Abstract: A secret sharing storage system includes at least one user terminal, n units (n: an integer of 2 or more) of storage devices, and a main controller that is communicably connected to a random number generator. The main controller acquires a random number generated by the random number generator in a case of receiving original data sent from the user terminal, executes distributed processing on the original data by using the random number to generate n pieces of distributed data, and stores the n pieces of distributed data respectively in the corresponding n units of storage devices.

Abstract: A signature generation device includes a data acquirer acquiring a plurality of mutually related pieces of data including first data and a signature generator generating first signature data for the first data and correlation information based on the first data, the correlation information indicating correlation among the plurality of pieces of data, and a signature key. The signature generation device ensures relevance among the plurality of pieces of data.

Abstract: An authentication system includes a terminal having a transmitter, a processor, and a memory, and a server having a receiver, a processor and a memory. The terminal transmits request information to the server. The terminal acquires time information, generates a first one-time password at a pre-determined cycle by using the time information within the terminal, and generates encryption information which is acquired by encrypting the request information using the first one-time password as a key, the encryption information being transmitted from the terminal to the server. The server acquires time information within the server, generates a second one-time password at the pre-determined cycle as the cycle within the terminal by using the time information within the server, generates reference information which is acquired by decoding the encryption information using the second one-time password as a key, and compares the request information with the reference information.

Abstract: A resolution converter converts input image data to N types (N is a plural number) of image data having resolutions different with each other. A secret sharing unit performs secret sharing schemes so that the plurality of pieces of image data are respectively divided into n pieces (n is an integer equal to or more than N+1 and the same value in all of image data) of distributed data and the distributed data is reconstructed to original image data using k pieces (k is an integer equal to or more than 2 and equal to or less than n and different value for each piece of image data) among n pieces. A data combination unit generates n pieces of combination data by combining distributed data selected one by one so as not to overlap with each of resolutions and stores each piece of the combination data in different storages.

Abstract: Provided is a terminal authentication system including a client terminal and a server device. The client terminal transmits first information based on secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, to a server device. The server device receives the first information and the client certificate, derives a hash value from the secret information based on the first information using a unidirectional function, and authenticates the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate.

Abstract: A signature to be used to verify whether or not an original version video captured by a camera has been altered is assigned in the camera to improve the evidential quality of the original version video captured by the camera. The camera (2) includes: an image pickup unit that captures a video of an area to be monitored; a CPU that generates, using a portion or the entirety of video data of the area to be monitored captured by the image pickup unit, a signature for verifying whether or not the video data have been altered; and a network communication unit that sequentially transmits, to a client terminal (4), signed video data obtained by assigning the signature generated by the CPU to the video data.

Abstract: A communication system includes a first communication apparatus and a second communication apparatus. The first communication apparatus includes a partial image data generation unit, configured to generate partial image data which is obtained by extracting a partial component from image data, and a transmission unit, configured to transmit the partial image data generated by the partial image data generation unit to the second communication apparatus. The second communication apparatus includes a reception unit, configured to receive the partial image data transmitted by the transmission unit of the first communication apparatus.

Abstract: A signature generation device includes a data acquirer acquiring a plurality of mutually related pieces of data including first data and a signature generator generating first signature data for the first data and correlation information based on the first data, the correlation information indicating correlation among the plurality of pieces of data, and a signature key. The signature generation device ensures relevance among the plurality of pieces of data.

Abstract: A signature verification device includes a communicator that receives a second server certificate including a second public key and receives signature data which is generated by encrypting a hash value derived from the second server certificate using a secret key forming a key pair with the first public key, a signature processor that decrypts the signature data by using the first public key stored in the storage to acquire a first hash value, a unidirectional function deriver that derives a second hash value from the second server certificate, and a signature verifier that determines a signature generation device generating the signature data to be correct in a case of the first hash value and the second hash value matching. Decrease of accuracy of signature verification is reduced with reduced cost and secured security.

Abstract: A resolution converter converts input image data to N types (N is a plural number) of image data having resolutions different with each other. A secret sharing unit performs secret sharing schemes so that the plurality of pieces of image data are respectively divided into n pieces (n is an integer equal to or more than N+1 and the same value in all of image data) of distributed data and the distributed data is reconstructed to original image data using k pieces (k is an integer equal to or more than 2 and equal to or less than n and different value for each piece of image data) among n pieces. A data combination unit generates n pieces of combination data by combining distributed data selected one by one so as not to overlap with each of resolutions and stores each piece of the combination data in different storages.

Abstract: An authentication system includes a terminal having a transmitter, a processor, and a memory, and a server having a receiver, a processor and a memory. The terminal transmits request information to the server. The terminal acquires time information, generates a first one-time password at a pre-determined cycle by using the time information within the terminal, and generates encryption information which is acquired by encrypting the request information using the first one-time password as a key, the encryption information being transmitted from the terminal to the server. The server acquires time information within the server, generates a second one-time password at the pre-determined cycle as the cycle within the terminal by using the time information within the server, generates reference information which is acquired by decoding the encryption information using the second one-time password as a key, and compares the request information with the reference information.

Abstract: Provided is an authentication system in which a client terminal that receives input of request information is connected to a server that executes a process with regard to the request information. The client terminal includes: a first authentication information generation unit that generates first authentication information based on information which is shared with the server; an encryption unit that generates encryption information; and a transmission unit that transmits the request information and encryption information to the server.

Abstract: Provided is a signature verification system including a communication device and a verification device. The communication device and the verification device are connected to each other through a network. The communication device derives a first hash value from a first random number, derives a second hash value from data including electronic data and a certificate of the communication device which includes the first hash value and a public key of the communication device, using a unidirectional function, generates a signature using a secret key of the communication device with respect to the second hash value, and transmits the electronic data, the certificate, and the signature to the verification device.

Abstract: A secret sharing apparatus generates, from secret data, a plurality of pieces of shared data from which the secret data is able to be restored. The secret data includes a plurality of pieces of divided data which does not include a random number. The secret sharing apparatus includes a shared data generating section which performs an XOR operation between the pieces of divided data and generates the plurality of pieces of shared data which includes the result of the XOR operation between the pieces of divided data.

Abstract: A communication system includes a first communication device, a second communication device, and a key management apparatus. The second communication device generates a random number, generates encrypted data using an encryption key, encrypts the random number, generates key information data, and transmits the key information data, identification information of the second communication device, and the encrypted data to the first communication device. The first communication device receives the key information data, the identification information, and the encrypted data, transmits the key information data and the identification information to the key management apparatus, receives the encryption key from the key management device, decodes the encrypted data and obtains the predetermined data using the received encryption key.

Abstract: Provided is a certificate issuing system including a client terminal and a server device. The client terminal derives a first hash value from a first random number using a unidirectional function, generates a secret key and a public key of the client terminal, and transmits the first hash value and the public key of the client terminal to the server device. The server device receives the first hash value and the public key of the client terminal from the client terminal, stores the first hash value, authenticates the client terminal on the basis of the stored first hash value and the derived first hash value, generates a client certificate on the basis of the public key of the client terminal and a secret key of the server device when the authentication succeeds, and transmits the client certificate to the client terminal.

Abstract: Processing for generating a plurality of pieces of distributed data from original data or processing for restoring original data from a plurality of pieces of distributed data is performed safely and quickly. A distribution and restoration apparatus 200 generates a plurality of pieces of distributed data SD1 to SD3 by dividing original data OD into a plurality of divided blocks DB1 to DB16 and performing an operation of exclusive OR using divided blocks of different combinations. A combination including divided blocks used in common in a plurality of pieces of distributed data and a combination including divided blocks used only in specific distributed data are present in combinations of divided blocks in each piece of distributed data. Therefore, the distribution and restoration apparatus 200 can generate a plurality of pieces of safe distributed data having high information entropy at high speed.

Abstract: An encryption device includes a sharer that shares data to first data and second data with different sizes using secret sharing, a data encryptor that encrypts the second data with the size smaller than the first data using a common key corresponding to a common key encryption scheme, a combiner that combines the first data and the second data encrypted by the data encryptor, and a transmitter that transmits the encrypted data combined by the combiner to an external device. The encryption device suppresses deterioration in security at the time of delivery of the data while reducing a load of an encryption process for the data to be delivered.

Abstract: In a secret sharing process based on an improved threshold scheme, secret data is shared as shared data parts equal to or greater than a threshold value in number such that the secret data cannot be reconstructed from shared data parts less than the threshold value in number. Each of the shared data pieces is created essentially from a different combination of the secret data pieces and the data pieces for secret sharing computation. The secret sharing process allows an algorithm desired by the user to be freely incorporated, and can prevent the secret data to be easily reconstructed even when more shared data parts than the threshold value are acquired by a third party.

Abstract: A communication system includes a first communication device, a second communication device, and a key management apparatus. The second communication device generates a random number, generates encrypted data using an encryption key, encrypts the random number, generates key information data, and transmits the key information data, identification information of the second communication device, and the encrypted data to the first communication device. The first communication device receives the key information data, the identification information, and the encrypted data, transmits the key information data and the identification information to the key management apparatus, receives the encryption key from the key management device, decodes the encrypted data and obtains the predetermined data using the received encryption key.