JP2001168855A - Encryption key generation device, encryption / decryption device, encryption key generation method, encryption / decryption method, and program providing medium - Google Patents

Abstract

(57) [Summary] [Problem] Encryption / decryption that selectively uses either biometric information or a character string to generate an encryption key and a decryption key to enable encryption and decryption processing Provide equipment. SOLUTION: A biological code generated from only biological information is provided by providing both biological information inputting means and character string inputting means,
Alternatively, a key used for encryption and decryption can be generated from any of the intermediate codes generated from a character string. The user can select and input either biological information or a character string. Furthermore, by generating a key based on a code combining one biometric information and one character string or a code arbitrarily combining a plurality of biometric information and a plurality of character strings, countless types of Codes can be generated to realize highly secure data encryption / decryption processing.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to an encryption key generation device, an encryption / decryption device, an encryption key generation method, an encryption / decryption method, and a program providing medium. More specifically, the present invention relates to an encryption key generation apparatus and method for generating an encryption key and a decryption key by a code based on biometric information unique to an individual such as a fingerprint or a character string, or a code based on both data. Furthermore, encryption and decryption of various information such as document data, audio data, image data, various programs, etc., for which confidentiality is required, can be performed using either personal biometric information such as fingerprints or character strings. The present invention relates to an encryption / decryption device and an encryption / decryption method using an encryption key and a decryption key generated by a code based on arbitrary data or a code based on both data.

[0002]

2. Description of the Related Art In recent years, information transfer via various network systems such as the Internet has become popular, and electronic settlement and use of electronic money on a network have been rapidly increasing. Further, many companies and individuals frequently store confidential documents using various storage media such as hard disks and optical disks. An important issue is how to secure security of data transferred via such a network or data stored in various storage media.

[0003] There are various methods for ensuring security, one of which is to limit the use of computers to authorized users. A typical example of this method is a configuration in which a password is given to an authorized user in advance, and only a person who has input a correct password can access data. Further, there is a data encryption process as a process for the data itself for enhancing security. By encrypting a document transferred via a network and encrypting information stored in a storage medium, the security of transfer information and stored information can be improved.

[0004] Encrypted data can be returned to a decipherable document (plaintext) by decryption according to a predetermined procedure. 2. Description of the Related Art Data encryption and decryption methods using an encryption key for information encryption and a decryption key for decryption have been conventionally known.

There are various types of data encryption / decryption methods using an encryption key and a decryption key. One example is a so-called common key encryption method. In the common key encryption method, an encryption key used for data encryption processing and a decryption key used for data decryption are shared, and a common user used for these encryption processing and decryption is assigned to a regular user. Thus, data access by an unauthorized user without a key is eliminated. A representative method of this method is DES (Data Encryption Standard: Data).
Encryption standard).

[0006] A method using a different algorithm for processing using an encryption key used for encryption and processing for a decryption key used for decryption is a so-called public key encryption method. Public key encryption is
This is a method using a public key that can be used by an unspecified user, and encrypts an encrypted document for a specific individual using a public key issued by the specific individual. A document encrypted with a public key can be decrypted only with a private key corresponding to the public key used for the encryption processing. Since the private key is owned only by the individual who issued the public key, a document encrypted with the public key can be decrypted only by the individual having the private key. A representative public key encryption method is RSA (Rivest-Sham).
ir-Adleman) encryption.

The common key encryption method described above is not suitable for an unspecified number of communications, because the number of keys becomes enormous when the number of assumed communication partners increases. In addition, the public key encryption method has an advantage that the number of keys to be managed is small. But,
The public key encryption method has a disadvantage that encryption processing and decryption become complicated.

A hybrid encryption system is a system in which the above-mentioned common key encryption system and the public key encryption system are combined. In the hybrid encryption method, a common key is used for encrypting information, and the common key used for encryption is encrypted by a public key encryption method. According to this hybrid encryption method, a fast-processing common key encryption method is applied to a document having a large data amount, and a public key encryption method having a slow processing is used only for encrypting a common key having a small data amount. And the advantages of both can be used effectively.

The encryption key and the decryption key used for the above-mentioned encryption processing and decryption can be obtained by applying a one-way function such as a hash function based on a certain password or the like. A one-way function is a function that makes it very difficult to obtain an input from its output. For example, user I
A one-way function is applied with a password such as D as an input, and an encryption key and a decryption key are generated based on the output. From the encryption key and the decryption key obtained in this way, the user ID which is the original data
It is virtually impossible to ask for a password such as

In view of the above, in a configuration using an encryption key and a decryption key, password management is a very important issue in security management. However, at present, there are various problems in personally managing passwords such as user IDs. While it may be advantageous to have a complex password to increase security,
It is difficult for a human to remember a complicated password.
It is also possible to store and save the password in some storage device such as a hard disk to supplement human memory, but if a password is stored in such a storage device, a third party steals the password from the storage device There is a problem with safety.

As one method for solving the problem of password management, there is a method of using an individual's biometric information, for example, a fundus image, a fingerprint, or the like, to verify whether or not the user is an authorized user. As an example of a security management system using personal biometric information, there is a personal information management apparatus and method disclosed in Japanese Patent Application Laid-Open No. H11-215119.

The system described in Japanese Patent Application Laid-Open No. 11-215119 has a configuration in which biometric information of an authorized user, for example, code information obtained from a fundus image is registered and stored in the system in advance. In this system, a user who wants to perform document encryption processing first causes the system to read biometric information such as his / her own fundus information. Next, the system compares the biometric information read from the user with the registered biometric information to confirm whether or not the user is an authorized registered user. Only when the legitimacy of the user is confirmed by this collation processing, the processing shifts to the encryption processing using the key based on the biometric information. According to this method, since the encryption process is executed using the secret key based on the biometric information unique to the individual, there is an effect that the secret key is prevented from being copied or misused by another person.

[0013]

However, in order to realize the individual validity confirmation processing using such biological information, it is necessary to compare the newly read biological information such as the fundus image and fingerprint of the individual with the comparison object. It is necessary to store such collation information in a storage device in the system. That is, it is necessary to previously store image information obtained by electronically photographing a fundus image, a fingerprint, and the like of each individual who is an authorized user, or a code string obtained from this image information in a storage device in advance. Japanese Patent Application Laid-Open No. H11-215119 enhances security by storing a secondary code obtained by converting a code obtained from biometric information, but such a system is used when the stored information is stolen. However, the encryption key may be duplicated based on the stolen information, and the reliability of the system is not always sufficient.

Further, in the conventional code generation method relying only on biometric information, when it becomes difficult to read biometric information due to injury to a finger or the like, a situation occurs in which code cannot be generated. In addition, there are quite a few users who feel resistance to reading biometric information, for example, a fingerprint, and there is a problem in a code generation method that requires input of biometric information such as a fingerprint.

Further, in the conventional code generation method relying only on biometric information, if biometric information codes read from fingerprints of different individuals become the same, the same encryption key is generated based on the same code. there is a possibility. In order to eliminate such a possibility, the pattern reading accuracy of the biometric information reading means such as a scanner must be extremely high so that the biometric information code of each individual is surely different. However, in reality, it is difficult to realize such high-precision reading, and when trying to realize high-precision reading, a different code is generated for each reading even if the same person is used. However, it is difficult to realize a system that is practically usable.

Further, in the conventional system configuration, in a system having no storage device for storing image information obtained by electronically capturing biometric information such as a fundus image of a regular user or a code string obtained from the image information, Collation processing is not possible. Therefore, when the above configuration is applied to a cryptographic information distribution system via a network, only devices equipped with a memory storing collation information can participate in communication, and devices not storing collation information can communicate. Will not be able to participate. Therefore, the above configuration is effective only in a very limited system, and has a drawback of poor expandability.

Further, when an encryption key is to be generated based on biological information such as fundus image information as in the personal information management apparatus and method disclosed in Japanese Patent Application Laid-Open No. 11-215119, a fundus obtained from an individual is required. There are two pieces of image information even when the left and right eyes are used, and the number of code strings obtained from the fundus image information is extremely small, so it is difficult to increase the types of encryption keys. If another encryption key is to be created, it is possible to use other biometric information, for example, a fingerprint. However, even if ten fingers are used, only up to ten types of codes can be obtained. However, there is a problem that the encryption key generated by the encryption key generation method using the biometric information is limited to an extremely limited finite number.

The encryption / decryption device, encryption / decryption method, and program providing medium of the present invention have been made in view of the above-mentioned problems in the prior art.

According to the present invention, a code is generated based on at least one of biometric information and a character string, and an encryption key or a decryption key is generated based on the code. A key can be generated by inputting only a character string without requiring the input of a character string, and a code generated by only the biometric information, only the character string, or a combination of the biometric information and the character string at the user's discretion Key generation device, encryption / decryption device, encryption key generation method, and encryption / decryption method capable of generating an encryption key or a decryption key based on .

[0020]

SUMMARY OF THE INVENTION A first aspect of the present invention is as follows.
Biometric information reading means for obtaining biometric information, biometric code generating means for generating a biometric code based on the plurality of biometric information obtained by the biometric information reading means, character string input means for inputting a character string, and the character Intermediate code generation means for generating an intermediate code based on a character string input at the column input means, and at least one of a biological code generated by the biological code generation means, or an intermediate code generated by the intermediate code generation means Storage means for storing the biometric code generated by the biometric code generation means, or at least one of the intermediate codes generated by the intermediate code generation means, to perform encryption processing or decryption processing. Key generation means for generating a key to be applied. It is in the location.

Further, in one embodiment of the encryption key generation device of the present invention, the key generation means includes both a biometric code generated by the biometric code generation means and an intermediate code generated by the intermediate code generation means. It is characterized by having a configuration for generating a key to be applied to encryption or decryption processing by arithmetic processing based on a code.

Further, in one embodiment of the encryption key generation device of the present invention, the key generation means includes a biometric code generated by one or more biometric code generation means;
Acquiring the intermediate code generated by the above-described intermediate code generation means and input mode information for each of the one or more biometric codes or the one or more intermediate codes;
It is characterized in that a key to be applied to an encryption process or a decryption process is generated based on the biometric code, the one or more intermediate codes, and the input mode information.

Further, in one embodiment of the encryption key generating apparatus of the present invention, the input mode information includes at least input order information of biometric information or a character string used for key generation, and biometric information or a character string used for key generation. Reader information,
It is characterized by including any one of biological part information of biological information used for key generation.

Further, in one embodiment of the encryption key generating apparatus of the present invention, the biometric information read by the biometric information reading means is any of a fingerprint, a fundus image, a voiceprint, a DNA pattern, or a fingerprint, a fundus image, a voiceprint, DNA pattern 2
It is characterized by a combination of the above biological information.

Further, in one embodiment of the encryption key generating apparatus of the present invention, the biometric information read by the biometric information reading means is fingerprint information, and the biometric code generating means comprises:
In a plurality of regions obtained by dividing a fingerprint image, a ridge direction formed by a fingerprint uneven pattern is identified, and a biometric code is generated by associating a code corresponding to the ridge direction for each of the plurality of regions. And

Further, in one embodiment of the encryption key generation device of the present invention, the biometric code generation means includes a correspondence table in which an output biometric code is associated with a data sequence based on biometric information acquired by the biometric information reading means. Means for outputting a biometric code based on the correspondence table.

Further, in one embodiment of the encryption key generation device of the present invention, the key generated by the key generation means is any one of a common key in a common key encryption method, a public key in a public key encryption method, and a secret key. It is characterized by being.

Further, a second aspect of the present invention is a data input means for inputting data to be encrypted, a biometric information reading means for obtaining biometric information, and a plurality of biometric information obtained by the biometric information reading means. Biometric code generation means for generating a biometric code based on a character string; character string input means for inputting a character string; intermediate code generation means for generating an intermediate code based on the character string input at the character string input means; Storage means for storing at least one of the biometric code generated by the code generation means and the intermediate code generated by the intermediate code generation means, and the biometric code generated by the biometric code generation means or the intermediate code generation Encryption processing based on at least one of the intermediate codes generated by the means. Key generation means for generating a key to be applied to the data, encryption means for executing an encryption process of data input from the data input means based on the key generated by the key generation means, and encryption at the encryption means. And output means for outputting the encrypted data.

Further, in one embodiment of the encryption device of the present invention, the key generation means includes both a biometric code generated by the biometric code generation means and an intermediate code generated by the intermediate code generation means. , A key to be applied to the encryption process is generated by an arithmetic process based on.

Further, in one embodiment of the encryption device of the present invention, the key generation means is generated by one or more biometric code generation means and one or more intermediate code generation means. And input mode information for each of the one or more biometric codes or each of the one or more intermediate codes, and encrypts the information based on the one or more biometric codes, the one or more intermediate codes, and the input mode information. Characterized in that it has a configuration for generating a key to be applied to the conversion processing.

Further, in one embodiment of the encryption device of the present invention, the input mode information includes at least input sequence information of biometric information or a character string used for key generation, and reading of biometric information or a character string used for key generation. It is characterized by including any one of device information and biological part information of biological information used for key generation.

Further, in one embodiment of the encryption device of the present invention, the biometric information read by the biometric information reading means is any one of a fingerprint, a fundus image, a voiceprint and a DNA pattern, or a fingerprint, a fundus image, a voiceprint and a DNA pattern. It is a combination of two or more pieces of biological information of a pattern.

Further, in one embodiment of the encryption device of the present invention, the biometric information read by the biometric information reading means is fingerprint information, and the biometric code generation means includes a plurality of areas obtained by dividing a fingerprint image. It is characterized in that a biometric code is generated by identifying a ridge direction formed by a pattern and associating a code corresponding to the ridge direction with each of the plurality of regions.

Further, in one embodiment of the encryption device of the present invention, the biometric code generation means includes a correspondence table means for associating an output biometric code with a data sequence based on biometric information acquired by the biometric information reading means. Wherein the biometric code generation means outputs a biometric code based on the correspondence table.

Further, in one embodiment of the encryption device of the present invention, the key generated by the key generation means is one of a common key in a common key encryption system, a public key in a public key encryption system, and a secret key. It is characterized by being.

Further, a third aspect of the present invention is a data input device for inputting data to be decoded, a biometric information reading device for obtaining biometric information, and a plurality of biometric information obtained by the biometric information reading device. Biometric code generation means for generating a biometric code based on a character string; character string input means for inputting a character string; intermediate code generation means for generating an intermediate code based on the character string input at the character string input means; Storage means for storing at least one of the biometric code generated by the code generation means and the intermediate code generated by the intermediate code generation means, and the biometric code generated by the biometric code generation means or the intermediate code generation Decoding means based on at least one of the intermediate codes generated by the means. Key generation means for generating a key to be applied to the data, decryption means for performing a decryption process on data input from the data input means based on the key generated by the key generation means, and decryption by the decryption means. And output means for outputting the converted data.

Further, in one embodiment of the decryption apparatus of the present invention, the key generation means includes both a biometric code generated by the biometric code generation means and an intermediate code generated by the intermediate code generation means. , A configuration for generating a key applied to the decryption process by an arithmetic process based on

Further, in one embodiment of the decryption apparatus of the present invention, the key generation means is generated by one or more biometric code generation means and one or more intermediate code generation means. The input mode information for each of the intermediate codes and the one or more biometric codes or the one or more intermediate codes, and decodes based on the one or more biometric codes, the one or more intermediate codes, and the input mode information. Characterized in that it has a configuration for generating a key to be applied to the conversion processing.

Further, in one embodiment of the decoding device of the present invention, the input mode information includes at least input order information of biometric information or a character string used for key generation, and reading of biometric information or a character string used for key generation. It is characterized by including any one of device information and biological part information of biological information used for key generation.

Further, in one embodiment of the decoding apparatus of the present invention, the biometric information read by the biometric information reading means is any one of a fingerprint, a fundus image, a voiceprint and a DNA pattern, or a fingerprint, a fundus image, a voiceprint and a DNA pattern. It is a combination of two or more pieces of biological information of a pattern.

Further, in one embodiment of the decoding apparatus according to the present invention, the biometric information read by the biometric information reading means is fingerprint information, and the biometric code generation means determines whether the fingerprint image is uneven in a plurality of areas obtained by dividing the fingerprint image. It is characterized in that a biometric code is generated by identifying a ridge direction formed by a pattern and associating a code corresponding to the ridge direction with each of the plurality of regions.

Further, in one embodiment of the decoding apparatus of the present invention, the biometric code generation means includes a correspondence table means for associating an output biometric code with a data sequence based on biometric information acquired by the biometric information reading means. Wherein the biometric code generation means outputs a biometric code based on the correspondence table.

Further, in one embodiment of the decryption apparatus of the present invention, the key generated by the key generation means is any one of a common key in a common key encryption system, a public key in a public key encryption system, and a secret key. It is characterized by being.

Further, a fourth aspect of the present invention is a data input means for inputting data to be encrypted or decrypted,
Biometric information reading means for obtaining biometric information, biometric code generating means for generating a biometric code based on the plurality of biometric information obtained by the biometric information reading means, character string input means for inputting a character string, and the character Intermediate code generation means for generating an intermediate code based on a character string input at the column input means, and at least one of a biological code generated by the biological code generation means, or an intermediate code generated by the intermediate code generation means Storage means for storing the biometric code generated by the biometric code generation means, or at least one of the intermediate codes generated by the intermediate code generation means, to perform encryption processing or decryption processing. Key generation means for generating a key to be applied; and a key generated by the key generation means. Encrypting means for performing an encryption process on the data input from the data input means, and decrypting the data input from the data input means based on the key generated by the key generating means. And an output unit for outputting data encrypted by the encryption unit or the decryption unit.

A fifth aspect of the present invention is a data transmission system having a data transmission device and a data reception device connected by a network, wherein the data transmission device has a memory means for storing data to be encrypted. When,
Biometric information reading means for obtaining biometric information, biometric code generating means for generating a biometric code based on the plurality of biometric information obtained by the biometric information reading means, character string input means for inputting a character string, and the character Intermediate code generation means for generating an intermediate code based on a character string input at the column input means, and at least one of a biological code generated by the biological code generation means, or an intermediate code generated by the intermediate code generation means And a key to be applied to the encryption process based on at least one of the biometric code generated by the biometric code generation means and the intermediate code generated by the intermediate code generation means. Key generating means for generating, and the memo based on the key generated by the key generating means. Encrypting means for performing an encryption process on data input from the means, and network interface means for outputting data encrypted by the encrypting means, wherein the data receiving device comprises: Network interface means for receiving encrypted data via a network, biometric information reading means for obtaining biometric information, and biometric code generating means for generating a biometric code based on the plurality of biometric information obtained by the biometric information reading means Character string input means for inputting a character string, intermediate code generation means for generating an intermediate code based on the character string input in the character string input means, a biometric code generated by the biometric code generation means, or At least one of the intermediate codes generated by the intermediate code generation means A key to be applied to a decryption process based on at least one of the biometric code generated by the biometric code generation means and the intermediate code generated by the intermediate code generation means. Key generating means for generating a key, a decrypting means for performing a decryption process on data input from the network interface means based on the key generated by the key generating means, and storing the data decrypted by the decrypting means. And a data transmission system.

Further, a sixth aspect of the present invention relates to a data receiving device and a data transmitting device connected to a network,
A data storage system comprising: a memory unit connected to both the data receiving device and the data transmitting device; wherein the data receiving device includes a network interface unit for receiving data via a network; Biometric information reading means, biometric code generating means for generating a biometric code based on a plurality of biometric information obtained in the biometric information reading means, a character string input means for inputting a character string, and the character string input means Intermediate code generation means for generating an intermediate code based on the input character string, and storage for storing at least one of the biometric code generated by the biometric code generation means and the intermediate code generated by the intermediate code generation means Means, a biological code generated by the biological code generating means, or Based on at least one of the intermediate codes generated by the intermediate code generating means, a key generating means for generating a key to be applied to an encryption process; and An encryption unit that performs an encryption process on data input from a network interface unit; and a network interface unit that outputs data encrypted by the encryption unit.
The data receiving device stores the encrypted data encrypted by the encrypting unit, the data transmitting device includes a biological information reading unit that obtains biological information, and a plurality of biological information obtained by the biological information reading unit. Biometric code generation means for generating a biometric code based on information, character string input means for inputting a character string, intermediate code generation means for generating an intermediate code based on the character string input in the character string input means, Storage means for storing at least one of the biometric code generated by the biometric code generation means or the intermediate code generated by the intermediate code generation means, and the biometric code generated by the biometric code generation means, or the intermediate code The code is generated based on at least one of the intermediate codes generated by the generating means. Key generating means for generating a key to be applied to the decryption processing; decryption means for performing decryption processing of data input from the memory means based on the key generated by the key generation means; Means for outputting data decrypted by the means.

Further, according to a seventh aspect of the present invention, there is provided an encryption key generating method for generating an encryption key used for encryption or decryption processing, wherein a biometric information reading step for obtaining biometric information; A biometric code generating step of generating a biometric code based on the plurality of biometric information obtained in the step, a character string input step of inputting a character string, and generating an intermediate code based on the character string input in the character string input step An intermediate code generation step, a storage step of storing at least one of the biological code generated in the biological code generation step, and an intermediate code generated by the intermediate code generation means; Bio code, or the bio code generated in the intermediate code generation step. It has been based on at least one code of the intermediate code and the encryption key generation method characterized by having a key generating step of generating a key applied to encryption processing or decryption processing.

Further, an eighth aspect of the present invention is a data input step of inputting data to be encrypted, a biometric information reading step of obtaining biometric information, and a plurality of biometric information obtained in the biometric information reading step. A biometric code generation step of generating a biometric code based on a biometric code; a character string input step of inputting a character string; an intermediate code generation step of generating an intermediate code based on the character string input in the character string input step; A storage step of storing at least one of the biometric code generated in the code generation step or the intermediate code generated by the intermediate code generation means, and a biometric code generated in the biometric code generation step;
Or a key generation step of generating a key to be applied to an encryption process based on at least one of the intermediate codes generated in the intermediate code generation step; and An encryption method comprising: an encryption step of performing encryption processing of data input in a data input step; and an output step of outputting data encrypted in the encryption step.

Further, a ninth aspect of the present invention is a data input step of inputting data to be decoded, a biometric information reading step of obtaining biometric information, and a plurality of biometric information obtained in the biometric information reading step. A biometric code generation step of generating a biometric code based on a biometric code; a character string input step of inputting a character string; an intermediate code generation step of generating an intermediate code based on the character string input in the character string input step; A storage step of storing at least one of the biometric code generated in the code generation step or the intermediate code generated by the intermediate code generation means, and a biometric code generated in the biometric code generation step;
Or a key generation step of generating a key applied to a decryption process based on at least one of the intermediate codes generated in the intermediate code generation step; and A decoding method includes: a decoding step of executing a decoding process of data input in a data input step; and an output step of outputting data decoded in the decoding step.

Further, a tenth aspect of the present invention is a program providing medium for tangibly providing a computer program for causing a computer system to execute an encryption key generation process, wherein the computer program comprises:
A biological information reading step of obtaining biological information, a biological code generating step of generating a biological code based on the plurality of biological information obtained in the biological information reading step, a character string inputting step of inputting a character string, and the character An intermediate code generating step of generating an intermediate code based on the character string input in the column input step; and at least one of the biological code generated in the biological code generating step and the intermediate code generated in the intermediate code generating means. A storage step of storing
A key for generating a key to be applied to an encryption process or a decryption process based on at least one of the biometric code generated in the biometric code generation step and the intermediate code generated in the intermediate code generation step And a generating step.

The program providing medium according to the tenth aspect of the present invention is, for example, a medium for providing a computer program in a computer-readable format to a general-purpose computer system capable of executing various program codes. . The medium is a storage medium such as CD, FD, MO, etc.
Alternatively, the form such as a transmission medium such as a network is not particularly limited.

Such a program providing medium defines a structural or functional cooperative relationship between the computer program and the providing medium for realizing a predetermined computer program function on a computer system. Things. In other words, by installing the computer program into the computer system via the providing medium, a cooperative operation is exerted on the computer system, and the same operation and effect as the other aspects of the present invention can be obtained. You can do it.

[0053]

According to the structure of the present invention, a code is generated based on at least one of various types of biometric information such as a fingerprint code or data of a character string, and an encryption key or decryption is performed based on the code. Since the configuration for generating a key is provided, it is possible to generate an encryption key or a decryption key when the input of biometric information is difficult, or without requiring the input of biometric information according to the user's preference. , And an encryption process and a decryption process can be executed. Also,
Since a key can be generated by a synthetic code obtained by combining biometric information and a character string, it is possible to enhance the uniqueness of the key generation code, and one read biometric information should be identical between different individuals. Even in this case, a variety of different codes can be generated for a code generated by a combination of biometric information and a character string. Therefore, a code obtained by reading biometric information such as a fingerprint pattern can be made a very simple code, and an encryption / decryption device configuration that does not require a high-precision reading device is realized.

Still other objects, features and advantages of the present invention are:
It will become apparent from the following more detailed description based on the embodiments of the present invention and the accompanying drawings.

[0055]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, an encryption key generation device according to the present invention will be described.
Embodiments of an encryption / decryption device, an encryption key generation method, and an encryption / decryption method will be described with reference to the drawings.
This will be described in detail.

Before describing the embodiments, definitions of terms used in the following description will be briefly described. “Cryptographic system”: A system that performs data encryption processing or decryption processing of encrypted data. “Encryption key”: a key code used to encrypt data. “Decryption key”: a key code required to decrypt the encrypted data. "Key": means both the encryption key and the decryption key or any one of them. “Common key”: a key code that realizes an encryption key and a decryption key with one key. “Fingerprint code”: a code uniquely generated for a fingerprint pattern. “Intermediate code”: a code uniquely generated for an input character string.

Hereinafter, embodiments of the present invention will be described.
The description will be made sequentially according to the following items. (1) [Example 1] (1-1) Encryption device (1-2) Decryption device (2) [Example 2] (2-1) Encryption device (2-2) Decryption device (3) [Example 3] (3-1) Encryption device (3-2) Decryption device (4) [Other embodiments] (4-1) Transmission device provided with encryption device (4-2) Decryption (4-3) Data transmission system (4-4) Receiving device with encryption device (4-5) Transmitting device with decryption device (4-6) Data storage system

[0058]

Embodiment 1 (1-1) Encryption Apparatus FIG. 1 is a block diagram showing an encryption apparatus according to an embodiment of the present invention. As can be understood from the figure, the encryption device includes control means 1, display means 2, input means 3, fingerprint pattern reading means 4, fingerprint code generation means 5, character string input means 6, intermediate code generation means 7, temporary storage. Means 8, key generation means 9,
It has an encryption unit 10, a data input unit 11, and a data output unit 12.

The control means 1 is provided, for example, as shown in FIG.
The microcomputer is provided with a PU, a RAM, and a ROM, and performs various processes executed by the fingerprint pattern reading unit 4, the character string input unit 6, the key generation unit 9, the encryption unit 10, and other units. Control is performed according to each processing program. For example, a process of storing the fingerprint code input from the fingerprint code generation unit 5 and the fingerprint reading information together in the temporary storage unit 8, a process of storing the intermediate code input from the intermediate code generation unit 7 in the temporary storage unit 8, Alternatively, control such as a process of outputting information stored in the temporary storage unit 8 to the key generation unit 9 is executed.

The microcomputer shown in FIG. 2 has a configuration in which a CPU 25, an input / output interface (I / O) 26, a RAM 27, and a ROM 28 are connected to a bus. ROM constituting a microcomputer
Reference numeral 28 stores a basic program for starting up the microcomputer and starting an operating system (OS), and the like. A RAM 27 is used as a main storage memory, and is used for various processes such as a code generation process by the CPU 25. Area. Various programs may be stored in a storage medium (not shown) such as a floppy disk or a hard disk, and may be loaded into the RAM 27 at the time of execution.

The display means 2 is, for example, a liquid crystal display,
Alternatively, the display is realized by a CRT, and according to the control from the control means 1, “display for prompting selection of fingerprint or character string input”, “display for prompting user to input fingerprint”, or “display for prompting user to input fingerprint”. Display Prompting For Column "
It performs a role as a user interface, such as guidance display of various processing procedures or error display when an error occurs.

The input means 3 is realized by, for example, a keyboard, a button switch, and the like, and inputs various processing designation inputs from the user, for example, a user's fingerprint input, a key generation processing start instruction, and the like. The input signal is transferred to the control unit 1, and the control unit 1 executes various controls based on the input data, such as starting processing of each connected device. The input means 3
For example, the display unit 2 may be configured in the display unit 2 as a touch panel system.

The fingerprint pattern reading means 4 is a scanner for optically reading a fingerprint, an image reading means such as a CCD, or a pressure sensor for detecting a pressure generated by pressing a finger for each minute portion to read an uneven pattern. It can be realized by various reading configurations.
In the fingerprint pattern reading means 4, a fingerprint pattern is read based on the control of the control means 1, and the read data is output to the fingerprint code generation means 5.

The fingerprint code generating means 5 is realized by a microcomputer having a CPU, a RAM, a ROM and the like shown in FIG. , A fingerprint code is sequentially generated. The fingerprint reading by the fingerprint pattern reading means 4 and the code generation processing by the fingerprint code generating means 5 will be described in more detail later.

The character string input means 6 is realized by, for example, a keyboard or the like, and executes a character string input by the user. The input character string is output to the intermediate code generation means 7. It should be noted that the same keyboard as the character string input means 6 and the above-described input means 3 can be used in combination. Further, for example, the display means 2 may be configured in the display means 2 as a touch panel system.

The intermediate code generating means 7 is realized by a microcomputer having a CPU, a RAM, a ROM and the like shown in FIG. , And outputs the generated intermediate code to the control means 1.

The temporary storage means 8 stores the fingerprint code generation means 5
Code, intermediate code generation means 7 generated by
Is a memory that receives the intermediate code generated by the control unit 1 under the control of the control unit 1 and temporarily stores the intermediate code. The temporary storage means 8 can be constituted by an external storage device or a RAM in a microcomputer constituting the control means 1.

The key generation means 9 is, for example, the control means 1 described above.
Similarly, the encryption key is realized by a microcomputer having a CPU, a RAM, and a ROM shown in FIG. 2 and based on the fingerprint code generated by the fingerprint code generation means 5 or the intermediate code generated by the intermediate code generation means 7. , And generates a decryption key.

The encryption means 10 is realized by a microcomputer having a CPU, a RAM, a ROM and the like shown in FIG. The encryption is performed using the encryption key input from the key generation means 9.
The encrypted data is output to the data output unit 12.

The data input means 11 is, for example, a character data input means such as a keyboard and a mouse, a data storage means such as a hard disk, a floppy disk and a memory connected via a storage means interface, or a connection via a network interface. This is a means for inputting data to be encrypted.

The data output means 12 is, for example, a data storage means such as a hard disk, a floppy disk, or a memory connected via a storage means interface, or an output means connected via a network interface. Is a means for outputting the executed encrypted data.

In FIG. 1, each unit is shown as a single block for each function in order to make each function easy to understand. For example, the microcomputer constituting the control unit 1 is replaced with the fingerprint code generation unit 5. , The intermediate code generating means 7, the key generating means 9, the encrypting means 10, etc., can be configured to be executed, and the display means 2, the input means 3, It is also possible to configure the character string input means 6 together. In other words, it is not essential that each unit shown in FIG. 1 be a physically independent configuration as long as each unit can execute necessary processing.

Next, the procedure of data encryption processing using the encryption apparatus of FIG. 1 will be described with reference to the flow of FIG.

In step S01, a display is displayed on the display means 2 shown in FIG. 1 to prompt the user to select between fingerprint input and character string input. Step S02
Proceed to. In step S02, it is determined whether the selection input from the input means 3 shown in FIG. 1, that is, whether the fingerprint input or the character string input is selected.

If the user selects fingerprint input in step S02, the process proceeds to step S03. In step S03, a message to prompt the user to input a fingerprint is displayed on the display unit 2 shown in FIG. 1, and in step S04, the fingerprint input is performed using the fingerprint pattern reading unit 4.

Next, in step S05, fingerprint code generation processing is executed by the fingerprint code generation means 5 shown in FIG. When a fingerprint code is generated from the read fingerprint data, the fingerprint code is stored in the temporary storage means 8 in step S06. The fingerprint code generation processing will be described in detail later.

If the user selects character string input in step S02, the flow advances to step S07. In step S07, the display unit 2 shown in FIG.
A message prompting execution of character string input is displayed, and step S
At 08, a character string input is performed using the character string input means 6.

Next, in step S09, the intermediate code generation processing based on the input character string is executed in the intermediate code generation means 7 shown in FIG. When the intermediate code is generated, the intermediate code is stored in the temporary storage means 8 in step S10. The intermediate code generation processing will be described later in detail.

Next, in step S11, the fingerprint code or the intermediate code stored in the temporary storage means 8 is read. In step S12, a key generation process is performed in the key generation means 9 shown in FIG. 1 based on the read fingerprint code or intermediate code.

When the key generation is completed, in step S13, data to be encrypted is input from the data input means 11 to the encrypting means 10, and then in step S13.
At 14, the encrypting means 10 executes data encryption processing based on the generated key. The encrypted data generated by the encryption processing is output by the data output unit 12 in step S15. Processing examples of the key generation processing and the encryption processing will be described later.

Next, details of each configuration of the encryption apparatus shown in FIG. 1 will be described.

First, details of a processing example of the fingerprint pattern reading means 4 and the fingerprint code generating means 5 shown in FIG. 1 will be described with reference to FIGS.

The apparatus of the present invention outputs a code uniquely derived from biological information, for example, a fingerprint pattern.
One example is a method of outputting a code by analyzing the direction of a fingerprint ridge forming a fingerprint pattern.
Hereinafter, a method of outputting a code by analyzing the direction of the fingerprint ridge will be described in detail.
However, the method of outputting a code from biological information in the device of the present invention is not limited to the method described below, and various methods can be applied as long as a unique code can be output from biological information. it can.

FIG. 4 is an example of a fingerprint image read by the fingerprint pattern reading means 4 shown in FIG. For example, the data format of a fingerprint pattern read by a fingerprint pattern reading unit such as a scanner is often
It becomes multi-valued image data. When the multi-level image data is input, the fingerprint code generation unit 5 first converts the multi-level image data into binary image data, performs smoothing, and further performs filtering such as noise removal.
Perform various preprocessing.

Next, the fingerprint code generating means 5 divides the preprocessed image data into predetermined small areas as shown in FIG. Since a code is assigned to each divided region to form a fingerprint code, a code with a large amount of information can be generated by increasing the number of divided regions. However, when the area is increased, that is, when each divided area is reduced, it is necessary to improve the reading accuracy and the possibility of occurrence of a reading error increases. In the example shown in FIG. 4, the division area is set to 16.

The curve in FIG. 4 shows the ridge of the fingerprint.
With respect to the directions of the ridges indicated in the 16 divided regions shown in FIG. 4, an average value (average direction) in each region is calculated. As to the direction, direction data corresponding to each direction is assigned in advance as shown in FIG. 5, and the average value (average direction) in each region is set in the direction shown in FIG.
Data indicating the closest direction is selected, and direction data is assigned to each area. In the example shown in FIG. 5, different data is associated with eight directions from 0 to 7 as direction data. Even in these directions, the generated code can be a code with a large amount of information by further subdividing the directions, for example, 16 directions.

As a method of calculating the average value in the ridge direction of each small area, for example, a method of obtaining partial derivatives of the ridge directions included in the small area and setting the direction having the largest number of 0 as the average value, There are various methods such as a method of determining the vertical direction of the line segment having the largest number of ridges as an average value, and any method may be used.

FIG. 6 shows an example in which the direction data of FIG. 5 is added to the data of FIG. The diagram on the left side of FIG. 6 is a diagram in which the average value (average direction) of each small region is indicated by an arrow. Data closest to these arrow directions is selected from the direction data in FIG. 5, and data allocated to each small area is shown on the right. By arranging these data in series, a direction data string as shown in the lower right of FIG. 6 is generated.

The direction data string obtained by the above-described method constitutes one code, and it is possible to apply this code directly as a key generation code. Depending on the mode at the time of reading, there is a possibility that a different data string is obtained. To always output the same data string, it is necessary to improve reading accuracy and the like. One purpose of the encryption device of the present embodiment is to compose the same key generation code by simple reading means, and this directional data string is not used directly as a key generation code. , The direction data sequence is classified into several fingerprint patterns as shown in FIG.
A code is configured based on the classification data.

In general, there are seven typical patterns in a fingerprint, and these can be associated with a direction data string as a table as shown in FIG. Each direction data string is data in which direction data of 16 small areas obtained by the method described with reference to FIGS. As shown in FIG. 7, "right flow type", "left flow type", "bag type",
It can be classified into seven types: “twin type”, “bow type”, “pillar type”, and “vortex type”. Note that “X” in the direction data sequence shown in FIG. 7 indicates that any of the direction data 0 to 7 may be used. The direction data sequence obtained in FIG. 6 corresponds to the “vortex” of fingerprint number 7. If any of the fingerprint numbers 1 to 7 does not match, it is determined that it corresponds to fingerprint number 0 “irregular type”.

FIG. 8 shows the fingerprint code generation method described with reference to FIGS. 4 to 7 as a processing flow. The flow of FIG. 8 will be described.

Step S31 is a fingerprint image input step in the fingerprint pattern reading means 1 shown in FIG. Step S32 is a preprocessing step such as binarization processing, smoothing processing, and noise removal for the input image data in the fingerprint code generation unit 5.

Step S33 is a process of dividing the data, for which the preprocessing has been completed, into 16 as described with reference to FIG. In step S34, the average value of the ridges of each of the 16 small areas is calculated, and the direction data is associated with each small area based on the predetermined direction data (see FIG. 5). Generate a column.

In step 35, based on the direction data string shown in FIG.
The correlation between the direction data string generated in step 4 and each direction data string stored in the table is calculated. Further, step S3
In step 6, the fingerprint number corresponding to the table storage direction data sequence having the highest correlation with the generation direction data sequence is selected. If it is determined that the data does not correspond to any of the table storage direction data strings, the fingerprint number is set to “0”.

In step S37, step S36
Then, the fingerprint code selected in the step 2, that is, one of the fingerprint numbers shown in FIG. 7 is output as a fingerprint code.

The above-described example is one example of a process for generating a code from a fingerprint. In addition to this, any other method for generating a unique code from a fingerprint pattern can be used as the fingerprint code generating means of the present invention. The method is applicable.

Next, the intermediate code generation processing in the intermediate code generation means 7 of FIG. 1 will be described.

The intermediate code generation means 7 receives the input character string from the character string input means 6, and converts this character string into ASCII code for each character. For example, the ASCII code of the character a is 61h, and the ASCII code of the character b is 62h.

The intermediate code generation means 7 executes the operation of the values of these ASCII codes. The calculation is executed, for example, as a calculation process of calculating the sum of the ASCII codes of the input character strings and calculating a surplus obtained by dividing the sum by 8.

For example, if the input character string = watanabe, the ASCII codes for each character are arranged as (77h, 61h, 74h, 61h, 6eh, 61h).
h, 62h, 65h). The sum of these is "34
3h ". Further dividing "343h" by 8 gives
The surplus is 3, and the intermediate code of the input character string = watanabe is “3”.

That is, the intermediate code = (77h, 61h, 74h, 61h, 6e)
(h, 61h, 62h, 65h) The intermediate code is calculated as mod8 = 3.

FIG. 9 shows a flow of the intermediate code generation processing in the intermediate code generation means 7. Hereinafter, each step of the flow will be described.

In step S38, a character string is input by the user from the character string input means 6 shown in FIG. 1, and the intermediate code generation means 7 receives the input character string. Step S
At 39, the intermediate code generation means 7 executes an addition operation of an ASCII value corresponding to the received input character string,
Calculate the sum.

In step S40, the intermediate code generation means 7 executes an operation of dividing the sum obtained in step S39 by 8, thereby obtaining a surplus value.

In step S41, the intermediate code generation means 7 outputs the surplus value obtained in step S40 as an intermediate code.

The intermediate code generating means 7 outputs a unique intermediate code corresponding to the character string input from the character input means 6 according to the above procedure.

The above-described example is one example of a process for generating an intermediate code from a character string, and any other method for generating a unique code from a character string may be used as the intermediate code generation means of the present invention. Various techniques are applicable.

Next, the details of the key generation by the key generation means 9 in FIG. 1 will be described with a specific example. The key generation means 9 in the encryption device of the present invention generates a key based on a fingerprint code or an intermediate code generated by applying the above-described method or the like.

The key generation means 9 receives any one of a fingerprint code and an intermediate code, generates a key based on the input code, and outputs the key. As an example of the key generation processing, for example, there is a method in which a code obtained by squaring an input fingerprint code or an intermediate code is output as a key.

For example, when the fingerprint code is “7h”, the key is set to 7h × 7h = 31h.

FIG. 10 shows a key generation processing flow according to the above-described method. In step S42, one of the fingerprint code generated by the fingerprint code generating means 5 and the code generated by the intermediate code generating means 7 shown in FIG.
Is the input step.

Step S43 is a step for generating the key by executing the above-described operation based on the fingerprint code or the intermediate code input in step S42, and the generated key is used in step S44 for the encryption means shown in FIG. It is output to 10.

The above-described key calculation method is an example, and a key is generated by applying various processing such as applying a one-way function to data based on a fingerprint code or an intermediate code, A key can be generated by a known public key generation method, a common key generation method, or the like.

Next, details of the encryption processing of the encryption means 10 of FIG. 1 will be described. The encryption means 10 in the encryption device of the present invention executes the encryption processing of the data input from the data input means 11 using the key generated by the above-described method, and outputs the data to the data output means 12.

The encryption means 10 performs a process of adding a key value for each byte of data to be encrypted, for example, to execute a data encryption process. For example, when the key generated by the key generation means 9 and the data input from the data input means 11 are the following data strings, key = 17h data to be encrypted = 23h 56h C3h 08h
EFh At this time, 17h is added for each byte of data to be encrypted, and encrypted data = 3Ah 6Dh DAh 1Fh 06
h.

FIG. 11 shows an encryption processing flow according to the above-described method. Step S45 is a step in which the encryption means 10 inputs the key generated by the key generation means shown in FIG. Step S46 is a step in which the encryption means 10 inputs data to be encrypted from the data input means 11. Next, in step S47, the above-described encryption processing, that is, the input data is divided into 1-byte units, and an operation is performed using a key to perform the encryption processing.
In step 8, the encrypted data is output.

The encryption process performed by the encryption means 10 can use various encryption methods applied to conventionally known public key encryption methods, common key encryption methods, and the like. In the encryption device of the present invention, the encryption method to be applied is not limited at all.

While the embodiment of the encryption device according to the present invention has been described above, as described above, the encryption device according to the present invention is based on any input information, either biometric information or a character string. Unlike a conventional fingerprint or other configuration that acquires a code based only on biometric information because it is a configuration that acquires a key generation code, for example, in a situation where it is difficult to input biometric information due to a finger injury etc. Also, since the code is generated based on the character input from the character string input means, the key generation processing becomes possible.

In the above-described embodiment, a fingerprint was used as an example of the biometric information. However, other than the fingerprint, “personal information unique to the person” such as a voiceprint, a fundus pattern, a DNA
Patterns and the like can also be used.

(1-2) Decoding Device Next, the decoding device of the present invention will be described. FIG. 12 is a block diagram according to an embodiment of the decoding device of the present invention.
As can be seen from the figure, the decoding device comprises a control means 13,
Display means 14, input means 15, fingerprint pattern reading means 16, fingerprint code generation means 17, character string input means 1
8, an intermediate code generation unit 19, a temporary storage unit 20, a key generation unit 21, a decryption unit 22, a data input unit 23, and a data output unit 24.

The control means 13 includes, for example, a CPU and an R as shown in FIG.
It is realized by a microcomputer having an AM and a ROM, and includes a fingerprint pattern reading unit 16, a fingerprint code generation unit 17, an intermediate code generation unit 19, and a key generation unit 2.
1, various processes executed by the decoding unit 22 and other units are controlled in accordance with each processing program. For example, the temporary storage unit 2 combines the fingerprint code input from the fingerprint code generation unit 17 with the fingerprint read information.
0, or the intermediate code generating means 19
Is executed to store the generated intermediate code in the temporary storage unit 20, or to output the information stored in the temporary storage unit 20 to the key generation unit 21.

The display means 14, the input means 15, the fingerprint pattern reading means 16, the fingerprint code generation means 17, the character string input means 18, the intermediate code generation means 19, the temporary storage means 20, and the key generation means 21 are as shown in FIG. Since they are the same as the respective means in the encryption means shown in (1), the description is omitted.

The decryption means 22 is realized by a microcomputer having a CPU, a RAM and a ROM shown in FIG. 2 as in the case of the above-mentioned encryption means 10, and decodes data to be decrypted inputted from the data input means 23. Decryption is performed using the decryption key input from the key generation means 21. The decrypted data is output to the data output means 24.

In FIG. 12, in order to make each function easy to understand, each means is shown as a single block for each function. For example, the microcomputer constituting the control means 13 is replaced with the fingerprint code generation means 1.
7, it is also possible to execute the processing of the intermediate code generation means 19, the key generation means 21, the decryption means 22 and the like, and the display means 1 is provided by a touch display.
4 and the input means 15 and the character string input means 18 can be combined. In other words, it is not essential that each unit shown in FIG. 12 is a physically independent configuration as long as each unit can execute necessary processing.

Next, the procedure of the data decoding process using the decoding apparatus of FIG. 12 will be described with reference to the flow of FIG.

In step S16, a display prompting the user to select between fingerprint input and character input is displayed on the display means 14 shown in FIG. Step S1
Go to 7. In step S17, it is determined whether the selection input from the input means 15 shown in FIG. 12, that is, whether the fingerprint input or the character input is selected.

If the user selects fingerprint input in step S17, the process proceeds to step S18. In step S18, a message to prompt the user to input a fingerprint is displayed on the display unit 14 shown in FIG.
, A fingerprint input is performed using the fingerprint pattern reading means 16.

Next, in step S20, fingerprint code generation processing is executed by the fingerprint code generation means 17 shown in FIG. When a fingerprint code is generated from the read fingerprint data, the fingerprint code is stored in the temporary storage means 20 in step S21.

If the user selects character string input in step S17, the process proceeds to step S22. In step S22, a display is displayed on the display unit 14 shown in FIG. 12 to prompt the execution of the character string input. In step S23, the character string input is executed using the character string input unit 18.

Next, in step S24, intermediate code generation processing based on the input character string is executed in the intermediate code generation means 19 shown in FIG. When the intermediate code is generated, the intermediate code is stored in the temporary storage unit 20 in step S25.

Next, in step S26, the fingerprint code or the intermediate code stored in the temporary storage means 20 is read. In step S27, key generation processing is executed in the key generation means 21 shown in FIG. 12 based on the read fingerprint code or intermediate code.

When the generation of the key is completed, in step S28, data to be decrypted is input from the data input means 23 to the decryption means 22, and then the process proceeds to step S28.
At 29, the decrypting means 22 executes data decryption processing based on the generated key. The decoded data generated by the decoding process is output by the data output unit 24 in step S30.

Next, details of each component of the decoding apparatus shown in FIG. 12 will be described. This is the same as the fingerprint pattern reading means 16, the fingerprint code generating means 17, and the encryption device shown in FIG. 12, and outputs biometric information, for example, a code uniquely derived from the fingerprint pattern. One example is a method of outputting a code by analyzing the direction of a fingerprint ridge forming a fingerprint pattern, and the same processing as described with reference to FIGS. 4 to 8 is executed. That is, as described with reference to FIGS. 4 to 8, a direction data sequence is derived from a fingerprint image, and a code is output based on a table in which the direction data sequence is classified into several fingerprint patterns as shown in FIG. .

The processing of the character string input unit 18 and the intermediate code generation unit 19 shown in FIG. 12 is the same as that of each unit of the encryption device, and the description is omitted.

The key generation method of the key generation means 21 in FIG.
This is the same as the key generation method in the encryption device described above, and based on the fingerprint code or the intermediate code generated by the intermediate code generation unit 19 based on the character string input by the character string input unit 18, A key is generated and output by a method similar to that of the encryption device.

The key generation means 21 in the decryption device
Can generate a key by applying various kinds of processing such as applying a one-way function to data based on a fingerprint code or an intermediate code. A key can be generated by a generation method, a common key generation method, or the like.

Next, details of the decoding process of the decoding means 22 in FIG. 12 will be described. In the decryption device 22 of the decryption device of the present invention, the key generation device 21 is input from the data input device 23 using the key generated by the same method as that described in the description of the encryption device. The data is decrypted and output to the data output unit 24.

The decrypting means 22 performs a process of subtracting the value of the key for each byte of the data to be decrypted, for example, to perform the data decrypting process. For example, when the key generated by the key generation unit 21 and the data input from the data input unit 23 are the following data strings, key = 17h data to be decrypted = 3Ah 6Dh DAh 1Fh
06h At this time, 17h is subtracted for each byte of data to be decoded, and decoded data = 23h 56h C3h 08h EF
h.

FIG. 14 shows a decoding processing flow according to the above-described method. Step S49 is a step in which the decryption unit 22 inputs the key generated by the key generation unit 21 shown in FIG. Step S50 is a step in which the decoding means 22 inputs data to be decoded from the data input means 23. Next, in step S51, the above-described decryption process, that is, the input data is divided into 1-byte units, a calculation is performed using a key, and the decryption process is performed.

The decryption processing executed by the decryption means 22 can use various methods applied to conventionally known public key cryptosystems, common key cryptosystems, and the like. In the decoding device of the above, the decoding method to be applied is not limited at all.

As described above, one embodiment of the decoding device according to the present invention has been described. As described above, the decoding device according to the present invention is based on any input information of biological information or a character string. Unlike a conventional fingerprint or other configuration that acquires a code based only on biometric information because it is a configuration that acquires a key generation code, for example, in a situation where it is difficult to input biometric information due to a finger injury etc. Also, since the code is generated based on the character input from the character string input means, the key generation processing becomes possible.

In the above embodiment, a fingerprint was used as an example of biometric information. However, in addition to the fingerprint, "personal information", such as a voiceprint, a fundus pattern, a DNA, etc.
Patterns and the like can also be used.

[Embodiment 2] In Embodiment 1 described above,
Although the fingerprint information as biometric information, or the configuration for selectively inputting only one of the character strings and performing encryption or decryption has been described, next, fingerprint information as biometric information,
Example 2 shows a configuration in which both an encryption key and a character string are input, an encryption key or a decryption key is generated based on the combination data, and encryption or decryption is executed.

According to this configuration, a key is generated based on a composite code of a code generated from an arbitrary character string and a code based on biometric information. Therefore, if biometric information matches in different individuals, However, it is possible to eliminate the possibility that a code generated in combination with a code based on a character string will match, and to obtain a code obtained by reading biometric information such as a fingerprint pattern with an extremely simple configuration. .

Further, in the present configuration, an encryption key or a decryption key is generated based on a code string obtained by combining biometric information with a code based on a character string. In the above, an infinite number of different encryption keys or decryption keys can be generated by combining what has been limited to generating ten codes from ten fingers with a character string.

(2-1) Encryption Device The configuration of the encryption device of this embodiment is basically realized by the configuration of the first embodiment shown in FIG. However, the control means 1
Performs a display prompting the display means 2 to input a fingerprint and a display prompting the user to input a character string sequentially. The key generation means 9 outputs the fingerprint code and the intermediate code input from the control means 1. A key is generated based on both. Also, the processing flow, especially the key generation method of the key generation means is different. Hereinafter, the processing of the encryption device according to the second embodiment will be described with reference to the flowcharts of FIGS.

FIG. 15 is a flowchart for explaining the procedure of data encryption processing using the encryption device according to the second embodiment. Each step of the flow in FIG. 15 will be described.

In step S53, a display prompting the input of a fingerprint is displayed on the display means 2 shown in FIG. Proceed to step S54. In step S54, fingerprint input is performed using the fingerprint pattern reading means 4.

Next, in step S55, a fingerprint code generation process is executed in the fingerprint code generation means 5 shown in FIG. When a fingerprint code is generated from the read fingerprint data, the fingerprint code is stored in the temporary storage means 8 in step S56.

Next, in step S57, a message is displayed on the display means 2 shown in FIG. 1 to prompt the user to execute a character string input. In step S58, the character string input means 6 is used to input a character string. Is executed.

Next, in step S59, the intermediate code generation means 7 shown in FIG. 1 executes an intermediate code generation process based on the input character string. When the intermediate code is generated, the intermediate code is stored in the temporary storage means 8 in step S60.

Next, in step S61, the fingerprint code and the intermediate code stored in the temporary storage means 8 are read. In step S62, a key generation process is performed in the key generation means 9 shown in FIG. 1 based on the read fingerprint code and the intermediate code. The key generation processing will be described later with reference to FIG.

When the key generation is completed, in step S63, data to be encrypted is input from the data input means 11 to the encrypting means 10, and then in step S63.
At 64, the encryption means 10 executes data encryption processing based on the generated key. The encrypted data generated by the encryption processing is output by the data output unit 12 in step S65.

The key generation means 9 receives both the fingerprint code and the intermediate code, generates a key based on the input code, and outputs the key. As an example of the key generation processing, for example, there is a method of adding an intermediate code multiplied by 16 to the input fingerprint code, and outputting this as a key.

For example, if the fingerprint code is “7h” and the intermediate code is “5h”, key = 7h + (5h × 16)
= 57h.

FIG. 16 shows a key generation processing flow according to the above-described method. Step S79 is a step in which the key generation means 9 inputs both the fingerprint code generated by the fingerprint code generation means 5 and the code generated by the intermediate code generation means 7 shown in FIG.

Step S80 is a step of generating a key by executing the above-described operation based on the fingerprint code and the intermediate code inputted in step S79. The generated key is a step S81. It is output to 10.

The above-described key calculation method is merely an example, and a key is generated by applying various processes, such as applying a one-way function to data based on a fingerprint code and an intermediate code, or is conventionally known. A key can be generated by a public key generation method, a common key generation method, or the like.

The flow shown in FIG. 15 shows an example in which fingerprint input is executed first, and then character string input is executed. However, a configuration in which character string input is executed first, and then fingerprint input is executed. It may be.

Further, in the above-described embodiment, the fingerprint is described as an example of the biometric information. However, in addition to the fingerprint, "personal information unique to the person" such as a voiceprint, a fundus pattern, a DNA
Patterns and the like can also be used.

According to this configuration, a key is generated based on a composite code of a code generated from an arbitrary character string and a code based on biometric information. Therefore, if biometric information matches in different individuals, However, it is possible to eliminate the possibility that a code generated in combination with a code based on a character string will match, and to obtain a code obtained by reading biometric information such as a fingerprint pattern with an extremely simple configuration. .

Further, in this configuration, an encryption key or a decryption key is generated based on a code string in which biometric information is combined with a code based on a character string. , An infinite number of different encryption keys or decryption keys can be generated.

(2-2) Decoding Device The configuration of the decoding device of this embodiment is basically realized by the configuration of the first embodiment shown in FIG. However, the control unit 13 displays a message prompting the display unit 14 to input a fingerprint,
A message prompting you to enter a character string is displayed sequentially, and
The key generation unit 21 generates a key based on both the fingerprint code and the intermediate code input from the control unit 13. Also, the processing flow, especially the key generation method of the key generation means is different. Hereinafter, the processing of the decoding device according to the second embodiment will be described with reference to the flow of FIG.

FIG. 17 is a flowchart for explaining the procedure of data decoding processing using the decoding apparatus according to the second embodiment. Each step of the flow in FIG. 17 will be described.

In step S66, a display prompting the input of a fingerprint is displayed on the display means 14 shown in FIG. Proceed to step S67. In step S67, fingerprint input is performed using the fingerprint pattern reading means 16.

Next, in step S68, fingerprint code generation processing is executed by the fingerprint code generation means 17 shown in FIG. When the fingerprint code is generated from the read fingerprint data, the fingerprint code is stored in the temporary storage means 20 in step S69.

Next, in step S70, FIG.
Is displayed on the display means 14 to prompt the user to input a character string, and the character string is input using the character string input means 18 in step S71.

Next, in step S72, intermediate code generation processing based on the input character string is executed in the intermediate code generation means 18 shown in FIG. When the intermediate code is generated, the intermediate code is stored in the temporary storage unit 20 in step S73.

Next, in step S74, the fingerprint code and the intermediate code stored in the temporary storage means 20 are read. In step S75, a key generation process is performed in the key generation unit 21 shown in FIG. 12 based on the read fingerprint code and the intermediate code. The key generation processing is the same processing as in FIG. 16 described for the encryption device.

When the key generation is completed, in step S76, data to be decrypted is input from the data input means 23 to the decryption means 22, and then the process proceeds to step S76.
At 77, the decryption means 22 executes data decryption processing based on the generated key. The decoded data generated by the decoding process is output by the data output means 24 in step S78.

Although the flow shown in FIG. 17 shows an example in which fingerprint input is executed first, and then character string input is executed, a configuration in which character string input is executed first, and then fingerprint input is executed. It may be.

Further, in the above-described embodiment, the fingerprint is described as an example of the biometric information. However, other than the fingerprint, "personal information unique to the person", such as a voiceprint, a fundus pattern, a DNA, etc.
Patterns and the like can also be used. According to this configuration, since the key is generated based on a composite code of a code generated from an arbitrary character string and a code based on biometric information, the biometric information may be different in different individuals. Also, it is possible to eliminate the possibility that a code generated by a combination with a code based on a character string matches, and to obtain a code obtained by reading biometric information such as a fingerprint pattern with an extremely simple configuration.

Further, in this configuration, an encryption key or a decryption key is generated based on a code string in which biometric information is combined with a code based on a character string. , An infinite number of different encryption keys or decryption keys can be generated.

[Embodiment 3] In Embodiment 2 described above,
Although an example in which a character string is combined with biometric information is shown, the number of times each of the input of the biometric information and the character string is one, which is a combination of one piece of biometric information and one character string. Hereinafter, a configuration in which biometric information, the number of times of input of a character string, and the input order can be arbitrarily set will be described as a third embodiment.

According to this configuration, the key is generated based on a composite code obtained by combining a code generated from an arbitrary character string and a code based on biometric information in an arbitrary order. With this configuration, it is possible to generate much more different codes, and it is possible to generate a code having a large amount of information by complicating the combination thereof in any way, thereby further improving security.

That is, in addition to the input fingerprint information and the input character information, information indicating the order in which the fingerprints were read, and various “fingerprint reading information” indicating the number of times of input are used as code generation source information. This is because such information becomes unique information that only the user can know. For example: 1. Fingerprint A input 2. Input character string a. Character string b input 4. When the fingerprint B input and the input are executed, the fact that the individual input is performed four times and the fact that the input is performed in the order of the fingerprint, the character string, the character string, and the fingerprint are information that can be known only by the user who performed the input. Becomes

(3-1) Encryption Device The configuration of the encryption device of the present embodiment is basically realized by the configuration of the first embodiment shown in FIG. However, the control means 1
Is displayed on the display means 2 to prompt the user to select between fingerprint input and character string input, a display to prompt fingerprint input, a display to prompt execution of character string input, and a determination as to whether or not to generate a key. The prompting display is executed, and the control means 1 executes the control based on these instructions.

The control means 1 further controls the temporary storage means 8 to store information relating to the input order of fingerprint input and character string input. The temporary storage means 8 also stores information about the input order in addition to the fingerprint code and the intermediate code.

The key generation means 9 generates a key based on both the fingerprint code and the intermediate code input from the control means 1 and outputs the key to the encryption means 10. Hereinafter, FIG.
The processing of the encryption device according to the third embodiment will be described with reference to the flowchart of FIG.

In step S82, a counter indicating the number of fingerprint readings is initialized to 0 (N = 0). This counter records the input sequence of the fingerprint or the character string input by the user, and is stored in the temporary storage unit 8 in FIG. 1 as information constituting “input sequence information”. Next, in step S83, the counter is incremented, and in step S84, a display for prompting the display means 2 shown in FIG. 1 to select whether to input a fingerprint or a character string is executed.

In step S84, it is determined whether the selection input from the input means 3 shown in FIG. 1, that is, whether the fingerprint input or the character input is selected.

If the user selects fingerprint input in step S85, the flow advances to step S86. In step S86, a message prompting the user to input a fingerprint is displayed on the display unit 2 shown in FIG. 1, and in step S87, the fingerprint input is executed using the fingerprint pattern reading unit 4.

Next, in step S88, fingerprint code generation processing is executed in the fingerprint code generation means 5 shown in FIG. When a fingerprint code is generated from the read fingerprint data, the fingerprint code and a counter value N indicating the input order are stored in the temporary storage means 8 in step S89.

If the user selects character string input in step S85, the flow advances to step S90. In step S90, the display unit 2 shown in FIG.
A message prompting execution of character string input is displayed, and step S
At 91, a character string is input using the character string input means 6.

Next, in step S92, the intermediate code generation means 7 shown in FIG. 1 executes an intermediate code generation process based on the input character string. When the intermediate code is generated, the intermediate code and a counter value N indicating the input order are stored in the temporary storage means 8 in step S93.

Next, in step S94, a display requesting an input for designating whether or not to execute the key generation process based on the input data is executed on the display means 2.
When performing the key generation process based on the input data, the user specifies execution of the key generation process via the input unit 3, for example. Further, when the fingerprint input or the character string input processing is continuously performed, the process returns to step S83 via step S95, and the processing up to step S94 is repeatedly performed.

If it is determined in step S95 that key generation has been selected, the flow advances to step S96.

In step S96, temporary storage means 8
The counter value: N indicating the fingerprint code, the intermediate code, and the input order corresponding to each code stored in is stored. In step S97, the key generation unit 9 shown in FIG. 1 executes a key generation process based on the read fingerprint code, the intermediate code, and the counter value N indicating the input order corresponding to each code.

When the key generation is completed, in step S98, data to be encrypted is input from the data input means 11 to the encryption means 10, and then, in step S98.
At 99, the encryption means 10 executes data encryption processing based on the generated key. The encrypted data generated by the encryption processing is output by the data output unit 12 in step S100.

Next, the details of key generation by the key generation means 9 in the third embodiment will be described with a specific example. The key generation means 9 in the encryption device of the present embodiment generates a key based on the fingerprint code, the intermediate code, and a counter value N indicating the input order.

The key generation means 9 inputs either the fingerprint code or the intermediate code, or both codes, and a counter value N indicating the input order, and generates a key based on the input code and the counter value N. Generate and output. As an example of the key generation processing, for example, there is a method of multiplying a counter value: N corresponding to an input fingerprint code or an intermediate code, and outputting a total value obtained by adding the multiplied results as a key.

For example, a counter value indicating the input order: N,
It is assumed that the input fingerprint code or the intermediate code has the following values. At this time, key = 1 × 3 + 2 × 2 + 3 × 5 + 4 × 6 = 2eh.

FIG. 19 shows a key generation processing flow according to the above-described method. Step S120 is a step in which the key generation unit 9 inputs the fingerprint code generated by the fingerprint code generation unit 5 shown in FIG. 1, the code generated by the intermediate code generation unit 7, and the counter value N indicating the input order.

Step S121 is a step of generating the key by executing the above-described operation based on the fingerprint code, the intermediate code, and the counter value indicating the input order: N input in step S120. so,
It is output to the encryption means 10 shown in FIG.

The above-described key calculation method is merely an example, and various processes such as applying a one-way function to data based on a fingerprint code, an intermediate code, and a counter value indicating an input order: N are applied. A key can be generated, or a key can be generated by a public key generation method, a common key generation method, or the like that is conventionally known.

In the above-described embodiment, only the input order information of the fingerprint or character string is used in combination with the code. However, other information such as the position code 01 for the thumb and the position code 03 for the middle finger are used. These position codes may be input from the input means 3 when the fingerprints are assigned and the fingerprint is read, and the fingerprint read information may be combined with the fingerprint codes.
Further, when a plurality of biological information reading devices are used, it is also possible to use the input device information of each of the plurality of information. That is, a key is generated by arbitrarily combining input mode information such as input order information of each of a plurality of information, input device information of each of a plurality of information, and biological part information of each of a plurality of information with a fingerprint or a character string. It is possible.

According to the configuration of this embodiment, the key is generated based on a composite code obtained by combining a code generated from an arbitrary character string and a code based on biometric information in an arbitrary order. According to the configuration of the second embodiment, it is possible to generate much more different codes, to complicate the combination thereof, to generate a code with a large amount of information, and to improve security.

In the above embodiment, a fingerprint was taken as an example of biometric information. However, in addition to the fingerprint, "personal information unique to the person", such as a voiceprint, a fundus pattern, a DNA, etc.
Patterns and the like can also be used.

(3-2) Decoding Device The configuration of the decoding device of this embodiment is basically realized by the configuration of the first embodiment shown in FIG. However, the control means 13 displays on the display means 14 a message prompting the user to select a fingerprint input or a character string input, a message prompting the user to input a fingerprint, a message prompting the user to execute a character string input, and a message indicating whether to generate a key. The control unit 13 executes a display for prompting a determination as to whether or not to perform the determination based on these instructions.

The control means 13 further controls the temporary storage means 20 to store information relating to the input order of fingerprint input and character string input. The temporary storage means 20 also stores information about the input order in addition to the fingerprint code and the intermediate code.

The key generation means 21 generates a key based on both the fingerprint code and the intermediate code input from the control means 13 and outputs the key to the decryption means 22. Hereinafter, the processing of the decoding device according to the third embodiment will be described with reference to the flow in FIG.

In step S101, a counter indicating the number of fingerprints read is initialized to 0 (N = 0). This counter records the input order of the fingerprint or character string input by the user, and is stored in the temporary storage unit 20 in FIG. 12 as information constituting “input order information”. Next, in step S102, the counter is incremented, and in step S103, a display is displayed on the display unit 14 shown in FIG. 12 to prompt the user to select whether to input a fingerprint or a character string.

In step S104, it is determined whether the selection input from input means 15 shown in FIG. 12, that is, whether the fingerprint input or the character input is selected.

If the user selects fingerprint input in step S104, the process proceeds to step S105. In step S105, a message is displayed on the display unit 14 shown in FIG.
At 106, fingerprint input is performed using the fingerprint pattern reading means 16.

Next, in step S107, FIG.
A fingerprint code generation process is executed in the fingerprint code generation means 17 shown. When the fingerprint code is generated from the read fingerprint data, in step S108, the fingerprint code and
The counter value indicating the input order: N is stored in the temporary storage means 20.

If the user selects character string input in step S104, the flow advances to step S109. In step S109, the display unit 14 shown in FIG.
Is displayed to prompt the user to enter a character string,
In step S110, a character string is input using the character string input unit 18.

Next, in step S111, FIG.
An intermediate code generation process based on the input character string is executed in the intermediate code generation means 19 shown in FIG. When the intermediate code is generated, the intermediate code and a counter value N indicating the input order are stored in the temporary storage means 20 in step S112.

Next, in step S113, a display requesting an input for designating whether or not to execute the key generation process based on the input data is executed on the display means 14. When performing the key generation process based on the input data, the user specifies execution of the key generation process via the input unit 3, for example. Further, when the fingerprint input processing or the character string input processing is to be continuously performed, step S1
14, the process returns to step S102, and step S11
The processing up to 3 is repeatedly executed.

If it is determined in step S114 that key generation has been selected, the flow advances to step S115.

In step S115, the fingerprint code, the intermediate code, and the counter value N indicating the input order corresponding to each code stored in the temporary storage means 20 are read. In step S116, based on the read fingerprint code, the intermediate code, and the counter value N indicating the input order corresponding to each code, the key generation unit 2 shown in FIG.
In step 1, a key generation process is performed.

When the key generation is completed, step S117
In step (1), data to be decrypted is input from the data input unit 23 to the decryption unit 22. Next, in step S118, the decryption process of data based on the generated key is performed in the encryption unit 22. The decrypted data generated by the decryption process is stored in step S119.
, Is output by the data output means 24.

The method of calculating the key is the same as that of the encryption device. The one-way function is applied to the data shown in FIG. 19 or the data based on the fingerprint code, the intermediate code, and the counter value N indicating the input order. For example, a key can be generated by applying various processes, or a public key generation method, a common key generation method, or the like can be used.

[0213] In the above-described embodiment, a fingerprint was taken as an example of biometric information. However, in addition to the fingerprint, "personal information" such as a voiceprint, a fundus pattern, a DNA, and the like may be used.
Patterns and the like can also be used.

Further, in the above-described embodiment, only the input order information of the fingerprint or the character string is used in combination with the code. However, other information such as the position code 01 for the thumb and the position code 03 for the middle finger are used. These position codes may be input from the input means 3 when the fingerprints are assigned and the fingerprint is read, and the fingerprint read information may be combined with the fingerprint codes.
Further, when a plurality of biological information reading devices are used, it is also possible to use the input device information of each of the plurality of information. That is, a key is generated by arbitrarily combining input mode information such as input order information of each of a plurality of information, input device information of each of a plurality of information, and biological part information of each of a plurality of information with a fingerprint or a character string. It is possible.

According to the configuration of this embodiment, the key is generated based on a composite code obtained by combining a code generated from an arbitrary character string and a code based on biometric information in an arbitrary order. According to the configuration of the second embodiment, it is possible to generate much more different codes, to complicate the combination thereof, to generate a code with a large amount of information, and to improve security.

[Other Embodiments] Hereinafter, other embodiments including the encryption device and the decryption device of the present invention will be described. In the following description, an example in which a device corresponding to the above-described first embodiment, that is, a configuration in which a key is generated using either a fingerprint code or an intermediate code is applied, is shown. It is also possible to apply a configuration using a code and a configuration in which both codes of the third embodiment are arbitrarily combined.

(4-1) Data Transmission Device Equipped with Encryption Device FIG. 21 is a block diagram showing the configuration of a data transmission device provided with an encryption device according to the present invention. In the data transmission device shown in FIG. 21, the fingerprint code generation means, the intermediate code generation means, the key generation means, the encryption means, the control means, and the temporary storage means shown in FIG.

The microcomputer 29 for realizing the fingerprint code generation means, the intermediate code generation means, the key generation means, the encryption means, the control means, and the temporary storage means displays on the LCD 30 as a display means "a user can select either a fingerprint or a character string. Display that prompts the user to select whether to input a character string ”,“ display that prompts the user to input a fingerprint ”, or“ display that prompts the user to input a character string ”
The display according to various processes, such as, is executed. The microcomputer 29 receives various instruction inputs from the user via the keyboard 31. Further, the microcomputer 29 executes a process of generating a fingerprint code from the fingerprint image input by the scanner 32, and stores the fingerprint code in a RAM serving as a temporary storage unit. Further, the microcomputer 29 generates an intermediate code based on the character string input from the keyboard 31, and stores the intermediate code in a RAM serving as a temporary storage unit. Further, the microcomputer 29 has a RAM
And reads out one or more fingerprint codes and intermediate codes stored in the storage device and executes a key generation process. Further, the microcomputer 29 performs an encryption process on the data input from the memory 33 using the generated key, and outputs the data to the network interface 34.

[0219] The scanner 32 functioning as a fingerprint pattern reading means reads the fingerprint pattern and outputs it to the microcomputer 29.

A keyboard 31 which is a character string input means or an input means for various instructions inputs a character string which is a source of an intermediate code for key generation and outputs the character string to the microcomputer 29. Alternatively, various instructions of the user are input and output to the microcomputer 29.

The memory 33 serving as data input means outputs to the microcomputer 29 the data to be stored which is to be encrypted.

The network interface 34, which is data output means, outputs the encrypted data input from the microcomputer 29 to the network.

The LCD 30, which is a display means, displays a "display for prompting the user to select a fingerprint or a character string", a "display for prompting the user to input a fingerprint", or a "display for prompting the user to input a fingerprint" according to a command from the microcomputer 29. Display prompting the user to input a character string ".

A process for generating a fingerprint code from a fingerprint image by the microcomputer 29, a process for generating an intermediate code from a character string, a process for generating a key based on at least one of the fingerprint code and the intermediate code, and further using the generated key The processing of the encryption processing of input data
The same processing as described in (1) to (3) is executed. According to the data transmission device including the encryption device having the configuration shown in FIG. 21, a key is generated by a code sequence based on either biometric information or a character string, or both information, and encryption is performed using the key. The key is generated even in a situation where the input of biometric information is difficult, and the biometric information is combined with a character string to generate the biometric information. It is possible to reduce the amount of information obtained from the information and increase the amount of information as a key generation code, and it is possible to generate an infinite number of different codes according to a combination mode of biometric information and a character string. Is achieved.

Although the present embodiment has been described using a fingerprint as an example of the biometric information, other than the fingerprint, "personal information" such as a voiceprint, a fundus pattern, a DN, etc.
An A pattern or the like can be used, and a key generation code can be generated by arbitrarily combining these pieces of biometric information.

(4-2) Data Receiving Apparatus Equipped with Decoding Apparatus FIG. 22 is a block diagram showing the configuration of a data receiving apparatus equipped with a decoding apparatus according to the present invention. In the data receiving device shown in FIG. 22, the fingerprint code generating means, the intermediate code generating means, the key generating means, the encrypting means, the controlling means shown in FIG.
The temporary storage means is realized by one microcomputer 35.

The microcomputer 35 for realizing the fingerprint code generation means, the intermediate code generation means, the key generation means, the encryption means, the control means, and the temporary storage means displays on the LCD 36 as a display means that the user is provided with either a fingerprint or a character string. And a display that prompts the user to input a fingerprint, or a display that prompts the user to start generating a key. Also,
The microcomputer 35 receives various inputs from the keyboard 37 such as a fingerprint input start instruction and a key generation start instruction. Also, the microcomputer 35
The scanner 38 executes a process of generating a fingerprint code from the input fingerprint image, and stores the R as a temporary storage unit.
It is stored in the AM together with the fingerprint reading information. Further, the microcomputer 35 generates an intermediate code based on the character string input from the keyboard 37, and stores the intermediate code in a RAM serving as a temporary storage unit. Further, the microcomputer 35 reads out one or more fingerprint codes and intermediate codes stored in the RAM and executes a key generation process. Further, the microcomputer 35 performs a decryption process on the data input from the network interface 39 using the generated key, and outputs the decrypted data to the memory 40.

A scanner 38 functioning as a fingerprint pattern reading means reads a fingerprint pattern and outputs it to the microcomputer 35.

A keyboard 37, which is a character string input means or an input means for various instructions, inputs a character string which is a source of an intermediate code for key generation and outputs it to the microcomputer 35. Alternatively, various instructions of the user are input and output to the microcomputer 35.

[0230] The network interface 39 serving as data input means outputs encrypted data input from the network to the microcomputer 35.

[0231] The memory 40, which is the data output means, stores therein the decoded data input from the microcomputer 35.

The LCD 36, which is a display means, displays a "display for prompting the user to select a fingerprint or a character string", a "display for prompting the user to input a fingerprint", or a "display for prompting the user to input a fingerprint" according to a command from the microcomputer 35. Display prompting the user to input a character string ".

A process for generating a fingerprint code from a fingerprint image by the microcomputer 35, a process for generating an intermediate code from a character string, a process for generating a key based on at least one of the fingerprint code and the intermediate code, and further using the generated key The decoding process of the input data is performed according to the first embodiment.
The same processing as described in (1) to (3) is executed. The data receiving apparatus provided with the decoding apparatus having the configuration shown in FIG. 22 generates a key using a code string based on either the biometric information or the character string, or both information, and performs a decoding process using the key. Is executed, it is possible to generate a key even in a situation where input of biometric information is difficult, and by combining biometric information and a character string, information obtained from biometric information can be reduced, and a key can be generated. The amount of information as a generation code can be increased, and countless different codes can be generated according to a combination mode of biometric information and a character string, thereby enhancing security.

Although the present embodiment has been described using a fingerprint as an example of biometric information, other than fingerprints, "personal information unique to the person", such as a voiceprint, a fundus pattern, a DN, etc.
An A pattern or the like can be used, and a key generation code can be generated by arbitrarily combining these pieces of biometric information.

(4-3) Data Transmission System FIG. 23 is a diagram showing a data transmission system constituted by a combination of the data transmission device of FIG. 21 and the data reception device of FIG.

The data transmission device 41 has its own memory 42
Is encrypted based on the fingerprint code and the intermediate code, and output to the network 43 via the network interface.

The data receiving device 44 is connected to the network 43
Decrypts the encrypted data input through the network interface based on the fingerprint code and the intermediate code, and stores the decrypted data in its own memory 45.

Data transmitting device 41, data receiving device 44
A process of generating a fingerprint code from a fingerprint image by a microcomputer in the process, a process of generating an intermediate code from a character string, a process of generating a fingerprint code, a key based on the intermediate code,
Further, in the process of decrypting the input data using the generated key, the same process as described in the first to third embodiments is executed. The data transmission system having the configuration shown in FIG.
Biometric information and a character string are selectively or sequentially input, a key is generated by a code string based on any of the biometric information and the character string, or a combination thereof, and an encryption process and a decryption process are performed using the key. It is possible to generate a key even in a situation where input of biometric information is difficult, and by combining biometric information and a character string, it is possible to reduce information obtained from biometric information and to generate a key generation code. As a result, it is possible to generate an infinite number of different codes according to the combination mode of the biometric information and the character string, and to achieve enhanced security.

Although the present embodiment has been described using a fingerprint as an example of biometric information, in addition to a fingerprint, "personal information", such as a voiceprint, a fundus pattern, a DN
An A pattern or the like can be used, and a key generation code can be generated by arbitrarily combining these pieces of biometric information.

(4-4) Data Receiving Apparatus Equipped with an Encrypting Apparatus FIG. 24 is a block diagram showing the configuration of a data transmitting apparatus equipped with an encrypting apparatus according to the present invention. In the data transmission device shown in FIG. 24, the fingerprint code generation means, intermediate code generation means, key generation means, encryption means, control means, and temporary storage means shown in FIG.

The microcomputer 46 for realizing the fingerprint code generation means, the intermediate code generation means, the key generation means, the encryption means, the control means, and the temporary storage means displays on the LCD 47 as a display means that “the user is given either a fingerprint or a character string. Display that prompts the user to select whether to input a character string ”,“ display that prompts the user to input a fingerprint ”, or“ display that prompts the user to input a character string ”
The display according to various processes, such as, is executed. The microcomputer 46 receives various instruction inputs from the user via the keyboard 48. Further, the microcomputer 46 executes a process of generating a fingerprint code from the fingerprint image input by the scanner 49, and stores the fingerprint code together with the fingerprint reading information in the RAM as a temporary storage unit.
Further, the microcomputer 46 includes a keyboard 48
An intermediate code is generated based on the character string input from, and is stored in the RAM as temporary storage means. Further, the microcomputer 46 reads out one or more fingerprint codes and intermediate codes stored in the RAM and executes a key generation process.
Further, the microcomputer 46 performs an encryption process on the data input from the network interface 50 using the generated key, and outputs the data to the memory 51.

A scanner 49 functioning as a fingerprint pattern reading means reads a fingerprint pattern and outputs the fingerprint pattern to the microcomputer 46.

A keyboard 48, which is a character string input means or an input means for various instructions, inputs a character string which is a source of an intermediate code for key generation and outputs the character string to the microcomputer 46. Alternatively, various instructions of the user are input and output to the microcomputer 46.

The network interface 50 serving as data input means outputs data to be encrypted input from the network to the microcomputer 46.

A memory 51 serving as a data output means stores the encrypted data input from the microcomputer 46.

The LCD 47, which is a display means, displays a "display for prompting the user to select a fingerprint or a character string", a "display for prompting the user to input a fingerprint", or a "display for prompting the user to input a fingerprint" according to a command from the microcomputer 46. Display prompting the user to input a character string ".

A process for generating a fingerprint code from a fingerprint image by the microcomputer 46, a process for generating an intermediate code from a character string, a process for generating a key based on at least one of the fingerprint code and the intermediate code, and further using the generated key The same processing as that described in the first to third embodiments is executed for the encryption processing of the input data. This figure 2
According to the data receiving device provided with the encryption device having the configuration of 4, the key is generated by a code sequence based on either the biometric information or the character string, or both information, and the encryption process is performed using the key. And output it to the network via the network interface, it is possible to generate a key even in situations where the input of biometric information is difficult, and by combining biometric information and character strings, It is possible to reduce the amount of information obtained and increase the amount of information as a key generation code, and it is possible to generate an infinite number of different codes according to the combination of biometric information and a character string, thereby enhancing security. Is achieved.

Although the present embodiment has been described using a fingerprint as an example of the biometric information, other than the fingerprint, "personal information unique to the person" such as a voiceprint, a fundus pattern, a DN, etc.
An A pattern or the like can be used, and a key generation code can be generated by arbitrarily combining these pieces of biometric information.

(4-5) Data Transmitting Apparatus Equipped with Decoding Apparatus FIG. 25 is a block diagram showing the configuration of a data transmitting apparatus equipped with a decoding apparatus according to the present invention. In the data transmission device shown in FIG. 25, the fingerprint code generation means, intermediate code generation means, key generation means, encryption means, control means shown in FIG.
The temporary storage unit is realized by one microcomputer 52.

The microcomputer 52 that realizes the fingerprint code generation means, the intermediate code generation means, the key generation means, the encryption means, the control means, and the temporary storage means displays on the LCD 53 as a display means “a user can select either a fingerprint or a character string. And a display that prompts the user to input a fingerprint, or a display that prompts the user to start generating a key. Also,
The microcomputer 52 receives various inputs such as a fingerprint input start instruction from the keyboard 54 by the user.
Further, the microcomputer 52 executes a process of generating a fingerprint code from the fingerprint image input by the scanner 55, and stores the fingerprint code together with the fingerprint reading information in a RAM serving as a temporary storage unit. Further, the microcomputer 52 generates an intermediate code from the character string input from the keyboard 54, and stores the intermediate code in the RAM serving as a temporary storage unit. Further, the microcomputer 52 reads out the fingerprint code and the intermediate code stored in the RAM and executes a key generation process. Further, the microcomputer 52
Decrypts the data stored in the memory 56 using the generated key, and outputs the decrypted data to the network via the network interface 57.

The keyboard 54, which is a character string input means or an input means for various instructions, inputs a character string that is a source of an intermediate code for key generation and outputs the character string to the microcomputer 52. Alternatively, various instructions of the user are input and output to the microcomputer 52.

A scanner 55 functioning as a fingerprint pattern reading means reads a fingerprint pattern and outputs the fingerprint pattern to the microcomputer 52.

The memory 56 serving as data input means outputs to the microcomputer 52 the data to be decoded stored therein.

[0254] The network interface 50, which is data output means, outputs the decoded data input from the microcomputer 52 to the network.

The LCD 53, which is a display means, displays a "display for prompting the user to select a fingerprint or a character string", a "display for prompting the user to input a fingerprint", or a "display for prompting the user to input a fingerprint" according to a command from the microcomputer 52. Display prompting the user to input a character string ".

A process of generating a fingerprint code from a fingerprint image by the microcomputer 52, a process of generating an intermediate code from a character string, a process of generating a key based on at least one of the fingerprint code and the intermediate code, and further using the generated key The decoding process of the input data is performed according to the first embodiment.
The same processing as described in (1) to (3) is executed. The data transmitting apparatus provided with the decoding apparatus having the configuration shown in FIG. 25 generates a key using a code string based on either the biometric information or the character string, or both information, and performs a decoding process using the key. Is executed, it is possible to generate a key even in a situation where input of biometric information is difficult, and by combining biometric information and a character string, information obtained from biometric information can be reduced, and a key can be generated. The amount of information as a generation code can be increased, and countless different codes can be generated according to a combination mode of biometric information and a character string, thereby enhancing security.

In the present embodiment, the fingerprint is described as an example of the biometric information. However, other than the fingerprint, "personal information unique to the person", such as a voiceprint, a fundus pattern, a DN, etc.
An A pattern or the like can be used, and a key generation code can be generated by arbitrarily combining these pieces of biometric information.

(4-6) Data Storage System FIG. 26 is a diagram showing a data storage system constituted by a combination of the data receiving device of FIG. 24 and the data transmitting device of FIG.

The data receiving device 58 is connected to the network 61
Is encrypted based on information on one or both of the fingerprint code and the intermediate code and stored in the connected memory 59.

The data transmitting device 60 decodes the data stored in the memory 59 based on the information of one or both of the fingerprint code and the intermediate code, and outputs the decoded data to the network 61 via the network interface.

Data receiving device 58, data transmitting device 60
A process of generating a fingerprint code from a fingerprint image by a microcomputer in the process, a process of generating an intermediate code from a character string, a process of generating a fingerprint code, a key based on the intermediate code,
Further, in the process of decrypting the input data using the generated key, the same process as described in the first to third embodiments is executed. The data storage system having the configuration shown in FIG.
Biometric information and a character string are selectively or sequentially input, a key is generated by a code string based on any of the biometric information and the character string, or a combination thereof, and an encryption process and a decryption process are performed using the key. It is possible to generate a key even in a situation where input of biometric information is difficult, and by combining biometric information and a character string, it is possible to reduce information obtained from biometric information and to generate a key generation code. As a result, it is possible to generate an infinite number of different codes according to the combination mode of the biometric information and the character string, and further enhance the security of the stored data in the data transfer on the network. Achieved.

Although the present embodiment has been described using a fingerprint as an example of biometric information, other than fingerprints, "personal information unique to the person", such as a voiceprint, a fundus pattern, a DN, etc.
An A pattern or the like can be used, and a key generation code can be generated by arbitrarily combining these pieces of biometric information.

The present invention has been described in detail with reference to the specific embodiments. However, it is obvious that those skilled in the art can modify or substitute the embodiment without departing from the spirit of the present invention. That is, the present invention has been disclosed by way of example, and should not be construed as limiting. For example, in the above-described embodiment, the encryption device and the decryption device have been described separately. However, the encryption device and the decryption device can be easily described based on the description of the method of removing the device that performs both the encryption and decryption processes. Obviously, the present invention can be realized, and a system for executing both of these processes is also included in the scope of the present invention. As biometric information, in addition to fingerprints, voiceprints,
Applying fundus pattern, DNA pattern, etc.
This can be easily conceived based on the above embodiment.
In order to determine the gist of the present invention, the claims described at the beginning should be considered.

[0264]

As described above, as described above, the encryption key generation device, the encryption / decryption device, and the encryption key generation method according to the present invention,
According to the encryption / decryption method, a configuration is realized in which a key required for encryption or decryption can be generated regardless of whether biometric information or a character string is input.

Further, according to the configuration of the present invention, it is possible to generate a key based on a code obtained by combining biometric information and a character string, so that information obtained from individual biometric information can be reduced and It is possible to increase the amount of information as a code. That is, according to the configuration of the present invention, since the key generation code is generated by combining the biometric information and the character string, the amount of individual data as the base is small. Therefore, for example, it is not required to improve the reading accuracy of fingerprint information.

Further, the encryption key generation device of the present invention
According to the decryption device, the encryption key generation method, and the encryption / decryption method, since the key generation code is generated by combining the biometric information and the character string, different codes can be generated according to the combination mode. , Security is more enhanced.

[Brief description of the drawings]

FIG. 1 is a block diagram illustrating a configuration of an encryption device according to a first embodiment of the present invention.

FIG. 2 is a block diagram showing a configuration of a control unit in the encryption device according to the present invention.

FIG. 3 is a diagram showing a processing flow of the first embodiment of the encryption device according to the present invention.

FIG. 4 is a diagram illustrating area division in a fingerprint code generation process in the encryption device and the decryption device of the present invention.

FIG. 5 is a diagram illustrating direction data in a fingerprint code generation process in the encryption device and the decryption device of the present invention.

FIG. 6 is a diagram illustrating a direction data string in a fingerprint code generation process in the encryption device and the decryption device according to the present invention.

FIG. 7 is a diagram illustrating a correspondence table between a direction data string and a fingerprint number used in a fingerprint code generation process in the encryption device and the decryption device of the present invention.

FIG. 8 is a diagram showing a processing flow of fingerprint code generation processing in the encryption device and the decryption device of the present invention.

FIG. 9 is a diagram showing a processing flow of an intermediate code generation process in the encryption device and the decryption device of the present invention.

FIG. 10 is a diagram showing a processing flow of key generation processing in the encryption device and the decryption device of the present invention.

FIG. 11 is a diagram showing a processing flow of an encryption process in the encryption device of the present invention.

FIG. 12 is a block diagram illustrating a configuration of a first embodiment of a decoding device according to the present invention.

FIG. 13 is a diagram showing a processing flow of Embodiment 1 of the decoding device according to the present invention.

FIG. 14 is a diagram showing a processing flow of a decoding process in the decoding device of the present invention.

FIG. 15 is a diagram showing a processing flow of an encryption process in Embodiment 2 of the encryption device according to the present invention.

FIG. 16 is a diagram showing a processing flow of key generation processing in Embodiment 2 of the encryption device and the decryption device according to the present invention.

FIG. 17 is a diagram showing a processing flow of a decoding process in Embodiment 2 of the decoding device according to the present invention.

FIG. 18 is a diagram illustrating a processing flow of an encryption process in a third embodiment of the encryption device according to the present invention.

FIG. 19 is a diagram showing a processing flow of key generation processing in Embodiment 3 of the encryption device and the decryption device according to the present invention.

FIG. 20 is a diagram illustrating a processing flow of a decoding process in Embodiment 3 of the decoding device according to the present invention.

FIG. 21 is a block diagram illustrating a configuration of a data transmission device including an encryption device according to the present invention.

FIG. 22 is a block diagram illustrating a configuration of a data receiving device including a decoding device according to the present invention.

23 is a block diagram of a data transmission system configured by the data transmission device of FIG. 21 and the data reception device of FIG.

FIG. 24 is a block diagram illustrating a configuration of a data receiving device including an encryption device according to the present invention.

FIG. 25 is a block diagram illustrating a configuration of a data transmission device including a decoding device according to the present invention.

26 is a block diagram of a data storage system configured by the data receiving device of FIG. 24 and the data transmitting device of FIG. 25.

[Explanation of symbols]

 1,13 control means 2,14 display means 3,15 input means 4,16 fingerprint pattern reading means 5,17 fingerprint code generation means 6,18 character string input means 7,19 intermediate code generation means 8,20 temporary storage means 9 , 21 key generation means 10 encryption means 11, 23 data input means 12, 24 data output means 22 decryption means 25 CPU 26 I / O interface 27 RAM 28 ROM 29, 35, 46, 52 microcomputers 30, 36, 47 , 53 LCD 31, 37, 48, 54 keyboard 32, 38, 49, 55 scanner 33, 40, 51, 56 memory 34, 39, 50, 57 network interface 41, 60 data transmission device 42, 45, 59 memory 43, 61 network 44,58 data receiving device

 ──────────────────────────────────────────────────続 き Continued on the front page F term (reference) 5B085 AE13 AE25 AE29 5J104 AA07 AA16 EA06 JA03 KA16 KA17 KA18 KA19 NA02 NA37 NA38 PA07

Claims (31)

[Claims] 1. Biometric information reading means for obtaining biometric information, biometric code generating means for generating a biometric code based on a plurality of biometric information obtained by the biometric information reading means, and a character string input for inputting a character string Means, an intermediate code generating means for generating an intermediate code based on the character string input by the character string input means, and a biological code generated by the biological code generating means, or an intermediate code generated by the intermediate code generating means. A storage unit for storing at least one of the codes, and an encryption process based on at least one of the biometric code generated by the biometric code generation unit and the intermediate code generated by the intermediate code generation unit. Or key generation means for generating a key applied to the decryption processing. Encryption key generation device that. 2. The method according to claim 1, wherein the key generation unit performs an encryption process or a decryption process by an arithmetic process based on both the biometric code generated by the biometric code generation unit and the intermediate code generated by the intermediate code generation unit. The encryption key generation device according to claim 1, further comprising a configuration for generating a key applied to a process. 3. The biometric code generated by one or more biometric code generation means, the intermediate code generated by one or more intermediate code generation means, and the one or more biometric codes generated by the one or more biometric code generation means. Obtaining input mode information for each of the one or more intermediate codes and generating a key to be applied to an encryption process or a decryption process based on the one or more biometric codes, the one or more intermediate codes, and the input mode information; 2. The encryption key generation device according to claim 1, wherein the encryption key generation device has a configuration that performs the following. 4. The input mode information includes at least biometric information or character string input order information used for key generation, biometric information or character string reading device information used for key generation, and biometric part of biometric information used for key generation. The encryption key generation device according to claim 3, wherein the encryption key generation device includes any one of: 5. The biometric information read by the biometric information reading means is any of a fingerprint, a fundus image, a voiceprint, and a DNA pattern, or a combination of two or more biometric information of a fingerprint, a fundus image, a voiceprint, and a DNA pattern. The encryption key generation device according to claim 1, wherein: 6. The biometric information read by the biometric information reading means is fingerprint information, and the biometric code generation means identifies a ridge direction of a concavo-convex pattern of a fingerprint in a plurality of areas obtained by dividing the fingerprint image. 2. The encryption key generation device according to claim 1, wherein a biometric code is generated by associating a code corresponding to a ridge direction for each of the plurality of regions. 7. The biometric code generating means includes correspondence table means for associating an output biometric code with a data sequence based on the biometric information obtained by the biometric information reading means, The encryption key generation device according to claim 1, further comprising a configuration for outputting a biometric code based on the correspondence table. 8. The method according to claim 1, wherein the key generated by the key generation means is one of a common key in a common key encryption method, a public key in a public key encryption method, and a secret key. Encryption key generator. 9. A data input means for inputting data to be encrypted, a biometric information reading means for obtaining biometric information, and a biometric code for generating a biometric code based on the plurality of biometric information obtained by said biometric information reading means. Generating means, character string input means for inputting a character string, intermediate code generating means for generating an intermediate code based on the character string input in the character string input means, and a biological code generated by the biological code generating means Or storage means for storing at least one of the intermediate codes generated by the intermediate code generation means; and at least one of the biological code generated by the biological code generation means, or the intermediate code generated by the intermediate code generation means A key that generates a key to be applied to the encryption process based on one of the codes Generating means, encrypting means for performing an encryption process on data input from the data input means based on the key generated by the key generating means, and output means for outputting data encrypted by the encrypting means. An encryption device comprising: 10. The key generation means is applied to encryption processing by an arithmetic processing based on both the biometric code generated by the biometric code generation means and the intermediate code generated by the intermediate code generation means. The encryption device according to claim 9, wherein the encryption device has a configuration for generating a key. 11. The biometric code generated by one or more biometric code generation means, wherein the key generation means comprises:
Acquiring the intermediate code generated by the above-described intermediate code generation means and input mode information for each of the one or more biometric codes or the one or more intermediate codes;
10. The encryption apparatus according to claim 9, wherein a key to be applied to an encryption process is generated based on the biometric code, the one or more intermediate codes, and the input mode information. 12. The input mode information includes at least biometric information or character string input sequence information used for key generation, biometric information or character string reading device information used for key generation, and biometric part of biometric information used for key generation. The encryption device according to claim 11, wherein the encryption device includes: 13. The biological information read by the biological information reading means may be any one of a fingerprint, a fundus image, a voiceprint, and a DNA pattern, or two of a fingerprint, a fundus image, a voiceprint, and a DNA pattern.
The encryption apparatus according to claim 9, wherein the encryption apparatus is a combination of the above biological information. 14. The biometric information read by said biometric information reading means is fingerprint information, and said biometric code generation means identifies a ridge direction of a concavo-convex pattern of a fingerprint in a plurality of areas obtained by dividing a fingerprint image. The encryption device according to claim 9, wherein a biometric code is generated by associating a code corresponding to a ridge direction for each of the plurality of regions. 15. The biometric code generating means includes correspondence table means for associating an output biometric code with a data sequence based on the biometric information acquired by the biometric information reading means. The encryption device according to claim 9, further comprising a configuration for outputting a biometric code based on the correspondence table. 16. The method according to claim 9, wherein the key generated by the key generation means is one of a common key in a common key encryption system, a public key and a private key in a public key encryption system. Encryption device. 17. A data input unit for inputting data to be decrypted, a biological information reading unit for obtaining biological information, and a biological code for generating a biological code based on the plurality of biological information obtained by the biological information reading unit. Generating means, character string input means for inputting a character string, intermediate code generating means for generating an intermediate code based on the character string input in the character string input means, and a biological code generated by the biological code generating means Or storage means for storing at least one of the intermediate codes generated by the intermediate code generation means; and at least one of the biological code generated by the biological code generation means, or the intermediate code generated by the intermediate code generation means Generate a key for decryption based on one of the codes Generating means, decoding means for executing a decoding process of data input from the data input means based on the key generated by the key generating means, and output means for outputting the data decoded by the decoding means. A decoding device comprising: 18. The key generation means is applied to a decryption process by an arithmetic process based on both the biometric code generated by the biometric code generation means and the intermediate code generated by the intermediate code generation means. 18. The decryption device according to claim 17, wherein the decryption device has a configuration for generating a key. 19. The biometric code generated by one or more biometric code generation means, wherein the key generation means includes:
Acquiring the intermediate code generated by the above-described intermediate code generation means and input mode information for each of the one or more biometric codes or the one or more intermediate codes;
The decryption apparatus according to claim 17, further comprising a configuration for generating a key applied to a decryption process based on the biometric code, the one or more intermediate codes, and the input mode information. 20. The input mode information includes at least biometric information or character string input order information used for key generation, biometric information or character string reading device information used for key generation, and biometric part of biometric information used for key generation. 20. The decoding device according to claim 19, wherein the decoding device includes: 21. Biological information read by the biological information reading means is any of a fingerprint, a fundus image, a voiceprint, and a DNA pattern, or two of a fingerprint, a fundus image, a voiceprint, and a DNA pattern.
18. The decoding device according to claim 17, wherein the decoding device is a combination of the biological information. 22. The biometric information read by the biometric information reading means is fingerprint information, and the biometric code generation means identifies a ridge direction of a concavo-convex pattern of a fingerprint in a plurality of areas obtained by dividing a fingerprint image. 18. The decoding apparatus according to claim 17, wherein a biometric code is generated by associating a code corresponding to a ridge direction for each of the plurality of regions. 23. The biometric code generating means includes correspondence table means for associating an output biometric code with a data sequence based on biometric information acquired by the biometric information reading means, The decoding device according to claim 17, further comprising a configuration for outputting a biometric code based on the correspondence table. 24. The method according to claim 17, wherein the key generated by the key generation means is one of a common key in a common key encryption system, a public key and a private key in a public key encryption system. Decoding device. 25. Data input means for inputting data to be encrypted or decrypted, biometric information reading means for obtaining biometric information, and generating a biometric code based on the plurality of biometric information obtained by said biometric information reading means. Biometric code generating means, a character string input means for inputting a character string, an intermediate code generating means for generating an intermediate code based on the character string input in the character string input means, Storage means for storing at least one of the biological code generated by the intermediate code generating means, and the biological code generated by the biological code generating means, or the intermediate generated by the intermediate code generating means. Encryption or decryption based on at least one of the codes Key generation means for generating a key to be applied to processing, encryption means for executing encryption processing of data input from the data input means based on the key generated by the key generation means, and generation by the key generation means Decryption means for performing a decryption process on the data input from the data input means based on the obtained key, and output means for outputting the data encrypted by the encryption means or the decryption means. Encryption / decryption device. 26. A data transmission system having a data transmission device and a data reception device connected by a network, wherein the data transmission device includes a memory unit for storing data to be encrypted, and biometric information for acquiring biometric information. Reading means, biometric code generating means for generating a biometric code based on a plurality of pieces of biometric information acquired by the biometric information reading means, character string input means for inputting a character string, and input by the character string input means. Intermediate code generation means for generating an intermediate code based on a character string, and storage means for storing at least one of the biometric code generated by the biometric code generation means, or the intermediate code generated by the intermediate code generation means, The biological code generated by the biological code generation means, or the intermediate code Key generation means for generating a key to be applied to an encryption process based on at least one of the intermediate codes generated by the generation means; input from the memory means based on the key generated by the key generation means Encryption means for executing encryption processing of the encrypted data, and network interface means for outputting the data encrypted by the encryption means, wherein the data reception device is connected to the data transmission device via the network. Network interface means for receiving encrypted data, biometric information reading means for acquiring biometric information, biometric code generating means for generating a biometric code based on the plurality of biometric information obtained by the biometric information reading means, Character string input means for inputting a string; Intermediate code generation means for generating an intermediate code based on the obtained character string; and storage means for storing at least one of the biological code generated by the biological code generation means and the intermediate code generated by the intermediate code generation means. Key generation means for generating a key to be applied to decryption processing based on at least one of the biometric code generated by the biometric code generation means and the intermediate code generated by the intermediate code generation means A decryption unit that performs a decryption process on data input from the network interface unit based on the key generated by the key generation unit; and a memory that stores the data decrypted by the decryption unit. A data transmission system, characterized in that: 27. A data storage system comprising: a data receiving device and a data transmitting device connected to a network; and memory means connected to both the data receiving device and the data transmitting device. Network interface means for receiving data via a network, biometric information reading means for obtaining biometric information, biometric code generating means for generating a biometric code based on the plurality of biometric information obtained by the biometric information reading means Character string input means for inputting a character string; intermediate code generation means for generating an intermediate code based on the character string input in the character string input means; biometric code generated by the biometric code generation means; or At least one of the intermediate codes generated by the intermediate code generating means; And a key to be applied to the encryption process based on at least one of the biometric code generated by the biometric code generation means and the intermediate code generated by the intermediate code generation means. Key generating means for generating; encrypting means for performing an encryption process on data input from the network interface means based on the key generated by the key generating means; and outputting data encrypted by the encrypting means. Network interface means, wherein the memory means stores the encrypted data encrypted by the encryption means in the data receiving device, and the data transmitting device comprises: biometric information reading means for obtaining biometric information And a plurality of pieces of biological information obtained by the biological information reading means. Biometric code generating means for generating a biometric code based on the biometric code; a character string input means for inputting a character string; an intermediate code generating means for generating an intermediate code based on the character string input in the character string input means; Storage means for storing at least one of the biometric code generated by the generation means and the intermediate code generated by the intermediate code generation means; and the biometric code generated by the biometric code generation means or the intermediate code generation means Key generation means for generating a key to be applied to a decryption process based on at least one of the intermediate codes generated in the above, and data input from the memory means based on the key generated in the key generation means Decoding means for executing a decoding process of And a network interface means for outputting data. 28. An encryption key generation method for generating an encryption key used for encryption processing or decryption processing, comprising: a biometric information reading step for obtaining biometric information; and a plurality of biometric information obtained in the biometric information reading step. A biometric code generating step of generating a biometric code based on a character string; a character string inputting step of inputting a character string; an intermediate code generating step of generating an intermediate code based on the character string input in the character string inputting step; Biometric code generated in the code generation step,
Alternatively, a storage step of storing at least one of the intermediate codes generated by the intermediate code generation means, and at least one of the biological code generated in the biological code generation step and the intermediate code generated in the intermediate code generation step A key generation step of generating a key to be applied to an encryption process or a decryption process based on one of the codes. 29. A data input step for inputting data to be encrypted, a biometric information reading step for obtaining biometric information, and a biometric code for generating a biometric code based on the plurality of biometric information obtained in the biometric information reading step. A generation step, a character string input step of inputting a character string, an intermediate code generation step of generating an intermediate code based on the character string input in the character string input step, and a biometric code generated in the biometric code generation step ,
Alternatively, a storage step of storing at least one of the intermediate codes generated by the intermediate code generation means, and at least one of the biological code generated in the biological code generation step and the intermediate code generated in the intermediate code generation step A key generation step of generating a key to be applied to an encryption process based on one of the codes; and a cipher performing an encryption process of the data input in the data input step based on the key generated in the key generation step. An encryption step, and an output step of outputting the data encrypted in the encryption step. 30. A data input step of inputting data to be decoded, a biometric information reading step of obtaining biometric information, and a biometric code for generating a biometric code based on the plurality of biometric information obtained in the biometric information reading step. A generation step, a character string input step of inputting a character string, an intermediate code generation step of generating an intermediate code based on the character string input in the character string input step, and a biometric code generated in the biometric code generation step ,
Alternatively, a storage step of storing at least one of the intermediate codes generated by the intermediate code generation means, and at least one of the biological code generated in the biological code generation step and the intermediate code generated in the intermediate code generation step A key generation step of generating a key applied to a decryption process based on one of the codes, and a decryption process of performing a decryption process of the data input in the data input step based on the key generated in the key generation step A decoding step, and an output step of outputting data decoded in the decoding step. 31. A program providing medium tangibly providing a computer program for causing a cryptographic key generation process to be executed on a computer system, the computer program comprising: a biometric information reading step for obtaining biometric information; A biometric code generating step of generating a biometric code based on the plurality of biometric information obtained in the biometric information reading step; a character string input step of inputting a character string; and a character string input in the character string input step. An intermediate code generating step of generating an intermediate code, and a biological code generated in the biological code generating step;
Alternatively, a storage step of storing at least one of the intermediate codes generated by the intermediate code generation means, and at least one of the biological code generated in the biological code generation step and the intermediate code generated in the intermediate code generation step A key generation step of generating a key to be applied to an encryption process or a decryption process based on one of the codes.