公开(公告)号：US07225165B1

公开(公告)日：2007-05-29

申请号：US09678031

申请日：2000-10-03

Applicant: Masaki Kyojima ,  Kil-ho Shin

Inventor： Masaki Kyojima ,  Kil-ho Shin

IPC: G06Q99/00 ,  H04K1/00

CPC classification number: H04L9/3249 ,  G06Q50/18 ,  H04L9/302 ,  H04L9/3263 ,  H04L2209/60

Abstract: The invention enables a provider and a retailer of digital contents to issue an electronic license to a consumer without wasting its own resources. A retailer sells digital contents to a consumer via the Internet. The retailer requests a license-issuing center to issue an electronic license corresponding to the digital contents and the user of the contents and receives the generated license. The user receives the license from the retailer via the Internet. The terminal used by the user certifies that he/she is a legitimate user using his/her license when he/she uses the digital contents provided from the provider. When the license is verified, the user can use the digital contents.

Abstract translation: 本发明使数字内容的供应商和零售商能够向消费者发放电子许可证而不浪费自己的资源。 零售商通过互联网向消费者销售数字内容。 零售商请求许可证发放中心发出与数字内容和内容用户相对应的电子许可证，并接收生成的许可证。 用户通过互联网从零售商收到许可证。 用户使用的终端，当他/她使用从提供商提供的数字内容时，证明他/她是使用他/她的许可证的合法用户。 当许可证被验证时，用户可以使用数字内容。

公开(公告)号：US06996723B1

公开(公告)日：2006-02-07

申请号：US09588049

申请日：2000-06-06

Applicant: Masaki Kyojima ,  Kil-ho Shin

Inventor： Masaki Kyojima ,  Kil-ho Shin

IPC: H04L9/32 ,  G06F11/30 ,  G06F12/14

CPC classification number: H04L9/0822 ,  H04L9/3247

Abstract: Integrity of data is to be ensured in a simple manner. A data verifier generates a signature generation request from data to be signed and signature request time, and sends the request to a data generator. The data generator extracts the data to be signed from the signature generation request, and its signature generation unit generates a signature for the data. A key generation unit generates a key from a previous key, the signature request time in the signature generation request, and the identifier of the data generator, and an encryptor encrypts the signature. After that, the encrypted signature and the like are returned to the data verifier, which generates a decrypting key with a key generation unit from the previous key, the signature request time, and the identifier of the data generator, then extracts an encrypted signature, and decrypts it with a decryptor. A signature verification unit checks whether or not the result of decrypting is the correct signature.

Abstract translation: 以简单的方式确保数据的完整性。 数据验证者从要签名的数据和签名请求时间生成签名生成请求，并将该请求发送到数据生成器。 数据生成器从签名生成请求中提取要签名的数据，其签名生成部生成数据的签名。 密钥生成单元从先前密钥生成密钥，签名生成请求中的签名请求时间和数据生成器的标识符，并且加密器对签名进行加密。 之后，将加密的签名等返回到数据验证器，该数据验证器从先前的密钥生成具有密钥生成单元的解密密钥，签名请求时间和数据生成器的标识符，然后提取加密的签名， 并用解密器进行解密。 签名验证单元检查解密结果是否是正确的签名。

公开(公告)号：US06950808B1

公开(公告)日：2005-09-27

申请号：US09705707

申请日：2000-11-06

Applicant: Masaki Kyojima ,  Kil-ho Shin

Inventor： Masaki Kyojima ,  Kil-ho Shin

IPC: G06Q10/00 ,  G06Q30/06 ,  G06Q50/00 ,  G06Q50/10 ,  G06Q50/26 ,  G07F17/42 ,  G06F17/60

CPC classification number: G06Q10/02 ,  G06Q20/027 ,  G06Q20/045 ,  G06Q20/0855 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/38215 ,  G06Q30/0601 ,  G07F17/42

Abstract: Booking venders are to be enabled to issue booking certificates without having to consume their own resources. Advance booking is made and sent to a retailer from a consumer terminal via the Internet. The retailer requests a booking certificate issuing center to issue a booking certificate associated with the product or the booking party, and receives the booking certificate issued from the booking certificate issuing center. The consumer terminal receives the booking certificate from the retailer via the Internet, and uses it to have itself verified to be the legitimate booking party by a verifying apparatus associated with a provider. The booking party can receive the supply of the booked product or service if its booking certificate is successfully verified.

Abstract translation: 预定卖家将被启用发行预订证书，而不必使用自己的资源。 进行预订，并通过互联网从消费者终端发送给零售商。 零售商要求预订证书发行中心发出与产品或预订方相关的预订证书，并收到从预订证书发行中心发出的预订证书。 消费者终端从零售商通过因特网接收预订证书，并且通过与供应商相关联的验证装置将其自身验证为合法的预订方。 如果预订证书成功验证，预订方可以收到预订的产品或服务的供应。

公开(公告)号：US07159113B1

公开(公告)日：2007-01-02

申请号：US09454865

申请日：1999-12-07

Applicant: Shinichiro Taniguchi ,  Kenji Kawano ,  Kil-ho Shin

Inventor： Shinichiro Taniguchi ,  Kenji Kawano ,  Kil-ho Shin

IPC: H04L9/00

CPC classification number: H04L9/3247 ,  G06Q10/08

Abstract: Distributors can verify a signature without acquisition of a certificate for each signer from the certificate authority. A signature part calculates a hash value of distribution information and sets it to a variable h (step S412). Signer private information is taken out from a first signer private information storage part and set to the variable d (step S413). A signature key information selection part takes out signature key information corresponding to a product identifier pid from a signature key information storage part and sets it to the variable t, n (step S414). A signature part calculates a first signature value to the variable h by use of signer private information d and sets it to the variable r1 (step S415). A distribution information generating part calculates a second signature value to the variable h by use of a signature key information t according to the variable h (step S416). A signature value to the final variable h is calculated by use of the results r1 and r2.

Abstract translation: 分销商可以验证签名，而不从证书颁发机构获取每个签名者的证书。 签名部分计算分布信息的哈希值并将其设置为变量h（步骤412）。 从第一登录者私人信息存储部分取出签名者私人信息，并将其设置为变量d（步骤413）。 签名密钥信息选择部分从签名密钥信息存储部分中取出与产品标识符pid相对应的签名密钥信息，并将其设置为变量t，n（步骤414）。 签名部分通过使用签名人私人信息d来计算对变量h的第一签名值，并将其设置为变量r 1（步骤S 415）。 分发信息生成部根据变量h通过使用签名密钥信息t来计算对变量h的第二签名值（步骤S 416）。 通过使用结果r 1和r 2计算最终变量h的签名值。

公开(公告)号：US07155745B1

公开(公告)日：2006-12-26

申请号：US09656315

申请日：2000-09-06

Applicant: Kil-ho Shin ,  Yuzuru Fukuda ,  Hironori Gotoh

Inventor： Kil-ho Shin ,  Yuzuru Fukuda ,  Hironori Gotoh

IPC: G06F7/04 ,  G06F17/30 ,  G06F15/16 ,  G06K9/00 ,  H04L9/00 ,  H04K1/00

CPC classification number: G06F9/547 ,  G06F21/34 ,  H04L9/3249 ,  H04L2209/60

Abstract: An application of a client includes a proof data generation device, a command generation device, and a command issuing device. A command and proof data are sent to a server from the application of the client, and a command management device of the server receives them. A proof data verification device verifies the access right of a user to the application on the basis of the proof data, and enables a data storage device to be accessed in accordance with the command, if the verification is successful. The data storage device, used instead of a commonly used hard disk drive, includes a phase change type optical memory or a phase separation type optical memory to execute write once recording. Thus, the access to the data storage device is flexibly controlled.

Abstract translation: 客户端的应用包括证明数据生成装置，命令生成装置和命令发布装置。 命令和证明数据从客户端的应用发送到服务器，服务器的命令管理设备接收它们。 证明数据验证装置根据证明数据验证用户对应用程序的访问权限，并且如果验证成功，则能够根据该命令访问数据存储装置。 用于代替常用硬盘驱动器的数据存储装置包括执行一次写入记录的相变型光学存储器或相分离型光学存储器。 因此，对数据存储设备的访问被灵活地控制。

公开(公告)号：US06651167B1

公开(公告)日：2003-11-18

申请号：US09138089

申请日：1998-08-21

Applicant: Taro Terao ,  Kil-ho Shin

Inventor： Taro Terao ,  Kil-ho Shin

IPC: H04L1914

CPC classification number: H04L9/3271 ,  H04L9/302 ,  H04L9/3213 ,  H04L9/3221

Abstract: A method and a system for authentication whereby authentication characteristic information is not disclosed to a third party when a verifier uses a verification device of a limited scale to authenticate a user's rights or qualifications. A ticket issuing device interacts with the user's interactive device having a secret function f to calculate document secret information &mgr; based on a document m (data) to be transmitted to the interactive device, whereby the user is issued a ticket t generated from authentication characteristic information x and the document secret information &pgr;. Upon receipt of the document m, the interactive device generates the document secret information using its unique secret function f to perform an interaction based on the generated information. The interaction involves output of a commitment r, input of a challenge c, and an output of a response &sgr;. The user converts the interaction (r, c, &sgr;) into another interaction (r, c, s) using the ticket t to effect Guillou-Quisquater authentication.

Abstract translation: 一种用于认证的方法和系统，其中当验证者使用有限规模的验证设备来认证用户的权限或资格时，认证特性信息不向第三方公开。 票发行装置与具有秘密功能f的用户的交互式装置进行交互，以基于要发送到交互式装置的文档m（数据）来计算文档秘密信息mu，从而向用户发出从认证特征信息生成的票t x和文件秘密信息pi。 在接收到文档m时，交互式设备使用其唯一的秘密功能f生成文档秘密信息，以基于生成的信息执行交互。 交互涉及到承诺的输出，挑战的输入c以及响应西格玛的输出。 用户使用票证t将交互（r，c，sigma）转换为另一个交互（r，c，s）以实现Guillou-Quisquater身份验证。

公开(公告)号：US5987134A

公开(公告)日：1999-11-16

申请号：US805151

申请日：1997-02-24

Applicant: Kil-ho Shin ,  Kenichi Kobayashi ,  Toru Aratani

Inventor： Kil-ho Shin ,  Kenichi Kobayashi ,  Toru Aratani

IPC: G06F21/00 ,  H04L9/32 ,  H04L9/00

CPC classification number: G06F21/6209 ,  G06F21/31 ,  G06F21/34 ,  H04L9/3247 ,  H04L9/3271 ,  G06F2221/2103 ,  G06F2221/2141 ,  H04L2209/603

Abstract: The present invention provides a device for authenticating user's access rights to resources, which comprises first memory means for storing challenging data, second memory means for storing unique identifying information of the user, third memory means for storing proof support information which is a result of executing predetermined computations to the unique identifying information of the user and unique security characteristic information of the device, response generation means for generating a response from the challenging data stored in the first memory means, the unique identifying information stored in the second memory means and the proof support information stored in the third memory means, and verification means for verifying the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information of the device satisfy a specific predefined relation.

Abstract translation: 本发明提供了一种用于认证用户对资源的访问权限的装置，其包括用于存储挑战性数据的第一存储装置，用于存储用户的唯一识别信息的第二存储装置，用于存储作为执行结果的结果的证明支持信息的第三存储装置 对用户的唯一识别信息和设备的唯一安全特征信息的预定计算，响应产生装置，用于根据存储在第一存储装置中的挑战性数据产生响应，存储在第二存储装置中的唯一识别信息和证明 支持存储在第三存储器装置中的信息，以及验证装置，用于通过验证装置的响应，挑战性数据和唯一安全特性信息满足特定的预定关系来验证响应的合法性。

公开(公告)号：USRE42762E1

公开(公告)日：2011-09-27

申请号：US09533905

申请日：2000-03-17

Applicant: Kil-ho Shin ,  Kenichi Kobayashi ,  Toru Aratani

Inventor： Kil-ho Shin ,  Kenichi Kobayashi ,  Toru Aratani

IPC: G06F17/60

CPC classification number: H04L9/3271 ,  G06F21/316 ,  G06F21/34 ,  G06F2221/2139 ,  H04L9/302 ,  H04L9/3234 ,  H04L63/08 ,  H04L2209/603

Abstract: The present invention provides a device for authenticating user's access rights to resources, which comprises first memory means for storing challenging data, second memory means for storing unique identifying information of the user, third memory means for storing proof support information which is a result of executing predetermined computations to the unique identifying information of the user and unique security characteristic information of the device, response generation means for generating a response from the challenging data stored in the first memory means, the unique identifying information stored in the second memory means and the proof support information stored in the third memory means, and verification means for verifying the legitimacy of the response by verifying that the response, the challenging data and the unique security characteristic information of the device satisfy a specific predefined relation.

Abstract translation: 本发明提供了一种用于认证用户对资源的访问权限的装置，其包括用于存储挑战性数据的第一存储装置，用于存储用户的唯一识别信息的第二存储装置，用于存储作为执行结果的结果的证明支持信息的第三存储装置 对用户的唯一识别信息和设备的唯一安全特征信息的预定计算，响应产生装置，用于根据存储在第一存储装置中的挑战性数据产生响应，存储在第二存储装置中的唯一识别信息和证明 支持存储在第三存储器装置中的信息，以及验证装置，用于通过验证装置的响应，挑战性数据和唯一安全特性信息满足特定的预定关系来验证响应的合法性。