Data processing device

US 20030221131A1
Filed: 03/05/2003
Published: 11/27/2003
Est. Priority Date: 03/08/2002
Status: Abandoned Application

First Claim

Patent Images

1. A data processing device for share-encoding secret information using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n, comprising:

a holding unit operable to acquire and hold secret information;

a reception unit operable to receive from each of n number of users at a time of a user registration, a user ID unique to the user and a password determined by the user;

a user information generation unit operable to generate for each user from the user ID and the password received from the user, user information uniquely determined for the user;

a registration unit operable to generate registration information for each user, and to register the user by storing the generated registration information in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the held secret information using the (k,n) threshold scheme and (ii) user information generated for the user; and

a deletion unit operable to delete the held secret information after the n number of users has been registered by the registration unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data processing device for share-encoding secret information using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n. The data processing device includes a holding unit operable to acquire and hold secret information, a reception unit operable to receive from each of n number of users at a time of a user registration, a user ID unique to the user and a password determined by the user, a user information generation unit operable to generate for each user from the user ID and the password received from the user, user information uniquely determined for the user, a registration unit operable to generate registration information for each user, and to register the user by storing the generated registration information in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the held secret information using the (k,n) threshold scheme and (ii) user information generated for the user, and a deletion unit operable to delete the held secret information after the n number of users has been registered by the registration unit.

33 Citations

View as Search Results

17 Claims

1. A data processing device for share-encoding secret information using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n, comprising:
- a holding unit operable to acquire and hold secret information;
  
  a reception unit operable to receive from each of n number of users at a time of a user registration, a user ID unique to the user and a password determined by the user;
  
  a user information generation unit operable to generate for each user from the user ID and the password received from the user, user information uniquely determined for the user;
  
  a registration unit operable to generate registration information for each user, and to register the user by storing the generated registration information in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the held secret information using the (k,n) threshold scheme and (ii) user information generated for the user; and
  
  a deletion unit operable to delete the held secret information after the n number of users has been registered by the registration unit.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The data processing device of claim 1, further comprising:
    - a check information generation unit operable to generate check information for each user, by performing a predetermined one-way function on the password received from the user, wherein the registration unit further stores the generated check information in relation to the corresponding user ID at a time of the user registration.
  - 3. The data processing device of claim 1, wherein the user information generation unit generates the user information by inserting, between the user ID and the password received from each user, a fixed value that includes a value that cannot be received by the reception unit, and combining the user ID and the password.
  - 4. The data processing device of claim 3, wherein the user information generation unit inserts, as the value that cannot be received, a fixed value that includes one of a backspace (0×
    - 08) and a carriage return (0×
      
      0d).
  - 5. The data processing device of claim 1, wherein the user information generation unit generates the user information by (i) converting one of the user ID and the password received from each user to a value that cannot be received by the receiving unit, by performing a predetermined conversion, and (ii) combining the converted user ID or password with the user ID or password that was not converted.
  - 6. The data processing device of claim 5, wherein the user information generation unit converts one of the user ID and the password to a value that includes one of a backspace (0×
    - 08) and a carriage return (0×
      
      0d).

7. A data processing device for recovering secret information, based on information share-encoded using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n, comprising:
- a reception unit operable to receive from each of n number of users at a time of a secret information recovery, a user ID unique to the user and a password determined by the user;
  
  a user information generation unit operable to generate for each user from the user ID and the password received from the user, user information uniquely determined for the user;
  
  a storage unit having registration information stored therein for each of the n number of users in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the secret information using the (k,n) threshold scheme and (ii) user information generated for the user;
  
  an extraction unit operable to extract, from the storage unit, registration information corresponded to the user ID received from each user; and
  
  a recovery unit operable, after registration information for k number of users has been extracted by the extraction unit, to recover the secret information using (i) the registration information for the k number of users and (ii) user information generated for the k number of users.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The data processing device of claim 7, further comprising:
    - a data processing unit operable to conduct data processing using the recovered secret information; and
      
      a deletion unit operable to delete the secret information after the data processing has been conducted by the data processing unit.
  - 9. The data processing device of claim 7, wherein the storage unit further has stored therein in relation to a corresponding user ID, check information that has been generated by performing a predetermined one-way function on a password, the extraction unit further extracts, from the storage unit, check information corresponded to the user ID received from each user, the data processing device further comprises:
    - a check information generation unit operable to generate check information by performing the predetermined one-way function on the password received from each user; and
      
      an authentication unit operable to authenticate the password as being valid, if the extracted check information matches the generated check information, and the recovery unit, at a time of the secret information recovery, does not use user information corresponding to a password that is not authenticated as being valid.
  - 10. The data processing device of claim 7, wherein the user information generation unit generates the user information by inserting, between the user ID and the password received from each user, a fixed value that includes a value that cannot be received by the reception unit, and combining the user ID and the password.
  - 11. The data processing device of claim 10, wherein the user information generation unit inserts, as the value that cannot be received, a fixed value that includes one of a backspace (0×
    - 08) and a carriage return (0×
      
      0d).
  - 12. The data processing device of claim 7, wherein the user information generation unit generates the user information by (i) converting one of the user ID and the password received from each user to a value that cannot be received by the receiving unit, by performinq a predetermined conversion, and (ii) combining the converted user ID or password with the user ID or password that was not converted.
  - 13. The data processing device of claim 12, wherein the user information generation unit converts one of the user ID and the password to a value that includes one of a backspace (0×
    - 08) and a carriage return (0×
      
      0d).

14. A data processing method for share-encoding secret information using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n, comprising:
- a holding step of acquiring and holding secret information;
  
  a reception step of receiving from each of n number of users at a time of a user registration, a user ID unique to the user and a password determined by the user;
  
  a user information generation step of generating for each user from the user ID and the password received from the user, user information uniquely determined for the user;
  
  a registration step of generating registration information for each user, and registering the user by storing the generated registration information in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the held secret information using the (k,n) threshold scheme and (ii) user information generated for the user; and
  
  a deletion step of deleting the held secret information after the n number of users has been registered in the registration step.

15. A data processing method used in a data processing device for recovering secret information, based on information share-encoded using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n, the data processing device including a storage unit that has registration information stored therein for each of n number of users in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the secret information using the (k,n) threshold scheme and (ii) user information generated for the user, comprising:
- a reception step of receiving from each of the n number of users at a time of a secret information recovery, a user ID unique to the user and a password determined by the user;
  
  a user information generation step of generating for each user from the user ID and the password received from the user, user information uniquely determined for the user;
  
  an extraction step of extracting, from the storage unit, registration information corresponded to the user ID received from each user; and
  
  a recovery step of, after registration information for k number of users has been extracted in the extraction step, recovering the secret information using (i) the registration information for the k number of users and (ii) user information generated for the k number of users.

16. A data processing computer program for having a computer execute a plurality of steps for share-encoding secret information using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n, the steps including:
- a holding step of acquiring and holding secret information;
  
  a reception step of receiving from each of n number of users at a time of a user registration, a user ID unique to the user and a password determined by the user;
  
  a user information generation step of generating for each user from the user ID and the password received from the user, user information uniquely determined for the user;
  
  a registration step of generating registration information for each user, and registering the user by storing the generated registration information in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the held secret information using the (k,n) threshold scheme and (ii) user information generated for the user; and
  
  a deletion step of deleting the held secret information after the n number of users has been registered in the registration step.

17. A data processing computer program for having a data processing device execute a plurality of steps for recovering secret information, based on information share-encoded using a (k,n) threshold scheme, where k and n are integers greater than or equal to 2, and k is less than or equal to n, the data processing device including a storage unit that has registration information stored therein for each of n number of users in relation to a corresponding user ID, the registration information corresponding to a difference between (i) shared information generated for each user by share-encoding the secret information using the (k,n) threshold scheme and (ii) user information generated for the user, the steps including:
- a reception step of receiving from each of the n number of users at a time of a secret information recovery, a user ID unique to the user and a password determined by the user;
  
  a user information generation step of generating for each user from the user ID and the password received from the user, user information uniquely determined for the user;
  
  an extraction step of extracting, from the storage unit, registration information corresponded to the user ID received from each user; and
  
  a recovery step of, after registration information for k number of users has been extracted in the extraction step, recovering the secret information using (i) the registration information for the k number of users and (ii) user information generated for the k number of users.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Matsushita Electric Industrial Company Limited (Panasonic Holdings Corporation)
Original Assignee
Matsushita Electric Industrial Company Limited (Panasonic Holdings Corporation)
Inventors
Mori, Toshifumi, Saijo, Takeshi

Application Number

US10/382,210
Publication Number

US 20030221131A1
Time in Patent Office

Days
Field of Search
US Class Current

713/202
CPC Class Codes

H04L 9/085 Secret sharing or secret sp...

Data processing device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Data processing device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links