Patent application number | Description | Published |
20080301449 | Signature Apparatus, Verifying Apparatus, Proving Apparatus, Encrypting Apparatus, and Decrypting Apparatus - Provided are a signature apparatus, a verifying apparatus, a proving apparatus, an encrypting apparatus, and a decrypting apparatus capable of efficiently reducing a signature text counterfeit problem to a discrete logarithm problem. The commitment is a hash value of a set of a value to be committed. Data including a pair of elements of a cyclic group associated with a discrete logarithm problem is used as a public key, and a discrete logarithm of an order of the pair is used as a secret key. Accordingly, it is possible to summarize secret information of an attacker from the commitment without rewinding the attacker and to ensure a higher safety than that of a Schnorr signature scheme. In addition, one-time power residue calculation is performed in each of the signature and verification calculations, so that it is possible to lower an amount of calculation in the signature and verification calculations. | 12-04-2008 |
20090034716 | TIME APPARATUS, ENCRYPTION APPARATUS, DECRYPTION APPARATUS, AND ENCRYPTION/DECRYPTION SYSTEM - A time apparatus subjects a plurality of IDs to extract algorism. Each of the plurality of IDs is configured from a bit sequence, and the bit sequence is formed by expressing a current time instant as a bit sequence and concatenating a few bits from the first of the bit sequence. The time apparatus produces a plurality of decryption keys obtained as a result of subjecting the plurality of specified IDs to the extract algorism. An encryption apparatus specifies a plurality of IDs. Each of the plurality of IDs is configured from a bit sequence, the bit sequence being formed by expressing the designated time instant as a bit sequence and concatenating a few bits from the first of the bit sequence. The encryption apparatus reads the encryption key and the plurality of IDs supplied from the time apparatus to encrypt same plaintext. The encryption apparatus produces plural pieces of ciphertext. A decryption apparatus selects one decryption key from the inputted plurality of decryption keys, and selects one ciphertext from the inputted plural pieces of ciphertext. The decryption section decrypts the selected ciphertext using the selected decryption key on the basis of an ID based encryption method. | 02-05-2009 |
20090034739 | KEY ISSUING METHOD, GROUP SIGNATURE SYSTEM, INFORMATION PROCESSING APPARATUS, AND PROGRAM - There is provided in accordance with the present invention a key issuing method for being performed by a user apparatus in a group signature system including the user apparatus and an issuer apparatus connected to the user apparatus through a network. The method comprises: reading an issuer public key from the issuer apparatus into a user storage through the network; receiving, from the issuer apparatus through the network, first confidential data including one or plural confidential texts which are produced by confidentializing the issuer public key using element data containing information of an element of a group in the issuer apparatus; performing a second confidential data generating process for generating second confidential data of a confidential text represented by the product of modulo-exponentiated element data corresponding to the confidential texts included in the first confidential data or a confidential text represented by the sum of the element data multiplied by a constant, using the issuer public key and the first confidential data; sending the second confidential data to the issuer apparatus through the network; receiving, from the issuer apparatus through the network, information generated in the issuer apparatus and based on the element data corresponding to the second confidential data; and generating a member public key which is a public key corresponding to the user apparatus and a member secret key which is a secret key corresponding to the user apparatus, using the information based on the element data corresponding to the second confidential data, and writing the member public key and the member secret key into the user storage. | 02-05-2009 |
20090041239 | PSEUDO-RANDOM FUNCTION CALCULATING DEVICE AND METHOD AND NUMBER-LIMITED ANONYMOUS AUTHENTICATION SYSTEM AND METHOD - An efficient pseudo-random function and an efficient limited number of times authentication system using such a function are realized. A pseudo-random function calculating device comprises a key creating means and a pseudo-random function calculating means. The key creating means creates a public key made of a set of at least a first component and a second component as components constituting an element of a finite group and a secret key made of an integer and secretly saves the created secret key in a secret key memory section but makes the public key public. The pseudo-random function calculating means outputs the element of a finite group as function value of the pseudo-random function upon receiving an integer as input. The pseudo-random function calculating means outputs the product of multiplication of the first element of the value obtained by calculating the modular exponentiation, using the first component of the public key and the input integer respectively as base and exponent, and the second element of the value obtained by calculating the modular exponentiation, using the second component of the public key and the reciprocal of the sum of the secret key and the input integer in a finite field respectively as base and component. | 02-12-2009 |
20090044017 | SIGNATURE AND VERIFYING METHOD, AND SIGNATURE AND VERIFYING DEVICE - An RSA signature method is provided in which the length of a signature does not depend on the number of signature devices when multiple signature devices are related to the creation of the signature. A signature device i_{m} includes first conversion means SS | 02-12-2009 |
20090271631 | ELECTRONIC SIGNATURE SYSTEM AND ELECTRONIC SIGNATURE VERIFYING METHOD - A key creating device creates a first public key and a first secret key of the electronic signature method satisfying the noncounterfeitability and a second public key and the first secret key of the chameleon commitment method. The signature device generates a commitment, a first random number according to the Com algorithm, and a first signature by using the first secret key. The signature device further generates a second random number according to the Cam algorithm by using the message written by adding a first signature to an object message, and creates an electronic signature by combining the first signature and the second random number. A verifying device receives the signed message written by adding the first signature included in the electronic signature to the object message, creates a commitment according to the ComVer algorithm, and performs verification by using the commitment and the first signature. | 10-29-2009 |
20090276630 | Group Signature System And Information Processing Method - In a group signature system of the present invention, user device | 11-05-2009 |
20100169643 | PROOF VERIFICATION SYSTEM, PROVING DEVICE, VERIFYING DEVICE, PROOF VERIFICATION METHOD, AND PROGRAM - The proof verification system of the present invention is composed of a proving device ( | 07-01-2010 |
20100251351 | INFORMATION AND COMMUNICATION SYSTEM, AN ORGANIZATION APPARATUS AND A USER APPARATUS - An information and communication system or the like which handles an attribute, at the same time enables the attribute not being made a public information, is efficient, and does not require a database should be provided. | 09-30-2010 |
20110246779 | ZERO-KNOWLEDGE PROOF SYSTEM, ZERO-KNOWLEDGE PROOF DEVICE, ZERO-KNOWLEDGE VERIFICATION DEVICE, ZERO-KNOWLEDGE PROOF METHOD AND PROGRAM THEREFOR - Provided is a zero-knowledge proof system that allows a discrete-logarithm zero-knowledge proof. The zero-knowledge proof device includes a temporary memory unit that stores pseudorandom numbers and previously determined hash values, a first processing unit that calculates multiple pseudorandom numbers and performs multiple iterations of processing to calculate hash values based on the calculated pseudorandom numbers and the information stored in the temporary memory unit, a second processing unit that determines some of the multiple pseudorandom numbers based on the hash values, and a third processing unit that re-calculates some of the pseudorandom numbers and sends the hash values obtained to a zero-knowledge verification device. The zero-knowledge verification device includes a temporary memory region, a data receiving module that sequentially receives new input data, and a processing module that overwrites hash values including variables and input data, as variables into the temporary memory region each time the input data are received. | 10-06-2011 |
20120124379 | ANONYMOUS AUTHENTICATION SIGNATURE SYSTEM, USER DEVICE, VERIFICATION DEVICE, SIGNATURE METHOD, VERIFICATION METHOD, AND PROGRAM THEREFOR - The user device includes: a recording unit which stores system parameters as respective parameters given in advance, a disclosure public key, a user public key, a user private key, a member certificate, and an attribute certificate; an input/output unit which receives input of the document from the user and an attribute the user intends to disclose; a cryptograph generating module which generates a cryptograph based on the inputted document, the attribute to be disclosed, and each of the parameters; a signature text generating module which generates a zero-knowledge signature text from the generated cryptograph; and a signature output module which outputs the cryptograph and the zero-knowledge signature text as the signature data. The user public key and the attribute certificate are generated by using a same power. | 05-17-2012 |
20120137136 | GROUP SIGNATURE SCHEME - An efficient and safe group signature scheme is provided. According to the present invention, an open unit is provided to not an issuer but an opener, and a data required for operating the open unit does not include a key pair of the issuer, so that it is possible to accurately operate the open unit even if the issuer generates the public key in an illegal manner. In addition, it is possible to prove that a key pair of a member cannot be counterfeited. It is possible to implement from a discrete logarithm assumption a feature that a cipher text, that is, a portion of a signature text can be decrypted only by the opener in a method which IS the same as a method representing that an ElGamal crypto scheme is safe. | 05-31-2012 |
20130073845 | ANONYMOUS CREDENTIAL SYSTEM, USER DEVICE, VERIFICATION DEVICE, ANONYMOUS CREDENTIAL METHOD, AND ANONYMOUS CREDENTIAL PROGRAM - A signature unit, in which a user device generates/transmits digital signature data to an authentication device, includes: a first function, which receives as input a plurality of subsets in which a plurality of characteristics of the users are classified; a second function, which generates a first encrypted text acquired by encrypting a user device public key with an identification device public key; a third function, which generates a second encrypted text, acquired by encrypting characteristic values belonging to a specific subset among the subsets with a characteristic value disclosure device public key; and a fourth function, which employs portions of a group public key and a member certificate to generates a signature of knowledge that denotes that data, of multiplication of a portion of the user device public key and all of the numerical values of a characteristic value certificate corresponding to each of the characteristics, satisfies the specific conditions. | 03-21-2013 |
20130246813 | DATABASE ENCRYPTION SYSTEM, METHOD, AND PROGRAM - A user apparatus connected to database apparatus via network comprises: unit that manages key information in order to encrypt and decrypt; storage unit that stores security configuration information of data and/or metadata; application response unit that determines whether or not encryption is necessary for database operation command, and if encryption is necessary, selects encryption algorithm corresponding to data and/or metadata, performs encryption, and transmits result to database control unit to cause database control unit to execute database operation, if encryption is not necessary, transmits database operation command to database control unit to cause database control unit to execute database operation, and receives processing result transmitted by database control unit, and if decryption or conversion of data and/or metadata of processing result is necessary, performs necessary decryption or conversion, and returns response to database operation command; and security configuration unit that configures security information of data stored in database. | 09-19-2013 |
20140089678 | ORDER-PRESERVING ENCRYPTION SYSTEM, DEVICE, METHOD, AND PROGRAM - An order-preserving encryption system has an encryption means which generates a ciphertext as a sum of data which complies with a distribution X determined in advance, and the encryption means generates the ciphertext using the distribution X represented in a format that data of a bit length determined at random is selected at random according to a distribution matching the bit length. | 03-27-2014 |
20140129567 | SYSTEM FOR GENERATING INDEX RESISTANT AGAINST DIVULGING OF INFORMATION, INDEX GENERATION DEVICE, AND METHOD THEREFOR - In the present invention, scope search can be effectively performed in a database having encrypted registration information. A plurality of values, first identification information to identify the plurality of values, and a key are accepted as input. A value group is generated from the plurality of values. The value group is treated as a word group, and a secure index is generated from the word group, the first identification information, and the key. On the basis of a value to be retrieved and a key, trapdoor information for the value to be retrieved is generated. With respect to the generated secure index, a secure index assessment process is performed using the trapdoor information. When the value to be retrieved is assessed to be contained in the secure index as a result of the assessment process, second identification information to identify the secure index is output. | 05-08-2014 |
20140143549 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND PROGRAM - An information processing apparatus includes: a storage unit that stores a tree structure formed by nodes, each of which is stores identification information identifying a document; and a registration unit that registers documents in the storage unit. The registration unit receives a document including identification information identifying the document and a word set and a key, registers the identification information in a leaf node in the tree structure, and calculates a secure index corresponding to identification information registered in each node from a root node to the leaf node in the tree structure based on the word set and the key. In addition, the registration unit generates a value calculated by adding the calculated secure index as a search index for the document and stores a value calculated by adding a search index generated for each of a plurality of received documents as a search index for the plurality of documents in the storage unit. | 05-22-2014 |