WO2005109740A1 - Icカード - Google Patents
Icカード Download PDFInfo
- Publication number
- WO2005109740A1 WO2005109740A1 PCT/JP2005/008657 JP2005008657W WO2005109740A1 WO 2005109740 A1 WO2005109740 A1 WO 2005109740A1 JP 2005008657 W JP2005008657 W JP 2005008657W WO 2005109740 A1 WO2005109740 A1 WO 2005109740A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- card
- encryption
- key information
- storage location
- encryption key
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0827—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
- H04L9/0836—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- the present invention relates to a cryptographic communication system and a cryptographic communication method, and more particularly, to a technology for performing cryptographic communication using an IC card for encryption or decryption processing. Background technology
- IC cards have been used for a variety of purposes as portable information recording media with extremely high confidentiality since ancient times. ing.
- a portable information recording medium having such confidentiality is most suitable for use in encryption processing or decryption processing.
- a secret encryption key or an encryption key table (herein, collectively referred to as encryption key information) is used as a seed in the encryption algorithm.
- encryption key information is used as a seed in the encryption algorithm.
- Predetermined plaintext In the encryption process of converting data into ciphertext data, processing using this secret encryption key information is executed.
- the secret encryption key information used in the encryption process is an indispensable element in the decryption process that returns the ciphertext data to plaintext data. That is, decryption cannot be performed without secret encryption key information. Therefore, if this secret key information is stored in the IC card, it will be extremely difficult to access the encryption key by unauthorized means, and the security of the key itself will be improved. Can be planned.
- Cryptographic communication using an IC card can be realized by preparing two sets of IC cards that store the same encryption key information. That is, the sender holds the first IC card and the receiver holds the second IC card, and the sender uses the encryption key information in the first IC card to perform the encryption process. Then, the receiver may perform the decryption process using the encryption key information in the second IC card.
- the sender holds the first IC card and the receiver holds the second IC card
- the sender uses the encryption key information in the first IC card to perform the encryption process.
- the receiver may perform the decryption process using the encryption key information in the second IC card.
- signal communication between members belonging to the group can be performed. Becomes possible.
- a system that uses a plurality of IC cards to perform cryptographic communication between many has already been proposed.
- No. ⁇ communication system is a system for exchanging encrypted data so that only members belonging to a predetermined group can decrypt it in the first place, and outsiders who do not belong to the group can decrypt encrypted data. It is assumed that measures will be taken that will not be taken. However, in a relatively large company, the members of a particular group often change frequently.
- An object of the present invention is to provide a cryptographic communication system and a cryptographic communication method, and to provide an IC card usable for the cryptographic communication system and the cryptographic communication method. Disclosure of the invention
- a first aspect of the present invention relates to an IC card used to execute an encryption process or a decryption process using unique encryption key information
- a memory a CPU for performing predetermined processing based on data and programs stored in the memory, and an IZO unit for exchanging information with the outside,
- a first storage location, a second storage location, and a third storage location are secured in the memory, and a predetermined fixed code is stored in the first storage location in advance, and the fixed code is rewritten.
- variable code In the second storage location, an arbitrary variable code can be written from outside, and this variable code is configured to be rewritable.
- the memory has fixed code stored in the first storage location and a second storage location. By performing an arithmetic operation based on a predetermined algorithm using the variable code stored in the location, cryptographic key information uniquely determined according to the two codes is generated, and this is stored in the third storage location.
- a second aspect of the present invention relates to an IC card used for executing an encryption process or a decryption process using unique encryption key information
- a memory a CPU for executing a predetermined process based on data and a program stored in the memory, and an I unit for exchanging information with the outside,
- a first storage location, a second storage location, and a third storage location are secured in the memory, and a predetermined fixed code is stored in the first storage location in advance, and the fixed code is rewritten.
- variable code In the second storage location, an arbitrary variable code can be written from outside, and this variable code is configured to be rewritable.
- the fixed code stored in the first storage location and the variable code stored in the second storage location are used to perform an arithmetic operation based on a predetermined algorithm, thereby responding to the two codes.
- a key information generation program that generates cryptographic key information that is uniquely determined by a third party and stores it in a third storage location, and a third key that executes encryption or decryption processing outside the IC card.
- a key reading program for reading out the encryption key information or a part thereof stored in the storage place,
- the third aspect of the present invention provides the IC card for encryption or decryption processing according to the first or second aspect described above,
- the key information generation program performs a process of generating an encryption key itself used for encryption or decryption as encryption key information.
- a fourth aspect of the present invention provides the IC card for encryption or decryption according to the first or second aspect
- the key information generation program performs a process of generating a key table which is used as encryption key information, a part of which is used as an encryption key used for encryption or decryption.
- a fifth aspect of the present invention is a cryptographic communication system using an IC card for encryption or decryption processing according to the first to fourth aspects,
- a first IC card and a second IC card each storing the same fixed code
- a sixth aspect of the present invention is the cryptographic communication method using an IC card for encryption or decryption according to the first to fourth aspects
- the receiver writes the transmitted variable code on the second IC card. And generating encryption key information by using the generated encryption key information, and performing a process of decoding the transmitted transmission target data using the generated encryption key information;
- the encryption key information necessary for the encryption or decryption processing is internally processed in the IC card by an arithmetic processing based on two codes, a fixed code and a variable code, stored in the IC card.
- the fixed code is data written in advance on the IC card, and is configured so as not to be rewritten. Therefore, for example, if the same fixed code unique to the company is written on an IC card issued to a specific company, the fixed code will be stored in the IC card held by the employee of the company. Since only the stored data is stored overnight, sufficient security measures can be taken against an unspecified number of people outside the company.
- the variable code is freely rewritable code, it can be flexibly dealt with by rewriting it every time the members of the project team are changed.
- FIG. 1 is a block diagram illustrating the configuration of a general IC card that is currently widely used and a process of encryption processing using the IC card.
- FIG. 2 is a block diagram showing an embodiment in which the encryption / decryption processing is performed not in the IC card 100 but in an external arithmetic processing unit 200.
- FIG. 3 is a diagram showing the concept of a key table used for the encryption Z decryption processing.
- FIG. 4 is a block diagram showing a processing process of a key information generation program prepared in the IC card according to the present invention.
- FIG. 5 is a block diagram showing a basic configuration of an IC card according to the present invention.
- FIG. 6 is a block diagram showing an IC card issuing mode according to the present invention.
- FIG. 7 is a block diagram showing a configuration example of a cryptographic communication system according to the present invention.
- FIG. 1 is a block diagram illustrating a configuration of a general IC card 100 that is currently widely used and a process of an encryption process using the IC card 100.
- the IC card 100 has a memory 110, a CPU 120, and an I / O unit 130.
- the memory 110 includes a ROM 111 that is a non-rewritable nonvolatile memory, an EEPROM 112 that is a rewritable nonvolatile memory, and a RAM 113 that is a rewritable volatile memory.
- the ROM 111 stores programs for executing basic processing functions of the IC card 100
- the EEPROM 112 stores various data to be recorded on the IC card 100. One night is stored.
- the RAMI 13 is used as a work area when the CPU 120 executes various processes.
- the memory 110 can be accessed only by the CPU 120, and cannot be directly accessed from outside. Access from outside is performed via the I0 unit 130. That is, the CPU 120 executes a command externally applied through the IZO unit 130 based on the program in the ROM 1111 and returns the execution result as a response to the outside through the 10 unit 130.
- the illustrated example is an example of an IC card having a function of executing an encryption process for converting plaintext data into ciphertext data and a conversely, a decryption process for converting ciphertext data into plaintext data.
- the EEPROM 112 stores an encryption key used by the program.
- the CPU 120 sends the given encryption command based on the program in the ROM 111.
- a command is executed, a given encryption process is performed on the given plaintext data, and a process of outputting the obtained encrypted data together with a response to the outside via the IZO unit 130 is performed.
- an encryption key stored in the EEPROM 112 is used.
- the CPU 120 receives the given command based on the program in the ROM 111.
- the encryption / decryption processing program is prepared in the ROM 111
- this program may be prepared in the EEPROM 112. If a processing program for encryption and Z-decryption is prepared in the EEPROM 112, this processing program can be rewritten as necessary.
- the IC card 100 having only the processing functions of encryption and decryption is shown, but in practice, since the IC card 100 is used for various purposes, the ROM 111 or the EE
- the PROM 112 stores programs for executing various processes in these various applications.
- FIG. 2 is a block diagram showing an embodiment when the processing is performed in the arithmetic processing device 200 of FIG.
- plaintext data is given to the external arithmetic processing unit 200
- ciphertext data is given, it will be output as plaintext data.
- a program for encryption and decryption is provided in the external arithmetic processing unit 200, and the program uses the encryption key read from the IC card 100 to perform encryption and Z decryption. Will be executed. ⁇
- the encryption key stored in the EEPROM 112 since the encryption key stored in the EEPROM 112 is read out of the IC card 100, the encryption key shown in FIG. The embodiment is better. In the embodiment shown in FIG. 1, since the encryption key stored in the EEPROM 112 is not read out of the IC card 100, the encryption key is stored in the EEPROM 112. After that, it is extremely unlikely to be known by illicit means.
- FIGS. 1 and 2 show an example in which encryption processing and decryption processing are performed using an encryption key stored in an IC card, practically, encryption processing and decryption are performed.
- an encryption key table may be stored.
- FIG. 3 is a diagram illustrating the concept of such a key table.
- one cell indicates one byte of data
- a key table is constituted by a data string of a total of 20 bytes. If such a key table is stored in an IC card, a desired part of the key table can be extracted and used as an encryption key as needed, and a plurality of types of varieties can be obtained. It can be used as a cryptographic key with one option.
- the key table shown in Fig. 3 can be said to be part of data used as a key for encryption used for encryption or decryption. Therefore, in the present application, the encryption key itself and the key table as shown in FIG. 3 are collectively referred to as “encryption key information”.
- FIG. 4 is a block diagram showing a processing process of the key information generation program.
- the key information generation program used in the present invention executes an arithmetic process based on a predetermined algorithm A using two data, a fixed code F and a variable code V, and generates encryption key information K Is generated.
- the advantage of generating the encryption key information K by an algorithm using two data, the fixed code F and the variable code V, will be described later.
- any algorithm may be used as the predetermined algorithm A, but in the figure, as an example, a fixed code F consisting of four digits and a variable code V consisting of four digits are shown. And sum the last 4 digits of this sum A simple algorithm for key information K is shown. For example, if the fixed code F is a number “6 7 8 9” and the variable code V is a number “5 1 5 1”, as shown in the figure, an encryption key consisting of the number “1 9 4 0” Information ⁇ will be generated. By adopting such an algorithm, given two data F and V, it is possible to generate cryptographic key information ⁇ ⁇ uniquely determined according to the two data.
- the encryption key information K having an arbitrary number of digits is generated. It is possible. Therefore, the encryption key information K generated by such a method can be sufficiently used as the key table described above.
- the algorithm for generating the encryption key information K is not necessarily limited to the arithmetic processing based on two sets of data. At least two data, a fixed code F and a variable code V, are used. An algorithm using the third data or the fourth data may be used as long as the algorithm can obtain the key information K for symbol ⁇ which is uniquely determined according to the data. In any case, in order to obtain the encryption key information K, two codes, a fixed code F and a variable code V, are required, and it is not possible to generate the encryption key information K with only one of them. Can not.
- FIG. 5 is a block diagram showing a basic configuration of the IC card 100 according to one embodiment of the present invention.
- the IC card 100 also exchanges information with the memory 110, the CPU 120, and the outside.
- the memory 110 comprises a ROM 111, an EEPROM 112, and a RAM 113.
- a basic program P 1, a key information generation program P 2, and an encryption / decryption program P 3 are stored in the ROM 110 1.
- the first storage location L 1 is A location for storing the fixed code F
- the CPU 120 executes a predetermined process based on the program stored in the ROM 111 and the data stored in the EEPROM 112 and the RAMI 13. As described above, the processing content executed by the CPU 120 is determined according to a command externally provided through the I / O unit 130, and the execution result is output to the outside as a response.
- the fixed code F, the variable code V, and the encryption key information K stored in the EEPROM 112 correspond to each block shown in FIG.
- the purpose of the IC card 100 is to execute an encryption process or a decryption process, and data necessary for the original purpose is the encryption key information K.
- the fixed code F and the variable code V are data necessary for generating the encryption key information K based on the process shown in FIG.
- the basic program P1 stored in the ROM 111 is a program necessary for the basic operation of the IC card 100, and is usually a program incorporated as an OS program for the IC card.
- the process of writing the fixed code F in the first storage location L1 and the process of writing the variable code V in the second storage location L2 are executed by the basic program P1.
- the actual writing operation is performed by performing an operation of giving a predetermined writing command and data to be written (fixed code F or variable code V) from outside via the IZ # unit 130.
- variable code V is a freely writable code and can be rewritten at any time, but the fixed code F needs to be a fixed code so that it cannot be rewritten.
- fixed so that rewriting is not possible means that the IC card 100 is fixed so that it cannot be rewritten by the user. In other words, this IC power
- the fixed code F only needs to be in a state where it cannot be rewritten. If necessary, the fixed code F An operation that can rewrite F is also possible.
- the first storage location L1 should be reserved in a special address area managed by the OS, and follow special procedures known only to the IC card manufacturer and provider. For example, an access control that does not allow data to be written to this special address area may be incorporated in the OS program. Alternatively, the configuration may be such that the write processing is permitted only once for this special address area. In any case, the process of writing the fixed code into the first storage location is performed by the manufacturer or provider of the IC card, and a general user holds the IC card 100 in his hand. Then, the predetermined fixed code F is already written in the first storage location.
- the key information generation program P 2 is a program for generating the encryption key information K by executing the process shown in FIG. 4, and the fixed code F stored in the first storage location L 1
- the program P2 is executed by giving a predetermined key information generation command from the outside via the I / O unit 130.
- the encryption / decryption program P 3 executes encryption or decryption processing inside the IC card 100 using the encryption key information K stored in the third storage location L 3. It is a program to do.
- This program P 3 When executing the encryption process, a command for the encryption process and plaintext data to be encrypted may be given from the outside via the 1/0 unit 130. The ciphertext data generated by the encryption process is output to the outside via the IZO unit 130 as a response.
- a command for the decryption process and the ciphertext data to be decrypted are externally transmitted via the first unit 130. Just give it.
- the plaintext data generated by the decryption processing is output to the outside via the IZO unit 130 as a response.
- FIG. 6 is a block diagram showing an issuing mode of the IC card 100 according to the present invention.
- the IC card provider X entrusted by the client company A and the client company B sends each employee belonging to each company a This is an example of issuing an Ic card.
- the IC card provider X defines a fixed code F for each company.
- a fixed code F (a) is defined for customer company A
- a fixed code F (b) is defined for customer company B.
- These codes F (a) and F (b) may be any codes as long as they are different from each other.
- these fixed codes F (c) and F ( d) is defined.
- the fixed code F is a unique code commonly assigned to one group (in the example shown, one company).
- IC card provider X writes fixed code F (a) on the IC card that should be delivered to customer company A, and delivers it to customer company B.
- the fixed code F (b) is written to the IC card to be processed.
- the same fixed code F (a) is stored in the IC card 10 Oa issued to the employee of the company A, and the IC card 100 b issued to the employee of the company B , The same fixed code F (b) is stored.
- IC card provider X will never deliver IC card 100a with fixed code F (a) written to other than company A, and fixed code F (b) for companies other than company B. None ship an IC card 10 Ob on which is written. If this operation is performed, the person holding the IC card 100a with the fixed code F (a) written is limited to employees of company A, and the IC card 10 O with the fixed code F (b) written. The person who possesses b is limited to the employees of company b, so at least it is possible to construct a signal communication system that ensures sufficient security outside the company.
- An object of the present invention is to perform encrypted communication between members belonging to a predetermined group.
- FIG. 7 is a block diagram showing a configuration example of the cryptographic communication system according to the present invention.
- employee a who is at the Tokyo head office of company A
- employee ⁇ who is at the Osaka branch office
- a case where the encrypted communication according to the present invention is used will be considered.
- each employee of Company I is provided with an IC card 100a. Therefore, employees Q! And i3 also have this IC card 100a, in which the same fixed code F (a) is stored.
- two IC cards having the functions described in ⁇ 2 and storing the same fixed code are prepared, and one of the IC cards is used. It is necessary to place the other IC card on the sender side (employee ⁇ side) and the other IC card on the receiver side (employee 3 side).
- the employee a who is the sender writes the predetermined variable code V on the IC card to generate the encryption key information ⁇ .
- employee 0 inputs a variable code V (1) to his / her IC card 100a and generates encryption key information K (a1). It is shown.
- the process of writing the variable code V (1) to the second storage location L2 can be performed by executing the write process function of the basic program P1 using a predetermined write command.
- the process of generating the encryption key information K (a1) can be performed by executing a key information generation program by a predetermined key information generation command. it can. As shown in FIG.
- the encryption key information K (a 1) is generated by performing an arithmetic operation on the fixed code F (a) and the variable code V (1) based on a predetermined algorithm.
- the variable code V (1) may be any code, but should be kept secret so that it cannot be known to anyone other than the members of the project team.
- the encryption processing using the encryption key information K (a1) is executed, whereby the plaintext to be transmitted is transmitted. Encrypt the data D1 and create a ciphertext data D2. As described above, this encryption processing can be performed by executing the encryption / decryption program P3 with a predetermined encryption processing command.
- the employee transmits the created ciphertext data D2 to the Osaka branch via the transmission means T.
- the ciphertext data D2 is transmitted from the transmitting means at the Tokyo head office to the receiving means R at the Osaka branch office.
- the transmitting means T and the receiving means R may be constituted by any device having a general transmitting / receiving function.
- a dedicated line connecting the head office and branch of Company A may be used, or transmission using a public transmission network such as the Internet (for example, data transfer using a protocol such as FTP, or as an attached document of e-mail) May be used. Since the ciphertext data D2 is encrypted, security at the time of transmission can be sufficiently ensured.
- the employee transmits the variable code V (1) to the employee; 8 by any means. Specifically, it can be communicated using e-mail, telephone, or fax. Of course, it is not always necessary to transmit the variable code V (1) itself, and if / 3 can be understood, only the hint that can infer the variable code V (1) can be transmitted. It doesn't matter. For example, if the leader name of the project team is used as the variable code V (1), it is sufficient to pass on the information "leader name" to / 3. Or use the same variable code V (1) as before If so, the information "same as last time" can be sent to] 3.
- the receiving means R executes the decryption process using the encryption key information K (a 1), thereby Decrypt the received ciphertext data D2 to create plaintext data D3.
- this decoding process can be performed by executing the decoding / decoding program P3 with a predetermined decoding process command.
- the obtained plaintext data D3 is the same as the original plaintext data D1.
- the above shows an example in which employee Q! Sends an encrypted message to an employee. If the project team consists of four members, for example, employee Q !, ⁇ completed, and ⁇ , employee Q and employee ⁇ Can be transmitted in a similar manner. Now, let's say that the employee gets out of the project team.
- variable code V (1) may be changed to another variable code V (2) when the employee is removed.
- the operation may be performed such that the variable code is changed each time, and the employee who has left may not be notified of the new variable code.
- each company corresponds to a group of a higher hierarchy.
- Company A and Company B are respectively separate groups as upper-level groups.
- the project team established in Company A can be called a lower-level group.
- an IC card 100a containing a fixed code F (a) is available only to employees of company A, and is not available to employees of company B or other ordinary people. Therefore, in the process of transmitting the variable code V (1) in the example of FIG. 7, even if the variable code V (1) might leak, The ciphertext data D2 cannot be decrypted.
- variable code V (1) if the variable code V (1) is leaked, if the employee of Company A is an employee who does not belong to the project team, he can decrypt the ciphertext data D2 It is possible that However, in general, the risk of being deciphered by people inside the company is smaller than the risk of being deciphered by people outside the company.
- the purpose of the present invention is to ensure sufficient security between upper-layer groups when a group definition having a hierarchical structure is made, but to allow some security between lower-layer groups. The point is that even if security deteriorates, it can flexibly respond to member fluctuations.
- the IC card described so far is suitable for constructing such an intended cryptographic communication system.
- the key table shown in FIG. 3 is used as the encryption key information K stored in the third storage location L3 shown in FIG. It is also possible. In this case, an instruction to “use 8 bytes from the 7th byte as an encryption key” together with the variable code V may be transmitted from the sender to the receiver.
- the IC card 100 shown in FIG. 5 is an embodiment used when an encryption process or a decryption process is performed inside the IC card, but as shown in FIG. There may be cases where encryption or decryption is performed externally. In the case where the present invention is applied to such a case, instead of the encryption / decryption program P3 shown in FIG. When a key table as shown in FIG. 3 is used as the key information, a key reading program P 4 for reading a part of the key table may be prepared.
- one company is treated as one group (the above-mentioned higher-level group) and issued to employees in the same company: All the same fixed codes F are stored in the Ic card.
- departments and sections within the same company can be treated as one group. In this case, even in the same company, different fixed codes will be allocated according to the department or section to which they belong. Conversely, multiple companies can be treated as a group. In this case, the same fixed code is allocated to different companies.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/579,079 US20070226513A1 (en) | 2004-05-06 | 2005-05-02 | Ic Card for Encryption or Decryption Process and Encrypted Communication System and Encrypted Communication Method Using the Same |
US13/098,171 US8595813B2 (en) | 2004-05-06 | 2011-04-29 | IC card for encryption or decryption process and encrypted communication system and encrypted communication method using the same |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004-137193 | 2004-05-06 | ||
JP2004137193A JP4582619B2 (ja) | 2004-05-06 | 2004-05-06 | 暗号化もしくは復号化処理用のicカードならびにこれを用いた暗号通信システムおよび暗号通信方法 |
Related Child Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/579,079 A-371-Of-International US20070226513A1 (en) | 2004-05-06 | 2005-05-02 | Ic Card for Encryption or Decryption Process and Encrypted Communication System and Encrypted Communication Method Using the Same |
US13/098,171 Division US8595813B2 (en) | 2004-05-06 | 2011-04-29 | IC card for encryption or decryption process and encrypted communication system and encrypted communication method using the same |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2005109740A1 true WO2005109740A1 (ja) | 2005-11-17 |
Family
ID=35320551
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2005/008657 WO2005109740A1 (ja) | 2004-05-06 | 2005-05-02 | Icカード |
Country Status (3)
Country | Link |
---|---|
US (2) | US20070226513A1 (ja) |
JP (1) | JP4582619B2 (ja) |
WO (1) | WO2005109740A1 (ja) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2259738C (en) * | 1999-01-20 | 2012-10-16 | Certicom Corp. | A resilient cryptographic scheme |
JP2009505521A (ja) * | 2005-08-18 | 2009-02-05 | エントロピック テクノロジーズ ピーティーワイ エルティーディー | コード生成方法 |
JP4670585B2 (ja) * | 2005-10-26 | 2011-04-13 | ソニー株式会社 | 設定装置および方法、並びにプログラム |
US7747861B2 (en) * | 2005-11-09 | 2010-06-29 | Cisco Technology, Inc. | Method and system for redundant secure storage of sensitive data by using multiple keys |
US20100005317A1 (en) * | 2007-07-11 | 2010-01-07 | Memory Experts International Inc. | Securing temporary data stored in non-volatile memory using volatile memory |
US20090202081A1 (en) * | 2008-02-08 | 2009-08-13 | Ayman Hammad | Key delivery system and method |
WO2010035202A1 (en) * | 2008-09-26 | 2010-04-01 | Koninklijke Philips Electronics N.V. | Authenticating a device and a user |
KR100910303B1 (ko) * | 2009-01-09 | 2009-08-03 | 이순구 | 가변코드 테이블을 이용한 데이터 암복호화 장치 및 그 방법 |
US8842840B2 (en) | 2011-11-03 | 2014-09-23 | Arvind Gidwani | Demand based encryption and key generation and distribution systems and methods |
JP6228761B2 (ja) * | 2013-06-28 | 2017-11-08 | 株式会社エヌ・ティ・ティ・データ | Icカード、icカードの認証処理方法、及びプログラム |
JP6320091B2 (ja) * | 2014-03-13 | 2018-05-09 | 株式会社東芝 | Icカード、携帯可能電子装置、icカード処理装置、及び、icカード処理システム |
US10579786B2 (en) * | 2014-04-02 | 2020-03-03 | Sony Corporation | Information processing system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH01233851A (ja) * | 1988-03-14 | 1989-09-19 | Nec Corp | 暗号装置 |
JPH09106445A (ja) * | 1995-10-12 | 1997-04-22 | Dainippon Printing Co Ltd | 情報記録媒体のキー変更方法および情報記録媒体 |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US2588672A (en) * | 1946-04-27 | 1952-03-11 | Universal Oil Prod Co | Liquid level control |
US5227613A (en) * | 1989-01-24 | 1993-07-13 | Matsushita Electric Industrial Co., Ltd. | Secure encrypted data communication system having physically secure ic cards and session key generation based on card identifying information |
US5065429A (en) * | 1989-04-03 | 1991-11-12 | Lang Gerald S | Method and apparatus for protecting material on storage media |
JPH0386469U (ja) * | 1989-12-21 | 1991-09-02 | ||
JPH0568033A (ja) * | 1991-09-06 | 1993-03-19 | Nippon Telegr & Teleph Corp <Ntt> | 暗号通信装置 |
US5559887A (en) * | 1994-09-30 | 1996-09-24 | Electronic Payment Service | Collection of value from stored value systems |
US5937068A (en) * | 1996-03-22 | 1999-08-10 | Activcard | System and method for user authentication employing dynamic encryption variables |
EP0966810A2 (en) * | 1997-03-10 | 1999-12-29 | Guy L. Fielder | Secure deterministic encryption key generator system and method |
JP4268690B2 (ja) * | 1997-03-26 | 2009-05-27 | ソニー株式会社 | 認証システムおよび方法、並びに認証方法 |
TW381057B (en) * | 1997-08-07 | 2000-02-01 | Hitachi Ltd | Semiconductor device |
EP1239411B1 (en) * | 1999-11-30 | 2006-09-06 | Kabushiki Kaisha Toshiba | Ic card and method for managing volatile memory of the ic card |
US7093128B2 (en) * | 2000-04-06 | 2006-08-15 | Sony Corporation | Information recording/reproducing apparatus and method |
US7093129B1 (en) * | 2000-06-19 | 2006-08-15 | International Business Machines Corporation | Secured encrypted communications in a voice browser |
JP2004519874A (ja) * | 2000-08-04 | 2004-07-02 | ファースト データ コーポレイション | 信頼された認証デジタル署名(tads)システム |
GB2369202B (en) * | 2000-08-31 | 2003-03-19 | Sun Microsystems Inc | Computer system and method of operating a computer system |
WO2002099742A1 (fr) * | 2001-06-04 | 2002-12-12 | Renesas Technology Corp. | Carte memoire |
EP1830317A1 (en) * | 2001-06-11 | 2007-09-05 | Sony Corporation | Electronic money system |
JP4234916B2 (ja) * | 2001-08-16 | 2009-03-04 | システムニーズ株式会社 | 独立型本人認証装置におけるメモリレンタルサービスシステム |
JP2003168093A (ja) * | 2001-11-30 | 2003-06-13 | Hitachi Ltd | カードシステム、カードへのアプリケーション搭載方法及びアプリケーション実行確認方法 |
JP4646050B2 (ja) * | 2004-05-06 | 2011-03-09 | 大日本印刷株式会社 | Icカードを発行して暗号化/復号化を行う方法 |
-
2004
- 2004-05-06 JP JP2004137193A patent/JP4582619B2/ja not_active Expired - Fee Related
-
2005
- 2005-05-02 WO PCT/JP2005/008657 patent/WO2005109740A1/ja active Application Filing
- 2005-05-02 US US11/579,079 patent/US20070226513A1/en not_active Abandoned
-
2011
- 2011-04-29 US US13/098,171 patent/US8595813B2/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH01233851A (ja) * | 1988-03-14 | 1989-09-19 | Nec Corp | 暗号装置 |
JPH09106445A (ja) * | 1995-10-12 | 1997-04-22 | Dainippon Printing Co Ltd | 情報記録媒体のキー変更方法および情報記録媒体 |
Also Published As
Publication number | Publication date |
---|---|
US20110213973A1 (en) | 2011-09-01 |
US20070226513A1 (en) | 2007-09-27 |
JP4582619B2 (ja) | 2010-11-17 |
JP2005322963A (ja) | 2005-11-17 |
US8595813B2 (en) | 2013-11-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2005109740A1 (ja) | Icカード | |
JP5178839B2 (ja) | メモリチップ | |
US8099771B2 (en) | Method for issuing IC card storing encryption key information | |
TWI222609B (en) | A method of producing a decrypting apparatus having a cryptographic device and cryptographic information, a system for providing such device and information, and the decrypting apparatus produced by the production method | |
CN1312876C (zh) | 用不可访问的唯一密钥对储存的数据进行加密/解密 | |
JP3717176B2 (ja) | 暗号化/復号装置および方法 | |
US20070206786A1 (en) | Rfid security system | |
US20080104417A1 (en) | System and method for file encryption and decryption | |
CN100524265C (zh) | 在便携式存储装置和数字装置之间运行多个应用的设备和方法 | |
JPH11510678A (ja) | セキュリティモジュールにおいて秘密情報を記憶し使用するための方法及び関連するセキュリティモジュール | |
EP0983541A1 (en) | Method and apparatus for signing and sealing objects | |
CN100462988C (zh) | 定制客户标志信息的方法 | |
JP2002185443A (ja) | 秘密鍵管理方法 | |
JP2007108833A (ja) | 複数パスワード記憶装置及びパスワード管理方法 | |
JP4843563B2 (ja) | 情報記録媒体のセキュリティ方法、情報処理装置及びプログラム | |
JP2005196730A (ja) | 携帯可能電子装置 | |
US20080084998A1 (en) | Encryption key management device and encryption key management method | |
JP2003091240A (ja) | 暗号化された情報の管理方法 | |
JP2001125481A (ja) | 暗号通信端末、暗号通信センター装置及び暗号通信システム並びに記録媒体 | |
JP2005051479A (ja) | 時限暗号化/復号システム | |
JP4829864B2 (ja) | 情報記録媒体のセキュリティ方法、プログラム及び記録媒体 | |
KR20020025343A (ko) | 기본키와 일회용키를 이용한 파일 암호 와 복호 방법 및그 장치 | |
US20200204339A1 (en) | Portable electronic device and ic module | |
JPH06236147A (ja) | セキュリテイ装置 | |
JP5395937B2 (ja) | メモリチップ |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 11579079 Country of ref document: US Ref document number: 2007226513 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
122 | Ep: pct application non-entry in european phase | ||
WWP | Wipo information: published in national office |
Ref document number: 11579079 Country of ref document: US |