Patent application number | Description | Published |
20080256362 | Method and apparatus for digital signature authentication, and computer product - An apparatus for digital signature authentication includes a dividing unit that divides streaming data into plural pieces of partial data in a predetermined unit; a first creating unit that creates a hash value string including plural hash values corresponding to the pieces of partial data; a second creating unit that creates a first binary tree using the hash value string; and a third creating unit that creates a digital signature of a signer using a root value of the first binary tree. | 10-16-2008 |
20090003598 | ENCRYPTING APPARATUS FOR COMMON KEY CIPHER - The first route selection device re-arrays a plurality of extended key mask values at random according to the value of a random number generated by a random number generation device. An extended key operation device generates an exclusive logical OR of a plurality of the re-arrayed extended key mask values, a data string representing extended key and an input data string. The second route selection device re-arrays the data string of the exclusive logical OR by performing a re-array conversely with the first route selection device according to the value of the random number. A non-linear conversion device applies non-linear conversion to the re-arrayed data string and outputs a data string masked by a plurality of non-linear conversion mask values. The third route selection device re-arrays the masked data string by performing the same re-array as the first route selection device according to the value of the random number. | 01-01-2009 |
20090013379 | METHODS AND APPARATUS FOR VERIFYING ELECTRONIC MAIL - A computer extracts the header information from an electronic mail, including an originality guarantee. The computer generates a header characterization for the header information subject to originality guarantee, and extracts message body information from the electronic mail and generates a body characterization for the message body information as well. The generated characterization set applies the header characterization and the body characterization, combined. The verification information is added to the generated characterization set for applying a signature, and characterization set is linked to electronic mail. | 01-08-2009 |
20090193256 | ELECTRONIC SIGNATURE METHOD, APPARATUS, AND RECORDING MEDIUM HAVING ELECTRONIC SIGNATURE PROGRAM RECORDED THEREON - A computer divides a target electronic document into a plurality of document segments. Then, the computer generates a signature (s, t) that includes a set of two values having a signature value s forming a signature on the electronic document and a deletion signature value t used for deletion, the signature value s which serves as a body of the signature being formed by a superposition of signature information on the individual document segments. Then, in a case where one of the plurality of document segments obtained by the division is to be extracted, the computer superimposes deletion information of a document segment to be deleted on the deletion signature value t to generate a new signature value t′, and produces an updated signature (s, t′). | 07-30-2009 |
20090205029 | MANAGEMENT APPARATUS - A management apparatus comprising memory to store owner information, dependence relationship information, and authorized user information are associated with file information identifying the secret file, an authorized user determination unit to determine whether a source user of the browse request is registered as the authorized user of the browse request file, a dependent file specifying unit to specify a dependent file having a dependence relationship with the browse request file by referring to the dependence relationship information when the source user is authorized; and a browse permission response transmitting unit to transmit the browse permission response to the source user based on whether or not the source user is registered as the authorized user of the dependent file by referring to the authorized user information. | 08-13-2009 |
20090210715 | Document verification apparatus, document verification method, and computer product - In verifying a digital document, an input of a digital document is received and the digital document is divided into arbitrary constituent parts. A normal random number or a pseudo random number is assigned to each of the constituent parts according to the order in which the constituent parts appear in the digital document. Thus, verification of the authenticity of a digital document is enabled even when an alteration, such as a change of the order of the partial documents or a copy thereof, has been made to the digital document. | 08-20-2009 |
20090265558 | DOCUMENT VERIFYING APPARATUS, DOCUMENT VERIFYING METHOD, AND COMPUTER PRODUCT - A computer-readable recording medium stores therein a document verifying program. The document verifying program causes a computer to execute receiving input of an electronic document; dividing the electronic document received into arbitrary components; calculating a hash value for each of the components; correlating, for each component, the hash value calculated for the component and a random number allocated to the component according to an appearance position of the component in the electronic document; creating for each component and based on the hash value and the random number correlated for the component at the correlating, a first digital signature and a second digital signature that are different from each other; and appending to each component, the first digital signature and the second digital signature created for the component at the creating. | 10-22-2009 |
20090290189 | Electronic document managing apparatus - An integrator acquires an electronic document and revised documents revised by different revisers (administrative department, accounting department) in parallel, and makes reference to the electronic document to judge whether each partial document is not disclosed in each revised document with respect to each sub-document in the electronic document. When each sub-document is not disclosed in at least one of the revised documents, whether each sub-document is to be disclosed is determined in regard to each sub-document based on a policy P that specifies disclosure/nondisclosure of each sub-document divided from the electronic document, and a revised document obtained by integrating the revised documents is created based on a determination result. | 11-26-2009 |
20100005306 | STORAGE MEDIA STORING ELECTRONIC DOCUMENT MANAGEMENT PROGRAM, ELECTRONIC DOCUMENT MANAGEMENT APPARATUS, AND METHOD TO MANAGE ELECTRONIC DOCUMENT - An electronic document management apparatus acquires an electronic document comprised of a plurality of components for each of which a first digital signature and a second digital signature are uniquely specified. The electronic document is linked to an aggregate digital signature which aggregates the first digital signatures. After that the apparatus accepts designation of a component to be “hiding prohibited” within the electronic document. Whether or not the component designated to be “hiding prohibited” is at that time in a state of “hiding allowed and deletion allowed” is judged. When the judgment reveals that the state is “hiding allowed and deletion allowed”, the second digital signature specified for the component designated to be “hiding prohibited” is deleted. Then the state of the component subject to be “hiding prohibited” is changed from “hiding allowed and deletion allowed” to “hiding prohibited and deletion allowed”. | 01-07-2010 |
20100014668 | Image data verification program recorded on a recording medium, image data verification method, and image data verification system - An image data verification system for verifying image data using a computer and method are provided. The method includes registering image data of an original and extracting information regarding a part of information forming the original image data. The method also includes generating a feature value of the partial information and generating signature information. | 01-21-2010 |
20100023571 | Modular multiplication calculation apparatus used for Montgomery method - REDC (A*B) is calculated for the values A and B by using a Montgomery's algorithm REDC. The part related to the A*B is performed by the three-input two-output product-sum calculation circuit. One digit a | 01-28-2010 |
20100031055 | EMBEDDED DEVICE HAVING COUNTERMEASURE FUNCTION AGAINST FAULT ATTACK - A cryptographic processing device, comprising: a storage unit; initial setting unit for setting a value to be stored in the storage unit; Montgomery modular multiplication operation unit for performing a Montgomery modular multiplication operation plural times for a value set by the initial setting unit; and fault attack detection unit for determining whether or not a fault attack occurred for each of at least some parts of the Montgomery modular multiplication operations performed plural times. | 02-04-2010 |
20100169653 | APPARATUS, METHOD, AND PROGRAM FOR DIGITAL SIGNATURE - A digital signature method to generate a signature for an electronic document, the method including: initializing a signature t of each of the document segments of electronic document and twice raising the signature t to the power of a hash value of each of the document segments and digitally signing the raised signature to produce a signature s serving as the signature of the electronic document; and revising a document segment; wherein, in the revising, to delete a document segment, the signature t is raised twice to the power of the hash value of the document segment unless the document segment is sanitization prohibited, or the signature t is raised to the power of the hash value of the document if the document segment is sanitization prohibited, and the document segment is deleted; to sanitize a document segment, the document segment is replaced with the hash value thereof. | 07-01-2010 |
20100232601 | ELLIPTIC CURVE ARITHMETIC PROCESSING UNIT AND ELLIPTIC CURVE ARITHMETIC PROCESSING PROGRAM AND METHOD - An apparatus for executing cryptographic calculation on the basis of an elliptic point on an elliptic curve includes: a memory for storing a first value including a plurality of digits; and a processor for executing a process including: obtaining a second value representing a point on the elliptic curve; calculating output values by using a predetermined equation, each digit of the first value, and the second value; determining whether at least one of the second value and the output values indicates a point of infinity; terminating the calculation when at least one of the second value and the output values indicates the point at infinity; and completing calculation when both the second value and the output values do not indicate the point at infinity, so as to obtain a result of the cryptographic calculation. | 09-16-2010 |
20110007894 | CRYPTOGRAPHIC PROCESSING METHOD, COMPUTER READABLE STORAGE MEDIUM, AND CRYPTOGRAPHIC PROCESSING DEVICE - stores, in | 01-13-2011 |
20110013769 | ENCRYPTION APPARATUS HAVING COMMON KEY ENCRYPTION FUNCTION AND EMBEDDED APPARATUS - A common key block encryption apparatus for performing a nonlinear transformation with a multiplication executed in a binary field or a composite field includes a computing unit to execute a computation other than the nonlinear transformation with fixed value masked input data obtained by XORing input data with a fixed mask value, an XOR operation circuit to transform all input data into fixed value masked input data by XORing the input data with a fixed mask value and to transform the data into random value masked input data by XORing the input data with a random mask value in the multiplication, a multiplier to execute a multiplication based on the random value masked input data output from the XOR operation circuit, and a random value mask-to-fixed mask value transformation circuit to again transform the random value masked output data into fixed value masked output data and to output the data. | 01-20-2011 |
20110072278 | DATA PROCESSING APPARATUS AND DIGITAL SIGNATURE METHOD - A data processing apparatus includes, an input unit to accept information on one or more deletion-target data blocks specified from a plurality of data blocks, a hash generating unit to calculate a hash value of each of the plurality of data blocks, an auxiliary data generating unit to calculate auxiliary data β=g | 03-24-2011 |
20110078458 | CONTENTS PROCESSING DEVICE AND CONTENTS PARTIAL INTEGRITY ASSURANCE METHOD - A contents processing device includes a management data storage unit to store an updater identifier and a private key, an accepting unit to accept a content which is divided into a plurality of blocks, an updating type indicating a type of an updating as to the content, an updated block to be updated of the content, and an updated position, an inserting unit to generate an updated content by inserting the updating block into the updated position of the content, a first hash value calculating unit to calculate a hash value as to the updated block, a signature unit to read out the updater identifier and the private key from the management data storage unit to generate a digital signature using the private key as to updating record information including the updater identifier, the updated position, the hash value as to the updated block, and the updating type. | 03-31-2011 |
20110078459 | SIGNATURE GENERATING DEVICE AND METHOD, SIGNATURE VERIFYING DEVICE AND METHOD, AND COMPUTER PRODUCT - A signature generating device includes a receiving unit that receives a sequence of data; a summary data generating unit that generates summary data of the data upon reception of each of the data by the receiving unit; an obtaining unit that obtains, when the number of data included in a sequence of the generated summary data reaches a given number, the sequence of the summary data as a block; a setting unit that sets, as a signature subject, a current block constituted by the sequence of the summary data, and the summary data selected from at least one block contiguous to the current block; a digital signature generating unit that generates a digital signature concerning data summarized for the current block; and a sending unit that sends the generated digital signature, the signature subject associated with the digital signature, and the data summarized for the current block. | 03-31-2011 |
20110194693 | CRYPTOGRAPHIC PROCESSING APPARATUS AND METHOD - A cryptographic processing apparatus that encrypts plaintext using a fixed-value common key that is shared with other cryptographic processing apparatus, includes an acquiring unit that acquires random information being used within the cryptographic processing apparatuses, an encrypting unit that encrypts encryption target data using key information and outputs encrypted data when the encryption target data and the key information is set, a transmitting unit that transmits, to the other cryptographic processing apparatus, the encrypted data; and a setting unit that sets the fixed-value common key as the key information and the random information as the encryption target data when the random information is acquired by the acquiring unit, and sets the encrypted data as the key information and at least one portion of the plaintext as the target data when the encrypted data is acquired. | 08-11-2011 |
20110314291 | Digital signature program, digital signature apparatus, and digital signature method - When input data (f | 12-22-2011 |
20120317420 | ELECTRONIC SIGNATURE DEVICE AND ELECTRONIC SIGNATURE METHOD - An electronic signature device includes a processor configured to internally execute signature generation processing of generating an electronic signature for a digital data string; and an output unit configured to output the digital data string and the generated electronic signature. | 12-13-2012 |
20130022197 | RANDOM NUMBER GENERATOR, ENCRYPTION DEVICE, AND AUTHENTICATION DEVICE - A random number generator includes an exclusive-OR circuit, a random number determiner, and a random number generation instruction inhibitor. The exclusive-OR circuit obtains an exclusive-OR of outputs from a number of digital circuits. The random number determiner determines whether or not an output generated according to an instruction to generate random numbers is a random number for each of the digital circuits. The random number generation instruction inhibitor inhibits an instruction to generate random numbers to be provided to the digital circuits whose output generated according to the instruction is determined to be not a random number by the random number determiner. | 01-24-2013 |
20130039486 | CRYPTOGRAPHIC PROCESSING DEVICE AND CRYPTOGRAPHIC PROCESSING METHOD - A cryptographic processing device includes a private key storage unit which stores a private key d for elliptic curve cryptography, a random number generation unit which generates a b-bit random value s, and a processing unit. A bit string D is the private key d or a bit string obtained by modifying the private key d in such a way that a value of a most significant bit is 0, and a relation u=mk+b holds true for a length u of the bit string D, a window size k, and a positive integer m. The processing unit determines a signed k-bit window value w[i] corresponding to each i where 0≦i≦(m−1), a signed b-bit random value s[i] corresponding to each i, and a correction value g. The processing unit determines the above values under a certain constraint condition, while determining each random value s[i] to be +s or −s. | 02-14-2013 |
20130070925 | COMMUNICATION DEVICE, RECORDING MEDIUM, AND METHOD THEREOF - A communication device includes a data storage unit, a decryption unit, an encryption unit, and a judgment unit. The data storage unit stores a piece of encrypted data or a piece of decrypted data. The decryption unit decrypts each provided piece of encrypted data. The encryption unit encrypts each provided piece of decrypted data. The judgment unit issues an instruction to the encryption unit to read from the data storage unit first decrypted data obtained by the decryption unit decrypting first encrypted data with a cryptographic key, and to write back to the data storage unit second encrypted data obtained by the encryption unit encrypting the first decrypted data with the cryptographic key. | 03-21-2013 |
20130138949 | KEY SETTING METHOD, NODE, AND NETWORK SYSTEM - A key setting method executed by a node transmitting and receiving a packet through multi-hop communication in an ad-hoc network among ad-hoc networks, includes receiving a packet encrypted using a key specific to a gateway and simultaneously reported from the gateway in the ad-hoc network; detecting a connection with a mobile terminal capable of communicating with a server retaining a key specific to a gateway in each ad-hoc network among the ad-hoc networks; transmitting to the server, via the mobile terminal and when a connection with the mobile terminal is detected, the encrypted packet received; receiving from the server and via the mobile terminal, a key specific to a gateway in the ad-hoc network and for decrypting the encrypted packet transmitted; and setting the received key specific to the gateway in the ad-hoc network as the key for encrypting the packet. | 05-30-2013 |
20130138950 | KEY SETTING METHOD, NODE, AND NETWORK SYSTEM - A key setting method executed by a node transmitting and receiving data through multi-hop communication in an ad-hoc network among multiple ad-hoc networks, includes detecting connection with a mobile terminal communicating with a server connected to a gateway in each ad-hoc network among the ad-hoc networks; transmitting by simultaneously reporting to the ad-hoc network, an acquisition request for a key for encrypting the data when the connection with the mobile terminal is detected at the detecting; receiving from the server via the mobile terminal, a key specific to a gateway and transmitted from the gateway to the server consequent to transfer of the simultaneously reported acquisition request to the gateway in the ad-hoc network; and setting the key specific to the gateway received at the receiving as the key for encrypting the data. | 05-30-2013 |
20130287209 | ENCRYPTION PROCESSING DEVICE AND METHOD - A constant multiplier inputs a base and a modulo n, performs modular exponentiation modulo n with a prescribed constant as the exponent and with base a, and outputs the result of this calculation as base b. A personal key converter inputs a personal key d and calculates a personal key d′ as the quotient when d is divided by the prescribed constant. A correction key generator generates a correction key d″ as the remainder of the aforementioned division. A first modular exponentiation unit performs modular exponentiation base b with d′ as the exponent. A second modular exponentiation unit performs modular exponentiation base a with d″ as the exponent, and outputs a correction value. A correction calculation unit multiplies the outputs of the first and second modular exponentiation units and outputs the result as the encryption processing result. | 10-31-2013 |
20130290701 | KEY SETTING METHOD, NODE, SERVER, AND NETWORK SYSTEM - A key setting method executed by a node within communication ranges of multiple ad-hoc networks, includes receiving encrypted packets encrypted by respective keys specific to gateways and broadcasted from the gateways in the ad-hoc networks; detecting connection with a mobile terminal communicable with a server retaining the keys specific to the gateways in each ad-hoc network among the ad-hoc networks; transmitting to the server when connection with the mobile terminal is detected, the encrypted packets via the mobile terminal; receiving from the server via the mobile terminal, the keys that are specific to the gateways in the ad-hoc networks and that are for decrypting each encrypted packet among the encrypted packets; and setting each of the received keys as a key to encrypt data that is to be encrypted in the node and decrypt data that is to be decrypted in the node. | 10-31-2013 |
20130312082 | COMMUNICATION METHOD, NODE, AND NETWORK SYSTEM - A communication method executed by a node in an ad hoc network having multiple nodes, includes receiving from a neighboring node of the node in the ad hoc network, a first packet that includes a sender address of the neighboring node and a first packet transmission count of packet transmissions from the neighboring node; extracting the first packet transmission count from the first packet; receiving from the neighboring node and after reception of the first packet, a second packet that includes the sender address of the neighboring node and a second packet transmission count of packet transmissions from the neighboring node; extracting the second packet transmission count from the second packet; determining whether the second packet is an invalid packet, based on the first packet transmission count and the second packet transmission count; and discarding the second packet upon determining the second packet to be an invalid packet. | 11-21-2013 |
20140016772 | ENCRYPTING DEVICE, ENCRYPTING METHOD, AND RECORDING MEDIUM - k bits from the least significant bit of the current secret key are retrieved, obtaining a binary window sequence. A binary bit string of concatenation of the random number to the more significant bits of the window sequence is obtained if the most significant bit of the window sequence is 0, subtracting a bit string from the current secret key to obtain a new secret key, or the bit string of a complement of the base number for the window sequence in binary system is calculated if the most significant bit of the window sequence is 1, obtaining a bit string by adding a minus sign to a bit string obtained by concatenating the random number to the more significant bits of the bit string, subtracting the bit string from the current secret key to obtain a new secret key. | 01-16-2014 |
20140037089 | ENCRYPTION PROCESSING DEVICE AND METHOD - An encryption processing device includes: a memory configured to store a first secret key and a first agitation value operated with the first secret key; and a processor coupled to the memory and configured to: receive a first random number, generate a second agitation key based on the first secret key and the first agitation value, generate a first encryption information based on the second secret key and the first random number, update the first agitation value stored in the memory, and output the first agitation value and the first encryption information. | 02-06-2014 |
20140164785 | ENCRYPTION PROCESSING DEVICE AND AUTHENTICATION METHOD - An encryption processing device includes a memory configured to store a common key, and a processor configured to generate a random number which is an integer, to perform a bit transposition on the common key, the bit transposition being determined at least by the random number, to transmit the random number to another encryption processing device and to receive a response from the other encryption processing device, the response obtained by encryption using a common key stored in the other encryption processing device and a second randomized key generated by performing the bit transposition determined by the random number; and to authenticate the other encryption processing device either by comparing the response with the random number by decrypting the response with the common key, or by comparing the random number with the response by encrypting the random number with the common key. | 06-12-2014 |
20140169555 | INFORMATION PROCESSING APPARATUS, TAMPERING DETECTION APPARATUS, INFORMATION PROCESSING METHOD, TAMPERING DETECTION METHOD, AND COMPUTER PRODUCT - An information processing apparatus includes a processor configured to identify a data length that is longer than a data length of plain text data and that is a multiple of a predetermined block length; calculate a data length difference of the data length of the plain text and the data length; generate a first code that indicates the calculated data length difference; generate a second code that is calculated from the plain text data and is of a data length that is within a remaining data length acquired by subtracting a data length of the generated first code from the data length difference; create padding that includes the generated second code, has the first code at an end, and is of a length equivalent to the data length difference; concatenate the created padding to an end of the plain text data to generate concatenated data; and output the concatenated data. | 06-19-2014 |
20140181524 | AUTHENTICATION METHOD, AUTHENTICATION SYSTEM, AND AUTHENTICATION CHIP USING COMMON KEY CRYPTOGRAPHY - A method is disclosed for authenticating, by a processor that controls a parent device, a child device includes: authenticating the child device by making a comparison between a value obtained by operating, for a first response value, a third transform function, which is decided based on a number of a difference between the value set in an authentication chip of the parent device and the value set in an authentication chip of the child device, and the second response value, wherein a first and a second response values are obtained by operating a first and a second transform functions for output values generated by operating an encryption function for performing encryption for secret keys in authentication chips of the parent device and the child device, respectively. | 06-26-2014 |
20140211807 | ROUTING METHOD AND NETWORK TRANSMISSION APPARATUS - It is determined whether or not the address of a first type specified in an address resolution query is an address that allows direct routing to a first network. If the direct routing is determined to be allowed, a routing table is configured such that a packet including, as a destination, the address of a second type obtained by the address resolution query is forwarded to the first network. If the direct routing is determined not to be allowed, the routing table is configured such that a packet including the obtained address of the second type as a destination is forwarded to a second network. | 07-31-2014 |
20140247786 | NODE DEVICE AND COMMUNICATION CONTROL METHOD - A node device includes: a processor configured to: receive a first packet that is transferred from a source to a destination via at least one node device including the node device, the first packet including a counter value regarding a number of transfers of the first packet, and first coding information according to a first key information and contents of the first packet, determine whether to conduct a verifying process on the first packet based on the counter value, verify the first coding information is same as a second coding information, the second coding information being generated according to the contents of the first packet and a second key information stored in the memory, change the counter value in the first packet to an initial value, and transmit the first packet including a changed counter value to the destination or any one of the plurality of node devices. | 09-04-2014 |
20140286171 | NODE, COMMUNICATION METHOD, AND COMMUNICATION SYSTEM - A node in an ad-hoc network includes a memory unit storing a concatenated counter value including an erasure counter value and a transmission counter value for the node; and a processor configured to: add one to the transmission counter value, when the node transmits data to another node in the ad-hoc network; transmit to the other node, the data and the updated concatenated counter value; detect erasure of the concatenated counter value in the memory unit; distribute in the ad-hoc network and upon detecting the erasure, an acquisition request for the erasure counter value; receive the erasure counter value consequent to the acquisition request; generate the concatenated counter value to include the received erasure counter value plus one and the transmission counter value after the erasure and indicating the number of transmissions as zero due to the erasure; and archive to the memory unit, the generated concatenated counter value. | 09-25-2014 |
20140334383 | NETWORK SYSTEM, NODE DEVICE, AND METHOD OF CONTROLLING NETWORK SYSTEM - A node device which is provided in a network and for transmitting a packet including a first header portion, a second header portion, a payload data portion, the node device includes: a memory and a processor coupled to the memory. The processor is configured to: calculate a first value that is a first logical relationship for payload data set in the payload data portion and first header information including a transmission destination address set in the first header portion, and transmit a packet including the payload data, the first header information, second header information including a final transmission destination address set in the second header portion, the first value and a second value that is a second logical relationship to the payload data and the second header information to outside of the node device. | 11-13-2014 |
20140348000 | NETWORK SYSTEM, METHOD OF CONTROLLING NETWORK SYSTEM, AND NODE DEVICE - A network system includes: a plurality of node devices including a first node device and a second node device; and a verification node device that has a higher processing capacity than the plurality of node devices. The verification node device transmits a first packet including an identifier indicating the verification node device. The first node device receives a second packet from another node device out of the plurality of node devices, and determines, based on a destination of the second packet, reception of a packet from the second node device, and reception of the first packet, a transmission destination of a third packet that corresponds to reception of the second packet, from among the second node device and the verification node device. And, the verification node device verifies the third packet in a case of receiving the third packet. | 11-27-2014 |
20140351597 | AUTHENTICATION DEVICE, SYSTEM AND METHOD - An authentication device includes: a memory; and a processor coupled to the memory and configured to: when a registration request including authentication information to be used during authentication is received from a terminal device, generate registration information using the authentication information and key information and store the registration information in the memory, and when an authentication request including input information to be handled as the target of the authentication is received from the terminal device, generate a result of the authentication based on the input information, the registration information, and the key information, and transmit the result of the authentication to the terminal device. | 11-27-2014 |