Pseudo public key encryption

US 20070189517A1
Filed: 01/23/2006
Published: 08/16/2007
Est. Priority Date: 12/20/2004
Status: Abandoned Application

First Claim

Patent Images

1. ) An apparatus comprising tamper-proof hardware, the hardware comprising an encryption-authentication section for performing issuance of an ID, encryption, and authentication, in response to a request by a user, and a tampering detection section for detecting one of voltage change and pressure change, to electrically destroy the encryption-authentication section, the encryption-authentication section comprising:

an ID issuance-registration section for issuing an ID in response to a request by a user, and storing the ID in a storage section;

a key generation section for generating a key corresponding to the ID using a one-to-one function, and outputting the key;

a first key acquisition section for, in response to a request by a user for decryption or generation of a message authentication code, comparing an inputted ID and the ID stored in the ID storage section, and, if the IDs are corresponding to each other, handing over the ID to the key generation section to output a key generated by the key generation section;

a second key acquisition section for, in response to a request by a user for encryption or verification of a message with a message authentication code attached thereto, handing over an inputted ID to the key generation section to output a key generated by the key generation section;

a message authentication code generation section for handing over an inputted ID to the first key acquisition section, and, with the use of a key outputted from the first key acquisition section, calculating and outputting a message authentication code of an inputted message;

a message authentication code verification section for handing over an inputted ID to the second key acquisition section, calculating a message authentication code of an inputted message with the use of a key outputted from the second key acquisition section, comparing the obtained message authentication code and an inputted message authentication code, and, if the message authentication codes are corresponding to each other, returning information indicating that the verification has succeeded to the user;

an encryption section for handing over an inputted ID to the second key acquisition section, encrypting inputted plaintext with the use of a key outputted from the second key acquisition section, and returning the result to a user; and

a decryption section for handing over an inputted ID to the first acquisition section and, with the use of a key outputted from the first key acquisition section, decrypting and outputting inputted encrypted text.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to the present invention, a secret key cryptosystem and tamper-proof hardware are used to realize a pseudo public key cryptosystem at a low cost. A trap-door one-way function is substantially realized with the use of tamper-proof hardware. Each user performs communication using equipment provided with hardware having the same capabilities described below. Such hardware retains association between an ID and a key. In response to a request from a user, the hardware issues and stores an ID, and it can perform decryption and generation of a MAC (message authentication code) with a key associated with the ID. A user publishes his ID. When performing encryption, a message sender encrypts a message using the published ID. A third person can perform decryption with the ID only by analyzing the mechanism in the hardware. However, the hardware has a capability of destroying itself when such an act is attempted.

31 Citations

20 Claims

1. ) An apparatus comprising tamper-proof hardware, the hardware comprising an encryption-authentication section for performing issuance of an ID, encryption, and authentication, in response to a request by a user, and a tampering detection section for detecting one of voltage change and pressure change, to electrically destroy the encryption-authentication section, the encryption-authentication section comprising:
- an ID issuance-registration section for issuing an ID in response to a request by a user, and storing the ID in a storage section;
  
  a key generation section for generating a key corresponding to the ID using a one-to-one function, and outputting the key;
  
  a first key acquisition section for, in response to a request by a user for decryption or generation of a message authentication code, comparing an inputted ID and the ID stored in the ID storage section, and, if the IDs are corresponding to each other, handing over the ID to the key generation section to output a key generated by the key generation section;
  
  a second key acquisition section for, in response to a request by a user for encryption or verification of a message with a message authentication code attached thereto, handing over an inputted ID to the key generation section to output a key generated by the key generation section;
  
  a message authentication code generation section for handing over an inputted ID to the first key acquisition section, and, with the use of a key outputted from the first key acquisition section, calculating and outputting a message authentication code of an inputted message;
  
  a message authentication code verification section for handing over an inputted ID to the second key acquisition section, calculating a message authentication code of an inputted message with the use of a key outputted from the second key acquisition section, comparing the obtained message authentication code and an inputted message authentication code, and, if the message authentication codes are corresponding to each other, returning information indicating that the verification has succeeded to the user;
  
  an encryption section for handing over an inputted ID to the second key acquisition section, encrypting inputted plaintext with the use of a key outputted from the second key acquisition section, and returning the result to a user; and
  
  a decryption section for handing over an inputted ID to the first acquisition section and, with the use of a key outputted from the first key acquisition section, decrypting and outputting inputted encrypted text.
- View Dependent Claims (2, 3, 4, 5, 20)
- - 2. ) The apparatus according to claim 1, wherein the encryption-authentication section has a seed storage section, and the key generation section generates a key, based on a seed stored in the seed storage section and the ID stored in the ID storage section, and outputs the key.
  - 3. ) The apparatus according to claim 1, wherein the ID issuance-registration section includes redundant information in an ID when issuing the ID.
  - 4. ) The apparatus according to claim 1, wherein the encryption-authentication section further has a write-once storage area so that registration of the ID is enabled by writing the ID in the write-once storage area.
  - 5. ) The apparatus according to claim 1, where in issuance-registration of the ID is performed only by a key generation body.
  - 20. ) A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing encryption functions, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of claim 1.

6. ) A method for performing pseudo public key encryption and digital signaling with the use of an apparatus including tamper-proof hardware which comprises an encryption-authentication section for performing issuance of an ID, encryption, and authentication, in response to a request by a user, and a tampering detection section for detecting voltage change or pressure change to electrically destroy the encryption-authentication section, the encryption-authentication section of the apparatus comprising:
- an ID issuance-registration section for issuing an ID in response to a request by a user, and storing the ID in a storage section;
  
  a key generation section for generating a key corresponding to the ID using a one-to-one function, and outputting the key;
  
  a first key acquisition section for, in response to a request by a user for decryption, or generation of a message authentication code, comparing an inputted ID and the ID stored in the ID storage section, and, if the IDs are corresponding to each other, handing over the ID to the key generation section to output a key generated by the key generation section;
  
  a second key acquisition section for, in response to a request by a user for encryption, or verification of a message with a message authentication code attached thereto, handing over an inputted ID to the key generation section to output a key generated by the key generation section;
  
  a message authentication code generation section for handing over an inputted ID to the first key acquisition section, and, with the use of a key outputted from the first key acquisition section, calculating and outputting a message authentication code of an inputted message;
  
  a message authentication code verification section for handing over an inputted ID to the second key acquisition section, calculating a message authentication code of an inputted message with the use of a key outputted from the second key acquisition section, comparing the obtained message authentication code and an inputted message authentication code, and, if the message authentication codes are corresponding to each other, returning information indicating that the verification has succeeded to the user;
  
  an encryption section for handing over an inputted ID to the second key acquisition section, encrypting inputted plaintext with the use of a key outputted from the second key acquisition section, and returning the result to a user; and
  
  a decryption section for handing over an inputted ID to the first acquisition section, and, with the use of a key outputted from the first key acquisition section, decrypting and outputting inputted encrypted text; and
  
  the method comprising, in sending a message between a sending user and a receiving user, having the apparatus A and the apparatus B, respectively, the steps of;
  
  the apparatus A selecting and storing a sending user ID, and then returning the sending user ID to the sending user, for publication of the sending user ID;
  
  the apparatus B selecting and storing a receiving user ID, and then returning the receiving user ID to the receiving user, for publication of the receiving user ID;
  
  the apparatus A acquiring a key corresponding to the sending user ID, generating a message authentication code, and returning the message authentication code to the sending user;
  
  in response to a request by the sending user for encryption, the apparatus A acquiring a key corresponding to the receiving user ID, encrypting the message and the message authentication code, and returning the encrypted message and message authentication code to the sending user;
  
  in response to a request by the receiving user for decryption of the encryption, the apparatus B acquiring a key corresponding to the receiving user ID, decrypting the received message, and returning the decrypted message to the receiving user; and
  
  in response to a request by the receiving user for verification of the message authentication code, the apparatus B acquiring a key corresponding to the sending ID, verifying the message authentication code, and returning the result to the receiving user.
- View Dependent Claims (7, 8, 9, 10, 18, 19)
- - 7. ) The method according to claim 6, wherein the encryption-authentication section has a seed storage section, and the key generation section generates a key based on a seed stored in the seed storage section and the ID stored in the ID storage section, and outputs the key.
  - 8. ) The method according to claim 6, wherein the ID issuance-registration section includes redundant information in an ID when issuing the ID.
  - 9. ) The method according to claim 6, wherein the encryption-authentication section further has a write-once storage area so that registration of the ID is enabled by writing the ID in the write-once storage area.
  - 10. ) The method according to claim 6, wherein issuance-registration of the ID is performed only by a key generation body.
  - 18. ) An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing encryption functions, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 6.
  - 19. ) A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for encryption functions, said method steps comprising the steps of claim 6.

11. ) A method comprising:
- providing tamper-proof hardware having capabilities to perform issuance of an ID, encryption, and authentication, in response to a request by a user;
  
  detecting one of voltage change and pressure change, and electrically destroying at least one of said capabilities;
  
  issuing and storing a first ID in response to a request by a user;
  
  generating a first key corresponding to the first ID using a one-to-one function, and outputting the first key;
  
  in response to a request by the user for one of decryption of a message authentication code and generation of a message authentication code, comparing an inputted ID and the first ID, and if the inputted ID and the first ID correspond to each other, handing over the first ID and outputting the first key;
  
  in response to a request by the user for encryption or verification of a message with a message authentication code attached thereto, handing over the inputted ID and outputting a second key;
  
  handing over the inputted ID to the first key acquisition section, and with the use of the first key calculating and outputting a message authentication code of an inputted message;
  
  a message authentication code verification section for handing over the inputted ID to the second key acquisition section, calculating a message authentication code of the inputted message with the use of the second key, comparing the obtained message authentication code and an inputted message authentication code, and, if the message authentication codes correspond to each other, returning information to the user indicating that the verification has succeeded;
  
  handing over the inputted ID, encrypting inputted plaintext with the use of the second key, and returning the result to a user; and
  
  handing over the inputted ID, and with the use of the first key, decrypting and outputting inputted encrypted text.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. ) The method according to claim 11, wherein at least one key is based on a stored seed.
  - 13. ) The method according to claim 11, further comprising including redundant information in each issued ID.
  - 14. ) The method according to claim 11, further comprising enabling a write-once storage such that registration of the ID occurs by writing the ID in a write-once storage area.
  - 15. ) The method according to claim 11, wherein issuance-registration of the ID is performed only by a key generation body.
  - 16. ) An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing encryption functions, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 11.
  - 17. ) A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for encryption functions, said method steps comprising the steps of claim 11.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Koseki, Akira, Imamura, Takeshi

Application Number

US11/338,063
Publication Number

US 20070189517A1
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

H04L 2209/80 Wireless network architectu...

H04L 9/3242 involving keyed hash functi...

Pseudo public key encryption

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Pseudo public key encryption

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links