Abstract: A server apparatus according to an embodiment generates a random number on receiving from a user apparatus a notification showing that a re-encryption key should be updated, and calculates re-encryption key data on the basis of the re-encryption key stored and the random number generated. The server apparatus transmits the re-encryption key to the user apparatus and receives, from the user apparatus, the user private key not updated yet and re-encryption key updating data calculated from the re-encryption key data on the basis of the user private key updated. The server apparatus calculates the re-encryption key updated, on the basis of the re-encryption key updating data and the random number, and replaces the re-encryption key stored in the storage device with the updated re-encryption key.

Abstract: A controller is provided with a controller key and a first controller identification information unique to the controller. The controller generates a controller unique key unique to a respective controller based on the controller key and the first controller identification information, and a second controller identification information based on the first controller identification information. A decryptor decrypts the encrypted medium device key using the controller unique key to obtain a medium device key. An authentication/key exchange process unit performs authentication/key exchange process with the host device through an interface unit using the medium device key and the medium device key certificate to establish the secure channel.

Abstract: A controller is provided with a controller key and a first controller identification information unique to the controller. The controller generates a controller unique key unique to a respective controller based on the controller key and the first controller identification information, and a second controller identification information based on the first controller identification information. A decryptor decrypts the encrypted medium device key using the controller unique key to obtain a medium device key. An authentication/key exchange process unit performs authentication/key exchange process with the host device through an interface unit using the medium device key, the medium device key certificate and the second controller identification information to establish a secure channel.

Abstract: The data storage portion stores an encrypted medium device key Enc (Kcu, Kmd_i) generated by encrypting a medium device key (Kmd_i), a medium device key certificate (Certmedia), and encrypted content data generated by encrypting content data, the controller stores a controller key (Kc) and first controller identification information (IDcu), the information recording device being configured to execute, after being connected to an external host device, an one-way function calculation based on the controller key (Kc) and the first controller identification information (IDcu) to generate a controller unique key (Kcu) used when decrypting the encrypted medium device key Enc (Kcu, Kmd_i), and second controller identification information (IDcntr) used when decrypting the encrypted content data.

Abstract: According to one embodiment, a device includes a second data generator configured to generate a session key (SKey) by encrypting a random number (RN) with the second key (HKey) in AES operation; a one-way function processor configured to generate an authentication information (Oneway-ID) by processing the secret identification information (SecretID) with the session key (SKey) in one-way function operation; and a data output interface configured to output the encrypted secret identification information (E-SecretID) and the authentication information (Oneway-ID) to outside of the device.

Abstract: A re-encryption key generator according to an embodiment generates a re-encryption key required to re-encrypt, without decrypting, ciphertext data obtained by encrypting plaintext data by means of a first public key of a first user device to obtain re-encrypted text data which can be decrypted by a second private key of a second user device. The first storage device stores a first private key corresponding to the first public key. The second storage device stores a second public key corresponding to the second private key. The re-encryption key generation device generates the re-encryption key based on the first private key, the second public key, and the first random number.

Abstract: According to one embodiment, an encryption device encrypts each of numerical values based on an encryption key, and generates encrypted data. On the basis of each of the encrypted data, a computation device generates a primary computation result corresponding to data in which a computation result of an expression that has added and subtracted each of the numerical values is encrypted. On the basis of the primary computation result, a secondary computation key and random numbers, a computation assist device generates a secondary computation result. The computation device generates a tertiary computation result based on the secondary computation result and a tertiary computation key, and decides the magnitude relation between a minuend and a subtrahend in the expression based on the tertiary computation result.

Abstract: According to one embodiment, an authenticator which authenticates an authenticatee, which stores first key information (NKey) that is hidden, includes a memory configured to store second key information (HKey) which is hidden, a random number generation module configured to generate random number information, and a data generation module configured to generate a session key (SKey) by using the second key information (HKey) and the random number information. The authenticator is configured such that the second key information (HKey) is generated from the first key information (NKey) but the first key information (NKey) is not generated from the second key information (HKey).

Abstract: According to one embodiment, an authentication method includes generating, by the memory, first authentication information by calculating secret identification information with a memory session key in one-way function operation, transmitting encrypted secret identification information, a family key block, and the first authentication information to a host, and generating, by the host, second authentication information by calculating the secret identification information generated by decrypting the encrypted secret identification information with the host session key in one-way function operation. The method further includes comparing, by the host, the first authentication information with the second authentication information.

Abstract: A security system includes a controller manufacturer, a key issuer, and a medium manufacturer. The controller manufacturer writes a controller key Kc and a controller unique ID (IDcu) in the controller at the time of manufacturing the controller, and transmits the controller key Kc to the key issuer. The key issuer generates a medium device key Kmd_i and a medium device key certificate Certmedia, and encrypts the medium device key Kmd_i using the controller key Kc to generate encrypted medium device key Enc (Kc, Kmd_i). The medium manufacturer decrypts the encrypted medium device key Enc (Kc, Kmd_i) received from the key issuer, using the controller key Kc in the controller, and encrypts the medium device key Kmd_i obtained by decryption using a controller unique key Kcu generated from the controller unique ID (IDcu) in the controller, and then store it in a memory.

Abstract: A controller is provided with a controller key and a first controller identification information unique to the controller. The controller generates a controller unique key unique to a respective controller based on the controller key and the first controller identification information, and a second controller identification information based on the first controller identification information. A decryptor decrypts the encrypted medium device key using the controller unique key to obtain a medium device key. An authentication/key exchange process unit performs authentication/key exchange process with the host device through an interface unit using the medium device key and the medium device key certificate to establish the secure channel.

Abstract: A first data generation unit generates identification key information (FKey) that may be decrypted from the identification key information (IDKey) using key management information (FKB) read from an authenticatee. A decryption unit decrypts encrypted secret identification information (E-SecretID) using the identification key information (FKey) to generate secret identification information (SecretID). A second data generation unit generates a first session key (Skey) using the first key information (Hkey) and a random number. A one-way conversion unit performs a one-way conversion process on the secret identification information (SecretID) using the generated first session key (SKey) to generate first one-way conversion data (Oneway-ID).

Abstract: According to one embodiment, a authentication method comprising: generating a second key by the first key, the first key being stored in a memory and being prohibited from being read from outside; generating a session key by the second key; generating first authentication information, the secret identification information stored in a memory and being prohibited from being read from outside; transmitting encrypted secret identification information to an external device and receiving second authentication information from the external device, the encrypted secret identification information stored in a memory and readable, the second authentication information generated based on the encrypted secret identification information; and determining whether the first authentication information and the second authentication information match.

Abstract: According to one embodiment, encrypted secret identification information (E-SecretID) and the key management information (FKB) are read from a memory device. Encrypted management key (E-FKey) is obtained using the key management information (FKB) and index information (k). The index information (k) and the encrypted management key (E-FKey) are transmitted to the semiconductor memory device. An index key (INK) is generated using the first key information (NKey) and the received index information (k). The encrypted management key (E-FKey) is decrypted using the index key (INK) to obtain management key (FKey), which is transmitted to the host device.

Abstract: A first data generation unit generates identification key information (FKey) that may be decrypted from the identification key information (IDKey) using key management information (FKB) read from an authenticatee. A decryption unit decrypts encrypted secret identification information (E-SecretID) using the identification key information (FKey) to generate secret identification information (SecretID). A second data generation unit generates a first session key (Skey) using the first key information (Hkey) and a random number. A one-way conversion unit performs a one-way conversion process on the secret identification information (SecretID) using the generated first session key (SKey) to generate first one-way conversion data (Oneway-ID).

Abstract: According to one embodiment, a method for authenticating a device, wherein the device holds secret identification information, encrypted secret identification information, and key management information, and an authenticator holds an identification key, the method includes reading, by the authenticator, the encrypted secret identification information and the key management information from the device, and obtaining, by the authenticator, a family key by using the key management information, the family key being capable of being decrypted with the identification key. The method further includes obtaining, by the authenticator, the secret identification information by decrypting the encrypted secret identification information with the family key.

Abstract: A controller is provided with a controller key and a first controller identification information unique to the controller. The controller generates a controller unique key unique to a respective controller based on the controller key and the first controller identification information, and a second controller identification information based on the first controller identification information. A decryptor decrypts the encrypted medium device key using the controller unique key to obtain a medium device key. An authentication/key exchange process unit performs authentication/key exchange process with the host device through an interface unit using the medium device key and the medium device key certificate to establish the secure channel.

Abstract: A re-encryption key generator according to an embodiment generates a re-encryption key to obtain re-encrypted data that can be decrypted by a second private key of a second user device by re-encrypting ciphertext obtained by encrypting plaintext by a first public key of a first user device without decryption. The re-encryption key generator stores a first private key corresponding to the first public key. The re-encryption key generator stores a second re-encryption key generation key of the second user device that is different from a second public key corresponding to the second private key. The re-encryption key generator generates the re-encryption key based on the first private key and the second re-encryption key generation key.

Abstract: According to one embodiment, a device includes a memory area being used to store a first key (NKey), unique secret identification information (SecretID), and encrypted secret identification information (E-SecretID), the encrypted secret identification information (E-SecretID) being generated by encrypting the secret identification information (SecretID), the first key (NKey) and the secret identification information (SecretID) being prohibited from being read from outside, the encrypted secret identification information (E-SecretID) being readable from outside; a data generator configured to generate a session key (SKey) by using a second key (HKey), the second key (HKey) being generated based on the first key (NKey); and a one-way function processor configured to generate an authentication information by processing the secret identification information (SecretID) with the session key (SKey) in one-way function operation.

Abstract: According to one embodiment, a memory being used to store a host identification key, a host constant (HC), and a first key, the first key being generated based on the host constant (HC); a first generator configured to decrypt a family key block read from an external device with the host identification key to generate a family key; a second generator configured to decrypt encrypted secret identification information read from the external device with the family key to generate a secret identification information; a third generator configured to generate a random number; a fourth generator configured to generate a session key by using the first key and the random number; a fifth generator configured to generate a first authentication information by processing the secret identification information with the session key in one-way function operation.