To realize the configuration which makes it possible to efficiently verify the alteration of management data and converts a management data verification value stored in a secure memory to small-capacity data regardless of the data amount of the management data.
A calculated value based on a unidirectional function calculated based on data set at the highest position of a data management tree, i.e., low-order data, e.g., hash value, is stored in a memory in a security chip, and this value is applied as a verification value to conduct the verification on the alteration of management data set in the lowest layer of the data management tree. Even when the amount of the management data increases, it is not necessary to increase the data amount of the management data verification value so that it is possible to verify the alteration of a large amount of the management data. The device is configured so that, when data update, such as addition, deletion or change of the management data is conducted, the data verification processing is executed based on the hush value of the data management tree. Thus, illegal data update is prevented, and proper data management is realized.
KAWASHIMA HIROSHI
JP2002215029A | 2002-07-31 |
RALPH C. MERKLE: ""A Digital Signature based on a Conventional Encryption Function"", ADVANCES IN CRYPTOLOGY -- CRYPTO '87, VOLUME 293 OF LECTURE NOTES IN COMPUTER SCIENCE, JPN6008046186, 1988, pages 369 - 378, ISSN: 0001131983
JUSTIN CHAPWESKE, GORDON MOHR, TREE HASH EXCHANGE FORMAT (THEX), JPN6008046189, 4 March 2003 (2003-03-04), ISSN: 0001131984
Eiji Yamada
Toshio Sawada
Next Patent: SATELLITE COMMUNICATION ADAPTER DEVICE