Abstract: A communication system (10) includes a certificate authority (100) for performing authentication, a roadside device (110), a vehicle-mounted terminal (120), a first server (130), and a second server (140). The vehicle-mounted terminal transmits its position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result. The certificate authority transmits the first and second lists to the roadside device and the vehicle-mounted terminal.

Abstract: If identification information is updated periodically, there is such a problem that when another vehicle is receiving driving support based on transmitted identification information of an own vehicle, if the identification information of the own vehicle is updated, the operation of driving support using the identification information becomes unstable because another vehicle can no longer identify the own vehicle. A mobile terminal mounted on a vehicle determines whether or not transmission control of identification information is necessary after determining the possibility of identification information misuse, determining the effect by controlling transmission of identification information, and determining the magnitude of adverse influence on the safe driving support service.

Abstract: There is a need to reduce the certificate verification time in a communication system. A communication system (10) includes a certificate authority (100) for performing authentication, a roadside device (110), a vehicle-mounted terminal (120), a first server (130), and a second server (140). The vehicle-mounted terminal transmits its own position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal highly likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result.

Abstract: If identification information is updated periodically, there is such a problem that when another vehicle is receiving driving support based on transmitted identification information of an own vehicle, if the identification information of the own vehicle is updated, the operation of driving support using the identification information becomes unstable because another vehicle can no longer identify the own vehicle. A mobile terminal mounted on a vehicle determines whether or not transmission control of identification information is necessary after determining the possibility of identification information misuse, determining the effect by controlling transmission of identification information, and determining the magnitude of adverse influence on the safe driving support service.

Abstract: If identification information is updated periodically, there is such a problem that when another vehicle is receiving driving support based on transmitted identification information of an own vehicle, if the identification information of the own vehicle is updated, the operation of driving support using the identification information becomes unstable because another vehicle can no longer identify the own vehicle. A mobile terminal mounted on a vehicle determines whether or not transmission control of identification information is necessary after determining the possibility of identification information misuse, determining the effect by controlling transmission of identification information, and determining the magnitude of adverse influence on the safe driving support service.

Abstract: There is a need to reduce the certificate verification time in a communication system. A communication system (10) includes a certificate authority (100) for performing authentication, a roadside device (110), a vehicle-mounted terminal (120), a first server (130), and a second server (140). The vehicle-mounted terminal transmits its own position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal highly likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result.

Abstract: A communication system includes a certificate authority for performing authentication, a roadside device, a vehicle-mounted terminal, a first server, and a second server. The vehicle-mounted terminal transmits position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result. The certificate authority transmits the first and second lists to the roadside device and the vehicle-mounted terminal.

Abstract: If identification information is updated periodically, there is such a problem that when another vehicle is receiving driving support based on transmitted identification information of an own vehicle, if the identification information of the own vehicle is updated, the operation of driving support using the identification information becomes unstable because another vehicle can no longer identify the own vehicle. A mobile terminal mounted on a vehicle determines whether or not transmission control of identification information is necessary after determining the possibility of identification information misuse, determining the effect by controlling transmission of identification information, and determining the magnitude of adverse influence on the safe driving support service.

Abstract: The present invention is directed to solve a problem that time is required for a process related to verification of a public key certificate of a message sender. An in-vehicle device mounted on a vehicle has a memory for holding information of a device which failed in verification of a public key certificate. At the time of performing communication between vehicles or between a vehicle and a roadside device, a check is made to see whether or not information of a device included in a message transmitted matches information of a device which failed and held in the memory. When the information matches, verification of a public key certificate is not performed.

Abstract: There is a need to reduce the certificate verification time in a communication system. A communication system (10) includes a certificate authority (100) for performing authentication, a roadside device (110), a vehicle-mounted terminal (120), a first server (130), and a second server (140). The vehicle-mounted terminal transmits its own position information to the first server. The certificate authority acquires information about a vehicle-mounted terminal highly likely to appear according to place and time from the first server. The certificate authority allows the second server to verify validity of a certificate for a vehicle-mounted terminal acquired from the first server. The certificate authority generates a first list of vehicle-mounted terminals having valid certificates and a second list of vehicle-mounted terminals having invalid certificates according to place and time based on a verification result.

Abstract: An authentication method is provided which is capable of performing message authentication within an allowable time regardless of the magnitude of the number of messages and performing message authentication high in accuracy within a range for which the allowable time allows. Upon transmission by wireless communications with another mobile or a fixed station, a message authentication code of communication data and a digital signature are generated (S200 and S300). The generated message authentication cod and digital signature are transmitted with being added to the communication data. Upon reception, whether authentication should be done using either one of the message authentication code and the digital signature included in received information is determined according to its own state for the authentication (S400 and S500). This state includes, for example, a load state of a central processing unit or the like that performs an authentication process.

Abstract: The invention aims to provide a hash function whose safety can be evaluated. To achieve this, a message that is input to a message blocking unit 122 is split into multiple message blocks, and shuffled at a shuffling unit 126 using block ciphers per message block from a round key generated at a first round-key generation unit 124 or a second round-key generation unit 125 using a round constant generated at a round-constant generation unit 123. In calculation of the block cipher, particular split data among multiple split data obtained by splitting the blocks are transformed with an F function, and an exclusive disjunction of the transformed data with other particular data is calculated. Using the F function, a transformation including at least a nonlinear transformation is performed more than once.

Abstract: An efficient signature technology is provided, which is capable of arbitrary extraction and storage from a plurality of pieces of data and which can make a signature length relatively short. In a signature device (180), a mathematical function computing unit (190) repeats processing of calculating a hash value from a coupled value obtained by coupling together hash values calculated from each of the plurality of pieces of data to calculate one hash value (h), and calculates a signature value from the calculated one hash value. Then, a signature processing unit (189) generates, for one piece of data contained in the plurality of pieces of data, a signature containing the calculated signature value and a hash value coupled to another hash value calculated from the one piece of data before the one hash value (h) is calculated.

Abstract: Provided is a disk array controller capable of speeding up the processing by simultaneously execution the encryption/decryption of a non parallel block cipher modes of operation. In a disk array controller for controlling a disk array according to a disk access request from a host system, a plurality of non parallel mode encryption/decryption target data are divided into a plurality of messages unrelated to the encryption/decryption processing, partitioning non parallel mode encryption/decryption target data belonging to the respective messages into a plurality of block data, storing each block data belonging to the respective messages by allocating it each line of Rnd[0] to Rnd[R?1] per message, and encrypting/decrypting block data corresponding to block data corresponding to a cell of the same column of each line among the block data stored in a data buffer simultaneously with the pipeline processing performed by a pipeline encryption/decryption circuit.

Abstract: The present invention provides a digital copying method for preventing complete copying by the use of digital copying. A data generating portion includes a storage device which generates a plurality of digital copies having mutually different amounts of effective information from original digital data, and stores the set of digital content having the digital copies encrypted different numbers of times in a memory. A digital output portion decrypts the set of digital content retrieved from the memory a prescribed number of times, making usable and outputting one of the digital copies in the set of digital content. An analog output portion extracts the digital copy that has been encrypted zero times from the set of digital content, converts that copy to analog data, and outputs that data.

Abstract: A storage medium includes a storage device for storing information, information required for encryption and encrypted information, and an I/F device for inputting and outputting information, information required for coding and store encrypted information in a storage device or from an external apparatus other than the storage device, and an encoding device for coding of information and decoding of encoded information. When outputting information stored inside the storage device, information is encoded using encryption key information, and along with obtaining the encoded information and obtaining the encoded encryption key information by using another encryption key. Both the encoded information and encoded encryption key information are output so that decoding the information without the storage medium is impossible.

Abstract: Since a conventional information processing apparatus includes a plurality of semiconductor devices, there is a problem that sensitive information may reside on a system bus in the apparatus or a semiconductor memory device serving as main memory therein. To obviate this problem, each information processing apparatus has a CPU which includes a microprocessor, a cryptographic processing algorithm ROM, a cryptographic processing hardware circuit, a RAM, a key custody area, and an external bus controller, which are all integrated on a single semiconductor chip. Thus, encryption/decryption processing is carried out only in the CPU, and internal operations of the CPU are made non-analyzable from an external signal of the CPU.

Abstract: The external storage device according to the present invention which uses a non-volatile semiconductor memory such as a flash memory is provided with plural areas which store user data, and restricts access to the user data from a host computer and also dynamically changes an area an access to which is to be restricted. Accordingly, the ease of use of the external storage device for the host computer is improved. Specifically, the interior of the flash memory is divided into a normal area not protected by a password or the like and a protected area protected by a password or the like. A microprocessor controls accesses to the normal area and the protected area in accordance with a command from the host computer. In addition, the host computer can access the protected area after passing through authentication using a password. Moreover, the host computer changes information indicative of the location of the protected area, thereby dynamically changing the protection area.

Abstract: An information processing apparatus has a processing unit, a memory unit for storing display data processed by the processing unit, a display image rotation engine which is coupled with a buffer memory to sequentially transfer display data to the buffer memory and which responds to a command of predetermined timing for display data update to store the display data stored in the memory unit in read sequence different from write sequence, a display controller for delivering the display data, stored in the buffer memory, in the memory unit by means of the rotation engine to a display device, and a bus for mutually coupling the processing unit, the memory unit, the display controller and the rotation engine.

Abstract: A system which serves both as a host and a device cannot be realized with a single connector due to the constitution of hardware in the prior art. The prior art system only detects the existence of a device and cannot distinguish between a host and a device while a power source is turned on and switch its function. The information processing apparatus of the present invention separates the data lines of a host communication controller and the data lines of a device communication controller and activates the selected controller by means of selecting the data lines of the controllers and means of determining which is connected to a connector, a host or a device.