< Back
Sign In to Follow Application
View All Documents & Correspondence
Login

Security Apparatus And Security Method

Abstract: The present invention relates to a security device which performs processes such as authentication or cryptography, for example a security device for securely holding a key used in a cryptographic process, and a security method therefor. The security device includes: an identifier generation unit to generate an identifier specific to the security device by using a PUF; a PUF key generation unit to generate a PUF key specific to the security device by using the identifier; a reception unit to receive a registration command in which the registration key and a signature generated for the registration key by using a secret key corresponding to the public key are contained; a signature verification unit to verify, using the public key, validity of the signature contained in the registration command received by the reception unit and output the verification result indicating either failure or success in the verification; and a command execution unit to reject execution of the registration command in a case where the verification result outputted from the signature verification unit is failure, and to encrypt the registration key of the registration command with the PUF key and then store the encrypted registration key in the registration key storage unit in a case where the verification result is success.

Get Free WhatsApp Updates!
Notices, Deadlines & Correspondence

Patent Information

Application #
Filing Date
14 May 2018
Publication Number
21/2018
Publication Type
INA
Invention Field
COMMUNICATION
Status
Email
Parent Application

Applicants

MITSUBISHI ELECTRIC CORPORATION
7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310, Japan.

Inventors

1. FUKUDA,Hisashi
c/o.Mitsubishi Electric Corporation, 7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310.
2. YONEDA,Takeshi
c/o.Mitsubishi Electric Corporation, 7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310.
3. KOBAYASHI,Nobuhiro
c/o.Mitsubishi Electric Corporation, 7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310.
4. SUZUKI,Daisuke
c/o.Mitsubishi Electric Corporation, 7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310.
5. MISAWA, Manabu
c/o.Mitsubishi Electric Corporation, 7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310.
6. SHIMIZU,Koichi
c/o.Mitsubishi Electric Corporation, 7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310.
7. SUGAWARA, Takeshi
c/o.Mitsubishi Electric Corporation, 7-3, Marunouchi 2-chome, Chiyoda-KU,Tokyo 100 8310.

Specification

1. A security device comprising:
a public key storage unit to store a public key;
an identifier generation unit to generate an identifier specific to the security device by using a PUF (physical unclonable function);
a PUF key generation unit to generate a PUF key specific to the security device by using the identifier;
a registration key storage unit to store a registration key;
a reception unit to receive a registration command in which the registration key and a signature generated for the registration key by using a secret key corresponding to the public key are contained;
a signature verification unit to verify, using the public key, validity of the signature contained in the registration command received by the reception unit and output the verification result indicating either failure or success in the verification; and
a command execution unit to reject execution of the registration command in a case where the verification result outputted from the signature verification unit is failure, and to encrypt the registration key of the registration command with the PUF key and then store the encrypted registration key in the registration key storage unit in a case where the verification result is success.
2. The security device according to claim 1, further comprising:
a setting device comprising
a signature generation unit to generate the signature of the registration key by using the secret key,
a command generation unit to generate the registration command in which the signature and the registration key are contained, and
a transmission unit to transmit the registration command, wherein the reception unit receives the registration command transmitted by the setting device.
3. The security device according to claim 2, wherein
the command generation unit in the setting device generates a registration command which contains a key identifier indicating a command type to request to register either the public key or the registration key;
the security device further comprises a key information acquisition unit to notify the signature verification unit of the command type indicated by the key identifier contained in the registration command; and
in a case where a verification result of the signature contained in the registration command is success, the signature verification unit notifies the command execution unit of the command type indicated by the key identifier, and the command execution unit

encrypts the public key or the registration key in accordance with the command type and stores the encrypted public key or the encrypted registration key in the registration key storage unit.
4. A security method for a security device which includes a memory to store a public key and a registration key and which encrypts the registration key to be stored in the memory, the security method comprising:
an identifier generation step in which an identifier generation unit generates an identifier specific to the security device by using a PUF (physical unclonable function);
a PUF key generation step in which a PUF key generation unit generates a PUF key specific to the security device by using the identifier;
a reception step in which a reception unit receives a registration command in which the registration key and a signature generated for the registration key by using a secret key corresponding to the public key are contained;
a signature verification step in which a signature verification unit verifies, using the public key, validity of the signature contained in the registration command received by the reception unit and outputs the verification result indicating either failure or success in the verification; and
a command execution step in which, in a case where the verification result outputted from the signature verification unit is failure, a command execution unit rejects execution of the registration command, and in which, in a case where the verification result is success, the command execution unit encrypts the registration key of the registration command with the PUF key and stores the encrypted registration key in the memory.

Documents

Application Documents

# Name Date
1 201847017941-FER.pdf 2021-10-17
1 201847017941-TRANSLATIOIN OF PRIOIRTY DOCUMENTS ETC. [14-05-2018(online)].pdf 2018-05-14
2 201847017941-FORM 3 [07-12-2020(online)].pdf 2020-12-07
2 201847017941-STATEMENT OF UNDERTAKING (FORM 3) [14-05-2018(online)].pdf 2018-05-14
3 201847017941-REQUEST FOR EXAMINATION (FORM-18) [14-05-2018(online)].pdf 2018-05-14
3 201847017941-FORM 3 [25-01-2019(online)].pdf 2019-01-25
4 201847017941-PROOF OF RIGHT [14-05-2018(online)].pdf 2018-05-14
4 201847017941-FORM 3 [16-10-2018(online)].pdf 2018-10-16
5 201847017941-POWER OF AUTHORITY [14-05-2018(online)].pdf 2018-05-14
5 201847017941-Amendment Of Application Before Grant - Form 13 [18-05-2018(online)].pdf 2018-05-18
6 201847017941-FORM 18 [14-05-2018(online)].pdf 2018-05-14
6 201847017941-AMMENDED DOCUMENTS [18-05-2018(online)].pdf 2018-05-18
7 201847017941-MARKED COPIES OF AMENDEMENTS [18-05-2018(online)].pdf 2018-05-18
7 201847017941-FORM 1 [14-05-2018(online)].pdf 2018-05-14
8 201847017941-RELEVANT DOCUMENTS [18-05-2018(online)].pdf 2018-05-18
8 201847017941-DRAWINGS [14-05-2018(online)].pdf 2018-05-14
9 201847017941-DECLARATION OF INVENTORSHIP (FORM 5) [14-05-2018(online)].pdf 2018-05-14
9 Correspondence by Agent_Form 1_15-05-2018.pdf 2018-05-15
10 201847017941-CLAIMS UNDER RULE 1 (PROVISIO) OF RULE 20 [14-05-2018(online)].pdf 2018-05-14
10 201847017941-COMPLETE SPECIFICATION [14-05-2018(online)].pdf 2018-05-14
11 201847017941-CLAIMS UNDER RULE 1 (PROVISIO) OF RULE 20 [14-05-2018(online)].pdf 2018-05-14
11 201847017941-COMPLETE SPECIFICATION [14-05-2018(online)].pdf 2018-05-14
12 201847017941-DECLARATION OF INVENTORSHIP (FORM 5) [14-05-2018(online)].pdf 2018-05-14
12 Correspondence by Agent_Form 1_15-05-2018.pdf 2018-05-15
13 201847017941-DRAWINGS [14-05-2018(online)].pdf 2018-05-14
13 201847017941-RELEVANT DOCUMENTS [18-05-2018(online)].pdf 2018-05-18
14 201847017941-FORM 1 [14-05-2018(online)].pdf 2018-05-14
14 201847017941-MARKED COPIES OF AMENDEMENTS [18-05-2018(online)].pdf 2018-05-18
15 201847017941-AMMENDED DOCUMENTS [18-05-2018(online)].pdf 2018-05-18
15 201847017941-FORM 18 [14-05-2018(online)].pdf 2018-05-14
16 201847017941-Amendment Of Application Before Grant - Form 13 [18-05-2018(online)].pdf 2018-05-18
16 201847017941-POWER OF AUTHORITY [14-05-2018(online)].pdf 2018-05-14
17 201847017941-FORM 3 [16-10-2018(online)].pdf 2018-10-16
17 201847017941-PROOF OF RIGHT [14-05-2018(online)].pdf 2018-05-14
18 201847017941-REQUEST FOR EXAMINATION (FORM-18) [14-05-2018(online)].pdf 2018-05-14
18 201847017941-FORM 3 [25-01-2019(online)].pdf 2019-01-25
19 201847017941-STATEMENT OF UNDERTAKING (FORM 3) [14-05-2018(online)].pdf 2018-05-14
19 201847017941-FORM 3 [07-12-2020(online)].pdf 2020-12-07
20 201847017941-TRANSLATIOIN OF PRIOIRTY DOCUMENTS ETC. [14-05-2018(online)].pdf 2018-05-14
20 201847017941-FER.pdf 2021-10-17

Search Strategy

1 SearchStrategyE_23-12-2020.pdf