Method for encryption backup and method for decryption restoration
First Claim
1. An encryption backup method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
- generating an encryption/decryption key to encrypt client data therewith;
storing the encryption/decryption key in a storage apparatus;
accepting an arbitrary password through a predetermined input interface;
storing the password as a first password in the storage apparatus;
generating a reissue data processing key from the first password; and
encrypting the encryption/decryption key with the reissue data processing key to generate reissue data.
1 Assignment
0 Petitions
Accused Products
Abstract
A backup method which encrypts user data with an encryption/decryption key generated in an authenticated device; generates a reissue data processing key from a password and a device key in the authenticated device; generates reissue data by encrypting the encryption/decryption key with the generated key; furthermore, generates emergency reissue data by encrypting the password, an authority ID, and the like with an emergency reissue data processing key generated from an insurer key and a users organization key; and backs up the encrypted user data, the reissue data, and the emergency reissue data in a server.
-
Citations
26 Claims
-
1. An encryption backup method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
generating an encryption/decryption key to encrypt client data therewith;
storing the encryption/decryption key in a storage apparatus;
accepting an arbitrary password through a predetermined input interface;
storing the password as a first password in the storage apparatus;
generating a reissue data processing key from the first password; and
encrypting the encryption/decryption key with the reissue data processing key to generate reissue data. - View Dependent Claims (3, 5, 7, 8)
-
-
2. An encryption backup method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
accepting an arbitrary password through a predetermined input interface;
storing the password as a first password in a storage apparatus; and
generating a reissue data processing key to encrypt client data therewith from a device key stored in the storage apparatus and the first password. - View Dependent Claims (9)
-
-
4. An encryption backup method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
accepting an arbitrary password through a predetermined input interface;
storing the password as a first password in the storage apparatus;
generating a reissue data processing key to encrypt client data with from the first password; and
encrypting the first password using an insurer key stored in the storage apparatus so as to be associated with a restoration insurer for backed-up, encrypted client data, thereby generating emergency reissue data. - View Dependent Claims (6)
-
-
10. A decryption restoration method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
accepting an arbitrary password through a predetermined input interface;
generating a reissue data processing key from the password;
acquiring reissue data generated beforehand by encrypting an encryption/decryption key with a reissue data processing key generated from a first password that is an arbitrary password accepted through the input interface, from an information processing apparatus storing the reissue data; and
decrypting the reissue data with the reissue data processing key generated in the generating step thereby taking out the encryption/decryption key to decrypt encrypted client data therewith. - View Dependent Claims (17)
-
-
11. A decryption restoration method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
accepting an arbitrary password through a predetermined input interface; and
generating a reissue data processing key to decrypt encrypted client data therewith from a device key stored in a storage apparatus and the password. - View Dependent Claims (18)
-
-
12. A decryption restoration method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
acquiring emergency reissue data generated beforehand by encrypting a first password, that is an arbitrary password accepted through an input interface, using an insurer key stored in a storage apparatus so as to be associated with a restoration insurer for backed-up, encrypted client data, from an information processing apparatus storing the emergency reissue data;
decrypting the emergency reissue data using the insurer key stored in the storage apparatus thereby taking out the first password; and
generating a reissue data processing key to decrypt encrypted client data therewith from the first password. - View Dependent Claims (19, 20)
-
-
13. A decryption restoration method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
acquiring emergency reissue data generated beforehand by encrypting a first password that is an arbitrary password accepted through an input interface, using an insurer key stored in a storage apparatus so as to be associated with a restoration insurer for backed-up, encrypted client data, from an information processing apparatus storing the emergency reissue data;
decrypting the emergency reissue data using the insurer key stored in the storage apparatus thereby taking out the first password;
generating a reissue data processing key from the first password;
acquiring reissue data generated beforehand by encrypting an encryption/decryption key with a reissue data processing key generated from a first password that is an arbitrary password accepted through the input interface, from an information processing apparatus storing the reissue data; and
decrypting the reissue data with the reissue data processing key generated in the generating step thereby taking out the encryption/decryption key to decrypt encrypted client data therewith.
-
-
14. A decryption restoration method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
acquiring emergency reissue data generated beforehand by encrypting a first password that is an arbitrary password accepted through an input interface, using an insurer key stored in a storage apparatus so as to be associated with a restoration insurer for backed-up, encrypted client data, from an information processing apparatus storing the emergency reissue data;
decrypting the emergency reissue data using the insurer key stored in the storage apparatus so as to be associated with the restoration insurer for backed-up, encrypted client data, thereby taking out the first password; and
generating a reissue data processing key to decrypt encrypted client data therewith from the first password and a device key stored in the storage apparatus.
-
-
15. A decryption restoration method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
acquiring emergency reissue data generated beforehand by encrypting an encryption/decryption key to encrypt/decrypt encrypted client data with generated in the authenticated device, using an insurer key stored in a storage apparatus so as to be associated with a restoration insurer for backed-up, encrypted client data, from an information processing apparatus storing the emergency reissue data; and
decrypting the emergency reissue data using the insurer key stored in the storage apparatus, thereby taking out the encryption/decryption key.
-
-
16. A decryption restoration method to be executed by an authenticated device of a system having at least the authenticated device and a backup apparatus as components, comprising the steps of:
-
acquiring emergency reissue data generated beforehand by encrypting a reissue data processing key generated from a first password that is an arbitrary password accepted through an input interface, using an insurer key stored in a storage apparatus so as to be associated with a restoration insurer for backed-up, encrypted client data, from an information processing apparatus storing the emergency reissue data;
decrypting the emergency reissue data using the insurer key stored in the storage apparatus thereby taking out the reissue data processing key;
acquiring reissue data generated beforehand by encrypting an encryption/decryption key with a reissue data processing key generated from a first password that is an arbitrary password accepted through the input interface, from an information processing apparatus storing the reissue data; and
decrypting the reissue data with the taken-out reissue data processing key thereby taking out the encryption/decryption key to decrypt encrypted client data therewith.
-
-
21. An encryption backup method to be executed by a backup apparatus of a system having at least an authenticated device and the backup apparatus as components, comprising the steps of:
-
accepting client data encrypted with an encryption/decryption key generated in the authenticated device through a predetermined input interface; and
accepting reissue data generated by encrypting the encryption/decryption key with a reissue data processing key generated in the authenticated device from an arbitrary password through a predetermined input interface. - View Dependent Claims (24, 26)
-
-
22. An encryption backup method to be executed by a backup apparatus of a system having at least an authenticated device and the backup apparatus as components, comprising the step of:
accepting client data encrypted with a reissue data processing key generated in the authenticated device from a device key stored in the authenticated device and an arbitrary password through a predetermined input interface.
-
23. An encryption backup method to be executed by a backup apparatus of a system having at least an authenticated device and the backup apparatus as components, comprising the steps of:
-
accepting client data encrypted with a reissue data processing key generated in the authenticated device from an arbitrary password through a predetermined input interface; and
accepting emergency reissue data generated by encrypting the arbitrary password with an insurer key stored in the authenticated device through a predetermined input interface. - View Dependent Claims (25)
-
Specification