JP4856909B2 - Data division / restoration system, terminal device, data division / restoration method, and computer program - Google Patents

Description

  The present invention relates to a technique for dividing data in order to ensure confidentiality and security of the data.

  When important confidential data (hereinafter referred to as original data) is stored, there is a threat of loss, destruction, theft and privacy infringement. Such threats cannot be solved by simply encrypting data that should be kept secret, and it is effective to make multiple copies in preparation for loss or destruction, but making multiple copies increases the risk of theft. End up.

  Conventionally, there is a threshold secret sharing method as means for solving such a problem (see Non-Patent Document 1). In this conventional method, the original data S can be restored by dividing the original data S into n pieces of data, and collecting any x pieces of divided data, but with any x-1 pieces of divided data, the original data S Cannot be restored. Therefore, even if up to x-1 pieces of divided data are stolen, the original data S does not leak, and even if up to nx pieces of divided data are lost or destroyed, the original data S can be restored.

  As a typical implementation example of this method, there is a method composed of an n-1 degree polynomial and a remainder operation (see Non-Patent Document 2). This conventional method is used for, for example, split key management of public key cryptography, and the amount of data is not so large, so the current computer processing capacity, the cost of storage devices and storage media, etc. There is no particular problem.

In addition, it has been proposed that divided data divided into a plurality of pieces is stored and managed in different storage devices in order to ensure safety. In this case, it is conceivable that one of the storage devices is installed so as to be connectable via a network.
A. Shamir, "How to Share a Secret", Comm. Assoc. Comput. Mach., Vol. 22, no. 11, pp. 612-613 (Nov. 1979) Bruce Schneier, "Applied Cryptography", John Wiley & Sons, Inc., pp. 383-384 (1994)

  However, when accessing one of the storage devices via the network as described above, the processing speed when reading / writing the divided data from / to the storage device depends on the transmission capacity of the network and other data. Since there is a restriction depending on the transmission state, there is a problem that efficient division / restoration processing is difficult if the divided data is accessed via the network every time it is used.

  The present invention has been made in view of the above, and an object of the present invention is to efficiently divide and restore when accessing at least one storage device that stores divided data via a network. It is to enable the processing.

A data division / restoration system according to a first aspect of the present invention is a data division / restoration system comprising a terminal device, a first storage unit, a second storage unit, and a third storage unit, upon divided into three divided data, and each of the plurality of original partial data is divided original data in the processing unit bit length, and the random number partial data is divided random number processing unit bit length, the exclusive OR of, Although the original data cannot be restored only from each divided data, each divided portion constituting the first and second divided data so that the original data can be restored from two divided data of each divided data. data is generated, the divided partial data that constitute the third divided data is configured Ri by the respective random number partial data, first memory means, accessible without the terminal device via a network Storage means that stores the first divided data, and the second storage means is a storage means that the terminal device can access without going through the network, stores the second divided data, and stores the third storage The means is a storage means accessible by the terminal device via a network, and stores the third divided data. The terminal device is used by both the first storage means and the second storage means. If possible, the first divided data is read from the first storage means and the second divided data is read from the second storage means, and an exclusive OR between the divided partial data constituting the respective divided data is calculated. hand it allows the the original data be available when dividing the different original data, to obtain the same respective random number partial data and the random number partial data stored in the third memory means When one of the first storage means and the second storage means is unusable, the divided data is read from the usable storage means, and the third storage means is accessed via the network. Means for reading out the third divided data from the storage means to acquire each random number partial data; and original data restoring means for restoring the original data by exclusive OR of each acquired random number partial data and each read partial data; It is characterized by having.

  In the present invention, when both the first storage means and the second storage means can be used, a random number is obtained by exclusive OR of the first divided data and the second divided data read from each. Thus, the process of acquiring the third divided data composed of random numbers from the third storage means via the network becomes unnecessary. The random numbers obtained in this way can be used to restore the original data, and can also be used to divide other original data, eliminating the need to use a network for each division and restoration process. Can be realized. In addition, since it is not necessary to generate random numbers by the random number generation means every time the dividing process is performed, a high-speed dividing process can be realized.

The terminal device according to the second aspect of the present invention is a terminal capable of accessing the first storage means and the second storage means without going through the network and accessing the third storage means through the network. When dividing the original data into three divided data, each of the plurality of original partial data obtained by dividing the original data by the processing unit bit length, and each random number partial data obtained by dividing the random number by the processing unit bit length, , The original data cannot be restored only from each divided data, but the first and second data can be restored from two divided data of each divided data. each divided partial data constituting the divided data is generated, the divided partial data that constitute the third divided data is configured Ri by the respective random number partial data, the terminal device networks The first storage means accessible without going through the network stores the first divided data, the second storage means accessible by the terminal device without going through the network stores the second divided data, and the terminal The third storage means that the device can access via the network stores the third divided data, and when the terminal device can use both the first storage means and the second storage means, Reading the first divided data from the first storage means and reading the second divided data from the second storage means, and calculating the exclusive OR between the respective divided partial data constituting the respective divided data , data and is a available when dividing the different source data, means for obtaining the same respective random number partial data and the random number partial data stored in the third storage means, the When one of the storage means and the second storage means cannot be used, the divided data is read from the usable storage means, and the third storage means is accessed via the network, and the third storage means Means for reading the three-part data and obtaining each random number partial data, and original data restoration means for restoring the original data by exclusive OR of each obtained random number part data and each read partial data It is characterized by.

A data division / restoration method according to a third aspect of the present invention is a data division / restoration method processed by a system including a terminal device, a first storage unit, a second storage unit, and a third storage unit. , upon dividing the original data into three divided data, and each of the plurality of original partial data is divided original data in the processing unit bit length, and the random number partial data is divided random number processing unit bit length, exclusive of Although the original data cannot be restored only from each divided data by logical sum, the first and second divided data are configured so that the original data can be restored from two divided data of each divided data. each divided partial data is generated for each divided partial data that constitute the third divided data is configured Ri by the respective random number partial data, the terminal device is accessible without using the network First divided data is stored by the first storage means, and second divided data is stored by the second storage means that can be accessed without the terminal device via the network, and the terminal device can be accessed via the network. The third divided data is stored by the third storage means, and when both the first storage means and the second storage means are usable by the terminal device, the first divided data is read from the first storage means. In addition, when the second divided data is read from the second storage means and exclusive OR between the divided partial data constituting the respective divided data is calculated , the original data different from the original data is divided. be available, the same each random number partial data and the random number partial data stored in the third memory means to retrieve, one use of the first storage means or the second storage means If it is possible, the divided data is read from the usable storage means, and the third storage means is accessed via the network, and the third divided data is read from the third storage means to obtain each random number partial data. The original data is restored by exclusive OR of the acquired random number partial data and the read divided partial data.

A computer program according to a fourth aspect of the present invention is a terminal capable of accessing the first storage means and the second storage means without going through the network, and accessing the third storage means through the network. A computer program to be executed by the apparatus, when dividing the original data into three divided data, each of the plurality of original partial data obtained by dividing the original data by the processing unit bit length and the random number by the processing unit bit length With the exclusive OR of each random number partial data , the original data cannot be restored only from each divided data, but the original data can be restored from two divided data of each divided data. Each divided partial data constituting the first and second divided data is generated, and each divided partial data constituting the third divided data is assigned to each random number. Configured Ri by the minute data, the the first storage means accessible without using a terminal device network, stores the first divided data, the terminal device can access the second storage means without passing through the network In the state where the second divided data is stored and the third divided data is stored by the third storage means accessible by the terminal device via the network, the first storage means and the second storage are stored in the terminal device. When both of the means are usable, the first divided data is read from the first storage means and the second divided data is read from the second storage means, and the exclusive data between the divided partial data constituting the respective divided data is read. by calculating the logical sum, the it is available when dividing the different original data from the original data, stored in the third memory means A process of acquiring the random number partial data of the same respective random number partial data, when one of the first storage means or the second storage unit is unavailable, reads the divided data from the storage means towards available, network The process of accessing the third storage unit via the third storage unit, reading the third divided data from the third storage unit to acquire each random number partial data, and exclusive of the obtained random number partial data and each read partial data And restoring the original data by logical OR.

  According to the present invention, efficient division and restoration processing can be realized when accessing at least one storage device that stores divided data via a network.

  FIG. 1 is a block diagram showing a configuration of a data division / restoration system in the present embodiment. The system shown in FIG. 1 is configured such that the external storage device 2 is connected to the terminal device 1 and the terminal device 1 can be connected to the data center 3 via the network 4. The terminal device 1 and the data center 3 are each configured by a computer, and include an arithmetic processing device, a memory, and the like. The network 4 is constituted by the Internet, for example.

  The terminal device 1 includes a divided data generation unit 11, an original data restoration unit 12, a random number generation unit 13, a storage unit 14, and a data transmission / reception unit 15. The storage unit 14 stores original data to be divided.

  The divided data generation unit 11 reads the original data from the storage unit 14 and divides it into three divided data. Here, the three divided data are referred to as divided data A (first divided data), divided data B (second divided data), and divided data C (third divided data). The divided data C is data formed by random numbers. Details of this division processing will be described later.

  The divided data generation unit 11 stores the divided data A in the storage unit 14 and stores the divided data B in the external storage device 2. The divided data C is transmitted to the data center 3 via the network 4 by the data transmitter / receiver 15. The data center stores the received divided data C in the storage unit 31.

  The original data restoration unit 12 restores the original data using two of the three divided data. When both the storage unit 14 and the external storage device 2 can be used, the divided data A is read from the storage unit 14 and the divided data B is read from the external storage device 2, and the divided data A and B are used. Restore the original data. Further, when one of the storage unit 14 and the external storage device 2 is unusable, the data center 3 is accessed via the network, and the divided data C is read out and acquired from the storage unit 31 of the data center 3. The original data is restored using the divided data C and the divided data read from the usable portion of the storage unit 14 or the external storage device 2. Details of this processing will also be described later.

  When dividing the original data into three pieces of divided data, the random number generation unit 13 corresponds to each of a plurality of original partial data obtained by dividing the original data by the processing unit bit length, and a plurality of random number partial data having a processing unit bit length. Is generated.

  The storage unit 14 stores a computer program in addition to the original data, and the processing in each of the above units is executed by reading and executing the computer program by the arithmetic processing device provided in the terminal device 1. When the above units execute processing, data used for input of each unit is temporarily stored in the memory and then used for calculation in the arithmetic processing unit, and the calculation result is temporarily stored in the memory. And then stored in the storage unit 14.

  The data transmitting / receiving unit 15 transmits the divided data C to the data center 3 via the network 4. In addition, a process of receiving the divided data C from the data center 3 is also performed.

  The data center 3 includes a storage unit 31 and a data transmission / reception unit 32. The data transmission / reception unit 32 transmits / receives the divided data C to / from the terminal device 1 via the network 4. The storage unit 31 stores the received divided data C so as to be readable.

  In the division and restoration of the original data in this embodiment, the original data is divided into pieces of divided data having a desired number of divisions based on a desired processing unit bit length. In this case, the processing unit bit length is set to an arbitrary value. The original data is divided into processing unit bit lengths, and the divided partial data is generated from the original partial data by one less than the number of divisions. If it does not match an integer multiple of (number-1) times, the bit length of the original data is adjusted to an integer multiple of (number of divisions -1) times the processing unit bit length by, for example, filling the end of the original data with 0. Thus, the present embodiment can be applied.

  The random numbers described above are also generated from the random number generator 13 as (partition number-1) random number partial data having a bit length of the processing unit bit length corresponding to each of the (partition number-1) original partial data. Is done. That is, the random numbers are divided into processing unit bit lengths, and are generated as (partition number-1) random number partial data having a bit length of the processing unit bit length. Further, the original data is divided into a desired number of divided data based on the processing unit bit length, and each of the divided data also corresponds to each of the (division number-1) original partial data. It is generated as (partition number -1) pieces of divided partial data having a bit length. That is, each piece of divided data is divided into processing unit bit lengths, and is generated as (partition number-1) pieces of divided partial data having a bit length of the processing unit bit length.

  In the following description, the above-described original data, random numbers, divided data, number of divisions, and processing unit bit length are represented by S, R, D, n, and b, respectively, and one of a plurality of data, random numbers, and the like. I (= 1 to n) and j (= 1 to n-1) are used as variables to represent one, (division number n-1) original partial data, (division number n-1) random number partial data , And one of each of the divided data D with the number of divisions is represented by S (j), R (j) and D (i), respectively, and a plurality of ( The divided partial data of (n-1) is represented by D (i, j). That is, S (j) represents the j-th original partial data when the original data S is numbered in order from the top by dividing into processing unit bit lengths.

  When this notation is used, the original data, random number data, and divided data, and the original partial data, random number partial data, and divided partial data that constitute these, respectively, are represented as follows.

Original data S = (n-1) original partial data S (j)
= S (1), S (2), ..., S (n-1)
Random number R = (n-1) random number partial data R (j)
= R (1), R (2), ..., R (n-1)
n divided data D (i) = D (1), D (2),..., D (n)
Each partial data D (i, j)
= D (1,1), D (1,2), ..., D (1, n-1)
D (2,1), D (2,2), ..., D (2, n-1)
………
D (n, 1), D (n, 2), ..., D (n, n-1)
(i = 1 ~ n), (j = 1 ~ n-1)
The divided data generation unit 11 uses the original data read from the storage unit 14 and the random number partial data generated by the random number generation unit 13, but the original data cannot be restored only from each divided data. Each partial data that constitutes each of the divided data A and B is generated by exclusive OR (XOR) of the original partial data and random number partial data so that the original data can be restored from the two divided data. To do. Further, each divided partial data constituting the divided data C is generated by each random number partial data.

  On the other hand, when the original data restoration unit 12 can use both the storage unit 14 and the external storage device 2 and can read the divided data A and B, respectively, the exclusive logic between the divided data A and B can be read. Each random number partial data is obtained by calculating the sum. Further, when one of the storage unit 14 or the external storage device 2 is unusable, the divided data is read from the usable one of the storage unit 14 or the external storage device 2 and divided via the network 4. Data C is received and each random number partial data is acquired. Then, the original data is restored by exclusive OR of each acquired random number partial data and each read partial data.

  Since this method uses exclusive OR operation, which is a bit operation suitable for computer processing, it requires faster and higher-performance processing capability than conventional methods that use polynomial or remainder operations for data division processing. Instead, it is possible to generate divided data by repeating simple arithmetic processing even for large volumes of data. Further, the divided data can be generated by stream processing in which calculation processing is performed in order from the top of the data for each predetermined fixed length.

  Next, before specifically explaining the data division / restoration processing, the overall processing flow in this system will be described with reference to the flowchart of FIG.

  This process is divided into a normal use process in which a division process is performed using actual original data, and a preprocess in which dummy data is used in advance before receiving the original data.

  In step 1 (shown as S1 in FIG. 2, the same applies hereinafter), the random number generator 13 generates a random number R and dummy data R ′. This random number R is directly used as divided data C. The dummy data is composed of random numbers.

  In step 2, this dummy data is used in place of the original data S. Specifically, the divided data generation unit 11 calculates the exclusive OR of the dummy data R ′ and the random number R to generate the divided data A and the divided data B. The divided data A is stored in the storage unit 14 built in the terminal device 1, and the divided data B is stored in the external storage device 2.

  In step 3, the data transmission / reception unit 15 transmits the divided data C (random number data) to the data center 3 via the network 4 and stores it in the storage unit 31 in the data center 3. Thereafter, the communication connection with the network 4 is disconnected and the offline setting is performed.

  When the actual division processing of the original data S occurs in step 4, the divided data generation unit 11 generates a random number R by calculating the exclusive OR of the divided data A and the divided data B.

  In step 5, the divided data A and the divided data B are generated by calculating the exclusive OR of the original data S and the generated random number R. The divided data A is stored in the storage unit 14 built in the terminal device 1, and the divided data B is stored in the external storage device 2.

  On the other hand, in step 4, when one of the storage unit 14 or the external storage device 2 cannot be used due to damage, theft or the like, the data transmission / reception unit 15 sets the network 4 online, accesses the data center 3 and divides it. Get data C. Since the divided data C is a random number, the divided data generation unit 11 generates divided data A and divided data B by calculating an exclusive OR of the divided data C and the original data S in Step 5.

  By performing such processing, transmission / reception of the divided data via the network suppresses the transmission speed depending on the transmission capacity of the network and the transmission state of other data. In normal use processing, the storage unit 14 and If both of the external storage devices 2 can be used, the process of acquiring the divided data C via the network 4 is not necessary. Thereby, efficient division processing can be realized.

  In addition, since the process of generating a random number by the random number generation unit 13 has a large calculation burden, by performing the above process, the generation of the random number only needs to be performed once in the pre-processing. Therefore, high-speed division processing can be realized.

  Next, data division / restoration processing will be described in detail. In the following description, the exclusive OR operation (XOR) used in the present embodiment is represented by an operation symbol “*”. Each calculation result in the calculation rule for each bit of this exclusive OR operation is as follows.

The operation result of 0 * 0 is 0
The result of 0 * 1 is 1
The result of 1 * 0 is 1
The result of 1 * 1 is 0
In addition, the XOR operation has an exchange law and a joint law. That is,
a * b = b * a
(a * b) * c = a * (b * c)
Is proved mathematically.

  Also, a * a = 0, a * 0 = 0 * a = a holds.

Here, a, b, and c represent bit strings having the same length, and 0 represents a bit string having the same length and consisting of all “0”.

Next, the definition of symbols shown in the flowchart of FIG. 3 will be described.

Means A (1) * A (2) *... A (n).

  (2) c (j, i, k) is replaced by (n-1) × (n-1) matrix U [n-1, n-1] × (P [n-1, n-1]) It is defined as the value of i rows and k columns of ^ (j-1).

  At this time, Q (j, i, k) is defined as follows.

When c (j, i, k) = 1 Q (j, i, k) = R ((n-1) × m + k)
Q (j, i, k) = 0 when c (j, i, k) = 0
However, m represents an integer of m ≧ 0.

(3) U [n, n] is an n × n matrix, and the value of i rows and j columns is represented by u (i, j).
When i + j ≦ n + 1 u (i, j) = 1
When i + j> n + 1, u (i, j) = 0
It means that the matrix is “upper triangular matrix”. Specifically, the matrix is as follows.

(4) P [n, n] is an n × n matrix, and the value of i rows and j columns is represented by p (i, j).
When j = i + 1, p (i, j) = 1
i = n, when j = 1 p (i, j ) = 1
For other cases p (i, j) = 0
It means that the matrix is “rotation matrix”. Specifically, the matrix is as follows, and when multiplied from the right side of another matrix, the first column of the other matrix is changed to the second column, the second column to the third column,. Is moved to the nth column, and the nth column is moved to the first column. That is, when the matrix P is applied to another matrix a plurality of times from the right side, each column can be moved so as to rotate rightward by that number of times.

(5) If A and B are n × n matrices, A × B means the product of the matrices A and B. The calculation rules for the matrix components are the same as those used in normal mathematics.

  (6) When A is an n × n matrix and i is an integer, A ^ i means i products of the matrix A. A ^ 0 means the unit matrix E.

(7) The unit matrix E [n, n] is an n × n matrix, and the value of i rows and j columns is represented by e (i, j).
e (i, j) = 1 when i = j
For other cases e (i, j) = 0
Let's mean a matrix that is Specifically, the matrix is as follows. Let A be any n × n matrix
A × E = E × A = A
There is a property to become.

  Next, with reference to the flowchart shown in FIG. 3 and the specific data shown in FIGS.

  First, the original data S is given to the terminal device 1 and the dividing process is started (step S201 in FIG. 3). In this example, the original data S is 16 bits “10110010 00110111”.

  Next, the user instructs the terminal device 1 to set the division number n to 3 (step S203). As the division number n, a value predetermined in the terminal device 1 may be used. Note that the three pieces of divided data generated by the terminal device 1 according to the number of divisions n = 3 are D (1), D (2), and D (3). The divided data D (1), D (2), and D (3) are all 16-bit data that is the same as the bit length of the original data.

  Then, the processing unit bit length b used to divide the original data S is determined to be 8 bits, and a 16-bit random number R having the same bit length as the original data is acquired from the random number generation unit 13 and generated. (Step S205). The processing unit bit length b may be designated by the user to the terminal device 1 or a value predetermined in the terminal device 1 may be used. The processing unit bit length b may be an arbitrary number of bits, but here it is 8 bits that can divide the original data S. Accordingly, the original data S of the above 16-bit “10110010 00110111” is divided into “10110010” when the two original divided data S (1) and S (2) are divided by the 8-bit processing unit bit length. And “00110111”.

  In the next step S207, it is determined whether or not the bit length of the original data S is an integer multiple of 8 × 2, and if it is not an integer multiple, the end of the original data S is padded with zeros to obtain 8 × 2 Fit to an integer multiple. Note that the division processing when the processing unit bit length b is set to 8 bits and the division number n is set to 3 as in this example is not limited to 16 bits as the bit length of the original data S. This is effective for the original data S that is an integral multiple of the length b × (number of divisions n−1) = 8 × 2.

  Next, in step S209, the variable m, that is, the variable m meaning the integer multiple described above is set to zero. As in this example, when the original data S has a processing unit bit length b × (number of divisions n−1) = 8 × 2 = 16 bits, the variable m is 0, but is doubled to 32 bits. In this case, the variable m is 1, and in the case of 3 times 48 bits, the variable m is 2.

  Next, it is determined whether or not there is data for 8 × 2 bits from the 8 × 2 × m + 1 bit of the original data S (step S211). This is because the division processing shown after step S211 is performed on the processing unit bit length b × (number of divisions n−1) = 8 × 2 = 16 bits specified by the variable m of the original data S, It is determined whether or not there is the next 16 bits as data S. In the case where the original data S is 16 bits as in this example, when the dividing process after step S211 is performed once on the 16-bit original data S, the variable m is incremented by 1 in step S219 described later. However, in the original data S of this example, there is no data of 17 bits or more corresponding to the case where the variable m is m + 1, so the process proceeds from step S211 to step S221. In this case, however, the variable m is Since it is 0, the 8 × 2 × m + 1 bit of the original data S is 8 × 2 × 0 + 1 = 1, and the data is 8 × 2 bits from the first 16 bits of the original data S. Since it exists, it progresses to step S213.

  In step S213, the variable j is changed from 1 to 2 (= number of divisions n-1), and 8 bits (= processing unit bits) from the 8 × (2 × m + j-1) +1 bit of the original data S Data) is set to the original partial data S (2 × m + j), thereby dividing the original data S by the processing unit bit length 2 (number of divisions n-1) original partial data S (1) , S (2) is generated as follows.

Original data S = S (1), S (2)
First original partial data S (1) = “10110010”
Second original partial data S (2) = “00110111”
In the pre-processing described above, the random number R ′ generated by the random number generator 13 is used for the original partial data S (1) and S (2).

  Next, the variable j is changed from 1 to 2 (= division number n-1), and a random number of 8 bits generated from the random number generator 13 is set in the random number partial data R (2 × m + j). Thus, 2 (division number n-1) random number partial data R (1) and R (2) obtained by dividing the random number R by the processing unit bit length are generated as follows (step S215).

Random number R = R (1), R (2)
First random number partial data R (1) = “10110001”
Second random number partial data R (2) = “00110101”
Next, in step S217, the variable i is changed from 1 to 3 (= number of divisions n), and the variable j is further changed from 1 to 2 (= number of divisions n-1) in each variable i, as shown in step S217. Each divided partial data D (i, 2 × m + j) that constitutes each of the plurality of divided data D (i) by a definition formula consisting of exclusive OR of the original partial data and random number partial data for generating the divided data ) Is generated. As a result, the following divided data D is generated.

Split data D
= 3 pieces of divided data D (i) = D (1), D (2), D (3)
First divided data D (1)
= 2 pieces of partial data D (1, j) = D (1,1), D (1,2)
= "00110110", "10110011"
Second divided data D (2)
= 2 pieces of partial data D (2, j) = D (2,1), D (2,2)
= "00000011", "00000010"
Third divided data D (3)
= 2 pieces of partial data D (3, j) = D (3,1), D (3,2)
= "10110001", "00110101"
The definition formula shown in step S217 for generating each divided partial data D (i, j) is specifically shown in the table shown in FIG. 5 when the division number n = 3 as in this example. It will be described. From the table shown in FIG. 5, the definition formula for generating the divided partial data D (1,1) is S (1) * R (1) * R (2), and the definition formula for D (1,2) Is S (2) * R (1) * R (2), the definition of D (2,1) is S (1) * R (1), and the definition of D (2,2) is S (2) * R (2), the defining formula for D (3,1) is R (1), and the defining formula for D (3,2) is R (2). The table shown in FIG. 5 also describes general definition formulas for arbitrary integers when m> 0.

  In this way, after the divided data D is generated for the variable m = 0 which means an integer multiple, the variable m is then incremented by 1 (step S219), the process returns to step S211 and the original data S corresponding to the variable m + 1 is returned. However, since the original data S in this example is 16 bits and there is no data after 17 bits, the process proceeds from step S211 to step S221. The generated divided data D (1) is stored in the storage unit 14 of the terminal device 1, the divided data D (2) is stored in the external storage device 2, and the divided data D (3) is stored in the storage unit 31 of the data center. Save and finish the split process.

  Here, the divided data generation processing based on the definition formula in step S217 in the flowchart of FIG. 3 described above, specifically, the divided data generation processing when the division number n = 3 will be described in detail.

  First, in the case of a variable m = 0 meaning an integer multiple, each divided partial data D constituting each of the divided data D (i) = D (1) to D (3) from the definition formula shown in step S217. (i, 2 × m + j) = D (i, j) (i = 1 to 3, j = 1 to 2) is as follows.

D (1,1) = S (1) * Q (1,1,1) * Q (1,1,2)
D (1,2) = S (2) * Q (2,1,1) * Q (2,1,2)
D (2,1) = S (1) * Q (1,2,1) * Q (1,2,2)
D (2,2) = S (2) * Q (2,2,1) * Q (2,2,2)
D (3,1) = R (1)
D (3,2) = R (2)
Specifically, Q (j, i, k) included in the above four formulas among the above six formulas is obtained.

When c (j, i, k) is a value of i rows and k columns of U [2,2] × (P [2,2]) ^ (j-1) which is a 2 × 2 matrix, Is defined as

When c (j, i, k) = 1 Q (j, i, k) = R (k)
Q (j, i, k) = 0 when c (j, i, k) = 0
here,
When j = 1

When j = 2

  If this is used, each division | segmentation partial data D (i, j) is produced | generated by the following definitional expressions.

D (1,1) = S (1) * Q (1,1,1) * Q (1,1,2) = S (1) * R (1) * R (2)
D (1,2) = S (2) * Q (2,1,1) * Q (2,1,2) = S (2) * R (1) * R (2)
D (2,1) = S (1) * Q (1,2,1) * Q (1,2,2) = S (1) * R (1) * 0 = S (1) * R (1 )
D (2,2) = S (2) * Q (2,2,1) * Q (2,2,2) = S (2) * 0 * R (2) = S (2) * R (2 )
The definition formula for generating each of the divided partial data D (i, j) described above is also illustrated in FIG.

  FIG. 4 shows the original data from the respective data, definition formulas, and divided partial data in the case where the 16-bit original data S is divided into three with the division number n = 3 based on the 8-bit processing unit bit length as described above. It is a table | surface which shows the calculation formula in the case of decompress | restoring.

  Here, the divided data D (1), D (2), D (3) and the respective divided partial data D (1,1), D (1,2), D (2,1), The process of generating D (2,2), D (3,1), and D (3,2) and the general form of the definition formula will be described.

  First, for the first divided data D (1), the first divided partial data D (1,1) is defined by the definition formula S (1) * R (1) * R (2) described above. Then, the second divided partial data D (1, 2) is defined by the definition formula S (2) * R (1) * R (2). The general form of this defining formula is S (j) * R (j) * R (j + 1) for D (1, j), and for D (1, j + 1) S (j + 1) * R (j) * R (j + 1) (j is an odd number). When calculated according to the definition formula, D (1,1) is 00110110 and D (1,2) is 10110011, so D (1) is 00100110 10110011. The general form of the definition formula is collectively shown in FIG.

  For the second divided data D (2), D (2,1) is defined by S (1) * R (1), and D (2,2) is S (2) * R ( Defined in 2). The general form of this definition is S (j) * R (j) for D (2, j) and S (j + 1) * R for D (2, j + 1) (j + 1) (j is an odd number). When calculated according to the definition formula, D (2,1) becomes 00000011 and D (2,2) becomes 00000010, so D (2) is 00000011 00000010.

  Further, for the third divided data D (3), D (3,1) is defined by R (1) and D (3,2) is defined by R (2). The general form of this definition is R (j) for D (3, j) and R (3, j + 1) for D (3, j + 1) (j is Odd number). When calculated according to the definition formula, D (3,1) is 10110001, D (3,2) is 00110101, and D (3) is 10110001 00110101.

  In the above description, the length of S, R, D (1), D (2), D (3) is 16 bits. Even from the original data S, the divided data D (1), D (2), and D (3) can be generated. In addition, the processing unit bit length b can be arbitrarily set, and the original data having an arbitrary length, specifically, processing is performed by repeating the above division processing for each length of b × 2 in order from the top of the original data S. The present invention can be applied to original data having an integral multiple of the unit bit length b × 2. If the length of the original data S is not an integral multiple of the processing unit bit length b × 2, for example, the length of the original data S is set to the processing unit bit length b × 2 by filling the end portion of the data with 0, for example. The division processing of this embodiment described above can be applied by adjusting to an integral multiple of.

  Next, processing for restoring original data from divided data will be described with reference to the table shown on the right side of FIG.

  First, when a restoration request for the original data S is generated, the terminal device 1 reads the divided data D (1) and D (2) when the built-in storage unit 14 and the external storage device 2 are usable, The original data S is restored using the divided data D (1) and D (2).

  This process is as follows.

D (1,1) * D (2,1) = (S (1) * R (1) * R (2)) * (S (1) * R (1))
= (S (1) * S (1)) * (R (1) * R (1)) * R (2)
= 0 * 0 * R (2)
= R (2)
Therefore, R (2) is obtained by calculating D (1,1) * D (2,1). Specifically, since D (1,1) is 00110110 and D (2,1) is 00000011, R (2) is 00110101.

Similarly,
D (1,2) * D (2,2) = (S (2) * R (1) * R (2)) * (S (2) * R (2))
= (S (2) * S (2)) * R (1) * (R (2) * R (2))
= 0 * R (1) * 0
= R (1)
Therefore, R (1) is obtained by calculating D (1,2) * D (2,2). Specifically, since D (1,2) is 10110011 and D (2,2) is 00000010, R (1) is 10110001.

  Using these R (1) and R (2), S (1) and S (2) are obtained.

D (2,1) * R (1) = (S (1) * R (1)) * R (1)
= S (1) * (R (1) * R (1))
= S (1) * 0
= S (1)
Therefore, S (1) can be obtained by calculating D (2,1) * R (1). Specifically, since D (2,1) is 00000011 and R (1) is 10110001, S (1) is 10110010.

Similarly,
D (2,2) * R (2) = (S (2) * R (2)) * R (2)
= S (2) * (R (2) * R (2))
= S (2) * 0
= S (2)
Therefore, S (2) can be obtained by calculating D (2,2) * R (2). Specifically, since D (2,2) is 00000010 and R (2) is 00110101, S (2) is 00110111.

In general, let j be an odd number
D (1, j) * D (2, j) = (S (j) * R (j) * R (j + 1)) * (S (j) * R (j))
= (S (j) * S (j)) * (R (j) * R (j)) * R (j + 1)
= 0 * 0 * R (j + 1)
= R (j + 1)
Therefore, R (j + 1) can be obtained by calculating D (1, j) * D (2, j).

Similarly,
D (1, j + 1) * D (2, j + 1) = (S (j + 1) * R (j) * R (j + 1)) * (S (j + 1) * R (j +1))
= (S (j + 1) * S (j + 1)) * R (j) * (R (j + 1) * R (j + 1))
= 0 * R (j) * 0
= R (j)
Therefore, R (j) can be obtained by calculating D (1, j + 1) * D (2, j + 1).

  Using these R (j) and R (j + 1), S (j) and S (j + 1) are obtained.

D (2, j) * R (j) = (S (j) * R (j)) * R (j)
= S (j) * (R (j) * R (j))
= S (j) * 0
= S (j)
Therefore, S (j) can be obtained by calculating D (2, j) * R (j).

Similarly,
D (2, j + 1) * R (j + 1) = (S (j + 1) * R (j + 1)) * R (j + 1)
= S (j + 1) * (R (j + 1) * R (j + 1))
= S (j + 1) * 0
= S (j + 1)
Therefore, S (j + 1) is obtained by calculating D (2, j + 1) * R (j + 1).

  On the other hand, when one of the storage unit 14 of the terminal device 1 or the external storage device 2 is unusable, the terminal device 1 reads out the divided data from the usable one, and the data center via the network 4 The third divided data D (3) is acquired from the storage unit 31.

  Here, a process of acquiring the divided data D (2) and D (3) and restoring the original data S will be described. First, the first original partial data S (1) can be generated from the divided partial data D (2,1) and D (3,1) as follows.

D (2,1) * D (3,1) = (S (1) * R (1)) * R (1)
= S (1) * (R (1) * R (1))
= S (1) * 0
= S (1)
Specifically, since D (2,1) is 00000011 and D (3,1) is 10110001, S (1) is 10110010.

  Further, the second original partial data S (2) can be generated from the other divided partial data as follows.

D (2,2) * D (3,2) = (S (2) * R (2)) * R (2)
= S (2) * (R (2) * R (2))
= S (2) * 0
= S (2)
Specifically, since D (2,2) is 00000010 and D (3,2) is 00110101, S (2) is 00110111.

In general, let j be an odd number
D (2, j) * D (3, j) = (S (j) * R (j)) * R (j)
= S (j) * (R (j) * R (j))
= S (j) * 0
= S (j)
Therefore, S (j) can be obtained by calculating D (2, j) * D (3, j).

In general, j is an odd number,
D (2, j + 1) * D (3, j + 1) = (S (j + 1) * R (j + 1)) * R (j + 1)
= S (j + 1) * (R (j + 1) * R (j + 1))
= S (j + 1) * 0
= S (j + 1)
Therefore, S (j + 1) can be obtained by calculating D (2, j + 1) * D (3, j + 1).

  Next, a process for acquiring the divided data D (1) and D (3) and restoring the original data S will be described.

D (1,1) * D (3,1) * D (3,2) = (S (1) * R (1) * R (2)) * R (1) * R (2)
= S (1) * (R (1) * R (1)) * (R (2) * R (2))
= S (1) * 0 * 0
= S (1)
Therefore, S (1) can be obtained by calculating D (1,1) * D (3,1) * D (3,2). Specifically, since D (1,1) is 00110110, D (3,1) is 1010001, and D (3,2) is 0110101, S (1) is 10110010.

Similarly,
D (1,2) * D (3,1) * D (3,2) = (S (2) * R (1) * R (2)) * R (1) * R (2)
= S (2) * (R (1) * R (1)) * (R (2) * R (2))
= S (2) * 0 * 0
= S (2)
Therefore, S (2) can be obtained by calculating D (1,2) * D (3,1) * D (3,2). Specifically, since D (1,2) is 10110011, D (3,1) is 10110001, and D (3,2) is 00110101, S (2) is 00110111.

In general, let j be an odd number
D (1, j) * D (3, j) * D (3, j + 1) = (S (j) * R (j) * R (j + 1)) * R (j) * R (j +1)
= S (j) * (R (j) * R (j)) * (R (j + 1) * R (j + 1))
= S (j) * 0 * 0
= S (j)
Therefore, S (j) can be obtained by calculating D (1, j) * D (3, j) * D (3, j + 1).

In general, j is an odd number,
D (1, j + 1) * D (3, j) * D (3, j + 1) = (S (j + 1) * R (j) * R (j + 1)) * R (j) * R (j + 1)
= S (j + 1) * (R (j) * R (j)) * (R (j + 1) * R (j + 1))
= S (j + 1) * 0 * 0
= S (j + 1)
Therefore, S (j + 1) can be obtained by calculating D (1, j + 1) * D (3, j) * D (3, j + 1).

  As described above, when the divided data is repeatedly generated from the beginning of the original data based on the processing unit bit length b to generate divided data, the three divided data D (1), D (2), D ( Even if not all of 3) is used, the original data can be restored as described above using two divided data of the three divided data.

  As another embodiment of the present invention, the original data can be divided by using a random number R having a bit length shorter than that of the original data S.

  That is, the random number R described above is data having the same bit length as S, D (1), D (2), D (3), but the random number R is shorter than the bit length of the original data S, and the divided data D This short bit length random number R is repeatedly used to generate (1), D (2), and D (3).

  Since the divided data D (3) is generated only from the random number R, the divided data D (3) need not be stored repeatedly with the random number R. For example, when the bit length of the original data S is 1600 bits (200 bytes), the random number R is a repetition of arbitrarily selected 160 bits (20 bytes) of data. That is, R (1) to R (20) are randomly generated, and R (21) to R (200) are R (21) = R (1), R (22) = R (2), ..., R (40) = R (20), R (41) = R (1), R (42) = R (2), ..., R (60) = R (20), R (61) = R (1) , R (62) = R (2), ..., R (80) = R (20), ... ……, R (181) = R (1), R (182) = R (2), ..., R (200) = R (20).

  In the above description, D (3) is generated by defining divided part data D (3, j) as random part data R (j), but it is sufficient to store up to D (3,20). . That is, the length of D (3) is 1/10 of D (1) and D (2). Therefore, the total amount of data to be stored is three times the original data S in the previous embodiment, but can be 2.1 times in this embodiment. If the length of the data of the repetitive part in the random number R is too short, it is possible that R is decoded only from D (1) or D (2). Therefore, it is desirable to select an appropriate length.

In this embodiment, for example, a pseudo-random number generation algorithm is used to generate the random number R. There are true random numbers that generate random numbers using physical phenomena in nature, and pseudo-random numbers that generate random numbers using computer algorithms, etc. True random numbers are physical phenomena such as rolling dice and noise. However, since it takes a lot of time and equipment, instead of using a seed of appropriate length (seeds for generating random numbers (seeds)), it becomes a definitive algorithm. A pseudo-random number generated based on this is used. For example, if a short random number is used as a seed, a long random number can be obtained. Seed lengths are, for example, 128 bits, 160 bits or more. Even if it is generated based on a definitive algorithm, it satisfies the properties required for random numbers such as statistical uniformity and uncorrelation at a certain level. Specific examples include those standardized as ANSI X9, 42, FIPS 186-2 (http://www.ipa.go.jp/security/enc/CRYPTREC/fy15/cryptrec20030425_spec01.html).

  By using these, it is possible to generate a long sequence of pseudo-random numbers by using the seed of random number generation as an input. For example, a random number R having the same length as the bit length of the original data S is generated by giving a 160-bit seed, and D (1) and D (2) are generated from the original data S and the random number R as described above. D (3) does not store R, but stores and stores a 160-bit seed, so that the bit to be stored and stored in D (3) even if the bit length of the original data S increases The number is 160 bits, and the total amount of data to be stored can be suppressed. When restoring the original data S, a random number R having the same length as the bit length of the original data S is generated again from the 160-bit seed stored in D (3), and as described above, this and D The original data S can be restored using (1) or D (2).

  Here, as described above, the division rule for dividing the original data based on the definition formula shown in step S217 of FIG.

  First, original data, random numbers, divided data, the number of divisions, and the processing unit bit length are represented by S, R, D, n, and b, respectively, and i (= 1 to n as a variable representing one of a plurality of n pieces ) And j (= 1 to n-1), multiple (n-1) original partial data, multiple (n-1) random number partial data, multiple (n) divided data, and each divided data One of each of the plurality (n-1) divided partial data is represented by S (j), R (j), D (i), and D (i, j), respectively.

Then, the variable j is changed from 1 to n−1, and each original partial data S (j) is created as data of b bits from the b × (j−1) +1 bit of the original data S. Next, when U [n, n] is an upper triangular matrix that is an n × n matrix and P [n, n] is a rotation matrix that is an n × n matrix, c (j, i, k) is expressed as ( n-1) × (n-1) matrix defined as U [n-1, n-1] × P [n-1, n-1] ^ (j-1) i rows and k columns . And when c (j, i, k) = 1, Q (j, i, k) = R (k), when c (j, i, k) = 0, Q (j, i, k) When = 0 is defined, variable i is changed from 1 to n, and variable j is changed from 1 to n-1 for each variable i.
When i <n, each divided partial data D (i, j) is set as follows.

However,

When i = n, each divided partial data D (i, j) is
D (i, j) = R (j)
And set. By repeating the above process from the beginning to the end of the original data S, it is possible to generate divided data of the number n of divisions from the original data S.

  As described above, according to the present embodiment, when both the storage unit 14 and the external storage device 2 built in the terminal device 1 are usable, the divided data A and the divided data B read from each By acquiring the random number (divided data C) by the exclusive OR, it is possible to eliminate the process of acquiring the divided data C from the storage unit 31 of the data center 3 via the network 4.

  The random numbers obtained in this way can be used to restore the original data, and can also be used to divide other original data, eliminating the need to use a network for each division and restoration process. Can be realized.

  In addition, since a heavy processing for generating random numbers by the random number generation means is not required each time the division processing is performed, high-speed division processing can be realized. In this regard, in the present embodiment, a high-speed division process is realized by performing the process of generating a random number by the random number generation unit 13 only once in the preprocess.

  In the present embodiment, the terminal device 1 includes the random number generation unit 13 and the divided data generation unit 11, but is not limited thereto. For example, a server device dedicated to division processing that can be connected to the network 4 may be arranged, and the server device may be provided with a random number generation unit 13 and a divided data generation unit 11. In this case, the original data is divided by the server device, the divided data A and B are transmitted to the terminal device 1, and the divided data C is transmitted to the data center 3. With such a configuration, the terminal device 1 can only perform the process of restoring the original data by the above method.

It is a block diagram which shows the structure of a data division / restoration system. It is a flowchart which shows the flow of the whole process in a data division | segmentation / decompression | restoration system. It is a flowchart which shows the division | segmentation process in case the division number n = 3. Each data and definition formula when 16-bit original data S is divided into three with a division number n = 3 based on the 8-bit processing unit bit length, and a calculation formula when restoring the original data from each divided partial data, etc. It is a table | surface which shows. It is a table | surface which shows the definition formula which produces | generates the division data, division | segmentation partial data, and each division | segmentation partial data in case division number n = 3.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Terminal device 2 ... External storage device 3 ... Data center 4 ... Network 11 ... Divided data generation part 12 ... Original data restoration part 13 ... Random number generation part 14 ... Storage part 15 ... Data transmission / reception part 31 ... Storage part 32 ... Data Transceiver

Claims (5)

A data division / restoration system comprising a terminal device, a first storage means, a second storage means, and a third storage means,
Upon dividing the original data into three divided data, and each of the plurality of original partial data is divided original data in the processing unit bit length, and the random number partial data is divided random number processing unit bit length, exclusive of Although the original data cannot be restored only from each of the divided data due to the sum, the first and second divided data are configured so that the original data can be restored from two pieces of the divided data. Each split partial data is generated,
Each divided partial data that constitute the third divided data is configured Ri by the respective random number partial data,
The first storage means is storage means accessible by the terminal device without going through a network, and stores the first divided data,
The second storage means is storage means accessible by the terminal device without going through a network, and stores the second divided data.
Third storage means is storage means accessible by the terminal device via a network, and stores third divided data,
The terminal device
When both the first storage means and the second storage means can be used, the first divided data is read from the first storage means and the second divided data is read from the second storage means to form the respective divided data. By calculating an exclusive OR between the respective divided partial data, it can be used when dividing original data different from the original data, and is the same as each random number partial data stored in the third storage means It means for obtaining a respective random number partial data,
When one of the first storage means and the second storage means is unusable, the divided data is read from the usable storage means, and the third storage means is accessed via the network. Means for reading out the third divided data and obtaining each random number partial data,
Original data restoring means for restoring original data by exclusive OR of each obtained random number partial data and each read partial data;
A data division / restoration system characterized by comprising: The first storage means and the second storage means are accessible without going through a network, and the third storage means is a terminal device accessible through the network,
Upon dividing the original data into three divided data, and each of the plurality of original partial data is divided original data in the processing unit bit length, and the random number partial data is divided random number processing unit bit length, exclusive of Although the original data cannot be restored only from each of the divided data due to the sum, the first and second divided data are configured so that the original data can be restored from two pieces of the divided data. Each split partial data is generated,
Each divided partial data that constitute the third divided data is configured Ri by the respective random number partial data,
The first storage means accessible by the terminal device without going through the network stores the first divided data,
The second storage means accessible by the terminal device without going through the network stores the second divided data,
The third storage means accessible by the terminal device via the network stores the third divided data,
The terminal device
When both the first storage means and the second storage means can be used, the first divided data is read from the first storage means and the second divided data is read from the second storage means to form the respective divided data. By calculating an exclusive OR between the respective divided partial data, it can be used when dividing original data different from the original data, and is the same as each random number partial data stored in the third storage means It means for obtaining a respective random number partial data,
When one of the first storage means and the second storage means is unusable, the divided data is read from the usable storage means, and the third storage means is accessed via the network. Means for reading out the third divided data and obtaining each random number partial data,
Original data restoring means for restoring original data by exclusive OR of each obtained random number partial data and each read partial data;
The terminal device characterized by having. Random number generating means for generating a plurality of random part data having a processing unit bit length corresponding to each of a plurality of original part data obtained by dividing the original data into three divided data when dividing the original data into three divided data When,
Although the original data cannot be restored only from each divided data, each divided portion constituting the first and second divided data so that the original data can be restored from two divided data of each divided data. data, generated by exclusive OR of the original partial data and the random number partial data, and the divided data generating means for each of the divided partial data that constitute the third divided data to the random number partial data,
Means for storing the first divided data in the first storage means, storing the second divided data in the second storage means, means for storing the third divided data in the third storage means via the network,
The terminal device according to claim 2, further comprising: A data division / restoration method for processing by a system including a terminal device, a first storage unit, a second storage unit, and a third storage unit,
Upon dividing the original data into three divided data, and each of the original partial data is divided original data in the processing unit bit length, and the random number partial data is divided random number processing unit bit length, exclusive of Although the original data cannot be restored only from each of the divided data due to the sum, the first and second divided data are configured so that the original data can be restored from two pieces of the divided data. Each split partial data is generated,
Each divided partial data that constitute the third divided data is configured Ri by the respective random number partial data,
Storing the first divided data by the first storage means accessible by the terminal device without going through the network;
Storing the second divided data by the second storage means accessible by the terminal device without going through the network;
Third terminal data is stored by third storage means accessible by the terminal device via a network,
By the terminal device,
When both the first storage means and the second storage means can be used, the first divided data is read from the first storage means and the second divided data is read from the second storage means to form the respective divided data. By calculating an exclusive OR between the respective divided partial data, it can be used when dividing original data different from the original data, and is the same as each random number partial data stored in the third storage means Get each random number partial data of
When one of the first storage means and the second storage means is unusable, the divided data is read from the usable storage means, and the third storage means is accessed via the network. To read the third divided data to obtain each random number partial data,
A data division / restoration method characterized by restoring original data by exclusive OR of each acquired random number partial data and each read partial data. A computer program that can be executed by a terminal device that can access the first storage unit and the second storage unit without going through the network, and that can access the third storage unit through the network,
Upon dividing the original data into three divided data, and each of the plurality of original partial data is divided original data in the processing unit bit length, and the random number partial data is divided random number processing unit bit length, exclusive of Although the original data cannot be restored only from each of the divided data due to the sum, the first and second divided data are configured so that the original data can be restored from two pieces of the divided data. Each split partial data is generated,
Each divided partial data that constitute the third divided data is configured Ri by the respective random number partial data,
Storing the first divided data by the first storage means accessible by the terminal device without going through the network;
Storing the second divided data by the second storage means accessible by the terminal device without going through the network;
In a state where the third divided data is stored by the third storage means accessible by the terminal device via the network,
In the terminal device,
When both the first storage means and the second storage means can be used, the first divided data is read from the first storage means and the second divided data is read from the second storage means to form the respective divided data. By calculating an exclusive OR between the respective divided partial data, it can be used when dividing original data different from the original data, and is the same as each random number partial data stored in the third storage means a process of acquiring the respective random number partial data,
When one of the first storage means and the second storage means is unusable, the divided data is read from the usable storage means, and the third storage means is accessed via the network. A process of reading out the third divided data from each of the random number partial data,
Processing to restore the original data by exclusive OR of each acquired random number partial data and each read partial data;
A computer program for running.

Images