module combinations that are dynamically switched according to decryption information appended to the ciphertext.
38 Citations
39 Claims
-
1. A data encryption method, the method including the following steps:
-
Step A;
constructing a security class database for storing a plurality of entries of records of data, each of the entries of records including a data attribute description field and a corresponding encryption definition field, the encryption definition field including a plurality of encryption algorithm module indicators;
Step B;
inputting digital data to be encrypted;
Step C;
from the security class database, finding a data attribute description that matches attribute of the digital data, and retrieving the corresponding encryption definition data;
Step D;
from the retrieved encryption definition data, selecting at random an encryption algorithm module indicator;
Step E;
with the selected encryption algorithm module indicator as a guide, controlling encryption processing of the inputted digital data; and
Step F;
appending decryption information to the digital data that has undergone encryption processing for subsequent output. - View Dependent Claims (2, 3, 4)
-
-
5. A data encryption method, the method comprising the following steps:
-
Step A;
constructing an encryption module database for storing a plurality of entries of records of data, each of the entries of records containing an encryption algorithm module indicator and an authentication algorithm module indicator;
Step B;
constructing a security class database for storing a plurality of entries of records of data, each of the entries of records containing a data attribute description field and a corresponding encryption definition field, the encryption definition field including a plurality of encryption module database indexes;
Step C;
inputting digital data to be encrypted;
Step D;
from the security class database, finding a data attribute description that matches attribute of the digital data, and retrieving the corresponding encryption definition data;
Step E;
from the retrieved encryption definition data, selecting at random an encryption module database index;
Step F;
according to the retrieved encryption module database index, selecting an entry of record from the encryption module database;
Step G;
with the selected entry of record as a guide, controlling encryption processing, including the type of encryption and the type of authentication, of the inputted digital data; and
Step H;
appending decryption information to the digital data that has undergone encryption processing for subsequent output. - View Dependent Claims (6)
-
-
7. A data encryption method, the method comprising the following steps:
-
Step A;
constructing encryption definition data containing a plurality of encryption algorithm module indicators;
Step B;
inputting digital data to be encrypted;
Step C;
from the encryption definition data, selecting at random an encryption algorithm module indicator;
Step D;
with the selected encryption algorithm module indicator as a guide, controlling encryption processing of the inputted digital data; and
Step E;
appending decryption information to the digital data that has undergone encryption processing for subsequent output. - View Dependent Claims (8, 9, 10)
-
-
11. A data encryption method, the method comprising the following steps:
-
Step A;
constructing an encryption module database for storing a plurality of entries of records of data, each of the entries of records containing an encryption algorithm module indicator and an authentication algorithm module indicator;
Step B;
constructing encryption definition data which includes a plurality of encryption module database indexes;
Step C;
inputting digital data to be encrypted;
Step D;
from the encryption definition data, selecting at random an encryption module database index;
Step E;
according to the retrieved encryption module database index, selecting an entry of record from the encryption module database;
Step F;
with the selected entry of record as a guide, controlling encryption processing, including the type of encryption and the type of authentication, of the inputted digital data; and
Step G;
appending decryption information to the digital data that has undergone encryption for subsequent output. - View Dependent Claims (12)
-
-
13. A data encryption method, the method comprising the following steps:
-
Step A;
constructing a security class database for storing a plurality of entries of records of data, each of the entries of records containing a data attribute description field and a corresponding encryption definition field, the encryption definition data field being an encryption algorithm module indicator;
Step B;
inputting digital data to be encrypted;
Step C;
from the security class database, finding a data attribute description that matches attribute of the digital data, and retrieving the encryption algorithm module indicator of the corresponding encryption definition field;
Step D;
with the selected encryption algorithm module indicator as a guide, controlling encryption processing of the inputted digital data; and
Step E;
appending decryption information to the digital data that has undergone encryption processing for subsequent output. - View Dependent Claims (14)
-
-
15. A data encryption method, the method including the following steps:
-
Step A;
constructing an encryption module database for storing a plurality of entries of records of data, each of the entries of records containing an encryption algorithm module indicator and an authentication algorithm module indicator;
Step B;
constructing a security class database for storing a plurality of entries of records of data, each of the entries of records containing a data attribute description field and a corresponding encryption definition field, the encryption definition data field being an encryption module database index;
Step C;
inputting digital data to be encrypted;
Step D;
from the security class database, finding a data attribute description that matches attribute of the digital data, and retrieving the encryption module database index from the corresponding encryption definition field;
Step E;
with the retrieved encryption module database index as a guide, selecting an entry of record from the encryption module database;
Step F;
with the selected entry of record as a guide, controlling encryption processing, including the type of encryption and the type of authentication, of the inputted digital data; and
Step G;
appending decryption information to the digital data that has undergone encryption processing for subsequent output.
-
-
16. A data encryption apparatus, the apparatus having an input portion for input of data and an output portion for output of data after encryption processing thereof, the apparatus further comprising:
-
a security class database for storing a plurality of entries of records of data, each of the entries of records containing a data attribute description field and a corresponding encryption definition field, the encryption definition field including a plurality of encryption algorithm module indicators;
an inspecting portion for inspecting and separating the data inputted via the input portion into parameter data or digital data;
a parameter processing portion for updating the security class database with the parameter data sent from the inspecting portion;
an attribute inspecting portion for finding from the security class database a data attribute description that matches attribute of the digital data sent from the inspecting portion and for transmitting the corresponding encryption definition data to a encryption selecting portion;
the encryption selecting portion, which selects at random an encryption algorithm module indicator from the retrieved encryption definition data; and
an encryption processing portion for controlling encryption processing of the inputted digital data using the encryption algorithm module indicator selected by the encryption selecting portion as a guide. - View Dependent Claims (17, 18, 19, 20, 21, 22, 39)
-
-
23. A data encryption apparatus, the apparatus having an input portion for input of data and an output portion for output of data after encryption processing thereof, the apparatus further comprising:
-
a encryption module database for storing a plurality of entries of records of data, each of the entries of records containing an encryption algorithm module indicator;
an inspecting portion for inspecting and separating the data inputted via the input portion into parameter data or digital data;
a parameter processing portion for updating the encryption module database using the parameter data from the inspecting portion;
a encryption selecting portion for selecting at random an entry of record from the encryption module database; and
an encryption processing portion for controlling encryption processing of the inputted digital data using the entry of record selected by the encryption selecting portion as a guide. - View Dependent Claims (24, 25, 26)
-
-
27. A data encryption apparatus, the apparatus having an input portion for input of data and an output portion for output of data after encryption processing thereof, the apparatus further comprising:
-
a security class database for storing a plurality of entries of records of data, each of the entries of records containing a data attribute description field and a corresponding encryption definition field, the encryption definition field being an encryption algorithm module indicator;
an inspecting portion for inspecting and separating the data inputted via the input portion into parameter data or digital data;
a parameter processing portion for updating the security class database with the parameter data from the inspecting portion;
an attribute inspecting portion for finding from the security class database a data attribute description that matches attribute of the digital data sent from the inspecting portion and for transmitting the corresponding encryption definition data to an encryption processing portion; and
the encryption processing portion for controlling encryption processing of the inputted digital data using the encryption algorithm module indicator selected by the attribute inspecting portion as a guide. - View Dependent Claims (28)
-
-
29. A data decryption method, the method comprising the following steps:
-
Step A;
inputting digital data to be decrypted;
Step B;
inspecting whether the digital data includes a decryption algorithm module indicator and, in the affirmative, retrieving the decryption algorithm module indicator or, in the negative, setting the data to be decrypted as equivalent to inputted data for subsequent processing in step D;
Step C;
with the retrieved decryption algorithm module indicator as a guide, controlling decryption processing of the inputted digital data; and
Step D;
outputting the digital data that has undergone decryption. - View Dependent Claims (30)
-
-
31. A data decryption method, the method comprising the following steps:
-
Step A;
constructing a decryption module database for storing a plurality of entries of records of data, each of the entries of records being a decryption algorithm module indicator;
Step B;
inputting digital data to be decrypted;
Step C;
inspecting whether the digital data includes a decryption module database index and, in the affirmative, retrieving the decryption module database index or, in the negative, setting the data to be decrypted as equivalent to inputted data for subsequent processing in step F;
Step D;
with the retrieved decryption module database index as a guide, selecting an entry of record from the decryption module database;
Step E;
with the selected entry of record as a guide, controlling decryption processing of the inputted digital data; and
Step F;
outputting the digital data that has undergone decryption. - View Dependent Claims (32)
-
-
33. A data decryption apparatus, the apparatus having an input portion for input of data and an output portion for output of data after decryption processing thereof, the apparatus further comprising:
-
an inspecting portion for inspecting whether the data inputted via the input portion includes a decryption algorithm module indicator and, in the affirmative, retrieving the decryption algorithm module indicator or, in the negative, transmitting the inputted data directly to the output portion; and
a decryption processing portion for controlling decryption processing of the inputted digital data using the decryption algorithm module indicator retrieved by the inspecting portion as a guide. - View Dependent Claims (34, 35, 36, 37, 38)
-
Specification