Abstract: A server device 201 comprises a communication part 231, a search history storage region 213, a data storage part 210, and a checking part 220. The communication part receives a set of a trapdoor and a deterministic encrypted keyword from a search device 401. The search history storage region 213 stores the set of the trapdoor and the deterministic encrypted keyword. The data storage part 210 stores keyword information in which search target data and an encrypted keyword are associated with each other. If the deterministic encrypted keyword is obvious, a deterministic encrypted keyword corresponding to the encrypted keyword is additionally associated with the search target data and the encrypted keyword in the keyword information. The checking part 220 checks whether or not a deterministic encrypted keyword which matches the received deterministic encrypted keyword exists in the search history storage region 213.

Abstract: A device and method enhancing security of encrypted data by dividing a decrypting process of an attribute-based encryption scheme into plural stages. A KEM key partly decrypting part generates an r-KEM key mask value including a random number element, by performing a decrypting process for an encrypted KEM key being a common key encrypted using an attribute conditional expression, using an r-user secret key obtained by including the random number element into a user secret key generated in accordance with the attribute-based encryption scheme. A random number element removal requesting part requests an IC card to remove the random number element from the r-KEM key mask value, and acquires a KEM key mask value from the IC card. A mask removing part generates a KEM key using the KEM key mask value. A data decrypting part decrypts an encrypted data main body into target data using the KEM key.

Abstract: An access terminal apparatus provides a group determination key being a decryption key to a data center apparatus previously, and then transmits grouping information generated from a keyword of storage target data and having been encrypted to the data center apparatus, with encrypted data of the storage target data and tag data of the encrypted data of the storage target data. The data center apparatus stores the encrypted data relating it to the tag data, decrypts a part of the grouping information with the group determination key, derives an index value from a bit value obtained by the decryption, and stores the derived index value and the tag data relating them with each other.

Abstract: A public parameter PK is key information used in a secret search system having: a transmission device generating and sending an encryption tag which is an encrypted keyword; a server receiving and storing the encryption tag and conducting a secret search in response to a request for the secret search; and a reception device generating a trapdoor which corresponds to a digital signature of the keyword and as well data requesting the secret search, sending the trapdoor to the server, and receiving a search result. The public parameter PK includes a true public parameter PP and a protection key PK?. The transmission device and the reception device require both the true public parameter PP and the protection key PK?; however, the server does not require the protection key PK?. The key generation device generates separately the true public parameter PP and the protection key PK? included in the public parameter PK.

Abstract: A certification device 101 encrypts a feature vector for registration by using a random number and a public key which is set to correspond to a secret key in a decryption device 103. The encrypted feature vector for registration is registered in an authentication device 102. In authentication, the certification device encrypts a feature vector for authentication by using the public key and a random number. With the two encrypted feature vectors being kept encrypted, the authentication device generates encrypted similarity degree information from which the decryption device can derive the similarity degree between the two feature vectors by a decryption process using the secret key. The decryption device 103 decrypts the encrypted similarity degree information to derive the similarity degree of the plaintext. The authentication device 102, if the similarity degree is equal to or larger than a threshold, determines that the user is the correct user.

Abstract: A data search server stores a system ciphertext including a data ciphertext and a keyword ciphertext in each category-specific DB unit for each data category, and stores each category-determination secret key being associated with each category-specific DB unit. A search request receiving unit receives from a data search terminal a search request including a search trapdoor and an index tag. A data searching unit searches for a category-determination secret key with which the index tag is decrypted to the same value as a key-determination value. Using the search trapdoor, the data searching unit performs a search of a Public-key Encryption with Keyword Search scheme on system ciphertexts in a category-specific DB unit associated with this category-determination secret key. A search result transmitting unit transmits to the data search terminal a data ciphertext included in a system ciphertext which has been found as a hit in the search.

Abstract: A storage part stores a public key generated based on a doubly homomorphic encryption algorithm and data encrypted by using the public key as a template to be used for authentication. A random number generating part generates a random number using at least a part of the public key in the storage part. A template updating part performs an arithmetic operation using the random number generated by the random number generating part and updates the template. The storage part stores the updated template by overwriting the template before being updated.

Abstract: A confidential search that can flexibly control searchable data depending on a role or authority of a user when the data is shared in a group. When the inner product of an attribute vector and a predicate vector is a predetermined value, the confidential search system conducts pairing computation of decrypted data generated based on the attribute vector and a decryption key generated based on the predicate vector, so as to realize confidential search by utilizing an inner-product predicate encryption process that can decrypt the encrypted data. In particular, the confidential search system enables flexible control of searchable data depending on the role or authority of the user, by devising a method of generating the attribute vector and the predicate vector.

Abstract: A searchable encryption resistant to frequency analysis. A conversion rule management device generates a conversion rule table associating a search keyword with a conversion keyword group. Based on the conversion rule table, a data registration device generates registration data associating encrypted data with an encrypted keyword, and registers the registration data in a server device. An information processing device obtains from the conversion rule table a conversion keyword group associated with a specified search keyword, generates an encrypted keyword group, and requests a data search by specifying the encrypted keyword group. Using as a search key an encrypted keyword included in the encrypted keyword group, the server device searches for encrypted data associated with the search key, and returns searched encrypted data. The information processing device decrypts the searched encrypted data, and outputs as a search result search data obtained by decryption.

Abstract: Based on an encrypted feature vector (comparison ciphertext) encrypted with a public key of a decryption apparatus and an encrypted feature vector (target ciphertext) encrypted with the public key of the decryption apparatus, and a random number (temporary key) generated by a random number generation unit (temporary key generation unit), an encrypted random similarity degree calculation unit (interim similarity degree ciphertext calculation unit) performs calculation for calculating a similarity degree in a first stage, with two encrypted feature vectors kept encrypted, thereby calculating a second challenge. The decryption apparatus decrypts the second challenge with a secret key sk of the decryption apparatus, and performs calculation for calculating the similarity degree in a second stage with a result of the decryption kept encrypted with the temporary key, thereby calculating a second response.

Abstract: In a wildcard-applicable anonymous hierarchical identity-based encryption system, it is aimed to make the number of pairing operations a fixed number. A user identifier ID and a pattern P are used. The user identifier ID includes k number of hierarchy identifiers. The pattern P includes either of a hierarchy identifier, a wildcard value and a blank value for each hierarchy. An encryption device 400 extracts a key value H corresponding to a hierarchy of the wildcard value and a key value H corresponding to a hierarchy of a pattern value from a public key PK, calculates a cipher value C1 and a cipher value C3, and outputs ciphertext data CT including plaintext cipher value C0, the cipher value C1, and the cipher value C3.

Abstract: An access terminal apparatus provides a group determination key being a decryption key to a data center apparatus previously, and then transmits grouping information generated from a keyword of storage target data and having been encrypted to the data center apparatus, with encrypted data of the storage target data and tag data of the encrypted data of the storage target data. The data center apparatus stores the encrypted data relating it to the tag data, decrypts a part of the grouping information with the group determination key, derives an index value from a bit value obtained by the decryption, and stores the derived index value and the tag data relating them with each other.

Abstract: Secret key backup is safely implemented even if a role base access structure in which the access structure is specified using roles is used. An all combination generating unit 107 obtains a backup participating user list 201 which is a list of backup participating users and a list of validated roles validated by the users, and a role base access structure 202 which is a combination of specified roles by which a secret key 205 can be restored, and generates an all combination extracted result which is all combinations of restoration enabling users of the secret key by applying users described in the backup participating user list 201 to the specified role. A same user/role deleting unit 108, etc. deletes a combination showing the same user redundantly, etc.

Abstract: In a secure search system to be used by a plurality of users, the size of a ciphertext is reduced and the need to generate a new ciphertext when a new user is added is eliminated. A public parameter generation device 100 generates a pair of a public parameter and a master secret key. Using the public parameter, an encryption device 400 encrypts a keyword and generates a ciphertext. Using the master secret key, a user secret key generation device 200 generates a user secret key of a query issuing device 300. Using the user secret key, the query issuing device 300 generates a query for searching for the keyword. Based on the ciphertext and the query, a search device 500 determines whether a hit is obtained for searching.

Abstract: A confidential search that can flexibly control searchable data depending on a role or authority of a user when the data is shared in a group. When the inner product of an attribute vector and a predicate vector is a predetermined value, the confidential search system conducts pairing computation of decrypted data generated based on the attribute vector and a decryption key generated based on the predicate vector, so as to realize confidential search by utilizing an inner-product predicate encryption process that can decrypt the encrypted data. In particular, the confidential search system enables flexible control of searchable data depending on the role or authority of the user, by devising a method of generating the attribute vector and the predicate vector.

Abstract: A tamper resistant apparatus 101 is mounted inside of a PC 900 and stores confidential information A through C. The tamper resistant apparatus 101 receives data from an application 118 which operates on the PC 900, processes the data using the confidential information A through C, and returns processed data to the application 118. To the tamper resistant apparatus 101, plural external sensors 110 provided to the PC 900 are connected. The plural external sensors 110 detect opening/closing of a case of the PC 900 or movement of the body of the PC 900 and send a detection signal to the tamper resistant apparatus 101. On inputting the detection signal from the plural external sensors 110, the tamper resistant apparatus 101 selects and erases confidential information to be erased from the confidential information A through C according to the tamper resistant policy stored previously.

Abstract: A certification device 101 encrypts a feature vector for registration by using a random number and a public key which is set to correspond to a secret key in a decryption device 103. The encrypted feature vector for registration is registered in an authentication device 102. In authentication, the certification device encrypts a feature vector for authentication by using the public key and a random number. With the two encrypted feature vectors being kept encrypted, the authentication device generates encrypted similarity degree information from which the decryption device can derive the similarity degree between the two feature vectors by a decryption process using the secret key. The decryption device 103 decrypts the encrypted similarity degree information to derive the similarity degree of the plaintext. The authentication device 102, if the similarity degree is equal to or larger than a threshold, determines that the user is the correct user.

Abstract: Secret key backup is safely implemented even if a role base access structure in which the access structure is specified using roles is used. An all combination generating unit 107 obtains a backup participating user list 201 which is a list of backup participating users and a list of validated roles validated by the users, and a role base access structure 202 which is a combination of specified roles by which a secret key 205 can be restored, and generates an all combination extracted result which is all combinations of restoration enabling users of the secret key by applying users described in the backup participating user list 201 to the specified role. A same user/role deleting unit 108, etc. deletes a combination showing the same user redundantly, etc.

Abstract: A manufacturing method includes wiring an electrical cable in a metallic mold, pouring molten resin into the metallic mold and solidifying the molten resin in the metallic mold to produce a wiring body module. The electrical cable is embedded in the solidified resin. The method further includes mounting an electrical component on the wiring body module.

Abstract: A tamper resistant apparatus 101 is mounted inside of a PC 900 and stores confidential information A through C. The tamper resistant apparatus 101 receives data from an application 118 which operates on the PC 900, processes the data using the confidential information A through C, and returns processed data to the application 118. To the tamper resistant apparatus 101, plural external sensors 110 provided to the PC 900 are connected. The plural external sensors 110 detect opening/closing of a case of the PC 900 or movement of the body of the PC 900 and send a detection signal to the tamper resistant apparatus 101. On inputting the detection signal from the plural external sensors 110, the tamper resistant apparatus 101 selects and erases confidential information to be erased from the confidential information A through C according to the tamper resistant policy stored previously.