Patents by Inventor Hisayoshi Sato
Hisayoshi Sato has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11971998Abstract: A data comparison device holds first and second encrypted data of first and second plaintext, respectively. The first plaintext is divided into a plurality of blocks and the first encrypted data is generated by executing encryption of each of the plurality of blocks and shuffling of the plurality of blocks. The second plaintext is divided into a plurality of blocks and the second encrypted data is generated by executing encryption of each of the plurality of blocks. In at least one of the first encrypted data and the second encrypted data, a plaintext value is embedded as a value indicating a magnitude comparison result, and the data comparison device compares blocks at the same position before shuffling of the first encrypted data and the second encrypted data based on the embedded value and determines a magnitude relationship between the first plaintext and the second plaintext.Type: GrantFiled: June 2, 2020Date of Patent: April 30, 2024Assignee: HITACHI, LTD.Inventors: Masayuki Yoshino, Ken Naganuma, Hisayoshi Sato
-
Publication number: 20230376802Abstract: An information processing apparatus that executes machine learning by a plurality of processing layers includes a processor and a memory, a normal region of the memory holds a parameter of the machine learning, an isolation region isolated from the normal region of the memory holds input data to an i-th layer included in the plurality of processing layers and a parameter of the machine learning, the processor determines whether there is a risk in executing processing of the i-th layer for the input data in the normal region based on a content of secret information of the input data in the isolation region, when determining that there is the risk, executes the processing of the i-th layer for the input data in the isolation region, and when determining that there is no risk, executes the processing of the i-th layer for the input data in the normal region.Type: ApplicationFiled: November 22, 2021Publication date: November 23, 2023Inventors: Keisei FUJIWARA, Hisayoshi SATO
-
Patent number: 11811741Abstract: A first terminal holds first encrypted data encrypted by using a first key by a first encryption scheme having deterministic and commutativity, a second terminal holds second encrypted data encrypted by using a second key by the first encryption scheme, the first terminal transmits the first encrypted data to the second terminal, the second terminal transmits the second encrypted data to the first terminal, the first terminal generates third encrypted data by encrypting the second encrypted data by using the first key by the first encryption scheme, the third encrypted data is transmitted to the second terminal, the second terminal decrypts the third encrypted data with the second key, and calculates a common part between the second encrypted data and the decrypted third encrypted data, and transmits the common part to the first terminal, and the first terminal decrypts the common part with the first key.Type: GrantFiled: September 3, 2021Date of Patent: November 7, 2023Assignee: Hitachi, Ltd.Inventors: Hisayoshi Sato, Masayuki Yoshino
-
Publication number: 20230283466Abstract: An connection apparatus receives a purchase desire notification including a public key from another connection apparatus via a blockchain network and transmits an encrypted content key acquired by encrypting a content key using the public key to the other connection apparatus via the blockchain network. The other connection apparatus transmits the purchase desire notification to the one connection apparatus and transmits transmission source information representing a transfer destination of the content to the blockchain network. In addition, the other connection apparatus decrypts the encrypted content key from the one connection apparatus using the stored secret key. In a case in which the encrypted content key is received, the blockchain network changes an owner represented in owner management information to the transfer destination.Type: ApplicationFiled: October 6, 2022Publication date: September 7, 2023Applicant: Hitachi Solutions, Ltd.Inventors: Takayuki SUZUKI, Hisayoshi SATO
-
Patent number: 11475121Abstract: In the confidential information processing server, when the processing query execution unit receives a processing request, the TEE trusted part processing unit generates a confidential extraction query for extracting data that matches with a condition of a processing target in the processing request by confidential extraction based on the processing request and an encryption key that can be used only in a TEE trusted part, the confidential extraction processing unit instructs execution of the confidential extraction query so as to extract encrypted data of the processing target while the data is kept encrypted from the encryption DB unit, the TEE trusted part processing unit decrypts the encrypted data of the processing target extracted by the confidential extraction processing unit with an encryption key, and executes data processing requested by the processing request, and the processing query execution unit returns an execution result of the data processing to a transmission source of the processing requesType: GrantFiled: August 28, 2020Date of Patent: October 18, 2022Assignee: Hitachi, Ltd.Inventors: Keisei Fujiwara, Hisayoshi Sato
-
Patent number: 11295635Abstract: Provided is a data processing system having a processor and a storage apparatus coupled to the processor, wherein: the storage apparatus holds a plurality of encrypted data that are generated by encrypting a plurality of plain text data, and a plurality of encrypted queries for retrieving the plurality of encrypted data directly in an encrypted state; and the processor retrieves each of the encrypted data using each of the encrypted queries and thereby calculates the number of appearances of encrypted data that are retrieved using each of the encrypted queries, changes at least two of the plurality of encrypted data on the basis of the number of appearances of encrypted data that are retrieved using each of the encrypted queries so that predetermined anonymity is satisfied, and outputs a plurality of encrypted data.Type: GrantFiled: December 14, 2015Date of Patent: April 5, 2022Assignee: HITACHI, LTD.Inventors: Masayuki Yoshino, Hisayoshi Sato, Ken Naganuma
-
Publication number: 20220103534Abstract: A first terminal holds first encrypted data encrypted by using a first key by a first encryption scheme having deterministic and commutativity, a second terminal holds second encrypted data encrypted by using a second key by the first encryption scheme, the first terminal transmits the first encrypted data to the second terminal, the second terminal transmits the second encrypted data to the first terminal, the first terminal generates third encrypted data by encrypting the second encrypted data by using the first key by the first encryption scheme, the third encrypted data is transmitted to the second terminal, the second terminal decrypts the third encrypted data with the second key, and calculates a common part between the second encrypted data and the decrypted third encrypted data, and transmits the common part to the first terminal, and the first terminal decrypts the common part with the first key.Type: ApplicationFiled: September 3, 2021Publication date: March 31, 2022Inventors: Hisayoshi SATO, Masayuki YOSHINO
-
Patent number: 11290277Abstract: Provided is a data processing system in which data are uploaded from a user terminal A to data storage server, and data are accessed from a user terminal B. User terminal A and B have a key KA and KB, respectively. Data storage server has a replacement key KA?B. User terminal A generates an authenticator tag with data M and temporary key R, generated by user terminal A, and generates a key k with temporary key R and key KA. User terminal A transmits data M, key k, and authenticator tag to the data storage server. Data storage server generates a key k? from key k and replacement key KA?B, and transmits data M, key k?, and the message authenticator tag to user terminal B. User terminal B generates temporary key R with key k? and key KB and generates an authenticator tag? to compare with the received authenticator tag.Type: GrantFiled: February 18, 2016Date of Patent: March 29, 2022Assignee: HITACHI, LTD.Inventor: Hisayoshi Sato
-
Patent number: 11184163Abstract: A value comparison server holds a first secret key and a plurality of tags corresponding to values, each of the plurality of tags is a ciphertext obtained by encrypting each of the values with an additive-homomorphic encryption scheme by using secret keys including the first secret key and a first parameter, a plaintext space has remainder operation with a natural number as modulo in the encryption scheme, and the value comparison server generates a value used for comparing two values corresponding to two tags included in the plurality of tags from the first secret key and the two tags by using the additive homomorphism; and determines which of the two values is greater or equal, on the basis of whether a discrete logarithm of the generated value to the first parameter can be calculated within a value of a predetermined range.Type: GrantFiled: May 15, 2019Date of Patent: November 23, 2021Assignee: HITACHI, LTD.Inventors: Hisayoshi Sato, Masayuki Yoshino, Ken Naganuma
-
Patent number: 11120143Abstract: A data analysis server holds base-point-added information, wherein the base-point-added information includes a value of an explanatory variable encrypted by first high-performance encryption, a value of a response variable encrypted by a predetermined encryption scheme, and a base point based on frequencies of the value of the explanatory variable in information for learning are associated with one another, wherein the data analysis server: executes decision tree generation processing for generating a decision tree having a leaf node associated with the value of the response variable encrypted by the predetermined encryption scheme, which is included in the base-point-added information; and execute branching rule determine processing in decision tree generation processing without decrypting the value of the explanatory variable and the base point corresponding.Type: GrantFiled: April 9, 2019Date of Patent: September 14, 2021Assignee: HITACHI, LTD.Inventors: Masayuki Yoshino, Hisayoshi Sato, Ken Naganuma, Takayuki Suzuki
-
Publication number: 20210194694Abstract: Provided is a data processing system in which data are uploaded from a user terminal A to data storage server, and data are accessed from a user terminal B. User terminal A and B have a key KA and KB, respectively. Data storage server has a replacement key KA?B. User terminal A generates an authenticator tag with data M and temporary key R, generated by user terminal A, and generates a key k with temporary key R and key KA. User terminal A transmits data M, key k, and authenticator tag to the data storage server. Data storage server generates a key k? from key k and replacement key KA?B, and transmits data M, key k?, and the message authenticator tag to user terminal B. User terminal B generates temporary key R with key k? and key KB and generates an authenticator tag? to compare with the received authenticator tag.Type: ApplicationFiled: February 18, 2016Publication date: June 24, 2021Applicant: HITACHI, LTD.Inventor: Hisayoshi Sato
-
Publication number: 20210064741Abstract: In the confidential information processing server, when the processing query execution unit receives a processing request, the TEE trusted part processing unit generates a confidential extraction query for extracting data that matches with a condition of a processing target in the processing request by confidential extraction based on the processing request and an encryption key that can be used only in a TEE trusted part, the confidential extraction processing unit instructs execution of the confidential extraction query so as to extract encrypted data of the processing target while the data is kept encrypted from the encryption DB unit, the TEE trusted part processing unit decrypts the encrypted data of the processing target extracted by the confidential extraction processing unit with an encryption key, and executes data processing requested by the processing request, and the processing query execution unit returns an execution result of the data processing to a transmission source of the processing requesType: ApplicationFiled: August 28, 2020Publication date: March 4, 2021Inventors: Keisei FUJIWARA, Hisayoshi SATO
-
Publication number: 20200401706Abstract: A data comparison device holds first and second encrypted data of first and second plaintext, respectively. The first plaintext is divided into a plurality of blocks and the first encrypted data is generated by executing encryption of each of the plurality of blocks and shuffling of the plurality of blocks. The second plaintext is divided into a plurality of blocks and the second encrypted data is generated by executing encryption of each of the plurality of blocks. In at least one of the first encrypted data and the second encrypted data, a plaintext value is embedded as a value indicating a magnitude comparison result, and the data comparison device compares blocks at the same position before shuffling of the first encrypted data and the second encrypted data based on the embedded value and determines a magnitude relationship between the first plaintext and the second plaintext.Type: ApplicationFiled: June 2, 2020Publication date: December 24, 2020Inventors: Masayuki YOSHINO, Ken NAGANUMA, Hisayoshi SATO
-
Patent number: 10733317Abstract: In this searchable encryption processing system in which a registered client and a management server are connected via a network, the registered client is provided with a registered client processing unit that generates, on the basis of the difference between a first secret key for encrypting plaintext data and a second secret key for newly encrypting the plaintext data, a difference key mask for updating, by using the second secret key, confidential data encrypted by the first secret key.Type: GrantFiled: August 19, 2016Date of Patent: August 4, 2020Assignee: HITACHI, LTD.Inventors: Masayuki Yoshino, Hisayoshi Sato
-
Publication number: 20190363878Abstract: A value comparison server holds a first secret key and a plurality of tags corresponding to values, each of the plurality of tags is a ciphertext obtained by encrypting each of the values with an additive-homomorphic encryption scheme by using secret keys including the first secret key and a first parameter, a plaintext space has remainder operation with a natural number as modulo in the encryption scheme, and the value comparison server generates a value used for comparing two values corresponding to two tags included in the plurality of tags from the first secret key and the two tags by using the additive homomorphism; and determines which of the two values is greater or equal, on the basis of whether a discrete logarithm of the generated value to the first parameter can be calculated within a value of a predetermined range.Type: ApplicationFiled: May 15, 2019Publication date: November 28, 2019Applicant: HITACHI, LTD.Inventors: Hisayoshi SATO, Masayuki YOSHINO, Ken NAGANUMA
-
Patent number: 10489604Abstract: A searchable encryption processing system includes a server including: a communication device to communicate with another device; a storage device configured to store as search target data, secret data obtained by concealing plaintext data, and a secret index obtained by concealing a plaintext index to classify the plaintext data; and an arithmetic device to execute a process including receiving, from a search client, a secret data query obtained by concealing a plaintext query, and a secret index query obtained by concealing a plaintext index, searching the storage device for a secret index matching the secret index query based on a predetermined searchable encryption technique, searching a secret data group classified by the matching secret index for secret data matching the secret data query, and returning the searched secret data to the search client.Type: GrantFiled: January 14, 2015Date of Patent: November 26, 2019Assignee: HITACHI, LTD.Inventors: Masayuki Yoshino, Hisayoshi Sato, Ken Naganuma, Yoshinori Sato
-
Publication number: 20190318104Abstract: A data analysis server holds base-point-added information, wherein the base-point-added information includes a value of an explanatory variable encrypted by first high-performance encryption, a value of a response variable encrypted by a predetermined encryption scheme, and a base point based on frequencies of the value of the explanatory variable in information for learning are associated with one another, wherein the data analysis server: executes decision tree generation processing for generating a decision tree having a leaf node associated with the value of the response variable encrypted by the predetermined encryption scheme, which is included in the base-point-added information; and execute branching rule determine processing in decision tree generation processing without decrypting the value of the explanatory variable and the base point corresponding.Type: ApplicationFiled: April 9, 2019Publication date: October 17, 2019Inventors: Masayuki YOSHINO, Hisayoshi SATO, Ken NAGANUMA, Takayuki SUZUKI
-
Publication number: 20190260715Abstract: A computer system includes a plurality of processing nodes constituting a blockchain network and a connection apparatus connecting to the blockchain network. The processing node holds information. The connection apparatus includes a connection processing unit that transmits a transaction to the processing node. The connection processing unit includes an encryption processing unit that generates searchable ciphertext from a keyword based on a probabilistic encryption method. The encryption processing unit generates, from the keyword, the searchable ciphertext to be used as an address indicating a transmission source or a transmission destination of the transaction, and generates the transaction including the searchable ciphertext.Type: ApplicationFiled: February 15, 2019Publication date: August 22, 2019Inventors: Takayuki SUZUKI, Toshirou YAMAYOSHI, Hisayoshi SATO, Masayuki YOSHINO, Ken NAGANUMA, Dai WATANABE
-
Publication number: 20190228413Abstract: This auditing equipment includes a processor and a memory. The processor accepts a first transaction including information pertaining to a remittance source, an electronic value, and a cipher text, accepts a second transaction including information pertaining to a remittance destination, the electronic value, and a first preimage value, calculates a first plain text using a prescribed parameter and the first preimage value in the second transaction, calculates a second plain text by decrypting the cipher text in the first transaction, compares the first plain text to the second plain text, and associates the information pertaining to the remittance source in the first transaction with the information pertaining to the remittance destination in the second transaction if the first plain text matches the second plain text.Type: ApplicationFiled: March 22, 2017Publication date: July 25, 2019Inventors: Ken NAGANUMA, Hisayoshi SATO
-
Publication number: 20190147770Abstract: Provided is a data processing system having a processor and a storage apparatus coupled to the processor, wherein: the storage apparatus holds a plurality of encrypted data that are generated by encrypting a plurality of plain text data, and a plurality of encrypted queries for retrieving the plurality of encrypted data directly in an encrypted state; and the processor retrieves each of the encrypted data using each of the encrypted queries and thereby calculates the number of appearances of encrypted data that are retrieved using each of the encrypted queries, changes at least two of the plurality of encrypted data on the basis of the number of appearances of encrypted data that are retrieved using each of the encrypted queries so that predetermined anonymity is satisfied, and outputs a plurality of encrypted data.Type: ApplicationFiled: December 14, 2015Publication date: May 16, 2019Inventors: Masayuki YOSHINO, Hisayoshi SATO, Ken NAGANUMA