JP2011228777A - Key generating device, data providing device, terminal device, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To generate a key able to identify a data provider by use of an existing key, and distribute encrypted data using the key.SOLUTION: An on-vehicle device 100 has an on-vehicle device individual key specific to the on-vehicle device and an on-vehicle device identifier, transmits the on-vehicle device identifier to a roadside machine 200, and requests content data. The roadside machine transmits encryption target data in which the content data is concealed, the on-vehicle device identifier, and a company identifier of a content data distribution company to a center device 300 . The center device generates an on-vehicle device individual key from a master key and the on-vehicle device identifier, and also generates a company individual key from the on-vehicle device individual key and the company identifier. Further, the center device encrypts the encryption target data using the company individual key, and transmits the encrypted data to the roadside machine. The roadside machine transmits the encrypted data, protection data for releasing concealment, and the company identifier to the on-vehicle device. The on-vehicle device generates a company individual key from the company identifier and the on-vehicle device individual key, and obtains the content data from the company individual key and the protection data.

Description

The present invention relates to a technique for distributing encrypted data.
More specifically, the present invention relates to a technique for distributing encrypted content to an in-vehicle device by a wireless communication method called, for example, DSRC (Dedicated Short Range Communication).

As a typical system in the field of ITS (Intelligent Transport Systems), tolls on toll roads (highways, etc.) are automatically collected, and toll road users can pass through the toll gate almost non-stop A toll road automatic toll collection system (ETC: Electronic Toll Collection) has already been put into practical use.
ETC is a system that is realized by exchanging information necessary for toll collection by dedicated narrow area communication (DSRC) between ETC onboard equipment mounted on vehicles and roadside equipment provided at the entrance / exit gate of toll gate .
Dedicated narrow-area communication refers to wireless communication used for road-to-vehicle communication such as ETC and commercial vehicle management systems. There are two methods, one that uses light and the other that uses radio waves. Meters to hundreds of meters.

As a system using this dedicated narrow area communication, a system that distributes data obtained by encrypting content to be distributed and a key for decrypting the data is disclosed (for example, Patent Document 1).
According to this system, after distributing encrypted content using DSRC, the content can be used only by the contractor by transmitting a key for decryption only to the contracted vehicle-mounted device.

JP 2008-271125 A

  However, the background art described above is considered to have the following problems.

When the encrypted content and key are distributed by DSRC, since the key appears in the wireless section, it can be wiretapped, and not only the key but also the content itself may be leaked.
Another possible method is to use a key used in an existing system as a key for content encryption.
When the existing system key is used as a content encryption key, the existing system key is not wirelessly communicated, and thus the above-described problem does not occur.
However, since the influence when the key used in the existing system is leaked is large, it is difficult to use the key used in the existing system outside the existing system in consideration of the key management cost and the like.
Further, when the key of the existing system is used for content encryption, all the content distribution operators use the same key, and thus it becomes impossible to identify individual operators. Since the content user cannot identify the content distribution source, for example, even if someone spoofs a legitimate content distributor and distributes illegal content, content from the legitimate content distributor It will be recognized.
In addition, a method of storing different keys in the vehicle-mounted device for each content distribution company etc. can be considered, but since a key issuing system as a new or additional function or a key storing procedure is required, there is a cost in terms of equipment etc. It is difficult to realize.

  One of the main objects of the present invention is to solve the above-mentioned problems, and without using the risk of leakage, an existing key is used to generate a new key that can identify the data provider, A mechanism for encrypting data using the generated new key and distributing encrypted data is realized.

The key generation device according to the present invention includes:
Connected to a second device for transmitting data to the first device;
A master key acquisition unit for acquiring a master key used to generate the first key held by the first device;
Prior to data transmission to the first device, information specific to the first device used to generate the first key is received as first information from the second device, and A receiving unit that receives, as second information, information associated with transmission target data that the two devices transmit to the first device;
A first key generation unit that generates the same key as the first key using the master key and the first information;
A second key generation unit that generates a second key different from the first key by using the same key as the first key generated by the first key generation unit and the second information. It is characterized by having.

According to the present invention, the first information unique to the first device is received, the second information associated with the transmission target data is received, and the first device uses the first information. To generate a second key that is different from the first key using the same key and the second information as the first key, and to generate a new second key different from the first key. The key is not transmitted, there is no risk of leakage of the first key, and a new second key can be generated.
Furthermore, the second key is based on the second information associated with the transmission target data, and the second key needs to be generated in order to decrypt the transmission target data encrypted using the second key. The second information is necessary for generating the second key, and if the encrypted transmission target data can be correctly decrypted in the first device, the second information is correctly transmitted. As a result, it can be determined that the data is provided from a valid provider.

FIG. 3 is a diagram illustrating an example of a system configuration according to the first embodiment. FIG. 3 is a diagram showing an outline of a data flow between devices according to the first embodiment. FIG. 3 is a diagram illustrating a configuration example of the vehicle-mounted device according to the first embodiment. The figure which shows the structural example of the roadside machine which concerns on Embodiment 1. FIG. FIG. 3 is a diagram illustrating a configuration example of a center device according to the first embodiment. FIG. 6 is a diagram showing an outline of a data flow between devices according to the second embodiment. FIG. 5 shows a configuration example of an on-vehicle device according to a second embodiment. The figure which shows the structural example of the roadside machine which concerns on Embodiment 2. FIG. FIG. 6 is a diagram illustrating a configuration example of a center device according to a second embodiment. FIG. 10 is a diagram showing an outline of a data flow between devices according to the third embodiment. The figure which shows the hardware structural example of the onboard equipment which concerns on Embodiment 1-3, a roadside machine, and a center apparatus.

Embodiment 1 FIG.
In this embodiment, individual content distribution is performed by generating a different key (provider individual key) for each content distribution provider (hereinafter also simply referred to as a provider) from keys used in the existing system. Explain how to identify the operator.
The provider individual keys described in this embodiment are not only difficult to obtain each other's keys between the provider individual keys, but can also obtain the keys used in the existing system from the provider individual keys. It is difficult, and impersonation of the authentication process of the existing system is difficult.

FIG. 1 shows a configuration example of a system according to the present embodiment.
The vehicle-mounted device 100 is a device that is mounted on a vehicle and used to enjoy services using the roadside device 200.
The vehicle-mounted device 100 requests the roadside device 200 to distribute content.
The vehicle-mounted device 100 is an example of a terminal device and a first device.

The roadside device 200 is a device that provides services to the vehicle-mounted device 100.
The roadside device 200 requests the center device 300 to encrypt the content requested to be distributed from the vehicle-mounted device 100, receives the encrypted content from the center device 300, and transfers the content to the vehicle-mounted device 100.
The roadside device 200 is an example of a data providing device and a second device.

In response to a request from the roadside device 200, the center device 300 generates the same key as the in-vehicle individual key held by the in-vehicle device 100, and further generates a provider individual key, which is distributed to the in-vehicle device 100. The content is encrypted using the operator individual key, and the encrypted content is transmitted to the roadside device 200.
The on-vehicle device individual key is a key that is different for each on-vehicle device and is a key used in an existing system.
Further, the provider individual key is a key that is different for each vehicle-mounted device and for each content distribution provider.
That is, the provider individual key generated for encrypting the contents of the provider B distributed to the vehicle-mounted device A is a key unique to the combination of the vehicle-mounted device A and the provider B.
As will be described later, the content encrypted with the carrier unique key is distributed to the vehicle-mounted device A, but only the vehicle-mounted device A can appropriately generate the carrier individual key other than the center device 300. The provider individual key generated by the vehicle-mounted device A can only decrypt the content from the provider B.
The center device 300 is a device used to generate a key for an existing system (vehicle equipment individual key), plays a role of generating a key for an existing system, and is an individual operator for content encryption. Generate a key and encrypt the content.

In the vehicle-mounted device 100, 101 is a communication unit that is a communication IF (interface) of the vehicle-mounted device 100.
A control unit 102 performs communication control and other services.
Reference numeral 103 denotes a key management unit that manages keys used in the existing system and performs authentication processing of the existing system using this key.
The key management unit 103 also performs a provider individual key generation process according to the present embodiment.

In the roadside device 200, 201 is a communication unit that is a communication IF with the vehicle-mounted device 100 of the roadside device 200.
A control unit 202 provides communication control and other services.
A communication unit 203 is a communication IF with the center device 300 of the roadside machine 200.

In the center device 300, reference numeral 301 denotes a communication unit that is a communication IF of the center device 300.
A control unit 302 controls communication and provides other services.
A key management unit 303 manages keys used in the existing system and performs authentication processing of the existing system using this key.
The key management unit 303 also performs a provider individual key generation process according to the present embodiment.

FIG. 2 shows a flow between apparatuses in the first embodiment. Transmission and reception of each request and response is performed by the communication unit 101 of the vehicle-mounted device 100 in FIG. 1, the communication unit 201 of the roadside machine 200 in FIG. This is performed via the unit 203 and the communication unit 301 of the center apparatus 300 in FIG.
Communication between the vehicle-mounted device 100 and the roadside device 200 may be communication used in an existing system or other communication.
In addition, communication is performed between the roadside device 200 and the center device 300 using the Internet or the like, but secure communication is established between the roadside device 200 and the center device 300 by TLS (Transport Layer Security) or the like. It shall be.

3, 4, and 5 are diagrams showing the configurations of the vehicle-mounted device 100, the roadside device 200, and the center device 300 in detail, respectively.
3, 4, and 5, data indicated by a broken line indicates data, and data indicated by a solid line indicates a module that performs processing.

In FIG. 3, the communication unit 101 transmits the vehicle-mounted device identifier 431 stored in the information storage unit 130 to the roadside device 200, and receives the operator identifier 436, encrypted data 437, and protection data 438 from the roadside device 200. Receive.
The communication unit 101 is an example of a transmission unit and a reception unit.
Although details of the vehicle-mounted device identifier 431, the encrypted data 437, and the protection data 438 will be described later, the provider identifier 436 is an example of second information.

In the key management unit 103, the information storage unit 130 stores the vehicle-mounted device identifier 431 and the vehicle-mounted device individual key 432.
The on-vehicle device identifier 431 is information unique to the on-vehicle device 100, and is an identifier that can uniquely identify the on-vehicle device 100. The on-vehicle device identifier 431 is information used to generate the on-vehicle device individual key 432, and the center device 300 generates the same key as the on-vehicle device individual key 432 from the on-vehicle device identifier 431, as will be described later. The onboard equipment identifier 431 is an example of first information.
The on-vehicle device individual key 432 is a key unique to the on-vehicle device 100 and is a key used for performing encrypted communication in the existing system. The on-vehicle device individual key 432 is an example of a first key.
The information storage unit 130 is an example of a first key storage unit and a first information storage unit.
The carrier individual key generation unit 131 generates the carrier individual key 433 from the carrier identifier 436 and the vehicle-mounted device individual key 432 received by the communication unit 101 according to a predetermined common key generation algorithm.
As will be described later, the provider individual key generation unit 131 shares a common key generation algorithm with the center apparatus 300, and applies the common key generation algorithm to the received provider identifier 436 and the vehicle-mounted device individual key 432. Thus, the same operator individual key 433 as the operator individual key 456 generated by the center device 300 is generated.
The provider individual key generation unit 131 is an example of a key generation unit, and the provider individual key 433 is an example of a second key.

In the control unit 102, the decryption processing unit 132 performs decryption processing on the encrypted data 437 received by the communication unit 101 using the business individual key 433 generated by the business individual key generation unit 131, and decrypts the decrypted data. 434 is obtained.
The encrypted data 437 is obtained by executing a predetermined concealment algorithm together with the protection data 438 by the roadside device 200 and encrypting the concealed data, so that the decrypted data that is the decryption result of the decryption processing unit 132 is obtained. A state 434 is still concealed. The decrypted data 434 is an example of confidential transmission target data.
Since the restoration processing unit 133 can execute the deciphering algorithm corresponding to the concealment algorithm of the roadside device 200, the restoration processing unit 133 executes the deciphering algorithm on the decrypted data 434 using the protection data 438 to perform the concealment. The content data 435 is obtained by canceling. The content data 435 is an example of transmission target data.
The restoration processing unit 133 is an example of a concealment release processing unit.

In FIG. 4, the communication unit 201 receives the vehicle-mounted device identifier 441 from the vehicle-mounted device 100, and transmits the encrypted data 446, the protection data 443, and the business entity identifier 444 to the vehicle-mounted device 100.
The OBE identifier 441 is the same as the OBE identifier 431 shown in FIG. 3 and is an example of first information.
The encrypted data 446 is the same as the encrypted data 437 shown in FIG.
The protection data 443 is the same as the protection data 438 shown in FIG.
The business entity identifier 444 is the same as the business entity identifier 436 shown in FIG. 3 and is an example of second information.
The communication unit 201 is an example of a terminal communication unit.

In the control unit 202, the protection data generation unit 242 generates protection data 443 used for concealing the content data 442.
The processing unit 241 performs the concealment process corresponding to the deconcealment process that can be executed by the vehicle-mounted device 100 on the content data 442 and the protection data 443 to generate the encryption target data 445. The encryption target data 445 is data to be encrypted in the center device 300.
The encryption target data 445 is the same as the decryption data 434 shown in FIG. 1, and is an example of the confidential transmission target data.
The content data 442 is the same as the content data 435 shown in FIG. 1 and is an example of transmission target data.
The processing unit 241 is an example of a concealment processing unit.
The information storage unit 243 stores a business entity identifier 444.
The business entity identifier 444 is information unique to the content distribution business operator (content data manager) that distributes the content data 442, and is an identifier that can uniquely identify the content distribution business operator.
The business entity identifier 444 is information associated with the content data 442, and is an example of second information.
The request generation unit 240 includes the on-vehicle device identifier 441 received from the on-vehicle device 100 and the business entity identifier 444 in the information storage unit 243, and includes a key ( A key generation request 440 requesting generation of a provider individual key) is generated.

The communication unit 203 transmits the encryption target data 445 and the key generation request 440 (including the operator identifier 444 and the vehicle-mounted device identifier 441) to the center device 300, and causes the center device 300 to generate the operator individual key. The encryption target data 445 is encrypted using the provider individual key.
Further, the communication unit 203 receives the encrypted data 446 from the center device 300.
The encrypted data 446 is the same as the encrypted data 437 shown in FIG.
The communication unit 203 is an example of a key generation communication unit.

In FIG. 5, the communication unit 301 receives the encryption target data 453, the operator identifier 452 and the vehicle-mounted device identifier 451 in the key generation request 440 from the roadside device 200.
The encryption target data 453 is the same as the encryption target data 445 shown in FIG.
The business entity identifier 452 is the same as the business entity identifier 444 illustrated in FIG. 4 and is an example of second information.
The OBE identifier 451 is the same as the OBE identifier 441 shown in FIG. 4 and is an example of first information.
Further, the communication unit 301 transmits the encrypted data 454 to the roadside device 200.
The encrypted data 454 is the same as the encrypted data 446 shown in FIG.
The communication unit 301 is an example of a reception unit and a transmission unit.

In the key management unit 303, the master key storage unit 350 stores the master key 450 used for generating the on-vehicle device individual key 432 held by the on-vehicle device 100. The master key storage unit 350 is realized by a tamper-resistant storage device.
The on-vehicle device individual key generation unit 351 receives the master key 450 from the master key storage unit 350, receives the on-vehicle device identifier 451 received by the communication unit 301, and uses the master key 450 and the on-vehicle device identifier 451. The on-vehicle device individual key 455 that is the same key as the on-vehicle device individual key 432 held by the on-vehicle device 100 is generated. The on-vehicle device individual key 455 is an example of the same key as the first key.
The onboard equipment individual key generation unit 351 generates the onboard equipment individual key 455 by the same generation algorithm as the generation algorithm of the onboard equipment individual key 432 held by the onboard equipment 100.
The on-vehicle device individual key generation unit 351 is an example of a first key generation unit and a master key acquisition unit.
The provider individual key generation unit 352 generates the provider individual key 456 using the provider identifier 452 received by the communication unit 301 and the onboard device individual key 455 generated by the onboard device individual key generation unit 351. The operator individual key 456 is an example of a second key.
The provider individual key generation unit 352 is an example of a second key generation unit.
The carrier individual key 456 is a key generated by combining the vehicle-mounted device individual key 455 and the carrier identifier 452, and the same key as the carrier individual key 456 is the same key and the carrier identifier 452 as the vehicle-mounted device individual key 455. Can be generated only by a device that possesses the same information as that described above and can execute the generation algorithm of the operator individual key 456.
The carrier individual key generation unit 352 and the carrier individual key generation unit 131 of the vehicle-mounted device 100 share a carrier individual key generation algorithm (common key generation algorithm).
Then, as shown in FIG. 3, the provider individual key generation unit 131 of the vehicle-mounted device 100 holds the vehicle-mounted device individual key 432 (= vehicle-mounted device individual key 455), and the operator identifier 436 (= carrier identifier 452). Since the common key generation algorithm can be executed, only the operator individual key generation unit 131 can generate the operator individual key 433 that is the same key as the operator individual key 456. .
Therefore, only the vehicle-mounted device 100 can decrypt the encrypted data 454 (= encrypted data 437) encrypted using the provider individual key 456 using the provider individual key 433.
Note that the decryption processing unit 132 of the vehicle-mounted device 100 can execute a decryption algorithm corresponding to an encryption algorithm of the encryption processing unit 353 described later.

In the control unit 302, the encryption processing unit 353 encrypts the encryption target data 453 received from the roadside device 200 using the provider individual key 456 generated by the provider individual key generation unit 352, and encrypts it. Data 454 is generated.
The encryption algorithm executed by the encryption processing unit 353 is an encryption algorithm corresponding to a decryption algorithm that can be executed by the decryption processing unit 132 of the vehicle-mounted device 100.

When the in-vehicle device 100 transmits the content distribution request S201 in FIG. 2, the on-vehicle device identifier 431 in the key management unit key management unit 103 in FIG. 3 is used as the content distribution request S201 in FIG. It transmits to the roadside machine 200.
The onboard unit identifier 431 may be held by the control unit 102.

When the roadside device 200 receives the content distribution request S201 in FIG. 2 via the communication unit 201 in FIG. 4, the roadside device 200 extracts the vehicle-mounted device identifier 441 from the request.
Further, the protection data generation unit 242 generates the protection data 443 and inputs it to the processing unit 241 together with the content data 442, and the processing unit 241 obtains the encryption target data 445.
The roadside device 200 transmits the encryption target data 445 and the key generation request 440 (the vehicle-mounted device identifier 441 and the operator identifier 444) to the center apparatus 300 as the encryption request S202 of FIG.

When the center apparatus 300 receives the encryption request S202 of FIG. 2 via the communication unit 301 of FIG. 5, the center apparatus 300 extracts the vehicle-mounted device identifier 451, the provider identifier 452, and the encryption target data 453 from the request.
Thereafter, the on-vehicle device identifier 451 is input to the on-vehicle device individual key generation unit 351, and the on-vehicle device individual key generation unit 351 obtains the on-vehicle device individual key 455 from the on-vehicle device identifier 451 and the master key 450.
Thereafter, the vehicle-mounted device individual key 455 and the carrier identifier 452 are input to the carrier individual key generation unit 352, and the carrier individual key generation unit 352 obtains the carrier individual key 456.
The center apparatus 300 inputs the provider individual key 456 and the encryption target data 453 to the encryption processing unit 353, and the encryption processing unit 353 obtains the encrypted data 454.
Thereafter, the encrypted data 454 is transmitted to the roadside device 200 as the encryption response S203 of FIG.

When the roadside device 200 receives the encrypted response S203 in FIG. 2 via the communication unit 203 in FIG. 4, the roadside device 200 extracts the encrypted data 446 from the response.
Thereafter, the encrypted data 446, the protection data 443 obtained when the encryption request S202 is generated, and the business entity identifier 444 are transmitted to the in-vehicle device 100 as the content distribution response S204 of FIG.

When the vehicle-mounted device 100 receives the content distribution response S204 of FIG. 2 via the communication unit 101 of FIG. 3, the vehicle-mounted device 100 extracts the provider identifier 436, the encrypted data 437, and the protection data 438 from the response.
Next, the provider identifier 436 and the on-vehicle device individual key 432 are input to the provider individual key generation unit 131, and the provider individual key generation unit 131 obtains the provider individual key 433.
Next, the operator individual key 433 and the encrypted data 437 are input to the decryption processing unit 132, and the decryption processing unit 132 obtains the decrypted data 434.
Thereafter, the decrypted data 434 and the protected data 438 are input to the restoration processing unit 133, and content data 435 is obtained by the restoration processing unit 133.

  Hereinafter, operation | movement of each component of the onboard equipment 100 which concerns on this Embodiment, the roadside machine 200, and the center apparatus 300 is demonstrated in detail.

The protection data 443 in FIG. 4 is used when the content of the content data 442 is kept secret from the center apparatus 300.
The protection data generation unit 242 is a module that generates protection data 443.
The processing unit 241 is a module that uses the protection data 443 to keep the content data 442 secret from the center device 300.
These modules can be configured, for example, by using the protection data generation unit 242 as a random number generator and the processing unit 241 as a means for performing an exclusive OR operation between the protection data 443 and the content data 442.
In this case, the center device 300 does not know the random number (the protected data 443 in FIG. 4) even if it receives the data masked by the random number (the encryption target data 445 in FIG. 4), and thus obtains the original content data 442. I can't.

The on-vehicle device identifier 451 in FIG. 5 is data for uniquely identifying the on-vehicle device, and the business operator identifier 452 is data for uniquely identifying the business operator.
The onboard equipment identifier 451 is used to generate an onboard equipment individual key 455 that is different for each onboard equipment.
The business entity identifier 452 is used to generate a business operator individual key 456 that is different for each vehicle-mounted device and each business operator.
The on-vehicle device individual key generation unit 351 depends on the existing system, but when the common key encryption is used, for example, the on-vehicle device identifier 451 is encrypted by the following calculation using the master key 450 known only by the system administrator. The result is set as the on-vehicle device individual key 455.
OBE individual key 455 = Enc (master key 450, OBE identifier 451)
Here, Enc (X, Y) represents a process of encrypting Y using the key X.
Further, the provider individual key generation unit 352 generates the provider individual key 456 by the following calculation, for example.
Business operator individual key 456 = Enc (Hash (vehicle equipment individual key 455), business operator identifier 452)
Here, Hash (X) represents a process of calculating a hash value of X by a one-way function and shaping it into a key format that can be used in Enc.
The shaping process can be realized by, for example, padding when the hash value is insufficient for the key length, and truncating when the hash value is longer than the key length.
By comprising in this way, the provider separate key 456 different for every provider with respect to the onboard equipment 100 can be produced | generated from the onboard equipment individual key 455. FIG.
In addition, by using a highly secure cryptographic algorithm as Enc, one or a plurality of operator identifiers and operator individual keys can be used to obtain other operator individual keys, or Hash (vehicle equipment individual key) It is difficult to seek.
In addition, even if a person without legitimate authority obtains Hash (on-vehicle device individual key), it is difficult to obtain the on-vehicle device individual key by using a highly secure one-way function as Hash.
In addition, by using the value obtained by converting the OBE individual key instead of the OBE individual key itself for generating the operator individual key, the generated operator individual key is used for the authentication process performed in the existing system. It becomes difficult to divert.

The in-vehicle device 100 can generate the same operator individual key 433 by performing the following processing in the same manner as the center device 300 using the operator individual key generation unit 131 of FIG.
Operator individual key 433 = Enc (Hash (in-vehicle device individual key 432), operator identifier 436)
The carrier individual key 433 and the carrier individual key 456, the vehicle-mounted device individual key 432 and the vehicle-mounted device individual key 455, and the carrier identifier 436 and the carrier identifier 452 have the same value.
The decryption processing unit 132 is a module that performs processing for decrypting the encrypted data 437. When this module is configured by common key encryption, the output decrypted data 434 is the same as the encryption target data 445 in FIG. It becomes.
The restoration processing unit 133 is configured to correspond to the processing processing unit 241 of the roadside machine 200 in FIG. 2, and in the first embodiment, it can be configured by means for performing an exclusive OR operation between the protected data 438 and the decrypted data 434.
The content data 435 output from this module is the same as the content data 442 in FIG.
Since the encrypted data 437 is encrypted with a different key for each vehicle-mounted device and for each business operator, the roadside device 200 transmits the content data 435 to the vehicle-mounted device 100 without leaking even if the communication path is wiretapped. it can.

  Further, in the first embodiment, if the vehicle-mounted device is compatible, it is possible to perform not only content encryption but also authentication processing such as challenge and response using this mechanism.

  In FIG. 5, the master key 450 is stored in the master key storage unit 350, but the master key 450 is not stored in the master key storage unit 350, and the center device 300 is connected from the roadside device 200. When it is necessary to generate the on-vehicle device individual key 455 upon receiving the S202 encryption request shown in FIG. 2, the system administrator inputs the master key 450 to the center device 300, and the on-vehicle device individual key generation unit 351 The in-vehicle device individual key 455 may be generated using the master key 450 input by the administrator.

According to the present embodiment, the key used in the existing system is used, and there is no influence on the existing system, and no key issuance or setup is required. It is possible to have it.
In addition, by using an existing system and a correct roadside machine, it is possible to stop the use of the operator individual key, so higher security can be realized.

Further, according to the present embodiment, it is possible to identify individual business operators by generating different keys (business operator individual keys) for each business operator from the keys used in the existing system. .
In addition, it is difficult to obtain each other's keys between individual provider keys, and it is also difficult to obtain the keys used in the existing system from the individual provider keys. However, this is a difficult configuration, and the leakage or diversion of the operator individual key does not affect the existing system.

In other words, the vehicle-mounted device identifier unique to the vehicle-mounted device 100 is transmitted from the vehicle-mounted device 100 to the center device 300 via the roadside device 200, and the roadside device 200 sets the carrier identifier that is the identifier of the content data carrier to the center. To the device 300, the center device 300 generates the same key as the on-vehicle device individual key held by the on-vehicle device 100 using the on-vehicle device identifier, and uses the same key and the operator identifier as the on-vehicle device individual key. Since a new business operator individual key different from the individual key is generated, there is no risk of leakage of the existing vehicle-mounted device individual key, and a new business operator individual key can be generated.
In addition, since the carrier individual key is based on the same key as the vehicle-mounted device individual key, the vehicle-mounted device 100 can generate the carrier individual key using the carrier identifier and is encrypted using the carrier individual key. Decryption of encrypted data is possible.
Furthermore, the encrypted data is encrypted with the carrier individual key, and the carrier individual key is required to generate the carrier individual key. The content data is obtained by correctly decrypting the encrypted data in the in-vehicle device 100. In this case, it can be determined that the data is decrypted based on the business identifier from the valid business operator, and it can be determined that the content data is from the valid business operator.

  As described above, in the present embodiment, the key generation unit that generates a different key for each terminal individual key and for each provider identifier has been described.

  Further, in the present embodiment, the key generation means that cannot use the provider individual key for authentication and encryption using the terminal individual key and message authentication has been described.

  Further, in the present embodiment, the key generation means using the one-way function for generating the operator individual key has been described.

  Further, in the present embodiment, the key generation means using the one-way function and the common key encryption algorithm for generating the operator individual key has been described.

  In this embodiment, the key generation device is used to perform encryption processing on the data requested by the repeater using the operator individual key, or the operator individual key is transmitted to the repeater. The center device to be distributed has been described.

  Further, in the present embodiment, the repeater has been described that uses the center device to request the center device to perform encryption processing using the carrier individual key and uses the result to provide a service to the terminal.

  Further, in the present embodiment, the repeater that requests encryption processing while keeping the data secret from the center apparatus has been described.

  In the present embodiment, the terminal that receives the service provided by the repeater using the provider individual key generated by using the key generation means has been described.

Embodiment 2. FIG.
In the first embodiment, the roadside device 200 transmits the encryption target data 445 to the center apparatus 300, and the center apparatus 300 generates the provider individual key 456 and uses the provider individual key 456 to encrypt the encryption target data 445. The encrypted data 454 is transmitted to the roadside device 200, and the roadside device 200 is operated to transmit the encrypted data 454 encrypted by the center device 300 to the vehicle-mounted device 100.
In the present embodiment, the roadside device 200 only requests the center device 300 to generate the carrier individual key 456, receives the carrier individual key 456 from the center device 300, and the roadside device 200 receives the carrier individual key. An example in which the content data 442 is encrypted using 456 will be described.

FIG. 6 shows a flow between apparatuses in the second embodiment, and transmission / reception of each request and response is performed by the communication unit 101 of the vehicle-mounted device 100 of FIG. 1, the communication unit 201 of the roadside machine 200 of FIG. 203, which is performed via the communication unit 301 of the center apparatus 300 in FIG.
Communication between the vehicle-mounted device 100 and the roadside device 200 may be communication used in an existing system or other communication.
In addition, communication is performed between the roadside device 200 and the center device 300 using the Internet or the like, but secure communication is established between the roadside device 200 and the center device 300 by TLS (Transport Layer Security) or the like. It shall be.

The difference from the first embodiment is that the operator individual key generated by the center device 300 is transmitted to the roadside device 200.
In this way, it is not necessary to use the protection data for protecting the content data required in the first embodiment, and the processing load on each device can be reduced.

  The on-vehicle device 100 transmits the on-vehicle device identifier 431 in FIG. 7 to the roadside device 200 as the content distribution request S601 in FIG. 6 as in the first embodiment.

  When the roadside device 200 receives the content distribution request S601 in FIG. 6, as shown in FIG. 8, the roadside device 200 extracts the vehicle-mounted device identifier 441 from the request and transmits it to the center apparatus 300 as the provider individual key distribution request S602.

When the center apparatus 300 receives the content distribution request S601 of FIG. 6, as shown in FIG. 9, the center apparatus 300 extracts the vehicle-mounted device identifier 451 and the business entity identifier 452 from the request.
Then, the onboard equipment identifier 451 is input to the onboard equipment individual key generation unit 351 to obtain the onboard equipment individual key 455.
Thereafter, the vehicle-mounted device individual key 455 and the carrier identifier 452 are input to the carrier individual key generation unit 352 to obtain the carrier individual key 456.
The center apparatus 300 transmits the operator individual key 456 to the roadside device 200 as the operator individual key distribution response S603 of FIG.

When the roadside device 200 receives the provider individual key distribution response S603 of FIG. 6, as shown in FIG. 8, the provider individual key 484 is extracted from the response, and the provider individual key 484 and the content data 442 are encrypted. The data is input to the unit 281 to obtain the encrypted data 485.
Thereafter, the provider identifier 444 and the encrypted data 485 are transmitted to the vehicle-mounted device 100 as the content distribution response S604 in FIG.

When the on-vehicle device 100 receives the content distribution response S604 of FIG. 6, as shown in FIG. 7, the on-vehicle device 100 extracts the provider identifier 436 and the encrypted data 476 from the response.
Next, the provider identifier 436 and the on-vehicle device individual key 432 are input to the provider individual key generation unit 131 to obtain the provider individual key 433.
Next, the provider individual key 433 and the encrypted data 476 are input to the decryption processing unit 132 to obtain the content data 435.

FIG. 7 shows a configuration example of the vehicle-mounted device 100 according to the present embodiment.
Here, a difference from FIG. 3 described in the first embodiment will be described.
In FIG. 3, the communication unit 101 receives the business entity identifier 436, the encrypted data 437, and the protection data 438. In FIG. 7, the communication unit 101 receives the business operator identifier 436 and the encrypted data 476.
In the control unit 102, in FIG. 3, the decryption processing unit 132 applies the operator individual key 433 to the encrypted data 437 and outputs the decrypted data 434, and the restoration processing unit 133 applies the protected data 438 to the decrypted data 434. Thus, content data 435 is obtained.
In FIG. 7, the decryption processing unit 132 obtains content data 435 by applying the provider individual key 433 to the encrypted data 476.
That is, in FIG. 7, the restoration processing unit 133 is unnecessary.
Each element other than the above difference and the operation of each element are the same as those shown in FIG.

FIG. 8 shows a configuration example of the roadside machine 200 according to the present embodiment.
Here, a difference from FIG. 4 described in the first embodiment will be described.
In the control unit 202, in FIG. 4, the protection data generation unit 242 generates the protection data 443, the processing unit 241 applies the protection data 443 to the content data 442, generates the encryption target data 445, and the communication unit 203. However, the encryption target data 445 and the key generation request 440 (the vehicle-mounted device identifier 441 and the operator identifier 444) are transmitted to the center device 300.
On the other hand, in FIG. 8, only the key generation request 440 (vehicle equipment identifier 441, operator identifier 444) is generated without generating the protection data 443 and the encryption target data 445 and without transmitting the encryption target data 445. Send.
In FIG. 4, the communication unit 203 receives the encrypted data 446 from the center device 300, and the communication unit 201 transmits the encrypted data 446 as it is to the vehicle-mounted device 100.
On the other hand, in FIG. 8, the communication unit 203 receives the provider individual key 484 from the center apparatus 300, and the encryption processing unit 281 generates the encrypted data 485 by applying the provider individual key 484 to the content data 442. The communication unit 201 transmits the encrypted data 485 to the vehicle-mounted device 100.
Note that the encryption algorithm of the encryption processing unit 281 corresponds to a decryption algorithm that can be executed by the decryption processing unit 132 of the vehicle-mounted device 100.
Each element other than the above difference and the operation of each element are the same as those shown in FIG.

FIG. 9 shows a configuration example of the center apparatus 300 according to the present embodiment.
Here, a difference from FIG. 5 described in the first embodiment will be described.
In FIG. 5, the communication unit 301 receives the encryption target data 453, the business entity identifier 452, and the on-vehicle device identifier 451, but in FIG. 9, only the business operator identifier 452 and the on-vehicle device identifier 451 are received.
In FIG. 5, in the control unit 302, the encryption processing unit 353 generates the encrypted data 454 by applying the operator individual key 456 to the encryption target data 453, and the communication unit 301 transmits the encrypted data 454 to the roadside device. 200.
On the other hand, in FIG. 9, the control unit 302 only transfers the operator individual key 456 generated by the operator individual key generation unit 352 to the communication unit 301, and the communication unit 301 also transfers the operator individual key 456 to the roadside device 200. Send to.
Each element other than the above difference and the operation of each element are the same as those shown in FIG.

In the second embodiment, the roadside device 200 manages the provider individual key for each vehicle-mounted device.
By comprising in this way, the provider separate key 456 different for every provider with respect to the onboard equipment 100 can be produced | generated from the onboard equipment individual key 455. FIG.
In addition, by using a highly secure cryptographic algorithm as Enc, one or a plurality of operator identifiers and operator individual keys can be used to obtain other operator individual keys, or Hash (vehicle equipment individual key) It is difficult to seek.
In addition, even if a person without legitimate authority obtains Hash (on-vehicle device individual key), it is difficult to obtain the on-vehicle device individual key by using a highly secure one-way function as Hash.
In addition, by using the value obtained by converting the OBE individual key instead of the OBE individual key itself for generating the operator individual key, the generated operator individual key is used for the authentication process performed in the existing system. It becomes difficult to divert.

  Further, in the second embodiment, if the vehicle-mounted device supports, authentication processing such as challenge and response can be performed using this mechanism.

  Also in the present embodiment, as in the first embodiment, the master key 450 is stored in the master key storage unit 350 in FIG. 10, but the master key 450 is stored in the master key storage unit 350. Instead, when the center device 300 receives the S602 provider individual key distribution request shown in FIG. 6 from the roadside device 200 and needs to generate the vehicle-mounted device individual key 455, the system administrator 450 may be input to the center apparatus 300, and the vehicle-mounted device individual key generation unit 351 may generate the vehicle-mounted device individual key 455 using the master key 450 input by the system administrator.

In the present embodiment, in addition to the effects realized in the first embodiment, it is not necessary to generate protection data in the roadside device 200, and it is also necessary to release the concealment by applying the protection data in the vehicle-mounted device 100 Therefore, the device configurations of the roadside device 200 and the vehicle-mounted device 100 can be simplified, the number of parts can be suppressed, and system resources can be effectively used.
Further, there is no need to communicate protection data between the vehicle-mounted device 100 and the roadside device 200, and there is no need to communicate data to be encrypted and encrypted data between the roadside device 200 and the center device 300. The communication band can be used effectively.

  As described above, in the present embodiment, a relay device that uses the center device to request the center device to distribute the carrier individual key and provides a service to the terminal using the carrier individual key that is the response Explained.

Embodiment 3 FIG.
In the present embodiment, an example will be described in which a person with a legitimate authority stops use when it is desired to stop use of a provider individual key.

The third embodiment is based on the system configuration shown in the first embodiment and the system configuration shown in the second embodiment.
In the first embodiment or the second embodiment, when the use of the provider individual key is stopped for some reason, the center apparatus 300 stops the content encryption or the generation of the provider individual key, so that the new use is impossible. It becomes.
However, reuse of already encrypted data cannot be prevented unless information corresponding to the expiration date is placed in the content.
In the third embodiment, a method for stopping the use of a provider individual key using an existing system will be described.

FIG. 10 shows a flow between apparatuses in the third embodiment.
Communication between the vehicle-mounted device 100 and the existing roadside device 600 may be communication used in the existing system or other communication.
Communication between the existing roadside machine 600 and the center apparatus 300 is performed using the Internet, a dedicated line, or the like.

In the center apparatus 300, the control unit 302 (an example of a key use stop request generation unit) generates a key use stop request that lists a provider identifier for which the use of the provider individual key is to be stopped.
Then, the key use stop request is encrypted with the on-vehicle device individual key of the on-vehicle device 100 serving as the transmission destination, or the message authenticator using the on-vehicle device individual key of the on-vehicle device 100 serving as the transmission destination is attached. The communication unit 301 transmits the request to the provider individual key use stop request S1001 in FIG.
The existing roadside device 600 transmits the data to the vehicle-mounted device 100 as the operator individual key use stop request S1002 of FIG.
When the on-vehicle device 100 receives the provider individual key use stop request S1002, the in-vehicle device 100 decrypts the data or verifies the message authenticator. When the processing is normally completed, the in-vehicle device 100 holds a list of operator identifiers. In the first embodiment, the second embodiment, and the like, when the provider identifier in the content distribution response exists in the list, the content is not used.

In the third embodiment, as the existing roadside device 600, the roadside device 200 that does not stop the use of the operator individual key can be used.
That is, the center apparatus 300 may transmit the provider individual key use stop request S1001 to the roadside device 200 that does not stop the use of the provider individual key.
Further, when secure communication can be established between the existing roadside device 600 and the center device 300, the existing roadside device 600 may perform the encryption and the addition of the message authenticator performed by the center device 300.

Since it is difficult to generate a request to suspend the use of the provider individual key without knowing the OBE individual key, only the person who knows the OBE individual key can suspend the use of the provider individual key. It becomes.
As described above, according to the present embodiment, when it is desired to stop the use of the operator individual key, a person with a legitimate authority can stop the use.

Finally, hardware configuration examples of the vehicle-mounted device 100, the roadside device 200, and the center device 300 shown in the first to third embodiments will be described.
FIG. 11 is a diagram illustrating an example of hardware resources of the vehicle-mounted device 100, the roadside device 200, and the center device 300 described in the first to third embodiments.
The configuration in FIG. 11 is merely an example of the hardware configuration of the vehicle-mounted device 100, the roadside device 200, and the center device 300, and the hardware configuration of the vehicle-mounted device 100, the roadside device 200, and the center device 300 is illustrated in FIG. The configuration described above is not limited, and other configurations may be used.

In FIG. 11, the vehicle-mounted device 100, the roadside device 200, and the center device 300 include a CPU 911 (also referred to as a central processing unit, a central processing device, a processing device, an arithmetic device, a microprocessor, a microcomputer, and a processor) that executes a program. Yes.
The CPU 911 is connected to, for example, a ROM (Read Only Memory) 913, a RAM (Random Access Memory) 914, a communication board 915, a display device 901, a keyboard 902, a mouse 903, and a magnetic disk device 920 via a bus 912. Control hardware devices.
Further, the CPU 911 may be connected to an FDD 904 (Flexible Disk Drive) or a compact disk device 905 (CDD). Further, instead of the magnetic disk device 920, a storage device such as an SSD (Solid State Drive), an optical disk device, or a memory card (registered trademark) read / write device may be used.
The RAM 914 is an example of a volatile memory. The storage media of the ROM 913, the FDD 904, the CDD 905, and the magnetic disk device 920 are an example of a nonvolatile memory. These are examples of the storage device.
The “information storage unit” and “master key storage unit” described in the first to third embodiments are realized by the RAM 914, the magnetic disk device 920, and the like.
The communication board 915, the keyboard 902, the mouse 903, the FDD 904, and the like are examples of input devices.
The communication board 915, the display device 901, and the like are examples of output devices.

  In the case of the vehicle-mounted device 100 and the roadside device 200, the communication board 915 can perform communication by, for example, DSRC. In the roadside device 200 and the center device 300, the LAN (local area network), the Internet, and the WAN (wide area network). ), SAN (storage area network) and the like.

The magnetic disk device 920 stores an operating system 921 (OS), a window system 922, a program group 923, and a file group 924.
The programs in the program group 923 are executed by the CPU 911 using the operating system 921 and the window system 922.

The RAM 914 temporarily stores at least part of the operating system 921 program and application programs to be executed by the CPU 911.
The RAM 914 stores various data necessary for processing by the CPU 911.

The ROM 913 stores a BIOS (Basic Input Output System) program, and the magnetic disk device 920 stores a boot program.
When the on-vehicle device 100, the roadside device 200, and the center device 300 are activated, the BIOS program in the ROM 913 and the boot program in the magnetic disk device 920 are executed, and the operating system 921 is activated by the BIOS program and the boot program.

  The program group 923 stores a program that executes a function that is described as “to part” (except for “information storage part” and “master key storage part” in the description of Embodiments 1 to 3). Has been. The program is read and executed by the CPU 911.

In the description of the first to third embodiments, the file group 924 includes “determination of”, “calculation of”, “comparison of”, “generation of”, “encryption of”, “ Information or data indicating the results of the processes described as “decryption”, “concealment of”, “cancel deciphering”, “setting of”, “registration of”, “selection of”, etc. Signal values, variable values, and parameters are stored as items of “˜file” and “˜database”.
The “˜file” and “˜database” are stored in a recording medium such as a disk or a memory.
Information, data, signal values, variable values, and parameters stored in a storage medium such as a disk or memory are read out to the main memory or cache memory by the CPU 911 via a read / write circuit.
The read information, data, signal value, variable value, and parameter are used for CPU operations such as extraction, search, reference, comparison, calculation, calculation, processing, editing, output, printing, and display.
Information, data, signal values, variable values, and parameters are stored in the main memory, registers, cache memory, and buffers during the CPU operations of extraction, search, reference, comparison, calculation, processing, editing, output, printing, and display. It is temporarily stored in a memory or the like.
Further, the arrows in the flow described in the first to third embodiments mainly indicate input / output of data and signals.
Data and signal values are recorded on a recording medium such as a memory of the RAM 914, a flexible disk of the FDD 904, a compact disk of the CDD 905, a magnetic disk of the magnetic disk device 920, other optical disks, a mini disk, and a DVD.
Data and signals are transmitted online via a bus 912, signal lines, cables, or other transmission media.

In addition, what is described as “˜unit” in the description of the first to third embodiments may be “˜circuit”, “˜device”, “˜device”, and “˜step”, It may be “˜procedure” or “˜processing”.
That is, the vehicle-mounted device 100, the roadside device 200, and the center device 300 can be grasped as methods by the steps, procedures, and processes shown in the flows described in the first to third embodiments.
Further, what is described as “˜unit” may be realized by firmware stored in the ROM 913.
Alternatively, it may be implemented only by software, or only by hardware such as elements, devices, substrates, and wirings, by a combination of software and hardware, or by a combination of firmware.
Firmware and software are stored as programs in a recording medium such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, and a DVD.
The program is read by the CPU 911 and executed by the CPU 911.
That is, the program causes the computer to function as “to part” in the first to third embodiments. Alternatively, the computer executes the procedure and method of “to part” in the first to third embodiments.

As described above, the vehicle-mounted device 100, the roadside device 200, and the center device 300 shown in the first to third embodiments include a CPU as a processing device, a memory as a storage device, a magnetic disk, etc., a keyboard as an input device, a mouse, a communication board, and the like. It is a computer provided with the display apparatus which is an output device, a communication board, etc.
Then, as described above, the functions indicated as “˜units” are realized using these processing devices, storage devices, input devices, and output devices.

  100 on-board unit, 101 communication unit, 102 control unit, 103 key management unit, 130 information storage unit, 131 operator individual key generation unit, 132 decryption processing unit, 133 restoration processing unit, 200 roadside device, 201 communication unit, 202 control Unit, 203 communication unit, 240 request generation unit, 241 processing processing unit, 242 protected data generation unit, 281 encryption processing unit, 300 center device, 301 communication unit, 302 control unit, 303 key management unit, 350 master key storage unit, 351 On-vehicle device individual key generation unit, 352 Provider individual key generation unit, 353 Encryption processing unit, 431 On-vehicle device identifier, 432 On-vehicle device individual key, 433 Provider individual key, 434 Decrypted data, 435 Content data, 436 Operator identifier 437 Encrypted data, 438 Protected data, 440 Key generation request, 441 OBE Separate child, 442 Content data, 443 Protected data, 444 Provider identifier, 445 Encryption target data, 446 Encryption data, 451 On-board unit identifier, 452 Provider identifier, 453 Encryption target data, 454 Encryption data, 455 In-vehicle Individual key, 456 Operator individual key, 476 Encrypted data, 484 Operator individual key, 485 Encrypted data, 600 Existing roadside equipment.

Claims (18)

Connected to a second device for transmitting data to the first device;
A master key acquisition unit for acquiring a master key used to generate the first key held by the first device;
Prior to data transmission to the first device, information specific to the first device used to generate the first key is received as first information from the second device, and A receiving unit that receives, as second information, information associated with transmission target data that the two devices transmit to the first device;
A first key generation unit that generates the same key as the first key using the master key and the first information;
A second key generation unit that generates a second key different from the first key by using the same key as the first key generated by the first key generation unit and the second information. And a key generation device. The second key generation unit
Generating the second key according to a common key generation algorithm shared with the first device;
The key generation device includes:
The first apparatus capable of executing a predetermined decryption algorithm, the transmission target data encrypted using the second key according to an encryption algorithm corresponding to the decryption algorithm, the second information, The key generation device according to claim 1, wherein the key generation device is connected to a second device that transmits the key. The receiver is
The transmission target data is received from the second device together with the first information and the second information,
The key generation device further includes:
An encryption processing unit that encrypts the transmission target data using the second key generated by the second key generation unit according to the encryption algorithm;
The key generation device according to claim 2, further comprising: a transmission unit that transmits the transmission target data encrypted by the encryption processing unit to the second device. The key generation device includes:
Connected to a second device for encrypting the data to be transmitted using a second key according to the encryption algorithm;
The key generation device further includes:
The key generation device according to claim 2, further comprising: a transmission unit that transmits the second key generated by the second key generation unit to the second device. The second key generation unit
Performing a one-way operation on the same key as the first key generated by the first key generation unit, and generating a second key using the one-way operation result and the second information. The key generation apparatus according to claim 1, wherein the key generation apparatus is a key generation apparatus. The receiver is
The key generation apparatus according to claim 1, wherein an identifier of an administrator of the transmission target data is received as second information from the second apparatus. The key generation device further includes:
When the first device has the second key generated by the second key generation unit, the first device is requested to stop using the second key. A key use stop request to be generated, and the generated key use stop request is encrypted with the first key, or a message authenticator using the first key is added to the key use stop request. A request generator;
A transmission unit that transmits an encrypted key use stop request or a key use stop request with a message authenticator added thereto to the first device. The key generation device described. A data providing device connected to a key generating device and transmitting data to a predetermined terminal device,
Prior to data transmission to the terminal device, a terminal communication unit that receives, as first information, information unique to the terminal device used to generate a first key held by the terminal device from the terminal device; ,
A request generation unit that generates, as second information, information associated with transmission target data to be transmitted to the terminal device, and generates a key generation request that includes the first information received by the terminal communication unit; ,
The key generation request is transmitted to the key generation device, the key generation device is caused to generate the same key as the first key using the first information, and the same key as the generated first key And a key generation communication unit that generates a second key different from the first key using the second information and the second information. The key generation communication unit
The key generation request and the transmission target data are transmitted to the key generation device, and the first key is transmitted to the key generation device according to a common key generation algorithm shared by the key generation device and the first device. The second key is generated using the same key and the second information, and the transmission using the second key according to an encryption algorithm corresponding to a decryption algorithm executable by the first device Encrypt the target data, receive encrypted data obtained by encrypting the transmission target data from the key generation device,
The terminal communication unit is
The data providing apparatus according to claim 8, wherein the encrypted data and the second information are transmitted to the terminal apparatus. The data providing device further includes:
A concealment processing unit for concealing the transmission target data using predetermined protection data according to a concealment algorithm corresponding to a deconcealment algorithm that can be executed by the terminal device;
The key generation communication unit
The key generation request and the concealment transmission target data concealed by the concealment processing unit are transmitted to the key generation apparatus, and the concealment transmission target data using the second key is transmitted to the key generation apparatus. And receiving encrypted data obtained by encrypting the concealed transmission target data from the key generation device,
The terminal communication unit is
The data providing apparatus according to claim 9, wherein the encrypted data, the second information, and the protection data are transmitted to the terminal apparatus. The key generation communication unit
The key generation request is transmitted to the key generation device, and the same key as the first key and the first key are transmitted to the key generation device according to a common key generation algorithm shared by the key generation device and the first device. And generating the second key using the information of 2 and receiving the generated second key from the key generation device,
The data providing device further includes:
An encryption processing unit that encrypts the transmission target data using the second key in accordance with an encryption algorithm corresponding to a decryption algorithm executable by the terminal device;
The terminal communication unit is
9. The data providing apparatus according to claim 8, wherein encrypted data obtained by encrypting the transmission target data and the second information are transmitted to the terminal apparatus. The request generation unit
The data providing apparatus according to any one of claims 8 to 11, wherein a key generation request including an identifier of an administrator of the transmission target data as second information is generated. A terminal device capable of executing a predetermined decryption algorithm that receives data from a data providing device connected to the key generation device, and a common key generation algorithm shared with the key generation device,
A first key storage unit for storing a first key;
A first information storage unit for storing information unique to the terminal device used for generating the first key as first information;
Prior to data reception from the data providing device, a transmission unit that transmits the first information to the data providing device;
The same key as the first key generated by the key generation device using the first information transmitted from the data provision device to the key generation device and the transmission to be transmitted from the data provision device A second key different from the first key generated by the key generation device according to the common key generation algorithm using the second information associated with the target data is used, and corresponds to the decryption algorithm A receiving unit that receives encrypted data obtained by encrypting the transmission target data according to an encryption algorithm, and the second information from the data providing device;
Key generation for generating the same key as the second key using the first key of the first key storage unit and the second information received by the receiving unit according to the common key generation algorithm And
A terminal apparatus comprising: a decryption processing unit configured to decrypt the encrypted data using the same key as the second key generated by the key generation unit according to the decryption algorithm. The receiver is
A cipher in which the transmission target data is encrypted in which the transmission target data is concealed in the data providing apparatus using predetermined protection data in accordance with a concealment algorithm corresponding to the deconcealment algorithm executable by the terminal device Data, the second information, and the protection data are received from the data providing device,
The decryption processing unit
Decrypting the encrypted data and extracting the concealed transmission target data;
The terminal device further includes:
The method according to claim 13, further comprising: a concealment release processing unit that releases the concealment of the concealment transmission target data extracted by the decryption processing unit using the protection data according to the concealment release algorithm. The terminal device described. The receiver is
The terminal device according to claim 13 or 14, wherein an identifier of an administrator of the transmission target data is received as second information from the data providing device.
Connected to a second device for transmitting data to the first device;
In a key generation device that is a computer that can access the master key used to generate the first key held by the first device,
Prior to data transmission to the first device, information specific to the first device used to generate the first key is received as first information from the second device, and A receiving process for receiving, as the second information, information associated with transmission target data that the two devices transmit to the first device;
A first key generation process for generating the same key as the first key using the master key and the first information;
Second key generation processing for generating a second key different from the first key by using the same key as the first key generated by the first key generation processing and the second information. A program characterized by causing A data providing device, which is a computer connected to a key generating device and transmitting data to a predetermined terminal device,
Prior to data transmission to the terminal device, terminal communication processing for receiving, as first information, information unique to the terminal device used to generate the first key held by the terminal device from the terminal device; ,
Request generation processing for generating a key generation request including the first information received by the terminal communication processing, including information associated with transmission target data to be transmitted to the terminal device as second information; ,
The key generation request is transmitted to the key generation device, the key generation device is caused to generate the same key as the first key using the first information, and the same key as the generated first key And a second key generation communication process for generating a second key different from the first key using the second information. A computer capable of executing a predetermined decryption algorithm for receiving data from a data providing device connected to the key generation device, and a common key generation algorithm shared with the key generation device;
In the terminal device that stores the first key and the unique information used for generating the first key as the first information,
A transmission process for transmitting the first information to the data providing apparatus prior to data reception from the data providing apparatus;
The same key as the first key generated by the key generation device using the first information transmitted from the data provision device to the key generation device and the transmission to be transmitted from the data provision device A second key different from the first key generated by the key generation device according to the common key generation algorithm using the second information associated with the target data is used, and corresponds to the decryption algorithm A receiving process for receiving encrypted data obtained by encrypting the transmission target data according to an encryption algorithm and the second information from the data providing device;
A key generation process for generating the same key as the second key using the first key and the second information received by the receiving unit according to the common key generation algorithm;
According to the decryption algorithm, a program for executing a decryption process for decrypting the encrypted data using the same key as the second key generated by the key generation process.

Images