Data generating apparatus and data verifying apparatus

US 6,996,723 B1
Filed: 06/06/2000
Issued: 02/07/2006
Est. Priority Date: 08/10/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A data generating apparatus, comprising:

a receiver that receives initial data and extracts first data and second data from the initial data;

a key generation data memory unit that holds the second data;

an encrypting key generation unit comprising a one-way function that generates an encrypting key from second data stored in the key generation data memory unit;

an encryptor that encrypts the first data with the encrypting key generated by the encrypting key generation unit;

a previous key memory unit that holds a previous key; and

a sender that generates final data including at least one of the result of encrypting by the encryptor and the second data stored in the key generation data memory unit,wherein the encrypting key generation unit also uses the previous key stored in the previous key memory unit in generating the encrypting key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Integrity of data is to be ensured in a simple manner. A data verifier generates a signature generation request from data to be signed and signature request time, and sends the request to a data generator. The data generator extracts the data to be signed from the signature generation request, and its signature generation unit generates a signature for the data. A key generation unit generates a key from a previous key, the signature request time in the signature generation request, and the identifier of the data generator, and an encryptor encrypts the signature. After that, the encrypted signature and the like are returned to the data verifier, which generates a decrypting key with a key generation unit from the previous key, the signature request time, and the identifier of the data generator, then extracts an encrypted signature, and decrypts it with a decryptor. A signature verification unit checks whether or not the result of decrypting is the correct signature.

71 Citations

View as Search Results

26 Claims

1. A data generating apparatus, comprising:
- a receiver that receives initial data and extracts first data and second data from the initial data;
  
  a key generation data memory unit that holds the second data;
  
  an encrypting key generation unit comprising a one-way function that generates an encrypting key from second data stored in the key generation data memory unit;
  
  an encryptor that encrypts the first data with the encrypting key generated by the encrypting key generation unit;
  
  a previous key memory unit that holds a previous key; and
  
  a sender that generates final data including at least one of the result of encrypting by the encryptor and the second data stored in the key generation data memory unit,wherein the encrypting key generation unit also uses the previous key stored in the previous key memory unit in generating the encrypting key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A data generating apparatus according to claim 1, wherein the first data is a result of decrypting prescribed encrypted data.
  - 3. A data generating apparatus according to claim 1, wherein the first data is a signature for prescribed data.
  - 4. A data generating apparatus according to claim 1, wherein the encrypting key generation unit consists of a one-way function, and a result of inputting the second data stored in the key generation data memory unit into the one-way function is the encrypting key.
  - 5. A data generating apparatus according to claim 1, further comprising:
    - the previous key encrypting key memory unit that holds a previous key encrypting key for encrypting the previous key; and
      
      a previous key encryptor that encrypts the previous key with the previous key encrypting key stored in the previous key encrypting key memory unit.
  - 6. A data generating apparatus according to claim 1, wherein the encrypting performed by the encryptor is symmetric key encrypting.
  - 7. A data generating apparatus according to claim 1, wherein the encrypting performed by the encryptor is multiplication or division using the first data and the encrypting key generated by the encrypting key generation unit under a prescribed modulus number.

8. A data generating method comprising the steps of:
- receiving initial data and extracting first data and second data from the initial data;
  
  generating an encrypting key from the second data using a one-way function;
  
  encrypting the first data with the encrypting key, the first data capable of being checked whether it includes a prescribed characteristic; and
  
  generating final data including at least one of the second data and the encrypted first data,wherein the encrypting key is also generated from a previous key stored in a previous key memory unit.

9. A data verifying apparatus, comprising:
- a receiver that receives initial data and extracts first data and second data from the initial data;
  
  a key generation data memory unit that holds the second data;
  
  a decrypting key generation unit comprising a one-way function that generates a decrypting key from the second data stored in the key generation data memory unit;
  
  a decryptor that decrypts the first data with the decrypting key generated by the decrypting key generation unit;
  
  a verification unit that checks whether the first data decrypted by the decryptor has a prescribed characteristic and checks whether the decrypted first data is a result of decrypting prescribed data with a prescribed decrypting key; and
  
  a previous key memory unit that holds a previous key, wherein the decrypting key generation unit, in generating a decrypting key, also uses the previous key stored in the previous key memory unit.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. A data verifying apparatus according to claim 9, wherein the verification unit checks whether the data decrypted by the decryptor is a signature signed with a prescribed signature key.
  - 11. A data verifying apparatus according to claim 9, wherein the decrypting key generation unit consists of a one-way function, and a result of inputting the second data stored in the key generation data memory unit into the one-way function is the decrypting key.
  - 12. A data verifying apparatus according to claim 9, further comprising:
    - the previous key memory unit that stores an encrypted previous key;
      
      a previous key decrypting key memory unit that stores a decrypting key for decrypting the encrypted previous key; and
      
      a previous key decryptor that decrypts the encrypted previous key stored in the previous key memory unit with the decrypting key stored in the previous key decrypting key memory unit.
  - 13. A data verifying apparatus according to claim 9, wherein the decrypting performed by the decryptor is decrypting in symmetric key algorithm.
  - 14. A data verifying apparatus according to claim 9, wherein the decrypting performed by the decryptor is multiplication or division using the first data and the decrypting key generated by the decrypting key generation unit under a prescribed modulus number.

15. A data verifying method comprising the steps of:
- receiving initial data and extracting first data and second data from the initial data;
  
  generating a decrypting key from second data using a one-way function;
  
  decrypting first data with the decrypting key; and
  
  checking whether a result of decrypting includes a prescribed characteristic,wherein the second data is also generated from a previous key stored in a previous key memory unit.

16. A data processing apparatus comprising a data generating apparatus and a data verifying apparatus for verifying the integrity of encrypted data generated by the data generating apparatus, wherein:
- the data verifying apparatus further comprises;
  
  a receiver that receives the encrypted data from the data generating apparatus;
  
  a reference value data memory unit that holds first data;
  
  a first key generation data memory unit that holds second data;
  
  a decrypting key generation unit comprising a one-way function that generates a decrypting key from the second data stored in the first key generation data memory unit;
  
  a decryptor that decrypts the encrypted data received from the data generating apparatus with the decrypting key generated by the decrypting key generation unit; and
  
  a verification unit that checks whether the data decrypted by the decryptor has a prescribed relationship with respect to integrity with the first data stored in the reference value data memory unit, andthe data generating apparatus further comprises;
  
  a receiver that receives the first data from the data verifying apparatus and that generates third data from the first data;
  
  a second key generation data unit that holds fourth data;
  
  an encrypting key generation unit that comprises a one-way function for generating an encrypting key from the fourth data stored in the second key generation data memory unit; and
  
  an encryptor that encrypts the third data with the encrypting key generated by the encrypting key generation unit; and
  
  a sender that sends the encrypted third data to the data verifying apparatus.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 17. A data processing apparatus according to claim 16, wherein the third data generated by the data generating apparatus is a result of decrypting with a prescribed decrypting key the first data from the data verifying apparatus, and the verification unit of the data verifying apparatus checks whether the result of decrypting of encrypted data from the data generating apparatus is a result of decrypting the first data.
  - 18. A data processing apparatus according to claim 16, wherein the third data generated by the data generating apparatus is a signature generated by signing the first data sent from the data verifying apparatus with a prescribed signature key, and the verification unit of the data verifying apparatus checks if a result of decrypting the encrypted data sent from the data generating apparatus is a correct signature with respect to the first data.
  - 19. A data processing apparatus according to claim 16, whereinthe data generating apparatus further comprises:
    - a commitment random number memory unit that holds a random number; and
      
      a commitment generation unit that generates a commitment from the random number stored in the commitment random number memory unit, andthe data verifying apparatus further comprises;
      
      a commitment memory unit that stores the commitment sent from the data generating apparatus, whereinthe data generating apparatus sends, before it receives the first data from the data verifying apparatus, the commitment generated by the commitment generation unit to the data verifying apparatus,the receiver also uses a random number stored in the commitment random number memory unit for generating the third data to be verified, andthe data verifying apparatus, when the verification unit performs checking, also uses the commitment stored in the commitment memory unit.
  - 20. A data processing apparatus according to claim 16, wherein the decrypting key generation unit of the data verifying apparatus consists of a one-way function, a result of entering the data stored in the first key generation data memory unit into the one-way function is the decrypting key, the encrypting key generation unit of the data generating apparatus is composed of the same one-way function as that of the decrypting key generation unit of the data verifying apparatus, and a result of entering the data stored in the second key generation data unit into the one-way function is the encrypting key.
  - 21. A data processing apparatus according to claim 16, wherein the data verifying apparatus further comprises:
    - a first previous key memory unit that holds a previous key, andthe decrypting key generation unit, when it is to generate the decrypting key, also uses the previous key stored in the first previous key memory unit, andthe data generating apparatus further comprises;
      
      a second previous key memory unit that holds the previous key, andthe encrypting key generation unit, when it is to generate the encrypting key, also uses the previous key stored in the second previous key memory unit.
  - 22. A data processing apparatus according to claim 21, wherein:
    - the data generating apparatus further comprises;
      
      a previous key encrypting key memory unit that stores a previous key encrypting key for encrypting the previous key; and
      
      a previous key encryptor that encrypts the previous key with an encrypting key stored in the previous key encrypting key memory unit, andthe data verifying apparatus further comprises;
      
      a previous key decrypting key memory unit that encrypts a previous key decrypting key for decrypting the encrypted previous key; and
      
      a previous key decryptor for decrypting the encrypted previous key with a previous key decrypting key stored in the previous key decrypting key memory unit, whereinthe data generating apparatus encrypts the previous key stored in the second previous key memory unit with the previous key encryptor using the encrypting key stored in the previous key encrypting key memory unit, and sends the result to the data verifying apparatus, andthe data verifying apparatus decrypts the encrypted previous key sent from the data generating apparatus with the previous key decryptor using the decrypting key stored in the previous key decrypting key memory unit, and stores the result in the first previous key memory unit.
  - 23. A data processing apparatus according to claim 16, whereinthe data verifying apparatus sends data held in the first key generation data memory unit to the data generating apparatus, andthe data generating apparatus stores the data sent from the data verifying apparatus in the second key generation data memory unit for use in generation of the encrypting key.
  - 24. A data processing apparatus according to claim 16, whereinthe data generating apparatus sends the fourth data held in the second key generation data memory unit to the data verifying apparatus, and the data verifying apparatus stores the fourth data from the data generating apparatus in the first key generation data unit for use in generation of the decrypting key.
  - 25. A data processing apparatus according to claim 16, wherein the encrypting performed by the encryptor is the encrypting using a symmetric key algorithm with the encrypting key, and the decrypting performed by the decryptor is the decrypting using a symmetric key algorithm with the decrypting key.
  - 26. A data processing apparatus according to claim 16, wherein the encrypting performed by the encryptor is multiplication or division using the third data and the encrypting key under a prescribed modulus number, and the decrypting performed by the decryptor is multiplication or division using the encrypted data from the data generating apparatus by the decrypting key under the same modulus number used in the encryptor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fuji Xerox Company Limited (Xerox Holdings Corp.)
Original Assignee
Fuji Xerox Company Limited (Xerox Holdings Corp.)
Inventors
Shin, Kil-ho, Kyojima, Masaki
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Lanier, Benjamin E.

Application Number

US09/588,049
Time in Patent Office

2,072 Days
Field of Search

713/189, 713/193, 380/45
US Class Current

713/193
CPC Class Codes

H04L 9/0822 using key encryption key

H04L 9/3247 involving digital signatures

Data generating apparatus and data verifying apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

71 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Data generating apparatus and data verifying apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links