Systems and apparatuses for a secure mobile cloud framework for mobile computing and communication
US-10425411-B2 · Sep 24, 2019 · US
Terminal device, key distribution management device, server-client system, communication method, and programs
US11516195B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11516195-B2 |
| Application number | US-201716306707-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 8, 2017 |
| Priority date | Jun 20, 2016 |
| Publication date | Nov 29, 2022 |
| Grant date | Nov 29, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
To provide a terminal device that can share a session key for use in encryption communication with multiple terminal devices at a certain timing without relying on an existing server device. The terminal device includes: a list/request sending unit that, when the terminal device operates as an owner device, generates a key distribution request, signs the key distribution request, and transmits the key distribution request to a key distribution management device; a participation request sending unit that, when the terminal device operates as a general device, generates a participation request, signs the participation request, and transmits the participation request to the key distribution management device; a session key generating unit that executes an authentication-based multipoint key distribution algorithm of server-client type in cooperation with another terminal device participating in the session and with the key distribution management device to generate a session key; and a post-confirmation unit that, when the session key has been normally generated, transmits a success notice to the key distribution management device and receives a collective notice from the key distribution management device.
First claim
Opening claim text (preview).
What is claimed is: 1. A terminal device in a server-client system including N terminal devices, a key distribution management device, and an authentication information database, where N is an integer greater than 1, the terminal device comprising: a list/request sending unit that, when the terminal device operates as an owner device, generates a key distribution request that contains a user list, that is stored in advance at a memory of the owner device, containing IDs of terminal devices participating in a session and an ID of the terminal device as the owner device, signs the key distribution request with a secret key of the terminal device as the owner device, transmits the key distribution request to the key distribution management device, and maintains a connection with the key distribution management device; a participation request sending unit that, when the terminal device operates as a general device, generates a participation request containing the ID of the terminal device, signs the participation request with the secret key of the terminal device, transmits the participation request to the key distribution management device, and maintains the connection with the key distribution management device; a session key generating unit that executes an authentication-based multipoint key distribution algorithm of server-client type in cooperation with another terminal device participating in the session and with the key distribution management device to generate a session key; and a post-confirmation unit that, when the session key has been normally generated, transmits a success notice indicating that the session key has been normally generated to the key distribution management device, and receives, from the key distribution management device, a collective notice meaning that the success notice has been received from all of the terminal devices participating in the session. 2. A key distribution management device in a server-client system including N terminal devices, the key distribution management device, and an authentication information database, where N is an integer greater than 1, the key distribution management device comprising: a request verification unit that receives, from one of the terminal devices that operates as an owner device, a key distribution request that contains a user list, that is stored in advance at a memory of the owner device, containing IDs of terminal devices participating in a session and an ID of the owner device and is signed with a secret key of the owner device, retrieves a verification key for the owner device from the authentication information database, verifies a signature of the key distribution request, verifies whether all of the IDs of the terminal devices contained in the user list are IDs that exist in the authentication information database or not, transmits a response signed with a secret key of the key distribution management device in accordance with a result of the verification to the owner device, receives, from each one of the terminal devices that operates as a general device, a participation request signed with a secret key of the general device and containing an ID of the general device, retrieves a verification key for the general device from the authentication information database, verifies a signature of the participation request, and transmits a response signed with the secret key of the key distribution management device in accordance with a result of the verification to the general device; a session key generating unit that executes an authentication-based multipoint key distribution algorithm of server-client type in cooperation with the terminal devices participating in the session to cause the terminal devices participating in the session to each generate a session key; and a post-verification unit that receives a success notice indicating that the session key has been normally generated from each of the terminal devices participating in the session, and transmits a collective notice meaning that the success notice has been received from all of the terminal devices participating in the session to all of the terminal devices participating in the session. 3. A server-client system comprising: N terminal devices, where N is an integer greater than 1; a key distribution management device; and an authentication information database, wherein each one of the terminal devices includes a list/request sending unit that, when the terminal device operates as an owner device, generates a key distribution request that contains a user list, that is stored in advance at a memory of the owner device, containing IDs of terminal devices participating in a session and an ID of the terminal device as the owner device, signs the key distribution request with a secret key of the terminal device as the owner device, transmits the key distribution request to the key distribution management device, and maintains a connection with the key distribution management device, a participation request sending unit that, when the terminal device operates as a general device, generates a participation request containing the ID of the terminal device, signs the participation request with the secret key of the terminal device, transmits the participation request to the key distribution management device, and maintains the connection with the key distribution management device, a session key generating unit that executes an authentication-based multipoint key distribution algorithm of server-client type in cooperation with another terminal device participating in the session and with the key distribution management device to generate a session key, and a post-confirmation unit that, when the session key has been normally generated, transmits a success notice indicating that the session key has been normally generated to the key distribution management device, and receives, from the key distribution management device, a collective notice meaning that the success notice has been received from all of the terminal devices participating in the session, and the key distribution management device includes a request verification unit that receives the key distribution request from the owner device, retrieves a verification key for the owner device from the authentication information database, verifies a signature of the key distribution request, verifies whether all of the IDs of the terminal devices contained in the user list are IDs that exist in the authentication information database or not, transmits a response signed with a secret key of the key distribution management device in accordance with a result of the verification to the owner device, receives the participation request from the general device, retrieves a verification key for the general device from the authentication information database, verifies a signature of the participation request, and transmits a response signed with the secret key of the key distribution management device in accordance with a result of the verification to the general device, a session key generating unit that executes an authentication-based multipoint key distribution algorithm of server-client type in cooperation with the terminal devices participating in the session to cause the terminal devices participating in the session to each generate a session key, and a post-verification unit that receives the success notice from each of the terminal devices participating in the session, and transmits the collective notice to all of the terminal devices participating in the session. 4. A communication method for execution by a terminal device in a server-client system including N terminal devices, a key distribution management device, and an authentication information database, where N is an integer greater than 1, the communication method comprising the steps of: when the ter
Assignees
Inventors
Classifications
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
Program or device authentication · CPC title
Key distribution {or management, e.g. generation, sharing or updating, of cryptographic keys or passwords (network architectures or network communication protocols for supporting key management in a packet data network H04L63/06)} · CPC title
Key management protocols · CPC title
- H04L9/083Primary
involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11516195B2 cover?
- To provide a terminal device that can share a session key for use in encryption communication with multiple terminal devices at a certain timing without relying on an existing server device. The terminal device includes: a list/request sending unit that, when the terminal device operates as an owner device, generates a key distribution request, signs the key distribution request, and transmits …
- Who is the assignee on this patent?
- Nippon Telegraph & Telephone
- What technology area does this patent fall under?
- Primary CPC classification H04L9/083. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 29 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).