CRYPTOGRAPHIC MANAGEMENT APPARATUS, DECRYPTION MANAGEMENT APPARATUS AND PROGRAM

US 20090138700A1
Filed: 09/25/2008
Published: 05/28/2009
Est. Priority Date: 09/28/2007
Status: Active Grant

First Claim

Patent Images

1. A cryptographic management apparatus comprising:

a storage device which stores cryptographic key information including a cryptographic key used for encrypting object information and cryptographic process condition information including the cryptographic key information as the condition for executing the cryptographic process;

a cryptographic process information input device configured to receive an input of the object information and cryptographic key search request information;

a cryptographic key information acquisition device configured to acquire the cryptographic key information including the cryptographic key corresponding to the search request information from the storage device based on the cryptographic key search request information input;

a cryptographic module evaluation description information acquisition device configured to acquire evaluation description information on a cryptographic module suitable for the cryptographic process corresponding to the cryptographic key information acquired by the cryptographic key information acquisition device;

a cryptographic process ID creation device configured to attach, to the object information, an identifier of the cryptographic process condition information at the time of encrypting the object information with the cryptographic key information and the cryptographic module corresponding to the acquired evaluation description information; and

an output device configured to output the attached identifier of the cryptographic process condition information and the result of execution of the cryptographic process on the object information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic management apparatus includes a storage unit which stores cryptographic key information containing a cryptographic key and cryptographic process condition information containing the cryptographic key information, a cryptographic process information input unit which receives an input of the object information and cryptographic key search request information, a cryptographic key information acquisition unit which acquires the cryptographic key information from the storage unit based on the search request information, a cryptographic module evaluation description information acquisition unit which acquires evaluation description information of the cryptographic module corresponding to the cryptographic key information, a cryptographic process ID creation unit which attaches an identifier of the cryptographic process condition information to the object information based on the cryptographic key information and the cryptographic module corresponding to the evaluation description information, and an output which outputs the identifier and the result of the cryptographic process executed on the object information.

Citations

25 Claims

1. A cryptographic management apparatus comprising:
- a storage device which stores cryptographic key information including a cryptographic key used for encrypting object information and cryptographic process condition information including the cryptographic key information as the condition for executing the cryptographic process;
  
  a cryptographic process information input device configured to receive an input of the object information and cryptographic key search request information;
  
  a cryptographic key information acquisition device configured to acquire the cryptographic key information including the cryptographic key corresponding to the search request information from the storage device based on the cryptographic key search request information input;
  
  a cryptographic module evaluation description information acquisition device configured to acquire evaluation description information on a cryptographic module suitable for the cryptographic process corresponding to the cryptographic key information acquired by the cryptographic key information acquisition device;
  
  a cryptographic process ID creation device configured to attach, to the object information, an identifier of the cryptographic process condition information at the time of encrypting the object information with the cryptographic key information and the cryptographic module corresponding to the acquired evaluation description information; and
  
  an output device configured to output the attached identifier of the cryptographic process condition information and the result of execution of the cryptographic process on the object information.
- View Dependent Claims (2, 3, 4)
- - 2. The cryptographic management apparatus according to claim 1,wherein the cryptographic module evaluation description information acquisition device, with regard to a cryptographic module selection unit connected to the cryptographic management apparatus, acquires the evaluation description information for the cryptographic module adapted to the cryptographic process corresponding to the cryptographic key information acquired by the cryptographic key information acquisition device.
  - 3. The cryptographic management apparatus according to claim 2, further comprising:
    - a second cryptographic module evaluation description information acquisition device configured to acquire the evaluation description information of the cryptographic key creation module for creating the cryptographic key from the cryptographic method parameter information; and
      
      a cryptographic key creation device configured to create the cryptographic key based on the evaluation description information of the cryptographic key creation module acquired from the second cryptographic module evaluation description information acquisition device on the one hand and the cryptographic method parameter information acquired from the cryptographic parameter information acquisition device on the other hand.
  - 4. The cryptographic management apparatus according to claim 3, further comprising:
    - a cryptographic process device configured to execute the cryptographic process for the object information based on the cryptographic module evaluation description information acquired by the first cryptographic module evaluation description acquisition device and the cryptographic key information acquired by the cryptographic key information acquisition device.

5. A cryptographic management apparatus comprising:
- a storage device which stores cryptographic key information including a cryptographic key to encrypt object information and cryptographic process condition information including the cryptographic key information as the encryption condition for encrypting the object information;
  
  a cryptographic process information input device configured to receive an input of the object information and cryptographic key creation request information;
  
  a cryptographic parameter information acquisition device configured to acquire cryptographic method parameter information to create the cryptographic key corresponding to the creation request information from the storage device based on the cryptographic key creation request information input;
  
  a cryptographic key creation ID creation device configured to create cryptographic key creation condition information by relating the cryptographic method parameter information and the cryptographic key created based on the acquired cryptographic method parameter information to each other and attach an identifier of the created cryptographic key creation condition information;
  
  a first cryptographic module evaluation description information acquisition device configured to acquire evaluation description information for the cryptographic module adapted to the cryptographic process corresponding to the created cryptographic key creation condition information;
  
  a cryptographic process ID creation device configured to attach, to the object information, an identifier of the cryptographic process condition information at the time of encrypting the object information with the cryptographic key information and the cryptographic module corresponding to the acquired evaluation description information; and
  
  an output device configured to output the attached identifier of the cryptographic process condition information and the result of the cryptographic process executed on the object information.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The cryptographic management apparatus according to claim 5,wherein the cryptographic module evaluation description information acquisition device, with regard to a cryptographic module selection unit connected to the cryptographic management apparatus, acquires the evaluation description information for the cryptographic module adapted to the cryptographic process corresponding to the cryptographic key information acquired by the cryptographic key information acquisition device.
  - 7. The cryptographic management apparatus according to claim 6, further comprising:
    - a second cryptographic module evaluation description information acquisition device configured to acquire the evaluation description information of the cryptographic key creation module for creating the cryptographic key from the cryptographic method parameter information; and
      
      a cryptographic key creation device configured to create the cryptographic key based on the evaluation description information of the cryptographic key creation module acquired from the second cryptographic module evaluation description information acquisition device on the one hand and the cryptographic method parameter information acquired from the cryptographic parameter information acquisition device on the other hand.
  - 8. The cryptographic management apparatus according to claim 7, further comprising:
    - a cryptographic process device configured to execute the cryptographic process for the object information based on the cryptographic module evaluation description information acquired by the first cryptographic module evaluation description acquisition device and the cryptographic key information acquired by the cryptographic key information acquisition device.
  - 9. The cryptographic management apparatus according to claim 5, further comprising:
    - a second cryptographic module evaluation description information acquisition device configured to acquire the evaluation description information of the cryptographic key creation module for creating the cryptographic key from the cryptographic method parameter information; and
      
      a cryptographic key creation device configured to create the cryptographic key based on the evaluation description information of the cryptographic key creation module acquired from the second cryptographic module evaluation description information acquisition device on the one hand and the cryptographic method parameter information acquired from the cryptographic parameter information acquisition device on the other hand.
  - 10. The cryptographic management apparatus according to claim 9, further comprising:
    - a cryptographic process device configured to execute the cryptographic process for the object information based on the cryptographic module evaluation description information acquired by the first cryptographic module evaluation description acquisition device and the cryptographic key information acquired by the cryptographic key information acquisition device.

11. A decryption management apparatus comprising:
- a storage device which stores a decryption key information including a decryption key for executing a decryption process on encrypted information and decryption process condition information including the decryption key information as the decryption condition for execution of the decryption process;
  
  a decryption process information input device configured to receive an input of the encrypted information and decryption key search request information;
  
  a decryption key information acquisition device configured to acquire the decryption key information including the decryption key corresponding to the search request information from the storage device based on the decryption key search request information input;
  
  a decryption evaluation description information acquisition device configured to acquire evaluation description information of a decryption module adapted to the decryption process corresponding to the decryption key information acquired by the decryption key information acquisition device;
  
  a decryption process ID creation device configured to attach, to the encrypted information, an identifier of the decryption process condition information for executing the decryption process on the encrypted information based on the decryption key information and the decryption module corresponding to the acquired evaluation description information; and
  
  an output device configured to output the attached identifier of the decryption process condition information and the result of the decryption process executed on the encrypted information.
- View Dependent Claims (12, 13, 14)
- - 12. The decryption management apparatus according to claim 11,wherein the decryption evaluation description information acquisition device, with regard to a decryption module selection unit connected to the decryption management apparatus, acquires the evaluation description information of the decryption module adapted to the decryption process corresponding to the decryption key information acquired by the decryption key information acquisition device.
  - 13. The decryption management apparatus according to claim 12, further comprising:
    - a second decryption evaluation description information acquisition device configured to acquire the evaluation description information of a decryption key creation module for creating the decryption key from the decryption system parameter information; and
      
      a decryption key creation device configured to create the decryption key based on the evaluation description information of the decryption key creation module acquired from the second decryption evaluation description information acquisition device and the decryption system parameter information acquired from the decryption parameter information acquisition device.
  - 14. The decryption management apparatus according to claim 13, further comprising:
    - a decryption process device configured to execute the decryption process on the encrypted information based on the decryption evaluation description information acquired by the first decryption evaluation description acquisition device and the decryption key information acquired by the decryption key information acquisition device.

15. A decryption management apparatus comprising:
- a storage device which stores decryption key information including a decryption key for executing a decryption process on encrypted information and decryption process condition information as the decryption condition including the decryption key information for execution of the decryption process;
  
  a decryption process information input device configured to receive an input of the encrypted information and decryption key creation request information;
  
  a decryption parameter information acquisition device configured to acquire decryption system parameter information for creating the decryption key corresponding to the creation request information from the storage device based on the decryption key creation request information input;
  
  a decryption key creation ID creation device configured to create decryption key creation condition information by relating the decryption key created based on the acquired decryption system parameter information and the decryption system parameter information to each other and attach an identifier of the created decryption key creation condition information;
  
  a first decryption evaluation description information acquisition device configured to acquire evaluation description information of a decryption module adapted to the decryption process corresponding to the created decryption key creation condition information;
  
  a decryption process ID creation device configured to attach an identifier of the decryption process condition information for execution of the decryption process on the encrypted information based on the decryption key information and the decryption module corresponding to the acquired evaluation description information; and
  
  an output device configured to output the attached identifier of the decryption process condition information and the result of the decryption process executed on the encrypted information.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The decryption management apparatus according to claim 15,wherein the decryption evaluation description information acquisition device, with regard to a decryption module selection unit connected to the decryption management apparatus, acquires the evaluation description information of the decryption module adapted to the decryption process corresponding to the decryption key information acquired by the decryption key information acquisition device.
  - 17. The decryption management apparatus according to claim 16, further comprising:
    - a second decryption evaluation description information acquisition device configured to acquire the evaluation description information of a decryption key creation module for creating the decryption key from the decryption system parameter information; and
      
      a decryption key creation device configured to create the decryption key based on the evaluation description information of the decryption key creation module acquired from the second decryption evaluation description information acquisition device and the decryption system parameter information acquired from the decryption parameter information acquisition device.
  - 18. The decryption management apparatus according to claim 17, further comprising:
    - a decryption process device configured to execute the decryption process on the encrypted information based on the decryption evaluation description information acquired by the first decryption evaluation description acquisition device and the decryption key information acquired by the decryption key information acquisition device.
  - 19. The decryption management apparatus according to claim 15, further comprising:
    - a second decryption evaluation description information acquisition device configured to acquire the evaluation description information of a decryption key creation module for creating the decryption key from the decryption system parameter information; and
      
      a decryption key creation device configured to create the decryption key based on the evaluation description information of the decryption key creation module acquired from the second decryption evaluation description information acquisition device and the decryption system parameter information acquired from the decryption parameter information acquisition device.
  - 20. The decryption management apparatus according to claim 19, further comprising:
    - a decryption process device configured to execute the decryption process on the encrypted information based on the decryption evaluation description information acquired by the first decryption evaluation description acquisition device and the decryption key information acquired by the decryption key information acquisition device.

21. A program stored in a computer readable storage medium used for a cryptographic management apparatus, comprising:
- a program code for causing the cryptographic management apparatus to execute the process of storing, sequentially in a storage device, cryptographic key information including a cryptographic key for executing a cryptographic process on object information and cryptographic process condition information including the cryptographic key information as the encryption condition for execution of the cryptographic process;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of receiving an input of the object information and cryptographic key search request information;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of acquiring the cryptographic key information including the cryptographic key corresponding to the search request information from the storage device based on the cryptographic key search request information input;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of acquiring evaluation description information of a cryptographic module adapted to the cryptographic process corresponding to the cryptographic key information acquired;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of attaching, to the object information, an identifier of the cryptographic process condition information at the time of execution of the cryptographic process based on the cryptographic key information and the cryptographic module corresponding to the acquired evaluation description information; and
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of outputting the attached identifier of the cryptographic process condition information and the result of the cryptographic process executed on the object information.

22. A program stored in a computer readable storage medium used for a cryptographic management apparatus, comprising:
- a program code for causing the cryptographic management apparatus to execute the process of storing, sequentially in a storage device, cryptographic key information including a cryptographic key for executing a cryptographic process on object information and cryptographic process condition information including the cryptographic key information as the cryptographic conditions for execution of the cryptographic process;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of receiving an input of the object information and cryptographic key creation request information;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of acquiring cryptographic method parameter information for creating the cryptographic key corresponding to the creation request information from the storage device based on the cryptographic key creation request information input;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of creating cryptographic key creation condition information by relating the cryptographic key created based on the acquired cryptographic method parameter information and the cryptographic method parameter information to each other and attaching an identifier of the created cryptographic key creation condition information;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of acquiring evaluation description information of a cryptographic module adapted to the cryptographic process corresponding to the cryptographic key creation condition information created;
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of attaching an identifier of the cryptographic process condition information at the time of execution of the cryptographic process on the object information with the cryptographic key information and the cryptographic module corresponding to the acquired evaluation description information; and
  
  a program code for causing the cryptographic management apparatus to sequentially execute the process of outputting the attached identifier of the cryptographic process condition information and the result of the cryptographic process executed on the object information.

23. A program stored in a computer readable storage medium used for a decryption management apparatus, comprising:
- a program code for causing the decryption management apparatus to sequentially execute the process of storing, in a storage device, decryption key information including a decryption key for executing a decryption process on encrypted information and decryption process condition information including the decryption key information as the decryption condition at the time of executing the decryption process;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of receiving an input of the encrypted information and decryption key search request information;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of acquiring the decryption key information including the decryption key corresponding to the search request information from the storage device based on the decryption key search request information input;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of acquiring evaluation description information of a decryption module adapted to the decryption process corresponding to the acquired decryption key information;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of attaching an identifier of the decryption process condition information for executing the decryption process on the encrypted information based on the decryption key information and the decryption module corresponding to the acquired evaluation description information; and
  
  a program code for causing the decryption management apparatus to sequentially execute the process of outputting the attached identifier of the decryption process condition information and the result of the decryption process executed on the encrypted information.

24. A program stored in a computer readable storage medium used for a decryption management apparatus, comprising:
- a program code for causing the decryption management apparatus to sequentially execute the process of storing, in a storage device, decryption key information including a decryption key for executing a decryption process on encrypted information and decryption process condition information including the decryption key information as the decryption condition at the time of executing the decryption process;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of receiving an input of the encrypted information and decryption key creation request information;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of acquiring decryption system parameter information for creating the decryption key corresponding to the creation request information from the storage device based on the decryption key creation request information input;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of creating decryption key creation condition information by relating the decryption key created based on the acquired decryption system parameter information and the decryption system parameter information to each other and attaching an identifier of the created decryption key creation condition information;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of acquiring evaluation description information for a decryption module adapted to the decryption process corresponding to the created decryption key creation condition information;
  
  a program code for causing the decryption management apparatus to sequentially execute the process of attaching an identifier of the decryption process condition information at the time of executing the decryption process on the encrypted information based on the decryption key information and the decryption module corresponding to the acquired evaluation description information; and
  
  a program code for causing the decryption management apparatus to sequentially execute the process of outputting the attached identifier of the decryption process condition information and the result of the decryption process executed on the encrypted information.

25. A cryptographic management apparatus having a storage device which stores cryptographic key information for execution of a cryptographic process on object information and cryptographic process condition information for execution of the cryptographic process, comprising:
- a cryptographic process request receiving device configured to receive an input of the object information and a cryptographic process ID for identifying the cryptographic process condition information for the cryptographic process executed previously;
  
  a cryptographic context information acquisition device configured to acquire the cryptographic key information and cryptographic method parameter information similar to those for the previously executed cryptographic process associated with the cryptographic process ID;
  
  a cryptographic process device configured to execute the cryptographic process on the object information based on the cryptographic key information and the cryptographic method parameter information acquired by the cryptographic context information acquisition device;
  
  a cryptographic process ID creation device configured to attach an identifier for identifying the cryptographic process condition information for the cryptographic process result; and
  
  an output device configured to output the attached identifier of the cryptographic process condition information and the result of the cryptographic process executed on the object information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Toshiba Digital Solutions Corporation (Toshiba Corporation), Yokosuka Telecom Research Park, Inc.
Original Assignee
Toshiba Solutions Corporation (Toshiba Corporation), Yokosuka Telecom Research Park, Inc.
Inventors
Sakamura, Ken, Koshizuka, Noboru, Fukushima, Shigeyuki, Okada, Koji, Miyazaki, Shingo, Nakamizo, Takanori, Ishikawa, Chiaki, Tochikubo, Kouya, Niwa, Akito

Granted Patent

US 8,688,969 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/150
CPC Class Codes

H04L 2209/12 Details relating to cryptog...

H04L 9/0894 Escrow, recovery or storing...

CRYPTOGRAPHIC MANAGEMENT APPARATUS, DECRYPTION MANAGEMENT APPARATUS AND PROGRAM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

CRYPTOGRAPHIC MANAGEMENT APPARATUS, DECRYPTION MANAGEMENT APPARATUS AND PROGRAM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links