Public key infrastructure (PKI) based system, method, device and program
First Claim
1. A public key infrastructure (PKI) based system comprising an issue system to issue a portable device used for a public key cryptosystem, and a user terminal to input optional data into the portable device issued by said issue system, wherein said issue system comprising:
- a means for issuing said portable device which has a first encryptor/decryptor for said public key cryptosystem, a second encryptor/decryptor for a symmetric cipher issuing system and a symmetric key used in said second encryptor/decryptor; and
a means for sending said user terminal an encrypted private key made by encrypting a private key used by said first encryptor/decryptor by said symmetric key and a public key certificate of a public key corresponding to said private key, concerning the portable device issued by said portable device issuing means.
1 Assignment
0 Petitions
Accused Products
Abstract
According to an embodiment of the present invention, an issue system previously issues a smart card, and sends an encrypted private key and a public key certificate to a user terminal, when issuing a new card or updating an old card. A user terminal inputs the received encrypted private key and public key certificate into a smart card. A smart card stores a public key certificate, and decrypts the inputted encrypted private key by an encryptor/decryptor based on a symmetric key, and stores the obtained private key. Therefore, collection and redistribution of a smart card becomes unnecessary, when updating a private key and a public key certificate, saving the time and labor.
99 Citations
19 Claims
-
1. A public key infrastructure (PKI) based system comprising an issue system to issue a portable device used for a public key cryptosystem, and a user terminal to input optional data into the portable device issued by said issue system, wherein said issue system comprising:
-
a means for issuing said portable device which has a first encryptor/decryptor for said public key cryptosystem, a second encryptor/decryptor for a symmetric cipher issuing system and a symmetric key used in said second encryptor/decryptor; and
a means for sending said user terminal an encrypted private key made by encrypting a private key used by said first encryptor/decryptor by said symmetric key and a public key certificate of a public key corresponding to said private key, concerning the portable device issued by said portable device issuing means.
-
-
2. A method of issuing a portable device for a user terminal which can input optional data contents into said portable device used for a public key cryptosystem, said method comprising:
-
issuing said portable device which has a first encryptor/decryptor for said public key cryptosystem, a second encryptor/decryptor for a symmetric cipher issuing system and a symmetric key used in said second encryptor/decryptor; and
sending said user terminal an encrypted private key made by encrypting a private key used by said first encryptor/decryptor by said symmetric key and a public key certificate of a public key corresponding to said private key, concerning the portable device issued by said issuing means. - View Dependent Claims (3, 4)
-
-
5. A computer program saved in a computer readable medium and used in an issue system to issue said portable device for a user terminal which can input optional data contents into said portable device used for a public key cryptosystem, said computer program comprising:
-
a first program code for issuing said portable device which has a first encryptor/decryptor for said public key cryptosystem, a second encryptor/decryptor for a symmetric cipher issuing system and a symmetric key used in said second encryptor/decryptor;
a second program code for registering an encrypted private key made by encrypting a private key used by said first encryptor/decryptor based on said symmetric key and a public key certificate of a public key corresponding to said private key, concerning the portable device issued by said issuing means; and
a third program code for sending said user terminal said registered encrypted private key and public key certificate. - View Dependent Claims (6, 7)
-
-
8. A computer program saved in a computer readable medium used in a user terminal which can input/output predetermined contents into/from a portable device which is used for a public key cryptosystem and issued by an issue system, said computer program comprising:
a first program code for inputting an encrypted private key and public key certificate received from said issue system into said portable device, when issuing or updating a key. - View Dependent Claims (9)
- 10. A public key infrastructure (PKI) based system for a portable device having its own symmetric key and being applicable to either symmetric cipher issuing system or public key cryptosystem, said based system encrypting a private key used for said public key cryptosystem by said symmetric cipher issuing system based on said symmetric key, and distributing the obtained encrypted private key to said portable device.
-
13. A portable device having its own symmetric key, being applicable to a symmetric cipher issuing system, and using a public key cryptosystem based on a private key distributed under the symmetric cipher issuing system using said symmetric key, said portable device comprising:
-
a memory; and
a means for decrypting an input encrypted private key based on the symmetric key for said symmetric cipher issuing system, and writing the obtained private key in said memory, when a private key for said public key cryptosystem is inputted in being encrypted based on a symmetric cipher issuing system. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification