CN1638327A - 加密设备以及与之一起使用的程序和方法 - Google Patents
加密设备以及与之一起使用的程序和方法 Download PDFInfo
- Publication number
- CN1638327A CN1638327A CNA200510004138XA CN200510004138A CN1638327A CN 1638327 A CN1638327 A CN 1638327A CN A200510004138X A CNA200510004138X A CN A200510004138XA CN 200510004138 A CN200510004138 A CN 200510004138A CN 1638327 A CN1638327 A CN 1638327A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- identification data
- clear
- encryption method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 118
- 238000012545 processing Methods 0.000 claims description 28
- 241001269238 Data Species 0.000 claims description 12
- 238000003672 processing method Methods 0.000 claims description 5
- 238000013507 mapping Methods 0.000 description 28
- 238000010586 diagram Methods 0.000 description 9
- QFTYEBTUFIFTHD-UHFFFAOYSA-N 1-[6,7-dimethoxy-1-[1-(6-methoxynaphthalen-2-yl)ethyl]-3,4-dihydro-1H-isoquinolin-2-yl]-2-piperidin-1-ylethanone Chemical compound C1=CC2=CC(OC)=CC=C2C=C1C(C)C(C1=CC(OC)=C(OC)C=C1CC1)N1C(=O)CN1CCCCC1 QFTYEBTUFIFTHD-UHFFFAOYSA-N 0.000 description 8
- 230000006872 improvement Effects 0.000 description 2
- 238000002620 method output Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 101100340331 Arabidopsis thaliana IDM1 gene Proteins 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04J—MULTIPLEX COMMUNICATION
- H04J13/00—Code division multiplex systems
- H04J13/10—Code generation
- H04J13/12—Generation of orthogonal codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G06Q20/123—Shopping for digital content
- G06Q20/1235—Shopping for digital content with control of digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0277—Online advertisement
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/0601—Electronic shopping [e-shopping]
- G06Q30/0609—Buyer or seller confidence or verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/18—Legal services
- G06Q50/188—Electronic negotiation
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F17/00—Coin-freed apparatus for hiring articles; Coin-freed facilities or services
- G07F17/16—Coin-freed apparatus for hiring articles; Coin-freed facilities or services for devices exhibiting advertisements, announcements, pictures or the like
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/02—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas
- H04B7/04—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas
- H04B7/06—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas at the transmitting station
- H04B7/0602—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas at the transmitting station using antenna switching
- H04B7/0604—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas at the transmitting station using antenna switching with predefined switching scheme
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/02—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas
- H04B7/04—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas
- H04B7/08—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas at the receiving station
- H04B7/0837—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas at the receiving station using pre-detection combining
- H04B7/084—Equal gain combining, only phase adjustments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/155—Ground-based stations
- H04B7/15528—Control of operation parameters of a relay station to exploit the physical medium
- H04B7/15535—Control of relay amplifier gain
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0041—Arrangements at the transmitter end
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0045—Arrangements at the receiver end
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0064—Concatenated codes
- H04L1/0066—Parallel concatenated codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0067—Rate matching
- H04L1/0068—Rate matching by puncturing
- H04L1/0069—Puncturing patterns
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0071—Use of interleaving
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/02—Arrangements for detecting or preventing errors in the information received by diversity reception
- H04L1/06—Arrangements for detecting or preventing errors in the information received by diversity reception using space diversity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/08—Arrangements for detecting or preventing errors in the information received by repeating transmission, e.g. Verdan system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/12—Arrangements for detecting or preventing errors in the information received by using return channel
- H04L1/16—Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
- H04L1/18—Automatic repetition systems, e.g. Van Duuren systems
- H04L1/1812—Hybrid protocols; Hybrid automatic repeat request [HARQ]
- H04L1/1819—Hybrid protocols; Hybrid automatic repeat request [HARQ] with retransmission of additional or different redundancy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/12—Arrangements for detecting or preventing errors in the information received by using return channel
- H04L1/16—Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
- H04L1/18—Automatic repetition systems, e.g. Van Duuren systems
- H04L1/1829—Arrangements specially adapted for the receiver end
- H04L1/1835—Buffer management
- H04L1/1841—Resequencing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/12—Arrangements for detecting or preventing errors in the information received by using return channel
- H04L1/16—Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
- H04L1/18—Automatic repetition systems, e.g. Van Duuren systems
- H04L1/1829—Arrangements specially adapted for the receiver end
- H04L1/1848—Time-out mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/28—Flow control; Congestion control in relation to timing considerations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/34—Flow control; Congestion control ensuring sequence integrity, e.g. using sequence numbers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L5/00—Arrangements affording multiple use of the transmission path
- H04L5/0001—Arrangements for dividing the transmission path
- H04L5/0014—Three-dimensional division
- H04L5/0023—Time-frequency-space
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L5/00—Arrangements affording multiple use of the transmission path
- H04L5/003—Arrangements for allocating sub-channels of the transmission path
- H04L5/0042—Arrangements for allocating sub-channels of the transmission path intra-user or intra-terminal allocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L5/00—Arrangements affording multiple use of the transmission path
- H04L5/003—Arrangements for allocating sub-channels of the transmission path
- H04L5/0044—Arrangements for allocating sub-channels of the transmission path allocation of payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L5/00—Arrangements affording multiple use of the transmission path
- H04L5/003—Arrangements for allocating sub-channels of the transmission path
- H04L5/0078—Timing of allocation
- H04L5/0082—Timing of allocation at predetermined intervals
- H04L5/0083—Timing of allocation at predetermined intervals symbol-by-symbol
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
- H04L67/306—User profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/10—Flow control between communication endpoints
- H04W28/14—Flow control between communication endpoints using intermediate storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/06—TPC algorithms
- H04W52/14—Separate analysis of uplink or downlink
- H04W52/143—Downlink power control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/18—TPC being performed according to specific parameters
- H04W52/24—TPC being performed according to specific parameters using SIR [Signal to Interference Ratio] or other wireless path parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/18—TPC being performed according to specific parameters
- H04W52/24—TPC being performed according to specific parameters using SIR [Signal to Interference Ratio] or other wireless path parameters
- H04W52/245—TPC being performed according to specific parameters using SIR [Signal to Interference Ratio] or other wireless path parameters taking into account received signal strength
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/38—TPC being performed in particular situations
- H04W52/46—TPC being performed in particular situations in multi hop networks, e.g. wireless relay networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/04—Registration at HLR or HSS [Home Subscriber Server]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/02—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas
- H04B7/04—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas
- H04B7/08—Diversity systems; Multi-antenna system, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas at the receiving station
- H04B7/0891—Space-time diversity
- H04B7/0894—Space-time diversity using different delays between antennas
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/155—Ground-based stations
- H04B7/15507—Relay station based processing for cell extension or control of coverage area
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/12—Arrangements for detecting or preventing errors in the information received by using return channel
- H04L1/16—Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
- H04L1/18—Automatic repetition systems, e.g. Van Duuren systems
- H04L1/1829—Arrangements specially adapted for the receiver end
- H04L1/1835—Buffer management
- H04L1/1845—Combining techniques, e.g. code combining
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L2001/0092—Error control systems characterised by the topology of the transmission link
- H04L2001/0096—Channel splitting in point-to-point links
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/127—Trusted platform modules [TPM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/18—TPC being performed according to specific parameters
- H04W52/22—TPC being performed according to specific parameters taking into account previous information or commands
- H04W52/225—Calculation of statistics, e.g. average, variance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/18—TPC being performed according to specific parameters
- H04W52/24—TPC being performed according to specific parameters using SIR [Signal to Interference Ratio] or other wireless path parameters
- H04W52/241—TPC being performed according to specific parameters using SIR [Signal to Interference Ratio] or other wireless path parameters taking into account channel quality metrics, e.g. SIR, SNR, CIR, Eb/lo
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/18—TPC being performed according to specific parameters
- H04W52/24—TPC being performed according to specific parameters using SIR [Signal to Interference Ratio] or other wireless path parameters
- H04W52/242—TPC being performed according to specific parameters using SIR [Signal to Interference Ratio] or other wireless path parameters taking into account path loss
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99931—Database or file accessing
- Y10S707/99933—Query processing, i.e. searching
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99931—Database or file accessing
- Y10S707/99933—Query processing, i.e. searching
- Y10S707/99936—Pattern matching access
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99931—Database or file accessing
- Y10S707/99939—Privileged access
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Economics (AREA)
- Development Economics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Marketing (AREA)
- Tourism & Hospitality (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Entrepreneurship & Innovation (AREA)
- Game Theory and Decision Science (AREA)
- Technology Law (AREA)
- Medical Informatics (AREA)
- Human Resources & Organizations (AREA)
- Primary Health Care (AREA)
- Storage Device Security (AREA)
Abstract
本申请涉及加密设备以及与之一起使用的程序和方法,能够有效地防止非法生成加密数据。根据从计算机输入的IC的设备标识数据,安全应用模块(SAM)从多个不同的加密方法中选择加密方法。根据IC的代码,SAM从多个不同的明文数据中选择要加密的明文数据。SAM输出加密数据,使得所选择的明文数据被所选择的加密方法加密。
Description
技术领域
本发明涉及用于生成加密数据的加密设备,以及与之一起使用的程序和方法。
背景技术
作为例子,验证系统使用由加密设备生成的加密数据进行验证。例如根据表示输入数据和明文(未加密)数据之间的对应关系的对应关系表数据,这样的加密设备确定对应于输入数据的明文数据,并对所确定的明文数据进行加密,以生成加密数据。传统的加密设备是使用预定的单个加密方法对上述确定的明文数据进行加密。
但是,在上述传统的加密设备中,由于只采用一种加密方法,如果上述对应关系表数据和加密方法被非法获取,则能够非法生成加密数据。为此,在使用这种加密设备的验证系统中,已经出现了这样的需求:防止非法生成加密数据,增加验证可靠性。
发明内容
本发明就是考虑到了这样的情况。本发明的一个目的是提供一种能够有效地防止非法生成加密数据的加密设备,以及与之一起使用的程序,以及与之一起使用的数据处理设备。
为了实现上述目的,在第一方面,本发明提供了一种加密设备,用于基于指定的标识数据生成加密数据,该加密设备包括:第一选择装置,用于根据所述标识数据从多个不同的加密方法中选择一种加密方法;第二选择装置,用于根据所述标识数据从多个不同的明文数据中选择要加密的明文数据;以及加密装置,用于获得加密数据,使得用所述第二选择装置选择的明文数据被所述第一选择装置选择的加密方法加密。
在根据本发明第一方面的加密设备中,第一选择装置可以根据标识数据从多种不同的加密方法中选择一种加密方法。第二选择装置可以根据标识数据从多个不同的明文数据中选择要加密的明文数据。所述加密装置可以获得加密数据,使得由第二选择装置选择的明文数据被所述第一选择装置选择的加密方法加密。
在第二方面,本发明提供了一种由数据处理设备执行的程序,用于根据指定的标识数据生成加密数据,该程序使得数据处理设备执行下述处理:根据标识数据从多种不同的加密方法中选择一种加密方法的第一程序;根据所述标识数据从多个不同的明文数据中选择要加密的明文数据的第二程序;以及获得加密数据的第三程序,使得用在第一程序中选择的加密方法对在第二程序中选择的明文数据进行加密。
在根据本发明第二方面的程序中,在该程序的第一程序,数据处理设备可以根据标识数据从多种不同的加密方法中选择一种加密方法。在第二程序中,数据处理设备可以根据标识数据从多个不同的明文数据中选择要加密的明文数据。在第三程序中,数据处理设备可以获得加密数据,使得由第二程序选择的明文数据被所述第一程序选择的加密方法加密。
在第三方面,本发明提供了一种用于数据处理设备的数据处理方法,用于根据指定的标识数据生成加密数据,该数据处理方法包括:根据标识数据从多种不同的加密方法中选择一种加密方法的第一步骤;根据所述标识数据从多个不同的明文数据中选择要加密的明文数据的第二步骤;以及获得加密数据的第三步骤,使得用在第一步骤中选择的加密方法对在第二步骤中选择的明文数据进行加密。
在根据本发明第三方面的数据处理方法中,在第一步骤,数据处理设备可以根据标识数据从多种不同的加密方法中选择一种加密方法。在第二步骤中,数据处理设备可以根据标识数据从多个不同的明文数据中选择要加密的明文数据。在第三步骤中,数据处理设备可以获得加密数据,使得由第二步骤选择的明文数据被所述第一步骤选择的加密方法加密。
根据本发明,可以提供一种加密设备,能够有效地防止非法生成加密数据,以及用于该加密设备的程序,以及用于该加密设备的数据处理设备。
附图说明
图1是根据本发明第一实施例的卡系统的框图;
图2是包含在图1所示IC卡中的IC的框图;
图3图示了在图1所示的IC中限定的数据;
图4是图1所示SAM的功能框图;
图5A图解了由图4所示的加密方法选择部分所保持的对应关系表数据TDA;
图5B图解了由图4所示的待加密明文选择部分所保持的对应关系表数据TDB;
图6的流程图图解了图1所示的卡系统的操作的一个例子;
图7是续图6的流程图,用于图解图1所示的卡系统的操作的一个例子;
图8是本发明第一实施例的卡系统的SAM的框图;
图9图解了由图8所示加密部分所保持的对应关系表数据TDC。
具体实施方式
下面描述根据本发明一个实施例的卡系统。
第一实施例
图1是本实施例的卡系统1的框图。如图1所示,在卡系统1中,例如,在IC卡10的IC(集成电路)15和SAM(安全应用模块,SecureApplication Module)12通过计算机11执行验证之后,它们协作执行预定业务处理。这里,SAM12对应于本发明的加密设备,IC15对应于本发明的输出源。
如下面所述,IC15在其中存储由IC15的用户使用SAM12接收到的有关各种业务的数据,以及程序文件数据,并对使用所述文件数据的业务设置使用授权。
SAM12通过计算机11从IC15接受IC15独有的设备标识数据IDM,以及用于标识要验证的业务的码CODE(使用IC15指定要接收的业务)。SAM12根据所述设备标识数据IDM从多种不同的加密方法中选择一种加密方法。另外,根据所述码CODE,SAM12从多个不同的明文数据中选择要加密的明文数据。然后,SAM12向IC15输出这样的加密数据:用所选定的加密方法加密所选定的明文数据。
所述SAM12和IC15根据所述加密数据执行验证,并且,在确认了相互真实性的条件下,协作执行上述业务处理。
下面描述图1所示的每一个部件。
(IC15)
图2是包含在图1所示的IC卡10中的IC15的框图。
如图2所示,IC15例如包括接口21、存储器22和CPU23,这些部件通过内部总线20互联。IC15例如是一个防篡改电子电路,其被配置为使得不能从外部监视或者篡改(难以篡改)存储器22中存储的数据以及正被CPU23处理的数据。
接口21通过计算机11执行与SAM12的数据输入输出。
如图3所示,存储器22在其中存储了各IC卡10独有的设备标识数据IDM。另外,存储器22在其中存储了用于处理IC15的用户使用SAM12接收到的各种业务的数据和程序文件数据。
例如,如图3所示,存储器22在其中存储了系统代码SYS_C,区域代码AR_C以及业务代码SER_C。系统代码SYS_C、区域代码AR_C以及业务代码SER_C作为代码CODE通过计算机11被输出到SAM12。在本实施例中,代码CODE用来标识与用户指定的业务相应的用于验证的对象。
系统代码SYS_C是被共同分配给属于同一系统的SAM12的标识数据。根据系统代码SYS_C以及与之对应的密钥数据,IC15和SAM12进行相互验证。如果确认了相互的真实性,则允许SAM12访问IC15。
存储在存储器22中的各种业务的文件数据被存储在多个区域中,这些区域是各自具有等级结构的文件夹。每一个区域与一个标识该区域的区域代码AR_C以及密钥数据相关联。
在此实施例中,根据区域代码AR_C以及与之相关联的密钥数据,IC15和SAM12进行相互验证。如果确认了相互的真实性,则允许SAM12访问该区域。另外,存储在该区域中的用于提供各种业务的文件数据与用于标识所述文件数据的业务代码SER_C以及密钥数据相关联。
在此实施例中,根据业务代码SER_C以及与之相关联的密钥数据,IC15和SAM12执行相互验证。如果确认了相互的真实性,则允许SAM12访问所述文件数据。
根据从存储器22读出的程序和密钥数据,CPU23通过接口21和计算机11与SAM12交换数据,以与SAM12进行相互验证。如果CPU23在上述相互验证中确认了相互真实性,则CPU23与SAM12协作,执行与相互验证中使用的密钥数据相关联的业务处理。
(计算机11)
在通过操作部分(未图示)从IC卡10的用户接收到关于业务的指示时,计算机11从IC卡10的IC15读出设备标识数据IDM和所述代码CODE,并将它们输出到SAM12。
所述代码CODE是系统代码SYS_C,以及对应于所指示的业务的区域代码AR_C以及业务代码SER_C。
在此实施例中,当响应于用户对计算机11的操作而指定了预定业务时,计算机11例如从IC15接受IC15的系统代码SYS_C作为所述代码CODE,并将其输出到SAM12。
如果在IC15和SAM12之间的使用系统代码SYS_C的相互验证中确认了相互真实性,则计算机11指定存储了关于指定业务的文件数据的区域,并从IC15接受指定区域的区域代码AR_C。
如果在IC15和SAM12之间的使用区域代码AR_C的相互验证中确认了相互真实性,则计算机11从IC15接受与关于指定服务的文件数据相关联的业务代码SER_C。
然后,如果在IC15和SAM12之间的使用业务代码SER_C的相互验证中确认了相互真实性,则根据所述文件数据,在IC15和SAM12之间协作地执行预定业务的处理。
(SAM12)
图4是图1所示SAM12的框图。如图4所示,SAM12包括,例如,接口30,加密方法选择部分31,待加密明文选择部分32,以及加密部分33。在此实施例中,接口30、加密方法选择部分31、待加密明文选择部分32以及加密部分33例如由电子电路实现。
这里,加密方法选择部分31对应于根据本发明第一方面的第一选择装置,待加密明文选择部分32对应于本发明第二方面的第二选择装置,加密部分33对应于根据本发明第一方面的加密装置。SAM12例如是一个访篡改电子电路,被配置为使得不能从外部监视或者篡改(难以篡改)存储在SAM12中的数据以及正在被处理的数据。
接口30将从计算机11输入的设备标识数据IDM(本发明的第一标识数据)输出到加密方法选择部分31。另外,接口30将从计算机11输入的代码CODE(本发明的第二标识数据)输出到待加密明文选择部分32。另外,接口30将从加密部分33输入的加密数据ED输出到计算机11。
如图5A所示,加密方法选择部分31具有对应关系表数据TDA,该表数据表示分别对应于多个设备标识数据IDM1到IDMn的加密方法MI到Mn。根据图5A所示的对应关系表数据TDA,加密方法选择部分31选择对应于从接口30输入的设备标识数据的单个或者多个加密方法M1到Mn,并将表示所选择的加密方法的选择数据S31输出到加密部分33。
加密方法M1到Mn的全部或者部分是相互不同的加密方法,例如是公开密钥加密方法或者公用密钥加密方法。在所有或者部分加密方法M1到Mn中,例如,加密处理的加密强度和量(负荷)是相互不同的。这种差别例如是使用不同数据长度的密钥数据用于加密来实现的。
在一个例子中,由于对被包含在例如用于无线通信的移动电话设备中的IC15的设备标识数据IDM需要窄频带特性(narrow bandcharacteristics),将公用密钥加密方法(cormnon-key encryptionmethod)关联为加密方法。对于被包含在用于进行结算的IC卡10中的IC15的设备标识数据IDM,实现高等级的安全性能是优先考虑事项。因此,将公开密钥加密方法(public-key encryption method)关联为加密方法。除了基于秘密密钥数据、公开密钥数据、公用密钥数据等执行的加密处理之外,本实施例的加密方法可以是对明文数据P进行编辑的处理。
如图5B所示,待加密明文选择部分32具有对应关系表数据TDB,该表数据表示对应于多个代码CODE的明文数据P1到Pm。所述明文数据P1到Pm例如是相互不同的数据。
根据图5B所示的对应关系表数据TDB,待加密明文选择部分32选择从接口30输入的明文数据P1到Pm,并将所选择的明文数据P输出到加密部分33。
加密部分33对待加密明文选择部分32输入的明文数据P用从加密方法选择部分31输入的选择数据S31所指示的加密方法加密,以生成加密数据ED,并将其输出到接口30。
下面描述图1所示的卡系统1的操作的一个例子。
在步骤ST1,IC卡10的用户通过计算机11的操作部分(未图示)输入要使用IC卡10接收到的业务指示。
在步骤ST2,响应于在步骤ST1输入的指示,计算机11从图2所示的IC卡10的IC15的存储器22读出对应于所述指示的设备标识数据IDM和代码CODE,并将它们输出到SAM12。SAM12将通过图4所示的接口30输入的设备标识数据IDM输出给加密方法选择部分31。另外,SAM12将通过接口30输入的代码CODE输出到待加密明文选择部分32。
在步骤ST3,根据图5A所示的对应关系表数据TDA,加密方法选择部分31选择对应于在步骤ST2输入的设备标识数据IDM的加密方法M1到Mn,并将表示加密方法的选择数据S31输出到加密部分33。
在步骤ST4,根据图5B所示的对应关系表数据TDB,待加密明文选择部分32选择对应于在步骤ST2输入的代码CODE的明文数据P1到Pm,并将所选择的明文数据P输出到加密部分33。
在步骤ST5,加密部分33用在步骤ST3从加密方法选择部分31输入的选择数据S31所指示的加密方法,对在步骤ST4从待加密明文选择部分32输入的明文数据P加密,生成加密数据ED。
在步骤ST6,加密部分33将步骤ST5生成的加密数据ED通过接口30输出给计算机11。计算机11将输入的加密数据ED输出给IC15。
在步骤ST7,IC15的CPU23使用对应于加密数据ED的密钥数据,对步骤ST6输入的加密数据ED进行解密,生成解密数据。
另外,根据预定的密钥数据,CPU23对解密数据进行加密,生成加密数据。CPU23通过接口21和计算机11将加密数据输出到SAM12。
在步骤ST8,SAM12根据在步骤ST7从IC15输入的加密数据验证IC15的真实性。
如前所述,根据参照图4和图5所述的SAM12,除了选择对应于各代码CODE的明文数据P1到Pm之外,选择对应于各设备标识数据IDM的加密方法M1到Mn。因此,即使在代码CODE相同的情况下,如果设备标识数据IDM不同,则对代码CODE加密而获得的加密数据ED就会不同。因此,即使对应关系表数据TDB被非法泄漏,由于不能识别对明文数据P的加密使用的是什么加密方法,所以不能非法生成加密数据ED。结果,提够了SAM12和IC15之间的验证可靠性。
对第一实施例的修改
在上述实施例中,作为本发明的第一标识数据,描述了各IC卡10独有的设备标识数据IDM作为例子。作为替代选择,第一标识数据可以是表示用IC卡10执行验证的安全等级的标识数据,或者可以是根据验证的处理负荷指定的标识数据。也就是,除了各IC卡10独有的标识数据之外,可以用多个IC卡10之间共享的标识数据作为本发明的第一标识数据。
在上述实施例中,根据加密方法选择部分31所产生的选择数据S31由加密部分33执行的加密包括这样的加密:例如,加密部分33对预先具有多种加密方法的单独的程序,根据选择数据S31选择和执行相关的程序。另外,可以这样执行加密:表示加密方法选择部分31所选择的加密方法的脚本的选择数据31被输出到加密部分33,该加密部分33解释该脚本并执行之。
另外,加密方法选择部分31生成的选择数据S31可以从多个加密方法M1到Mn及其处理程序中指出多个加密方法而不是单个加密方法,并可以将它们输出到加密部分33。在这种情况下,根据选择数据S31指定的处理程序,加密部分33使用多个指定的加密方法对待加密明文选择部分32输入的明文数据进行加密处理,生成加密数据ED。
第二实施例
在上述的第一实施例中,描述了这样一个例子:SAM12的加密部分33使用从加密方法选择部分31输入的选择数据S31所指示的加密方法对待加密明文选择部分32输入的明文数据P实际进行加密,生成加密数据ED。
与此相对照,本实施例的SAM12a的加密部分33a预先保存有这样的加密数据:用加密方法M1到Mn分别对明文数据P1到Pm加密。根据明文数据和选择数据S31,加密部分33a获得与它们对应的加密数据。也就是,在输入了明文数据P和选择数据S31之后,加密部分33a不执行加密数据生成处理。
图8是本实施例的SAM12a的框图。如图8所示,SAM12a包括,例如,接口30,加密方法选择部分31,待加密明文选择部分32,以及加密部分33a。在此实施例中,与接口30、加密方法选择部分31和待加密明文选择部分32类似,加密部分33a例如由电子电路实现。这里,接口30、加密方法选择部分31和待加密明文选择部分32用与图4的相同的附图标记表示,与第一实施例是相同的。
下面描述加密部分33a。该加密部分33a具有一个对应关系表数据TDC。
图9图示了图8所示的对应关系表数据TDC。在图9所示的对应关系表数据TDC中,明文数据P被图示在行的方向,加密方法M被图示在列的方向。在行和列所规定的地址上,保存了用对应于相关列的加密方法M对对应于相关行的明文数据P进行加密而获得的加密数据P-M。也就是,对应关系表数据TDC定义了当用加密方法M1到Mn分别对明文数据P1到Pm加密时所获得的加密数据。
通过访问图9所示的对应关系表数据TDC,加密部分33a获得从待加密明文选择部分32输入的明文数据Px和对应于从加密方法选择部分31输入的选择数据S31所指示的加密方法My的加密数据P-M,并将他作为加密数据ED输出到接口30。在上,x表示1到m的整数,y表示1到n的整数。
本实施例的卡系统与上面结合第一实施例所描述的卡系统1相同,不同之处在于加密部分33a的上述配置和操作。
根据本实施例,由于加密部分33a不是根据对应关系表数据TDC获得加密数据ED,不执行生成加密数据ED的处理,从而缩短了加密部分33a的处理时间,从而可以用简单而小巧的结构形成加密部分33a。
第二实施例的改进
在上述第二实施例中,描述了一个对应关系表数据TDC的例子,其中定义了对于所有明文数据P1到Pn,用所有加密方法M1到Mn对明文数据加密得到的加密数据。作为替代方案,可以使用这样的对应关系表数据TDC,其中,对于明文数据P1到Pm和加密方法M1到Mn中的至少一个,只指定对应于某些明文数据或者加密方法的加密数据。
在这种情况下,当加密部分33a判断从加密方法选择部分31输入的选择数据S31以及对应于从待加密明文选择部分32输入的明文数据P的加密数据被定义在对应关系表数据TDC中时,加密部分33a基于对应关系表数据TDC获得加密数据。另一方面,如果加密部分33a判断在对应关系表数据TDC中没有定义选择数据S31,则加密部分33a通过用选择数据S31所指示的加密方法对明文数据P实际进行加密二产生加密数据,而不使用对应关系表数据TDC。
在该第二实施例中,类似于对第一实施例的改进,加密方法选择部分31可以生成从加密方法M1到Mn及其处理程序中指示多种加密方法而不是仅一种加密方法的选择数据S31,并可以将它们输出到加密部分33a。
在这种情况下,加密部分33a根据选择数据S31所指定的处理程序,对待加密明文选择部分32输入的明文数据P使用多种指定的加密方法执行加密处理,从而产生加密数据ED。
在这样根据多种加密方法执行加密处理的过程中,如果在对应关系表数据TDC中定义了相关联的加密数据,则加密部分33a从对应关系表数据TDC获得加密数据,如果没有定义相关联的加密数据,则加密部分33a到此时为止不取消加密结果,使用加密结果对在随后的对应关系表数据TDC中没有定义的加密数据实际进行加密而产生加密数据。
在该第二实施例中,加密部分33a还可以用预先确定的加密方法对从对应关系表数据TDC获得的加密数据进行加密,以产生加密数据ED。这样的加密也可以在进行了升级安装时进行。
本发明不限于上述实施例。在上述实施例中,描述了一个例子,其中加密方法选择部分31、待加密明文选择部分32和加密部分33和33a被实现为电子电路。作为替代方案,它们当中的某些或者全部可以实现为这样的:由数据处理设备比如计算机在程序中执行相应的步骤。在这种情况下,例如,图6所示的步骤ST3、ST4和ST5的过程被写为程序的形式,所述数据处理设备执行所述步骤从而实现根据本发明第二部分的第一程序、第二程序和第三程序。
在上述实施例中,描述了一个例子,其中IC卡10的IC15被用作本发明的验证方(本发明的输出源)。作为替代方案,所述验证方可以是计算机或类似设备。
本发明包含的主题与2004年1月9日递交给日本专利局的日本专利申请JP 2004-004827相关,该申请的全部内容在此引为参考。
Claims (10)
1.一种加密设备,用于基于指定的标识数据生成加密数据,该加密设备包括:
第一选择装置,用于根据所述标识数据从多个不同的加密方法中选择一种加密方法;
第二选择装置,用于根据所述标识数据从多个不同的明文数据中选择要加密的明文数据;以及
加密装置,用于获得加密数据,使得用所述第二选择装置选择的明文数据被所述第一选择装置选择的加密方法加密。
2.如权利要求1所述的加密设备,其中,所述第一选择装置根据所述标识数据选择所述加密方法,并且
所述第二选择装置根据不同于所述标识数据的标识数据选择所述明文数据。
3.如权利要求2所述的加密设备,其中,所述加密装置基于所述加密数据用所述标识数据的输出源执行验证,
所述第一选择装置根据所述标识数据选择所述加密方法,所述标识数据是下述标识数据之一:所述输出源独有的标识数据,表示用所述输出源进行的验证的安全等级的标识数据,以及表示所述验证的处理负荷的限制的标识数据,并且,
所述第二选择装置基于作为用于标识所述加密装置所执行的所述验证的对象的标识数据的所述标识数据选择所述明文数据。
4.如权利要求1所述的加密设备,其中,所述第一选择装置选择多个所述加密方法及其处理程序作为用于单个所述明文数据的所述加密的所述加密方法,并且,
所述加密装置使用所述第一选择装置所选择的所述多个加密方法及其处理程序,对所述第二选择装置所选择的所述明文数据顺序进行加密。
5.如权利要求1所述的加密设备,其中,所述加密装置用所述第一选择装置所选择的所述加密方法对所述第二选择装置所选择的所述明文数据进行加密,以生成所述加密数据。
6.如权利要求1所述的加密设备,其中,对于所述多个不同加密方法和所述多个不同明文数据的全部或者部分的组合,所述加密装置访问表示被相互对应地安排的所述组合以及对应于所述组合的所述加密数据的对应关系数据,并指定和获取对应于所述第一选择装置和所述第二选择装置的选择结果的所述组合的所述加密数据。
7.如权利要求6所述的加密设备,其中,如果在所述对应关系数据中不存在对应于所述第一选择装置和所述第二选择装置的选择结果的所述组合的所述加密数据,则所述加密装置通过对所述组合执行所述加密来生成所述加密数据。
8.如权利要求1所述的加密设备,其中,所述加密设备是防篡改电子电路。
9.一种由数据处理设备执行的程序,用于根据指定的标识数据生成加密数据,该程序包括:
根据所述标识数据从多种不同的加密方法中选择一种加密方法的第一程序;
根据所述标识数据从多个不同的明文数据中选择要加密的明文数据的第二程序;以及
获得加密数据的第三程序,使得用在所述第一程序中选择的所述加密方法对在所述第二程序中选择的所述明文数据进行加密。
10.一种用于数据处理设备的数据处理方法,用于根据指定的标识数据生成加密数据,该数据处理方法包括:
根据所述标识数据从多种不同的加密方法中选择一种加密方法的第一步骤;
根据所述标识数据从多个不同的明文数据中选择要加密的明文数据的第二步骤;以及
获得加密数据的第三步骤,使得用在所述第一步骤中选择的所述加密方法对在所述第二步骤中选择的所述明文数据进行加密。
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2004004827 | 2004-01-09 | ||
| JP2004004827A JP4696449B2 (ja) | 2004-01-09 | 2004-01-09 | 暗号化装置およびその方法 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1638327A true CN1638327A (zh) | 2005-07-13 |
| CN100466512C CN100466512C (zh) | 2009-03-04 |
Family
ID=34819329
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB200510004138XA Expired - Fee Related CN100466512C (zh) | 2004-01-09 | 2005-01-07 | 加密设备和用于数据处理设备的数据处理方法 |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US8079078B2 (zh) |
| JP (1) | JP4696449B2 (zh) |
| CN (1) | CN100466512C (zh) |
| SG (1) | SG113551A1 (zh) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664887A (zh) * | 2012-04-19 | 2012-09-12 | 江汉大学 | 输入信息保护方法、装置和系统 |
| CN103593592A (zh) * | 2013-11-08 | 2014-02-19 | 上海新储集成电路有限公司 | 一种用户数据的加解密方法 |
| CN103701583B (zh) * | 2012-09-28 | 2016-12-21 | 中国银联股份有限公司 | 加密处理装置及方法 |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7903812B2 (en) * | 2006-09-07 | 2011-03-08 | International Business Machines Corporation | Detection and handling of encryption key and initialization vector |
| US7751559B2 (en) * | 2006-09-07 | 2010-07-06 | International Business Machines Corporation | Secure transmission of cryptographic key |
| US7752463B2 (en) | 2006-09-07 | 2010-07-06 | International Business Machines Corporation | Automatically filling a drive table |
| US7757099B2 (en) * | 2006-09-07 | 2010-07-13 | International Business Machines Corporation | Validating an encryption key file on removable storage media |
| US8130959B2 (en) | 2006-09-07 | 2012-03-06 | International Business Machines Corporation | Rekeying encryption for removable storage media |
| US7817799B2 (en) * | 2006-09-07 | 2010-10-19 | International Business Machines Corporation | Maintaining encryption key integrity |
| US7877603B2 (en) * | 2006-09-07 | 2011-01-25 | International Business Machines Corporation | Configuring a storage drive to communicate with encryption and key managers |
| US7953978B2 (en) | 2006-09-07 | 2011-05-31 | International Business Machines Corporation | Key generation and retrieval using key servers |
| US7934247B2 (en) | 2006-09-07 | 2011-04-26 | International Business Machines Corporation | Encryption policy based on data context recognition |
| US7783882B2 (en) * | 2006-09-07 | 2010-08-24 | International Business Machines Corporation | Recovering remnant encrypted data on a removable storage media |
| US7921294B2 (en) * | 2006-09-07 | 2011-04-05 | International Business Machines Corporation | Verification of encryption key |
| JP5176447B2 (ja) * | 2007-09-14 | 2013-04-03 | 株式会社リコー | 画像形成装置、ジョブ制御方法、及び、情報記録媒体 |
| DE102010013202A1 (de) * | 2010-03-29 | 2011-09-29 | Giesecke & Devrient Gmbh | Verfahren zum sicheren Übertragen einer Anwendung von einem Server in eine Lesegeräteinheit |
| JP2014042244A (ja) * | 2013-09-09 | 2014-03-06 | Hitachi Consumer Electronics Co Ltd | コンテンツ送信装置及びコンテンツ送信方法 |
Family Cites Families (33)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4186871A (en) * | 1978-03-01 | 1980-02-05 | International Business Machines Corporation | Transaction execution system with secure encryption key storage and communications |
| JPS6481087A (en) * | 1987-09-22 | 1989-03-27 | Hitachi Maxell | Ic card data transmission system |
| US5003596A (en) * | 1989-08-17 | 1991-03-26 | Cryptech, Inc. | Method of cryptographically transforming electronic digital data from one form to another |
| JP2862030B2 (ja) | 1991-06-13 | 1999-02-24 | 三菱電機株式会社 | 暗号化方式 |
| US5239584A (en) * | 1991-12-26 | 1993-08-24 | General Electric Corporation | Method and apparatus for encryption/authentication of data in energy metering applications |
| US5301247A (en) * | 1992-07-23 | 1994-04-05 | Crest Industries, Inc. | Method for ensuring secure communications |
| JP3717176B2 (ja) * | 1993-09-29 | 2005-11-16 | 株式会社パンプキンハウス | 暗号化/復号装置および方法 |
| US5452358A (en) * | 1994-02-08 | 1995-09-19 | Apple Computer, Inc. | Method and apparatus for improving the security of an electronic codebook encryption scheme utilizing a data dependent encryption function |
| JPH0830745A (ja) * | 1994-07-20 | 1996-02-02 | Nippon Telegr & Teleph Corp <Ntt> | 個人識別機能付きカード、個人識別機能付きカードの処理システムおよび個人識別機能付きカードの処理方法 |
| JP4309480B2 (ja) * | 1995-03-07 | 2009-08-05 | 株式会社東芝 | 情報処理装置 |
| US5828751A (en) * | 1996-04-08 | 1998-10-27 | Walker Asset Management Limited Partnership | Method and apparatus for secure measurement certification |
| JPH09179951A (ja) * | 1995-12-22 | 1997-07-11 | Dainippon Printing Co Ltd | 携帯可能情報記憶媒体及びそのシステム |
| JPH09179950A (ja) * | 1995-12-22 | 1997-07-11 | Dainippon Printing Co Ltd | 個別icカード、認証用icカード及びそれらを用いたicカードシステム |
| JPH1165439A (ja) * | 1996-08-09 | 1999-03-05 | Nippon Telegr & Teleph Corp <Ntt> | N進表現暗号による通信および認証方法、ならびにそれらの装置、およびn進表現暗号による通信および認証プログラムを格納した記憶媒体 |
| US6075859A (en) * | 1997-03-11 | 2000-06-13 | Qualcomm Incorporated | Method and apparatus for encrypting data in a wireless communication system |
| JPH1115940A (ja) * | 1997-06-19 | 1999-01-22 | Toppan Printing Co Ltd | 情報記録用カード |
| JP2000036015A (ja) * | 1998-07-17 | 2000-02-02 | Toshiba Corp | Icカード処理装置とicカードとicカード処理システムとicカード処理方法 |
| US6173400B1 (en) * | 1998-07-31 | 2001-01-09 | Sun Microsystems, Inc. | Methods and systems for establishing a shared secret using an authentication token |
| KR100484209B1 (ko) * | 1998-09-24 | 2005-09-30 | 삼성전자주식회사 | 디지털컨텐트암호화/해독화장치및그방법 |
| DK174672B1 (da) * | 1999-11-09 | 2003-08-25 | Orange As | System til elektronisk udlevering af en personlig identifikationskode |
| US6772339B1 (en) * | 2000-03-13 | 2004-08-03 | Lucent Technologies Inc. | Mix and match: a new approach to secure multiparty computation |
| US7143289B2 (en) * | 2000-10-30 | 2006-11-28 | Geocodex Llc | System and method for delivering encrypted information in a communication network using location identity and key tables |
| JP4153653B2 (ja) * | 2000-10-31 | 2008-09-24 | 株式会社東芝 | マイクロプロセッサおよびデータ保護方法 |
| AU2002228676A1 (en) * | 2000-11-27 | 2002-06-03 | Parenty Consulting, Llc | Method and system for object encryption using transparent key management |
| US20020071562A1 (en) * | 2000-12-13 | 2002-06-13 | Parenty Thomas J. | Method and system for encrypting shared documents for transit and storage |
| JP2002312707A (ja) | 2001-04-13 | 2002-10-25 | Dainippon Printing Co Ltd | クレジットカードを用いた決済処理方法 |
| JP2003051819A (ja) * | 2001-08-08 | 2003-02-21 | Toshiba Corp | マイクロプロセッサ |
| US8214655B2 (en) * | 2002-03-29 | 2012-07-03 | Kabushiki Kaisha Toshiba | Data structure of multimedia file format, encrypting method and device thereof, and decrypting method and device thereof |
| JP2003345664A (ja) | 2002-05-30 | 2003-12-05 | Nissan Motor Co Ltd | 送信装置、データ処理システム及びデータ処理プログラム |
| JP2004015667A (ja) | 2002-06-10 | 2004-01-15 | Takeshi Sakamura | Icカード間暗号通信方法、電子チケット流通システムにおけるicカード間暗号通信方法およびicカード |
| RU2005105304A (ru) * | 2002-07-27 | 2005-09-20 | ЭКССТРИМ СЕКЬЮРИТИ СОЛЮШНЗ ЛТД., ЭлЭлСи (US) | Способ шифрования и дешифрования и устройство для его осуществления |
| WO2004092864A2 (en) * | 2003-04-14 | 2004-10-28 | Matsushita Electric Industrial Co., Ltd. | Client-server authentication using the challenge-response principle |
| US7434062B2 (en) * | 2004-11-19 | 2008-10-07 | Konica Minolta Systems Laboratory, Inc. | Password encrypting apparatus and method for encrypting password |
-
2004
- 2004-01-09 JP JP2004004827A patent/JP4696449B2/ja not_active Expired - Lifetime
- 2004-12-30 US US11/024,726 patent/US8079078B2/en not_active Expired - Fee Related
-
2005
- 2005-01-06 SG SG200500034A patent/SG113551A1/en unknown
- 2005-01-07 CN CNB200510004138XA patent/CN100466512C/zh not_active Expired - Fee Related
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664887A (zh) * | 2012-04-19 | 2012-09-12 | 江汉大学 | 输入信息保护方法、装置和系统 |
| CN103701583B (zh) * | 2012-09-28 | 2016-12-21 | 中国银联股份有限公司 | 加密处理装置及方法 |
| CN103593592A (zh) * | 2013-11-08 | 2014-02-19 | 上海新储集成电路有限公司 | 一种用户数据的加解密方法 |
| CN103593592B (zh) * | 2013-11-08 | 2017-01-18 | 上海新储集成电路有限公司 | 一种用户数据的加解密方法 |
Also Published As
| Publication number | Publication date |
|---|---|
| US20050207570A1 (en) | 2005-09-22 |
| CN100466512C (zh) | 2009-03-04 |
| US8079078B2 (en) | 2011-12-13 |
| SG113551A1 (en) | 2005-08-29 |
| JP2005198211A (ja) | 2005-07-21 |
| JP4696449B2 (ja) | 2011-06-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1638327A (zh) | 加密设备以及与之一起使用的程序和方法 | |
| CN1218598C (zh) | 移动通信装置和数据隐蔽方法 | |
| CN1302407C (zh) | 设备验证系统 | |
| CN100343844C (zh) | 数据配送装置和数据配送用的终端装置 | |
| CN1248100C (zh) | 根据通信双方的开始信息产生口令的加密通信系统 | |
| US7353499B2 (en) | Multiple instruction dispatch tables for application program obfuscation | |
| CN103580852B (zh) | 安全元件以及初始化安全元件的方法和系统 | |
| CN1280737C (zh) | 移动存储设备与读写识别设备的安全认证方法 | |
| CN100338905C (zh) | 具有硬件适应性的数字内容与硬件绑定的方法 | |
| CN1122213C (zh) | 给对象签名和签章的方法和设备 | |
| US7424620B2 (en) | Interleaved data and instruction streams for application program obfuscation | |
| CN1171015A (zh) | 条件存取系统和允许这种存取的智能卡 | |
| CN1761926A (zh) | 授权证书中的用户身份保密性 | |
| CN1602600A (zh) | 内容处理装置与内容保护程序 | |
| CN1075040A (zh) | 在能量测量应用中对数据加密/鉴别的方法和装置 | |
| CN1745377A (zh) | 使用隐含中间密钥来认证软件的系统和方法 | |
| CN1582422A (zh) | 防止未被授权使用软件的方法 | |
| CN1898624A (zh) | 在使用授权证书时维护私密性 | |
| CN1469272A (zh) | 数字内容发行系统和数字内容发行方法 | |
| CN1818923A (zh) | 用于射频识别系统的加密验证方法 | |
| CN102118512A (zh) | 一种手机应用程序防破解方法及系统 | |
| CN1467947A (zh) | 电子值数据通信方法及系统、ic卡、便携终端和通信终端 | |
| CN100336337C (zh) | 数据处理器件及其方法 | |
| CN101038612A (zh) | 产生证书的方法以及使用证书提供内容的方法和设备 | |
| CN1910531A (zh) | 数据资源的密钥控制使用的方法和系统、相关网络以及计算机程序产品 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090304 Termination date: 20160107 |