JPH11143706A - Software loading system and loading method - Google Patents

Abstract

(57) [Summary] [Problem] It takes time to encrypt a program in order to encrypt and download the entire program, and the time required for the entire program download process is long. There was an issue with the security of programs downloaded simply to broadcast the program. A first computer that outputs information about a first encryption key, and a part of software that is connected to the first computer via a network, receives information about the first encryption key, and owns With the first encryption key,
A server that outputs a part of the software encrypted with the first encryption key to the first computer and transmits another part of the software to the first computer, wherein the first computer has a first encryption key. When a part of the software encrypted with the key is input, a part of the software encrypted with the first encryption key is decrypted with the first decryption key corresponding to the first encryption key,
In addition, another part of the software input from the server and a part of the decrypted software are connected.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method for loading a program using a computer network, and more particularly to a method for improving the security and speed of a method for loading basic software when a computer is started.

[0002]

2. Description of the Related Art Such a software loading system and a loading method are mainly applied when a program such as basic software is downloaded from a boot server existing on a network.
With the spread of personal computers, management of each computer, which has become enormous, has become a problem. One way to solve this is to centrally manage basic software, application programs and user data by placing them on servers on a network, and each user's computer downloads and uses it, that is, a so-called network. There is a method of introducing a computer.

In such a network computer system, in particular, a local area network (LA)
N), each network computer has no local disk and downloads basic software and application programs from a server when the computer starts up.

In the case of a computer that downloads such software, it is necessary to guarantee that the correct software has been downloaded from the correct boot server, or to know the contents of the software from a third party.

For example, as described in Japanese Patent Application Laid-Open No. 7-200429, in order for a diskless workstation on a network to load a program safely, an authentication server checks the program load server or the workstation is loaded from the correct server. Encryption with a key indicating that

[0006] Usually, downloading from a network is slower than downloading from a disk device.
In particular, when the computers try to start at the same time, the traffic on the network due to the download of the basic software greatly increases, and the startup time tends to be long.

On the other hand, as described in JP-A-3-2947 and JP-A-6-168198, it is possible to simultaneously start a plurality of units by multicasting on a local area network, As described in (1), a method of enabling parallel startup by transmitting a program image of a computer that has not been started is adopted.

[0008]

The above-mentioned conventional software loading system and loading method require time to encrypt the program in order to encrypt and download the entire program, and the time required for the entire program download process. However, there is a problem that it takes a long time. Also, regarding the broadcast transmission of a program, there is a problem in the safety of a program downloaded to simply broadcast the program.

The present invention has been made in view of these problems, and divides a program to be downloaded into two types and divides the program into a part to be transmitted at once and a part to be individually transmitted with increased confidentiality. An object of the present invention is to provide a high-speed and secure program loading system and a loading method by causing a program to be downloaded.

[0010]

A software loading system according to the present invention is connected to a first computer for outputting information relating to a first encryption key and a first computer via a network, Information about the encryption key is input, a part of the software owned by itself is encrypted with the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and the other software is output. And a server that transmits the part of the software to the first computer, the first computer is encrypted with the first encryption key when a part of the software encrypted with the first encryption key is input. Part of the software that has been decrypted with the first decryption key corresponding to the first encryption key, and links the other part of the software input from the server with the part of the decrypted software. is there.

The software loading system according to the present invention includes a first computer that outputs information about a first encryption key, a second computer that outputs information about a second encryption key, and a second computer that outputs information about a second encryption key. Connected to the first and second computers, information about the first and second encryption keys is input, a part of the software owned by itself is encrypted with the first encryption key, and encrypted with the first encryption key. And output a part of the software to the first computer, and encrypt a part of its own software with the second encryption key,
A server that outputs a part of the software encrypted with the second encryption key to the second computer and broadcasts the other part of the software to the first and second computers, wherein the first computer When a part of the software encrypted with the first encryption key is input, the part of the software encrypted with the first encryption key is converted into a first decryption key corresponding to the first encryption key. And the other part of the software input from the server and the part of the decrypted software are linked, and the second computer transmits the part of the software encrypted with the second encryption key. When input, a part of the software encrypted with the second encryption key is decrypted with the second decryption key corresponding to the second encryption key, and the other part of the software input from the server. Concatenating with this part of the decrypted software It is intended.

Further, the software loading system according to the present invention includes a first computer for outputting information relating to a first encryption key, a second computer for outputting information relating to a second encryption key, and a network. Connected to the first and second computers, information about the first and second encryption keys is input, a part of the software owned by itself is encrypted with the first encryption key, and encrypted with the first encryption key. Output a part of the software to the first computer, encrypt a part of the software owned by itself with the second encryption key, and convert the part of the software encrypted with the second encryption key to the second computer. A server that outputs to the computer and transmits the other part of the software to the first computer, wherein the first computer receives a part of the software encrypted with the first encryption key, One cipher Decrypting a part of the software encrypted by the first decryption key corresponding to the first encryption key, and combining the other part of the software input from the server with the part of the decrypted software. When the part of the software encrypted with the second encryption key is input, the second computer converts the part of the software encrypted with the second encryption key into the second encryption key. Decrypted with the second decryption key corresponding to, and received with reference to the other part of the software transmitted from the server to the first computer, the other part of this software and part of the decrypted software Are connected.

Further, the software loading system according to the present invention comprises a first computer for outputting information relating to a first encryption key, and a computer connected to the first computer via a network, the information relating to the first encryption key. Is input, a part of the software owned by itself is encrypted with the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and the other part of the software is And a server that causes the second computer to transmit the first computer, the first computer is encrypted with the first encryption key when a part of the software encrypted with the first encryption key is input. A part of the software is decrypted with a first decryption key corresponding to the first encryption key, and another part of the software input from the second computer is connected to the part of the decrypted software. It is intended to.

Further, in the software loading system according to the present invention, the server encrypts another part of the software output to the first and second computers with a common encryption key known to the first and second computers. The other part of the software encrypted with the common encryption key is output to the first and second computers, and the other parts of the software encrypted with the common encryption key are input to the first and second computers. Then, another part of the software encrypted with the common encryption key is decrypted with the common decryption key corresponding to the common encryption key.

Further, in the software loading system according to the present invention, when the information on the first and second encryption keys is inputted, the server can encrypt a portion to be encrypted with the first encryption key by the software of the server. Output to the first computer, and also output to the second computer information indicating the portion to be encrypted with the second encryption key by the software that it has, the first and second computers, from the server A part of the encrypted software is decrypted based on the output information indicating the encrypted part of the software.

Further, in the software loading system according to the present invention, the server encrypts and outputs information indicating an encrypted portion of the software, and the first and second computers perform encryption of the encrypted software. This is for decoding information indicating the converted part.

A software loading method according to the present invention includes a key information output step in which a first computer outputs information on a first encryption key to a server connected via a network; Encrypting a part of the software with the first encryption key, and outputting a part of the software encrypted with the first encryption key to the first computer; and A non-encrypted partial output step of transmitting the part to the first computer, and a decryption step of causing the first computer to decrypt a part of the received software with a first decryption key corresponding to the first encryption key And a connecting step of connecting the part of the decrypted software and the other part of the software by the first computer.

Further, in the software loading method according to the present invention, the first computer outputs a first key information output step of outputting information relating to the first encryption key to a server connected via a network; A second key information output step in which the computer outputs information about the second encryption key to a server connected via a network,
A part of the software of the server is encrypted using the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and a part of the software is Encrypting using the second encryption key and outputting a part of the software encrypted with the second encryption key to the second computer; and And an unencrypted partial output step of broadcasting to the second computer, and the first computer decrypts a part of the received software with a first decryption key corresponding to the first encryption key; and A second computer, a decryption step of decrypting a part of the received software with a second decryption key corresponding to a second encryption key, and wherein the first and second computers are configured to decrypt a part of the decrypted software. And the rest of the software Is obtained by a coupling step of sintering.

Further, in the software loading method according to the present invention, there is provided a first key information output step in which a first computer outputs information on a first encryption key to a server connected via a network; A second key information output step in which the computer outputs information about the second encryption key to a server connected via a network, and the server uses the first encryption key to execute a part of the software of the server. Encrypting and outputting a part of the software encrypted with the first encryption key to the first computer, and encrypting a part of the software with the second encryption key; And a non-encrypted partial output step in which the server transmits another part of the software to the first computer. And a non-encryption part monitoring step in which the second computer refers to and receives another part of the software output from the server to the first computer, and the first computer converts a part of the received software into a Decrypting with a first decryption key corresponding to one encryption key, and a second computer,
A decryption step of decrypting a part of the received software with a second decryption key corresponding to the second encryption key, wherein the first and second computers are configured to decrypt the decrypted part and the other part of the software; And a connecting step of connecting

Further, in the software loading method according to the present invention, there is provided a key information output step in which a first computer outputs information relating to a first encryption key to a server connected via a network. Encrypting a part of the software having the first encryption key and outputting a part of the software encrypted with the first encryption key to the first computer; An unencrypted partial output step of causing another part of the software to be transmitted to a second computer having software, and the first computer converts a part of the received software into a first decryption key corresponding to the first encryption key. And a linking step in which the first computer links a part of the decrypted software with another part of the software. .

Further, in the method for loading software according to the present invention, when the server transmits another portion of the software, the server encrypts the other portion of the software with an encryption key known to a computer transmitting the other portion of the software. It is provided with a common encryption step for encrypting.

Further, according to the software loading method of the present invention, the server encrypts information relating to a part of the software before transmitting the part of the software and outputs the information to a computer that transmits the part of the software. It has an information encryption step.

Further, in the software loading method according to the present invention, the first computer encrypts software of the first computer with an encryption key of the first computer, and transfers the encrypted software to the second computer. A computer encryption step for transmitting to one server connected to the server via the network; and a second computer receiving software encrypted with the encryption key from the server connected via the network, and And a computer decryption step of decrypting the encrypted software using a decryption key corresponding to

Further, in the method for loading software according to the present invention, the first computer has the software and difference information on the software, updates the software based on the software and the difference information, and updates the first computer. Encrypting the updated software with an encryption key of the first computer, and transmitting the encrypted updated software to a server connected to the first computer via a network, a computer encryption step; The second computer receives the updated software encrypted with the encryption key from the server connected via the network,
A computer decryption step of decrypting the updated software using a decryption key corresponding to the encryption key.

[0025]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiment 1 An embodiment of a software loading system and a loading method according to the present invention will be described. Figure 1 shows the system configuration. In FIG. 1, reference numeral 1 denotes a boot server. Reference numerals 2 and 2a denote client computers which download the program 5 from the disk 3 via the boot server 1. Reference numeral 3 denotes a disk, which is connected to the boot server 1 and holds a program 5. A network 4 connects the boot server 1 and the client computers 2 to 2a. Reference numeral 6 denotes a transmission / reception unit, which is provided in the boot server 1. Reference numeral 7 denotes a transmission / reception unit, which is provided in the client computer 2.

Reference numeral 8 denotes an encryption means, which is provided in the boot server 1. Reference numeral 9 denotes a decryption unit, and the client computer 2
Is provided. Reference numeral 10 denotes a connection unit, which is provided in the client computer 2. Reference numeral 11 denotes an encryption key table provided on the disk 3. Reference numeral 12 denotes a decryption key table, which is a client computer.
2 and corresponds to the encryption key table 11. Note that the client computer 2a also includes a transmission / reception unit 7, a decryption unit 9, a connection unit 10, and a decryption key table 12 that the client computer 2 has.

FIG. 2 shows the encryption key table 11. This encryption key table 11
Has a key number and an encryption key associated with the key number. FIG. 3 shows the decryption key table 12. This decryption key table 12 is stored in the client computer 2
And a key number and a decryption key associated with the key number are registered. The decryption key table 12 also includes the client computer 2a. Further, the encryption key and the decryption key having the same key number in the encryption key table 11 and the decryption key table 12 are paired with each other.
Can be decrypted.

FIG. 4 shows the state of the program 5, which is partially encrypted by the client computers 2 to 2a downloaded from the disk 3. FIG. 5 shows the configuration of the encrypted partial information output from the boot server 1 to the client computers 2 to 2a in accordance with the state of the program 5 whose part has been encrypted. The encryption of the program 5 by the encryption means 8 of the boot server 1 is performed in units of blocks of, for example, 512 bytes, and the start number field of the encrypted part information shown in FIG. The number of the start block of the encrypted part is recorded in the end number column of the encrypted part information shown in FIG. And, in the encryption column corresponding to the end number column, whether the corresponding part of the program 5 is encrypted (1) or not (0) is recorded.

FIG. 6 shows the processing contents of the boot server 1.
In step (hereinafter referred to as A) 601, the boot server 1 is requested to download the program 5 from any client computer 2. At this time, boot server 1
Holds the key number notified from the client computer 2 together with the download request. This A601
When the process is completed, the process proceeds to A602. In A602, the boot server 1 sets a predetermined range or a part to be encrypted in the program 5 appropriately, and creates encrypted part information relating to the encryption of the program 5. When A602 is completed, the process proceeds to A603.

In A603, the boot server 1 transmits the encrypted partial information to the client computer 2 which first requested the download of the program 5. When A603 is completed, the process proceeds to A604. In A604, the boot server 1 selects an encryption key corresponding to the key number notified from the client computer 2 from the encryption key table 11, and encrypts the encryption key with the encryption means 8 using the encryption key selected from the encryption key table 11. The program 5 corresponding to the encrypted partial information is encrypted, and the encrypted program 5 is transmitted to the client computer 2. When A604 is completed, the process proceeds to A605.

In A605, the boot server 1 continues to accept a download request for the program 5 that can be output from another client computer for a while, for example, about 10 seconds. When A605 is completed, the process proceeds to A606. A
At 606, the boot server 1 holds the key number transferred together with the download request if there is a download request for the program 5 from another client computer while continuing to accept the download request for the program 5. If there is a download request for the program 5 from another client computer, the process returns to A603. Also, a program 5 from another client computer
If there is no download request, the process proceeds to A607.

In A607, when the boot server 1 finishes accepting the download request of the program 5 from each client computer after a predetermined time has elapsed, the boot server 1 has not yet transmitted to each client computer without encrypting with the encryption key. The non-encrypted part of the program 5 is transmitted collectively. When this A607 is completed, the boot server 1
Is completed.

The processing contents of the client computer 2 corresponding to FIG. 7 are described. Step (hereinafter, referred to as B) 701
The client computer 2 uses its own decryption key table 12
And outputs a request for downloading the program 5 to the boot server 1 together with information on the key number. When B701 is completed, the process proceeds to B702. In B702, the client computer 2 receives the encrypted partial information output from the boot server 1. This B7
When 02 is completed, the process proceeds to B703.

In B703, the client computer 2 receives the encrypted part of the program 5 output from the boot server 1. The encrypted part of the program 5 output from the boot server 1 corresponds to the encrypted part information received by the client computer 2 in B702.
The unencrypted portion of the program 5 need not be transmitted at the same time as the encrypted portion. Then, the client computer 2 decrypts the received encrypted program 5 using the decryption key based on the key number selected in B701. When this B703 is completed, the process proceeds to B704.

In B704, the client computer 2 receives the non-encrypted part of the program 5 output from the boot server 1. The non-encrypted part of the program 5 output from the boot server 1 also corresponds to the encrypted part information received by the client computer 2 in B702. In the present embodiment, the non-encrypted portion of the program 5 output from the boot server 1 is broadcast to all the client computers that have requested the boot server 1 to download the program 5 within a predetermined period. You. When this B704 is completed, the process proceeds to B705.

In B705, the client computer 2 connects the encrypted part and the non-encrypted part of the program 5 separately output from the boot server 1 by using the connecting means 10, and arranges them in the memory. When connecting the encrypted part and the non-encrypted part of the program 5 using the connecting means 10, it is assumed that the encrypted part of the program 5 has already been decrypted. When this B705 is completed, the program arranged in the memory in the client computer is started.

As described above, according to the software loading system and the loading method of the present embodiment, the program 5 downloaded from a plurality of client computers is divided into an unencrypted part and an encrypted part, and the encrypted part is individually The transmission is performed for each client computer, and the non-encrypted portion is simultaneously transmitted to all the client computers that have requested the download of the program 5. Security of switching the encryption method for each client computer can be improved. In addition, because it limits the parts that are encrypted and downloaded,
In order to reduce the processing time required for encryption, the time required for downloading can be reduced as compared with the case of simply encrypting and downloading a program.

Embodiment 2 Another embodiment of the present invention will be described. Fig. 8 shows the system configuration. In FIG. 8, reference numeral 13 denotes a network monitoring and receiving unit, which is provided in the client computer 2. In FIG. 8, portions that are the same as or correspond to those of the first embodiment shown in FIG.

FIG. 9 shows the operation of the boot server. In addition,
C601 to C6, which are operations of the boot server of the present embodiment
03 is an operation of the boot server according to the first embodiment, A60.
Since they correspond to 1 to A603, their description is omitted. In step (hereinafter, referred to as C) 604, the boot server 1
Selects an encryption key corresponding to the key number notified from the client computer 2 from the encryption key table 11, and selects the encryption key
Using the encryption key selected from the above, the encryption means 8 encrypts the program 5 corresponding to the encrypted partial information, and transmits the encrypted program 5 to the client computer 2. Upon completion of C604, the flow advances to C901.

In C901, the boot server 1 outputs information on the client computer that transmits the non-encrypted part which is the part of the program 5 that has not been encrypted. This C
When 901 ends, the process proceeds to C605. In C605, the boot server 1 continues to accept the download request of the program 5 that can be output from another client computer for a while, for example, about 10 seconds. When this C605 is completed, the process proceeds to C606.

In C606, the boot server 1 keeps accepting the download request of the program 5,
If there is a download request for the program 5 from another client computer, the key number transferred together with the download request is held. If there is a download request for program 5 from another client computer, C
Return to 603. If there is no request to download the program 5 from another client computer, C9
Go to 02.

In C902, when the boot server 1 finishes accepting the download request of the program 5 from each client computer after a predetermined time has elapsed, the boot server 1 deletes the program 5 which has not been transmitted without being encrypted with the encryption key. The encrypted part is output to the client computer that first issued the request for downloading the program 5. Then, when this C902 ends, the processing of the boot server 1 ends.

FIG. 10 shows the operation of the client computer.
Note that D, which is the operation of the client computer of the present embodiment,
Steps 701 to D702 correspond to steps B701 to D702, which are operations of the client computer according to the first embodiment, and a description thereof will not be repeated. Step (hereinafter, referred to as D) 70
At 3, the client computer 2 receives the encrypted part of the program 5 output from the boot server 1. The encrypted part of the program 5 output from the boot server 1 corresponds to the encrypted part information received by the client computer 2 in D702. Then, the client computer 2 converts the received encrypted program 5 into D7
Decryption is performed using a decryption key based on the key number selected in 01. When D703 is completed, the process proceeds to D704. D10
At 01, the client computer 2 receives the information about the transmission destination of the non-encrypted part of the program 5 output from the boot server 1. When this D1001 is completed, D100
Proceed to 2.

In D1002, the client computer 2
Based on the information received in 1001, the non-encrypted part of the program 5 output from the boot server 1 is monitored or received. It is the network monitoring and receiving unit 13 of the client computer 2 that monitors or receives the non-encrypted portion of the program 5. The client computer that has received the first download request for the program 5 from the boot server 1 receives the non-encrypted portion of the program 5 output from the boot server 1. Program 5
To monitor the unencrypted portion of
This is a client computer that outputs a download request for the program 5 to the boot server 1 after the second.
When D1002 ends, the process proceeds to D705. Note that D705, which is the operation of the client computer of the present embodiment,
Is the operation of the client computer of the first embodiment.
05, the description is omitted.

As described above, according to the software loading system and the loading method of the present embodiment, the program 5 downloaded from a plurality of client computers is divided into an unencrypted portion and an encrypted portion, and the encrypted portion is individually It is transmitted for each client computer, the unencrypted part is transmitted to one client computer that has requested the download of the program 5, and the other client computer that has requested the download of the program 5 monitors the network and takes it in by itself. , With high-speed download by sharing functions with client computers,
The security of switching the encryption method for each client computer can be improved.

Further, since the program 5 output from the disk 3 is output only to a certain client computer, the load on the boot server 1 connected to the disk 3 is reduced, and the reliability of the boot server 1 is improved. further,
Since the part to be encrypted and downloaded is limited, the processing time required for encryption is reduced, so that the time required for download is shorter than that for simply encrypting and downloading the program. be able to.

Embodiment 3 Another embodiment of the present invention will be described. FIG. 11 shows the system configuration. In FIG. 11, reference numeral 14 denotes a program transmission unit, which is provided in the client computer 2. In FIG. 11, FIG.
For the same or equivalent parts as in the first embodiment shown in FIG.
The same reference numerals are given and the description is omitted, and the portions different from FIG. 1 are described.

FIG. 12 shows the operation of the boot server. In step (hereinafter, referred to as E) 601, the boot server 1
A download of the program 5 is requested from an arbitrary client computer 2. At this time, the boot server 1 holds the key number notified from the client computer 2 together with the download request. When E601 ends, the process advances to E1200.

At E1200, the boot server 1 sets a predetermined range or an appropriate portion to be encrypted in the program 5, and creates encrypted portion information relating to the encryption of the program 5. In this embodiment, the program 5
In any case, it is desirable that the range of the encrypted portion is not changed too frequently, such as by being fixed, changed every day, or changed every few times. When E1200 ends, the process advances to E603.

At E603, the boot server 1 transmits the encrypted partial information to the client computer 2 which first requested the download of the program 5. When this E603 is completed, the process proceeds to E604. In E604, the boot server 1 selects an encryption key corresponding to the key number notified from the client computer 2 from the encryption key table 11, and encrypts the data by the encryption means 8 using the encryption key selected from the encryption key table 11. The program 5 corresponding to the encrypted partial information is encrypted, and the encrypted program 5 is transmitted to the client computer 2. When this E604 ends, the flow advances to E1201.

Upon receiving a download request for the program 5 from a certain client computer, the boot server 1 accepts a download request from another client computer for a while after the reception. Then, while receiving the download request, if a download request is received from any client computer, the boot server 1 encrypts a predetermined portion of the program 5 based on the key number transferred together with the download request, and Transfer to the requested client computer.

In E1201, the boot server 1 detects the load of the boot server 1 itself or the load of the network 4, and determines whether the value of the load is higher than a predetermined reference. If the result of this determination is that the value of the load is not higher than the predetermined reference, the flow proceeds to E1202. If the load value is higher than the predetermined reference, the process proceeds to E1203.
In E1202, the boot server 1 transmits the non-encrypted part of the program 5 to all the client computers that output the download request. When E1202 ends, the process of the boot server 1 ends.

In E1203, if the encrypted partial information about the client computer that has output the download request this time and the most recently activated client computer before that are the same, the boot server 1 activates the most recently. The client computer that has recently started up is instructed to transmit the non-encrypted portion of the program 5 to the client computer that has output the download request this time from the client computer that has made the request. And this E1
When 203 is completed, the processing of the boot server 1 ends.

If there is no recently activated client computer, or the encrypted partial information created in E1200 for the most recently activated client computer is the same as the encrypted partial information of the client computer that has output the download request this time. Are not the same, the non-encrypted portion of the program 5 is transmitted from the boot server 1 to the client computer that has output the current download request.

FIG. 13 shows the operation of the client computer.
Note that F which is the operation of the client computer of the present embodiment is
Reference numerals 701 to F703 and F705 denote operations of the client computers B701 to B703 and B7 of the first embodiment.
05, the description is omitted. In step (hereinafter, referred to as F) 1301, the client computer 2 receives the non-encrypted part of the program 5 output from the boot server 1. And in this embodiment,
The non-encrypted part of the program 5 output from the boot server 1 is sequentially transmitted to all client computers that have requested the boot server 1 to download the program 5 within a predetermined period. That is, the non-encrypted portion of the program 5 transmitted from the boot server 1 is transmitted to each client computer by normal transmission, not broadcast transmission. When this F1301 ends, the process advances to F705.

FIG. 14 shows the operation of the client computer requested to be transmitted by the boot server. Steps (hereafter,
Called G. In step 1401, the client computer 2 transmits a certain portion of the program 5, which has been output from the boot server 1 and has not been encrypted at the time of reception, of the program 5 to a certain client computer. Receive the ordered unencrypted partial transmission request. When this G1401 ends, the process advances to G1402.
In G1402, the client computer 2 transmits the non-encrypted part of the corresponding program 5 to the designated client computer by using the program transmission means 14 based on the input non-encrypted part transmission request. This G1402
Is completed, the processing of the client computer 2 ends.

As described above, in the software loading system and the loading method of the present embodiment, the program 5 downloaded from a plurality of client computers is divided into an unencrypted part and an encrypted part, and the encrypted part is The non-encrypted portion is transmitted for each client computer, and the non-encrypted portion is transmitted from the boot server 1 or another client computer having a similar program according to the load condition of the boot server 1 or the network 4, or the client which requests the download of the program. Since the data is transmitted to the computer, it is possible to improve the speed of downloading by sharing the function with the client computer and improve the security of switching the encryption method for each client computer.

Further, since the transmission destination of the unencrypted portion of the program 5 is switched according to the load status of the boot server 1 or the network 4, the load on the boot server 1 or the network 4 is reduced, and Improve reliability. Furthermore, since the part to be encrypted and downloaded is limited, the processing time required for encryption is reduced, so that the time required for downloading is shorter than that for simply encrypting and downloading the program. Can be shortened.

Embodiment 4 FIG. Another embodiment of the present invention will be described. In this embodiment, the system configuration is the same as that of the first embodiment shown in FIG. 1, and a description thereof will be omitted. FIG. 15 shows the configuration of the program 5 downloaded from the disk 3 by the client computers 2 to 2a.

In the present embodiment, the configuration of the program 5 downloaded from the disk 3 includes a unique encrypted portion encrypted with a different encryption key for each client computer that has requested the download of the program 5, and a request for the download. And a common encryption part encrypted with an encryption key common to all the client computers.
The configuration of the program 5 shown in FIG. 15 corresponds to the non-encrypted part of the configuration of the program 5 shown in FIG. 4 in the first embodiment, which is encrypted with an encryption key common to each client computer. FIG. 16 shows the structure of encrypted part information for notifying that the program 5 is downloaded from the boot server 1 to the client computer, divided into the unique encryption part and the common encryption part.

In the encryption field in FIG. 16, it is recorded whether the corresponding program 5 is encrypted (1) or not (0) with an encryption key unique to each client computer. . Incidentally, just because (0) is recorded in this encryption field, the corresponding program 5
Does not indicate that the part is not encrypted. In the present embodiment, the program 5 portion in which (0) is recorded in the encryption field indicates that the program 5 portion is encrypted with the encryption key common to each client computer. In addition, the contents described in the start number column and the end number column in FIG. 16 are the same as those in the first embodiment shown in FIG. 5, and the description thereof is omitted, and the portions different from FIG. 5 are described.

FIG. 17 shows the operation of the boot server. In step (hereinafter, referred to as H) 601, the boot server 1
A download of the program 5 is requested from an arbitrary client computer 2. At this time, the boot server 1 holds the key number notified from the client computer 2 together with the download request. When H601 ends, the process advances to H1701.

In step H1701, the boot server 1 sets a unique encryption portion for each client computer 2 in a predetermined range or appropriately in the program 5, and creates encryption portion information relating to the encryption of the program 5. I do. In the present embodiment, common encryption is applied to each client computer except for the specific encryption. When H1701 ends, the process advances to H1702.

In step H1702, the boot server 1 encrypts the encrypted partial information relating to the program 5 to be transmitted to the client computer 2 which has requested the download of the program 5, and transmits the encrypted partial information. The encrypted partial information encrypted and transmitted by the boot server 1 may be encrypted with an encryption key common to each client computer, or may be encrypted with an encryption key unique to each client computer based on H601. When H1702 ends, the process advances to H604.

In step H604, the boot server 1 selects an encryption key corresponding to the key number notified from the client computer 2 from the encryption key table 11, and uses the encryption key selected from the encryption key table 11 to perform encryption. At step 8, the program 5 corresponding to the encrypted partial information is encrypted, and the encrypted program 5 is transmitted to the client computer 2. When H604 is completed, the process proceeds to H605.

In H605, the boot server 1 continues to accept the download request of the program 5 that can be output from another client computer for a while, for example, about 10 seconds. When H605 is completed, the process proceeds to H606. H
At 606, the boot server 1 holds the key number transferred together with the download request if there is a download request for the program 5 from another client computer while continuing to accept the download request for the program 5. When there is a download request for the program 5 from another client computer, the process returns to H1702. Also, a program 5 from another client computer
If there is no download request, the process advances to H1703.

In H1703, the boot server 1 executes the program 5 from each client computer after a predetermined time has elapsed.
When the reception of the download request is completed, a broadcast transmission is performed in which the common encrypted portion of the program 5 that has not been transmitted to each client computer is transmitted after being encrypted with the encryption key common to each client computer. When H1703 ends, the processing of the boot server 1 ends.

FIG. 18 shows the operation of the client computer.
In step (hereinafter, referred to as I) 701, the client computer 2 selects an arbitrary key number from its own decryption key table 12 and outputs a download request of the program 5 to the boot server 1 together with information on this key number. .
When this I701 is completed, the process proceeds to I1801.

At I1801, the client computer 2 receives the encrypted partial information output from the boot server 1. Then, the encrypted encrypted partial information is decrypted. The encrypted partial information received by the client computer 2 is decrypted by the decryption means 9 of the client computer 2. As a method of decrypting the encrypted encrypted partial information, there are two methods: one using a decryption key common to each client computer constituting the present system, and the other using a decryption key unique to the client computer based on I701. There is. When this I1801 ends, the flow advances to I703.

In I703, the client computer 2 receives the unique encrypted part of the program 5 output from the boot server 1. The unique encrypted portion of the program 5 output from the boot server 1 corresponds to the encrypted partial information received by the client computer 2 in I1801. Then, the client computer 2 decrypts the received unique encryption program 5 using the decryption key based on the key number selected in I701. Upon completion of this I703, the flow advances to I1802.

At I1802, the client computer 2 receives the common encrypted part of the program 5 output from the boot server 1. The common encrypted part of the program 5 output from the boot server 1 also corresponds to the encrypted partial information received by the client computer 2 in I1801. In the present embodiment, the common encrypted portion of the program 5 output from the boot server 1 is broadcast to all the client computers that have requested the boot server 1 to download the program 5 within a predetermined period. You. When this I1802 ends, the flow advances to I1803.

At I1803, the client computer 2 connects the unique encryption portion and the common encryption portion of the program 5 separately output from the boot server 1 using the linking means 10, and arranges them in the memory. When connecting the unique encrypted part and the common encrypted part of the program 5 using the connecting means 10, it is assumed that the unique encrypted part and the common encrypted part of the program 5 have already been decrypted. This I
Upon completion of 1803, a program arranged in a memory in the client computer is started.

In this embodiment, the non-encrypted part of the program 5 in the first embodiment is encrypted with an encryption key common to each client computer and downloaded from the disk 3 to the client computer 2. The encrypted partial information output from the boot server 1 to the client computer is also encrypted. These can be applied to the second and third embodiments. In addition, the encryption of the non-encrypted part of the program 5 and the encryption of the encrypted part information in the first embodiment need not always be performed at the same time, and either one may be performed.

As described above, according to the software loading system and the loading method of the present embodiment, the program 5 downloaded from a plurality of client computers is divided into a common encryption portion and a unique encryption portion. The transmission is performed for each client computer, and the common encryption portion is simultaneously transmitted to all the client computers that have requested the download of the program 5. The security of switching the encryption method for each client computer can be improved.

Further, since the common encryption and the unique encryption are combined and downloaded, the security is improved and both the unique encryption and the unique encryption are improved. The processing time required for the encryption can be shorter than that for the encryption. Further, by encrypting the encrypted part information transmitted from the boot server 1 to the client computer before downloading the program 5, it becomes difficult for a third party to identify the unique encrypted part, and the downloaded program 5 Improve safety further.

Embodiment 5 Another embodiment according to the present invention will be described. FIG. 19 shows the system configuration. FIG.
, 15 is a boot server. 16 is a client computer. Reference numeral 19 denotes an encryption unit, which is provided in the client computer 16. Reference numeral 17 denotes a program, which is encrypted by the encryption means 19. Numeral 18 denotes difference information which has been encrypted by the encryption means 19 with the same encryption key as the program 17. Reference numeral 20 denotes an updating unit that updates the program 17 based on the difference information 18.

At the time of normal startup, the client computer 16 is connected to the disk 3 connected to the boot server 15.
And decrypts the program 17 by the decryption means 9 of the client computer 16 to activate the program 17. Also, in FIG. 19, the same or corresponding parts as those in the first embodiment shown in FIG. 1 are denoted by the same reference numerals, the description thereof is omitted, and the parts different from FIG.

FIG. 20 shows the operation of the client computer at the time of version upgrade. Step (hereinafter referred to as J)
In 2001, the client computer 16 downloads the program 17 stored on the disk 3. It is assumed that the program stored in the disk 3 has been encrypted by the client computer 16 before this download. When this J2001 ends, J20
Go to 02. In J2002, the client computer 16
The decrypting means 9 decrypts the program 17 downloaded from the disk 3. When this J2002 is over, J
Proceed to 2003.

In J2003, the client computer 16
After downloading, the program 17 decrypted by the decryption means 9 is started. When this J2003 is over, J
Proceed to 2004. Client computer 16 in J2004
Downloads the difference information 18 on the program 17 stored in the disk 3. It is assumed that the difference information 18 held on the disk 3 has also been encrypted by the client computer 16 before this download. When this J2004 is completed, the process proceeds to J2005.

In J2005, the client computer 16
The difference information 18 downloaded from the disk 3 is decoded by the decoding means 9. When this J2005 ends, J2
Proceed to 006. Client computer 16 in J2006
The updating unit 20 updates the program 17 using the decrypted program 17 and the difference information 18. When J2006 ends, the process advances to J2007.

In J2007, the client computer 16
The updated program 17 is encrypted by the encryption means 19. When J2007 ends, the process proceeds to J2008.
In J2008, the client computer 16 uploads the encrypted update program to the disk 3. When J2008 is completed, the client computer 16
Is terminated. After the upload of the update program is completed, if the user attempts to download the program 17 from the disk 3 thereafter, the encrypted update program is downloaded.

As described above, according to the software loading system and the software loading method of the present embodiment, since the encryption means and the decryption means are provided in a certain client computer, the configuration of the boot server 15 does not provide the encryption means. The system becomes simple and the system can be constructed at low cost.

[0083]

As described above, the software load system according to the present invention is connected to the first computer for outputting information on the first encryption key and the first computer via the network, The information about the encryption key is input, a part of the software owned by itself is encrypted with the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and the software A server that transmits the other part to the first computer, the first computer encrypts with the first encryption key when a part of the software encrypted with the first encryption key is input A part of the software that has been decrypted with a first decryption key corresponding to the first encryption key, and other parts of the software input from the server and a part of this decrypted software are linked, From computer Since the software to be downloaded is transmitted separately to the non-encrypted part and the encrypted part, the security of the download can be improved, and the part to be encrypted and downloaded is limited. It is possible to shorten the processing time required for the conversion, and to execute the software download quickly and safely.

The software loading system according to the present invention includes a first computer for outputting information about a first encryption key, a second computer for outputting information about a second encryption key, and a network. Connected to the first and second computers, information about the first and second encryption keys is input, a part of the software owned by itself is encrypted with the first encryption key, and encrypted with the first encryption key. And output a part of the software to the first computer, and encrypt a part of its own software with the second encryption key,
A server that outputs a part of the software encrypted with the second encryption key to the second computer and broadcasts the other part of the software to the first and second computers, wherein the first computer When a part of the software encrypted with the first encryption key is input, the part of the software encrypted with the first encryption key is converted into a first decryption key corresponding to the first encryption key. And the other part of the software input from the server and the part of the decrypted software are linked, and the second computer transmits the part of the software encrypted with the second encryption key. When input, a part of the software encrypted with the second encryption key is decrypted with the second decryption key corresponding to the second encryption key, and the other part of the software input from the server. Concatenating with this part of the decrypted software Software downloaded from a plurality of computers is divided into an unencrypted part and an encrypted part, and the encrypted part is transmitted for each computer, and the unencrypted part is transmitted to all computers that have requested download of this software. Since the broadcast transmission for simultaneous transmission is performed, the speed of download by the broadcast transmission can be increased, and the security of switching the encryption method for each computer can be improved. In addition, since the part to be encrypted and downloaded is limited, the processing time required for encryption is shortened. Can be shortened.

Further, the software loading system according to the present invention includes a first computer for outputting information about a first encryption key, a second computer for outputting information about a second encryption key, and a network. Connected to the first and second computers, information about the first and second encryption keys is input, a part of the software owned by itself is encrypted with the first encryption key, and encrypted with the first encryption key. A part of the software that has been encrypted is output to the first computer, a part of the software that it has is encrypted with the second encryption key, and the part of the software that is encrypted with the second encryption key is converted to the second computer. A server for outputting to the computer and transmitting the other part of the software to the first computer, wherein the first computer receives a part of the software encrypted with the first encryption key, One cipher Part of the software encrypted by the first decryption key corresponding to the first encryption key, and the other part of the software input from the server and the part of the decrypted software When the part of the software encrypted with the second encryption key is input, the second computer converts the part of the software encrypted with the second encryption key into the second encryption key. And decrypted with the second decryption key corresponding to and received with reference to another part of the software transmitted from the server to the first computer, and the other part of this software and a part of the decrypted software To separate the software downloaded from multiple computers into an unencrypted part and an encrypted part,
The encrypted part is transmitted to each computer, the non-encrypted part is transmitted to one computer that requested the download of this software, and the other computer that requested the download of this software monitors the network and takes it in by itself. Therefore, it is possible to improve the security of switching the encryption method for each computer while improving the download speed by sharing the functions of the computers.
Also, since the software output from the server is output only to a certain computer, the load on the server is reduced, and the reliability of the server is improved. In addition, since the part to be encrypted and downloaded is limited, the processing time required for encryption is shortened, rather than simply encrypting and downloading software,
The time required for downloading can be reduced.

The software loading system according to the present invention includes a first computer for outputting information relating to a first encryption key, and a first computer which is connected to the first computer via a network, and which outputs information relating to the first encryption key. Is input, a part of the software owned by itself is encrypted with the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and the other part of the software is And a server that causes the second computer to transmit, the first computer, when a part of the software encrypted with the first encryption key is input, the first computer is encrypted with the first encryption key A part of the software is decrypted with the first decryption key corresponding to the first encryption key, and another part of the software input from the second computer is connected to the part of the decrypted software. The software downloaded from multiple computers is divided into non-encrypted parts and encrypted parts, and the encrypted parts are transmitted for each computer, and the non-encrypted parts are sent according to the load status of the server or network. In order to transmit the software from a server or another computer having similar software to the computer that has requested the download of the software, it has a high download speed by sharing functions with the computer, and has an encryption method for each computer. The safety of switching can be improved. Further, since the destination of the non-encrypted portion of the software is switched according to the load status of the server or the network, the load on the server or the network is reduced, and the reliability of the server or the network is improved. Furthermore, since the part to be encrypted and downloaded is limited, the processing time required for encryption is reduced. Can be shortened.

Further, in the software loading system according to the present invention, the server encrypts another part of the software output to the first and second computers with a common encryption key known to the first and second computers. And outputs the other part of the software encrypted with the common encryption key to the first and second computers. The first and second computers receive the other parts of the software encrypted with the common encryption key. Then, the other part of the software encrypted with the common encryption key is decrypted with the common decryption key corresponding to the common encryption key, and the combination of the common encryption and the unique encryption is downloaded.
It is possible to improve the security more than the one that downloads without encryption and the one that downloads all with common encryption, and it is possible to reduce the processing time required for the encryption than the one that encrypts everything uniquely Become.

Further, in the software loading system according to the present invention, when the server receives the information on the first and second encryption keys, the server encrypts the part to be encrypted with the first encryption key by the software owned by the server. Output to the first computer, and also output to the second computer information indicating the part to be encrypted with the second encryption key by the software that it has, the first and second computers, from the server Based on the output information indicating the encrypted portion of the software, it is possible to decrypt a portion of the encrypted software and change the portion of the software to be encrypted. Safety can be improved.

Further, in the software loading system according to the present invention, the server encrypts and outputs information indicating the encrypted portion of the software, and the first and second computers perform encryption of the encrypted software. By decrypting the information indicating the encrypted part and also encrypting the encrypted part information transmitted from the server to the computer before downloading the software, it becomes difficult for a third party to specify the unique encrypted part, Improve the security of downloaded software.

The method for loading software according to the present invention comprises: a key information output step in which the first computer outputs information relating to the first encryption key to a server connected via a network; Encrypting a part of the software with the first encryption key, and outputting a part of the software encrypted with the first encryption key to the first computer; and A non-encrypted partial output step of transmitting the part to the first computer, and a decryption step of causing the first computer to decrypt a part of the received software with a first decryption key corresponding to the first encryption key And a linking step for linking a part of the decrypted software with another part of the software, the first computer comprising software downloaded from the computer. Data is transmitted as an unencrypted part and an encrypted part, so that download security can be improved and the part to be encrypted and downloaded is limited. Can be shortened, and software can be downloaded quickly and safely.

[0091] The software loading method according to the present invention includes a first key information output step in which the first computer outputs information on the first encryption key to a server connected via a network; A second key information output step in which the computer outputs information about the second encryption key to a server connected via a network,
A part of the software of the server is encrypted using the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and a part of the software is Encrypting using the second encryption key and outputting a part of the software encrypted with the second encryption key to the second computer; and And an unencrypted partial output step of broadcasting to the second computer, and the first computer decrypts a part of the received software with a first decryption key corresponding to the first encryption key; and A second computer, a decryption step of decrypting a part of the received software with a second decryption key corresponding to a second encryption key, and wherein the first and second computers are configured to decrypt a part of the decrypted software. And the rest of the software Linking the software downloaded from the plurality of computers into an unencrypted part and an encrypted part, and transmitting the encrypted part to each computer. Broadcast transmission to send to all the computers that have requested the download at the same time, so that the speed of download by broadcast transmission is high, and the security of switching the encryption method for each computer is improved. Can be.
In addition, since the part to be encrypted and downloaded is limited, the processing time required for encryption is shortened. Can be shortened.

Further, in the software loading method according to the present invention, a first key information output step in which the first computer outputs information relating to the first encryption key to a server connected via a network; A second key information output step in which the computer outputs information about the second encryption key to a server connected via a network, and the server uses the first encryption key to execute a part of the software of the server. Encrypting and outputting a part of the software encrypted with the first encryption key to the first computer, and encrypting a part of the software with the second encryption key, And a non-encryption partial output step in which the server transmits another part of the software to the first computer. And a non-encryption part monitoring step in which the second computer refers to and receives another part of the software output from the server to the first computer, and the first computer converts a part of the received software into a Decrypting with a first decryption key corresponding to one encryption key, and a second computer,
A decryption step of decrypting a part of the received software with a second decryption key corresponding to the second encryption key, wherein the first and second computers are configured to decrypt the part of the decrypted software and the other part of the software Concatenating the software downloaded from the plurality of computers into an unencrypted part and an encrypted part, the encrypted part is transmitted for each computer, and the unencrypted part is The computer that requested the download of this software is sent to one computer, and the computer that requested the download of the software at the other monitors the network and takes it in by itself.
It is possible to improve the security of switching the encryption method for each computer while improving the download speed by sharing the functions of the computers. Also, since the software output from the server is output only to a certain computer, the load on the server is reduced, and the reliability of the server is improved. Furthermore, since the part to be encrypted and downloaded is limited, the processing time required for encryption is reduced. Can be shortened.

Also, the software loading method according to the present invention includes a key information output step in which the first computer outputs information relating to the first encryption key to a server connected via a network. Encrypting a part of the software having the first encryption key and outputting a part of the software encrypted with the first encryption key to the first computer; An unencrypted partial output step of causing another part of the software to be transmitted to a second computer having software, and the first computer converts a part of the received software into a first decryption key corresponding to the first encryption key. And a linking step for linking a part of the decrypted software with another part of the software, the first computer comprising: The software downloaded from the machine is divided into an unencrypted part and an encrypted part, and the encrypted part is transmitted to each computer. In order to transmit the software from another computer that has the same software or to the computer that requested the software download, it has a high download speed by sharing functions with the computer, and switches the encryption method for each computer. Safety can be improved. Further, since the destination of the non-encrypted portion of the software is switched according to the load status of the server or the network, the load on the server or the network is reduced, and the reliability of the server or the network is improved. Furthermore, since the part to be encrypted and downloaded is limited, the processing time required for encryption is reduced. Can be shortened.

Further, according to the method for loading software according to the present invention, when the server transmits another portion of the software, the server encrypts the other portion of the software with an encryption key known to a computer transmitting the other portion of the software. It has a common encryption step to encrypt and downloads in combination with common encryption and unique encryption, so that it is more secure than those that download without encryption and those that all download with common encryption , It is possible to reduce the processing time required for the encryption as compared with the case where all are uniquely encrypted.

Further, according to the method for loading software according to the present invention, before the server transmits a part of the software, the server encrypts information about the part of the software and outputs the information to a computer that transmits the part of the software. An information encryption step is also provided to encrypt the encrypted partial information transmitted from the server to the computer before downloading the software, which makes it difficult for a third party to identify the unique encrypted portion, and the downloaded software is Improve safety further.

Further, in the software loading method according to the present invention, the first computer encrypts software of the first computer with an encryption key of the first computer, and transfers the encrypted software to the second computer. A computer encryption step for transmitting to one server connected to the server via the network; and a second computer receiving software encrypted with the encryption key from the server connected via the network, and And a computer decryption step of decrypting the encrypted software using the decryption key corresponding to the above, the configuration of the server becomes simple, and this system can be constructed at low cost.

Further, in the software loading method according to the present invention, the first computer has the software and difference information on the software, updates the software based on the software and the difference information, and updates the first computer. Encrypting the updated software with an encryption key of the first computer, and transmitting the encrypted updated software to a server connected to the first computer via a network, a computer encryption step; The second computer receives the updated software encrypted with the encryption key from the server connected via the network,
A computer decryption step of decrypting the updated software using a decryption key corresponding to the encryption key, the configuration of the server is simplified, and the present system can be constructed at low cost.

[Brief description of the drawings]

FIG. 1 is a configuration diagram illustrating a configuration of a first embodiment.

FIG. 2 is an encryption key table according to the first embodiment.

FIG. 3 is a decryption key table according to the first embodiment.

FIG. 4 shows a state of program encryption in the first embodiment.

FIG. 5 shows encrypted partial information according to the first embodiment.

FIG. 6 is a flowchart illustrating an operation of the boot server according to the first embodiment.

FIG. 7 is a flowchart illustrating an operation of the client computer according to the first embodiment.

FIG. 8 is a configuration diagram illustrating a configuration of a second embodiment.

FIG. 9 is a flowchart illustrating an operation of the boot server according to the second embodiment.

FIG. 10 is a flowchart illustrating an operation of a client computer according to the second embodiment.

FIG. 11 is a configuration diagram illustrating a configuration of a third embodiment.

FIG. 12 is a flowchart illustrating an operation of the boot server according to the third embodiment.

FIG. 13 is a flowchart illustrating an operation of a client computer according to the third embodiment.

FIG. 14 is a flowchart illustrating an operation of a client computer on the transmission side according to the third embodiment.

FIG. 15 shows a state of program encryption in the fourth embodiment.

FIG. 16 is an encrypted partial information table according to the fourth embodiment.

FIG. 17 is a flowchart illustrating an operation of the boot server according to the fourth embodiment.

FIG. 18 is a flowchart illustrating an operation of a client computer according to the fourth embodiment.

FIG. 19 is a configuration diagram illustrating a configuration of a fifth embodiment.

FIG. 20 is a flowchart illustrating an operation of a client computer according to the fifth embodiment.

[Explanation of symbols]

REFERENCE SIGNS LIST 1 boot server, 2 client computer, 3 disk, 4 network, 5 program, 6 transmitting / receiving means, 7 transmitting / receiving means, 8 encrypting means, 9 decrypting means, 10 connecting means, 11 encryption key table, 12 decryption key table, 13 Network monitoring and receiving means, 14 program transmitting means, 15 boot server, 16 client computer, 17 programs, 18 encrypted difference information, 19 encrypting means, 20 updating means.

Claims (15)

[Claims] A first computer for outputting information relating to a first encryption key; and a software which is connected to the first computer via a network, receives the information relating to the first encryption key, and Part of the software is encrypted with the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and the other part of the software is stored in the first computer. A server for transmitting to the computer, the first computer, when a part of the software encrypted with the first encryption key is input, the software encrypted with the first encryption key Is decrypted with the first decryption key corresponding to the first encryption key, and the other part of the software input from the server is connected to the decrypted part of the software. Features Software load system of that. 2. A first computer for outputting information on a first encryption key, a second computer for outputting information on a second encryption key, and a first computer and a second computer via a network. Connected, information about the first and second encryption keys is input, a part of the software owned by itself is encrypted with the first encryption key, and one of the software encrypted with the first encryption key is encrypted. Output to the first computer, a part of the software of the self is encrypted with the second encryption key, a part of the software encrypted with the second encryption key is the second And a server that broadcasts the other part of the software to the first and second computers, wherein the first computer is encrypted with the first encryption key. Part of the software is Then, a part of the software encrypted with the first encryption key is decrypted with a first decryption key corresponding to the first encryption key, and the software other than the software input from the server is decrypted. And the decrypted part of the software, the second computer, when a part of the software encrypted with the second encryption key is input, the second computer A part of the software encrypted with the encryption key is decrypted with a second decryption key corresponding to the second encryption key, and the other part of the software input from the server and the decrypted Software loading system characterized by linking a part of software. 3. A first computer for outputting information about a first encryption key, a second computer for outputting information about a second encryption key, and a first computer and a second computer. Connected, information about the first and second encryption keys is input, a part of the software owned by itself is encrypted with the first encryption key, and one of the software encrypted with the first encryption key is encrypted. Output to the first computer, a part of the software of the self is encrypted with the second encryption key, a part of the software encrypted with the second encryption key is the second And a server that sends the other part of the software to the first computer, wherein the first computer has a part of the software encrypted with the first encryption key. Once entered, A part of the software encrypted with the first encryption key is decrypted with a first decryption key corresponding to the first encryption key, and another part of the software input from the server and When the part of the software encrypted with the second encryption key is input, the second computer encrypts the part with the second encryption key. A part of the software that has been decrypted with a second decryption key corresponding to the second encryption key, and with reference to the other part of the software transmitted from the server to the first computer A software loading system for receiving and linking another part of the software with a part of the decrypted software. 4. A software which is connected to the first computer via a network, outputs information regarding the first encryption key, receives the information regarding the first encryption key, and has a software A part of the software is encrypted with the first encryption key, a part of the software encrypted with the first encryption key is output to the first computer, and the other part of the software has the software. A server for transmitting to the second computer, the first computer is encrypted with the first encryption key when a part of the software encrypted with the first encryption key is input. Part of the software is decrypted with a first decryption key corresponding to the first encryption key, and the other part of the software input from the second computer and the decrypted software Software load system that is characterized in that to connect the parts. 5. The server encrypts another portion of the software output to the first and second computers with a common encryption key known to the first and second computers, and encrypts the other portion of the software with the common encryption key. The other part of the software is output to the first and second computers, and the first and second computers receive another part of the software encrypted with the common encryption key. 4. The software loading system according to claim 1, wherein another part of the software encrypted with the common encryption key is decrypted with a common decryption key corresponding to the common encryption key. 6. When the server receives information on the first and second encryption keys, the server sends, to the first computer, information indicating a portion to be encrypted with the first encryption key by using its own software. Output to the second computer the information indicating the part to be encrypted with the second encryption key by the own software, and the first and second computers output the software output from the server. 6. The software loading system according to claim 1, wherein a part of the encrypted software is decrypted based on the information indicating the encrypted part. 7. The server encrypts and outputs information indicating an encrypted part of the software, and the first and second computers transmit information indicating the encrypted part of the encrypted software. 7. The software loading system according to claim 6, wherein decryption is performed. 8. A key information output step in which a first computer outputs information related to a first encryption key to a server connected via a network, wherein the server transmits a part of software of the server to the first computer. Encrypting using the one encryption key and outputting a part of the software encrypted with the first encryption key to the first computer; and The unencrypted part output step of transmitting the part to the first computer, the first computer, a part of the received software, the first decryption key corresponding to the first encryption key A decoding step of decoding; and a linking step of linking the decrypted part of the software with another part of the software, the first computer comprising: How to load software. 9. A first key information output step in which a first computer outputs information on a first encryption key to a server connected via a network, and a second computer is connected via the network. A second key information output step of outputting information relating to a second encryption key to the server, wherein the server encrypts a part of software of the server using the first encryption key, A part of the software encrypted with the first encryption key is output to the first computer, and a part of the software is encrypted using the second encryption key, and the second encryption An encrypted part output step of outputting a part of the software encrypted with a key to the second computer; and the server broadcasts another part of the software to the first and second computers. Non-encrypted partial output step, the first computer decrypts a part of the received software with a first decryption key corresponding to the first encryption key, and the second computer A decryption step of decrypting a part of the received software with a second decryption key corresponding to the second encryption key, wherein the first and second computers are configured to decrypt a part of the decrypted software Connecting the software to another part of the software. 10. A first key information output step in which a first computer outputs information relating to a first encryption key to a server connected via a network, and a second computer is connected via the network. A second key information output step of outputting information relating to a second encryption key to the server, wherein the server encrypts a part of software of the server using the first encryption key, A part of the software encrypted with the first encryption key is output to the first computer, and a part of the software is encrypted using the second encryption key. An encrypted part output step of outputting a part of the software encrypted with a key to the second computer, and a non-encryption in which the server transmits another part of the software to the first computer. A partial output step, an unencrypted partial monitoring step in which the second computer refers to and receives another part of the software output from the server to the first computer, and the first computer receives Part of the software that has been decrypted with a first decryption key corresponding to the first encryption key, and the second computer converts the received part of the software to the second encryption key. A decryption step of decrypting with a corresponding second decryption key, and the first and second computers comprising a coupling step of coupling a part of the decrypted software and another part of the software. Software loading method characterized by the above-mentioned. 11. A key information output step in which a first computer outputs information relating to a first encryption key to a server connected via a network, wherein the server transmits a part of software of the server to the first computer. Encrypting using the one encryption key and outputting a part of the software encrypted with the first encryption key to the first computer; and A non-encrypted part output step of transmitting a part of the software to the second computer having the software, the first computer converts a part of the received software to a first encryption key corresponding to the first encryption key. A decryption step of decrypting with a decryption key; and a coupling step of coupling the first computer with a part of the decrypted software and another part of the software. A method for loading software, comprising: 12. A common encryption step for encrypting another part of the software with an encryption key known to a computer transmitting the other part of the software when the server transmits another part of the software. The software loading method according to any one of claims 8 to 10, wherein: 13. A prior information encryption step for encrypting information relating to a part of the software and transmitting the encrypted information to a computer transmitting the part of the software before the server transmits the part of the software. The method for loading software according to any one of claims 8 to 12, wherein: 14. The first computer encrypts software of the first computer with an encryption key of the first computer, and transmits the encrypted software to the network of the first computer. A computer encryption step for transmitting to the server connected via the second computer, the second computer receives the software encrypted with the encryption key from the server connected via the network, and A computer decryption step of decrypting the encrypted software using a corresponding decryption key. 15. The first computer has software and difference information on the software, updates the software based on the software and the difference information, and the first computer updates the updated software. A computer encryption step of encrypting with the encryption key of the first computer and transmitting the encrypted updated software to a server connected to the first computer via a network; Receives the updated software encrypted with the encryption key from the server connected via the network, and decrypts the updated software using a decryption key corresponding to the encryption key. And a computer decoding step.