Apparatuses and methods for decrypting encrypted data and locating the decrypted data in a memory space used for execution
First Claim
1. An encrypted-data decrypting apparatus that decrypts, for a purpose of execution on a computer system, a program that has been encrypted and stored, the encrypted-data decrypting apparatus comprising:
- a storing unit operable to store therein the program as a plurality of partial programs having been encrypted;
a memory location information generating unit operable to generate, for each of the partial programs, memory location information including (i) timing information indicating a timing of decryption and (ii) positional information indicating into which location area each partial program is to be located after being decrypted, the location area being included in a memory space used for the execution of the program;
a decrypting unit operable to sequentially read, from the storing unit, and decrypt the partial programs according to the timing information; and
a loading unit operable to locate each of the decrypted partial programs into each location area indicated by the positional information.
2 Assignments
0 Petitions
Accused Products
Abstract
An encrypted-data decrypting apparatus that provides enhanced security protection for programs and data while they are in the processes of decryption to execution after having been encrypted. When a decrypted partial program needs to be loaded into the shared memory M, the controlling unit 11 loads it into an area indicated by the memory location information. According to the memory location information, a plurality of partial programs are sequentially loaded into an area so that one partial program gets overwritten by another; therefore, none of the partial programs exists in the memory for a long time, and thus there is less possibility of having the partial programs referred to illegitimately. In addition, since every time some data is decrypted, the decryption support program authenticating unit 13 confirms authenticity of the decryption support program P, it is possible to prevent having illegitimate references in which the decryption support program is abused.
39 Citations
25 Claims
-
1. An encrypted-data decrypting apparatus that decrypts, for a purpose of execution on a computer system, a program that has been encrypted and stored, the encrypted-data decrypting apparatus comprising:
-
a storing unit operable to store therein the program as a plurality of partial programs having been encrypted;
a memory location information generating unit operable to generate, for each of the partial programs, memory location information including (i) timing information indicating a timing of decryption and (ii) positional information indicating into which location area each partial program is to be located after being decrypted, the location area being included in a memory space used for the execution of the program;
a decrypting unit operable to sequentially read, from the storing unit, and decrypt the partial programs according to the timing information; and
a loading unit operable to locate each of the decrypted partial programs into each location area indicated by the positional information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An encrypted-data decrypting apparatus that decrypts, for a purpose of execution on a computer system, a program that has been encrypted and stored, the encrypted-data decrypting apparatus comprising:
-
a storing unit operable to store therein the program as a plurality of partial programs having been encrypted;
a decrypting unit operable to read one of the partial programs being an execution target from the storing unit and decrypt the read partial program;
a memory location determining unit operable to dynamically determine a location position of the partial program being the execution target, the location position indicating an address in a memory space used for the execution of the program; and
a loading unit operable to locate the decrypted partial program into the location position determined by the memory location determining unit. - View Dependent Claims (17, 18, 19, 20)
-
-
21. An encrypted-program generating apparatus that encrypts a program that is to be executed on a computer system, the encrypted-program generating apparatus comprising:
-
a memory location information generating unit operable to generate, in order to locate the program into a memory space for the execution of the program in units of a plurality of partial programs, memory location information for each of the partial programs, the memory location information including (i) timing information indicating a timing of decryption and (ii) positional information indicating into which location area each partial program is to be located after being decrypted, the location area being included in the memory space; and
a program encrypting unit operable to encrypt the program in units of the plurality of partial programs, wherein the memory location information generating unit determines contents of the memory location information while giving priority to confidentiality so that, with regard to each of at least one of the partial programs, one partial program gets overwritten into a location area where one or more other partial programs have been located before the one partial program gets decrypted. - View Dependent Claims (22)
-
-
23. An encrypted-data decrypting method for decrypting, for a purpose of execution on a computer system, a program that has been encrypted and stored, the encrypted-data decrypting method comprising:
-
a storing step of storing, into a storage device, the program as a plurality of partial programs having been encrypted;
a memory location information generating step of generating, for each of the partial programs, memory location information including (i) timing information indicating a timing of decryption and (ii) positional information indicating into which location area each partial program is to be located after being decrypted, the location area being included in a memory space used for the execution of the program;
a decrypting step of reading, from the storage device, one of the partial programs being an encryption target, and decrypts the read partial program according to the timing information; and
a loading step of locating the decrypted partial program into the location area indicated by the positional information.
-
-
24. An encrypted-data decrypting method for decrypting, for a purpose of execution on a computer system, a program that has been encrypted and stored, the encrypted-data decrypting method comprising:
-
a decrypting step of reading, from a storing unit that stores therein the program as a plurality of partial programs having been encrypted, one of the partial programs being an execution target and decrypts the read partial program;
a memory location determining step of dynamically determining a location position of the partial program being the execution target, the location position indicating an address in a memory space used for the execution of the program; and
a loading step of locating the decrypted partial program into the location position determined in the memory location determining step.
-
-
25. A program that makes a computer operate as an encrypted-data decrypting apparatus that decrypts, for a purpose of execution on a computer system, a program that has been encrypted and stored, the encrypted-data decrypting apparatus comprising:
-
a storing unit operable to store therein the program as a plurality of partial programs having encrypted;
a memory location information generating unit operable to generate, for each of the partial programs, memory location information including (i) timing information indicating a timing of decryption and (ii) positional information indicating into which location area each partial program is to be located after being decrypted, the location area being included in a memory space used for the execution of the program;
a decrypting unit operable to sequentially read, from the storing unit, and decrypt the partial programs according to the timing information; and
a loading unit operable to locate each of the decrypted partial programs into each location area indicated by the positional information.
-
Specification