-
1.发明公开公开(公告)号:US20240113894A1
公开(公告)日:2024-04-04
申请号:US18256113
申请日:2021-01-27
发明人: Tetsuya OKUDA , Koji CHIDA
CPC分类号: H04L9/3257 , H04L9/0825
摘要: An information processing apparatus includes a secure area configured to execute a program in secret, and a security chip. The secure area conceals information related to the program, and requests the security chip to provide a blind signature with respect to the concealed information obtained by the concealing. The security chip calculates the blind signature and returns the blind signature to the secure area. The secure area acquires a signature with respect to the information related to the program from the blind signature.
-
2.发明公开公开(公告)号:US20230396415A1
公开(公告)日:2023-12-07
申请号:US18249659
申请日:2020-11-13
发明人: Tetsuya OKUDA , Koji CHIDA , Yuichiro DAN , Ryohei SUZUKI
CPC分类号: H04L9/0825 , G06F21/12
摘要: A program execution system includes a data holding apparatus, a program providing apparatus, and a data processing apparatus that performs computing in a secure region. The data holding apparatus transmits encrypted data, encrypted with a first common key, to the data processing apparatus, and the program providing apparatus transmits an encrypted program, encrypted with a second common key, to the data processing apparatus. In the secure region, the data processing apparatus acquires data by decrypting the encrypted data with the first common key, acquires a program by decrypting the encrypted program with the second common key, executes the program for the data, and encrypts a result of the execution with a public key of the data holding apparatus or the first common key. The data holding apparatus acquires the result of the execution by decrypting the encrypted result of the execution with a secret key or the first common key.
-
3.发明公开公开(公告)号:US20240241932A1
公开(公告)日:2024-07-18
申请号:US18558449
申请日:2021-06-08
发明人: Ryohei SUZUKI , Koji CHIDA , Tetsuya OKUDA
IPC分类号: G06F21/31
CPC分类号: G06F21/31
摘要: In an information processing system including: a resource management device that manages certain resources; an access device that accesses the resources; and an authorizing device that issues, to the access device, an access token corresponding to an access authority to the resources in a case where delegation of the access authority is permitted by an owner of the resources, the resource management device includes: an acquisition unit that acquires, in response to an access request to the resources accompanied by the access token from the access device, information in which a modifier is given to an access authority disclosed in advance by the authorizing device, which serves as information indicating a range of the access authority corresponding to the access token; and an execution unit that executes processing according to the access request within the range of the access authority limited by the modifier, thereby improving the flexibility of the range of an authority to be delegated to another person.
-
公开(公告)号:US20220247569A1
公开(公告)日:2022-08-04
申请号:US17611067
申请日:2019-05-21
发明人: Yuki OKANO , Tetsuya OKUDA , Koha KINJO
IPC分类号: H04L9/32
摘要: A signature verification system includes a signature generation server, a signature verification server, and a verification key management server that are connected to one another via a communication network. The signature generation server includes: reporting means for, when a signing key and a verification key are generated by a publisher, reporting the verification key and publisher identification information that identifies the publisher to the verification key management server; and signature generation means for signing a bid request issued by the publisher with use of the signing key. The verification key management server includes: registration means for registering the publisher identification information and the verification key that were reported by the reporting means in a storage unit in association with information that enables specifying a version of the verification key; verification means for, upon receiving publisher identification information and a name indicating a verification key from the signature verification server, verifying whether or not a verification key that corresponds to the received publisher identification information and name and that is a latest version is registered in the storage unit; and first transmission means for, if the verification means verified that the verification key that is the latest version is registered in the storage unit, transmitting the latest-version verification key to the signature verification server. The signature verification server includes: second transmission means for, upon receiving the bid request, transmitting publisher identification information and a name indicating a verification key that are included in the bid request to the verification key management server; and signature verification means for, if the publisher identification information and the name were transmitted by the second transmission means and the latest-version verification key was received from the verification key management server in response, performing verification of the bid request with use of the latest-version verification key.
-
公开(公告)号:US20240205206A1
公开(公告)日:2024-06-20
申请号:US18555615
申请日:2021-05-19
发明人: Yuki OKANO , Tetsutaro KOBAYASHI , Keizo MURAKAMI , Tetsuya OKUDA
CPC分类号: H04L63/061 , H04L9/0643 , H04L9/3213
摘要: A hey exchange system includes a plurality of terminals that perform key exchange; and a server that performs authentication of each of the terminals and mediation of the key exchange. The server is configured to generate a nonce used when the authentication is performed between the server and the terminal by federation using OpenID Connect; generate a public key and a secret key of token control encryption; transmit the nonce and the public key to the terminal; and decrypt a ciphertext received from the terminal by using the secret key and a token received from the terminal. The terminal is configured to generate a ciphertext obtained b encrypting predetermined data by using the public key and a token generated from the nonce; and transmit the ciphertext to the server.
-
公开(公告)号:US20240129111A1
公开(公告)日:2024-04-18
申请号:US18555610
申请日:2021-05-19
发明人: Yuki OKANO , Tetsutaro KOBAYASHI , Keizo MURAKAMI , Tetsuya OKUDA
CPC分类号: H04L9/0819 , H04L9/06 , H04L9/3213
摘要: A key exchange system according to an embodiment includes: a plurality of terminals that perform key exchange; and a server that performs authentication of each of the terminals and mediation of the key exchange, in which the server includes a nonce generation unit that generates a nonce used when the authentication is performed between the server and the terminal by federation using OpenID Connect, a key generation unit that generates a public key and a secret key of token control encryption, a first transmission unit that transmits the nonce and the public key to the terminal, and a decryption unit that decrypts a ciphertext received from the terminal by using the secret key and a token received from the terminal, and the terminal includes an encryption unit that generates a ciphertext obtained by encrypting predetermined data by using the public key and a token generated from the nonce, a second transmission unit that transmits the ciphertext to the server, and a long-term secret string generation unit that generates a long-term secret string for use in the key exchange, by using the nonce.
-
公开(公告)号:US20240364672A1
公开(公告)日:2024-10-31
申请号:US18292075
申请日:2021-08-25
发明人: Tetsuya OKUDA , Misato NAKABAYASHI , Koji CHIDA , Yuri TANAKA , Kazuki YAMAMURA , Sakae CHIKARA , Kazuo MORIMURA
CPC分类号: H04L63/061 , H04L9/0852
摘要: According to an embodiment, a key exchange system includes: a key generation device configured to generate a key based on quantum key exchange or post-quantum key exchange; a network device configured to perform encrypted communication with another network device by using the key; and an intermediate server deployed between the key generation device and the network device. The intermediate server includes: a state monitoring unit configured to transmit a state monitoring request to the key generation device at each predetermined time; a notification unit configured to give a push notification of key information included in a response to the state monitoring request, to the network device, when the response is received; and a key exchange unit configured to start key exchange between the network device and the key generation device in response to a request from the network device having received the push notification of the key information.
-
公开(公告)号:US20240241992A1
公开(公告)日:2024-07-18
申请号:US18561957
申请日:2021-06-07
发明人: Ryohei SUZUKI , Koji CHIDA , Tetsuya OKUDA
CPC分类号: G06F21/64 , G06F21/101
摘要: A registration application support system includes: a registration application device that is included in a first organization and applies for pre-registration for delegation of a right regarding access to a resource to an authorization server; and an existence guarantee device that is included in a second organization and guarantees existence of the first organization, in which: the existence guarantee device includes a giving unit that gives an electronic signature to information that guarantees the existence of the first organization, in response to a request from a terminal used by a member of the first organization; the registration application device includes a transmission unit that transmits a display name of the first organization and the information to which the electronic signature has been given to the authorization server in order to apply for the pre-registration; and the authorization server includes a verification unit that causes the existence guarantee device to verify the electronic signature, and a determination unit that determines whether or not the first organization has a right to use the display name. Therefore, pre-registration for delegation of an access right to a resource is safely and efficiently performed.
-
公开(公告)号:US20210342895A1
公开(公告)日:2021-11-04
申请号:US17282982
申请日:2019-10-11
发明人: Koha KINJO , Tetsuya OKUDA , Yuki OKANO
摘要: A communication system includes a transmitting device configured to transmit information, and a receiving device configured to receive the information, the receiving device includes a determination unit configured to determine whether or not an electronic certificate of the transmitting device used for a communication with the transmitting device is an EV certificate, and a process that is performed is varied according to a determination result of the determination unit.
-
公开(公告)号:US20210125446A1
公开(公告)日:2021-04-29
申请号:US17058590
申请日:2019-05-28
发明人: Koha KINJO , Tetsuya OKUDA , Ryo KIKUCHI
摘要: In a voting system including a vote broadcasting server and a plurality of client terminals, the vote broadcasting server generates a plurality of pieces of vote information that is data in which secret information is shared and transmits the vote information to each client terminal, each client terminal generates voting information by encrypting vote information such that the vote information can be decrypted when predetermined conditions are satisfied and transmits the voting information to the vote broadcasting server, the vote broadcasting server transmits a voting information group composed of voting information received from respective client terminals to the respective client terminals, and each client terminal ascertains a vote result according to the number of pieces of vote information decrypted from the voting information group and executes processing based on the vote result.
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.018 秒)
