Abstract: An authentication system is provided with: a first input unit and a second input unit into which authentication information can be input; a first computing unit which performs computation on the basis of the authentication information input into the first input unit and a communication counterpart-side authentication parameter registered in a communication counterpart; a second computing unit which performs computation on the basis of the authentication information input into the second input unit and a portable terminal-side authentication parameter registered in a portable terminal; and authentication units which, if the authentication information has been input into the first or the second input unit, perform authentication on the basis of the result of computation by corresponding computing unit and the portable terminal-side authentication parameter.

Abstract: An authentication system is provided with: a first input unit and a second input unit into which authentication information can be input; a first computing unit which performs computation on the basis of the authentication information input into the first input unit and a communication counterpart-side authentication parameter registered in a communication counterpart; a second computing unit which performs computation on the basis of the authentication information input into the second input unit and a portable terminal-side authentication parameter registered in a portable terminal; and authentication units which, if the authentication information has been input into the first or the second input unit, perform authentication on the basis of the result of computation by corresponding computing unit and the portable terminal-side authentication parameter.

Abstract: A method and a program capable of controlling an error rate of device-specific information are provided.

Abstract: A method and a program capable of controlling an error rate of device-specific information are provided.

Abstract: A security enhancement apparatus is provided which is capable of preventing infection by malware that requires writing of important files of the OS or system, by protecting the important files from writing if data protection is implemented in units of files. The security enhancement apparatus relays IO of a PC, control device, or the like. A hard disk, USB device, display, or the like is connected via the security enhance apparatus. As for data protection in a storage, data is handled not only in units of sectors but also in units of files. The apparatus directly performs secure data transfer or display, setting/input therefor, or the like, thereby being able to correctly make an alert or inquiry to the user even in the case where a vulnerability of the OS or application program is attacked and control of the PC or control device is taken by an unauthorized program. Also, during communication, the security enhancement apparatus can authenticate a communication-partner device and encrypt communication content.

Abstract: A transmission device including: copy unit that extracts part or all of partial contents, as tracking information, from a content, and copies the extracted tracking information, thereby generating pieces of tracking information; candidate information obtaining unit that obtains pieces of candidate information respectively corresponding to the pieces of tracking information; evidence information obtaining unit that obtains evidence information generated dependently on a piece of candidate information selected by the reception device from among the pieces of candidate information; hash generating unit that generates hash values respectively in accordance with the pieces of candidate information; embed unit that embeds the hash values respectively into the pieces of tracking information, and embeds the evidence information into each piece of tracking information; and transmit unit that transmits each piece of tracking information in which a hash value and the evidence information have been embedded.

Abstract: A content distribution system for transferring contents between transmission device and reception device. The transmission device includes: key obtaining unit that obtains, from reception device, public keys and public key identifiers; watermark embedding unit that embeds a different public key identifier, as electronic watermark, into each of contents that are identical in substance; an encryption unit that encrypts contents using public keys to generate encrypted contents; and transmission unit that transmits encrypted contents to reception device. The reception device includes: key storage unit storing public keys, public key identifiers, and a private key that makes a pair with one of the public keys; key transmission unit that transmits public keys and public key identifiers to the transmission device; content receiving unit that receives encrypted contents from transmission device; and decryption unit that obtains a content from the received encrypted contents, using the private key.

Abstract: There is provided an authentication method which is secure against various attacks such as a KCI attack on a public network, and can reduce a required calculation amount compared to a conventional method. In this authentication method, a mutual authentication processing technique using Diffie-Hellman type key exchange is modified to compute a master secret Ks in a server by Ks=gy, where y is a random number (y?(Z/qZ)*) generated by the server. In this method, let (G,·) be a group of order q, g be a generator of that set G, and U, W?G. “·” is a binary operator on G.

Abstract: A management apparatus reduces the number of pieces of unique information each not generated from another piece of unique information, among unique information being bases of keys assigned to managed apparatuses. The management apparatus calculates, for nodes in layers other than tree structure leaves, subsets of apparatus identifiers subordinate to the nodes, searches for a subset wholly containing another subset in the lowermost layer other than a leaf layer from an immediately-upper layer and mutually associates these subsets, searches for another subset wholly containing the containing subset from a same or an immediately-upper layer and mutually associates these subsets, controls this processing to repeat up to the uppermost layer, controls these processings to repeat on all subsets in the lowermost layer, makes unique information correspond to subsets in the lowermost layer, and makes information derivatively obtained from the unique information correspond to subsets connected due to the associating.

Abstract: There is provided an authentication method which is secure against various attacks such as a KCI attack on a public network, and can reduce a required calculation amount compared to a conventional method. In this authentication method, a mutual authentication processing technique using Diffie-Hellman type key exchange is modified to compute a master secret Ks in a server by Ks=gy, where y is a random number (y?(Z/qZ)*) generated by the server. In this method, let (G,·) be a group of order q, g be a generator of that set G, and U, W?G. “·” is a binary operator on G.

Abstract: A copyright protection system is provided that keeps manufacturing costs down regardless of the total number of playback apparatuses belonging to the system. In this system, a device key generating unit of a key management apparatus performs a modular exponentiation operation on a random number with an inverse element of a product of predetermined prime numbers, so as to generate and distribute device keys to playback apparatuses in one-to-one correspondence. A key revocation data generating unit generates, as key revocation data, information identifying the prime numbers used by an unrevoked playback apparatus to generate a decryption key from its device key and distributes the key revocation data along with an encrypted content to each playback apparatus. Playback apparatuses each attempt to generate a description key based on the key revocation data, and only those playback apparatuses that have successfully generated a decryption key are able to decrypt the encrypted content.

Abstract: An authentication system for mutual authentication between a terminal and a server characterized by the fact that the terminal comprises a memory means that pre-stores an authentication information P? for terminal storage; a concatenation means that yields a value P using a specific calculation formula with the input of the authentication information P? read from the memory means and a password entered for authentication; a mask operation means that yields a value Y1 using a specific calculation formula with the input of value P and an internally generated random number, and then sends Y1 to the server; and a master key generation means that yields a value MK using a specific calculation formula with the input of value P, an internally generated random number and a value Y2 received from the server, and the server comprises a memory means that pre-stores a password verification data H for server registration; a mask operation means that yields a value Y2 using a specific calculation formula with the input of

Abstract: An unauthorized apparatus detection device detecting clones of a playback device. In a management server, a reception processing unit acquires a user terminal identifier and a first random number of a user terminal, judges whether a second management server random number, which is stored in a storage unit in correspondence with the user terminal identifier, matches the first user terminal random number. If the two fail to match, a display unit displays a message indicating that a clone exists. If the two match, a terminal information generation unit generates a new random number, and writes the generated random number as the second random number in the storage unit. A transmission processing unit transmits the generated random number to the user terminal via a transmission/reception unit and the user terminal updates the first user terminal random number to the generated random number.

Abstract: To provide an unauthorized device detection system capable of finding and specifying a device that was manufactured or altered unauthorizedly. A DVD player 400a writes its own device ID to a memory card 200a. When a user purchases content, a register device 300 reads a media ID and the device ID from the memory card 200a, and transmits the media ID and the device ID to a management server device 100. The management server device 100 calculates, based on pairs of media IDs and device IDs stored beforehand and the received pair of media ID and device ID, a total number of media IDs corresponding to the received device ID, and compares the calculated total number with a threshold value. If the total number exceeds the threshold value, the management server device 100 judges that the DVD player identified by the received device ID is an unauthorized device.

Abstract: An unauthorized apparatus detection device, playback device, unauthorized apparatus detection system, information collection device, unauthorized apparatus detection method, a program, recording medium, apparatus information update method, and integrated circuit can detect clones of a playback device. In a management server 2, a reception processing unit 241 acquires a user terminal identifier and a first random number from a user terminal targeted for unauthorized apparatus detection, judges whether a second management server random number, which is stored in a storage unit 23 in correspondence with the user terminal identifier, matches the first user terminal random number. If the two fail to match, a display unit 22 displays a message indicating that a clone exists. If the two match, a terminal information generation unit 243 generates a new random number, and writes the generated random number as the second random number in the storage unit 23.

Abstract: A transmission device including: copy unit that extracts part or all of partial contents, as tracking information, from a content, and copies the extracted tracking information, thereby generating pieces of tracking information; candidate information obtaining unit that obtains pieces of candidate information respectively corresponding to the pieces of tracking information; evidence information obtaining unit that obtains evidence information generated dependently on a piece of candidate information selected by the reception device from among the pieces of candidate information; hash generating unit that generates hash values respectively in accordance with the pieces of candidate information; embed unit that embeds the hash values respectively into the pieces of tracking information, and embeds the evidence information into each piece of tracking information; and transmit unit that transmits each piece of tracking information in which a hash value and the evidence information have been embedded.

Abstract: A content distribution system for transferring contents between transmission device and reception device. The transmission device includes: key obtaining unit that obtains, from reception device, public keys and public key identifiers; watermark embedding unit that embeds a different public key identifier, as electronic watermark, into each of contents that are identical in substance; an encryption unit that encrypts contents using public keys to generate encrypted contents; and transmission unit that transmits encrypted contents to reception device. The reception device includes: key storage unit storing public keys, public key identifiers, and a private key that makes a pair with one of the public keys; key transmission unit that transmits public keys and public key identifiers to the transmission device; content receiving unit that receives encrypted contents from transmission device; and decryption unit that obtains a content from the received encrypted contents, using the private key.

Abstract: A copyright protection system is provided that keeps manufacturing costs down regardless of the total number of playback apparatuses belonging to the system. In this system, a device key generating unit of a key management apparatus performs a modular exponentiation operation on a random number with an inverse element of a product of predetermined prime numbers, so as to generate and distribute device keys to playback apparatuses in one-to-one correspondence. A key revocation data generating unit generates, as key revocation data, information identifying the prime numbers used by an unrevoked playback apparatus to generate a decryption key from its device key and distributes the key revocation data along with an encrypted content to each playback apparatus. Playback apparatuses each attempt to generate a description key based on the key revocation data, and only those playback apparatuses that have successfully generated a decryption key are able to decrypt the encrypted content.

Abstract: A management apparatus reduces the number of pieces of unique information each not generated from another piece of unique information, among unique information being bases of keys assigned to managed apparatuses. The management apparatus calculates, for nodes in layers other than tree structure leaves, subsets of apparatus identifiers subordinate to the nodes, searches for a subset wholly containing another subset in the lowermost layer other than a leaf layer from an immediately-upper layer and mutually associates these subsets, searches for another subset wholly containing the containing subset from a same or an immediately-upper layer and mutually associates these subsets, controls this processing to repeat up to the uppermost layer, controls these processings to repeat on all subsets in the lowermost layer, makes unique information correspond to subsets in the lowermost layer, and makes information derivatively obtained from the unique information correspond to subsets connected due to the associating.

Abstract: An authentication system for mutual authentication between a terminal and a server characterized by the fact that the terminal comprises a memory means that pre-stores an authentication information P? for terminal storage; a concatenation means that yields a value P using a specific calculation formula with the input of the authentication information P? read from the memory means and a password entered for authentication; a mask operation means that yields a value Y1 using a specific calculation formula with the input of value P and an internally generated random number, and then sends Y1 to the server; and a master key generation means that yields a value MK using a specific calculation formula with the input of value P, an internally generated random number and a value Y2 received from the server, and the server comprises a memory means that pre-stores a password verification data H for server registration; a mask operation means that yields a value Y2 using a specific calculation formula with the input of