Terminal apparatus, communication method, and communication system
First Claim
Patent Images
1. A terminal apparatus that communicates with another terminal apparatus on a network, the terminal apparatus possessing a public key of a group formed on the network, comprising:
- an inquiry information sending unit operable to send inquiry information to said another terminal apparatus, the inquiry information indicating an inquiry about whether or not said another terminal apparatus is a terminal apparatus of an authorized member of the group;
an encrypted information receiving unit operable to receive predetermined encrypted information from said another terminal apparatus in response to the inquiry information sent by the inquiry information sending unit;
a decryption trial unit operable to try decrypting the received encrypted information using the group public key;
an information judgment unit operable to make a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial unit; and
a terminal judgment unit operable to judge that said another terminal apparatus is a terminal apparatus of an authorized member of the group, when the information judgment unit judges that the decrypted information is appropriate.
4 Assignments
0 Petitions
Accused Products
Abstract
A manager or an issuer issues a participation certificate, for an ordinary user who will newly join a group formed on a network made up of specified users, on which said manager or issuer creates a digital signature by the use of a private key of the group. Members belonging to said group authenticate one another as belonging to the same group and as authorized members of the group, on the basis of their respective participation certificates.
86 Citations
34 Claims
-
1. A terminal apparatus that communicates with another terminal apparatus on a network, the terminal apparatus possessing a public key of a group formed on the network, comprising:
-
an inquiry information sending unit operable to send inquiry information to said another terminal apparatus, the inquiry information indicating an inquiry about whether or not said another terminal apparatus is a terminal apparatus of an authorized member of the group;
an encrypted information receiving unit operable to receive predetermined encrypted information from said another terminal apparatus in response to the inquiry information sent by the inquiry information sending unit;
a decryption trial unit operable to try decrypting the received encrypted information using the group public key;
an information judgment unit operable to make a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial unit; and
a terminal judgment unit operable to judge that said another terminal apparatus is a terminal apparatus of an authorized member of the group, when the information judgment unit judges that the decrypted information is appropriate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 9)
-
-
8. A terminal apparatus that communicates with another terminal apparatus on a network, comprising:
-
an inquiry information sending unit operable to send inquiry information to said another terminal apparatus, the inquiry information indicating that a user of the terminal apparatus whishes to obtain group information including a public key of a group formed on the network;
a group information receiving unit operable to receive, from said another terminal apparatus, the group information on which a digital signature is created, in response to the inquiry information sent by the inquiry information sending unit;
a group information verification unit operable to verify validity of the received group information, using the public key included in said group information; and
a group information judgment unit operable to judge that the group information has been obtained from a terminal apparatus of an authorized member of the group, when the validity of the group information is verified by the group information verification unit.
-
-
10. A communication method for a first terminal to communicate with a second terminal on a network, wherein the first terminal possesses a public key of a group formed on the network, the communication method comprising:
-
an inquiry information sending step of sending inquiry information to the second terminal, the inquiry information indicating an inquiry about whether or not the second terminal is a terminal of an authorized member of the group;
an encrypted information receiving step of receiving predetermined encrypted information from the second terminal in response to the inquiry information sent in the inquiry information sending step;
a decryption trial step of trying decrypting the received encrypted information using the group public key;
an information judgment step of making a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial step; and
a terminal judgment step of judging that the second terminal is a terminal of an authorized member of the group, when the decrypted information is judged to be appropriate in the information judgment step. - View Dependent Claims (11, 12, 13, 14, 15, 16, 18)
-
-
17. A communication method for a first terminal that communicates with a second terminal on a network, comprising:
-
an inquiry information sending step of sending inquiry information to the second terminal, the inquiry information indicating that a user of the first terminal whishes to obtain group information including a public key of a group formed on the network;
a group information receiving step of receiving, from the second terminal, the group information on which a digital signature is created, in response to the inquiry information sent in the inquiry information sending step;
a group information verification step of verifying validity of the received group information, using the public key included in said group information; and
a group information judgment step of judging that the group information has been obtained from a terminal of an authorized member of the group, when the validity of the group information is verified in the group information verification step.
-
-
19. A communication method for carrying out a communication between a first terminal and a second terminal on a network, wherein the first terminal possesses a public key of a group formed on the network and a pair of a private key and a public key of a first user who is a user of the first terminal, and the second terminal possesses a pair of a private key and a public key of the group, the communication method comprising steps A executed by the first terminal and steps B executed by the second terminal,
wherein the steps A include: -
an inquiry information sending step of sending inquiry information to the second terminal, the inquiry information indicating an inquiry about whether or not the second terminal is a terminal of an authorized member of the group;
an encrypted information receiving step of receiving predetermined encrypted information from the second terminal in response to the inquiry information sent in the inquiry information sending step;
a decryption trial step of trying decrypting the received encrypted information using the group public key;
an information judgment step of making a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial step;
a manager judgment step of judging that the second terminal is a terminal of an authorized manager of the group, when the decrypted information is judged to be appropriate in the information judgment step;
a membership request sending step of sending membership request information to the second terminal judged to be the authorized manager in the manager judgment step, the membership request information including information indicating that the first user wishes to join the group and the pubic key of the first user; and
a participation certificate receiving step of receiving a participation certificate indicating that the first user has been approved to join the group from the second terminal, and the steps B include;
an inquiry information receiving step of receiving the inquiry information from the first terminal;
an encrypted information sending step of generating the encrypted information which has been encrypted according to the received inquiry information, and sending the generated encrypted information to the first terminal;
a membership request receiving step of receiving the membership request information from the first terminal;
a participation certificate generation step of generating the participation certificate on the basis of the received membership request information; and
a participation certificate sending step of sending the generated participation certificate to the first terminal. - View Dependent Claims (20, 25)
-
-
21. A communication method for carrying out a communication between a first terminal and a second terminal on a network, wherein the first terminal possesses a pair of a private key and a public key of a group formed on the network and a public key of a second user who is a user of the second terminal, and the second terminal possesses a public key of the group, the communication method comprising steps A executed by the first terminal and steps B executed by the second terminal,
wherein the steps A include: -
an inquiry information sending step of sending inquiry information to the second terminal, the inquiry information indicating an inquiry about whether or not the second terminal is a terminal of an authorized member of the group;
an encrypted information receiving step of receiving predetermined encrypted information from the second terminal in response to the inquiry information sent in the inquiry information sending step;
a decryption trial step of trying decrypting the received encrypted information using the group public key of the second user;
an information judgment step of making a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial step;
a participant judgment step of judging that the second terminal is a terminal of an authorized participant in the group, when the decrypted information is judged to be appropriate in the information judgment step;
an assignment information sending step of sending assignment information to the second terminal whose user, that is, the second user is judged to be an authorized participant, the assignment information indicating that said second user is wished to be assigned as an issuer of the group who issues a participation certificate;
a public key receiving step of receiving the public key of the second user from the second terminal;
a public key judgment step of judging whether or not the received public key of the second user and the public key possessed by the first terminal match;
a permit generation step of generating a participation certificate issue permit indicating that authority to issue the participation certificate is granted to the second user; and
a permit sending step of sending the generated participation certificate issue permit to the second terminal, and the steps B include;
an inquiry information receiving step of receiving the inquiry information from the first terminal;
a public key sending step of sending the public key of the second user to the first terminal; and
a permit receiving step of receiving the participation certificate issue permit from the first terminal. - View Dependent Claims (22)
-
-
23. A communication method for carrying out a communication between a first terminal and a second terminal on a network, wherein the first terminal possesses a public key of a group formed on the network and a pair of a private key and a public key of a first user who is a user of the first terminal, and the second terminal possesses a public key of the group, the communication method comprises steps A executed by the first terminal and steps B executed by the second terminal,
wherein the steps A include: -
an inquiry information sending step of sending inquiry information to the second terminal, the inquiry information indicating an inquiry about whether or not the second terminal is a terminal of an authorized issuer of the group who has authority to issue a participation certificate;
a permit receiving step of receiving an encrypted participation certificate issue permit from the second terminal;
a decryption trial step of trying decrypting the received participation certificate issue permit using the public key of the group;
an information judgment step of making a judgment on whether decrypted participation certificate issue permit is appropriate or not, when the decryption succeeds in the decryption trial step;
an issuer judgment step of judging that the second terminal is a terminal of an authorized issuer of the group, when the decrypted participation certificate issue permit is judged to be appropriate in the information judgment step;
a membership request sending step of sending membership request information to the second terminal judged to be the authorized issuer in the issuer judgment step, the membership request information including information indicating that the first user wishes to join the group and the pubic key of the first user; and
a participation certificate receiving step of receiving a participation certificate indicating that the first user has been approved to join the group from the second terminal, and the steps B include;
an inquiry information receiving step of receiving the inquiry information from the first terminal;
an encrypted information sending step of sending the encrypted participation certificate issue permit to the first terminal after the inquiry information is received;
a membership request receiving step of receiving the membership request information from the first terminal;
a participation certificate generation step of generating the participation certificate on the basis of the received membership request information; and
a participation certificate sending step of sending the generated participation certificate to the first terminal. - View Dependent Claims (24)
-
-
26. A communication system comprising a first terminal and a second terminal that communicate with each other on a network, the first terminal possessing a public key of a group formed on the network and a pair of a private key and a public key of a first user who is a user of the first terminal, and the second terminal possessing a pair of a private key and a public key of the group,
wherein the first terminal includes: -
an inquiry information sending unit operable to send inquiry information to the second terminal, the inquiry information indicating an inquiry about whether or not the second terminal is a terminal of an authorized member of the group;
an encrypted information receiving unit operable to receive predetermined encrypted information from the second terminal in response to the inquiry information sent by the inquiry information sending unit;
a decryption trial unit operable to try decrypting the received encrypted information using the group public key;
an information judgment unit operable to make a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial unit;
a manager judgment unit operable to judge that the second terminal is a terminal of an authorized manager of the group, when the information judgment unit judges that the decrypted information is appropriate;
a membership request sending unit operable to send membership request information to the second terminal judged to be the authorized manager by the manager judgment unit, the membership request information including information indicating that the first user wishes to join the group and the pubic key of the first user; and
a participation certificate receiving unit operable to receive a participation certificate indicating that the first user has been approved to join the group from the second terminal, and the second terminal includes;
an inquiry information receiving unit operable to receive the inquiry information from the first terminal;
an encrypted information sending unit operable to generate the encrypted information which has been encrypted according to the received inquiry information, and send the generated encrypted information to the first terminal;
a membership request receiving unit operable to receive the membership request information from the first terminal;
a participation certificate generation unit operable to generate the participation certificate on the basis of the received membership request information; and
a participation certificate sending unit operable to send the generated participation certificate to the first terminal. - View Dependent Claims (27, 32)
-
-
28. A communication system comprising a first terminal and a second terminal that communicate with each other on a network, the first terminal possessing a pair of a private key and a public key of a group formed on the network and a public key of a second user who is a user of the second terminal, and the second terminal possessing a public key of the group,
wherein the first terminal includes: -
an inquiry information sending unit operable to send inquiry information to the second terminal, the inquiry information indicating an inquiry about whether or not the second terminal is a terminal of an authorized member of the group;
an encrypted information receiving unit operable to receive predetermined encrypted information from the second terminal in response to the inquiry information sent by the inquiry information sending unit;
a decryption trial unit operable to try decrypting the received encrypted information using the public key of the second user;
an information judgment unit operable to make a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial unit;
a participant judgment unit operable to judge that the second terminal is a terminal of an authorized participant in the group, when the information judgment unit judges that the decrypted information is appropriate;
an assignment information sending unit operable to send assignment information to the second terminal whose user, that is, the second user is judged to be an authorized participant, the assignment information indicating that the second user is wished to be assigned as an issuer of the group who issues a participation certificate;
a public key receiving unit operable to receive the public key of the second user from the second terminal;
a public key judgment unit operable to judge whether or not the received public key of the second user and the public key possessed by the first terminal match;
a permit generation unit operable to generate a participation certificate issue permit indicating that authority to issue the participation certificate is granted to the second user; and
a permit sending unit operable to send the generated participation certificate issue permit to the second terminal, and the second terminal includes;
an inquiry information receiving unit operable to receive the inquiry information from the first terminal;
a public key sending unit operable to send the public key of the second user to the first terminal; and
a permit receiving unit operable to receive the participation certificate issue permit from the first terminal. - View Dependent Claims (29)
-
-
30. A communication system comprising a first terminal and a second terminal that communicate with each other on a network, the first terminal possessing a public key of a group formed on the network and a pair of a private key and a public key of a first user who is a user of the first terminal, and the second terminal possessing a public key of the group,
wherein the first terminal includes: -
an inquiry information sending unit operable to send inquiry information to the second terminal, the inquiry information indicating an inquiry about whether or not the second terminal is a terminal of an authorized issuer of the group who has authority to issue a participation certificate;
a permit receiving unit operable to receive an encrypted participation certificate issue permit from the second terminal;
a decryption trial unit operable to try decrypting the received participation certificate issue permit using the public key of the group;
an information judgment unit operable to make a judgment on whether decrypted participation certificate issue permit is appropriate or not, when the decryption succeeds in the decryption trial unit;
an issuer judgment unit operable to judge that the second terminal is a terminal of an authorized issuer of the group, when the information judgment unit judges that the decrypted participation certificate issue permit is appropriate;
a membership request sending unit operable to send membership request information to the second terminal judged to be the authorized issuer by the issuer judgment unit, the membership request information including information indicating that the first user wishes to join the group and the pubic key of the first user; and
a participation certificate receiving unit operable to receive a participation certificate indicating that the first user has been approved to join the group from the second terminal, and the second terminal includes;
an inquiry information receiving unit operable to receive the inquiry information from the first terminal;
an encrypted information sending unit operable to send the encrypted participation certificate issue permit to the first terminal after receiving the inquiry information;
a membership request receiving unit operable to receive the membership request information from the first terminal, a participation certificate generation unit operable to generate the participation certificate on the basis of the received membership request information; and
a participation certificate sending unit operable to send the generated participation certificate to the first terminal. - View Dependent Claims (31)
-
-
33. A program for a terminal apparatus that communicates with another terminal apparatus on a network, wherein the first terminal apparatus possesses a public key of a group formed on the network, the program comprising:
-
an inquiry information sending step of sending inquiry information to said another terminal apparatus, the inquiry information indicating an inquiry about whether or not said another terminal apparatus is a terminal apparatus of an authorized member of the group;
an encrypted information receiving step of receiving predetermined encrypted information from said another terminal apparatus in response to the inquiry information sent in the inquiry information sending step;
a decryption trial step of trying decrypting the received encrypted information using the group public key;
an information judgment step of making a judgment on whether decrypted information is appropriate or not, when the decryption succeeds in the decryption trial step; and
a terminal judgment step of judging that said another terminal apparatus is a terminal apparatus of an authorized member of the group, when the decrypted information is judged to be appropriate in the information judgment step. - View Dependent Claims (34)
-
Specification