摘要:
An authenticator apparatus which makes it difficult for an unauthorized user to masquerade and enhances safety includes an authenticating information holding unit (102) previously stores characteristic information indicating an input and output characteristic involving an environment change of an authentic authenticatee apparatus entitled to be authentic, an authenticating information transmitting unit (107) which transmits authenticating information to a portable medium (2), a response information receiving unit (108) which receives response information outputted from the portable medium (2) in response to an input of the authenticating information, an environment selecting unit (105) which identifies an environment of the portable medium (2), and a response information confirming unit (109) which determines whether or not the authenticating information and the response information satisfy the input and output characteristic indicated in the characteristic information stored in the authenticating information holding unit (102), and judges that the portable medium (2) is authentic in the case where the input and output characteristic is satisfied, the authenticating information and the response information being in the environment identified by said environment identifying unit.
摘要:
In the key management software having a key database with a tree structure, a high-speed data encryption/decryption process is achieved by changing the tree structure without reducing the security strength when deleting or adding a key from/to the tree structure. The key management software having the key database with the tree structure, when deleting or adding a key from/to the tree structure, refers to the encryption strength comparison table and the process time comparison table to change the tree structure without reducing the security strength. This reduces the number of times an encrypted key is loaded onto the encryption/decryption processing device during the data encryption/decryption process, thus achieving a high-speed data encryption/decryption.
摘要:
A detection apparatus (102) connected to a device in a residence and an electricity meter (100) indicating an amount of electric power consumed by the device in the residence, the detection apparatus (102) including: a reception unit (1021) which receives the amount of electric power from the electricity meter (100); a collection unit (1024) which collects usage status of the device; a device information holding unit (1027) which holds device information including the usage status of the device and electric power consumption of the device corresponding to the usage status; and a determination unit (1025) which determines whether or not the electricity meter (100) is tampered, by comparing an estimated electric power consumption amount with the amount of electric power received by the reception unit (1021), the estimated electric power consumption amount being estimated from the usage status of the device by using the device information, in which the determination unit (1025) determines that the electricity meter (100) is tampered, when a difference between the estimated electric power consumption amount and the amount of electric power received by the reception unit (1021) is equal to or more than a predetermined threshold.
摘要:
A malicious-module identification device (200a) identifies and deactivates a malicious module operating in an information processing device (100a) connected thereto via a network. The malicious-module identification device is provided with a reception unit (2310) for receiving results of tampering detection from a plurality of modules for detecting tampering, a determination unit (210a) for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection, and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs, and a deactivation unit (2320) for outputting an instruction to deactivate the module identified as the malicious module.
摘要:
Disclosed is a group admission system having a client and a server that belongs to a closed group within which contents are available. The client determines whether it is permissible to request to join the group to be a member device thereof based on the number of groups that the client is in and the maximum number of groups that the client is permitted to be in. If permissible, the client transmits a registration request to the server with information unique to the client. The server determines whether to permit the client to join the group by registering with the server based on the number of member devices registered with the server and the maximum number of member devices registerable with the server. If it is permitted, the server registers the unique information, and transmits group identification information to the client. The client receives and stores the group identification information.
摘要:
Resistance against simple power analysis is maintained while a smaller table is used. An IC card 100 decrypts encrypted information using elliptic curve calculation for calculating a point k*C by multiplying a point C on an elliptic curve E with a coefficient k that is a positive integer less that a prime p. The calculation of the point k*C is performed by adding a multiplication result obtained by multiplying a digit position (window) value w of the acquired coefficient k with the point C in a position corresponding to the digit position, and is performed with respect to all digit positions. When a non-negative integer t exists that fulfills a condition that the acquired digit value w_can be divided by 2t and cannot be divided by 2t+1, the multiplication includes adding a point obtained by multiplying a point Q with w/2t.
摘要:
In a server, an echo-request transmitting unit 204 transmits echo-request data to a target device, and an echo-reply receiving unit 205 receives echo-reply data from the target device. A time measuring unit 206 measures, as the target time, the time required between transmission of the echo-request data and reception of the echo-reply data, and compares the target time with the reference time. In this way, the server judges whether the target device connected to its network belongs to a predetermined group.
摘要:
Provided is a key migration device which can securely and reliably control the migration of keys. A migration authority (101) fetches a generation level which is the security level of a first electronic terminal (3011) and an output destination level which is the security level of a third electronic terminal (3013), decides whether the relationship between the generation level and the output destination level satisfies a predetermined condition when a request for fetching a collection of keys is received from the third electronic terminal (3013), outputs the key generated by the first electronic terminal (3011) among the collection of keys to the third electronic terminal (3013) if the predetermined condition is fulfilled, and restricts output to the third electronic terminal (3013) of the key generated by the first electronic terminal (3011) among the collection of keys if the predetermined condition is not fulfilled.
摘要:
The present invention provides a signature generation device and a signature verification device capable of countering a transcript attack that seeks a private key by analyzing a plurality of signed documents (pairs of a message and a signature) signed using the NTRUSign signature scheme. The signature generation device calculates a hash value vector H of message data, adds a vector based on a private distribution to the hash value vector H to calculate a converted hash value vector H′, and seeks, as a signature vector S, the closest lattice point to the converted hash value vector H′ in a lattice defined by private key basis vectors. The signature verification device determines whether the distance between the hash value vector H of the message data and the signature vector S is equal to or less than L′ and, if so, recognizes the message data as valid.
摘要:
An authenticator apparatus which makes it difficult for an unauthorized user to masquerade and enhances safety includes an authenticating information holding unit (102) previously stores characteristic information indicating an input and output characteristic involving an environment change of an authentic authenticatee apparatus entitled to be authentic, an authenticating information transmitting unit (107) which transmits authenticating information to a portable medium (2), a response information receiving unit (108) which receives response information outputted from the portable medium (2) in response to an input of the authenticating information, an environment selecting unit (105) which identifies an environment of the portable medium (2), and a response information confirming unit (109) which determines whether or not the authenticating information and the response information satisfy the input and output characteristic indicated in the characteristic information stored in the authenticating information holding unit (102), and judges that the portable medium (2) is authentic in the case where the input and output characteristic is satisfied, the authenticating information and the response information being in the environment identified by said environment identifying unit.