Abstract: The present invention makes it possible to improve confidentiality. A communication terminal stores a session key shared with other communication terminals (S3). The communication terminal makes a pair of an index generated by using the session key for a character string relating to a message and a message identifier, and transmits it to a server apparatus (S4). The server apparatus stores the pair of the index and the message identifier (S5). The communication terminal generates, when the session key is updated, a re-encryption key with a session key before update and a session key after update (S8). The server apparatus updates, by using the re-encryption key, the stored index to an index generated by using the session key after update (S9). The communication terminal encrypts a search keyword with the session key to generate a search query (S10). The server apparatus extracts a message identifier of which the index matches the search query (S11).

Abstract: A leakage prevention apparatus stores an assumed use permission range, stores an information asset caused to be in an unavailable state by encryption, stores an information asset caused to be in an available state by decryption, and stores an information asset caused to be in a leakage-concerned state. When use of an information asset in the unavailable state is requested by an application corresponding to the use permission range, the information asset is decrypted to cause the information asset to be in the available state. When the use of the information asset in the available state by the application ends, the information asset is encrypted to cause the information asset to be in the unavailable state. When use of an information asset in the unavailable state is requested by an application not corresponding to the use permission range, the information asset is caused to be in the leakage-concerned state.

Abstract: A random number generating unit generates random numbers s1, s2, s?1, and s?2. A public keys randomizing unit generates first randomized public keys information obtained by randomizing public keys using the random number s1 and second randomized public keys information obtained by randomizing the public keys using the random number s2. A proxy calculation unit calculates a first commission result by using a secret key and calculates a second commission result by using the secret key. A verification unit calculates a first verification value by using the random number s2, calculates a second verification value by using the random number s1, and verifies whether or not the first verification value and the second verification value coincide with each other. A common key calculation unit calculates a common key by using the random numbers s?1 and s?2 if the first verification value and the second verification value coincide with each other.

Abstract: A communication terminal shares a session key with and sends cipher text to another communication terminal via a server device, including: a common key cipher text obtaining unit that encrypts a message based on a common key to obtain common key cipher text; a function computation result obtaining unit that computes the common key and the session key based on a predetermined first function to obtain a function computation result; a public key cipher text obtaining unit that encrypts the function computation result based on a public key to obtain public key cipher text; and a cipher text sending unit that sends the common key cipher text and the public key cipher text to the server device. The communication terminal can update data previously saved in a server to data that can be decrypted on the communication terminal side using an updated session key, without the server decrypting the data.

Abstract: A computing apparatus outputs ?1 and ?2 corresponding to a ciphertext x, a capability providing apparatus uses ?1 to correctly compute f(?1) with a probability greater than a certain probability and sets the result of the computation as z1, uses ?2 to correctly compute f(?2) with a probability greater than a certain probability and sets the result of the computation as z2, the computing apparatus generates a computation result u=f(x)bx1 from z1, generates a computation result v=f(x)ax2 from z2, and outputs ub?va? if the computation results u and v satisfy a particular relation, where G and H are groups, f(x) is a function for obtaining an element of the group G for x?H, X1 and X2 are random variables having values in the group G, x1 is a realization of the random variable X1, and x2 is a realization of the random variable X2.

Abstract: Plurality of users share a common key while permitting dynamic member change and computational complexity required for key exchange is reduced. The first key generation unit computes Ri and ci based on a twisted pseudo-random function. A session ID generation unit generates sid based on a target-collision resistant hash function and transmits (sid, R?, R?) to communication devices Ui. A second key generation unit of a representative communication device U1 computes T1 based on a pseudo-random function. A second key generation unit of general communication devices Uj computes Tj based on the pseudo-random function. A third key generation unit computes k? based on the twisted pseudo-random function and computes T?j with respect to each j. A session key generation unit of the general communication devices Uj computes Kjl and k1. The session key generation unit generates a common key K2 based on the pseudo-random function.

Abstract: There is provided an encrypted message search technique making it difficult to, at the time of searching for a message in a state of being encrypted, guess content of the search and a result of the search.

Abstract: A computing apparatus outputs ?1 and ?2 corresponding to a ciphertext x, a capability providing apparatus uses ?1 to correctly compute f(?1) with a probability greater than a certain probability and sets the result of the computation as z1, uses ?2 to correctly compute f(?2) with a probability greater than a certain probability and sets the result of the computation as z2, the computing apparatus generates a computation result u=f(x)bx1 from z1, generates a computation result v=f(x)ax2 from z2, and outputs ub?va? if the computation results u and v satisfy a particular relation, where G and H are groups, f(x) is a function for obtaining an element of the group G for x?H, X1 and X2 are random variables having values in the group G, x1 is a realization of the random variable X1, and x2 is a realization of the random variable X2.

Abstract: At the time of setting authority, a management apparatus stores a database in which authority information corresponding to authority to physically drive a drive apparatus, which is a tangible object, using a terminal apparatus, and registration identification information corresponding to a subject that is given the authority are associated, and outputs information representing any of the registration identification information; and a permission apparatus receives and stores the information. At the time of exercising the authority, the terminal apparatus outputs information representing identification information, and the permission apparatus receives the information and, when the identification information corresponds to registration identification information comprised in setting information, outputs information representing authority exercise information required to exercise the authority.

Abstract: To provide a terminal device that can share a session key for use in encryption communication with multiple terminal devices at a certain timing without relying on an existing server device.

Abstract: A decoding apparatus performs self-correcting processing with a decoding capability providing apparatus holding a decoding key for decoding first ciphertext which can be decoded by homomorphic operation to obtain a decoding value of the first ciphertext, and performs non-homomorphic operation using a value corresponding to or deriving from the decoding value of the first ciphertext and an addition value to output plaintext.

Abstract: A client apparatus converts second input authentication information having a data content compliant with a second authentication method different from a first authentication method into authentication target information in a data format compliant with the first authentication method and transmits information corresponding to the authentication target information to a communication server apparatus. A server apparatus is capable of carrying out both a first process of providing a first authentication server apparatus that carries out an authentication process compliant with the first authentication method with first information corresponding to the authentication target information and a second process of providing a second authentication server apparatus that carries out an authentication process compliant with the second authentication method with second information corresponding to the authentication target information.

Abstract: Name information which is generated by using a value corresponding to a decryption key and address information of a key cloud device which provides a cloud-key management type decryption service in which the decryption key is used are stored in a storage of a directory service device in a manner to associate the name information with the address information, and a searching unit of the directory service device searches the storage by using the inputted name information to obtain address information corresponding to the inputted name information.

Abstract: Plurality of users share a common key while permitting dynamic member change and computational complexity required for key exchange is reduced. The first key generation unit computes Ri and ci based on a twisted pseudo-random function. A session ID generation unit generates sid based on a target-collision resistant hash function and transmits (sid, R?, R?) to communication devices Ui. A second key generation unit of a representative communication device U1 computes T1 based on a pseudo-random function. A second key generation unit of general communication devices Uj computes Tj based on the pseudo-random function. A third key generation unit computes k? based on the twisted pseudo-random function and computes T?j with respect to each j. A session key generation unit of the general communication devices Uj computes Kjl and k1. The session key generation unit generates a common key K2 based on the pseudo-random function.

Abstract: A computing apparatus outputs ?1 and ?2 corresponding to a ciphertext x, a capability providing apparatus uses ?1 to correctly compute f(?1) with a probability greater than a certain probability and sets the result of the computation as z1, uses ?2 to correctly compute f(?2) with a probability greater than a certain probability and sets the result of the computation as z2, the computing apparatus generates a computation result u=f(x)bx1 from z1, generates a computation result v=f(x)ax2 from z2, and outputs ub?va? if the computation results u and v satisfy a particular relation, where G and H are groups, f(x) is a function for obtaining an element of the group G for x?H, X1 and X2 are random variables having values in the group G, x1 is a realization of the random variable X1, and x2 is a realization of the random variable X2.

Abstract: A server sends a key update request for requesting updating of the key, to a client terminal. The client terminal sends, to a key delivery server, a key delivery request for requesting the delivery of a key to the client terminal. The key delivery server delivers a key to the client terminal. The client terminal sends, to the server, a key reception notice indicating that the delivered key was received. The server sends, to the client terminal, a key-use start notice indicating that the client terminal starts data transmission and reception by using the delivered key with a different client terminal from the aforementioned client terminal. The client terminal performs data transmission and reception with the different client terminal by using the delivered key.

Abstract: The risk of leakage of secret information caused by leakage of a secret key is reduced. A segmented secret-key storage system segments a secret key SK into segments that can be combined at the time of decryption or at the time of generation of a signature and records the secret-key segments sk1, . . . , skN in segment storage apparatuses. The secret-key segments are changed, periodically or under a predetermined condition, to another set of secret-key segments that satisfies a condition for combination. In the segmented secret-key storage system, the secret key SK is not revealed unless the secret-key segments are stolen from all the segment storage apparatuses in an interval between changes made to the secret-key segments. Accordingly, the risk of leakage can be greatly reduced in comparison with the risk of leakage of the secret key from a single apparatus.

Abstract: An assumed use permission range storage stores a predetermined assumed use permission range. An unavailable state storage stores an information asset in an unavailable state by encryption. An available state storage stores an information asset in an available state by decryption. A leakage-concerned state storage stores an information asset in a leakage-concerned state. When use of an information asset in the unavailable state is requested by an application corresponding to the assumed use permission range, a state changing part decrypts the information asset into the available state. When use of the information asset in the available state by the application ends, the state changing part encrypts the information asset into the unavailable state. When use of an information asset in the unavailable state is requested by an application not corresponding to the assumed use permission range, a state monitoring part puts the information asset in the leakage-concerned state.

Abstract: A random number generating unit generates random numbers s1, s2, s?1, and s?2. A public keys randomizing unit generates first randomized public keys information obtained by randomizing public keys using the random number s1 and second randomized public keys information obtained by randomizing the public keys using the random number s2. A proxy calculation unit calculates a first commission result by using a secret key and calculates a second commission result by using the secret key. A verification unit calculates a first verification value by using the random number s2, calculates a second verification value by using the random number s1, and verifies whether or not the first verification value and the second verification value coincide with each other. A common key calculation unit calculates a common key by using the random numbers s?1 and s?2 if the first verification value and the second verification value coincide with each other.

Abstract: A first calculation unit is capable of calculating f(x)bx1 and sets a calculation result of f(x)bx1 to u, and a second calculation unit is capable of calculating f(x)ax2, and sets a calculation result of f(x)ax2 to v. A final calculation unit outputs (ub?va?)1/d for d=a?a+b?b when the calculation result u and the calculation result v satisfy ua=vb. Here, G and H are groups, f is a function for mapping an element x of the group H to the group G, X1 and X2 are random variables values of which are in the group G, a realization of the random variable X1 is x1, a realization of the random variable X2 is x2, and a, b, a?, and b? are integers.