摘要:
A public parameter PK is key information used in a secret search system having: a transmission device generating and sending an encryption tag which is an encrypted keyword; a server receiving and storing the encryption tag and conducting a secret search in response to a request for the secret search; and a reception device generating a trapdoor which corresponds to a digital signature of the keyword and as well data requesting the secret search, sending the trapdoor to the server, and receiving a search result. The public parameter PK includes a true public parameter PP and a protection key PK′. The transmission device and the reception device require both the true public parameter PP and the protection key PK′; however, the server does not require the protection key PK′. The key generation device generates separately the true public parameter PP and the protection key PK′ included in the public parameter PK.
摘要:
A data search server stores a system ciphertext including a data ciphertext and a keyword ciphertext in each category-specific DB unit for each data category, and stores each category-determination secret key being associated with each category-specific DB unit. A search request receiving unit receives from a data search terminal a search request including a search trapdoor and an index tag. A data searching unit searches for a category-determination secret key with which the index tag is decrypted to the same value as a key-determination value. Using the search trapdoor, the data searching unit performs a search of a Public-key Encryption with Keyword Search scheme on system ciphertexts in a category-specific DB unit associated with this category-determination secret key. A search result transmitting unit transmits to the data search terminal a data ciphertext included in a system ciphertext which has been found as a hit in the search.
摘要:
A certification device 101 encrypts a feature vector for registration by using a random number and a public key which is set to correspond to a secret key in a decryption device 103. The encrypted feature vector for registration is registered in an authentication device 102. In authentication, the certification device encrypts a feature vector for authentication by using the public key and a random number. With the two encrypted feature vectors being kept encrypted, the authentication device generates encrypted similarity degree information from which the decryption device can derive the similarity degree between the two feature vectors by a decryption process using the secret key. The decryption device 103 decrypts the encrypted similarity degree information to derive the similarity degree of the plaintext. The authentication device 102, if the similarity degree is equal to or larger than a threshold, determines that the user is the correct user. The similarity degree can be derived without using the feature vector of the plaintext. Thus, secure identity authentication with a lower possibility of plaintext theft can be realized.
摘要:
Secret key backup is safely implemented even if a role base access structure in which the access structure is specified using roles is used. An all combination generating unit 107 obtains a backup participating user list 201 which is a list of backup participating users and a list of validated roles validated by the users, and a role base access structure 202 which is a combination of specified roles by which a secret key 205 can be restored, and generates an all combination extracted result which is all combinations of restoration enabling users of the secret key by applying users described in the backup participating user list 201 to the specified role. A same user/role deleting unit 108, etc. deletes a combination showing the same user redundantly, etc. from the all combination extracted result, a general access structure secret distributing unit 114 generates fragments of secret key from the secret key, and distributes the fragments of secret key to the combinations of users from which the redundancy is removed.
摘要:
An anti-rolling structure for a double headed piston of a disc cam type reciprocative compressor, comprising a cylinder block (1) through which a plurality of pairs of front and rear cylinder bores (4) are provided in parallel to a drive shaft (3) rotatably secured in the center of the cylinder block (1), and a double headed piston (8) slidably inserted in the respective pair of cylinder bores (4) for reciprocation in the longitudinal direction. A disc cam (13) having opposite sinuous surfaces (13') and rotatably accommodated within a cam chamber (5) is fixedly secured to the drive shaft (3), and a pair of front and rear cam rollers (14F, 14R) are arranged between the disc cam (13) and the piston (8) in a slidable and rotatable manner so as to nip the disc cam (13) between both cam rollers (14F, 14R) to transmit the rotation of the disc cam (13) to the piston (8) as a reciprocation in the longitudinal direction thereof. The front and rear cam rollers (14F, 14R) are positioned so that the axes of rotation thereof are not included in the center plane defined by longitudinal axes of the piston (8) and the disc cam (13) but disposed, respectively, in the opposite areas sectioned by the center plane with a substantially equal deviation from each other from the center plane. According to the above structure, the rolling motion of the piston (8) can be effectively restricted throughout the operation of the compressor.
摘要:
A reciprocating piston assembly for a compressor is disclosed in that a piston with at least one groove formed in its outer surface is slidably mounted in a cylinder bore and at least one piston ring made of polymers of fluorine-containing olefin monomers, the outer diameter of said piston ring being smaller than the diameter of said cylinder bore prior to operation of the compressor but said piston ring being in contact with the inner wall defining said cylinder bore during operation of the compressor.
摘要:
A server device 201 comprises a communication part 231, a search history storage region 213, a data storage part 210, and a checking part 220. The communication part receives a set of a trapdoor and a deterministic encrypted keyword from a search device 401. The search history storage region 213 stores the set of the trapdoor and the deterministic encrypted keyword. The data storage part 210 stores keyword information in which search target data and an encrypted keyword are associated with each other. If the deterministic encrypted keyword is obvious, a deterministic encrypted keyword corresponding to the encrypted keyword is additionally associated with the search target data and the encrypted keyword in the keyword information. The checking part 220 checks whether or not a deterministic encrypted keyword which matches the received deterministic encrypted keyword exists in the search history storage region 213. If the deterministic encrypted keyword exists, the checking part 220 executes a concealed search targeting the data storage part 210, based on a deterministic encryption scheme using the deterministic encrypted keyword existing in the search history storage region 213. If the deterministic encrypted keyword does not exist, the checking part 220 executes the concealed search targeting the data storage part 210, based on a probabilistic encryption scheme using the received trapdoor and the encrypted keyword stored in the data storage part 210.
摘要:
An access terminal apparatus provides a group determination key being a decryption key to a data center apparatus previously, and then transmits grouping information generated from a keyword of storage target data and having been encrypted to the data center apparatus, with encrypted data of the storage target data and tag data of the encrypted data of the storage target data. The data center apparatus stores the encrypted data relating it to the tag data, decrypts a part of the grouping information with the group determination key, derives an index value from a bit value obtained by the decryption, and stores the derived index value and the tag data relating them with each other.
摘要:
A confidential search that can flexibly control searchable data depending on a role or authority of a user when the data is shared in a group. When the inner product of an attribute vector and a predicate vector is a predetermined value, the confidential search system conducts pairing computation of decrypted data generated based on the attribute vector and a decryption key generated based on the predicate vector, so as to realize confidential search by utilizing an inner-product predicate encryption process that can decrypt the encrypted data. In particular, the confidential search system enables flexible control of searchable data depending on the role or authority of the user, by devising a method of generating the attribute vector and the predicate vector.