公开(公告)号：US20250053638A1

公开(公告)日：2025-02-13

申请号：US18722706

申请日：2021-12-27

Applicant: NEC Corporation

Inventor： Haruna FUKUDA ,  Toshiyuki ISSHIKI ,  Kengo MORI ,  Hiroto TAMIYA

IPC: G06F21/46 ,  G06F17/16

Abstract: A matching system that uses a matching apparatus to match registered information input to a first transformation apparatus and matching information input to a second transformation apparatus, wherein the first transformation apparatus generates a registered feature vector from the registered information, generates a registered concealed vector through calculating a product of the registered feature vector and the registration key matrix by using a regular matrix selected at random as a registration key matrix, and transmits the registered concealed vector to the matching apparatus, the second transformation apparatus generates a matching feature vector from the matching information, generates a matching concealed vector through calculating a product of the matching feature vector and an inverse matrix of the registration key matrix, and transmits the matching concealed vector to the matching apparatus, the matching apparatus calculates an inner product of the registered concealed vector and the matching concealed vector.

公开(公告)号：US20150317483A1

公开(公告)日：2015-11-05

申请号：US14651111

申请日：2013-12-13

Applicant: NEC CORPORATION

Inventor： Kengo MORI

IPC: G06F21/60 ,  H04L29/06 ,  G06F21/62 ,  G06F17/30

CPC classification number: G06F21/602 ,  G06F12/00 ,  G06F17/30 ,  G06F17/30513 ,  G06F21/62 ,  G06F21/6227 ,  H04L63/0471

Abstract: To make it possible to prevent leakage of sensitive information from a database without using a server having both secure operation management and a high database operation processing capability. An intermediate server includes: a cryptography processing unit that encrypts or decrypts data stored in a database; a query conversion unit that converts a query to the database into a first query that does not need processing by the cryptography processing unit and a second query that needs the processing by the cryptography processing unit; and a query processing unit that sends the first query to a database server connected to the database to acquire a result from the database server, and executes the second query using the cryptography processing unit.

Abstract translation: 为了能够防止来自数据库的敏感信息的泄漏，而不使用具有安全操作管理和高数据库操作处理能力的服务器。 中间服务器包括：密码处理单元，对存储在数据库中的数据进行加密或解密; 查询转换单元，其将对数据库的查询转换为不需要加密处理单元处理的第一查询和需要加密处理单元处理的第二查询; 以及查询处理单元，其将所述第一查询发送到连接到所述数据库的数据库服务器以从所述数据库服务器获取结果，并使用所述密码处理单元执行所述第二查询。

公开(公告)号：US20240430243A1

公开(公告)日：2024-12-26

申请号：US18736799

申请日：2024-06-07

Applicant: NEC Corporation

Inventor： Yoshitomo WARASHINA ,  Toshiyuki ISSHIKI ,  Kengo MORI ,  Haruna FUKUDA ,  Hidenobu OGURI

IPC: H04L9/40

Abstract: A data management device includes a generation unit, a registration unit, an output unit, an acquisition unit, a determination unit, and a key output unit. The generation unit generates a first secret key that is restorable by a predetermined number of distributed keys. The registration unit registers data encrypted by using the first secret key in a database of a data storage device. The output unit outputs at least one distributed key among the distributed keys used to restore the first secret key to a key management device. The determination unit determines whether to agree to permission of a use request for data in intention expression on agreement or disagreement performed. When it is determined to agree to the permission of the use request for the data, the key output unit outputs, to the key management device, a key necessary for restoring the first secret key.

公开(公告)号：US20240394352A1

公开(公告)日：2024-11-28

申请号：US18667073

申请日：2024-05-17

Applicant: NEC Corporation

Inventor： Yuta SHIMIZU ,  Toshiyuki ISSHIKI ,  Kengo MORI ,  Kazuki INAGAKI ,  Koyo SHIBATA ,  Kohei HIJIKATA

IPC: G06F21/32

Abstract: An authentication apparatus includes biometric information acquiring part which acquires first biometric information of user, certification information adding part, authentication part, and biometric information database which includes second biometric information of user stored in advance. The certification information adding part receives first biometric information from biometric information acquiring part, generates certification information concerning communication rule, notifies authentication part of certification information in advance, and transmits authentication information including certification information and first biometric information configured according to the communication rule shown by certification information to authentication part. The authentication part receives authentication information, verifies legitimacy of certification information in authentication information received using certification information notified in advance, and performs authentication of user using first biometric information in authentication information according to the communication rule shown by certification information with reference to second biometric information in a case where certification information is determined to be legitimate.

公开(公告)号：US20170324563A1

公开(公告)日：2017-11-09

申请号：US15524151

申请日：2015-10-26

Applicant: Satoshi OBANA ,  NEC CORPORATION

Inventor： Toshiyuki ISSHIKI ,  Kengo MORI ,  Toshinori ARAKI ,  Satoshi OBANA

IPC: H04L9/32 ,  H03M13/15 ,  G06F11/10 ,  H04L9/14 ,  H04L9/30

Abstract: In a data registration phase, encrypted data is calculated by encrypting input data to be concealed by using a secret key, registration data is generated based on the encrypted data and a verification key, and the registration data is stored as a registration template in a storage unit together with an identifier for uniquely identifying the registration data. In an encrypted text verification phase, a data verifying request is generated in which input data to be verified has been encrypted by using a random number, the registration template stored in the storage unit and the data verifying request are verified to produce a determined result, a verified result including a part or all of the registration template corresponding to the determined result is produced, and data is restored based on the verified result to produce a restored result.

公开(公告)号：US20250070967A1

公开(公告)日：2025-02-27

申请号：US18722644

申请日：2021-12-27

Applicant: NEC Corporation

Inventor： Haruna FUKUDA ,  Toshiyuki ISSHIKI ,  Kengo MORI

IPC: H04L9/08

Abstract: A matching system includes a key generation apparatus that generates a registration key matrix, generates a matching key matrix, and generates an auxiliary key matrix from a matrix product of registration key matrix and the matching key matrix; a first transformation apparatus that generates a registered feature vector from registered information input, and generates a registered concealed vector by calculating a product of the registered feature vector and registration key matrix received from the key generation apparatus; a second transformation apparatus that generates a matching feature vector from matching information input, and generates a matching concealed vector by calculating a product of the matching feature vector and the matching key matrix received from the key generation apparatus; and a matching apparatus that matches the registered information and the matching information by calculating a vector-matrix product of the registered concealed vector, the matching concealed vector and the auxiliary key matrix.

公开(公告)号：US20240291646A1

公开(公告)日：2024-08-29

申请号：US18570734

申请日：2021-06-25

Applicant: NEC Corporation

Inventor： Kengo MORI ,  Toshiyuki Isshiki ,  Sanami Nakagawa ,  Hiroto Tamiya ,  Masahiro Nara

IPC: H04L9/08

CPC classification number: H04L9/0869 ,  H04L9/0894

Abstract: In order to realize encryption processing capable of suppressing the degradation of collation accuracy and reducing the risk of information leakage, a terminal apparatus for encrypting input information to be input for collation is provided, the terminal apparatus being configured to perform transformation parameter generation processing for generating a transformation parameter based on a first parameter stored in a storage area and a second parameter that is different from the first parameter, and encrypt the input information input for collation using the transformation parameter to generate encrypted input information.

公开(公告)号：US20240104182A1

公开(公告)日：2024-03-28

申请号：US18274667

申请日：2021-01-29

Applicant: NEC Corporation

Inventor： Masahiro NARA ,  Toshihiko OKAMURA ,  Toshiyuki ISSHIKI ,  Kengo MORI ,  Hiroto TAMIYA

IPC: G06F21/32

CPC classification number: G06F21/32

Abstract: A conventional biometric authentication system has been time-consuming and labor-intensive for users since the users are requested to re-register their biometric information. According to an aspect of the present disclosure, a biometric authentication system includes an update value generation unit configured to generate an update value, a first update processing unit configured to update, using the update value, a template generated based on biometric information, and a second update processing unit configured to update, using the update value, a verification key generated along with the template based on the biometric information using the update value.

公开(公告)号：US20180239910A1

公开(公告)日：2018-08-23

申请号：US15553264

申请日：2016-01-27

Applicant: Satoshi OBANA ,  NEC Corporation

Inventor： Toshiyuki ISSHIKI ,  Kengo MORI ,  Toshinori ARAKI ,  Satoshi OBANA

IPC: G06F21/60 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  G06F21/32

CPC classification number: G06F21/602 ,  G06F21/32 ,  H04L9/0861 ,  H04L9/0869 ,  H04L9/14 ,  H04L9/3231

Abstract: In a system with registration data, in a data registration phase, encrypted data is calculated by encrypting input data to be concealed by using a secret key and secret information, registration data is generated based on the encrypted data and verification key, and the registration data is stored as a registration template in a storage unit together with an identifier for uniquely identifying the registration data. In an encrypted text verification phase, a data verifying request is generated in which input data to be verified has been encrypted by using a random number and secret information, the registration template stored in the storage unit and the data verifying request are matched verified to produce a determined result, a verified result including a part or all of the registration template corresponding to the determined result is produced, and data is restored based on the verified result to produce a restored result.

公开(公告)号：US20180139045A1

公开(公告)日：2018-05-17

申请号：US15571880

申请日：2015-05-07

Applicant: NEC CORPORATION

Inventor： Jun FURUKAWA ,  Kengo MORI ,  Isamu TERANISHI ,  Toshinori ARAKI

IPC: H04L9/08 ,  H04L29/06 ,  G09C1/00 ,  G06F17/30 ,  G06F21/62

CPC classification number: H04L9/0861 ,  G06F16/258 ,  G06F21/6218 ,  G06F21/6227 ,  G09C1/00 ,  H04L9/085 ,  H04L63/0485 ,  H04L63/06 ,  H04L2209/46

Abstract: An intermediate apparatus that upon reception of a request from an application apparatus, instructs a plurality of secure computation apparatuses to perform a secret computation processing, in accordance with the request, performs a part of operation of the request from the application apparatus, on at least one of a part of data included in the request or data reconstructed from shares received from a plurality of secure computation apparatuses.