SECURE PROCESSING DEVICE, SECURE PROCESSING METHOD, ENCRYPTED CONFIDENTIAL INFORMATION EMBEDDING METHOD, PROGRAM, STORAGE MEDIUM, AND INTEGRATED CIRCUIT
First Claim
1. A secure processing device that performs an operation equivalent to a secure operation performed on a message using the confidential information, and that obtains a same operation result as the secure operation, the secure processing device comprising:
- a storage unit that stores (i) a plurality of split confidential information pieces obtained by splitting the confidential information, (ii) a first confidential information generation equation for calculating the confidential information with use of the plurality of split confidential information pieces that are input to the first confidential information generation equation as arguments, and (iii) a first secure operation procedure indicating a procedure with use of the plurality of split confidential information pieces;
a combined information generation unit operable to generate a plurality of pieces of combined information, each of which is obtained by performing an operation on at least two or more pieces of the split confidential information;
a first generation unit operable to generate a second confidential information generation equation that is equivalent to the first confidential information generation equation, and that takes the plurality of pieces of combined information as;
a second generation unit operable to generate, based on one or more operators included in the second confidential information generation equation, a second secure operation procedure that is equivalent to the first secure operation procedure, and that takes the plurality of pieces of combined information as; and
an executing unit operable to perform the second secure operation procedure on the message.
2 Assignments
0 Petitions
Accused Products
Abstract
When performing secure processing using confidential information that needs to be confidential, the secure processing device according to the present invention prevents the confidential information from being exposed by an unauthorized analysis such as a memory dump. A signature generation device 100 that provides a message M with a signature by using a signature key comprises: a split key storage unit 110 that stores split secret keys obtained by splitting the signature key d into at least two, a signature key generation equation F for calculating the split secret keys to obtain the signature key d, and a signature generation equation; a signature key generation identical equation generation unit 120 that generates a signature key generation identical equation G for obtaining the same result as the signature generation equation F, with use of an associative law, a distributive law, and a commutative law; a combined split key generation unit 130 that generates a plurality of combined split keys that are each a result of calculating the split secret keys, and that are to be arguments for the signature key generation identical equation G; and a signature generation unit 150 that provides the message with the signature, based on the signature key generation identical equation G and the split secret keys.
78 Citations
27 Claims
-
1. A secure processing device that performs an operation equivalent to a secure operation performed on a message using the confidential information, and that obtains a same operation result as the secure operation, the secure processing device comprising:
-
a storage unit that stores (i) a plurality of split confidential information pieces obtained by splitting the confidential information, (ii) a first confidential information generation equation for calculating the confidential information with use of the plurality of split confidential information pieces that are input to the first confidential information generation equation as arguments, and (iii) a first secure operation procedure indicating a procedure with use of the plurality of split confidential information pieces; a combined information generation unit operable to generate a plurality of pieces of combined information, each of which is obtained by performing an operation on at least two or more pieces of the split confidential information; a first generation unit operable to generate a second confidential information generation equation that is equivalent to the first confidential information generation equation, and that takes the plurality of pieces of combined information as; a second generation unit operable to generate, based on one or more operators included in the second confidential information generation equation, a second secure operation procedure that is equivalent to the first secure operation procedure, and that takes the plurality of pieces of combined information as; and an executing unit operable to perform the second secure operation procedure on the message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A secure processing method used in a secure processing device that performs an operation equivalent to a secure operation performed on a message using the confidential information, and that obtains a same operation result as the secure operation, wherein
the secure processing device comprises: -
a storage unit that stores (i) a plurality of split confidential information pieces obtained by splitting the confidential information, (ii) a first confidential information generation equation for calculating the confidential information with use of the plurality of split confidential information pieces that are input to the first confidential information generation equation as arguments, and (iii) a first secure operation procedure indicating a procedure with use of the plurality of split confidential information pieces; and the secure processing method comprises the steps of; generating a plurality of pieces of combined information, each of which is obtained by performing an operation on at least two or more pieces of the split confidential information; generating, based on one or more operators included in the second confidential information generation equation, a second secure operation procedure that is equivalent to the first secure operation procedure, and that takes the plurality of pieces of combined information as the arguments; and performing a secure operation on the message, according to the second secure operation procedure.
-
-
19. A computer program used in a secure processing device that performs an operation equivalent to a secure operation performed on a message using the confidential information, and that obtains a same operation result as the secure operation, the secure processing device comprising, wherein
the secure processing device comprises: -
a storage unit that stores (i) a plurality of split confidential information pieces obtained by splitting the confidential information, (ii) a first confidential information generation equation for calculating the confidential information with use of the plurality of split confidential information pieces that are input to the first confidential information generation equation as arguments, and (iii) a first secure operation procedure indicating a procedure with use of the plurality of split confidential information pieces; and the computer program comprises the steps of; generating a plurality of pieces of combined information, each of which is obtained by performing an operation on at least two or more pieces of the split confidential information; generating a second confidential information generation equation that is equivalent to the first confidential information generation equation, and that takes the plurality of pieces of combined information as arguments; generating, based on one or more operators included in the second confidential information generation equation, a second secure operation procedure that is equivalent to the first secure operation procedure, and that takes the plurality of pieces of combined information as the arguments; and performing a secure operation on the message, according to the second secure operation procedure. - View Dependent Claims (20)
-
-
21. An integrated circuit that performs an operation equivalent to a secure operation performed on a message using the confidential information, and that obtains a same operation result as the secure operation, the integrated circuit comprising:
-
a storage unit that stores (i) a plurality of split confidential information pieces obtained by splitting the confidential information, (ii) a first confidential information generation equation for calculating the confidential information with use of the plurality of split confidential information pieces obtained by splitting the confidential information, the plurality of split confidential information that are input to the first confidential information generation equation as arguments, and (iii) a first secure operation procedure indicating a procedure with use of the plurality of split confidential information pieces; a combined information generation unit operable to generate a plurality of pieces of combined information, each of which is obtained by performing an operation on at least two or more pieces of the split confidential information; a first generation unit operable to generate a second confidential information generation equation that is equivalent to the first confidential information generation equation, and that takes the plurality of pieces of combined information each of which is an operation result of at least two pieces of the plurality of split confidential information as arguments; a second generation unit operable to generate, based on one or more operators included in the second confidential information generation equation, a second secure operation procedure that is equivalent to the first secure operation procedure, and that takes the plurality of pieces of combined information as arguments; and an executing unit operable to perform the second secure operation procedure on the message.
-
-
22. An encrypted confidential information embedding method for encrypting and embedding confidential information in a secure processing device that performs an operation using the confidential information, the encrypted confidential information embedding method comprising the steps of:
-
encrypting the confidential information, with use of an encrypting apparatus that converts the confidential information to a state of being difficult to be analyzed; and embedding the encrypted confidential information in the secure processing device, with use of an encrypted information writing apparatus. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification