Key allocating method and key allocation system for encrypted communication
First Claim
1. A communication system in which a communication source apparatus and a communication destination apparatus perform an encrypted communication with each other;
- wherein;
the communication source registers, at a management server, store a first setting information for the encrypted communication including a plurality of setting items whose setting values are to be determined in order to designate an encryption key available for the communication source apparatus;
the communication destination registers, at the managing server, store a second setting information for the encrypted communication including a plurality of setting items whose setting values are to be determined in order to designate an encryption key available for the communication destination apparatus;
said communication source apparatus transmits a connection request between communication source apparatus and communication destination apparatus to the management server;
said management server searches the first and the second setting information having been previously registered into the management server respectively by both said communication source apparatus and said communication destination apparatus for setting information, for at least one of the setting items, the setting item to be searched being available for both the communication source apparatus and the communication destination apparatus designated by reception of the connection request in order to generate an encryption key; and
in the case that the management server can search for the setting item in order to generate the encryption key available for both the communication source apparatus and the communication destination apparatus, both the communication source apparatus and the communication destination apparatus perform an encrypted communication by employing the encryption key for the encrypted communication, which has been produced based upon the searched setting item for the encrypted communication, without the management server relaying data of the encrypted communication between the communication source apparatus and the communication destination apparatus.
1 Assignment
0 Petitions
Accused Products
Abstract
Both a management server and a validation server are installed. Both a terminal and a terminal register setting information which is usable in an encrypted communication in the management server. When carrying out the encrypted communication, the management server searches the registered setting information for coincident setting information. The management server generates keys for the encrypted communications which can be used by the terminals, and delivers these generated keys in combination with the coincident setting information. The management server authenticates both the terminals in conjunction with the validation server. Since the terminals trust such results that the management server has authenticated the terminals respectively, these terminals need not authenticate the respective communication counter terminals.
45 Citations
11 Claims
-
1. A communication system in which a communication source apparatus and a communication destination apparatus perform an encrypted communication with each other;
- wherein;
the communication source registers, at a management server, store a first setting information for the encrypted communication including a plurality of setting items whose setting values are to be determined in order to designate an encryption key available for the communication source apparatus; the communication destination registers, at the managing server, store a second setting information for the encrypted communication including a plurality of setting items whose setting values are to be determined in order to designate an encryption key available for the communication destination apparatus; said communication source apparatus transmits a connection request between communication source apparatus and communication destination apparatus to the management server; said management server searches the first and the second setting information having been previously registered into the management server respectively by both said communication source apparatus and said communication destination apparatus for setting information, for at least one of the setting items, the setting item to be searched being available for both the communication source apparatus and the communication destination apparatus designated by reception of the connection request in order to generate an encryption key; and in the case that the management server can search for the setting item in order to generate the encryption key available for both the communication source apparatus and the communication destination apparatus, both the communication source apparatus and the communication destination apparatus perform an encrypted communication by employing the encryption key for the encrypted communication, which has been produced based upon the searched setting item for the encrypted communication, without the management server relaying data of the encrypted communication between the communication source apparatus and the communication destination apparatus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- wherein;
Specification