Key management server, chat system terminal unit, chat system and recording medium
First Claim
Patent Images
1. A key management server constituting a first terminal unit, comprising:
- channel secret key generation means for generating a channel secret key unique to each channel for encrypting/decrypting communication data exchanged through each of a plurality of channels managed by one or more chat servers;
encryption means for encrypting a channel secret key generated by said channel secret key generation means;
receiving means for receiving through a channel managed by said chat server, a distribution request for a channel secret key unique to said channel from a second terminal unit; and
distribution means for distributing the channel secret key unique to said channel encrypted by said encryption means to said second terminal unit through said channel when said receiving means receives the distribution request.
1 Assignment
0 Petitions
Accused Products
Abstract
A key management server is arranged at the same position as a terminal unit as viewed from a chat server. A channel secret key unique to each channel is generated by the key management server and distributed to a chat client so that the communication can be kept secret, even when a chat server low in reliability is used.
136 Citations
20 Claims
-
1. A key management server constituting a first terminal unit, comprising:
-
channel secret key generation means for generating a channel secret key unique to each channel for encrypting/decrypting communication data exchanged through each of a plurality of channels managed by one or more chat servers;
encryption means for encrypting a channel secret key generated by said channel secret key generation means;
receiving means for receiving through a channel managed by said chat server, a distribution request for a channel secret key unique to said channel from a second terminal unit; and
distribution means for distributing the channel secret key unique to said channel encrypted by said encryption means to said second terminal unit through said channel when said receiving means receives the distribution request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
said receiving means receives the distribution request for the channel secret key for each group from said second terminal unit. -
3. The key management server according to claim 1, further comprising public key acquisition means for acquiring a public key unique to a user from an external unit;
wherein said encryption means encrypts the channel secret key generated by said channel secret key generation means using the public key which is acquired by said public key acquisition means and is unique to a user requesting the distribution when said receiving means receives the distribution request.
-
4. The key management server according to claim 3, wherein said public key acquisition means acquires said public key when said second terminal unit is connected to a channel managed by the chat server.
-
5. The key management server according to claim 3, wherein said public key acquisition means acquires said public key from said second terminal unit and registers said public key and the associated user name when said second terminal unit is connected to a channel managed by the chat server.
-
6. The key management server according to claim 1, wherein said receiving means receives a user authentication information together with the distribution request for said channel secret key, judges whether the received user authentication information is correct or not, and when judging that said authentication information is correct, accepts said distribution request.
-
7. The key management server according to claim 1, wherein said channel secret key generation means generates said channel secret key based on selected one of an information changing from time to time, an information unique to each channel, a secret information held only by a terminal associated with said channel and a random information.
-
8. The key management server according to claim 1, wherein said channel secret key generation means generates again at a predetermined opportunity the channel secret key generated and distributed, and said distribution means distributes said channel secret key generated again by said channel secret key generation means.
-
9. The key management server according to claim 3, wherein said public key acquisition means holds the acquired public key for a predetermined length of time.
-
10. The key management server according to claim 3, wherein when a user of the public key acquired by said public key acquisition means is connected to a plurality of channels, said encryption means encrypts the channel secret key unique to each channel using said public key regardless of the channel.
-
11. The key management server according to claim 1, further comprising:
-
second receiving means for receiving a distribution request for a public key of a remote user of a second terminal unit received from said second terminal unit through a channel managed by a chat server; and
second distribution means for distributing said public key acquired by said public key acquisition means to said second terminal unit when said second receiving means receives the distribution request.
-
-
-
12. A terminal unit for a chat system to conduct the one-to-one communication with a terminal unit of a remote user, comprising:
-
session key generation means for generating a session key for encrypting/decrypting communication data for the one-to-one communication in a channel managed by a chat server;
means for requesting a public key from a key management server for distributing said public key of a remote user through a channel managed by the chat server;
means for receiving said public key requested by said public key requesting means;
encryption means for encrypting the session key generated by said session key generation means using the public key received by said public key receiving means; and
means for distributing the session key encrypted by said encryption means to the terminal unit of a remote user through said channel.
-
-
13. A chat system terminal unit comprising:
-
encryption means for encrypting communication data using the channel secret key unique to each channel distributed from a key management server for encrypting/decrypting the communication data exchanged through each of a plurality of channels managed by one or more chat servers;
means for outputting the communication data encrypted by said encryption means together with the information indicating an encryption to a channel managed by a chat server; and
means for decrypting the communication data by said channel secret key when the communication data received from said channel includes the information indicating the encryption.
-
-
14. A chat system comprising:
-
a chat server for managing a plurality of channels for exchanging communication data; and
a key management server constituting a first terminal unit for distributing a channel secret key unique to each channel to a second terminal unit for encrypting/decrypting the communication data exchanged through each of a plurality of channels managed by said one or a plurality of chat servers;
wherein said key management server includes;
channel secret key generation means for generating the channel secret key;
encryption means for encrypting the channel secret key generated by said channel secret key generation means;
receiving means for receiving a distribution request for the channel secret key unique to each channel from said second terminal unit through a channel managed by said chat server; and
distribution means for distributing the channel secret key unique to said channel encrypted by said encryption means through said channel to said second terminal unit when said receiving means receives said distribution request. - View Dependent Claims (15, 17, 18)
wherein said key management server further includes: second receiving means for receiving a distribution request for a public key of a remote user of a second terminal unit sent from said second terminal unit through a channel managed by a chat server; and
second distribution means for distributing said public key acquired by said public key acquisition means to said second terminal unit when said second receiving means receives the distribution request.
-
-
17. The chat system according to claim 14, further comprising:
-
a terminal unit for conducting the communication through a channel managed by said chat server, wherein said terminal unit includes;
session key generation means for generating a session key for encrypting/decrypting communication data for one-to-one communication in a channel managed by the chat server;
means for requesting a public key from a key management server for distributing the public key of a remote user through a channel managed by the chat server;
means for receiving said public key requested by said public key requesting means;
encryption means for encrypting a session key generated by said session key generation means using the public key received by said public key receiving means; and
means for distributing the session key encrypted by said encryption means to the terminal unit of a remote user through said channel.
-
-
18. The chat system according to claim 15, further comprising:
-
a terminal unit for conducting communication through a channel managed by said chat server, wherein said terminal unit includes;
session key generation means for generating a session key for encrypting/decrypting communication data for one-to-one communication in a channel managed by the chat server;
means for requesting a public key from a key management server for distributing the public key of a remote user through a channel managed by the chat server;
means for receiving said public key requested by said public key requesting means;
encryption means for encrypting the session key generated by said session key generation means using the public key received by said public key receiving means; and
means for distributing the session key encrypted by said encryption means to the terminal unit of the remote user through said channel.
-
-
16. A chat system comprising:
-
a chat server for managing a plurality of channels for exchanging communication data; and
a terminal unit for conducting communication through a channel managed by said chat server, wherein said terminal unit includes;
session key generation means for generating a session key for encrypting/decrypting communication data for one-to-one communication in a channel managed by the chat server;
means for requesting a public key from a key management server for distributing the public key of a remote user through a channel managed by the chat server;
means for receiving said public key requested by said public key requesting means;
encryption means for encrypting the session key generated by said session key generation means using the public key received by said public key receiving means; and
means for distributing the session key encrypted by said encryption means to the terminal unit of a remote user through said channel.
-
-
19. A computer memory product having computer readable program code means, said computer readable program code means comprising:
-
first computer readable program code means for causing a computer to generate a channel secret key unique to each channel for encrypting/decrypting the communication data exchanged through each of a plurality of channels managed by one or more chat servers;
second computer readable program code means for causing the computer to receive, through a channel managed by the chat server, a distribution request for a channel secret key unique to the channel from one terminal unit; and
third computer readable program code means for causing the computer to distribute the channel secret key unique to said channel generated by said first computer program code means through said channel to said terminal unit when said second computer program code means receives the distribution request. - View Dependent Claims (20)
fourth computer readable program code means for causing the computer to acquire a public key unique to a user from an external unit; and
fifth computer readable program code means for causing the computer to encrypt the channel secret key generated by said first computer program code means using the public key acquired by said fourth computer program code means unique to the user requesting the distribution when said second computer program code means receives said distribution request;
wherein said second computer program code means distributes the channel secret key encrypted by said fifth computer program code means to said terminal unit through said channel.
-
Specification