Cryptographic processing apparatus, cryptographic processing system, and cryptographic processing method
First Claim
Patent Images
1. A cryptographic processing apparatus for encrypting and decrypting data, the cryptographic processing apparatus comprising:
- a key data storage area storing a plurality of pieces of key data used for encryption and/or decryption;
a mode setting circuit configured to set, for at least one of the plurality of pieces of key data stored in the key data storage area, a process mode of either of an encryption process or a decryption process in association with the stored at least one key data; and
a process limitation circuit operable to;
receive a mode specifying command specifying a process mode of either an encryption process or a decryption process in association with key data from another apparatus;
compare the process mode specified by the mode specifying command to the process mode associated with the stored at least one key data;
when, based on the compare, the received process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the mode setting circuit are determined to coincide with each other, permit performing a process corresponding to the process mode specified by the mode specifying command using the stored at least one key data; and
when, based on the compare, the process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the mode setting circuit are determined to not coincide with each other, prevent performing the process corresponding to the process mode specified by the mode specifying command using the stored at least one key data.
1 Assignment
0 Petitions
Accused Products
Abstract
A process mode of either of an encryption process and a decryption process is set for at least one of a plurality of pieces of key data, in association with the key data. Then, a mode specifying command for specifying a process mode in association with key data is received from another apparatus, and if the received process mode and the process mode associated with the key data coincide with each other, the process in the process mode using the key data is permitted.
-
Citations
13 Claims
-
1. A cryptographic processing apparatus for encrypting and decrypting data, the cryptographic processing apparatus comprising:
-
a key data storage area storing a plurality of pieces of key data used for encryption and/or decryption; a mode setting circuit configured to set, for at least one of the plurality of pieces of key data stored in the key data storage area, a process mode of either of an encryption process or a decryption process in association with the stored at least one key data; and a process limitation circuit operable to; receive a mode specifying command specifying a process mode of either an encryption process or a decryption process in association with key data from another apparatus; compare the process mode specified by the mode specifying command to the process mode associated with the stored at least one key data; when, based on the compare, the received process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the mode setting circuit are determined to coincide with each other, permit performing a process corresponding to the process mode specified by the mode specifying command using the stored at least one key data; and when, based on the compare, the process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the mode setting circuit are determined to not coincide with each other, prevent performing the process corresponding to the process mode specified by the mode specifying command using the stored at least one key data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A cryptographic processing apparatus for encrypting and decrypting data, the cryptographic processing apparatus comprising:
-
a key data storage area storing key data used for encryption and/or decryption; a mode setting circuit operable to set, for at least one of the key data stored in the key data storage area, a process mode of either of an encryption process or a decryption process in association with the at least one key data; and a process limitation circuit operable to; receive a mode specifying command specifying a process mode of either an encryption process or a decryption process from another apparatus; compare the process mode specified by the mode specifying command to the process mode associated with the stored at least one key data; when, based on the compare, the process mode specified by the mode specifying command and the process mode set in the mode setting circuit are determined to coincide with each other, permit performing a process corresponding to the process mode specified by the mode specifying command using the stored at least one key data associated with the process mode; and when, based on the compare, the process mode specified by the mode specifying command and the process mode set in the mode setting circuit are determined to not coincide with each other, prevent performing the process corresponding to the process mode specified by the mode specifying command using the stored at least one key data associated with the process mode.
-
-
12. A cryptographic processing system including a cryptographic processing apparatus for encrypting and decrypting data and system firmware for controlling the cryptographic processing apparatus, the cryptographic processing apparatus comprising:
-
a key data storage area storing a plurality of pieces of key data used for encryption and/or decryption are written by the system firmware; a mode setting circuit setting, for at least one of the plurality of pieces of key data stored in the key data storage area, a process mode of either of an encryption process or a decryption process in association with the at least one key data; and a process limitation circuit operable to; receive a mode specifying command specifying a process mode of either an encryption process or a decryption process in association with key data from another apparatus; compare the process mode specified by the mode specifying command to the process mode associated with the stored at least one key data; when, based on the compare, the process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the mode setting circuit are determined to coincide with each other, permit performing a process corresponding to the process mode specified by the mode specifying command using the stored at least one key data; and when, based on the compare, the process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the mode setting circuit are determined to not coincide with each other, prevent performing the process corresponding to the process mode specified by the mode specifying command using the stored at least one key data.
-
-
13. A cryptographic processing method for encrypting and decrypting data, the cryptographic processing method comprising:
-
storing in a storage area a plurality of pieces of key data used for encryption and/or decryption; setting, for at least one of the plurality of pieces of key data stored in the storage area, a process mode of either of an encryption process or a decryption process in association with the stored at least one key data; and receiving a mode specifying command specifying a process mode of either an encryption process or a decryption process in association with key data from another apparatus; compare the process mode specified by the mode specifying command to the process mode associated with the stored at least one key data; when, based on the compare, the process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the setting in association with the key data are determined to coincide with each other, permitting performing a process corresponding to the process mode specified by the mode specifying command using the stored at least one key data; and when, based on the compare, the process mode specified by the mode specifying command and the process mode associated with the stored at least one key data set in the setting in association with the key data are determined to not coincide with each other, preventing performing the process corresponding to the process mode specified by the mode specifying command using the stored at least one key data.
-
Specification