TAMPERING MONITORING SYSTEM, MANAGEMENT DEVICE, PROTECTION CONTROL MODULE, AND DETECTION MODULE

US 20130039491A1
Filed: 03/01/2012
Published: 02/14/2013
Est. Priority Date: 03/15/2011
Status: Active Grant

First Claim

Patent Images

1. A tampering monitoring system including:

a protection control module for protecting an application program;

a plurality of detection modules for monitoring tampering of the protection control module; and

a management device,the management device comprising;

a key share generation unit configured to generate a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and

an output unit configured to output each of the key shares to a different one of the detection modules,the detection modules configured to acquire and store therein the key shares, andthe protection control module comprising;

an acquisition unit configured to acquire the key shares from the detection modules;

a reconstruction unit configured to reconstruct the decryption key by composing the key shares acquired by the acquisition unit;

a decryption unit configured to decrypt the encrypted application program, with use of the decryption key reconstructed by the reconstruction unit; and

a deletion unit configured to delete the decryption key, after the decryption by the decryption unit is completed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A management device 200d comprises: a key share generation unit 251d generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and an output unit 252d outputting each of the key shares to a different one of a plurality of detection modules. The detection modules acquire and store therein the key shares. The protection control module 120d comprises: an acquisition unit 381d acquiring the key shares from the detection modules; a reconstruction unit 382d reconstructing the decryption key by composing the key shares; a decryption unit 383d decrypting the encrypted application program with use of the decryption key; and a deletion unit 384d deleting the decryption key, after the decryption by the decryption unit is completed.

61 Citations

View as Search Results

68 Claims

1. A tampering monitoring system including:
- a protection control module for protecting an application program;
  
  a plurality of detection modules for monitoring tampering of the protection control module; and
  
  a management device,the management device comprising;
  
  a key share generation unit configured to generate a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and
  
  an output unit configured to output each of the key shares to a different one of the detection modules,the detection modules configured to acquire and store therein the key shares, andthe protection control module comprising;
  
  an acquisition unit configured to acquire the key shares from the detection modules;
  
  a reconstruction unit configured to reconstruct the decryption key by composing the key shares acquired by the acquisition unit;
  
  a decryption unit configured to decrypt the encrypted application program, with use of the decryption key reconstructed by the reconstruction unit; and
  
  a deletion unit configured to delete the decryption key, after the decryption by the decryption unit is completed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The tampering monitoring system of claim 1 whereinthe management device further comprisesa verification data generation unit configured to perform decryption processing made up of a plurality of partial decryption processes on an encrypted application program generated as a result of encryption of the application program in a non-tampered state and, for each partial decryption process, to perform a one-way conversion on both input data for the partial decryption process and output data resulting from the partial decryption process to generate a decryption verification value, and generate verification data including the input data and the decryption verification value,the output unit is further configured to output the verification data to the protection control module,the decryption unit performs the decryption processing made up of the plurality of partial decryption processes on the encrypted application program,the protection control module further comprises a second output unit configured to output, for each partial decryption process by the decryption unit, the verification data and the output data resulting from the partial decryption process to a corresponding one of the detection modules, andeach of the detection modules corresponding to the partial decryption processes comprises:
    - a reception unit configured to receive the output data and the verification data; and
      
      a verification unit configured to perform verification using the output data and the verification data, and to output a result of the verification indicating a verification failure if the verification fails.
  - 3. The tampering monitoring system of claim 2 whereinthe verification unit performs the verification by (i) performing the same conversion as the one-way conversion on both the input data included in the verification data and the output data to generate a second verification value and (ii) judging whether the decryption verification value in the verification data matches the second verification value, and outputs the result of the verification indicating the verification failure if the values do not match.
  - 4. The tampering monitoring system of claim 2 whereinthe protection control module further protects at least one other application program,the management device further comprises a certificate generation unit configured to generate, for each partial decryption process, a decryption verification value of the other application program, and generate, for each partial decryption process, a certificate by digitally signing the decryption verification values generated for the application program and the other application program,for each partial decryption process, the verification data generation unit generates the verification data by further including therein the decryption verification value of the other application program and the certificate, both generated for the partial decryption process,the output unit outputs the verification data including the certificate to the protection control module,the second output unit outputs the verification data including the certificate to the corresponding detection module,the reception unit receives the verification data including the certificate, andthe verification unit performs the verification by further using the certificate included in the verification data, for each partial decryption process.
  - 5. The tampering monitoring system of claim 4 whereinthe verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the output data to generate a second verification value, and performs the verification by using the decryption verification value of the other application program included in the verification data, the second verification value, and the certificate.
  - 6. The tampering monitoring system of claim 2 whereinthe plurality of partial decryption processes correspond one-to-one to two or more of the plurality of detection modules, andthe second output unit outputs the verification data and the output data resulting from each partial decryption process to the detection module corresponding to the partial decryption process.
  - 7. The tampering monitoring system of claim 6 whereineach of the detection modules corresponding to the partial decryption processes further comprises a transmission unit configured to transmit identification information identifying the partial decryption process corresponding to the detection module, to another one or more of the detection modules,the reception unit of each detection module is further configured to receive, from another one or more of the detection modules, one or more pieces of identification information identifying the partial decryption processes corresponding to the other one or more detection modules,the verification unit of each detection module is further configured to perform verification on duplication of the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module, and on the comprehensiveness of the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module, with respect to all pieces of identification information corresponding to the plurality of partial decryption processes.
  - 8. The tampering monitoring system of claim 7 whereinthe verification unit of each detection module outputs a result of verification indicating a verification failure, if any duplicates exist among the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module, or if the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module do not completely cover all pieces of identification information corresponding to the plurality of partial decryption processes.
  - 9. The tampering monitoring system of claim 1 whereinthe protection control module has attached thereto a tampering detection certificate, the tampering detection certificate being generated by digitally signing the protection control module in a state where the protection control module has not been tampered with, andeach of the detection modules comprises a verification unit configured to perform tampering detection on the protection control module using the tampering detection certificate, after the decryption is completed and the decryption key is deleted.
  - 10. The tampering monitoring system of claim 1 whereinthe key share generation unit generates the plurality of key shares such that the decryption key is obtained by addition of the key shares, andthe reconstruction unit reconstructs the decryption key by adding the key shares.
  - 11. The tampering monitoring system of claim 1 whereinthe key share generation unit generates the plurality of key shares from the decryption key, with use of a secret sharing scheme, andthe reconstruction unit reconstructs the decryption key from the plurality of key shares, with use of the secret sharing scheme.
  - 12. The tampering monitoring system of claim 1 whereinthe protection control module further comprises a second output unit configured to output the encrypted application program to each of the detection modules,each detection module comprises:
    - a second acquisition unit configured to acquire the encrypted application program from the protection control module;
      
      a second decryption unit configured to partially decrypt the encrypted application program with use of the key share stored therein to generate a partially decrypted text; and
      
      a third output unit configured to output the partially decrypted text to the protection control module,the acquisition unit acquires the partially decrypted texts from the detection modules, andthe decryption unit decrypts the encrypted application program with use of the partially decrypted texts acquired by the acquisition unit.
  - 13. The tampering monitoring system of claim 12 whereinthe encrypted application program has been generated according to an RSA cryptosystem,the second decryption unit generates the partially decrypted text by raising the encrypted application program by the power of a value of the key share, andthe decryption unit decrypts the encrypted application program by multiplying values of the partially decrypted texts.
  - 14. The tampering monitoring system of claim 12 whereinthe protection control module further comprises a selection unit configured to select a plurality of detection modules from among all the detection modules, andthe second output unit outputs the encrypted application program to each of the detection modules selected by the selection unit.
  - 15. The tampering monitoring system of claim 12 whereinthe protection control module has attached thereto a tampering detection certificate, the tampering detection certificate being generated by digitally signing the protection control module in a non-tampered state, andeach of the detection modules comprises a verification unit configured to perform tampering detection on the protection control module using the tampering detection certificate.
  - 16. The tampering monitoring system of claim 1 whereinone of the detection modules has been revoked,the key share generation unit is further configured to generate a plurality of regenerated key shares by decomposing the key share allocated to the revoked detection module,the output unit is further configured to output each of the plurality of regenerated key shares to a different one of the detection modules that have not been revoked, andeach of the unrevoked detection modules comprisesa key share update unit configured to acquire the regenerated key share, and update the key share stored therein with use of the regenerated key share to generate a new key share.
  - 17. The tampering monitoring system of claim 16 whereinthe key share generation unit generates the plurality of regenerated key shares such that the key share from which the regenerated key shares is generated is obtained by addition of the regenerated key shares, andthe key share update unit generates the new key share by adding the regenerated key share to the key share stored therein.
  - 18. The tampering monitoring system of claim 1 whereinthe plurality of detection modules are categorized into a first group and a second group,the key share generation unit is further configured to generate a plurality of second key shares by decomposing the decryption key,the output unit outputs each of the plurality of key shares to a different one of the plurality of detection modules that belong to the first group, and outputs each of the plurality of second key shares to a different one of the plurality of detection modules that belong to the second group,each of the detection modules that belong to the first group acquires and stores therein the key share,each of the detection modules that belong to the second group acquires and stores therein the second key share,the acquisition unit acquires either the key shares from the detection modules that belong to the first group or the second key shares from the detection modules that belong to the second group, andthe reconstruction unit reconstructs the decryption key either by composing the key shares acquired by the acquisition unit or by composing the second key shares acquired by the acquisition unit.
  - 19. The tampering monitoring system of claim 1 whereinthe protection control module and the plurality of detection modules are each a computer program, andthe application program, the protection control module, and the plurality of detection modules are stored in an information processing device.
  - 20. The tampering monitoring system of claim 19 whereinthe output unit outputs the plurality of key shares to the plurality of detection modules during initial setting of the information processing device.
  - 21. The tampering monitoring system of claim 19 whereinthe acquisition unit acquires the key shares from the plurality of detection modules when the application program is executed in the information processing device.

22. A management device for managing:
- a protection control module for protecting an application program; and
  
  a plurality of detection modules for monitoring tampering of the protection control module, the management device comprising;
  
  a key share generation unit configured to generate a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and
  
  an output unit configured to output each of the key shares to a different one of the detection modules.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30)
- - 23. The management device of claim 22 further comprisesa verification data generation unit configured to perform decryption processing made up of a plurality of partial decryption processes on an encrypted application program generated as a result of encryption of the application program in a non-tampered state and, for each partial decryption process, to perform a one-way conversion on both input data for the partial decryption process and output data resulting from the partial decryption process to generate a decryption verification value, and generate verification data including the input data and the decryption verification value, whereinthe output unit is further configured to output the verification data to the protection control module.
  - 24. The management device of claim 23 whereinthe protection control module further protects at least one other application program,the management device further comprises a certificate generation unit configured to generate, for each partial decryption process, a decryption verification value of the other application program, and generate, for each partial decryption process, a certificate by digitally signing the decryption verification values generated for the application program and the other application program,for each partial decryption process, the verification data generation unit generates the verification data by further including therein the decryption verification value of the other application program and the certificate, both generated for the partial decryption process, andthe output unit outputs the verification data including the certificate to the protection control module.
  - 25. The management device of claim 22 whereinthe key share generation unit generates the plurality of key shares such that the decryption key is obtained by addition of the key shares.
  - 26. The management device of claim 22 whereinthe key share generation unit generates the plurality of key shares from the decryption key, with use of a secret sharing scheme.
  - 27. The management device of claim 22 whereinone of the detection modules has been revoked,the key share generation unit is further configured to generate a plurality of regenerated key shares by decomposing the key share allocated to the revoked detection module, andthe output unit is further configured to output each of the plurality of regenerated key shares to a different one of the detection modules that have not been revoked.
  - 28. The management device of claim 27 whereinthe key share generation unit generates the plurality of regenerated key shares such that the key share from which the regenerated key shares are generated is obtained by addition of the regenerated key shares.
  - 29. The management device of claim 22 whereinthe plurality of detection modules are categorized into a first group and a second group,the key share generation unit is further configured to generate a plurality of second key shares by decomposing the decryption key, andthe output unit outputs each of the plurality of key shares to a different one of the plurality of detection modules that belong to the first group, and outputs each of the plurality of second key shares to a different one of the plurality of detection modules that belong to the second group.
  - 30. The management device of claim 22 whereinthe protection control module and the plurality of detection modules are each a computer program,the application program, the protection control module, and the plurality of detection modules are stored in an information processing device, andthe output unit outputs the plurality of key shares to the plurality of detection modules during initial setting of the information processing device.

31. A protection control module for protecting an application program, tampering of the protection control module being monitored by a plurality of detection modules,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules,the detection modules acquiring and storing therein the key shares, andthe protection control module comprising:
- an acquisition unit configured to acquire the key shares from the detection modules;
  
  a reconstruction unit configured to reconstruct the decryption key by composing the key shares acquired by the acquisition unit;
  
  a decryption unit configured to decrypt the encrypted application program, with use of the decryption key reconstructed by the reconstruction unit; and
  
  a deletion unit configured to delete the decryption key, after the decryption by the decryption unit is completed.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 32. The protection control module of claim 31 whereinthe management device further performs decryption processing made up of a plurality of partial decryption processes on an encrypted application program generated as a result of encryption of the application program in a non-tampered state and, for each partial decryption process, performs a one-way conversion on both input data for the partial decryption process and output data resulting from the partial decryption process to generate a decryption verification value, generates verification data including the input data and the decryption verification value, and outputs the verification data to the protection control module,the decryption unit performs the decryption processing made up of the plurality of partial decryption processes on the encrypted application program, andthe protection control module further comprises a second output unit configured to output, for each partial decryption process by the decryption unit, the verification data and the output data resulting from the partial decryption process to a corresponding one of the detection modules.
  - 33. The protection control module of claim 32 whereinthe protection control module further protects at least one other application program,for each partial decryption process, the management device further generates a decryption verification value of the other application program and generates a certificate by digitally signing the decryption verification values generated for the application program and the other application program, generates the verification data by further including therein the decryption verification value of the other application program and the certificate, both generated for the partial decryption process, and outputs the verification data including the certificate to the protection control module, andthe second output unit outputs the verification data including the certificate to the corresponding detection module.
  - 34. The protection control module of claim 32 whereinthe plurality of partial decryption processes correspond one-to-one to two or more of the plurality of detection modules, andthe second output unit outputs the verification data and the output data resulting from each partial decryption process to the detection module corresponding to the partial decryption process.
  - 35. The protection control module of claim 31 whereinthe management device generates the plurality of key shares such that the decryption key is obtained by addition of the key shares, andthe reconstruction unit reconstructs the decryption key by adding the key shares.
  - 36. The protection control module of claim 31 whereinthe management device generates the plurality of key shares from the decryption key, with use of a secret sharing scheme, andthe reconstruction unit reconstructs the decryption key from the plurality of key shares, with use of the secret sharing scheme.
  - 37. The protection control module of claim 31 whereinthe protection control module further comprises a second output unit configured to output the encrypted application program to each of the detection modules,each detection module acquires the encrypted application program from the protection control module, partially decrypts the encrypted application program with use of the key share stored therein to generate a partially decrypted text, and outputs the partially decrypted text to the protection control module,the acquisition unit acquires the partially decrypted texts from the detection modules, andthe decryption unit decrypts the encrypted application program with use of the partially decrypted texts acquired by the acquisition unit.
  - 38. The protection control module of claim 37 whereinthe encrypted application program has been generated according to an RSA cryptosystem,each detection module generates the partially decrypted text by raising the encrypted application program by the power of a value of the key share, andthe decryption unit decrypts the encrypted application program by multiplying values of the partially decrypted texts.
  - 39. The protection control module of claim 37 whereinthe protection control module further comprises a selection unit configured to select a plurality of detection modules from among all the detection modules, andthe second output unit outputs the encrypted application program to each of the detection modules selected by the selection unit.
  - 40. The protection control module of claim 31 whereinthe plurality of detection modules are categorized into a first group and a second group,the management device further generates a plurality of second key shares by decomposing the decryption key, outputs each of the plurality of key shares to a different one of the plurality of detection modules that belong to the first group, and outputs each of the plurality of second key shares to a different one of the plurality of detection modules that belong to the second group,each of the detection modules that belong to the first group acquires and stores therein the key share,each of the detection modules that belong to the second group acquires and stores therein the second key share,the acquisition unit acquires either the key shares from the detection modules that belong to the first group or the second key shares from the detection modules that belong to the second group, andthe reconstruction unit reconstructs the decryption key either by composing the key shares acquired by the acquisition unit or by composing the second key shares acquired by the acquisition unit.
  - 41. The protection control module of claim 31 whereinthe protection control module and the plurality of detection modules are each a computer program, andthe application program, the protection control module, and the plurality of detection modules are stored in an information processing device.
  - 42. The protection control module of claim 41 whereinthe acquisition unit acquires the key shares from the plurality of detection modules when the application program is executed in the information processing device.

43. One of a plurality of detection modules for monitoring tampering of a protection control module that is for protecting an application program,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules, andthe detection module comprising:
- an acquisition unit configured to acquire the key share;
  
  a storage unit configured to store therein the key share; and
  
  an output unit configured to output the key share to the protection control module.
- View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
- - 44. The detection module of claim 43 whereinthe management device further performs decryption processing made up of a plurality of partial decryption processes on an encrypted application program generated as a result of encryption of the application program in a non-tampered state and, for each partial decryption process, performs a one-way conversion on both input data for the partial decryption process and output data resulting from the partial decryption process to generate a decryption verification value, generates verification data including the input data and the decryption verification value, and outputs the verification data to the protection control module,the protection control module performs the decryption processing made up of the plurality of partial decryption processes on the encrypted application program and, for each partial decryption process, outputs the verification data and the output data resulting from the partial decryption process to a corresponding one of the detection modules, andthe detection module further comprises:
    - a reception unit configured to receive the output data and the verification data; and
      
      a verification unit configured to perform verification using the output data and the verification data, and to output a result of the verification indicating a verification failure if the verification fails.
  - 45. The detection module of claim 44 whereinthe verification unit performs the verification by (i) performing the same conversion as the one-way conversion on both the input data included in the verification data and the output data to generate a second verification value and (ii) judging whether the decryption verification value in the verification data matches the second verification value, and outputs the result of the verification indicating the verification failure if the values do not match.
  - 46. The detection module of claim 44 whereinthe protection control module further protects at least one other application program,for each partial decryption process, the management device further generates a decryption verification value of the other application program and generates a certificate by digitally signing the decryption verification values generated for the application program and the other application program, generates the verification data by further including therein the decryption verification value of the other application program and the certificate, both generated for the partial decryption process, and outputs the verification data including the certificate to the protection control module,the protection control module outputs the verification data including the certificate to the corresponding detection module,the reception unit receives the verification data including the certificate, andthe verification unit performs the verification by further using the certificate included in the verification data, for each partial decryption process.
  - 47. The detection module of claim 46 whereinthe verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the output data to generate a second verification value, and performs the verification by using the decryption verification value of the other application program included in the verification data, the second verification value, and the certificate.
  - 48. The detection module of claim 44 whereinthe plurality of partial decryption processes correspond one-to-one to two or more of the plurality of detection modules, andthe protection control module outputs the verification data and the output data resulting from each partial decryption process to the detection module corresponding to the partial decryption process,the detection module further comprises a transmission unit configured to transmit identification information identifying the partial decryption process corresponding to the detection module, to another one or more of the detection modules,the reception unit is further configured to receive, from another one or more of the detection modules, one or more pieces of identification information identifying the partial decryption processes corresponding to the other one or more detection modules,the verification unit is further configured to perform verification on duplication of the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module, and on the comprehensiveness of the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module, with respect to all pieces of identification information corresponding to the plurality of partial decryption processes.
  - 49. The detection module of claim 48 whereinthe verification unit outputs a result of verification indicating a verification failure, if any duplicates exist among the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module, or if the one or more pieces of identification information and the identification information identifying the partial decryption process corresponding to the detection module do not completely cover all pieces of identification information corresponding to the plurality of partial decryption processes.
  - 50. The detection module of claim 43 whereinthe protection control module has attached thereto a tampering detection certificate, the tampering detection certificate being generated by digitally signing the protection control module in a state where the protection control module has not been tampered with, andthe detection module further comprises a verification unit configured to perform tampering detection on the protection control module using the tampering detection certificate, after the decryption is completed and the decryption key is deleted.
  - 51. The detection module of claim 43 whereinthe protection control module further outputs the encrypted application program to the detection module, andthe detection module further comprises:
    - a second acquisition unit configured to acquire the encrypted application program from the protection control module;
      
      a second decryption unit configured to partially decrypt the encrypted application program with use of the key share stored therein to generate a partially decrypted text; and
      
      a third output unit configured to output the partially decrypted text to the protection control module.
  - 52. The detection module of claim 51 whereinthe encrypted application program has been generated according to an RSA cryptosystem, andthe second decryption unit generates the partially decrypted text by raising the encrypted application program by the power of a value of the key share.
  - 53. The detection module of claim 51 whereinthe protection control module has attached thereto a tampering detection certificate, the tampering detection certificate being generated by digitally signing the protection control module in a non-tampered state, andthe detection module further comprises a verification unit configured to perform tampering detection on the protection control module using the tampering detection certificate.
  - 54. The detection module of claim 43 whereinone of the detection modules has been revoked,the management device further generates a plurality of regenerated key shares by decomposing the key share allocated to the revoked detection module, and outputs each of the plurality of regenerated key shares to a different one of the detection modules that have not been revoked,the detection module, which has not been revoked, further comprisesa key share update unit configured to acquire the regenerated key share, and update the key share stored therein with use of the regenerated key share to generate a new key share.
  - 55. The detection module of claim 54 whereinthe management device generates the plurality of regenerated key shares such that the key share from which the regenerated key shares is generated is obtained by addition of the regenerated key shares, andthe key share update unit generates the new key share by adding the regenerated key share to the key share stored therein.
  - 56. The detection module of claim 43 whereinthe protection control module and the plurality of detection modules are each a computer program, andthe application program, the protection control module, and the plurality of detection modules are stored in an information processing device.

57. A control method used in a management device for managing:
- a protection control module for protecting an application program; and
  
  a plurality of detection modules for monitoring tampering of the protection control module, the control method comprising the steps of;
  
  generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and
  
  outputting each of the key shares to a different one of the detection modules.

58. A computer-readable recording medium storing thereon a control computer program used in a management device for managing:
- a protection control module for protecting an application program; and
  
  a plurality of detection modules for monitoring tampering of the protection control module, the management device being a computer, the control computer program causing the management device to perform the steps of;
  
  generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and
  
  outputting each of the key shares to a different one of the detection modules.

59. A control computer program used in a management device for managing:
- a protection control module for protecting an application program; and
  
  a plurality of detection modules for monitoring tampering of the protection control module, the management device being a computer, the control computer program causing the management device to perform the steps of;
  
  generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and
  
  outputting each of the key shares to a different one of the detection modules.

60. An integrated circuit constituting a management device for managing:
- a protection control module for protecting an application program; and
  
  a plurality of detection modules for monitoring tampering of the protection control module, the integrated circuit comprising;
  
  a key share generation unit configured to generate a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and
  
  an output unit configured to output each of the key shares to a different one of the detection modules.

61. A control method used in a protection control module for protecting an application program, tampering of the protection control module being monitored by a plurality of detection modules,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules,the detection modules acquiring and storing therein the key shares, andthe control method comprising the steps of:
- acquiring the key shares from the detection modules;
  
  reconstructing the decryption key by composing the key shares acquired in the acquiring step;
  
  decrypting the encrypted application program, with use of the decryption key reconstructed by the reconstructing step; and
  
  deleting the decryption key, after the decryption in the decrypting step is completed.

62. A computer-readable recording medium storing thereon a control computer program used in a protection control module for protecting an application program, tampering of the protection control module being monitored by a plurality of detection modules, the protection control module being a computer,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules,the detection modules acquiring and storing therein the key shares, andthe control computer program causing the protection control module to perform the steps of:
- acquiring the key shares from the detection modules;
  
  reconstructing the decryption key by composing the key shares acquired in the acquiring step;
  
  decrypting the encrypted application program, with use of the decryption key reconstructed by the reconstructing step; and
  
  deleting the decryption key, after the decryption in the decrypting step is completed.

63. A control computer program used in a protection control module for protecting an application program, tampering of the protection control module being monitored by a plurality of detection modules, the protection control module being a computer,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules,the detection modules acquiring and storing therein the key shares, andthe control computer program causing the protection control module to perform the steps of:
- acquiring the key shares from the detection modules;
  
  reconstructing the decryption key by composing the key shares acquired in the acquiring step;
  
  decrypting the encrypted application program, with use of the decryption key reconstructed by the reconstructing step; and
  
  deleting the decryption key, after the decryption in the decrypting step is completed.

64. An integrated circuit constituting a protection control module for protecting an application program, tampering of the protection control module being monitored by a plurality of detection modules,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules,the detection modules acquiring and storing therein the key shares, andthe integrated circuit comprising:
- an acquisition unit configured to acquire the key shares from the detection modules;
  
  a reconstruction unit configured to reconstruct the decryption key by composing the key shares acquired by the acquisition unit;
  
  a decryption unit configured to decrypt the encrypted application program, with use of the decryption key reconstructed by the reconstruction unit; and
  
  a deletion unit configured to delete the decryption key, after the decryption by the decryption unit is completed.

65. A method used in one of a plurality of detection modules for monitoring tampering of a protection control module that is for protecting an application program,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules, andthe method comprising the steps of:
- acquiring the key share;
  
  storing the key share; and
  
  outputting the key share to the protection control module.

66. A computer-readable recording medium storing thereon a computer program used in one of a plurality of detection modules for monitoring tampering of a protection control module that is for protecting an application program, the detection module being a computer,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules, andthe computer program causing the detection module to perform the steps of:
- acquiring the key share;
  
  storing the key share; and
  
  outputting the key share to the protection control module.

67. A computer program used in one of a plurality of detection modules for monitoring tampering of a protection control module that is for protecting an application program, the detection module being a computer,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules, andthe computer program causing the detection module to perform the steps of:
- acquiring the key share;
  
  storing the key share; and
  
  outputting the key share to the protection control module.

68. An integrated circuit constituting one of a plurality of detection modules for monitoring tampering of a protection control module that is for protecting an application program,a plurality of key shares being generated as a result of a decryption key being decomposed by a management device, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program, each of the key shares thus generated being output by the management device to a different one of the detection modules, andthe integrated circuit comprising:
- an acquisition unit configured to acquire the key share;
  
  a storage unit configured to store therein the key share; and
  
  an output unit configured to output the key share to the protection control module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Unagami, Yuji, Futa, Yuichi, Matsuzaki, Natsume, Shizuya, Hiroki, Isobe, Shuji, Umeta, Atsushi

Granted Patent

US 9,311,487 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/44
CPC Class Codes

G06F 21/575   Secure boot

G06F 21/64   Protecting data integrity, ...

G06F 2221/2125   Just-in-time application of...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 9/085   Secret sharing or secret sp...

TAMPERING MONITORING SYSTEM, MANAGEMENT DEVICE, PROTECTION CONTROL MODULE, AND DETECTION MODULE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

61 Citations

68 Claims

Specification

Solutions

Use Cases

Quick Links

TAMPERING MONITORING SYSTEM, MANAGEMENT DEVICE, PROTECTION CONTROL MODULE, AND DETECTION MODULE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

68 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links