Cryptographic communication system, terminal device, server, and decryption method
First Claim
5. A cryptographic communication system, comprising:
- a sender terminal for encrypting and transmitting an original message;
a recipient terminal for holding a secret key for decryption of the encrypted message;
an agent terminal for decrypting the encrypted message in place of the recipient terminal based on the secret key of said recipient terminal; and
a conversion server for validating decryption processing of the encrypted message by the agent terminal, wherein an operation of the secret key of said recipient terminal is shared between said agent terminal and said conversion server using threshold decryption, and the agent terminal is allowed to decrypt the encrypted message on obtaining validation from the conversion server.
1 Assignment
0 Petitions
Accused Products
Abstract
Cryptographic communication system including a sender terminal for encrypting and transmitting a message, a recipient terminal for receiving and decrypting the encrypted message, an agent terminal for decrypting the message in place of the recipient terminal, and a conversion server for supporting the agent terminal to decrypt the message. The sender terminal encrypts the message using a public key of the recipient terminal. Using a public key of the conversion server, a predetermined restricted condition, and a secret key for decryption of the message, the recipient terminal generates a delegation key allowing decryption of the message under the restricted condition and passes the delegation key to the agent terminal. The conversion server validates a power of the agent terminal to decrypt the message based on the information contained in the delegation key from the agent terminal. The agent terminal then decrypts the message with validation of the conversion server.
43 Citations
24 Claims
-
5. A cryptographic communication system, comprising:
-
a sender terminal for encrypting and transmitting an original message;
a recipient terminal for holding a secret key for decryption of the encrypted message;
an agent terminal for decrypting the encrypted message in place of the recipient terminal based on the secret key of said recipient terminal; and
a conversion server for validating decryption processing of the encrypted message by the agent terminal, wherein an operation of the secret key of said recipient terminal is shared between said agent terminal and said conversion server using threshold decryption, and the agent terminal is allowed to decrypt the encrypted message on obtaining validation from the conversion server. - View Dependent Claims (6, 7, 8, 21)
-
-
9. A terminal device for receiving and decrypting an encrypted message, comprising:
-
secret key holding means for holding a secret key for decryption of a message encrypted using a public key of its own; and
delegation key generation means for generating a delegation key based on a public key of a predetermined conversion server, a predetermined restricted condition, and the secret key, the delegation key allowing decryption of the message under the restricted condition, wherein said terminal device passes the delegation key generated by said delegation key generation means to a predetermined agent terminal for decrypting the message in place of the terminal device. - View Dependent Claims (10, 11)
-
-
12. A terminal device, comprising:
-
delegation key holding means for holding a delegation key generated using a one-way hash function based on a public key of a predetermined conversion server, a predetermined restricted condition, and a secret key for decryption of an encrypted message, the delegation key allowing decryption of the message under the restricted condition;
inquiry means for transmitting at least part of the delegation key to the conversion server and receiving from the conversion server a parameter obtained as a result of validation of the conversion server according to the restricted condition; and
decryption means for decrypting the message by use of the parameter acquired from the conversion server and the delegation key. - View Dependent Claims (1, 3, 4, 13, 20)
-
-
14. A server, comprising:
-
receiving means for receiving from a predetermined terminal device a predetermined restricted condition, part of a message encrypted with a first public key, and predetermined information encrypted with a second public key;
judgment means for judging whether or not the acquired restricted condition is satisfied;
parameter calculation means for decrypting the predetermined information with a secret key corresponding to the second public key and calculating a parameter for decryption of the message by use of the predetermined information, the restricted condition, and the part of the message encrypted with the first public key; and
transmitting means for transmitting to the predetermined terminal device the parameter calculated by said parameter calculation means. - View Dependent Claims (2, 15, 22)
-
-
16. A program for controlling a computer to decrypt an encrypted message, the program causing the computer to realize:
-
a function of holding in a predetermined storage a secret key for decryption of a message encrypted using a public key of its own;
a function of generating a delegation key based on a public key of a predetermined conversion server, a predetermined restricted condition, and the secret key using a one-way hash function, the delegation key allowing decryption of the message under the restricted condition; and
a function of transmitting the delegation key to a predetermined agent terminal for decrypting the message by proxy.
-
-
17. A program for controlling a computer to decrypt an encrypted message, the program causing the computer to realize:
-
a function of holding in a predetermined storage a delegation key generated using a one-way hash function based on a public key of a predetermined conversion server, a predetermined restricted condition, and a secret key for decryption of an encrypted message, the delegation key allowing decryption of the message under the restricted condition;
a function of transmitting at least part of the delegation key to the conversion server and receiving from the conversion server a parameter obtained as a result of validation of the conversion server according to the restricted condition; and
a function of decrypting the message using the parameter acquired from the conversion server and the delegation key.
-
-
18. A program for controlling a computer to decrypt an encrypted message, the program causing the computer to realize:
-
a function of receiving from a predetermined terminal device a predetermined restricted condition, part of a message encrypted with a first public key, and a predetermined information encrypted with a second public key;
a function of judging whether or not the acquired restricted condition is satisfied;
a function of decrypting the predetermined information with a secret key corresponding to the second public key and calculating a parameter for decryption of the message by use of the predetermined information, the restricted condition, the part of the message encrypted with the first public key; and
a function of returning the parameter to the predetermined terminal device.
-
-
19. A decryption method, comprising the steps of:
-
generating a delegation key based on a first secret key corresponding to a first public key, a predetermined restricted condition, and a second public key, the delegation key allowing decryption of the message under the restricted condition;
passing at least part of the delegation key to an external party having a second secret key corresponding to the second public key and acquiring from the external party a result of judgment whether or not decryption processing with the delegation key satisfies the restricted condition; and
decrypting the message, which is encrypted with the first public key, by use of the delegation key and the result of judgment of the external party. - View Dependent Claims (23, 24)
-
-
22-1. A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing decryption of an encrypted message, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of claim 12.
-
22-2. A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing server functions, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of claim 14.
Specification