1. Field of the Invention
The present invention relates to a cryptographic module distribution system, an apparatus, and a program.
2. Description of the Related Art
In recent years, a method of stably transmitting communication data between a server and a client apparatus without it being intercepted or tampered with has been developed. In addition, a method of easily updating or adding a cryptographic module operated in the client apparatus has been developed.
The cryptographic module is a program in which a cryptographic algorithm for encrypting/decrypting, generating/validating a signature, and generating/validating a message authentication code is incorporated so as to be executable.
For example, the following methods have been proposed: a method of distributing a ciphertext with a cryptographic module implementing a new cryptographic algorithm for decrypting the ciphertext (see Jpn. Pat. Appln. KOKAI Publication No. 10-41934); and a method of using a cryptographic module implementing a cryptographic algorithm shared between a server and a client apparatus to update confidential information (new cryptographic module) (see Jpn. Pat. Appln. KOKAI Publication No. 2000-261427).
However, the method disclosed in Jpn. Pat. Appln. KOKAI Publication No. 10-41934 has a problem in that the client apparatus cannot validate the transmitted new cryptographic module.
Further, in the method disclosed in Jpn. Pat. Appln. KOKAI Publication No. 2000-261427, the server and the client apparatus need to share a cryptographic module implementing the same stable cryptographic algorithm. Therefore, a system which does not share the cryptographic module implementing the stable cryptographic algorithm cannot receive or transmit confidential information.