Abstract: A cryptocurrency system that enables to verify the origin of a cryptocurrency is provided. A cryptocurrency system includes: at least one terminal; and a plurality of management servers configured to manage a blockchain storing a trading history in a cryptocurrency. The at least one terminal includes a trading control section, and a transmission section. The trading control section is configured to generate a transaction including a first signature for a trading content and a second signature enabling to verify a validity of a remittance source address described in the trading content. The transmission section is configured to transmit the generated transaction to the plurality of management servers.

Abstract: A cryptocurrency system that enables to verify the origin of a cryptocurrency is provided. A cryptocurrency system includes: at least one terminal; and a plurality of management servers configured to manage a blockchain storing a trading history in a cryptocurrency. The at least one terminal includes a trading control section, and a transmission section. The trading control section is configured to generate a transaction including a first signature for a trading content and a second signature enabling to verify a validity of a remittance source address described in the trading content. The transmission section is configured to transmit the generated transaction to the plurality of management servers.

Abstract: A system includes a plurality of nodes, an individual one of which transmits data to which a group signature is attached, and a plurality of management servers that are directly connected to each other. An individual one of the plurality of management servers includes a ledger for managing data received from the nodes. Addition of data to the ledger of at least one of the plurality of management servers is reflected on the ledgers of the other management servers.

Abstract: An electronic transaction system includes a plurality of administration servers, a terminal, a transaction server. The plurality of administration servers provides an electronic bulletin board. The terminal writes bid data including an encrypted price to the electronic bulletin board. The transaction server gets the written bid data, decrypts the encrypted price, executes transaction using the decrypted price by Zaraba scheme.

Abstract: In an electronic bidding system and method, it is unnecessary to disclose to bidders a list of public keys matched to bid prices, and in which price secrecy may be proved. In a function of encryption of a bidding device 300, a public key is generated using a bid price and an IBE public key, based on an ID-Based Encryption (IBE) system having a bid value as an ID. IBE public key is obtained on combining a plurality of partial public keys matched to partial secret keys generated by a plural number of partial bid opening devices based on a combination condition enabling group decryption. A preset message for bidding is then encrypted. In a function of decryption of a bid opening device 400, a number of partial bid opening devices, which is in keeping with a satisfying number of the group decryption, perform calculations for decryption for winning bid value candidates, beginning from such candidate, the allowable bid value closest to the bid closing condition.

Abstract: A system includes a plurality of nodes, an individual one of which transmits data to which a group signature is attached, and a plurality of management servers that are directly connected to each other. An individual one of the plurality of management servers includes a ledger for managing data received from the nodes. Addition of data to the ledger of at least one of the plurality of management servers is reflected on the ledgers of the other management servers.

Abstract: Each participant apparatus (103) encrypts a plaintext by using a secret key of secret key cryptography, encrypts the encryption key by a public key, and sends the plaintext and public key to a substitution/decryption apparatus (112). With this processing, the limitation on the length of a ciphertext to be processed can be eliminated. In this invention, a verifiable proof text using a public key by each substitution/decryption apparatus is verified by a verification apparatus (109) by using the public key. If one of a plurality of organizations to decrypt and shuffle ciphertexts has not correctly executed the operation, a third party can specify it and prove that the specified organization is unauthorized.

Abstract: Each participant apparatus (103) encrypts a plaintext by using a secret key of secret key cryptography, encrypts the encryption key by a public key, and sends the plaintext and public key to a substitution/decryption apparatus (112). With this processing, the limitation on the length of a ciphertext to be processed can be eliminated. In this invention, a verifiable proof text using a public key by each substitution/decryption apparatus is verified by a verification apparatus (109) by using the public key. If one of a plurality of organizations to decrypt and shuffle ciphertexts has not correctly executed the operation, a third party can specify it and prove that the specified organization is unauthorized.

Abstract: Each participant apparatus (103) encrypts a plaintext by using a secret key of secret key cryptography, encrypts the encryption key by a public key, and sends the plaintext and public key to a substitution/decryption apparatus (112). With this processing, the limitation on the length of a ciphertext to be processed can be eliminated. In this invention, a verifiable proof text using a public key by each substitution/decryption apparatus is verified by a verification apparatus (109) by using the public key. If one of a plurality of organizations to decrypt and shuffle ciphertexts has not correctly executed the operation, a third party can specify it and prove that the specified organization is unauthorized.

Abstract: Each participant apparatus (103) encrypts a plaintext by using a secret key of secret key cryptography, encrypts the encryption key by a public key, and sends the plaintext and public key to a substitution/decryption apparatus (112). With this processing, the limitation on the length of a ciphertext to be processed can be eliminated. In this invention, a verifiable proof text using a public key by each substitution/decryption apparatus is verified by a verification apparatus (109) by using the public key. If one of a plurality of organizations to decrypt and shuffle ciphertexts has not correctly executed the operation, a third party can specify it and prove that the specified organization is unauthorized.

Abstract: Each participant apparatus (103) encrypts a plaintext by using a secret key of secret key cryptography, encrypts the encryption key by a public key, and sends the plaintext and public key to a substitution/decryption apparatus (112). With this processing, the limitation on the length of a ciphertext to be processed can be eliminated. In this invention, a verifiable proof text using a public key by each substitution/decryption apparatus is verified by a verification apparatus (109) by using the public key. If one of a plurality of organizations to decrypt and shuffle ciphertexts has not correctly executed the operation, a third party can specify it and prove that the specified organization is unauthorized.

Abstract: Each participant apparatus (103) encrypts a plaintext by using a secret key of secret key cryptography, encrypts the encryption key by a public key, and sends the plaintext and public key to a substitution/decryption apparatus (112). With this processing, the limitation on the length of a ciphertext to be processed can be eliminated. In this invention, a verifiable proof text using a public key by each substitution/decryption apparatus is verified by a verification apparatus (109) by using the public key. If one of a plurality of organizations to decrypt and shuffle ciphertexts has not correctly executed the operation, a third party can specify it and prove that the specified organization is unauthorized.

Abstract: A voting server transmits a list of plaintext and encrypted voting data obtained by encrypting the plaintext to a voter terminal, and the voter terminal a selected encrypted candidate name corresponding to the plaintext elected by the voter to an encryption server. The encryption server returns encrypted voting data obtained by re-encrypting the encrypted candidate name to the voter terminal, and the voter terminal transmits the encrypted voting data received from the encryption server for voting. Decryption of the encrypted voting data is performed by an anonymous decryption system. The voter terminal certifies the voter to an authentication server, and affixes a digital signature to the encrypted voting data based on a common-key authentication base, transmitting the same to the voting server.

Abstract: Each participant apparatus (103) encrypts a plaintext by using a secret key of secret key cryptography, encrypts the encryption key by a public key, and sends the plaintext and public key to a substitution/decryption apparatus (112). With this processing, the limitation on the length of a ciphertext to be processed can be eliminated. In this invention, a verifiable proof text using a public key by each substitution/decryption apparatus is verified by a verification apparatus (109) by using the public key. If one of a plurality of organizations to decrypt and shuffle ciphertexts has not correctly executed the operation, a third party can specify it and prove that the specified organization is unauthorized.

Abstract: When an entrustor entrusts an outsourcer with the supply of a service for members, member information managed by the entrustor is kept secret from the outsourcer, and users can receive the service without communicating with the entrustor. For using the service, user apparatus 3 sends group signature data to outsourcer apparatus 2. Outsourcer apparatus 2 authenticates the group signature data using public information of entrustor apparatus 1. When the group signature data passes the authentication, confirming that user apparatus 3 is a member of entrustor apparatus 1, outsourcer apparatus 2 provides the service to user apparatus 3.

Abstract: In an electronic bidding system and method, it is unnecessary to disclose to bidders a list of public keys matched to bid prices, and in which price secrecy may be proved. In a function of encryption of a bidding device 300, a public key is generated using a bid price and an IBE public key, based on an ID-Based Encryption (IBE) system having a bid value as an ID. IBE public key is obtained on combining a plurality of partial public keys matched to partial secret keys generated by a plural number of partial bid opening devices based on a combination condition enabling group decryption. A preset message for bidding is then encrypted. In a function of decryption of a bid opening device 400, a number of partial bid opening devices, which is in keeping with a satisfying number of the group decryption, perform calculations for decryption for winning bid value candidates, beginning from such candidate, the allowable bid value closest to the bid closing condition.

Abstract: An RSA signature method is provided in which the length of a signature does not depend on the number of signature devices when multiple signature devices are related to the creation of the signature. A signature device i_{m} includes first conversion means SS1B105 that performs no operation if a received signed text u_{i_{m?1}} exceeds a modulus n_{i_{m}} and, if not, adds an RSA-method-based signature; bijective conversion means S1B106 that multiplies the result by a function that maps the result to a value larger by the modulus n_{i_{m}}; second conversion means S1B107 that performs no operation if the operation result exceeds the modulus n_{i_{m}} and, if not, adds an RSA-method-based signature; and output means S1B109 that outputs the operation result as the signed text u_{i_{m}}.

Abstract: A anonymous decryption system, the management of which is facilitated and initialization of which is readily and reliably carried out. A shuffling management center (10) transmits a security parameter and common public information generated on the basis of the security parameter to decryption shuffle centers (20-1 to 20-m). The decryption shuffle centers (20-1 to 20-m) generate public keys and decryption keys and returns the public keys to the shuffling management center (10). The shuffling management center combines the returned public key to generate an encryption public key and make the encryption key public. The shuffling management center (10) repeats transfer of encrypted data list to the decryption shuffle center (20-j) having the j-th processing priority when it decrypts the encrypted data list, transfer of a received data list of which a order-switching process and a partial decryption process are carried out to the next decryption shuffle center (20-(j+1)).

Abstract: For group signature data capable of keeping anonymity, it is possible to efficiently determine whether the user having created the group signature data is a valid member of the group. When a message and group signature data are received, the verification unit 3 authenticates the data and inquires, of the member status response unit 4, whether the user of the signature unit 2 having created the group signature data is a valid member of the group. In response to the inquiry, the response unit 4 determines the member status of the user having created the group signature data, according to a member revocation list notified from the group management unit 1. The response unit 4 then transmits a judge result of the member status to the verification unit 3.

Abstract: A voting server transmits a list of plaintext and encrypted voting data obtained by encrypting the plaintext to a voter terminal, and the voter terminal a selected encrypted candidate name corresponding to the plaintext elected by the voter to an encryption server. The encryption server returns encrypted voting data obtained by re-encrypting the encrypted candidate name to the voter terminal, and the voter terminal transmits the encrypted voting data received from the encryption server for voting. Decryption of the encrypted voting data is performed by an anonymous decryption system. The voter terminal certifies the voter to an authentication server, and affixes a digital signature to the encrypted voting data based on a common-key authentication base, transmitting the same to the voting server.