DATA STORAGE DEVICE, MANAGEMENT SERVER, INTEGRATED CIRCUIT, DATA UPDATE SYSTEM, HOME ELECTRIC APPARATUSES, DATA UPDATE METHOD, ENCRYPTION METHOD, AND ENCRYPTION/DECRYPTION KEY GENERATION METHOD
First Claim
Patent Images
1. A data storage apparatus connected to a management server, comprising:
- a data storage section that stores data Pn as data of n'"'"'th (where n≧
1);
a key generation information storage section that stores first generation information and second generation information for generating key information;
a key generation section that generates key information from said first generation information and second generation information; and
an update section that updates said data and said first generation information and second generation information, wherein;
first generation information stored in said key generation information storage section is X(n,A) resulting from performing irreversible calculation X n times using first secret information A as a starting parameter of the irreversible calculation X, and second generation information stored in said key generation information storage section is Y(M−
n,B) resulting from performing irreversible calculation Y M−
n times (where M−
n≧
1) on second secret information B; and
when receiving from the management server update information for updating data Pn to updated data Pk (where M≧
k≧
1), the update information being used for a plurality of data storage apparatuses, each of the plurality of the data storage apparatuses having one among data of (n−
i)'"'"'th through data of (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1), the data Pn being among data of (n−
i)'"'"'th through data of (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1);
said key generation section generates X(n+j,A) by performing irreversible calculation X j times using first generation information as a starting parameter of the irreversible calculation X, generates Y(M−
n+i,B) by performing irreversible calculation Y i times using second generation information as a starting parameter of the irreversible calculation Y, and furthermore generates key information G (X(n+j,A), Y(M−
n+i,B)) (where G is an arbitrary function) from said X(n+j,A) and Y(M−
n+i,B); and
said update section decrypts encrypted form of said update information using said generated key information G(X(n+j,A), Y(M−
n+i,B)), acquires data Pk, first updated generation information X(k,A) and second updated generation information Y(M−
k,B), updates data Pn stored in said data storage section to data Pk, and updates first generation information X(n,A) and second generation information Y(M−
n,B) stored in said key generation information storage section to first updated generation information X(k,A) and second updated generation information Y(M−
k,B) respectively.
2 Assignments
0 Petitions
Accused Products
Abstract
Provided is a data storage device capable of safely and effectively updating software of a home electric apparatus. In the home electric apparatus (100) in which currently used data is to be updated to new data, a reception unit (140) receives encrypted new data and a serial number of data to be updated. A key generation unit (112) generates a key by executing a predetermined irreversible calculation on the unique information correlated to the currently used data by a number of times based on the serial number of the data to be updated. An update unit (113) decrypts the new data by using the key.
29 Citations
21 Claims
-
1. A data storage apparatus connected to a management server, comprising:
-
a data storage section that stores data Pn as data of n'"'"'th (where n≧
1);a key generation information storage section that stores first generation information and second generation information for generating key information; a key generation section that generates key information from said first generation information and second generation information; and an update section that updates said data and said first generation information and second generation information, wherein; first generation information stored in said key generation information storage section is X(n,A) resulting from performing irreversible calculation X n times using first secret information A as a starting parameter of the irreversible calculation X, and second generation information stored in said key generation information storage section is Y(M−
n,B) resulting from performing irreversible calculation Y M−
n times (where M−
n≧
1) on second secret information B; andwhen receiving from the management server update information for updating data Pn to updated data Pk (where M≧
k≧
1), the update information being used for a plurality of data storage apparatuses, each of the plurality of the data storage apparatuses having one among data of (n−
i)'"'"'th through data of (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1), the data Pn being among data of (n−
i)'"'"'th through data of (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1);said key generation section generates X(n+j,A) by performing irreversible calculation X j times using first generation information as a starting parameter of the irreversible calculation X, generates Y(M−
n+i,B) by performing irreversible calculation Y i times using second generation information as a starting parameter of the irreversible calculation Y, and furthermore generates key information G (X(n+j,A), Y(M−
n+i,B)) (where G is an arbitrary function) from said X(n+j,A) and Y(M−
n+i,B); andsaid update section decrypts encrypted form of said update information using said generated key information G(X(n+j,A), Y(M−
n+i,B)), acquires data Pk, first updated generation information X(k,A) and second updated generation information Y(M−
k,B), updates data Pn stored in said data storage section to data Pk, and updates first generation information X(n,A) and second generation information Y(M−
n,B) stored in said key generation information storage section to first updated generation information X(k,A) and second updated generation information Y(M−
k,B) respectively. - View Dependent Claims (2, 3)
-
-
4. A management server comprising:
-
a secret information storing section that stores first secret information A and second secret information B for each type of a plurality of data storage apparatuses; and a generation information generation section that generates first generation information and second generation information for each of the plurality of data storage apparatuses, wherein, vis-à
-vis a predetermined data storage apparatus that stores data Pn as data of n'"'"'th (where n≧
1), said generation information generation section reads first secret information A and second secret information B from said secret information storing section, generates first generation information X(n,A) by performing irreversible calculation X n times using said first secret information A as a starting parameter of the irreversible calculation X, and generates second generation information Y(M−
n,B) by performing irreversible calculation Y M−
n times (where M−
n≧
1) on said second secret information B.
-
-
5. A management server comprising:
-
a secret information storing section that stores first secret information A and second secret information B for each type of a plurality of data storage apparatuses; a generation information generation section that generates first generation information and second generation information for each of the plurality of data storage apparatuses; an encryption key generation section that generates an encryption key from said first generation information and second generation information; and an update information generation section that generates update information transmitted to a data storage apparatus, wherein when update information containing data Pk as data of k'"'"'th (where M≧
k≧
1) is generated, vis-à
-vis a data storage apparatus that stores data Pn as one among data of (n−
i)'"'"'th through data of (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1);said generation information generation section reads first secret information A and second secret information B from said secret information storing section, generates first generation information X(k,A) by performing irreversible calculation X k times using said first secret information A as a starting parameter of the irreversible calculation X, and generates second generation information Y(M−
k,B) by performing irreversible calculation Y M−
k times using said second secret information B as a starting parameter of the irreversible calculation Y;said encryption key generation section generates X(n+j,A) by performing irreversible calculation X n+j times using said first secret information A as a starting parameter of the irreversible calculation X, generates Y(M−
n+i,B) by performing irreversible calculation Y M−
n+i times using said second secret information B as a starting parameter of the irreversible calculation Y, and furthermore generates key information G (X(n+j,A), Y(M−
n+i,B)) (where G is an arbitrary function) from said generated X(n+k,A) and Y(M−
n+i,B); andsaid update information generation section concatenates said data Pk and first generation information X(k,A) and second generation information Y(M−
k,B), and furthermore performs encryption of the concatenated data using said key information G(X(n+j,A), Y(M−
n+i,B)), and furthermore concatenates control information controlling update information processing in a data storage apparatus that received update information, and generates update information. - View Dependent Claims (6)
-
-
7. An integrated circuit that is installed in a data storage apparatus, connected to a management server, that stores data Pn as data of n'"'"'th (where n≧
- 1), said integrated circuit comprising;
a key generation information storage section that stores first generation information and second generation information for generating key information; a key generation section that generates key information from said first generation information and second generation information; and an update section that updates data stored in said data storage apparatus and said first generation information and second generation information, wherein; first generation information stored in said key generation information storage section is X(n,A) resulting from performing irreversible calculation X n times using first secret information A as a starting parameter of the irreversible calculation X, and second generation information stored in said key generation information storage section is Y(M−
n,B) resulting from performing irreversible calculation Y M−
n times (where M−
n≧
1) on second secret information B; andwhen receiving from the management server update information for updating data Pn to updated data Pk (where M≧
k≧
1), the update information being used for a plurality of data storage apparatuses, each of the plurality of the data storage apparatuses having one among data of (n−
i)'"'"'th through data of (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1), the data Pn being among data of (n−
i)'"'"'th through data of (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1);said key generation section generates X(n+j,A) by performing irreversible calculation X j times using first generation information as a starting parameter of the irreversible calculation X, generates Y(M−
n+i,B) by performing irreversible calculation Y i times using second generation information as a starting parameter of the irreversible calculation Y, and furthermore generates key information G (X(n+j,A), Y(M−
n+i,B)) (where G is an arbitrary function) from said X(n+j,A) and Y(M−
n+i,B); andsaid update section decrypts encryption of said update information using said generated key information G(X(n+j,A), Y(M−
n+i,B)) and acquires data Pk and first updated generation information X(k,A) and second updated generation information Y(M−
k,B), updates data Pn stored in said data storage apparatus to data Pk, and updates first generation information X(n,A) and second generation information Y(M−
n,B) stored in said key generation information storage section to first updated generation information X(k,A) and second updated generation information Y(M−
k,B) respectively. - View Dependent Claims (8, 9)
- 1), said integrated circuit comprising;
-
10. A data update system comprising:
-
a data storage apparatus that stores data Pn as data of n'"'"'th (where n≧
1);a management apparatus that stores apparatus information of said data storage apparatus; and a management server that updates data installed in said data storage apparatus, wherein; said data storage apparatus has; a data storage section that stores data Pn; a key generation information storage section that stores first generation information and second generation information for generating key information; a key generation section that generates key information from said first generation information and second generation information; and an update section that updates said data and said first generation information and second generation information, wherein first generation information stored in said key generation information storage section is X(n,A) resulting from performing irreversible calculation X n times using first secret information A as a starting parameter of the irreversible calculation X, and second generation information stored in said key generation information storage section is Y(M−
n,B) resulting from performing irreversible calculation Y M−
n times (where M−
n≧
1) on second secret information B;said management apparatus has; an apparatus information management section that stores apparatus information registered from said data storage apparatus; and a data update section that updates data stored by said data storage apparatus; and said management server has; a secret information storing section that stores first secret information A and second secret information B for each type of a plurality of data storage apparatuses; a generation information generation section that generates first generation information and second generation information for each of the plurality of data storage apparatuses; an encryption key generation section that generates an encryption key from said first generation information and second generation information; and an update information generation section that generates update information transmitted to a data storage apparatus; and said data update section further has; a verification section that verifies apparatus information contained in update information with apparatus information held by said apparatus information management section; a storing section that stores update information; and an update processing control section that controls processing that updates data stored by said data storage apparatus performed vis-à
-vis said data storage apparatus,wherein, when data of a data storage apparatus installed with data as one among data of (n−
i)'"'"'th through (n+j)'"'"'th (where M≧
n+j≧
n≧
n−
i≧
1) is updated to data Pk as data of k'"'"'th (where M≧
k≧
1),in said management server; said generation information generation section reads first secret information A and second secret information B from said secret information storing section, generates first updated generation information X(k,A) by performing irreversible calculation X k times using said first secret information A as a starting parameter of the irreversible calculation X, and generates second generation information Y(M−
k,B) by performing irreversible calculation Y M−
k times using said second secret information B as a starting parameter of the irreversible calculation Y;said encryption key generation section generates X(n+j,A) by performing irreversible calculation X n+j times using said first secret information A as a starting parameter of the irreversible calculation X, generates Y(M−
n+i,B) by performing irreversible calculation Y M−
n+i times using said second secret information B as a starting parameter of the irreversible calculation Y, and furthermore generates key information G (X(n+j,A), Y(M−
n+i,B)) (where G is an arbitrary function) from said generated X(n+j,A) and Y(M−
n+i,B); andsaid update information generation section concatenates said data Pk and first updated generation information X(k,A) and second updated generation information Y(M−
k,B), and furthermore performs encryption using said key information G(X(n+j,A), Y(M−
n+i,B)), and furthermore concatenates control information controlling update information processing in a data storage apparatus that received update information and generates update information, and distributes said generated update information to said management apparatus; andin a management apparatus that receives said update information; said verification section verifies apparatus information contained in said control information of said received update information with apparatus information held by said apparatus information management section, and if apparatus information of a data storage apparatus for which apparatus information matches has been registered, said update processing control section stores said received update information in said storing section and furthermore transmits said update information to a data storage apparatus for which apparatus information matches; and in a data storage apparatus that receives said update information; said key generation section generates X(n+j,A) by performing irreversible calculation X j times using first generation information as a starting parameter of the irreversible calculation X, generates Y(M−
n+i,B) by performing irreversible calculation Y i times using second generation information as a starting parameter of the irreversible calculation Y, and furthermore generates key information G (X(n+j,A), Y(M−
n+i,B)) from said X(n+j,A) and Y(M−
n+i,B); andsaid update section decrypts encryption of said update information using said generated key information G(X(n+j,A), Y(M−
n+i,B)) and acquires data Pk and first updated generation information X(k,A) and second updated generation information Y(M−
k,B), updates data Pn stored in said data storage section to data Pk, and updates first generation information X(n,A) and second generation information Y(M−
n,B) stored in said key generation information storage section to first updated generation information X(k,A) and second updated generation information Y(M−
k,B) respectively.
-
-
11. (canceled)
-
12. (canceled)
-
14. A data update method used for updating from currently used data to new data, said data update method comprising:
-
an acquiring step of acquiring encrypted said new data and a serial number of data to be updated; a first calculating step of, by execution of a first irreversible calculation, calculating from first unique information associated with said currently used data a first key component generated by repeatedly executing said first irreversible calculation on first secret information a number of times identical to said maximum value; a second calculating step of, by execution of a second irreversible calculation, calculating from second unique information associated with said currently used data a second key component generated by repeatedly executing said second irreversible calculation on second secret information a number of times identical to said minimum value; a generating step of generating a key by combining said first and second key components; a decrypting step of decrypting said new data using said key; and an updating step of updating said currently used data to decrypted said new data.
-
-
15. (canceled)
-
16. An encryption key generation method that generates a key used for data encryption, said encryption key generation method comprising:
-
an acquiring step of acquiring first secret information A and second secret information B associated with said data; a step of generating X(n+j,A) by performing irreversible calculation X n+j times (where n≧
0, j≧
0) on said first secret information A;a step of generating Y(M−
n+i,B) by performing irreversible calculation Y M−
n+i times (where M≧
0, i≧
0) on said second secret information B; anda step of synthesizing a key from information containing said X(n+j,A) and Y(M−
n+i,B). - View Dependent Claims (17)
-
-
18. An encryption method that encrypts data, said encryption method comprising:
-
an acquiring step of acquiring first secret information A and second secret information B and third secret information C and fourth secret information D associated with said data; a step of generating X(n+j,A) by performing irreversible calculation X n+j times (where n≧
0, j≧
0) on said first secret information A;a step of generating Y(M−
n+i,B) by performing irreversible calculation Y M−
n+i times (where M≧
0, i≧
0) on said second secret information B;a step of generating U(N+q,C) by performing irreversible calculation U N+q times (where N≧
0, q≧
0) on said third secret information C;a step of generating V(M−
N+p,D) by performing irreversible calculation V M−
N+p times (where p≧
0) on said fourth secret information D;a step of synthesizing a key from information containing said X(n+j,A) and Y(M−
n+i,B);a step of synthesizing a key from information containing said U(N+q,C) and V(M−
N+p,D);a step of generating encryption key K; a step of encrypting data using said encryption key K; a step of encrypting said encryption key K using a key synthesized from information containing said X(n+j,A) and Y(M−
n+i,B); anda step of encrypting said encryption key K using a key synthesized from information containing said U(N+q,C) and V(M−
N+p,D).
-
-
19. An encryption key generation method that generates a key used for data encryption, said encryption key generation method comprising:
-
an acquiring step of acquiring first secret information A and second secret information B and third secret information C and fourth secret information D associated with said data; a step of generating X(n+j,A) by performing irreversible calculation X n+j times (where n≧
0, j≧
0) on said first secret information A;a step of generating Y(M−
n+i,B) by performing irreversible calculation Y M−
n+i times (where M≧
0, i≧
0) on said second secret information B;a step of generating U(s+q,C) by performing irreversible calculation U s+q times (where s≧
0, q≧
0) on said third secret information C;a step of generating V(M−
s+p,D) by performing irreversible calculation V M−
s+p times (where p≧
0) on said fourth secret information D; anda step of synthesizing a key from information containing said X(n+j,A) and Y(M−
n+i,B) and U(s+q,C) and V(M−
s+p,D). - View Dependent Claims (20)
-
-
21. A home electric apparatus that updates currently used data to new data, said home electric apparatus comprising:
-
a receiving section that receives encrypted said new data and a maximum value and minimum value of a serial number of data to be updated; a generation section that generates a key by executing a predetermined irreversible calculation on unique information associated with said currently used data a number of times based on said serial number of data to be updated; and a decryption section that decrypts said new data using said key, wherein said generation section has; a calculation section that, by execution of first and second irreversible calculations, acquires a first key component resulting from repeatedly executing said first irreversible calculation on first secret information a number of times identical to said maximum value, and a second key component resulting from repeatedly executing said second irreversible calculation on second secret information a number of times identical to a value obtained by subtracting said minimum value from a predetermined value; and a synthesis (combining) section that obtains said key by combining said first and second key components. - View Dependent Claims (13)
-
Specification