ENCRYPTION DEVICE, DECRYPTION DEVICE, ENCRYPTION METHOD, DECRYPTION METHOD, CRYPTOGRAPHY SYSTEM, COMPUTER-READABLE RECORDING MEDIUM STORING ENCRYPTION PROGRAM, AND COMPUTER-READABLE RECORDING MEDIUM STORING DECRYPTION PROGRAM WHICH PERFORM ERROR DIAGNOSIS
First Claim
1. An encryption device that encrypts a plaintext to generate a ciphertext and outputs the ciphertext to a decryption device, comprising:
- plaintext storage means for storing a plaintext;
first generating means for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage means;
encryption means for encrypting the plaintext using a predetermined encryption algorithm to generate a ciphertext, the plaintext having been read from the plaintext storage means;
second generating means for generating second verification data by performing a second message digest algorithm for a combination of the first verification data and the ciphertext; and
data outputting means for outputting the ciphertext, the first verification data, and the second verification data to the decryption device.
1 Assignment
0 Petitions
Accused Products
Abstract
In a cryptography system, plaintext storage unit 101 stores a plaintext. Encryption unit 102 encrypts the plaintext to generate a ciphertext. First verification data generating unit 104 generates first verification data, and second verification data generating unit 106 generates second verification data. Decryption unit 114 decrypts the ciphertext to generate a decrypted plaintext. First verification unit 116 performs verification using the decrypted plaintext and the first verification data. Second verification unit 117 performs verification using the first verification data, the ciphertext, and the second verification data. Display unit 112 displays the results of the verifications.
-
Citations
34 Claims
-
1. An encryption device that encrypts a plaintext to generate a ciphertext and outputs the ciphertext to a decryption device, comprising:
-
plaintext storage means for storing a plaintext;
first generating means for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage means;
encryption means for encrypting the plaintext using a predetermined encryption algorithm to generate a ciphertext, the plaintext having been read from the plaintext storage means;
second generating means for generating second verification data by performing a second message digest algorithm for a combination of the first verification data and the ciphertext; and
data outputting means for outputting the ciphertext, the first verification data, and the second verification data to the decryption device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
wherein the first message digest algorithm is a first hashing algorithm and the first verification data is hash data of a predetermined length and wherein the second message digest algorithm is a second hashing algorithm and the second verification data is hash data of a predetermined length. -
3. The encryption device of claim 1, wherein the first generating means has a digital signature generation algorithm in addition to the first message digest algorithm, and generates first verification data by performing the first message digest algorithm for the plaintext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
4. The encryption device of claim 1, wherein the second generating means has a digital signature generation algorithm in addition to the second message digest algorithm, and generates second verification data by performing the second message digest algorithm for the combination of the first verification data and the ciphertext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
5. The encryption device of claim 1 wherein the encryption means encrypts the plaintext by further using an encryption key from one of a plurality of keys with the predetermined encryption algorithm to generate the ciphertext and the data outputting means outputs the ciphertext, the first verification data and the second verification data in a format to permit the decryption device to separate the ciphertext, the first verification data and the second verification data to enable determinations of whether the proper encryption key was used and whether the ciphertext, the first verification data and the second verification data had an error in transmission to the decryption device.
-
6. The encryption device of claim 5 wherein the first verification data is generated to enable a possible determination of an error in the encryption key.
-
7. The encryption device of claim 5 wherein the second verification data is generated to enable a possible determination of an error in the transmission of the ciphertext, the first verification data and the second verification data.
-
-
8. An encryption device that encrypts a plaintext to generate a ciphertext and outputs the ciphertext to a decryption device, comprising:
-
plaintext storage means for storing a plaintext;
first generating means for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage means;
encryption means for encrypting the plaintext using a predetermined encryption algorithm to generate a ciphertext, the plaintext having been read from the plaintext storage means;
second generating means for generating second verification data by performing a second message digest algorithm for the ciphertext; and
data outputting means for outputting the ciphertext, the first verification data, and the second verification data to the decryption device. - View Dependent Claims (9)
-
-
10. A decryption device that decrypts a ciphertext outputted from an encryption device, comprising:
-
data receiving means for receiving the ciphertext, first verification data, and second verification data that have been outputted from the encryption device, wherein the ciphertext is generated by encrypting a plaintext using a predetermined encryption algorithm, wherein the first verification data is generated by performing a first message digest algorithm for the plaintext, and wherein the second verification data is generated by performing a second message digest algorithm for a combination of the first verification data and the ciphertext;
decryption means for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
first generating means for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
first verification means for verifying the received first verification data using the third verification data;
second generating means for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for a combination of the received first verification data and the received ciphertext;
second verification means for verifying the received second verification data using the fourth verification data; and
outputting means for outputting results of the first verification means and the second verification means. - View Dependent Claims (11, 12)
wherein the first message digest algorithm is a first hashing algorithm, and the second message digest algorithm is a second hashing algorithm and wherein the third verification data and the fourth verification data are hash data of predetermined lengths. -
12. The decryption device of claim 10,
wherein the first verification means verifies the received first verification data using the third verification data according to a digital signature verification algorithm that verifies a signature made by a digital signature generation algorithm, wherein the first verification data is generated by performing the first message digest algorithm for the plaintext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
-
13. The decryption device of claim 10,
wherein the second verification means verifies the received second verification data using the fourth verification data according to a digital signature verification algorithm that verifies a signature made by a digital signature generation algorithm and wherein the second verification data is generated by performing the second message digest algorithm for the combination of the first verification data and the ciphertext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
14. The decryption device of claim 10 wherein ciphertext has been generated by using an encryption key from one of a plurality of keys and the first verification means can enable the outputting means to determine an error in the encryption key.
-
15. The decryption device of claim 14 wherein the data outputting means is enabled by the first verification means and the second verification means to determine an error in the transmission of the ciphertext, the first verification data and the second verification data.
-
16. A decryption device that decrypts a ciphertext outputted from an encryption device, comprising:
-
data receiving means for receiving the ciphertext, first verification data, and second verification data that have been outputted from the encryption device, wherein the ciphertext is generated by encrypting a plaintext using a predetermined encryption algorithm, wherein the first verification data is generated by performing a first message digest algorithm for the plaintext, and wherein the second verification data is generated by performing a second message digest algorithm for the ciphertext;
decryption means for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
first generating means for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
first verification means for verifying the received first verification data using the third verification data;
second generating means for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for the received ciphertext;
second verification means for verifying the received second verification data using the fourth verification data; and
outputting means for outputting results of the first verification means and the second verification means.
-
-
17. A decryption device that decrypts a ciphertext outputted from an encryption device, comprising:
-
data receiving means for receiving the ciphertext, first verification data, and second verification data that have been outputted from the encryption device, wherein the ciphertext is generated by encrypting a plaintext using a predetermined encryption algorithm, wherein the first verification data is generated by performing a first message digest algorithm for the plaintext, and wherein the second verification data is generated by performing a second message digest algorithm for the ciphertext to produce a message digest and then performing a digital signature generation algorithm for the message digest;
decryption means for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
first generating means for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
first verification means for verifying the received first verification data using the third verification data;
second generating means for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for the received ciphertext;
second verification means for verifying the received second verification data using the fourth verification data according to a digital signature verification algorithm that verifies a signature made by the digital signature generation algorithm; and
outputting means for outputting results of the first verification means and the second verification means.
-
-
18. A cryptography system that comprises an encryption device and a decryption device,
wherein the encryption device comprises: -
plaintext storage means for storing a plaintext;
first generating means for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage means;
encryption means for encrypting the plaintext using a predetermined encryption algorithm to generate a ciphertext, the plaintext having been read from the plaintext storage means;
second generating means for generating second verification data by performing a second message digest algorithm for a combination of the first verification data and the ciphertext; and
data outputting means for outputting the ciphertext, the first verification data, and the second verification data to the decryption device, and wherein the decryption device comprises;
data receiving means for receiving the ciphertext, the first verification data, and the second verification data that have been outputted from the encryption device;
decryption means for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
third generating means for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
first verification means for verifying the received first verification data using the third verification data;
fourth generating means for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for a combination of the received first verification data and the received ciphertext;
second verification means for verifying the received second verification data using the fourth verification data; and
outputting means for outputting results of the first verification means and the second verification means.
-
-
19. An encryption method used by an encryption device that has plaintext storage means for storing a plaintext, encrypts the plaintext to generate a ciphertext, and outputs the ciphertext to a decryption device, comprising:
-
a first generating step for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage means;
an encryption step for encrypting the plaintext using a predetermined encryption algorithm to generate the ciphertext, the plaintext having been read from the plaintext storage means;
a second generating step for generating second verification data by performing a second message digest algorithm for a combination of the first verification data and the ciphertext; and
a data outputting step for outputting the ciphertext, the first verification data, and the second verification data to the decryption device.
-
-
20. A decryption method used by a decryption device that decrypts a ciphertext outputted from an encryption device, comprising:
-
a data receiving step for receiving the ciphertext, first verification data, and second verification data that have been outputted from the encryption device, wherein the ciphertext is generated by encrypting a plaintext using a predetermined encryption algorithm, wherein the first verification data is generated by performing a first message digest algorithm for the plaintext, and wherein the second verification data is generated by performing a second message digest algorithm for a combination of the first verification data and the ciphertext;
a decryption step for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
a first generating step for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
a first verification step for verifying the received first verification data using the third verification data;
a second generating step for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for a combination of the received first verification data and the received ciphertext;
a second verification step for verifying the received second verification data using the fourth verification data; and
an outputting step for outputting results of the first verification step and the second verification step.
-
-
21. A computer-readable recording medium storing a program that has a computer encrypt a plaintext to generate a a ciphertext and output the ciphertext to a decryption device, wherein the computer includes plaintext storage means for storing a plaintext and wherein the program comprises:
-
a first generating step for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage means;
an encryption step for encrypting the plaintext using a predetermined encryption algorithm to generate a ciphertext, the plaintext having been read from the plaintext storage means;
a second generating step for generating second verification data by performing a second message digest algorithm for a combination of the first verification data and the ciphertext; and
a data outputting step for outputting the ciphertext, the first verification data, and the second verification data to the decryption device.
-
-
22. The computer-readable recording medium of claim 21,
wherein the first generating step has a digital signature generation algorithm in addition to the first message digest algorithm, and generates first verification data by performing the first message digest algorithm for the plaintext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
23. The computer-readable recording medium of claim 21,
wherein the second generating step has a digital signature generation algorithm in addition to the second message digest algorithm, and generates second verification data by performing the second message digest algorithm for the combination of the first verification data and the ciphertext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
24. A computer-readable recording medium storing a program that has a computer encrypt a plaintext to generate a ciphertext and output the ciphertext to a decryption device, wherein the computer includes plaintext storage means for storing a plaintext and wherein the program comprises:
-
a first generating step for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage means;
an encryption step for encrypting the plaintext using a predetermined encryption algorithm to generate a ciphertext, the plaintext having been read from the plaintext storage means;
a second generating step for generating second verification data by performing a second message digest algorithm for the ciphertext; and
a data outputting step for outputting the ciphertext, the first verification data, and the second verification data to the decryption device.
-
-
25. The computer-readable recording medium of claim 24, wherein the second generating step has a digital signature generation algorithm in addition to the second message digest algorithm, and generates second verification data by performing the second message digest algorithm for the ciphertext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
26. A computer-readable recording medium storing a program that has a computer decrypt a ciphertext outputted from an encryption devicer wherein the program comprises:
-
a data receiving step for receiving the ciphertext, first verification data, and second verification data that have been outputted from the encryption device, wherein the ciphertext is generated by encrypting a plaintext using a predetermined encryption algorithm, wherein the first verification data is generated by performing a first message digest algorithm for the plaintext, and wherein the second verification data is generated by performing a second message digest algorithm for a combination of the first verification data and the ciphertext;
a decryption step for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
a first generating step for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
a first verification step for verifying the received first verification data using the third verification data;
a second generating step for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for a combination of the received first verification data and the received ciphertext;
a second verification step for verifying the received second verification data using the fourth verification data; and
an outputting step for outputting results of the first verification step and the second verification step.
-
-
27. The computer-readable recording medium of claim 26, wherein the first verification step verifies the received first verification data using the third verification data according to a digital signature verification algorithm that verifies a signature made by a digital signature generation algorithm,
wherein the first verification data is generated by performing the first message digest algorithm for the plaintext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
28. The computer-readable recording medium of claim 26, wherein the second verification step verifies the received second verification data using the fourth verification data according to a digital signature verification algorithm that verifies a signature made by a digital signature generation algorithm and
wherein the second verification data is generated by performing the second message digest algorithm for the combination of the first verification data and the ciphertext to produce a message digest and then performing the digital signature generation algorithm for the message digest.
-
29. A computer-readable recording medium storing a program that has a computer decrypt a ciphertext outputted from an encryption device, wherein the program comprises:
-
a data receiving step for receiving the ciphertext, first verification data, and second verification data that have been outputted from the encryption device, wherein the ciphertext is generated by encrypting a plaintext using a predetermined encryption algorithm, wherein the first verification data is generated by performing a first message digest algorithm for the plaintext, and wherein the second verification data is generated by performing a second message digest algorithm for the ciphertext;
a decryption step for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
a first generating step for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
a first verification step for verifying the received first verification data using the third verification data;
a second generating step for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for the received ciphertext;
a second verification step for verifying the received second verification data using the fourth verification data; and
an outputting step for outputting results of the first verification step and the second verification step.
-
-
30. A computer-readable recording medium storing a program that has a computer decrypt a ciphertext outputted from an encryption device, wherein the program comprises:
-
a data receiving step for receiving the ciphertext, first verification data, and second verification data that have been outputted from the encryption device, wherein the ciphertext is generated by encrypting a plaintext using a predetermined encryption algorithm, wherein the first verification data is generated by performing a first message digest algorithm for the plaintext, and wherein the second verification data is generated by performing a second message digest algorithm for the ciphertext to produce a message digest and then performing a digital signature generation algorithm for the message digest;
a decryption step for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
a first generating step for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
a first verification step for verifying the received first verification data using the third verification data;
a second generating step for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for the received ciphertext;
a second verification step for verifying the received second verification data using the fourth verification data according to a digital signature verification algorithm that verifies a signature made by the digital signature generation algorithm; and
an outputting step for outputting results of the first verification step and the second verification step.
-
-
31. A cryptography system that comprises an encryption device and a decryption device,
wherein the encryption device comprises: -
plaintext storage unit for storing a plaintext;
first generating unit for generating first verification data by performing a first message digest algorithm for the plaintext, the plaintext having been read from the plaintext storage unit;
encryption unit for encrypting the plaintext using a predetermined encryption algorithm to generate a ciphertext and one of a plurality of encryption keys, the plaintext having been read from the plaintext storage unit;
second generating unit for generating second verification data by performing a second message digest algorithm for a combination of the first verification data and the ciphertext; and
data outputting unit for outputting the ciphertext, the first verification data, and the second verification data to the decryption device, and wherein the decryption device comprises;
data receiving unit for receiving the ciphertext, the first verification data, and the second verification data that have been outputted from the encryption device;
decryption unit for decrypting the received ciphertext using a decryption algorithm that decrypts ciphertexts encrypted by the predetermined encryption algorithm to generate a decrypted plaintext;
third generating unit for generating third verification data by performing an algorithm corresponding to the first message digest algorithm for the decrypted plaintext;
first verification unit for verifying the received first verification data using the third verification data;
fourth generating unit for generating fourth verification data by performing an algorithm corresponding to the second message digest algorithm for a combination of the received first verification data and the received ciphertext;
second verification unit for verifying the received second verification data using the fourth verification data; and
outputting unit for processing the results of the first verification means and the second verification means to diagnose if an error has occurred and a possible source of the error.
-
-
32. The cryptography system of claim 31 wherein the outputting unit is enabled by the results of first verification means to determine an error in the selection of the encryption key used out of the plurality of encryption keys.
-
33. The cryptography system of claim 32 wherein the outputting unit is enabled by the results of the second verification means to determine an error in the transmission of the ciphertext, the first verification data and second verification data from the encryption device.
-
34. The cryptography system of claim 31 wherein the outputting unit provides a diagnostic evaluation that upon verification of the first verification data and the failure of the verification of the second verification data a first output of an indication that transmission of the ciphertext has been performed without an error while transmission of the first verification data includes an error, and upon a failure of verification of the first verification data and a verification of the second verification data a second output of an indication that the ciphertext has been transmitted without error while an error has occurred in generation of the ciphertext.
Specification