Key agreement system, shared-key generation apparatus, and shared-key recovery apparatus
First Claim
1. A key agreement system comprising a shared-key generation apparatus and a shared-key recovery apparatus, each apparatus establishing therein a same shared key in secrecy, wherein the shared-key generation apparatus includes:
- a seed-value generating unit operable to generate a seed value;
a first shared-key generating unit operable to generate a blind value and a shared key, from the seed value;
an encryption unit operable to encrypt the seed value based on the blind value, to generate encryption information; and
a transmitting unit operable to transmit the encryption information, and the shared-key recovery apparatus includes;
a receiving unit operable to receive the encryption information;
a decryption unit operable to decrypt the encryption information, to generate a decryption seed value;
a second shared-key generating unit operable to generate a decryption blind value and a decryption shared key, using the decryption seed value and according to a same method as used in the first shared-key generating unit;
a re-encryption unit operable to encrypt the decryption seed value based on the decryption blind value, to generate re-encryption information;
a judging unit operable to judge, based on the encryption information and the re-encryption information, whether the decryption shared key should be outputted; and
an outputting unit operable, when the judging unit has judged affirmatively, to output the decryption shared key.
2 Assignments
0 Petitions
Accused Products
Abstract
Provided is a content distribution system that prevents different keys to be derived between an encryption apparatus and a decryption apparatus. A random-number generating unit 112, in an encryption apparatus 110, generates a random number s. A first function unit 113 generates a functional value G(s) of the random number s, and generates a random-number value u and a shared key K from the functional value G(s). An encryption unit 114 generates a first cipher text c1 of the random number s, using a public-key polynomial h and the random-number value u. A decryption unit 123, in a decryption apparatus 120, decrypts the first cipher text c1 using a secret-key polynomial f, to generate a decryption random number s′ A second function unit 126 generates a functional value G(s′) of the decryption random number s′, and generates a random-number value u′ and a shared key K′from the functional value G(s′ ). A comparison unit 127 generates a first re-cipher text c1′, using the random-number value u′ and the shared key K′, and outputs the shared key K′ if the first cipher text c1 is equal to the first re-cipher text c1′.
-
Citations
43 Claims
-
1. A key agreement system comprising a shared-key generation apparatus and a shared-key recovery apparatus, each apparatus establishing therein a same shared key in secrecy, wherein
the shared-key generation apparatus includes: -
a seed-value generating unit operable to generate a seed value;
a first shared-key generating unit operable to generate a blind value and a shared key, from the seed value;
an encryption unit operable to encrypt the seed value based on the blind value, to generate encryption information; and
a transmitting unit operable to transmit the encryption information, and the shared-key recovery apparatus includes;
a receiving unit operable to receive the encryption information;
a decryption unit operable to decrypt the encryption information, to generate a decryption seed value;
a second shared-key generating unit operable to generate a decryption blind value and a decryption shared key, using the decryption seed value and according to a same method as used in the first shared-key generating unit;
a re-encryption unit operable to encrypt the decryption seed value based on the decryption blind value, to generate re-encryption information;
a judging unit operable to judge, based on the encryption information and the re-encryption information, whether the decryption shared key should be outputted; and
an outputting unit operable, when the judging unit has judged affirmatively, to output the decryption shared key. - View Dependent Claims (2)
-
-
3. A shared-key generation apparatus that notifies a destination apparatus about a shared key in secrecy, the shared-key generation apparatus comprising:
-
a seed-value generating unit operable to generate a seed value;
a shared-key generating unit operable to generate a blind value and a shared key, from the seed value;
an encryption unit operable to encrypt the seed value based on the blind value, to generate encryption information; and
a transmitting unit operable to transmit the encryption information. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A shared-key recovery apparatus that receives a shared key from a shared-key generation apparatus in secrecy, the shared-key generation apparatus generating a seed value, generating a blind value and a shared key from the seed value, encrypting the seed value based on the blind value to generate encryption information, and transmitting the encryption information, the shared-key recovery apparatus comprising:
-
a receiving unit operable to receive the encryption information;
a decryption unit operable to decrypt the encryption information, to generate a decryption seed value;
a shared-key generating unit operable to generate a decryption blind value and a decryption shared key, using the decryption seed value and according to a same shared-key generating method used in the shared-key generation apparatus;
a re-encryption unit operable to encrypt the decryption seed value based on the decryption blind value, to generate re-encryption information;
a judging unit operable to judge, based on the encryption information and the re-encryption information, whether the decryption shared key should be outputted; and
an outputting unit operable, when the judging unit has judged affirmatively, to output the decryption shared key. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A shared-key generating method used in a shared-key generation apparatus that notifies a destination apparatus about a shared key in secrecy, the shared-key generating method comprising:
-
a seed-value generating step of generating a seed value;
a shared-key generating step of generating a blind value and a shared key, from the seed value;
an encryption step of encrypting the seed value based on the blind value, to generate encryption information; and
a transmitting step of transmitting the encryption information.
-
-
39. A shared-key generating program used in a shared-key generation apparatus that notifies a destination apparatus about a shared key in secrecy, the shared-key generating program comprising:
-
a seed-value generating step of generating a seed value;
a shared-key generating step of generating a blind value and a shared key, from the seed value;
an encryption step of encrypting the seed value based on the blind value, to generate encryption information; and
a transmitting step of transmitting the encryption information. - View Dependent Claims (40)
-
-
41. A shared-key recovery method used in a shared-key recovery apparatus that receives a shared key from a shared-key generation apparatus in secrecy, the shared-key generation apparatus generating a seed value, generating a blind value and a shared key from the seed value, encrypting the seed value based on the blind value to generate encryption information, and transmitting the encryption information, the shared-key recovery method comprising:
-
a receiving step of receiving the encryption information;
a decryption step of decrypting the encryption information, to generate a decryption seed value;
a shared-key generating step of generating a decryption blind value and a decryption shared key, using the decryption seed value and according to a same shared-key generating method used in the shared-key generation apparatus;
a re-encryption step of encrypting the decryption seed value based on the decryption blind value, to generate re-encryption information;
a judging step of judging, based on the encryption information and there-encryption information, whether the decryption shared key should be outputted; and
an outputting step, when the judging unit has judged affirmatively, of outputting the decryption shared key.
-
-
42. A shared-key recovery program used in a shared-key recovery apparatus that receives a shared key from a shared-key generation apparatus in secrecy, the shared-key generation apparatus generating a seed value, generating a blind value and a shared key from the seed value, encrypting the seed value based on the blind value to generate encryption information, and transmitting the encryption information, the shared-key recovery program comprising:
-
a receiving step of receiving the encryption information;
a decryption step of decrypting the encryption information, to generate a decryption seed value;
a shared-key generating step of generating a decryption blind value and a decryption shared key, using the decryption seed value and according to a same shared-key generating method used in the shared-key generation apparatus;
a re-encryption step of encrypting the decryption seed value based on the decryption blind value, to generate re-encryption information;
a judging step of judging, based on the encryption information and the re-encryption information, whether the decryption shared key should be outputted; and
an outputting step, when the judging unit has judged affirmatively, of outputting the decryption shared key. - View Dependent Claims (43)
-
Specification