What technology area does this patent fall under?

Primary CPC classification H04L9/085. Mapped technology areas include Electricity.

When was this patent published?

Publication date Thu May 06 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Encryption processing system and encryption processing method

US2021135851A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2021135851-A1
Application number	US-202017081491-A
Country	US
Kind code	A1
Filing date	Oct 27, 2020
Priority date	Nov 1, 2019
Publication date	May 6, 2021
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

An encryption processing system includes: a first device; second devices; and a third device, wherein the first device generates synthesis keys by selecting public keys of the second devices; generates an intermediate text from confidential texts generated by encrypting secret information by using public keys of the second devices having decryption authority; generates ciphertexts by further encrypting the intermediate text using the synthesis keys; and makes public the ciphertexts, each of the second devices verifies validity of the ciphertexts; generates decryption key fragments by using an own private key; and makes public the decryption key fragments, the third device verifies validity of the decryption key fragments; generates a decryption key by combining decryption key fragments; generates the Intermediate text by decrypting one of the ciphertexts; and makes public the intermediate text, and the second device decrypts the intermediate text using the own private key; and restores the secret information.

First claim

Opening claim text (preview).

What is claimed is: 1 . An encryption processing system, comprising: a first device configured to encrypt secret information; second devices of a first number, the second devices each including a key pair of a public key and a private key; and a third device configured to collect and combine pieces of fragment information shared by the second devices of the first number, wherein the first device includes: a first memory; and a first processor coupled to the first memory and the first processor configured to: generate synthesis keys of a third number by performing, a third number of times, a process for selecting public keys of a second number to be used for key restoration from public keys of the first number to generate the synthesis key, the third number being a number of combinations of selecting the public keys of the second number from the public keys of the first number; generate an intermediate text from confidential texts of a fourth number generated by encrypting each piece of the secret information by using the public keys of the second devices of the fourth number having decryption authority for the secret information among the second devices of the first number; generate secret information ciphertexts of the third number by further encrypting the intermediate text using each of the synthesis keys; and make public encrypted data including the secret information ciphertexts of the third number and a first signature relating to the secret information ciphertexts of the third number, each of the second devices includes: a second memory; and a second processor coupled to the second memory and the second processor configured to: verify validity of the encrypted data by using the first signature; generate, when the validity has been verified, by using a private key included in an own second device, decryption key fragments of a fifth number, the fifth number being a number of combinations of selecting the second devices of a number obtained by subtracting one from the second number from among the second devices of a number obtained by subtracting one from the first number; generate second signatures of the fifth number respectively corresponding to the decryption key fragments of the fifth number; and make public the decryption key fragments of the fifth number and the corresponding second signatures, the third device includes: a third memory; and a third processor coupled to the third memory and the third processor configured to: verify validity of the decryption key fragments of the fifth number by using the decryption key fragments of the fifth number and the corresponding second signatures; generate a decryption key by combining decryption key fragments of the second number corresponding to any one of the secret information ciphertexts of the third number among the decryption key fragments of the fifth number that are made public by each of the second devices of the first number; generate the intermediate text by decrypting the secret information ciphertext corresponding to the generated decryption key with the generated decryption key; and make public the intermediate text generated by the third processor, and the second processor is further configured to: decrypt, when the own second device has the decryption authority, the intermediate text that is made public by the third processor using the private key included in the own second device; and restore the secret information. 2 . The encryption processing system according to claim 1 , wherein the first number and the second number are the same, and the third number and the fifth number are one. 3 . The encryption processing system according to claim 1 , wherein the first processor is further configured to: generate the synthesis key by performing multiplication of the public keys of the second number, and exponentiating a multiplication result by a first random number; generate the first signature by using a second random number; and make public the encrypted data by further including information on the first random number and information on the second random number, the second processor is further configured to: verify validity of the encrypted data by further using the information on the first random number and the information on the second random number, and the third processor is further configured to: generate the decryption key by multiplication of the decryption key fragments of the second number. 4 . The encryption processing system according to claim 1 , wherein the second processor is further configured to: generate the second signatures by using a third random number; and make public the second signatures by including information on the third random number, and the third processor is further configured to: verify validity of the decryption key fragments of the fifth number by further using the information on the third random number. 5 . An encryption processing method, comprising: generating, by a first computer, synthesis keys of a third number by performing, a third number of times, a process for selecting public keys of a second number to be used for key restoration from public keys of a first number to generate the synthesis key, the third number being a number of combinations of selecting the public keys of the second number from the public keys of the first number; generating, by the first computer, an intermediate text from confidential texts of a fourth number generated by encrypting each piece of secret information by using the public keys of second computers of the fourth number having decryption authority for the secret information among the second computers of the first number; generating, by the first computer, secret information ciphertexts of the third number by further encrypting the intermediate text using each of the synthesis keys; making public, by the first computer, encrypted data including the secret Information ciphertexts of the third number and a first signature relating to the secret information ciphertexts of the third number; verifying, by each of second computers, validity of the encrypted data by using the first signature, the second computers each including a key pair of a public key and a private key; generating by each of the second computers, when the validity has been verified, by using a private key included in an own second computer, decryption key fragments of a fifth number, the fifth number being a number of combinations of selecting the second computers of a number obtained by subtracting one from the second number from among the second computers of a number obtained by subtracting one from the first number; generating, by each of the second computers, second signatures of the fifth number respectively corresponding to the decryption key fragments of the fifth number; making public, by each of the second computers, the decryption key fragments of the fifth number and the corresponding second signatures; verifying, by a, validity of the decryption key fragments of the fifth number by using the decryption key fragments of the fifth number and the corresponding second signatures; generating, by the third computer, a decryption key by combining decryption key fragments of the second number corresponding to any one of the secret information ciphertexts of the third number among the decryption key fragments of the fifth number that are made public by each of the second computers of the first number; generating, by the third computer, the intermediate text by decrypting the secret information ciphertext corresponding to the generated decryption key with the generated decryption key; making public, by the third computer, the intermediate text generated by the first computer; decrypting, by each of the second computers of the fou

Assignees

Fujitsu Ltd

Inventors

Classifications

H04L9/0863
involving passwords or one-time passwords (network architectures or network communication protocols for using one-time keys in a packet data network H04L63/067) · CPC title
H04L9/0894
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title
H04L9/085Primary
Secret sharing or secret splitting, e.g. threshold schemes · CPC title
H04L9/0643
Hash functions, e.g. MD5, SHA, HMAC or f9 MAC · CPC title
G06F21/602Primary
Providing cryptographic facilities or services · CPC title

Patent family

Related publications grouped by family.

View patent family 72915778

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2021135851A1 cover?: An encryption processing system includes: a first device; second devices; and a third device, wherein the first device generates synthesis keys by selecting public keys of the second devices; generates an intermediate text from confidential texts generated by encrypting secret information by using public keys of the second devices having decryption authority; generates ciphertexts by further en…
Who is the assignee on this patent?: Fujitsu Ltd
What technology area does this patent fall under?: Primary CPC classification H04L9/085. Mapped technology areas include Electricity.
When was this patent published?: Publication date Thu May 06 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).