公开(公告)号：US20120027214A1

公开(公告)日：2012-02-02

申请号：US13253591

申请日：2011-10-05

申请人： Kaoru YOKOTA ,  Akihito Katsura ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Makoto Fujiwara

发明人： Kaoru YOKOTA ,  Akihito Katsura ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Makoto Fujiwara

IPC分类号： H04L9/00

CPC分类号： H04L9/0866 ,  G06F21/10 ,  G06F21/556 ,  G06F21/72 ,  G06F2221/0797 ,  H04L9/0822 ,  H04L9/0897 ,  H04L9/321 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/10 ,  H04L2209/605 ,  H04L2463/101

摘要： An LSI includes a first decryptor which receives first encrypted key data, and decrypts the first encrypted key data using a first cryptographic key, thereby generating first decrypted key data, a second cryptographic key generator which generates a second cryptographic key based on a second ID, a second encryptor which encrypts the first decrypted key data using the second cryptographic key, thereby generating second encrypted key data, and a second decryptor which decrypts the second encrypted key data using the second cryptographic key, thereby generating second decrypted key data. At a time of key setting, the second encryptor stores the second encrypted key data in a storage unit. At a time of key usage, the second decryptor reads the second encrypted key data from the storage unit.

摘要翻译： LSI包括：第一解密器，其接收第一加密密钥数据，并使用第一加密密钥对第一加密密钥数据进行解密，从而生成第一解密密钥数据;第二加密密钥生成器，其基于第二ID生成第二加密密钥; 第二加密器，其使用所述第二加密密钥对所述第一解密密钥数据进行加密，从而生成第二加密密钥数据;以及第二解密器，其使用所述第二加密密钥对所述第二加密密钥数据进行解密，从而生成第二解密密钥数据。 在密钥设置时，第二加密器将第二加密密钥数据存储在存储单元中。 在密钥使用时，第二解密器从存储单元读取第二加密密钥数据。

公开(公告)号：US20080034222A1

公开(公告)日：2008-02-07

申请号：US11633453

申请日：2006-12-05

申请人： Yuishi Torisaki ,  Makoto Fujiwara

发明人： Yuishi Torisaki ,  Makoto Fujiwara

IPC分类号： G06F12/14

CPC分类号： G06F21/10

摘要： A mobile terminal adapted to reproduce an encrypted contents file stored in a predetermined storage area as an alert of an incoming call includes: a storage section for holding first plaintext data corresponding to a head portion of the encrypted contents file; decryption means for decrypting the encrypted contents file to generate second plaintext data; reproduction means for reproducing the first and second plaintext data; and authentication means for performing authentication processing related to use of the encrypted contents file. The reproduction means reproduces the first plaintext data and in succession to reproduction of the first plaintext data reproduces the second plaintext data when the mobile terminal receives a call. The authentication means performs the authentication processing simultaneously and in parallel with the reproduction of the first plaintext data by the reproduction means.

摘要翻译： 适于将存储在预定存储区域中的加密内容文件再现为移动终端的移动终端作为来话呼叫的警报包括：存储部分，用于保存与加密内容文件的头部相对应的第一明文数据; 解密装置，用于解密加密的内容文件以产生第二明文数据; 再现装置，用于再现第一和第二明文数据; 以及用于执行与使用加密的内容文件相关的认证处理的认证装置。 当移动终端接收到呼叫时，再现装置再现第一明文数据并且连续地再现第一明文数据再现第二明文数据。 认证装置同时进行认证处理，并且与再现装置再现第一明文数据并行。

公开(公告)号：US20070015589A1

公开(公告)日：2007-01-18

申请号：US11456665

申请日：2006-07-11

申请人： Kazuya Shimizu ,  Tomoya Sato ,  Kentaro Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Makoto Fujiwara

发明人： Kazuya Shimizu ,  Tomoya Sato ,  Kentaro Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Makoto Fujiwara

IPC分类号： A63F13/00

CPC分类号： G06F21/6245 ,  G06F21/10

摘要： A communication card comprised of: an interface unit which communicates with the host; a first communication unit which communicates with an external device other than the host; an encryption unit which performs encryption processing onto data transferred between the host device and the external device via the interface unit and the first communication unit; a storage unit which stores: list information indicating a list of identifiers of unauthorized communication cards; and communication key information used for encryption; and a control unit which performs authentication processing, and only when the authentication processing has been completed normally, allows the host to control the first communication unit, causes said encryption unit to encrypt the data by using the communication key information after the authentication processing, and transfers the encrypted data to the host via the interface unit, in which the authentication processing includes processing of revoking an unauthorized communication card by using the list information.

摘要翻译： 一种通信卡，包括：与主机通信的接口单元; 与主机以外的外部设备通信的第一通信单元; 加密单元，其经由所述接口单元和所述第一通信单元对在所述主机设备和所述外部设备之间传送的数据执行加密处理; 存储单元，其存储指示未经授权的通信卡的标识符的列表的列表信息; 以及用于加密的通信密钥信息; 以及执行认证处理的控制单元，并且只有当认证处理已经正常完成时，允许主机控制第一通信单元，使得加密单元通过使用认证处理之后的通信密钥信息来加密数据，以及 经由接口单元将加密数据传送到主机，其中认证处理包括通过使用列表信息来撤销未经授权的通信卡的处理。

公开(公告)号：US08185746B2

公开(公告)日：2012-05-22

申请号：US12762845

申请日：2010-04-19

申请人： Tomoya Satou ,  Makoto Fujiwara ,  Kentarou Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Kazuya Shimzu ,  Shinji Inoue ,  Kazuya Fujimura ,  Makoto Ochi

发明人： Tomoya Satou ,  Makoto Fujiwara ,  Kentarou Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Kazuya Shimzu ,  Shinji Inoue ,  Kazuya Fujimura ,  Makoto Ochi

IPC分类号： H04L9/32

CPC分类号： G11B20/00086 ,  H04L9/0822 ,  H04L9/0833 ,  H04L9/0894 ,  H04L9/3236 ,  H04L2209/38 ,  H04L2209/60

摘要： In a target apparatus which stores at least one piece of domain key information in a first area and a plurality of pieces of content key information each associated with any one of the domain key information in a second area, a method for generating data for detecting tampering of the content key information. The method comprises the steps of encrypting the content key information associated with one of the domain key information using a chain encryption technique, extracting data at predetermined positions in the encrypted content key information, concatenating the pieces of data extracted at the predetermined positions in the encrypted content key information to obtain concatenated data, performing a hash calculation with respect to the concatenated data to obtain a hash value, storing check values corresponding to the data at the predetermined positions in plain text, in the target apparatus, and storing the hash value in the target apparatus.

摘要翻译： 在将第一区域中存储至少一段领域密钥信息和与第二区域中的任何一个域密钥信息相关联的多条内容密钥信息的目标设备中，存储用于检测篡改的数据的方法 的内容密钥信息。 该方法包括以下步骤：使用链式加密技术加密与一个领域密钥信息相关联的内容密钥信息，在加密的内容密钥信息中的预定位置提取数据，连接在加密的内容密钥信息中的预定位置提取的数据段 内容密钥信息以获得连接的数据，对所述连接的数据执行哈希计算以获得哈希值，将与所述预定位置上的数据相对应的校验值存储在目标设备中，并将哈希值存储在 目标设备。

公开(公告)号：US07913316B2

公开(公告)日：2011-03-22

申请号：US11703719

申请日：2007-02-08

申请人： Yuishi Torisaki ,  Makoto Fujiwara ,  Yusuke Nemoto

发明人： Yuishi Torisaki ,  Makoto Fujiwara ,  Yusuke Nemoto

IPC分类号： G06F11/00

CPC分类号： G11C7/24 ,  G06F11/1004 ,  G11C16/22 ,  G11C29/38 ,  G11C2029/0411

摘要： A check computation circuit executes a computation corresponding to a computation for generating confidential CRC data, with respect to confidential data read from a non-volatile device. A comparison circuit compares the result of the computation in the check computation circuit with confidential CRC data read from the non-volatile device. When the result of the comparison indicates a mismatch, i.e., an error is detected, an encryption circuit encrypts the confidential data and the confidential CRC data using a secret key registered in a secret key register, and outputs the encrypted confidential data and confidential CRC data to the outside of a semiconductor integrated circuit.

摘要翻译： 相对于从非易失性设备读取的机密数据，检查计算电路执行与用于生成机密CRC数据的计算相对应的计算。 比较电路将检查计算电路中的计算结果与从非易失性装置读取的机密CRC数据进行比较。 当比较结果指示不匹配时，即检测到错误时，加密电路使用登记在秘密密钥寄存器中的密钥对机密数据和机密CRC数据进行加密，并输出加密的机密数据和机密CRC数据 到半导体集成电路的外部。

公开(公告)号：US20080170686A1

公开(公告)日：2008-07-17

申请号：US11970796

申请日：2008-01-08

申请人： Yusuke NEMOTO ,  Yuishi TORISAKI ,  Makoto FUJIWARA ,  Satoru KURIKI ,  Masahiro SANO

发明人： Yusuke NEMOTO ,  Yuishi TORISAKI ,  Makoto FUJIWARA ,  Satoru KURIKI ,  Masahiro SANO

IPC分类号： H04L9/28 ,  H04L9/00

CPC分类号： H04L9/0643 ,  G11B20/0021 ,  H04L9/0637 ,  H04L63/0428 ,  H04N21/41407 ,  H04N21/44008 ,  H04N21/4408

摘要： The confidential information processing device according to the present invention includes: a stream analysis unit which determines the target data by analyzing the data stream; a cryptographic computation unit which holds a context including a key used for the cryptographic computation, an initial value, and intermediate information during cryptographic computation, and perform the cryptographic computation using the context that is being held; a context storage unit which stores a plurality of the contexts; a correspondence table storage unit which stores a correspondence table which indicates the number of cryptographic computations to be performed for the data stream and a context to be used for each of the cryptographic computations; a context control unit which, when the context held in the cryptographic computation unit does not match the context to be used indicated in the correspondence table, saves the context held in the cryptographic computation unit to the context storage unit and restore the context to be used for the cryptographic computation indicated in the correspondence table out of the plurality of contexts stored in the context storage unit to the cryptographic computation unit; and a stream control unit which outputs the data stream on which the cryptographic computation is performed by the cryptographic computation unit to the external device, the number of the cryptographic computations being the number indicated in the correspondence table, and to output the data stream on which the cryptographic computation is performed by the cryptographic computation unit to the stream analysis unit, the number of the cryptographic computation not meeting the number of cryptographic computations indicated in the correspondence table.

摘要翻译： 根据本发明的机密信息处理装置包括：流分析单元，通过分析数据流来确定目标数据; 密码计算单元，其在密码计算期间保存包括用于密码计算的密钥，初始值和中间信息的上下文，并且使用正在保持的上下文来执行密码计算; 存储多个上下文的上下文存储单元; 对应表存储单元，其存储指示要对数据流执行的密码计算的数量的对应表以及用于每个密码计算的上下文; 上下文控制单元，当在密码计算单元中保持的上下文与对应表中指示的上下文不匹配时，将保存在密码计算单元中的上下文保存到上下文存储单元并恢复要使用的上下文 对于存储在所述上下文存储单元中的所述多个上下文中的所述对应表中指示的所述密码计算到所述密码计算单元; 以及流控制单元，其将由密码计算单元执行的密码计算的数据流输出到外部设备，密码计算的数量是对应表中指示的数字，并输出数据流， 密码计算由密码计算单元执行到流分析单元，密码计算的数量不满足在对应表中指示的加密计算的数量。

公开(公告)号：US20050120245A1

公开(公告)日：2005-06-02

申请号：US10996452

申请日：2004-11-26

申请人： Yuishi Torisaki ,  Makoto Fujiwara ,  Yusuke Nemoto

发明人： Yuishi Torisaki ,  Makoto Fujiwara ,  Yusuke Nemoto

IPC分类号： G06F12/14 ,  G06F21/00 ,  G06F21/22 ,  G09C1/00 ,  H04L9/08 ,  H04L9/18 ,  H04L9/32 ,  H04L9/00

CPC分类号： G06F21/72 ,  G06F21/64 ,  G06F2221/2143 ,  H04L9/0662 ,  H04L9/0891 ,  H04L9/3228

摘要： In a system which processes confidential information, use of a confidential information processing LSI due to unauthorized tampering of software, spoofing or the like is prevented and data on a bus are protected against analysis using a probe, etc. Within the confidential information processing LSI, software which controls the LSI 1002 is subjected to tampering detection which is executed by a comparator 1008 and authentication processing which is executed by a comparator 1020,thereby confirming the validity of the software and preventing use of the confidential information processing LSI by unauthorized software. The LSI and the software share session keys 1035 and 1038 which are based on a random number used for authentication processing and encrypted communications are attained using the session keys, which protects data on the bus.

摘要翻译： 在处理机密信息的系统中，防止了由于未授权篡改软件，欺骗等而使用机密信息处理LSI，并且使用探测器等来保护总线上的数据免于分析。在机密信息处理LSI中， 控制LSI 1002的软件经受由比较器1008执行的篡改检测和由比较器1020执行的认证处理，从而确认软件的有效性，并防止未经授权的软件使用机密信息处理LSI。 基于用于认证处理和加密通信的随机数的LSI和软件共享会话密钥1035和1038使用保护总线上的数据的会话密钥来实现。

公开(公告)号：US20090041245A1

公开(公告)日：2009-02-12

申请号：US12187594

申请日：2008-08-07

申请人： Yuishi TORISAKI ,  Yusuke NEMOTO

发明人： Yuishi TORISAKI ,  Yusuke NEMOTO

IPC分类号： H04L9/14 ,  H04L9/28

CPC分类号： H04L9/065 ,  H04L2209/12

摘要： A confidential information processing device performs a cryptographic operation on first input data and second input data. A first cryptographic operation circuit includes: a first register for holding first information; and a first cryptographic operation unit. A first pseudo-cryptographic operation circuit includes a second register for holding second information. A first arbitration circuit causes the first cryptographic operation unit to perform the cryptographic operation on the first input data using the first information held in the first register, when a cryptographic operation request for the first input data is made to the first cryptographic operation circuit, and causes the first cryptographic operation unit to perform the cryptographic operation on the second input data using the second information held in the second register, when a cryptographic operation request for the second input data is made to the first pseudo-cryptographic operation circuit.

摘要翻译： 机密信息处理装置对第一输入数据和第二输入数据执行密码操作。 第一加密运算电路包括：用于保存第一信息的第一寄存器; 和第一密码操作单元。 第一伪加密运算电路包括用于保存第二信息的第二寄存器。 当对第一密码操作电路进行第一输入数据的加密操作请求时，第一仲裁电路使得第一密码操作单元使用保存在第一寄存器中的第一信息对第一输入数据执行密码操作，以及 当对第一伪密码操作电路进行第二输入数据的密码操作请求时，使第一密码操作单元使用保存在第二寄存器中的第二信息对第二输入数据执行密码操作。

公开(公告)号：US20070168902A1

公开(公告)日：2007-07-19

申请号：US11633568

申请日：2006-12-05

申请人： Osamu Ogawa ,  Kentaro Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki

发明人： Osamu Ogawa ,  Kentaro Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki

IPC分类号： G06F17/50

CPC分类号： G06F17/5045

摘要： A Control Data Flow Graph (CDFG) which is an intermediate representation obtained by analyzing a behavioral-level circuit description of hardware, is subjected to a process of changing a shape of the CDFG by adding an operation before or after scheduling, so as to conceal design information. A CDFG to which a hardware resource has been allocated may be subjected to a process of changing the allocation of the hardware resource.

摘要翻译： 作为通过分析硬件的行为级电路描述而获得的中间表示的控制数据流程图（CDFG）经受在调度之前或之后添加操作来改变CDFG的形状的处理，以便隐藏 设计信息。 可以对已经分配了硬件资源的CDFG进行改变硬件资源的分配的处理。

公开(公告)号：US20050271201A1

公开(公告)日：2005-12-08

申请号：US11133289

申请日：2005-05-20

申请人： Kazuya Shimizu ,  Tomoya Sato ,  Kentaro Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Makoto Fujiwara

发明人： Kazuya Shimizu ,  Tomoya Sato ,  Kentaro Shiomi ,  Yusuke Nemoto ,  Yuishi Torisaki ,  Makoto Fujiwara

IPC分类号： H04L9/10 ,  G06K19/073 ,  H04K1/00 ,  H04L9/06

CPC分类号： H04L9/0625 ,  H04L9/004 ,  H04L2209/12

摘要： An encryption circuit of a secret key cryptosystem which inputs a plain text and a secret key 4A, inputs R partial keys Kn obtained from the secret key 4A and applies repeatedly R times of round operations to the plain text so that the plain text is encrypted including: registers 4G and 4H which store the values after the round operations of the plain text; a fault detection circuit 1A which decides whether a degenerate fault exists or not by the values of the registers 4G and 4H; and a circuit 1B which invalidates the secret key 4A when the degenerate fault exists in the detection result. The invention provides an encryption circuit which can appropriately respond to a new element of causing occurrence of the degenerate fault, suppress the cost of the hardware, and has a measure against the fault analysis while suppressing an increase in an encryption processing time.

摘要翻译： 输入明文和秘密密钥4A的秘密密钥密码系统的加密电路输入从秘密密钥4A获得的R个部分密钥Kn，并且对明文重复地应用R次循环操作，使得明文是 加密包括：寄存器4G和4H，其在明文的循环操作之后存储值; 故障检测电路1A，其通过寄存器4G和4H的值判定退化故障是否存在; 以及当检测结果中存在退化故障时使秘密密钥4A无效的电路1B。 本发明提供了一种加密电路，其可以适当地响应引起退化故障的发生的新元件，抑制硬件的成本，并且在抑制加密处理时间的增加的同时具有针对故障分析的措施。