JP2002366030A - Hierarchical encryption / decryption method and apparatus, and recording medium - Google Patents

Abstract

(57) [Summary] [PROBLEMS] To encrypt a plurality of layered plaintext data while maintaining layering, and use a single decryption key set for each layer and the lower layer and the lower layer. The encrypted data belonging to each layer is decrypted. SOLUTION: A plaintext data inputting means 1 for inputting plaintext data to be encrypted, an area dividing means 2 for dividing the plaintext data into a plurality of areas, a first hierarchy covering all areas between the areas, A layer generating means for grouping a plurality of area groups included in accordance with a plurality of inclusive relations defined between areas included in one layer into a lower layer group of the first layer; and encrypting the layered areas. And encryption means 4A and 4B for generating a decryption key for each layer, wherein each key is a corresponding layer in the encrypted data and a lower layer of the layer. Decrypts the encrypted data belonging to.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention encrypts a plurality of plaintext data hierarchized in a tree structure while maintaining the hierarchies, and a single decryption key set for each hierarchy. The present invention relates to a hierarchical encryption / decryption method and apparatus for decrypting encrypted data belonging to the hierarchy and each lower hierarchy, and a recording medium.

[0002]

2. Description of the Related Art Conventionally, encrypted music data is distributed from a music server to a client using the Internet, and the client decrypts the distributed and encrypted music data with a secret key held in a reproducing apparatus and decrypts the data. Network distribution of data converted from analog to converted music data and output from a playback device as an audio signal is disclosed in, for example,
No. 0-90039.

[0003]

However, according to the conventional method, for example, a specific genre,
If there is a request to distribute a large number of singer's music data, the music server cannot distribute a large number of music data continuously to respond to the request from the distribution relation of other music data, so each music data must be distributed individually. Will be delivered to the client.

As a result, the charging process and the data distribution process according to the number of music data distributions become complicated, and the client device also decrypts the encrypted music data with a secret key every time the music data is distributed. Therefore, there is a problem that it takes time to reproduce the sound signal.

SUMMARY OF THE INVENTION The present invention has been made to solve the above-described problems, and it is possible to reduce the load of data distribution and the load of decoding of distributed data irrespective of a small number of data or a large number of data. It is an object of the present invention to provide a hierarchical encryption / decryption method and apparatus and a recording medium which can be made comparable to the case of distribution.

[0006]

According to a first aspect of the present invention, there is provided a hierarchical encryption / decryption method which includes a plurality of areas in a plaintext data arbitrarily included by a computer in which the encryption / decryption method is programmed. Grouping by relationship, generating a cipher for layering and encrypting each of the grouped areas, decrypting the layer to which the area group encrypted by this cipher belongs, and Generate a key for decrypting the encrypted area belonging to the hierarchy.

According to a second aspect of the present invention, there is provided a hierarchical encryption / decryption apparatus for encrypting and decrypting plaintext data by a computer in which an encryption / decryption method is programmed as shown in FIG. Data input means 1 for inputting plaintext data to be encrypted, area dividing means 2 for dividing plaintext data into a plurality of areas, and a second section which includes all areas between the areas. The first layer and a plurality of area groups included in accordance with a plurality of inclusive relations defined between the areas included in the first layer are referred to as the first group.
Hierarchy generating means 3 for grouping hierarchies into lower hierarchy groups
And encryption means 4A and 4B for encrypting the hierarchized area, using the plaintext data as encrypted data, and generating a decryption key for each layer. In the data, the corresponding layer and the encrypted data belonging to the lower layer of the layer are decrypted.

In the hierarchical encryption / decryption device according to the third aspect of the present invention, the encryption means 4A includes a random number generation unit 41, as shown in the basic configuration diagram of FIG. A first key generation unit for generating a first key for decrypting the encrypted data to which the first key belongs;
A first cipher generator 43 for generating a first cipher for encrypting a region belonging to a hierarchy, and a second cipher for encrypting each region belonging to a lower hierarchy based on the first key; And a second key generator 45 for generating, for each of the second ciphers, a second key for decrypting a ciphertext encrypted by the second cipher and belonging to a lower layer. 2. The hierarchical encryption / decryption device according to claim 1, further comprising: an encryption unit configured to encrypt each area based on the first and second ciphers.

In the hierarchical encryption / decryption device according to a fourth aspect of the present invention, the encryption means 4B includes a random number generation unit 41 as shown in the basic configuration diagram of FIG. A first key generation unit for generating a first key for decrypting the encrypted data to which the first key belongs, and a first key for generating a first cipher for encrypting an area belonging to the first hierarchy based on the first key.
A cipher generator 43, a second cipher generator 44 for generating a second cipher for encrypting an area belonging to a lower layer based on the first key, and encrypting data generated by the cipher. A second key generator 45 for generating a second key to be decrypted, a third cipher generator 47 for generating a third cipher for encrypting an area belonging to a lower order based on the second key, 3
A third key generator 48 for generating a third key for decrypting the encrypted data generated by the cipher, and an encryptor for encrypting each area based on the first, second, and third ciphers 49, the encrypted data belonging to a predetermined layer is decrypted with a key for decrypting the encrypted data and a key for decrypting the encrypted data belonging to each layer higher than the layer.

According to a fifth aspect of the present invention, there is provided a storage medium comprising: a plaintext data inputting procedure for inputting plaintext data to be encrypted; an area dividing procedure for dividing the plaintext data into a plurality of areas; A layer generation procedure for grouping one layer and a plurality of area groups included in accordance with a plurality of inclusive relations defined between the areas included in the first layer into a lower layer group of the first layer; Encrypting the encrypted area and using the plaintext data as encrypted data;
A program for causing a computer to execute an encryption procedure for generating a decryption key for each layer and to encrypt and decrypt plaintext data is recorded.

According to a sixth aspect of the present invention, there is provided an encryption procedure for a storage medium, comprising the steps of generating a random number, and generating a first key for decrypting encrypted data belonging to a first layer based on the generated random number. A first procedure for generating a first cipher for encrypting an area belonging to the first hierarchy based on the first key;
A cipher generating procedure, a second cipher generating procedure for generating a second cipher for encrypting each area belonging to a lower layer based on the first key, and a second cipher generating by the second cipher. A second key generation procedure for generating a second key for decrypting a ciphertext belonging to a lower layer for each of the second ciphers;
And an encryption procedure for encrypting each area based on the second cipher.

According to a seventh aspect of the present invention, there is provided an encryption procedure in a storage medium, comprising: a procedure for generating a random number; and a first key generation for generating a first key for decrypting encrypted data belonging to a first layer based on the generated random number. A procedure, a first cipher generating step for generating a first cipher for encrypting an area belonging to the first layer based on the first key, and an area belonging to a lower layer based on the first key. A second cipher generating procedure for generating a second cipher, a second key generating procedure for generating a second key for decrypting the encrypted data generated by the second cipher, and a second key generating procedure based on the second key. A third cipher generating procedure for generating a third cipher for further encrypting an area belonging to a lower order, and a third key generating for generating a third key for decrypting encrypted data generated by the third cipher. Procedures.

[0013]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiment 1 First, before describing an embodiment of the present invention, the concept of hierarchical encryption will be described with an example. Encryption methods are roughly classified into two types: secret key schemes in which the sender and receiver of information have the same key, and public key schemes in which the sender and receiver of information do not need to have the same key. Encryption Standard) and RSA (Rivest-Sh
amir-Adelman) are representatives of a secret key method and a public key method, respectively. The present invention is a secret key method.

As shown in FIG. 4A, conventionally, three pieces of independent information, which are plaintext data, are encrypted and secret information 1,
Decrypt (decrypt) each confidential information when creating 2 and 3
To do so, the secret keys K1, K2, K3
The secret key increases as the secret information increases, and the burden on key management increases.

However, as shown in FIG.
Although there is a secret key for each piece of secret information, each piece of information is encrypted so that there is a master key capable of decrypting any piece of secret information, and secret information 1, 2, and 3 are generated when the number of layers is two.
Is called a hierarchical encryption method. In this encryption method, the master key is the strongest first-layer key KM and the individual secret key K
1, K2, and K3 are weak second-level keys, and the burden of managing the secret key is reduced when information is centrally managed.

FIG. 4C shows an example of a hierarchical encryption method having three layers. Each piece of information is classified as confidential information A, highly confidential information B, and somewhat secret information C. The secret information A includes secret information B and C, and the secret information B includes secret information C. As described above, a group of information A, B, and C is provided so that the secret key KP1 that can decrypt the secret information A, the secret key KP2 that can decrypt only the secret information B, and the secret key KP3 that can decrypt only the secret information C exist.
To generate secret information A, B, and C is referred to as a three-layer hierarchical encryption method.

In this encryption method, secret information C is secret keys KP1, KP2, and KP3, and secret information B is secret key KP
1 and KP2, the secret information A can be decrypted with the secret key KP1. Therefore, the secret key KP1 is the strongest first-layer key that can decrypt the secret information A, the secret information B, and the secret information C, and the secret key KP2 has an intermediate strength that can decrypt the secret information B and the secret information C. A second level key, a secret key K
P3 is the weakest key for decrypting only the secret information C.

Next, a specific example of the hierarchical encryption method having two layers will be described with reference to FIG. In electronic money using the Internet, payment settlement companies (eg, credit card settlement companies) are secret keys (second-level keys) K1, K2, and K3 for each member and these first-level secret keys. A master key (a key capable of decrypting all secret information encrypted with the secret key of each member) KM is prepared, and each member is given a secret key K1, K2, K3, respectively.

When a member makes a purchase from a shopping site (electronic store) through the Internet and uses electronic money with a credit card for payment, each member uses his or her own secret key K1, K2, K3 to give his / her member ID ( For example, a credit card number) is encrypted and sent to an electronic store. Since the ID is encrypted, it cannot be read in an electronic store, and is not used for unauthorized use.

The electronic store sends the encrypted ID to the payment settlement company. The payment settlement company decrypts the sent ID by computer processing using the master key KM, and checks how much the member is going to purchase, checks the member's bank account, and determines whether it can be deducted from the balance. Find out. If possible, remit money to the online store; if not, notify the member to that effect.

As described above, each member has its own ID even with the secret key.
And the payment clearing company hierarchically encrypts the IDs of the members by computer processing so that the encrypted IDs of the members can all be decrypted with the master key KM without depending on the secret keys K1, K2, K3.

Next, a hierarchical encryption method having three layers will be described with a specific example. The difference between the layered encryption method having three layers and the ordinary encryption method is as follows. In normal encryption, when the plaintext data is divided into three, concealment (encryption) is performed on each plaintext data, and three secret keys to be decrypted together with the encryption are required. There is no inclusion relationship between the three plaintext data. That is, when the plaintext data is M and its subset is Mi, it is necessary to divide the data so that the following relationship is obtained.

M ₁ ∪M ₂ ∪M ₃ = M (1) Mi∩Mj = φ (i ≠ j) (2)

On the other hand, in the present hierarchical encryption method, the number of keys required when the plaintext is divided into three is three, but the plaintext to be concealed can have an inclusive relation. That is, the following methods are possible.

M ₁ ⊂M ₂ ⊂M ₃ = M (3)

Alternatively, the following method is also possible.

M ₁ ⊂M ₃ = M (4) M ₂ ⊂M ₃ = M (5) M ₁ ∩M ₂ = φ (6)

As described above, the following encryption method becomes possible. For example, if you have a book consisting of three chapters and sell the book on the Internet, readers who want to read only Chapter 1 (Group 1), readers who want to read Chapters 1 and 2 (Group 2), Chapter 1 , Chapter 2 and Chapter 3 are divided into readers (group 3) who want to read all the chapters.

For group 1, a key is given that can decrypt the data in Chapter 1, but cannot decrypt the data in Chapters 2 and 3. Group 2 is provided with a key that can decrypt the data of the first and second chapters but cannot decrypt the data of the third chapter. Group 3 is provided with a key capable of decrypting data of all chapters.

As described above, the price of the key for decrypting all chapters by setting the key decryptable range, the price of the key for decrypting the first and second chapters, and the key for decrypting the first chapter Change the price of In the conventional encryption method, a reader who wants to purchase all the chapters needs to purchase three keys, but in the present method, one key is enough.

Another application of the hierarchical encryption method with three layers is as follows. Original image, first image with coarse resolution, second image with fine resolution
The image is decomposed into three images, a third image that is equal to or approximately equal to the linear sum of the images with intermediate resolution. It is possible to extract the main components of the image by Karhanen-Loeve decomposition.

The three images are hierarchically encrypted according to an arbitrarily defined inclusion relationship between the images. That is, the first encrypted image includes the second and third encrypted images, the second encrypted image is hierarchically encrypted to include the third encrypted image, and the first encrypted image is encrypted. Secret keys 1 and 2 that can decrypt encrypted images
And a secret key capable of decrypting the third encrypted image. The inclusion relation is not limited to this relation.

The person given the secret key 1 can reproduce the image by decrypting the first, second, and third encrypted images, so that an image having a high resolution can be reproduced on the screen. Given the secret key 2, a person can decrypt the second and third encrypted images and reproduce the images, so that an image having an intermediate resolution can be reproduced on the screen. Given the secret key 3, a person can decrypt the third encrypted image and reproduce the image, so that an image having a rough resolution can be reproduced on the screen.

In the conventional encryption method, three keys are required to restore an image having an original high resolution.
In the three-layer hierarchical encryption method, only one secret key is required. A key for decoding only image data having a rough resolution can be made cheaper, and a key for decoding image data having an original high resolution can be made higher.

Further, as shown in FIG. 4C, the confidential information C1, the highly confidential information C2,
When the secret information C1, C2, and C3 are hierarchized into three layers so that complete information cannot be obtained unless the three pieces of information 3 are finally decoded, a person who is qualified to decrypt all the secret information is Gives the secret key KP1 and gives all the secret information C1, C
2 and C3 are decrypted, and the secret information
A person who is qualified to decrypt the secret information C2 and C3 except for 1 is given a secret key KP2 to permit decryption of the secret information C2 and C3, and a person qualified to decrypt the secret information C3 indicating the outline of the information. Is given a secret key KP3 and secret information C
3 may be permitted.

Next, a mathematical description and an algorithm of the hierarchical encryption method according to the present invention will be described. This algorithm forms a hierarchical encryption / decryption method and a hierarchical encryption / decryption program recorded on a recording medium. Then, the hierarchical encryption / decryption method is performed by processing this program by a computer (not shown). Further, the hierarchical encryption / decryption device according to the present invention is constituted by a computer (not shown). First, to generate a coding matrix, consider the following linear equation system.

[0037]

(Equation 1) Here, b _ij and c _i are numbers randomly generated.
When the number of equations is equal to the number of variables, that is, when m = n, the solution vector a = (x ₀ , x ₁ ,..., X _m-1 ) is uniquely determined. When the number of equations is greater than the number of variables, there is generally no solution vector that satisfies the above system of equations.
When the number of expressions is less than the number of variables, ie, (m)
In the case of n), there are an infinite number of solution vectors. Next, consider a system in which n-line systems of linear equations are gathered (m> n in the following discussion). The system can be expressed as follows by vector representation by using a matrix. In the following, each vector is displayed by adding "" to each alphabet.

B "A" = J "(8)

Here, B ″ has bij as an element (n ×
m) matrix, A ″ is n− solution vectors a (a is (m × 1)
(M × n) matrix whose element is a vector, and J ″ is an (n × n) matrix whose element is cij (a regular matrix is selected as J ″. That is, det (J) ≠ 0). .
The master key and ordinary key are determined as follows. For fixed B "and J", there are an infinite number of non-additive solutions.
An appropriately selected (B ", J") is called a master key. Consider a set {A " _i } that satisfies B" A " _i = J" for a certain master key (B ", J"). There are an infinite number of non-additive B "s that satisfy the following relationship for J" and A " _i .

B "A" _j = J "(9)

When one B "as described above is taken and written as B" _k , the following relationship is established.

B ” _k A” _i = J ”(10)

(B " _k , J") is referred to as an ordinary key. The encoding is performed as follows. The message M "(plaintext) is a (n × 1) column vector. The encrypted message E" is defined as follows.

E " _i = A" _i M "(11)

The encrypted message E ″ is (m × 1)
It is a matrix. Decoding is performed as follows. Since J "is regular, J" ^-1 exists.

J " ^-1 B" _k E " _i = J" ^-1 B " _k A" _i M "= J" ^-1 J "M" = M "(12)

[0047] Therefore, by using a common key B _k, you can decrypt the "plain text M from _i" encrypted message E. On the other hand, since the following relationship exists between the master key B "and the plaintext M", the encrypted message E " _i is converted to the plaintext M" using the master key B ".
Can be decrypted.

J " ^-1 B" E " _i = J" ^-1 B "A" _i M "= J" ^-1 J "M" = M "(13)

A conceptual diagram when the number of layers is two is as shown in FIG. An outline of the algorithm of the hierarchical encryption method when the number of layers is two will be described with reference to the above conceptual diagram. The next encryption takes 5 steps. 1) Generate a master key B11 2) Encryptors A11 and A1 corresponding to the master key
2. Generate A13. 3) Generate ordinary keys B21, B22, B23 corresponding to the respective ciphers A11, A12, A13. 4) The plaintext M is concealed by the ciphers A11, A12, and A13. 5) Further concealment is performed using a nonlinear difference equation.

Next, each of the above steps will be described. (1) Algorithm for Generating Master Key B11 The master key B11 is an (m × n) matrix, and is generated by an appropriate random number generation algorithm.

(2) From the master key B11 to the cipher A1
The algorithm for generating 1, A12 and A13 will be described. When the hierarchy is 2, the description will be made on the assumption that m = 4 and n = 3. In this case, it is required that the following relational expression hold.

B "A" = J "(14)

However, A "is unknown and B" is known. J "is a unit matrix (actually, it is not necessary to be a unit matrix, but a regular matrix is a necessary condition).

[0054]

(Equation 2)

The above determinant is written for each element as follows.

[0056]

(Equation 3)

Next, the first term of each term on the left side in the above determinant is shifted to the right side.

[0058]

(Equation 4)

A ₀₀ , a ₀₁ , and a ₀₂ are generated by random numbers. Since the right side does not include the unknown variable, it is set to C. Next, b _ij in the above equation (17) is used as an element (n × n).
Place the matrix as follows and calculate its inverse.

[0060]

(Equation 5)

By calculating C "(B" -part) ^-1 , the remaining variables of A "which is an (n × n) matrix having a _ij as an element in the above equation (18) can be obtained. As can be seen, A "has three degrees of freedom, but since there are countless ways of generating random numbers, there are countless numbers for one A".

(3) An algorithm for generating the ordinary keys B21, 22, 23 from the ciphers A11, A12, A13 will be described. Description will be made assuming that the number of layers is two (m = 4).

B "A" = J "(19)

A "is known and B" is unknown. J "
Is an identity matrix (it is not necessary to be an identity matrix, but a requirement is that it be a regular matrix).

[0065]

(Equation 6)

When the unit matrix J "is written for each element, the result is as follows.

[0067]

(Equation 7)

The first term of each term on the left side in the unit matrix is transferred to the right side.

[0069]

(Equation 8)

[0070] the right side of b _00, b _10, b ₂₀ is generated by a random number. Since the right side does not include the unknown variable, it is set to C ". Next, an (n × n) matrix having a _ij in the above equation (22) as an element is set as follows, and its inverse matrix is calculated.

[0071]

(Equation 9)

If C "(A" -part) ^-1 is calculated, the remaining variables of B "which is an (n × n) matrix having b _ij as an element in the above equation (22) can also be obtained. As can be seen, B "has three degrees of freedom, but since there are countless ways of generating random numbers, there is countless A" for one key B ".

The following method is also possible (in an actual program, the calculation is performed by this method). The permutation of both sides is as follows.

A " ^t B" ^t = J " ^t (24)

Is as follows. If B "'= A" ^t and A "' = B" ^t , A "'is unknown and B"' is known, and the algorithm of the previous section can be applied.

In the calculations so far, a linear relationship is established between the plaintext and the encrypted message. If the plaintext and the encrypted message are not available at the same time, that is, outsiders who do not have the encryption module have a brute force to recover the original text from the encrypted message.

On the other hand, even when the encryption module is at hand and the plaintext and the encrypted message can be used at the same time, it is realized by using the nonlinear difference equation that the encryption is not broken. Consider the following differential equation. The following expression is
This is called the Mackey-Glass differential equation.

Dx (t) / dt = (ax (t−τ) / ((1 + x (t−τ) ¹⁰ ))) − bx (t) (25)

X (t) = 1 (t ≦ 0), a = 0.2, b = 0.1
Then, the right side becomes zero irrespective of τ,
Although x (t) is a constant, various time series are generated when the initial value of x (t) or the values of a and b are slightly changed. It is known that this equation does not have a periodic solution if the parameters are chosen appropriately.

E " _i = A" _i M "(26)

The above equation is defined as follows: G ″ is a vector extracted from the above difference equation, f is an appropriate nonlinear function, and E ″ _i is defined as follows.

E " _i = f (A" _i , M ", G") (27)

G "can depend on M" or can be independent.

A conceptual diagram when the number of layers is three is as shown in FIG. The algorithm of the hierarchical encryption method when the number of hierarchies is 3 is as follows: 1) Generate B11 (the strongest key). 2) Generate a cipher A11 for B11. 3) Generate a cipher A12 (a cipher for concealing confidential information) for B11 4) Generate a key B21 (an intermediate-strength key) for A11 5) Generate A21 from B21 and B11 6) Generates A22 (encryptor for concealing intermediate confidential information) from B21 and B11. 7) Generates key B31 (weakest) for A21. Key) is generated. 8) Plain text is concealed using A21, A22, and A21. 9) Further concealment is performed by using a nonlinear difference equation. 1) 8) and 9) are the same as when the number of layers is 2, so omitted. I do. Therefore, 5) and 6) will be described first. That is, the algorithm for generating the cipher A "when the keys B" 1 and B "2 are given is as follows.

M0 = m1 = 7 (29) 2 ^* n0 = n1 = 6 (30)

From the above relationship, B "1 and B" 2 are keys, so the following relationship holds.

B "1 ^* A" 1 = J "(31) B" 2 ^* A "2 = J" (32)

From B "1 (3 × 7) and B" 2 (3 × 7), 6
A 7-by-7 matrix B "-combined and a 7-by-6 matrix A" -combined are defined, and the product of these matrices is calculated.

[0089]

(Equation 10) Here, R "is a matrix of 3 rows and 3 columns having random numbers as elements. Since this corresponds to the case of m1-n1 = 1 described in the previous section, A" -combined is obtained by using it. be able to.

Finally, 4) and 7) will be described.
That is, the algorithm for generating the key B "when the cipher A" is given is as follows. It is almost exactly the same as the previous section. In addition to A ", a matrix A" -dummy having exactly the same number of rows and columns as A "may be prepared, and B" may be generated from A "and A" -dummy.

The size of the plaintext to be concealed using this method can be freely selected. In addition, the present invention can be applied to a type of plaintext capable of digital contents such as text, image data, audio data, and binary data.

[0092]

As described above, according to the present invention, the key for decrypting the encrypted data belonging to the first layer can decrypt the encrypted data of all the layers, and then belongs to the next layer. Since the key for decrypting the encrypted data can decrypt the encrypted data of all the layers belonging to the following layers, the number of keys can be reduced and the key management becomes easy.

Further, when the encrypted data is distributed over the network for a fee, it is only necessary to send a key corresponding to the price of the data to be distributed. However, there is an effect that data transmission efficiency is improved.

[Brief description of the drawings]

FIG. 1 is a basic configuration diagram of a hierarchical encryption / decryption device according to the present invention.

FIG. 2 is a basic configuration diagram of an encryption unit according to the present invention.

FIG. 3 is another basic configuration diagram of an encryption unit according to the present invention.

FIG. 4 is a diagram for explaining the concept of a hierarchical encryption / decryption method according to the present invention.

FIG. 5 is a diagram for explaining the concept of the hierarchical encryption method according to the present invention.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Equivalent data input means 2 Area division means 3 Hierarchical generation means 4A, 4B Encryption means 41 Random number generation part 42 First key generation part 43 First cipher generation part 44 Second cipher generation part 45 Second key generation part 46 , 49 encryption unit 47 third cipher generator 48 third key generator

Claims (7)

[Claims] 1. A hierarchical encryption / decryption method for encrypting plaintext data and decrypting encrypted data by a computer in which the encryption / decryption method is programmed, wherein a plurality of areas in the plaintext data are provided. , And grouping each group of regions into a hierarchy to generate a cipher to be encrypted, decrypting the hierarchy to which the region group encrypted with this cipher belongs, and A hierarchical encryption / decryption method characterized by generating a key for decrypting an encrypted area belonging to each lower layer. 2. A hierarchical encryption / decryption apparatus for encrypting plaintext data and decrypting the encrypted data by a computer programmed with an encryption / decryption method, wherein the plaintext data is inputted with the plaintext data to be encrypted. An input means, an area dividing means for dividing plaintext data into a plurality of areas, a first hierarchy covering all the areas between the areas,
Layer generation means for grouping a plurality of area groups included in accordance with a plurality of inclusive relations defined between areas included in the hierarchy into a lower layer group of the first hierarchy; and encrypting the hierarchized areas. The plaintext data as encrypted data, and encryption means for generating a decryption key for each layer, wherein each key is a corresponding layer in the encrypted data and each lower layer of the layer. A hierarchical encryption / decryption device for decrypting encrypted data belonging to a hierarchy. 3. The encryption means includes: a random number generation unit; a first key generation unit that generates a first key for decrypting encrypted data belonging to a first hierarchy based on the generated random number; and a first key generation unit. A first cipher generator for generating a first cipher for encrypting each region belonging to the first hierarchy based on the first key, and encrypting each region belonging to a lower hierarchy based on the first key. A second cipher generator for generating a second cipher of
A second key generating unit for generating, for each of the second ciphers, a second key for decrypting encrypted data belonging to a lower hierarchy, which is encrypted by a cipher, based on the first and second ciphers; 3. The hierarchical encryption / decryption device according to claim 2, further comprising an encryption unit that encrypts each area. 4. The encryption means includes: a random number generation unit; a first key generation unit that generates a first key for decrypting encrypted data belonging to a first hierarchy based on the generated random number; and a first key generation unit. A first cipher generator for generating a first cipher for encrypting each area belonging to the first hierarchy based on the first key, and a second cipher for encrypting an area belonging to the lower hierarchy based on the first key. A second cipher generator for generating a second key for decrypting encrypted data generated by the second cipher, a second key generator for generating a second key, and belonging to a lower hierarchy based on the second key. A third cipher generator for generating a third cipher for encrypting the area, a third key generator for generating a third key for decrypting encrypted data generated by the third cipher, An encryption unit that encrypts each area based on the first, second, and third ciphers; The hierarchical data according to claim 2, wherein the encrypted data to be decrypted is decrypted with a key for decrypting the encrypted data and a key for decrypting the encrypted data belonging to each layer higher than the layer. Encryption / decryption device. 5. A plaintext data input procedure for inputting plaintext data to be encrypted, an area dividing procedure for dividing the plaintext data into a plurality of areas, a first hierarchy covering all areas between the areas, A layer generation procedure for grouping a plurality of area groups included in accordance with a plurality of inclusive relations defined between areas included in the hierarchy into a lower layer group of the first hierarchy; and encrypting the hierarchized area. A program for encrypting the plaintext data and decrypting the encrypted data by causing a computer to execute the above-described plaintext data as encrypted data and to execute an encryption procedure for generating a decryption key for each layer is recorded. Computer readable recording medium. 6. The encryption procedure includes: a procedure for generating a random number; a first key generation procedure for generating a first key for decrypting encrypted data belonging to a first layer based on the generated random number; A first cipher generating procedure for generating a first cipher for encrypting an area belonging to the first hierarchy based on one key, and encrypting each area belonging to a lower hierarchy based on the first key. Second cipher generating procedure for generating a second cipher for generating a second key for decrypting a ciphertext encrypted by the second cipher and belonging to a lower layer for each of the second ciphers 6. The computer-readable recording medium according to claim 5, wherein each area is encrypted based on a second key generation procedure to be performed and the first and second ciphers. 7. The encryption procedure includes: a procedure for generating a random number; a first key generation procedure for generating a first key for decrypting encrypted data belonging to a first layer based on the generated random number; A first cipher generator for generating a first cipher for encrypting an area belonging to a first layer based on one key; and a second cipher for encrypting an area belonging to a lower layer based on the first key. A second cipher generating procedure for generating, a second key generating procedure for generating a second key for decrypting the encrypted data generated by the second cipher, and a lower hierarchy based on the second key. A third cipher generating procedure for generating a third cipher for encrypting the area to which it belongs, and a third key generating procedure for generating a third key for decrypting the encrypted data generated by the third cipher. The computer-readable recording medium according to claim 5, wherein body.