摘要:
There is a need to reduce the certificate verification time in a communication system.A communication system (10) includes a certificate authority (100) for performing authentication, a roadside device (110), a vehicle-mounted terminal (120), a first server (130), and a second server (140). The vehicle-mounted terminal transmits its own position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal highly likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result. The certificate authority transmits the first list and the second list to the roadside device and the vehicle-mounted terminal. The roadside device and the vehicle-mounted terminal verify a certificate using the received first and second lists. Thus, the certificate verification time is reduced.
摘要:
An authentication method is provided which is capable of performing message authentication within an allowable time regardless of the magnitude of the number of messages and performing message authentication high in accuracy within a range for which the allowable time allows. Upon transmission by wireless communications with another mobile or a fixed station, a message authentication code of communication data and a digital signature are generated (S200 and S300). The generated message authentication cod and digital signature are transmitted with being added to the communication data. Upon reception, whether authentication should be done using either one of the message authentication code and the digital signature included in received information is determined according to its own state for the authentication (S400 and S500). This state includes, for example, a load state of a central processing unit or the like that performs an authentication process.
摘要:
An authentication method is provided which is capable of performing message authentication within an allowable time regardless of the magnitude of the number of messages and performing message authentication high in accuracy within a range for which the allowable time allows. Upon transmission by wireless communications with another mobile or a fixed station, a message authentication code of communication data and a digital signature are generated (S200 and S300). The generated message authentication cod and digital signature are transmitted with being added to the communication data. Upon reception, whether authentication should be done using either one of the message authentication code and the digital signature included in received information is determined according to its own state for the authentication (S400 and S500). This state includes, for example, a load state of a central processing unit or the like that performs an authentication process.
摘要:
A communication system includes a certificate authority for performing authentication, a roadside device, a vehicle-mounted terminal, a first server, and a second server. The vehicle-mounted terminal transmits position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result. The certificate authority transmits the first and second lists to the roadside device and the vehicle-mounted terminal. The roadside device and the vehicle-mounted terminal verify a certificate using the received first and second lists thereby reducing the certificate verification time.
摘要:
The external storage device according to the present invention which uses a non-volatile semiconductor memory such as a flash memory is provided with plural areas which store user data, and restricts access to the user data from a host computer and also dynamically changes an area an access to which is to be restricted. Accordingly, the ease of use of the external storage device for the host computer is improved. Specifically, the interior of the flash memory is divided into a normal area not protected by a password or the like and a protected area protected by a password or the like. A microprocessor controls accesses to the normal area and the protected area in accordance with a command from the host computer. In addition, the host computer can access the protected area after passing through authentication using a password. Moreover, the host computer changes information indicative of the location of the protected area, thereby dynamically changing the protection area.
摘要:
Since a conventional information processing apparatus includes a plurality of semiconductor devices, there is a problem that sensitive information may reside on a system bus in the apparatus or a semiconductor memory device serving as main memory therein. To obviate this problem, each information processing apparatus has a CPU which includes a microprocessor, a cryptographic processing algorithm ROM, a cryptographic processing hardware circuit, a RAM, a key custody area, and an external bus controller, which are all integrated on a single semiconductor chip. Thus, encryption/decryption processing is carried out only in the CPU, and internal operations of the CPU are made non-analyzable from an external signal of the CPU.
摘要:
Provided is a disk array controller capable of speeding up the processing by simultaneously execution the encryption/decryption of a non parallel block cipher modes of operation. In a disk array controller for controlling a disk array according to a disk access request from a host system, a plurality of non parallel mode encryption/decryption target data are divided into a plurality of messages unrelated to the encryption/decryption processing, partitioning non parallel mode encryption/decryption target data belonging to the respective messages into a plurality of block data, storing each block data belonging to the respective messages by allocating it each line of Rnd[0] to Rnd[R−1] per message, and encrypting/decrypting block data corresponding to block data corresponding to a cell of the same column of each line among the block data stored in a data buffer simultaneously with the pipeline processing performed by a pipeline encryption/decryption circuit.
摘要:
An efficient signature technology is provided, which is capable of arbitrary extraction and storage from a plurality of pieces of data and which can make a signature length relatively short. In a signature device (180), a mathematical function computing unit (190) repeats processing of calculating a hash value from a coupled value obtained by coupling together hash values calculated from each of the plurality of pieces of data to calculate one hash value (h), and calculates a signature value from the calculated one hash value. Then, a signature processing unit (189) generates, for one piece of data contained in the plurality of pieces of data, a signature containing the calculated signature value and a hash value coupled to another hash value calculated from the one piece of data before the one hash value (h) is calculated.
摘要:
The present invention provides a digital copying method for preventing complete copying by the use of digital copying. A data generating portion includes a storage device which generates a plurality of digital copies having mutually different amounts of effective information from original digital data, and stores the set of digital content having the digital copies encrypted different numbers of times in a memory. A digital output portion decrypts the set of digital content retrieved from the memory a prescribed number of times, making usable and outputting one of the digital copies in the set of digital content. An analog output portion extracts the digital copy that has been encrypted zero times from the set of digital content, converts that copy to analog data, and outputs that data.
摘要:
A storage medium includes a storage device for storing information, information required for encryption and encrypted information, and an I/F device for inputting and outputting information, information required for coding and store encrypted information in a storage device or from an external apparatus other than the storage device, and an encoding device for coding of information and decoding of encoded information. When outputting information stored inside the storage device, information is encoded using encryption key information, and along with obtaining the encoded information and obtaining the encoded encryption key information by using another encryption key. Both the encoded information and encoded encryption key information are output so that decoding the information without the storage medium is impossible.