P
USRE48381EExpiredUtilityPatentIndex 62

Data processing device, encryption communication method, key generation method, and computer program

Assignee: CANON KKPriority: Apr 12, 2004Filed: Sep 6, 2013Granted: Jan 5, 2021
Est. expiryApr 12, 2024(expired)· nominal 20-yr term from priority
Inventors:FUKASAWA NOBUAKI
H04L 9/0891H04L 9/3263
62
PatentIndex Score
0
Cited by
77
References
101
Claims

Abstract

A data processing device comprises a storage unit adapted to store an initial value of a pair of a public key and a private key and a communication unit adapted to execute communication with an external device with use of the initial value of the pair of the public key and the private key stored in the storage unit, thereby enabling encryption communication without generating the pair of the public key and the private key.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A data processing device comprising:
 a storage unit configured to store an initial value of a pair of a public key and a private key;   a communication unit configured to (i) transmit the public key stored in said storage unit to an external device, (ii) receive a session key encrypted using the transmitted public key, (iii) decrypt the received session key using the private key stored in said storage unit, and (iv) receive a new pair of a public key and a private key from the external device using the decrypted session key;   an installation unit configured to install the new pair of the public key and the private key received by said communication unit;   a determination unit configured to determine whether login by an administrator authority is acknowledged;   an installation permission unit configured to permit said installation unit to install the new pair of the public key and the private key when the login by an administrator authority is acknowledged; and   a display control unit configured to cause a display unit to display a value of the public key installed from the external device.   
     
     
       2. A data processing device according to  claim 1 , further comprising a display control unit configured to cause a display unit to display the initial value of the pair of the public key and the private key stored in said storage unit. 
     
     
       3. A data processing device according to  claim 1 , further comprising a default unit configured to return the value of the pair of the public key and the private key stored in said storage unit to the initial value, in response to an instruction from a user. 
     
     
       4. A data processing device comprising:
 a storage unit configured to store an initial value of a pair of a public key and a private key;   a communication unit configured to (i) transmit the public key stored in said storage unit to an external device, (ii) receive a session key encrypted using the transmitted public key, (iii) decrypt the received session key using the private key stored in said storage unit, and (iv) receive a new pair of a public key and a private key from the external device using the decrypted session key;   an installation unit configured to install the new pair of the public key and the private key received by said communication unit;   a display control unit configured to cause a display unit to display a value of the public key generated by said key generation unit; and   a key generation unit configured to generate the initial value of the pair of the public key and the private key in said data processing device, in response to an instruction from a user,   wherein said installation unit installs the new pair of the public key and the private key obtained from the external device by executing the encryption communication by using the initial value of the pair of the public key and the private key generated by said key generation unit.   
     
     
       5. A control method for controlling a data processing device, comprising:
 storing an initial value of a pair of a public key and a private key in a storage unit;   transmitting, using a communication unit, the public key stored in the storage unit to an external device;   receiving, using the communication unit, a session key encrypted using the transmitted public key;   decrypting the received session key using the private key stored in the storage unit;   receiving a new pair of a public key and a private key from the external device using the decrypted session key;   determining, using a determination unit, whether login by an administrator authority is acknowledged;   permitting installation of the new pair of the public key and the private key when the login by an administrator authority is acknowledged;   installing, using an installation unit, the received new pair of the public key and the private key when installation is permitted; and   displaying, using a display control unit, a value of the public key installed from the external device.   
     
     
       6. A data processing device which is able to communicate with an external device, comprising:
 a memory configured to store an initial public key and an initial private key;   a memory device that stores a set of instructions; and   at least one processor that executes the instructions to:   perform first encryption communication by opening and using the initial public key, where, in the first encryption communication, key information encrypted by the opened initial public key is received from the external device;   decrypt the encrypted key information by using the initial private key stored in the memory;   perform second communication, which is encryption communication, by using the key information, where, in the second communication, a new public key encrypted by the key information and a new private key encrypted by the key information are received from the external device;   install the new public key and the new private key to perform third communication, which is encryption communication, by using the new public key and the new private key; and   cause a display unit to display information of the installed new public key.   
     
     
       7. A data processing device according to claim 6, wherein the at least one processor executes instructions in the memory device to:
 receive a login request from the external device; and   install the new public key and the new private key in a case where login based on the login request received in response to the login request is permitted.   
     
     
       8. A data processing device according to claim 6, wherein the at least one processor executes instructions in the memory device to:
 generate the initial public key and the initial private key,   wherein the memory stores the generated initial public key and the generated initial private key.   
     
     
       9. A data processing device according to claim 6, wherein the information of the new public key includes a date when the new public key has been installed. 
     
     
       10. A data processing device according to claim 9, wherein the information of the new public key includes a name of the new public key which has been installed. 
     
     
       11. A data processing device according to claim 9, wherein the information of the new public key includes a value of the new public key which has been installed. 
     
     
       12. A data processing device according to claim 9, wherein the at least one processor executes instructions in the memory device to:
 instruct printing of the information of the new public key.   
     
     
       13. A data processing device according to claim 9, wherein the at least one processor executes instructions in the memory device to:
 instruct transmitting of the information of the new public key.   
     
     
       14. A data processing device according to claim 6, wherein the data processing device is an image forming apparatus that executes print processing. 
     
     
       15. A data processing device according to claim 6, wherein the initial public key and the initial private key are stored as factory shipment values in the memory. 
     
     
       16. A data processing device according to claim 6, wherein the key information is a session key. 
     
     
       17. A data processing device according to claim 6, wherein the at least one processor executes instructions in the memory device to:
 perform login processing according to a login message transmitted from the external apparatus; and   install the new public key and the new private key after the login by an administrator authority to the data processing apparatus is acknowledged based on the login message transmitted from the external apparatus.   
     
     
       18. A control method for controlling a data processing device which is able to communicate with an external device, comprising:
 performing first encryption communication by opening and using an initial public key stored by a memory, where, in the first encryption communication, key information encrypted by the opened initial public key is received from the external device;   decrypting the encrypted key information by using an initial private key stored in the memory;   performing second communication, which is encryption communication, by using the key information, where, in the second encryption communication, a new public key encrypted by the key information and a new private key encrypted by the key information are received from the external device;   installing the new public key and the new private key to perform third communication, which is encryption communication, by using the new public key and the new private key; and   causing a display unit to display information of the installed new public key.   
     
     
       19. A non-transitory computer readable storage medium for storing a computer program for causing a data processing device which is able to communicate with an external device to execute:
 performing first communication by opening and using an initial public key stored by a memory, where, in the first encryption communication, key information encrypted by the opened initial public key is received from the external device;   decrypting the encrypted key information by using an initial private key stored in the memory;   performing second communication, which is encryption communication, by using the key information, where, in the second communication, a new public key encrypted by the key information and a new private key encrypted by the key information are received from the external device;   installing the new public key and the new private key to perform third communication, which is encryption communication, by using the new public key and the new private key; and   causing a display unit to display information of the installed new public key.   
     
     
       20. An image forming apparatus which is able to communicate with an external device which creates a print job and transmits the created print job to the image forming apparatus, comprising
 a memory configured to store an initial public key and an initial private key, the initial public key and the initial private key being stored before the image forming apparatus communicates with the external device and the initial public key and the initial private key being able to be used without executing a setting by a user for generating of a public key and a private key;   a memory device that stores a set of instructions; and   at least one processor that executes the instructions to:   perform first encryption communication by opening and using, in a case where a start of communication is requested from the external device, the initial public key, where, in the first communication, key information encrypted by the opened initial public key is received from the external device, wherein the external device generates the key information which is to be used in a communication for an installation of a pair of new public key and a new private key;   decrypt the encrypted key information by using the initial private key stored in the memory;   perform second communication, which is encryption communication, by using the key information, where, in the second communication, a new public key encrypted by the key information and a new private key encrypted by the key information are received from the external device;   install the new public key and the new private key to perform third communication, which is encryption communication, by using the new public key and the new private key; and   cause a display unit to display information of the installed new public key.   
     
     
       21. An image forming apparatus according to claim 20, wherein the key information is a session key. 
     
     
       22. An image forming apparatus according to claim 19, wherein the at least one processor executes instructions in the memory device to:
 perform a login processing according to a login message transmitted from the external apparatus via a network; and   install the new public key and the new private key after the login by an administrator authority to the image forming apparatus is acknowledged based on the login message transmitted from the external apparatus via the network.   
     
     
       23. A data processing device which is able to communicate with an external device, comprising:
 a memory configured to store an initial public key and an initial private key;   a memory device that stores a set of instructions; and   at least one processor that executes the instructions to:   perform first communication, where, in the first communication, the initial public key is transmitted to the external device and key information encrypted by the initial public key is received from the external device;   decrypt the encrypted key information by using the initial private key stored in the memory;   perform second communication, which is encryption communication, where, in the second communication, at least a new public key encrypted using the key information and a new private key encrypted using the key information are received from the external device;   install the new public key and the new private key to perform third communication, which is encryption communication, where, in the third communication, the new public key and the new private key are used; and   provide data to be used for displaying information of the installed new public key.   
     
     
       24. A data processing device according to claim 23, wherein the at least one processor executes instructions in the memory device to:
 receive a login request from the external device; and   install the new public key and the new private key in a case where login based on the login request received in response to the login request is permitted.   
     
     
       25. A data processing device according to claim 23, wherein the at least one processor executes instructions in the memory device to:
 generate the initial public key and the initial private key,   wherein the memory stores the generated initial public key and the generated initial private key.   
     
     
       26. A data processing device according to claim 23, wherein the information of the new public key includes a date when the new public key has been installed. 
     
     
       27. A data processing device according to claim 26, wherein the information of the new public key includes a name of the new public key which has been installed. 
     
     
       28. A data processing device according to claim 26, wherein the information of the new public key includes a value of the new public key which has been installed. 
     
     
       29. A data processing device according to claim 26, wherein the at least one processor executes instructions in the memory device to:
 instruct printing of the information of the new public key.   
     
     
       30. A data processing device according to claim 26, wherein the at least one processor executes instructions in the memory device to:
 instruct transmitting of the information of the new public key.   
     
     
       31. A data processing device according to claim 23, wherein the data processing device is an image forming apparatus that executes print processing. 
     
     
       32. A data processing device according to claim 23, wherein the initial public key and the initial private key are stored as factory shipment values in the memory. 
     
     
       33. The data processing device according to claim 23, wherein the data processing device provides information of the installed new public key to a display unit. 
     
     
       34. A data processing device according to claim 23, wherein the key information is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       35. A data processing device according to claim 23, wherein the key information is a session key, which is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       36. A control method comprising:
 performing first communication, where, in the first communication, an initial public key stored in a memory is transmitted to an external device and key information encrypted by the initial public key is received from the external device;   decrypting the encrypted key information by using an initial private key stored in the memory;   performing second communication, which is encryption communication, where, in the second communication, at least a new public key encrypted using the key information and a new private key encrypted using the key information are received from the external device;   installing the new public key and the new private key to perform third communication, which is encryption communication, where, in the third communication, the new public key and the new private key are used; and   providing data to be used for displaying information of the installed public key.   
     
     
       37. A control method according to claim 36, further comprising:
 receiving a login request from the external device; and   installing the new public key and the new private key in a case where login based on the login request received in response to the login request is permitted.   
     
     
       38. A control method according to claim 36, further comprising:
 generating the initial public key and the initial private key,   wherein the memory stores the generated initial public key and the generated initial private key.   
     
     
       39. A control method according to claim 36, wherein the information of the new public key includes a date when the new public key has been installed. 
     
     
       40. A control method according to claim 39, wherein the information of the new public key includes a name of the new public key which has been installed. 
     
     
       41. A control method according to claim 39, wherein the information of the new public key includes a value of the new public key which has been installed. 
     
     
       42. A control method according to claim 39, further comprising:
 instructing printing of the information of the new public key.   
     
     
       43. A control method according to claim 39, further comprising:
 instructing transmitting of the information of the new public key.   
     
     
       44. A control method according to claim 36, wherein the data processing device is an image forming apparatus that executes print processing. 
     
     
       45. A control method according to claim 36, wherein the initial public key and the initial private key are stored as factory shipment values in the memory. 
     
     
       46. The control method according to claim 36, further comprising providing information of the installed new public key to a display unit. 
     
     
       47. A control method according to claim 36, wherein the key information is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       48. A control method according to claim 36, wherein the key information is a session key, which is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       49. A non-transitory computer readable storage medium for storing a computer program for causing a data processing device which is able to communicate with an external device to execute:
 performing first communication, where, in the first communication, an initial public key stored in a memory is transmitted to an external device and key information encrypted by the initial public key is received from the external device;   decrypting the encrypted key information by using an initial private key stored in the memory;   performing second communication, which is encryption communication, where, in the second communication, at least a new public key encrypted using the key information and a new private key encrypted using the key information are received from the external device;   installing the new public key and the new private key to perform third communication, which is encryption communication, where, in the third communication, the new public key and the new private key are used; and   providing data to be used for displaying information of the installed new public key.   
     
     
       50. A non-transitory computer readable storage medium according to claim 49, wherein the computer program further causes the data processing device to execute:
 receiving a login request from the external device; and   installing the new public key and the new private key in a case where login based on the login request received in response to the login request is permitted.   
     
     
       51. A non-transitory computer readable storage medium according to claim 49, wherein the computer program further causes the data processing device to execute:
 generating the initial public key and the initial private key,   wherein the memory stores the generated initial public key and the generated initial private key.   
     
     
       52. A non-transitory computer readable storage medium according to claim 49, wherein the information of the new public key includes a date when the new public key has been installed. 
     
     
       53. A non-transitory computer readable storage medium according to claim 42, wherein the information of the new public key includes a name of the new public key which has been installed. 
     
     
       54. A non-transitory computer readable storage medium according to claim 42, wherein the information of the new public key includes a value of the new public key which has been installed. 
     
     
       55. A non-transitory computer readable storage medium according to claim 42, wherein the computer program further causes the data processing device to execute:
 instructing printing of the information of the new public key.   
     
     
       56. A non-transitory computer readable storage medium according to claim 42, wherein the computer program further causes the data processing device to execute:
 instructing transmitting of the information of the new public key.   
     
     
       57. A non-transitory computer readable storage medium according to claim 49, wherein the data processing device is an image forming apparatus that executes print processing. 
     
     
       58. A non-transitory computer readable storage medium according to claim 49, wherein the initial public key and the initial private key are stored as factory shipment values in the memory. 
     
     
       59. The non-transitory computer readable storage medium according to claim 39, wherein the computer program further causes the data processing device to execute:
 providing information of the installed new public key to a display unit.   
     
     
       60. A non-transitory computer readable storage medium according to claim 49, wherein the key information is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       61. A non-transitory computer readable storage medium according to claim 49, wherein the key information is a session key, which is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       62. An image forming apparatus which is able to communicate with an external device which creates a print job and transmits the created print job to the image forming apparatus, comprising
 a memory configured to store an initial public key and an initial private key, the initial public key and the initial private key being stored before the image forming apparatus communicates with the external device and the initial public key and the initial private key being able to be used without executing a setting by a user for generating of a public key and a private key;   a memory device that stores a set of instructions; and   at least one processor that executes the instructions to:   perform first communication, in a case where a start of communication is requested from the external device, where, in the first communication, the initial public key is transmitted to the external device and key information encrypted by the initial public key is received from the external device, wherein the external device generates the key information which is to be used in a communication for an installation of a pair of new public key and a new private key;   decrypt the encrypted key information by using the initial private key stored in the memory;   perform second communication, which is encryption communication, where, in the second communication, at least a new public key encrypted using the key information and a new private key encrypted using the key information are received from the external device;   install the new public key and the new private key to perform third communication, which is encryption communication, where, in the third communication, the new public key and the new private key are used; and   provide data to be used for displaying information of the installed new public key.   
     
     
       63. An image forming apparatus according to claim 62, wherein the at least one processor executes instructions in the memory device to:
 receive a login request from the external device; and   install the new public key and the new private key in a case where login based on the login request received in response to the login request is permitted.   
     
     
       64. An image forming apparatus according to claim 62, wherein the at least one processor executes instructions in the memory device to:
 generate the initial public key and the initial private key,   wherein the memory stores the generated initial public key and the generated initial private key.   
     
     
       65. An image forming apparatus according to claim 62, wherein the information of the new public key includes a date when the new public key has been installed. 
     
     
       66. An image forming apparatus according to claim 65, wherein the information of the new public key includes a name of the new public key which has been installed. 
     
     
       67. An image forming apparatus according to claim 65, wherein the information of the new public key includes a value of the new public key which has been installed. 
     
     
       68. An image forming apparatus according to claim 65, wherein the at least one processor executes instructions in the memory device to:
 instruct printing of the information of the new public key.   
     
     
       69. An image forming apparatus according to claim 65, wherein the at least one processor executes instructions in the memory device to:
 instruct transmitting of the information of the new public key.   
     
     
       70. An image forming apparatus according to claim 62, wherein the data processing device is an image forming apparatus that executes print processing. 
     
     
       71. An image forming apparatus according to claim 62, wherein the initial public key and the initial private key are stored as factory shipment values in the memory. 
     
     
       72. The image forming apparatus according to claim 62, wherein the at least one processor executes instructions in the memory device to: provide information of the installed new public key to a display unit. 
     
     
       73. An image forming apparatus according to claim 62, wherein the key information is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       74. An image forming apparatus according to claim 62, wherein the key information is a session key, which is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       75. A control method comprising:
 performing first communication, where, in the first communication, an initial public key stored in a memory is transmitted to an external device and key information encrypted by the initial public key is received from an external device;   decrypting the encrypted key information by using an initial private key stored in the memory;   performing second communication, which is encryption communication, where, in the second communication, at least a new public key encrypted using the key information and a new private key encrypted using the key information are received from the external device;   installing the new public key and the new private key to perform third communication, which is encryption communication, where, in the third communication, the new public key and the new private key are used; and   displaying information of the installed new public key.   
     
     
       76. A control method according to claim 75, further comprising:
 receiving a login request from the external device; and   installing the new public key and the new private key in a case where login based on the login request received in response to the login request is permitted.   
     
     
       77. A control method according to claim 75, further comprising:
 generating the initial public key and the initial private key,   wherein the memory stores the generated initial public key and the generated initial private key.   
     
     
       78. A control method according to claim 75, wherein the information of the new public key includes a date when the new public key has been installed. 
     
     
       79. A control method according to claim 78, wherein the information of the new public key includes a name of the new public key which has been installed. 
     
     
       80. A control method according to claim 78, wherein the information of the new public key includes a value of the new public key which has been installed. 
     
     
       81. A control method according to claim 78, further comprising:
 instructing printing of the information of the new public key.   
     
     
       82. A control method according to claim 78, further comprising:
 instructing transmitting of the information of the new public key.   
     
     
       83. A control method according to claim 75, wherein the control method controls an image forming apparatus that executes print processing. 
     
     
       84. A control method according to claim 75, wherein the initial public key and the initial private key are stored as factory shipment values in the memory. 
     
     
       85. A control method according to claim 75, wherein the key information is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       86. A control method according to claim 75, wherein the key information is a session key, which is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       87. A system that includes an external device and a data processing device capable of communicating with the external device, the data processing device comprising:
 a memory device that stores a set of instructions; and   at least one processor that executes the instructions for:
 performing first communication, where, in the first communication, an initial public key stored in a memory is transmitted to the external device and key information encrypted by the initial public key is received from the external device; 
 decrypting the encrypted key information by using an initial private key stored in the memory; 
 performing second communication, which is encryption communication, where, in the second communication, at least a new public key encrypted using the key information and a new private key encrypted using the key information are received from the external device; 
 installing the new public key and the new private key to perform third communication, which is encryption communication, where, in the third communication, the new public key and the new private key are used; and 
 providing data to be used for displaying information of the installed new public key. 
   
     
     
       88. A system according to claim 87, wherein the key information is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       89. A system according to claim 87, wherein the key information is a session key, which is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       90. A system that includes an external device and a data processing device capable of communicating with the external device, the data processing device comprising:
 a memory device that stores a set of instructions; and   at least one processor that executes the instructions for:
 performing first communication, where, in the first communication, an initial public key stored by a memory is transmitted to the external device and key information encrypted by the initial public key is received from the external device; 
 decrypting the encrypted key information by using an initial private key stored in the memory; 
 performing second communication, which is encryption communication, where, in the second communication, at least a new public key encrypted using the key information and a new private key encrypted using the key information are received from the external device; 
 installing the new public key and the new private key to perform third communication, which is encryption communication, where, in the third communication, the new public key and the new private key are used; and 
 displaying information of the installed new public key. 
   
     
     
       91. A system according to claim 90, wherein the at least one processor executes instructions in the memory device to:
 receive a login request from the external device; and   install the new public key and the new private key in a case where login based on the login request received in response to the login request is permitted.   
     
     
       92. A system according to claim 90, wherein the at least one processor executes instructions in the memory device to:
 generate the initial public key and the initial private key,   wherein the memory stores the generated initial public key and the generated initial private key.   
     
     
       93. A system according to claim 90, wherein the information of the new public key includes a date when the new public key has been installed. 
     
     
       94. A system according to claim 93, wherein the information of the new public key includes a name of the new public key which has been installed. 
     
     
       95. A system according to claim 93, wherein the information of the new public key includes a value of the new public key which has been installed. 
     
     
       96. A system according to claim 93, wherein the at least one processor executes instructions in the memory device to:
 instruct printing of the information of the new public key.   
     
     
       97. A system according to claim 93, wherein the at least one processor executes instructions in the memory device to:
 instruct transmitting of the information of the new public key.   
     
     
       98. A system according to claim 90, wherein the data processing device is an image forming apparatus that executes print processing. 
     
     
       99. A system according to claim 90, wherein the initial public key and the initial private key are stored as factory shipment values in the memory. 
     
     
       100. A system according to claim 90, wherein the key information is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device. 
     
     
       101. A system according to claim 90, wherein the key information is a session key, which is used to establish encryption communication between the external device and the data processing device, and the external device and the data processing device have the key information in common after receiving the key information from the external device.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.