INFORMATION PROCESSING DEVICE, METHOD, PROGRAM, AND INTEGRATED CIRCUIT
First Claim
1. An information processing apparatus that is provided with a plurality of cryptographic systems each encrypting and storing data, comprising:
- a data acquisition unit configured to acquire target data that is to be encrypted in one of the cryptographic systems;
a determination unit configured to determine whether the target data has been encrypted and stored in another one of the cryptographic systems;
a key acquisition unit configured to acquire a key used in the encryption of the target data, when the determination unit judges that the target data has been encrypted and stored in the other one of the cryptographic systems;
a key storage unit configured to be used in the one of the cryptographic systems; and
a key writing unit configured to write the key acquired by the key acquisition unit into the key storage unit, in association with the target data.
1 Assignment
0 Petitions
Accused Products
Abstract
The aim is to provide high-speed data synchronization. To achieve the aim, in data synchronization using a plurality of key databases with respect to same data pieces, a key for one key database, which has been determined in advance, is used for updating the data piece managed under the other key database. This reduces the number of key decryption operations. A key management software 116, which manages a key database A120 and a key database B121 each having a tree structure, determines whether to perform data synchronization when requested by an upper-level application to perform data encryption, and performs synchronization of encrypted data by using a key of the other database which has been determined in advance. This reduces the number of times the encrypted key is loaded onto a cryptographic processing unit 114, and realizes high-speed cryptographic processing on data.
-
Citations
26 Claims
-
1. An information processing apparatus that is provided with a plurality of cryptographic systems each encrypting and storing data, comprising:
-
a data acquisition unit configured to acquire target data that is to be encrypted in one of the cryptographic systems; a determination unit configured to determine whether the target data has been encrypted and stored in another one of the cryptographic systems; a key acquisition unit configured to acquire a key used in the encryption of the target data, when the determination unit judges that the target data has been encrypted and stored in the other one of the cryptographic systems; a key storage unit configured to be used in the one of the cryptographic systems; and a key writing unit configured to write the key acquired by the key acquisition unit into the key storage unit, in association with the target data.
-
-
2. An information processing apparatus that is provided with a first cryptographic system and a second cryptographic system each encrypting and storing data, comprising:
-
a data acquisition unit configured to acquire target data that is to be encrypted in the first cryptographic system; a determination unit configured to determine whether encrypted data that has been generated by encryption of the target data is stored in the second cryptographic system; a key acquisition unit configured to acquire a second key that has been used in the encryption of the target data performed in the second cryptographic system, when the determination unit judges that the encrypted data is stored in the second cryptographic system; a first key storage unit configured to be used in the first cryptographic system; a cryptographic processing unit configured to encrypt the second key by using a first key that is to be used in encryption of the target data; and a key writing unit configured to write the encrypted second key into the first key storage unit, in association with the target data. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method used in an information processing apparatus that is provided with a first cryptographic system and a second cryptographic system each encrypting and storing data, the method comprising:
-
a data acquisition step of acquiring target data that is to be encrypted in the first cryptographic system; a determination step of determining whether encrypted data that has been generated by encryption of the target data is stored in the second cryptographic system; a key acquisition step of acquiring a second key that has been used in the encryption of the target data performed in the second cryptographic system, when judged in the determination step that the encrypted data is stored in the second cryptographic system; a cryptographic processing step of encrypting the second key by using a first key that is to be used in encryption of the target data; and a key writing step of writing the encrypted second key into a first key storage unit, in association with the target data.
-
-
24. A computer program used in an information processing apparatus that is provided with a first cryptographic system and a second cryptographic system each encrypting and storing data, the method causing the information processing apparatus as a computer to perform:
-
a data acquisition step of acquiring target data that is to be encrypted in the first cryptographic system; a determination step of determining whether encrypted data that has been generated by encryption of the target data is stored in the second cryptographic system; a key acquisition step of acquiring a second key that has been used in the encryption of the target data performed in the second cryptographic system, when judged in the determination step that the encrypted data is stored in the second cryptographic system; a cryptographic processing step of encrypting the second key by using a first key that is to be used in encryption of the target data; and a key writing step of writing the encrypted second key into a first key storage unit, in association with the target data. - View Dependent Claims (25)
-
-
26. An integrated circuit that is provided with a first cryptographic system and a second cryptographic system each encrypting and storing data, comprising:
-
a data acquisition unit configured to acquire target data that is to be encrypted in the first cryptographic system; a determination unit configured to determine whether encrypted data that has been generated by encryption of the target data is stored in the second cryptographic system; a key acquisition unit configured to acquire a second key that has been used in the encryption of the target data performed in the second cryptographic system, when the determination unit judges that the encrypted data is stored in the second cryptographic system; a first key storage unit configured to be used in the first cryptographic system; a cryptographic processing unit configured to encrypt the second key by using a first key that is to be used in encryption of the target data; and a key writing unit configured to write the encrypted second key into the first key storage unit, in association with the target data.
-
Specification