Encryption processing apparatus, encryption processing unit control apparatus, encryption processing unit, and computer product

FIELD OF THE INVENTION

[0001] The present invention relates to an encryption processing apparatus, an encryption processing unit control apparatus, an encryption processing unit, and a computer program capable of dispersing encryption processing load.

BACKGROUND OF THE INVENTION

[0002] In recent years, various techniques have been studied to deal with dangers such as the tapping and falsification of information by the third party and disguise in an open network such as phone line, ISDN (Integrated Services Digital Network), LAN (Local Area Network), radio communication network, optical communication network or the like.

[0003] As the most typical example, there is known an encryption technique encrypting a plain text encrypted according to an encryption algorithm such as RSA (Rivest Shamir Adleman) or DES (Data Encryption Standard) and using the cipher text for the transmission thereof on an actual network or the storage thereof in an information terminal.

[0004] An encryption processing system employing the encryption technique of this type includes an encryption processing section which encrypts a plain text to a cipher text, and a decoding processing section which decodes the cipher text to the plain text and uses a key encryption and decoding. It is, therefore, essential to the encryption processing system to strictly manage the key so as to prevent the interpretation of information by the leakage of the key to the outside of the system.

[0005]
FIG. 22 is a block diagram which shows the configuration of a conventional encryption processing system. In FIG. 22, an encryption processing apparatus 10 mounts thereon n encryption processing units 200 to 20n the security of which is protected. This encryption processing apparatus 10 is intended to encrypt a plain text input from the outside of the apparatus, to decode a cipher text, to generate key for encryption and decoding and the like.

[0006] A driver 40 controls the driving of the encryption processing units 200 to 20n through a PCI (peripheral component interconnect) bus 30 in accordance with an instruction from a master apparatus 50. The master apparatus 50 is a computer apparatus which executes an application program for encryption and decoding and issues various instructions to the driver 40 in relation to the generation of a key, encryption and decoding.

[0007] Each of the encryption processing units 200 to 20n has a function of generating a key used for encryption and decoding under the control of the driver 40, a function of issuing a key ID identifying the key, a function of encrypting a plain text according to an encryption algorithm (e.g., RSA or DES) using the key, and a function of decoding a cipher text using the key.

[0008]
FIG. 23 is a block diagram which shows the configuration of the encryption processing units 200 and 201 shown in FIG. 22. In FIG. 23, the same reference symbols denote the same or corresponding constituent elements as those in FIG. 22. In the encryption processing unit 200 shown in FIG. 23, a security guard 210 has a function of detecting an external attack (such as a physical destruction intended to illegally acquire a key) and a function of forcedly deleting the key held in the unit when the external attack is detected.

[0009] A PCI control section 220 controls the PCI bus 30 which is a communication interface between the driver 40 (see FIG. 22) and the encryption processing unit 200. A control section 230 consists of an MPU (Micro Processing Unit) which executes a program and controls the respective sections, an ROM (Read Only Memory) which serves as a storage region, a RAM (Random Access Memory) and the like.

[0010] A timer section 240 is a real-time clock which momently outputs time information to a key generation section 250. The key generation section 250 generates a unique key 60n using random numbers, time information, an integration timer or the like in accordance with an key generation instruction. In addition, the key generation section 250 transmits a key ID 610 (see FIG. 24) identifying the key 600 to the driver 40. The RAM 260 stores the key while making the key correspond to the key ID.

[0011] It should be noted herein that the key ID 610 is transmitted from the encryption processing unit 200 to the outside and that the key 600 itself is not transmitted. As can be seen, according to the conventional encryption processing system, the generation and storage of the key are closed in the encryption processing unit 200 to prevent the key from being leaked to the outside, thereby maintaining high security.

[0012] A battery 270 is the backup power supply of the timer section 240 and the RAM 260. An encryption/decoding processing section 280 has a function of encrypting a plain text to a cipher text in accordance with an external instruction and the key ID using the key corresponding to the key ID, and a function of decoding the cipher text using the key.

[0013] The encryption processing unit 201 is the same in configuration as the encryption processing unit 200 explained above. That is, the encryption processing unit 201 consists of a security guard 211, a PCI control section 221, a control section 231, a timer section 241, a key generation section 251 which generates a key 601, a RAM 261, a battery 271 and an encryption/decoding section 281.

[0014] The key 600 generated by the key generation section 250 in the encryption processing unit 200 is different from the key 601 generated by the key generation section 251 in the encryption processing unit 201. Therefore, the cipher text generated by the encryption processing unit 200 can be decoded only by the encryption processing unit 200 and cannot be decoded by the encryption processing unit 201.

[0015] The other encryption processing units (units 202 (not shown) to 20n are the same in configuration as the encryption processing unit 200 explained above. It is noted, however, that the keys generated by these other encryption processing units are unique to their respective units.

[0016] The key generation processing of the conventional encryption processing system will next be explained with reference to FIG. 24. When a key generation instruction 700 corresponding to the encryption processing unit 200 is issued from the master apparatus 50, the driver 40 requests the encryption processing unit 200 to generate a key.

[0017] In response to the request, the key generation section 250 generates the key 600 and the key ID 610, and the key 600 and the key ID 610 thus generated are stored in the RAM 260 (see FIG. 23). The key generation section 250 then transmits the key ID 610 to the driver 40. This key ID 610 is delivered by the driver 40 to the master apparatus 50.

[0018] Thereafter, when a key generation instruction 701 corresponding to the encryption processing unit 201 is issued from the master apparatus 50, the driver 40 request the encryption processing unit 201 to generate a key.

[0019] In response to the request, the key generation section 251 generates the key 601 and the key ID 611, and the key 601 and the key ID 611 thus generated are stored in the RAM 261 (see FIG. 23). The key generation section 251 then transmits the key ID 611 to the driver 40. This key ID 611 is delivered by the driver 40 to the master apparatus 50.

[0020] The encryption processing of the conventional encryption processing system will next be explained with reference to FIG. 25. When an encryption instruction 710 corresponding to the encryption processing unit 200 is issued from the master apparatus 50, the driver 40 requests the encryption processing unit 200 to perform encryption. In addition, a plain text 720 and the key ID 610 are delivered to the encryption processing unit 200 from the master apparatus 50.

[0021] In response to the request, the encryption/decoding processing section 280 encrypts the plain text 720 to a cipher text 730 using the key 600 corresponding to the key ID 610 and transmits the cipher text 730 to the driver 40. This cipher text 730 is delivered to the master apparatus 50 by the driver 40.

[0022] When an encryption instruction 711 corresponding to the encryption processing unit 201 is issued from the master apparatus 50, the driver 40 requests the encryption processing unit 201 to perform encryption. In addition, a plain text 721 and the key ID 611 are delivered to the encryption processing unit 201 from the master apparatus 50.

[0023] In response to the request, the encryption/decoding processing section 281 encrypts the plain text 721 to a cipher text 731 using the key 601 corresponding to the key ID 611 and transmits the cipher text 731 to the driver 40. This cipher text 731 is delivered to the master apparatus 50 by the driver 40.

[0024] The decoding processing of the conventional encryption processing system will next be explained with reference to FIG. 26. When a decoding instruction 740 corresponding to the encryption processing unit 200 is issued from the master apparatus 50, the driver 40 request the encryption processing unit 200 to perform decoding. In addition, the cipher text 730 and the key ID 610 are delivered to the encryption processing unit 200 from the master apparatus 50.

[0025] In response to the request, the encryption/decoding processing section 280 decodes the cipher text 730 to the plain text 720 using the key 600 corresponding to the key ID 610 and transmits the plain text 720 to the driver 40. The driver 40 delivers this plain text 720 to the master apparatus 50.

[0026] When a decoding instruction 741 corresponding to the encryption processing unit 201 is issued from the master apparatus 50, the driver 40 request the encryption processing unit 201 to perform decoding. In addition, the cipher text 731 and the key ID 611 are delivered to the encryption processing unit 201 from the master apparatus 50.

[0027] In response to the request, the encryption/decoding processing section 281 decodes the cipher text 731 to the plain text 721 using the key 601 corresponding to the key ID 611 and transmits the plain text 721 to the driver 40. The driver 40 delivers this plain text 721 to the master apparatus 50.

[0028] According to the conventional encryption processing system, a key ID and an encryption processing unit have a one-to-one correspondence. Therefore, if the corresponding encryption processing unit is executing a different processing when an encryption processing or a decoding processing (which will be generally referred to as “encryption processing” hereinafter) is requested, the corresponding encryption processing unit turns into a busy (processing wait) state until the unit is completed with the different processing.

[0029] Specifically, when the encryption instruction 710 is issued to the encryption processing unit 200 shown in FIG. 25 and the encryption processing unit 200 has been executing a different processing, then the encryption processing unit 200 does not start an encryption processing based on the encryption instruction 710 and turns into a busy state until completing with this different processing.

[0030] Since a key ID and an encryption processing unit have a one-to-one correspondence in the conventional encryption processing system, it is impossible to request an encryption processing to the other encryption unit (e.g., encryption processing unit 201) while the unit 200 is in a busy state. The same problem occurs to the decoding processing.

[0031] In this way, the conventional encryption processing system is disadvantageously incapable of dispersing load related to an encryption processing or a decoding processing although the n encryption processing units 200 to 20n are mounted on the encryption processing apparatus 10. In addition, there is a high probability that the encryption processing or the decoding processing is concentrated on a specific one encryption processing unit.

SUMMARY OF THE INVENTION

[0032] It is an object of the present invention to provide an encryption processing apparatus, an encryption processing unit control apparatus, an encryption processing unit, and a computer program capable of dispersing encryption processing load.

[0033] The encryption processing apparatus according to one aspect of the present invention comprises a plurality of encryption processing units each of which executes an encryption processing. At least one of the encryption processing units generates a key, encrypts the key and delivers the encrypted key to other encryption processing units that have not generated the key. Each of the other encryption processing units decodes the received key, and stores the key as the key that is the same key as the one generated by the at least one encryption processing unit.

[0034] The encryption processing unit control apparatus according to another aspect of the present invention comprises an encrypted key generation instruction unit which issues an instruction to generate a key, encrypt the generated key and transmit the encrypted key, to a specific encryption processing unit among a plurality of encryption processing unit each of which executes an encryption processing, and an encrypted key decoding unit which issues an instruction to deliver the encrypted key, decode the encrypted key and hold the same key as the key generated by the specific encryption processing unit, to the other encryption processing units.

[0035] The encryption processing control unit according to still another aspect of the present invention comprises a key generation unit which generates a key in accordance with an external key generation instruction, an encrypted key generation unit which generates an encrypted key obtained by encrypting the key to be delivered to the other encryption processing units based on an external encrypted key generation instruction, and then transmits the encrypted key to an outside of the encrypted key generation unit, and an encrypted key decoding unit which decodes the delivered encrypted key and holds the same key as the key held by the encryption processing unit which generates the key based on an external encrypted key decoding instruction.

[0036] Other objects and features of this invention will become apparent from the following description with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

[0037]
FIG. 1 is a block diagram which shows the configuration of one embodiment according to the present invention,

[0038]
FIG. 2 is a block diagram which shows the configurations of encryption processing units 2000 and 2001 shown in FIG. 1,

[0039]
FIG. 3 is an explanatory view which explains the outline of a key management table 700 used in this embodiment,

[0040]
FIG. 4 shows the key management table 700 used in this embodiment,

[0041]
FIG. 5 shows key sequence information 800 used in this embodiment,

[0042]
FIG. 6 is a flow chart which explains the operation of a driver 400 shown in FIG. 1,

[0043]
FIG. 7 is a flow chart which explains an encrypted key generation processing shown in FIG. 6,

[0044]
FIG. 8 is a flow chart which explains an encryption/decoding processing shown in FIG. 6,

[0045]
FIG. 9 is a flow chart which explains a key consistency processing shown in FIG. 6,

[0046]
FIG. 10 is a flow chart which explains the key consistency processing shown in FIG. 6,

[0047]
FIG. 11 is a flow chart which explains the operation of the encryption processing unit 2000 shown in FIG. 1,

[0048]
FIG. 12 is a flow chart which explains an encrypted key generation processing shown in FIG. 11,

[0049]
FIG. 13 is a flow chart which explains the encryption/decoding processing shown in FIGS. 11 and 16,

[0050]
FIG. 14 is a flow chart which explains a sequence processing shown in FIGS. 11 and 16,

[0051]
FIG. 15 is a flow chart which explains a key consistency processing shown in FIGS. 11 and 16,

[0052]
FIG. 16 is a flow chart which explains the operations of the encryption processing units 2001 to 200n shown in FIG. 1,

[0053]
FIG. 17 is a flow chart which explains an encrypted key decoding processing shown in FIG. 16,

[0054]
FIG. 18 shows integrated key sequence information 900 used in this embodiment,

[0055]
FIG. 19 shows the first example of the key consistency processing shown in FIG. 15,

[0056]
FIG. 20 shows the second example of the key consistency processing shown in FIG. 15,

[0057]
FIG. 21 is a block diagram which shows the configuration of the modification of this embodiment,

[0058]
FIG. 22 is a block diagram which shows the configuration of a conventional encryption processing system,

[0059]
FIG. 23 is a block diagram which shows the configurations of encryption processing units 200 and 201 shown in FIG. 22,

[0060]
FIG. 24 is an explanatory view which explains the key generation processing of the conventional encryption processing system,

[0061]
FIG. 25 is an explanatory view which explains the encryption processing of the conventional encryption processing system, and

[0062]
FIG. 26 is an explanatory view which explains the decoding processing of the conventional encryption processing system.

DETAILED DESCRIPTIONS

[0063] One embodiment of the encryption processing apparatus, the encryption processing unit control apparatus, the encryption processing unit, and the computer program according to the present invention will be explained hereinafter in detail while referring to the accompanying drawings.

[0064]
FIG. 1 is a block diagram which shows the configuration of one embodiment of the present invention. FIG. 1 shows an encryption processing system which consists of an encryption processing apparatus 100, a PCI bus 300, a driver 400 and a master apparatus 500. The encryption processing apparatus 100 mounts thereon n encryption processing units 2000 to 200n the security of which is protected. The encryption processing apparatus 100 encrypts a plain text input from the outside of the system to a cipher text, decodes the cipher text, and generates a key used for encryption and decoding.

[0065] The driver 400 controls the driving of the encryption processing units 2000 to 200n through the PCI bus 300 in accordance with an instruction from the master apparatus 500. The master apparatus 500 is a computer apparatus which executes an application program for encryption and decoding and which issues various instructions related to the registration, deletion, encryption and decoding of a key and the like to the driver 400.

[0066] Each of the encryption processing units 2000 to 200n has a function of generating a key used for encryption and decoding, a function of issuing a key ID of identifying the key, and a function of encrypting a plain text to a cipher text using the key according to an encryption algorithm, a function of decoding the cipher text using the key under the control of the driver 400. Besides, each encryption processing unit has a function of sharing the key among the other encryption processing units, a function of keeping the key consistent with the other keys and the like. The key generated by the encryption processing unit 2000 is distributed to the encryption processing units 2001 to 200n.

[0067]
FIG. 2 is a block diagram which shows the configurations of the encryption processing units 2000 and 200n shown in FIG. 1. In FIG. 2, constituent elements corresponding to those shown in FIG. 1 are denoted by the same reference symbols as those in FIG. 1. In the encryption processing unit 2000 shown in FIG. 2, a security guard 2010 has a function of detecting an external attack to the encryption processing unit 2000 and a function of forcedly deleting the key.

[0068] A PCI control section 2020 controls the PCI bus 300 which is a communication interface between the driver 400 (see FIG. 1) and the encryption processing unit 2000. A control section 2030 consists of an MPU which execute a program and controls the respective sections, an ROM which serves as a storage region, a RAM and the like. The detail of this control section 2030 will be explained later.

[0069] A timer section 2040 is a real-time clock which outputs time information to a key generation section 2050 if necessary. The key generation section 2050 generates a unique key 6000 using random numbers, time information, an accumulation timer or the like. In addition, the key generation section 2050 issues a key ID identifying the key 6000 and transmits the key ID to the driver 400.

[0070] The RAM 2060 stores a key management table 700 shown in FIGS. 3 and 4. In this key management table 700, the generated key is registered while making the key correspond to the key ID. Specifically, key information 7001 to 7003 shown in FIG. 4, for example, are registered in the key management table 700. The key information 7001 to 7003 constitute a key information queue group shown in FIG. 3 by address linkage. Each key information queue consists of information on the key ID, a key (24 bytes), NULL, next address and previous address.

[0071] Further, if no key information is registered in the key management table 700, an empty queue group exists. When the key and the key ID are registered, they are registered in a certain empty queue in the empty queue group as key information.

[0072] It should be noted herein that the key ID is transmitted from the encryption processing unit 2000 to the master apparatus 500 and that the key 6000 itself is not transmitted. As will be explained later, an encrypted key obtained by encrypting the key 6000 is transmitted from the encryption processing unit 2000 to the driver 400. As can be seen, in one embodiment of the present invention, as in the instance of the conventional encryption processing system explained above, the generation and storage of the key are closed in the encryption processing unit 2000 to prevent the key from being leaked to the outside of the system, thereby maintaining high security.

[0073] Furthermore, the RAM 2060 stores key sequence information 8000 (see FIG. 18) which the same in format as the key sequence information 800 shown in FIG. 5. This key sequence information 800 is information on the history of a sequence related to the execution of an instruction to register or delete the key. The key sequence information 800 consists of sequence history information 801, an apparatus number 802, a unit number 803 and time information 804.

[0074] The sequence history information 801 consists of a sequence number and a history (registration or deletion of the key and key ID) incremented by one when the instruction is executed and includes a maximum of information on four generations. The apparatus number 802 is a number identifying the encryption processing apparatus 100 (see FIG. 1) on which the encryption processing unit is mounted. The unit number 803 is a number identifying the encryption processing unit. The time information 804 indicates time at which the instruction is executed.

[0075] Referring back to FIG. 2, a battery 2070 is the backup power supply of the timer section 2040 and the RAM 2060. An encryption/decoding processing section 2080 has a function of encrypting a plain text to a cipher text using the key corresponding to the key ID and a function of decoding the cipher text using the key in accordance with an external instruction and the key ID. The encryption/decoding processing section 2080 has also a function of encrypting the key generated by the key generation section 2050.

[0076] The encryption processing unit 2001 is the same in configuration and function as the encryption processing unit 2000 explained above. Namely, the encryption processing unit 2001 consists of a security guard 2011, a PCI control section 2021, a control section 2031, a timer section 2041, a key generation section 2051 which generates a key 6001, a RAM 2061, a battery 2071, and an encryption/decoding processing section 2081. The encryption/decoding processing section 2081 has also a function of decoding an encrypted key obtained by encrypting the key 6000.

[0077] The other encryption processing units (2002 (not shown) to 200n) are the same in configuration and function as the above-explained encryption processing units 2000 and 2001.

[0078] The operation of one embodiment will next be explained with reference to flow charts shown in FIGS. 6 to 17 and FIGS. 18 to 20. FIG. 6 is a flow chart which explains the operation of the driver 400 shown in FIG. 1. FIG. 11 is a flow chart which explains the operation of the encryption processing unit 2000 shown in FIG. 1. FIG. 16 is a flow chart which explains the operations of the encryption processing units 2001 to 200n shown in FIG. 1.

[0079] At step SA1 shown in FIG. 6, the driver 400 determines whether or not the driver 400 receives an encrypted key generation instruction from the master apparatus 500. It is assumed herein that the determination result of the step SA1 is “No”. This encrypted key generation instruction is an instruction allowing the encryption processing unit 2000 to execute the generation of a key and the encryption of the key generated.

[0080] At step SA2, the driver 400 determines whether or not the driver 400 receives a key ID and a plain text (or a cipher text) together with an encryption instruction (or a decoding instruction) from the master apparatus 500. It is assumed herein that the determination result of the step SA2 is “No”. The encryption instruction is an instruction allowing one of the encryption processing units 2000 to 200n which has a free space for a processing, to execute the encryption of the plain text. The decoding instruction is an instruction allowing one of the encryption processing units 2000 to 200n which has a free space for a processing, to execute the decoding of the cipher text.

[0081] At step SA3, the driver 400 determines whether or not the encryption processing system is started by turning on or rebooting the system. It is assumed herein that the determination result of the step SA3 is “No”. Thereafter, the driver 400 repeats the determinations of the steps SA1 to SA3.

[0082] Meanwhile, at step SE1 shown in FIG. 11, the control section 2030 (see FIG. 2) of the encryption processing unit 2000 determines whether or not the unit 2000 receives the encrypted key generation instruction from the driver 400. It is assumed herein that the determination result of the step SE1 is “No”. At step SE2, the control section 2030 determines whether or not the unit 2000 receives the encryption instruction or the decoding instruction from the driver 400. It is assumed herein that the determination result of the step SE2 is “No”.

[0083] At step SE3, the control section 2030 determines whether or not the unit 2000 receives a sequence instruction to be explained later from the driver 400. It is assumed herein that the determination result of the step SE3 is “No”. At step SE4, the control section 2030 determines whether or not the unit 2000 receives a key consistency instruction to be explained later from the driver 400. It is assumed herein that the determination result of the step SE4 is “No”. Thereafter, the control section 2030 repeats the determinations of the steps SE1 to SE4.

[0084] Further, at step SJ1 shown in FIG. 16, the control section 2031 (see FIG. 2) determines whether or not the encryption processing unit 2001 receives an encrypted key decoding instruction and an encrypted key from the driver 400. It is assumed herein that the determination result of the step SJ1 is “No”. The encrypted key decoding instruction is an instruction to decode the encrypted key generated by the encryption processing unit 2000 and delivered to the encryption processing unit 2001 through the driver 400 in the encryption processing unit 2001.

[0085] At step SJ2, the control section 2031 determines whether or not the unit 2001 receives an encryption instruction (or a decoding instruction) from the driver 400. It is assumed herein that the determination result of the step SJ2 is “No”. At step SJ3, the control section 2031 determines whether or not the unit 2001 receives a sequence instruction from the driver 400. It is assumed herein that the determination result of the step SJ3 is “No”.

[0086] At step SJ4, the control section 2031 determines whether or not the unit 2001 receives a key consistency instruction from the driver 400. It is assumed herein that this determination result is “No”. Thereafter, the control section 2031 repeats the determinations of the steps SJ1 to SJ4. It is noted that the other encryption processing units 2002 (not shown) to 200n execute their respective processings in accordance with the flow chart shown in FIG. 16 as in the instance of the encryption processing unit 2001.

[0087] If the driver 400 receives the encrypted key generation instruction issued from the master apparatus 500, the driver 400 determines “Yes” at the step SA1 shown in FIG. 6. At step SA4, the driver 400 executes an encrypted key generation processing.

[0088] Specifically, at step SB1 shown in FIG. 7, the driver 400 issues an encrypted key generation instruction to the encryption processing unit 2000 having a unit number 0. As a result, the control section 2030 (see FIG. 2) of the encryption processing unit 2000 determines “Yes” at the step SE1 shown in FIG. 1. At step SE5, an encrypted key generation processing is carried out.

[0089] In one embodiment of the present invention, the encrypted key generation processing carried out by the encryption processing unit 2000 corresponding to the unit number 0 has been explained. Since the other encryption processing units have the same configurations and functions as those of the unit 2000, the other encryption processing units can execute encrypted key generation processings, respectively.

[0090] Specifically, at step SF1 shown in FIG. 12, the control section 2030 interprets the received instruction and recognizes that the instruction is an encrypted key generation instruction. At step SF2, the control section 2030 determines whether or not there is an abnormality in an encrypted key generation instruction parameter. It is assumed herein that the determination result of the step SF2 is “No”.

[0091] At step SF3, the key generation section 2050 generates a key based on the time information, random numbers, the accumulation timer or the like of the timer section 2040. At step SF4, the key generation section 2050 generates a unique key ID identifying the generated key. This key ID is issued by incrementing a key ID counter (not shown) every time a key is generated in the key generation section 2000 or an encrypted key received from the other encryption processing unit is decoded.

[0092] At step SF5, the control section 2030 registers the key generated at the step SF3, the key ID issued at the step SF4 and an address in the key management table 700 shown in FIG. 4 as, for example, key information 7003.

[0093] The control section 2030 next updates the key sequence information 8000 (see FIG. 18) which is the same in format as the key sequence information 800 shown in FIG. 5. Specifically, the control section 2030 adds a sequence number and a history (key registration (key ID)) incremented by one to sequence history information (which is sequence history information 801: see FIG. 5) and updates time information (which is time information 804: see FIG. 5).

[0094] Referring back to FIG. 12, at step SF6, the encryption/decoding processing section 2080 encrypts the key generated at the step SF3 using a common key. At step SF7, the control section 2030 transmits the encrypted key encrypted at the step SF6 and the key ID generated at the step SF4 to the driver 400.

[0095] At step SF8, the control section 2030 notifies the driver 400 of normal end. If the determination result of the step SF2 is “Yes”, the control section 2030 notifies the driver 400 of abnormal end at step SF9.

[0096] Referring back to FIG. 7, the driver 400 determines whether or not the driver 400 receives a normal end response from the encryption unit 2000 at step SB2. It is assumed herein that the determination result of the step SB2 is “Yes”. At step SB3, the driver 400 receives the encrypted key and the key ID from the encryption processing unit 2000.

[0097] At step SB4, the driver 400 assigns 1 to a unit counter Cc. This unit counter Cc corresponds to the encryption processing unit to which an encrypted key decoding instruction is issued. For example, the unit counter Cc=0 corresponds to the encryption processing unit 2000 and the unit counter Cc=n corresponds to the encryption processing unit 200n.

[0098] At step SB5, the driver 400 issues an encrypted key decoding instruction to the encryption processing unit 2001 corresponding to the unit counter Cc (=1) and transmits an encrypted key to the encryption processing unit 2001.

[0099] When the encryption processing unit 2001 receives the encrypted key decoding instruction and the encrypted key, the control section 2031 (see FIG. 2) determines “Yes” at the step SJ1 shown in FIG. 16. At step SJ5, an encrypted key decoding processing is executed.

[0100] Specifically, at step SK1 shown in FIG. 17, the control section 2031 interprets the received instruction and recognizes that the instruction is an encrypted key decoding instruction. At step SK2, the control section 2031 determines whether or not there is an abnormality in an encrypted key decoding instruction parameter. It is assumed herein that the determination result of the step SK2 is “No”.

[0101] At step SK3, the encryption/decoding processing section 2081 decodes the encrypted key using a common key. At step SK4, the control section 2031 registers key information (decoded key, received key ID and address) in the key management table (not shown). The key ID is issued by incrementing the key ID counter (not shown) as in the instance of the processing performed to generate the key in the encryption processing unit 2000 (step SF4: see FIG. 12).

[0102] The control section 2031 updates the key sequence information 8001 (see FIG. 18) which is the same in format as the key sequence information 800 shown in FIG. 5. Specifically, the control section 2031 adds a sequence number and a history (key registration (key ID)) incremented by one to the sequence history information (which is sequence history information 801: see FIG. 5) and updates the time information (which is time information 804: see FIG. 5). At step SK5, the control section 2031 transmits the key ID corresponding to the decoded key to the driver 400.

[0103] At step SK6, the control section 2031 notifies the driver 400 of normal end. If the determination result of the step SK2 is “Yes”, the control section 2031 notifies the driver 400 of abnormal end at step SK7.

[0104] Referring back to FIG. 7, at step SB6, the driver 400 determines whether or not there is a normal end response from the encryption processing unit (which is the encryption processing unit 2001 in this instance) to which the encrypted key decoding instruction is issued. It is assumed herein that the determination result of the step SB6 is “Yes”. At step SB7, the driver 400 receives the key ID from the encryption processing unit (which is the encryption processing unit 2001 in this instance).

[0105] At step SB8, the driver 400 determines whether or not the key ID transmitted at the step SB5 is consistent with the key ID received at the step SB7. It is assumed herein that the determination result of the step SB8 is “Yes”. If the both key ID's are consistent with each other, it means that the same key as the key generated in the encryption processing unit 2000 is normally delivered to the encryption processing unit 2001.

[0106] At step SB9, the driver 400 increments the unit counter Cc by one (1+1=2). At step SB10, the driver 400 determines whether or not the unit counter Cc (=2) is n (where n is the total number of the encryption processing units)+1. It is assumed herein that the determination result of the step SB9 is “No”.

[0107] Thereafter, the steps SB4 to SB10 are repeated, whereby a series of processings of the issuance of the encrypted key decoding instruction, the decoding of the encrypted key and the registration of the key in the order of encryption processing unit 2002 (not shown) to encryption processing unit 2003 (not shown) to . . . to encryption processing unit 200n. As a result, the key generated in the encryption processing unit 2000 is sequentially delivered to the encryption processing units 2002 (not shown) to 200n.

[0108] As can be understood from the above, the key generated in one encryption processing unit never fails to exist in all the other encryption processing units. That is, all the encryption processing units hold the same key. In addition, the key ID is issued by incrementing the key ID counter every time the key is registered in each encryption processing unit. Therefore, the key ID corresponding to the same key is theoretically common to all the encryption processing units.

[0109] If the determination result of the step SB10 is “Yes”, the driver 400 notifies the master apparatus 500 that the encrypted key generation instruction normally ended at step SB11. If the determination result of the step SB2, SB6 or SB8 is “No”, the driver 400 notifies the master apparatus 500 that the encrypted key generation instruction abnormally ended at step SB12. Further, if the same key is sequentially deleted from the encryption processing units 2000 to 200n, a key deletion instruction is issued.

[0110] If the driver 400 receives the key ID together with the encryption instruction (plain text) or the decoding instruction (cipher text) issued from the master apparatus 500, the driver 400 determines “Yes” at the step SA2 shown in FIG. 6. At step SA5, an encryption/decoding processing is executed.

[0111] Specifically, at step SC1 shown in FIG. 8, the driver 400 assigns 0 to the unit counter Cc. At step SC2, the driver 400 determines whether or not the encryption processing unit corresponding to the unit counter Cc (=0) (which is the encryption processing unit 2000 in this instance) has a free space for a processing.

[0112] When the encryption processing unit 2000 is executing a different encryption processing, for example, the driver 400 determines “No” at the step SC2 and SC3, increments the unit counter Cc by one (0+1=1). At step SC4, the driver 400 determines whether or not the unit counter Cc is n+1. It is assumed herein that the determination result of the step SC4 is “No”.

[0113] At the step SC2, the driver 400 determines whether or not the encryption processing unit corresponding to the unit counter Cc (=1) (which is the encryption processing unit 2001 in this instance) has a free space for a processing. If the encryption processing unit 2001 does not execute any processing, the driver 400 determines “Yes” at the step SC2.

[0114] At step SC5, the driver 400 issues an encryption instruction (or a decoding instruction) to the encryption processing unit corresponding to the unit counter Cc (which is the encryption processing unit 2001 in this instance) and transmits a key ID and a plain text (or a cipher text) to the encryption processing unit.

[0115] If the encryption processing unit 2001 receives the encryption instruction (or the decoding instruction), the key ID and the plain text (or the cipher text), the control section 2031 (see FIG. 2) of the encryption processing unit 2001 determines “Yes” at the step SJ2 shown in FIG. 16. At step SJ6, an encryption/decoding processing is executed.

[0116] Specifically, at step SG1 shown in FIG. 13, the control section 2031 interprets the received instruction and recognizes that the instruction is an encryption instruction (or a decoding instruction).

[0117] At step SG2, the control section 2031 determines whether or not there is an abnormality in an encryption instruction parameter (or a decoding instruction parameter) It is assumed herein that the determination result of the step SG2 is “Yes”.

[0118] At step SG3, the control section 2031 acquires a key corresponding to the key ID from the key management table 700 (see FIG. 4) in the RAM 2061. At step SG4, the control section 2031 determines whether the instruction is an encryption instruction or a decoding instruction.

[0119] If the instruction is an encryption instruction, the control section 2031 encrypts the plain text to a cipher text using the key acquired at the step SG3, at step SG5. At step SG6, the control section 2031 transmits the cipher text to the driver 400. At step SG7, the control section 2031 notifies the driver 400 of normal end.

[0120] On the other hand, at step SG8, if the instruction is a decoding instruction, the control section 2031 decodes the cipher text to a plain text using the key acquired at the step SG3. At step SG9, the control section 2031 transmits the pain text to the driver 400. At the step SG7, the control section 2031 notifies the driver 400 of normal end.

[0121] Referring back to FIG. 8, at step SC6, the driver 400 determines whether or not the driver 400 receives a normal end response from the encryption processing unit 2001. It is assumed herein that the determination result of the step SC6 is “Yes”. At step SC7, the driver 400 notifies the master apparatus 500 that the encryption instruction (or the decoding instruction) normally ended.

[0122] On the other hand, if the determination result of the step SG2 shown in FIG. 13 is “Yes”, the control section 2031 notifies the driver 400 of abnormal end at step SG10. In response to the notification, the driver 400 determines “No” at the step SC6 shown in FIG. 8. At step SC8, the driver 400 notifies the master driver 500 that the encryption instruction (or the decoding instruction) abnormally ended.

[0123] Further, if the encryption processing system shown in FIG. 1 is started by turning on or rebooting the system, the driver 400 determines “Yes” at the step SA3 shown in FIG. 6. At step SA6, the driver 400 executes a key consistency processing to keep keys consistent with one another among the encryption processing units 2000 to 200n.

[0124] If a power failure occurs to any one of the encryption processing units 2000 to 200n while the units 2000 to 200n are executing processings of registering or deleting the same key, respectively, then the encryption processing unit cannot register or delete the key.

[0125] In this instance, the difference of the keys held is generated between the encryption processing unit to which the power failure occurs and the other encryption processing units. The key consistency processing to be explained later is intended to correct the difference of the keys held and to make the keys held by the encryption processing units consistent with one another.

[0126] Specifically, at step SD1 shown in FIG. 9, the driver 400 assigns 0 to the unit counter Cc. At step SD2, the driver 400 issues a sequence instruction to the encryption processing unit corresponding to the unit counter Cc (=0) (which is the encryption processing unit 2000 in this instance).

[0127] If the encryption processing unit 2000 receives the sequence instruction, the control section 2030 of the encryption processing unit 2000 determines “Yes” at the step SE3 shown in FIG. 11. At step SE7, a sequence processing which transmits key sequence information to the driver 400 is executed.

[0128] Specifically, at step SH1 shown in FIG. 14, the control section 2030 interprets the received instruction and recognizes that the instruction is a sequence instruction. At step SH2, the control section 2030 determines whether or not there is an abnormality in a sequence instruction parameter. It is assumed herein that the determination result of the step SH2 is “No”.

[0129] At step SH3, the control section 2030 updates the time information (which is the time information 804: see FIG. 5) in the key sequence information 8000 (see FIG. 18). At step SH4, the control section 2030 transmits the key sequence information 8000 to the driver 400. At step SH5, the control section 2030 notifies the driver 400 of normal end. If the determination result of the step SH2 is “Yes”, the control section 2030 notifies the driver 400 of abnormal end at step SH6.

[0130] Referring back to FIG. 9, at step SD3, the driver 400 determines whether or not the driver 400 receives a normal end response from the encryption processing unit 2000. It is assumed herein that the determination result of the step SD3 is “Yes”. At step SD4, the driver 400 receives key sequence information 8000 (see FIG. 18) from the encryption processing unit 2000.

[0131] At step SD5, the driver 400 increments the unit counter Cc by one (0+1=1). At step SD6, the driver 400 determines whether or not the unit counter Cc is n+1. It is assumed herein that the determination result of the step SD6 is “No”.

[0132] Returning to the step SD2, the driver 400 issues a sequence instruction to the next encryption processing unit corresponding to the unit counter Cc (=1) (which is the encryption processing unit 2001 in this instance).

[0133] When the encryption processing unit 2001 receives the sequence instruction, the control section 2031 of the encryption processing unit 2001 determines “Yes” at the step SJ3 shown in FIG. 16. At step SJ7, a sequence processing transmitting the key sequence information to the driver 400 is executed.

[0134] Specifically, at step SH1 shown in FIG. 14, the control section 2031 interprets the received instruction and recognizes that the instruction is a sequence instruction. At step SH2, the control section 2031 determines whether or not there is an abnormality in a sequence instruction parameter. It is assumed herein that the determination result of the step SH2 is “No”.

[0135] At step SH3, the control section 2031 updates the time information (which is the time information 804: see FIG. 5) in the key sequence information 8001 (see FIG. 18). At step SH4, the control section 2031 transmits the key sequence information 8001 to the driver 400. At step SH5, the control section 2031 notifies the driver 400 of normal end.

[0136] Referring back to FIG. 9, at the step SD3, the driver 400 determines whether or not there is a normal end response from the encryption processing unit 2001. It is assumed herein that the determination result of the step SD3 is “Yes”. At the step SD4, the driver 400 receives the key sequence information 8001 (see FIG. 18) from the encryption processing unit 2001.

[0137] At the step SD5, the driver 400 increments the unit counter Cc by one (1+1=2) At the step SD6, the driver 400 determines whether or not the unit counter Cc is n+1. It is assumed herein that the determination result of the step SD6 is “No”. Thereafter, the steps SD2 to SD6 are repeated, whereby the driver 400 sequentially receives the key sequence information 8002 (not shown) to 800n (see FIG. 18) from the encryption processing units 2002 (not shown) to the encryption processing unit 200n, respectively.

[0138] If the determination result of the step SD6 becomes “Yes”, at step SD7, the driver 400 integrates all the received key sequence information 8000 to 800n and generates integrated key sequence information 900 as shown in FIG. 18.

[0139] At step SD8 shown in FIG. 10, the driver 400 assigns 0 to the unit counter Cc. At step SD9, the driver 400 issues a key consistency instruction to the encryption processing unit corresponding to the unit counter Cc (=0) (which is the encryption processing unit 2000 in this instance) and transmits the integrated key sequence information 900 (see FIG. 18) to the encryption processing unit.

[0140] When the encryption processing unit 2000 receives the key matching instruction and the integrated key sequence information 900, the control section 2030 of the encryption processing unit 2000 determines “Yes” at the step SE4 shown in FIG. 11. At step SE8, a key consistency processing is executed.

[0141] Specifically, at step SI1 shown in FIG. 15, the control section 2030 interprets the received instruction and recognizes that the instruction is a key consistency instruction. At step SI2, the control section 2030 determines whether or not there is an abnormality in a key matching instruction parameter. It is assumed herein that the determination result of the step SI2 is “No”.

[0142] At step SI3, the control section 2030 makes the keys consistent with one another based on the integrated key sequence information 900. Specifically, the control section 2030 examines consistency as to “apparatus number” (apparatus number 802: see FIG. 5), “unit number” (unit number 803), “time information” (time information 804) and “sequence history information” (sequence history information 801) among the key sequence information 8000 to 800n in the integrated key sequence information 900 shown in FIG. 18.

[0143] As for the “apparatus number”, it is determined whether or not the apparatus numbers of the key sequence information 8000 to 800n are consistent with one another. If the apparatus numbers are consistent, it is determined that the consistency of “apparatus number” is satisfied. If not consistent, an error is determined.

[0144] As for the “unit number”, it is determined whether or not the unit numbers of the key sequence information 8000 to 800n overlap. If the unit numbers do not overlap, it is determined that the “unit numbers” are consistent. If the numbers overlap, an error is determined.

[0145] As for the “time information”, it is determined whether or not the fluctuation of the time information of the key sequence information 8000 to 800n is within a certain time (e.g., two minutes). If the fluctuation is within the certain time, it is determined that time information is consistent. If the fluctuation exceeds the certain time, an error is determined.

[0146] As for the “sequence history information”, it is determined whether or not the difference between the final sequence numbers thereof is within an allowable value (e.g., 1) and whether or not histories are consistent by comparing the key sequence information on the relevant unit (which is the key sequence information 8000) with the other key sequence information (which is key sequence information 8001 to 800n in this instance).

[0147] If there is no difference in final sequence number and histories are consistent, then it is determined that the sequence history information is consistent. If the difference in final sequence number exceeds the allowable value and the history information is inconsistent, then an error is determined.

[0148] Further, the difference in final sequence number is within the allowable value, the information is adjusted so as to be consistent with the sequence information having the smallest number of keys held among the key sequence information 8000 to 800n.

[0149]
FIG. 19 shows the first example of the key consistency processing. In FIG. 19, sequence history information 8010a, 8011a and 8012a correspond to the key sequence information 8010, 8011 and 801n (n=2) shown in FIG. 18, respectively.

[0150] With reference to the sequence history information 8010a, the difference between the final sequence number (=08) of the sequence history information 8010a and the final sequence number (=07) of the sequence history information 8012a is 1. It is noted that the difference between the final sequence number (=08) of the sequence history information 8010a and the final sequence number (=08) of the sequence history information 8011a is 0.

[0151] In this instance, the control section 2030 sets the sequence number as 00 and deletes the key corresponding to the key ID=4 from the key management table. By doing so, the key sequence information 8010a is adjusted to be consistent with the key sequence information 8012a having the smallest number of held keys. It is noted that the control section 2031 corresponding to the key history information 8011a executes the same key adjustment processing. In addition, the control section corresponding to the sequence history information 8012a updates the sequence number to 00 but does not execute a key adjustment processing.

[0152]
FIG. 20 shows the second example of the key consistency processing. In FIG. 20, sequence history information 8010b, 8011b and 8012b correspond to the sequence history information in the key sequence information 8000, 8001 and 800n (n=2) shown in FIG. 18, respectively.

[0153] With reference to the sequence history information 8010b, the difference between the final sequence number (=12) of the sequence history information 8010b and the final sequence number (=11) of the sequence history information 8011b and the difference between the final sequence number (=12) of the sequence history information 8010b and the final sequence number (=11) of the sequence history information 8012b are 1, respectively.

[0154] In this instance, the instruction to the sequence number 12 is “delete key” and the control section 2030 updates the sequence number to 00 but does not executes a key adjustment processing. It is noted that the control section 2031 corresponding to the sequence history information 8011b updates the sequence number to 00 and deletes the key corresponding to the key ID=3 from the key management table.

[0155] As a result, the key sequence information 8011b is adjusted to be consistent with the key sequence information 8010b having the smallest number of the held keys. In addition, the control section 2032 corresponding to the sequence history information 8012b executes the same key adjustment processing as that of the control section 2031.

[0156] Referring back to FIG. 15, at step SI4, the control section 2030 determines whether or not an error is determined (key adjustment cannot be made) at the step SI3. It is assumed herein that the determination result of the step SI4 is “No”. At step SI5, the control section 2030 transmits key adjustment result information including information as to whether or not the key is deleted and the key ID corresponding to the deleted key, to the driver 400.

[0157] At step SI6, the control section 2030 notifies the driver 400 of normal end. If the determination result of the step SI2 or SI4 is “Yes”, the control section 2030 notifies the driver 400 of abnormal end at step SI7.

[0158] Referring back to FIG. 10, at step SD10, the driver 400 determines whether or not the driver 400 receives a normal end response from the encryption processing unit 2000. It is assumed herein that the determination result of the step SD10 is “Yes”. At step SD11, the driver 400 receives key adjustment result information from the encryption processing unit 2000.

[0159] At step SD12, the driver 400 increments the unit counter Cc by one (0+1=1). At step SD13, the driver 400 determines whether or not the unit counter Cc is n+1. It is assumed herein that the determination result of the step SD13 is “No”.

[0160] Returning to the step SD9, the driver 400 issues a key consistency instruction to the encryption processing unit corresponding to the unit counter Cc (=1) (which is the encryption processing unit 2001 in this instance) and transmits integrated key sequence information 900 (see FIG. 18) to the encryption processing unit.

[0161] When the encryption processing unit 2001 receives the key consistency instruction and the integrated key sequence information 900, the control section 2031 of the encryption processing unit 2001 determines “Yes” at the step SJ4 shown in FIG. 16. At step SJ8, a key consistency processing (see FIG. 15) is executed. Thereafter, the steps SD9 to SD13 shown in FIG. 10 are repeated, whereby the encryption processing units 2002 (not shown) to 200n execute key consistency processings, respectively.

[0162] If the determination result of the step SD13 becomes “Yes”, the driver 400 transmits the key adjustment result information to the master apparatus 500 at step SD14 and determines that the key adjustment processing normally ended. On the other hand, if the determination result of the step SD10 is “No”, the driver 400 determines that the key adjustment processing abnormally ended at step SD15. If the determination result of the step SE2 shown in FIG. 11 is “Yes”, the above-explained decoding/encryption processing (see FIG. 13) is executed at step SE6.

[0163] As explained so far, according to one embodiment of the present invention, the specific encryption processing unit 2000 among a plurality of encryption processing units 2000 to 200n encrypts the generated key and delivers the encrypted key to the other encryption processing units. Each of the other encryption processing units 2001 to 200n decodes the encrypted key and holds the same key as that generated in the specific encryption processing unit 2000. It is, therefore, possible to share the same key among a plurality of encryption processing units 2000 to 200n, for all of the encryption processing units 2000 to 200n to execute the same encryption processing and thereby to disperse encryption processing load.

[0164] In addition, according to one embodiment of the present invention, the plural encryption processing units 2000 to 200n keep the keys held therein consistent with one another. It is, therefore, possible to correct the inconsistency of the key resulting from a power failure or the like which occurs when the same key is shared among the units.

[0165] One embodiment of the present invention has been explained in detail with reference to the drawings. The concrete example of the constitution of the invention is not limited to this embodiment. Any changes or modifications in design within the scope of the present invention are included in the present invention.

[0166] For example, in one embodiment explained above, the respective functions of the driver 400, the encryption processing apparatus 100 and the encryption processing units 2000 to 200n shown in FIG. 1 may be realized by recording a program which executes the respective functions of the driver 400, the encryption processing apparatus 100 and the encryption processing units 2000 to 200n shown in FIG. 1 on a computer readable recording medium 1000 shown in FIG. 21, and by allowing a computer 901 shown in FIG. 21 to read and execute the program recorded on this recording medium 1000.

[0167] The computer 901 shown in FIG. 21 consists of a CPU (Central Processing Unit) 910 which executes the above program, an input unit 920 such as a keyboard and a mouse, an ROM 930 which stores various data, a RAM 940 which stores operation parameters or the like, a reader 950 which reads the program from the recording medium 1000, an output unit 960 such as a display and a printer, and a bus 970 which connects the respective sections of the computer 901.

[0168] The CPU 910 realizes the above-stated respective functions by reading the program recorded on the recording medium 1000 through the reader 950 and executing the program. The recording medium 1000 is exemplified by a portable recording medium such as an optical disk, a flexible disk or a hard disk.

[0169] As explained so far, according to one aspect of the present invention, stores the decoded key holds a same key as the key that is the same key as the one generated by the encryption processing unit the same key is advantageously shared among a plurality of encryption processing units, any encryption processing unit among the plurality of encryption processing unit can advantageously carry out the same encryption processing, and encryption processing load can be advantageously dispersed. Moreover, the keys held are kept consistent with one another in a plurality of encryption processing units. Therefore, the inconsistency of the keys resulting from a power failure or the like which occurs during the common processing using the same key, can be advantageously corrected.

[0170] Furthermore, according to another aspect of the present invention, the same key is advantageously shared among a plurality of encryption processing units, any encryption processing unit among the plurality of encryption processing unit can advantageously carry out the same encryption processing, and encryption processing load can be advantageously dispersed. Moreover, each of the plurality of encryption processing units is instructed to perform a key consistency processing to keep the keys held by the plurality of encryption processing units consistent with one another. Therefore, the inconsistency of the key resulting from a power failure or the like which occurs during the common processing using the same key, can be advantageously corrected.

[0171] Furthermore, according to still another aspect of the present invention, if the encryption processing apparatus consists of a plurality of encryption processing units, the same key is advantageously shared among the plural encryption processing units, any encryption processing units among the plurality of encryption processing unit can advantageously carry out the same encryption processing, and encryption processing load can be advantageously dispersed.

[0172] Although the invention has been described with respect to a specific embodiment for a complete and clear disclosure, the appended claims are not to be thus limited but are to be construed as embodying all modifications and alternative constructions that may occur to one skilled in the art which fairly fall within the basic teaching herein set forth.

Encryption processing apparatus, encryption processing unit control apparatus, encryption processing unit, and computer product

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

US Classifications

International Classifications

Abstract

Description

Claims

Priority Claims (1)