JP2000215280A - Identity certification system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To certify the identify of an information transmitter by registering an electronic signature, which uses the feature quantity of biological information peculiar to the transmitter and the secret key of a certification organ, onto a storage medium. SOLUTION: When the biological information on the owner of a new IC card is inputted to a biological information input device 413, an issue terminal 411 extracts the feature quantity for owner collation from the biological information. Next, the certification of a certificate ID for specifying a certificate for the extracted feature quantity information and electronic certification is requested through a network 405 to a certification station 401 after the electronic signature of an issuer. In the certification station 401, after the safety of communication is confirmed from the received electronic signature, the received information such as feature quantity is signed by the secret key of the certification station 401 so that the certificate can be prepared. This certificate is issued through the network 405 to the issue terminal 411. In the issue terminal 411, after the safety of communication is confirmed from the certificate, the electronic signature of a person, who performs a registration job, is registered on the IC card to be newly issued together with the received certificate and feature quantity such as fingerprint.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a security technology for an owner authentication system for a portable storage medium such as an IC card, and more particularly to a security system for issuing and operating a portable storage medium for an identity authentication system. About technology.

[0002]

2. Description of the Related Art The following are known examples of the present invention.

(1) Electronic commerce demonstration promotion council IC card WG: "IC card use guideline (contact / non-contact) (1.0 version)", e-commerce verification promotion council, Heisei
Published March 2010.

(2) Kazuo Takagi et al .: "Firewall-
About Internet Related Technology ", Shokodo, 1998
Published in June.

[0005] (1) is that the manufacturer temporarily publishes a PIN (Personal Identification Number) for the IC card for the issuer.
r: a password or an ID and a password), and forgery of the IC card is prevented by not allowing those who do not know the PIN to access the IC card. When the IC card is issued, the issuer is PI
By setting N and not allowing a person who does not know the PIN to access the important area of the IC card, countermeasures against forgery, alteration, and falsification of the IC card are made.

[0006] (2) describes a public key encryption technique and an electronic signature technique using the public key encryption technique. In public key encryption technology, when encrypting and decrypting information, two different numerical values related to each other, called a public key and a secret key, are used as keys. Information encrypted with a public key can be decrypted with a secret key, and information encrypted with a secret key can be decrypted with a public key.

[0007] By utilizing this feature, the private key is concealed and the public key is made public on the network. If the private key is encrypted with the public key of the communication partner, it can be decrypted only with the private key of the communication partner. Communication security can be ensured. Also, if you encrypt with your own private key, you can only decrypt with your own public key,
You can maintain the integrity of the information you want to convey.
This is called electronic signature technology.

[0008] In the digital signature technique, for a document having a large amount of information, a one-way function (called a message digest function or a hash function) is used to generate a message digest in which the information is compressed to a small size, and a secret key is assigned to the message digest. Attach the encrypted information to the document. The recipient of the document confirms the integrity of the document by comparing the decryption information of the attached information with the public key and the message digest of the document created by the same one-way function.

[0009]

In the method of the prior art (1), if the PIN set by the manufacturer for the issuer is leaked, the PIN may be forged. Also, if the PIN set by the issuer is leaked, there is a possibility that the PIN may be forged, altered or falsified. In addition, if the issuer commits fraud, it cannot be dealt with.

[0010] Further, if only biometric features such as fingerprints are registered in a portable storage medium such as an IC card, the feature information may be falsified by a thief to be used illegally when plagiarized. .

There is a need for a management and operation system that does not cause these injustices.

[0012]

The personal authentication system of the present invention has the following means as means for solving the above.

The personal authentication system envisioned in the present invention has an input device for biometric information unique to the user, and matches the biometric information input using the characteristic amount of the biometric information unique to the person registered in the portable storage medium. Means for authenticating the owner of the portable storage medium, and electronic signature means using a secret key of a public key system confidentially held in the portable storage medium. It is possible to authenticate the validity.

In the system for issuing a portable storage medium used in such a personal authentication system, an electronic authentication institution for authenticating characteristic amount information and electronic authentication information of biometric information registered in the portable storage medium, and a new portable storage medium And an issuing terminal having a device for inputting personal information such as a keyboard and a device for inputting biometric information of the owner of the device, respectively, via a network.

In the issuing terminal, a characteristic amount generated from biometric information input by a person (owner of the new portable storage medium) requesting the issuance of a new portable storage medium, and an electronic device newly registered in the portable storage medium. It has means for generating an electronic signature of an electronic certificate authority for the key information of the public key method for authentication, and impersonates the biometric information feature registered in the portable storage medium to illegally replace it with the biometric information of another person. Fraud can be prevented.

The issuing terminal has means for owner authentication and electronic authentication of the portable storage medium according to the contents of the portable storage medium possessed by the issuer (issuer).
The electronic certificate authority can authenticate the issuer, and communication is performed by performing encrypted communication using the public key of the electronic certificate authority and the public key corresponding to the secret key of the issuer's portable storage medium at the certificate authority. Confidentiality can be maintained.

In the means for authenticating the issuer, there is provided a means for permitting the issuance work by limiting the electronic issuance work permit electronically signed by the certificate authority to the issuer registered in the portable storage medium. It is possible to prevent improper issuance of a person who performs the issuance business by a person other than the person who is authorized by the certificate authority to issue.

The electronic signature means in the electronic certificate authority records the electronic signature information given to the portable storage medium of the issuer and the new registrant, information for specifying the issuing terminal, and the date and time when the issuing operation was performed. It is possible to investigate the issuer who issued the improper issue, the issue terminal issue date and time, and the improper portable storage terminal.

In addition, when the portable storage medium is used for authentication, an electronic signature for verifying the electronic signature of the biometric feature registered in the portable storage medium is provided. It is possible to prevent improper use by impersonating the owner of the medium.

Further, the portable storage medium is provided with information of a group to which the owner digitally signed by the electronic certificate authority belongs, and when using the portable storage medium for authentication, the electronic signature group information is verified. Thus, a function of authenticating the owner's group is provided, the group to which the user belongs can be correctly authenticated via the network, and improper use of the group can be prevented.

[0021]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The embodiments of the present invention will be described below using an IC card as an example.

However, the storage medium of the present invention is not limited to an IC card.

First, an outline of an IC card will be described in section (1), and a system configuration of the present invention will be described in section (2).
Section (3) describes the contents of the IC card of the present invention, section (4) describes the details of the issuing function of the present invention, section (5) describes the application registration, and section (6) describes the use of the personal identification IC card.

(1) Outline of IC Card First, an example of the configuration of an IC card is shown in FIG.

The IC card 101 exchanges information with an I / O
An O unit 102, a CPU unit 103 for processing information, a RAM unit 104 for temporarily reading and writing information, a ROM unit 105 for storing information processing procedures such as an OS, and an EEPROM unit for storing and storing information. Have been.

Next, the life cycle of the IC card is shown in FIG.
Shown in

B) The IC card is issued from the manufacturer 201 to the issuer 202
Shipped to.

B) Issued from the issue source 202 to the user 203.

(C) The user 202 presents the IC card to the service provider 204 and receives the service. The service provider 204 that has received the presentation refers to the card issuer 202 for credit and the like, and provides a service.

D) The issuer 202 discards unnecessary IC cards or IC cards collected for some reason from the user. Also, it is discarded by the user 203.

Next, FIG. 3 shows an example of contents (of EEPROM) of an IC card having an electronic authentication function.

The IC card 301 has an I card issued by a certificate authority.
Certificate 302 for certifying the validity of the C card, public key 303 of the IC card issuer, electronic signature 304 of the issuer for certifying the validity of the issuing procedure, and disclosure of the IC card 301 (given to the IC card owner) It comprises a key 305, a secret key 306 of the IC card 301 (given to the IC card owner), and an encryption algorithm 307 for signature generation.

[0033] The validity of the IC card is determined by the certificate from the IC card.
302 is read out to the terminal 311, and the signature verification algorithm 313 is read.
The signature ciphertext paired with the signature information by the public key of the certificate authority
It can be proved by decrypting it in 312, creating a message digest from the signature information of the certificate, and comparing it with the decrypted result.

The legitimacy of the issuing procedure can be proved by reading out the issuer's public key 303 and the issuer's electronic signature from the IC card, decrypting the message, and creating a message digest, and comparing them.

The generation of the digital signature of the IC card owner is as follows.
A message digest is created at the terminal for the data to be signed, and the message digest is input to the IC card.
By encrypting with 7, the signature can be generated without outputting the secret key 306 to the terminal.

(2) System Configuration FIG. 4 shows a first example of the system configuration of the present invention.

An electronic certificate authority 401 for authenticating the contents of the personal authentication IC card, a personal authentication IC card issuing terminal 411 for issuing the personal authentication IC card, and a network 405 connecting the both.
Consists of

An electronic certificate authority 401 associates an IC card with a uniquely identifiable number and stores a public key DB 402 for storing personal information and a public key of the IC card, and a storage device for storing an issue log such as a certificate and an electronic signature. Consists of 403.

The personal authentication IC card issuing terminal 411 includes an IC card read / write device 412 for the issuer, a device 413 for inputting biometric information, and an IC card read / write device 414 for a new registrant. However, the IC card read / write devices 412 and 414 may be shared.

FIG. 5 shows a second example of the system configuration of the present invention.

In the second example, a public key type IC card is issued from the electronic certificate authority 501 and the IC card issuing terminal 511, and thereafter, the user is separately authenticated by the biometric certificate authority 521 and the personal authentication application registration terminal 531. Consider a case where a biometric authentication function is registered in an IC card as an authentication application.

Electronic certificate authority 50 for authenticating the issued IC card
1, an IC card issuing terminal 511, a biometric authentication station 521 for authenticating biometric information capable of identifying a registered individual,
It comprises a personal authentication application registration terminal 531 for registering a personal authentication function in an IC card, and a network 505 to which each is connected.

The electronic certificate authority 501 associates an IC card with a uniquely identifiable number and stores a private key DB 502 for storing personal information and a public key of the IC card, and a storage device 503 for storing a certificate issuance log. Become.

The IC card issuing terminal 511 includes an IC card reading / writing device 512 for an issuer, a device 513 for inputting biometric information, and an IC card reading / writing device 5 for a new registrant.
Consists of fourteen. However, the IC card read / write device 51
2 and 514 may be shared by replacing the IC card.

The biometric authentication station 521 includes a storage device 521 for storing an issuance log of a certificate of biometric information to be registered.

User authentication application registration terminal 531
Is composed of an IC card read / write device 532 for the issuer, a device 533 for inputting biometric information, and an IC card read / write device 534 for a new registrant. However, the IC card read / write devices 532 and 534 may be shared by replacing the IC card.

(3) Content of Identity Authentication IC Card FIG. 6 shows an example of the storage content (EEPROM) of the identity authentication IC card of the present invention.

The IC card 601 stores the I card issued by the certificate authority.
Certificate 602 certifying the validity of the C card, public key 603 of the IC card issuer, electronic signature 604 of the issuer certifying the validity of the issuing procedure, disclosure of the IC card 601 (given to the IC card owner) It comprises a key 605, a secret key 606 of the IC card 601 (given to the IC card owner), an encryption algorithm 607 for signature generation, IC card owner information 621, and a biometric authentication application area 631.

The personal authentication application area 631 includes a certificate 632 electronically signed with the secret key of the biometric certificate authority for the characteristic amount of the biometric information and the ID number of the electronic certificate, and the validity of the personal authentication application registration procedure. It consists of the electronic signature 633 of the registrant to be authenticated, the public key 634 of the registrant of the personal authentication application, the biometric feature 635 of the IC card owner, the algorithm 636 for personal authentication, and another application registration area 637 for performing biometric personal authentication. . However, the personal authentication algorithm 636 may be protected in the terminal.

As described above, the information digitally signed by the certification organization is applied to the biometric information feature and the ID number of the electronic certificate.
By having it on an IC card, it is possible to detect both spoofing by falsifying biometric information and falsification by falsifying an electronic certificate,
It has the effect of preventing spoofing.

(4) Details of IC Card Issuing Function FIG. 7 shows a schematic flow of issuing the personal identification IC card of the present invention.
Shown in

Step 701: The personal authentication IC card issuing business starts.

Step 702: Establish secure communication with the certificate authority.

Step 703: The person in charge of the issuing business is authenticated.

Step 704: The owner information of the newly issued IC card is input.

Step 705: A certificate is issued from the certificate authority.

Step 706: New IC for issuing electronic authentication information
Register on the card.

Step 707: The biometric information of the owner and the personal authentication function are registered in the newly issued IC card.

Step 708: The IC card issuance task ends.

Each step of the above flow will be described in detail.

FIG. 8 shows the establishment of secure communication with the certificate authority.
9 shows the issuer authentication, FIG. 10 shows the owner information input,
FIG. 11 shows the issuance of a certificate and registration to a newly issued IC card, and FIG. 12 shows the registration of biometric information and a personal authentication function.

First, establishment of secure communication with a certificate authority will be described (FIG. 8).

Step 801: The issuing terminal generates a common key used for secure communication.

Step 802: The generated shared key is encrypted with the public key of the certificate authority.

Step 803: Send the encrypted shared key to the certificate authority.

Step 804: The certificate authority decrypts the transmitted cipher text with the secret key of the certificate authority to obtain a shared key.

Step 805: In order to confirm the establishment of secure communication, an electronic signature is created with the secret key of the certificate authority, encrypted with the shared key, and sent to the issuing terminal.

Step 806: The issuing terminal decrypts the transmitted cipher text with the shared key, verifies the electronic signature, and confirms that the communication is with the correct certificate authority and that there is no risk of falsification in the route. . If the security of the communication cannot be confirmed, the process jumps to step 820.

Step 807: Digitally sign information indicating that the purpose of communication is "IC card issuance" with the private key of the issuer.

Step 808: The digital signature of 807 is encrypted with the shared key and sent to the certificate authority.

Step 809: The certification authority decrypts the received cipher text with the shared key, verifies the electronic signature, and confirms the security of the communication. If the security of the communication cannot be confirmed, the process jumps to step 820. If the security of the communication can be confirmed, the process proceeds to FIG.

Step 820: If the security of the communication cannot be confirmed, record the communication at the certificate authority and terminate the issuing application.

In the following flow, it is assumed that communication between the issuing terminal and the certificate authority is performed using a shared key.

Next, the authentication of the issuer will be described (FIG. 9).

Step 901: In response to the recognition of the issuing business communication in step 809, the issuer issues an authentication request to the correct issuer or issuing terminal.

Step 902: The biometric information is input from the biometric information input device of the issuing terminal, and this information is compared with the feature amount of the biometric information registered in the issuer IC card. Confirm that there is no difference between the owners.

Step 903: As a result of step 902, if the owner of the IC card is not authenticated, the process jumps to step 920.

Step 904: Digitally sign an IC card issuing application use certificate for authenticating the owner authentication result of step 902 and the validity of the person in charge of the IC card issuing business with the issuer private key.

Step 905: Send step 904 to the certificate authority.

Step 906: The certificate authority confirms the security of communication and the legitimacy of the person in charge of the issuing business from the received electronic signature. If not, the process jumps to step 920.

Step 907: Generate an ID number (a number capable of uniquely specifying a card managed by a certificate authority) assigned to a newly issued card.

Step 908: The ID number generated in step 907 is digitally signed with the private key of the certificate authority.

Step 909: Assign step 908 to the issuing terminal
Send the number. Proceed to FIG.

Step 920: If the security of the communication and the validity of the issuer cannot be confirmed, the certificate authority makes a communication record and terminates the issuing application.

FIG. 10 shows an example of an interface for inputting the owner information of the newly created IC card by the issuing terminal.

In this interface, Japanese names
1011, 1012, English names 1013, 1014, zip codes 1021, 10
22, home address 1023, home phone number 1024, relationship with householder
It consists of input fields such as 1025, nationality 1026, birthday 1027, social insurance number 1031, driver's license number 1032, passport number 1033, and the like.

Subsequently, issuance of a certificate and IC of electronic authentication information
The card registration will be described (FIG. 11).

Step 1101: Information on the owner of an IC card to be newly created in the issuing terminal is input through the interface as described with reference to FIG.

Step 1102: The issuing terminal generates a public key and a secret key for an IC card to be newly created. There is also a method of generating the secret key in the IC card so that the content of the secret key does not leak from the issuer.

Step 1103: Digitally sign the public key generated in step 1102 and the owner information input in step 1101 with the private key of the issuer.

Step 1104: The digital signature of step 1103 is sent to the certificate authority, and a new registration application is made.

Step 1105: The certificate authority checks the communication security and whether there is any problem with the owner information. If not, the process jumps to step 1120.

Step 1106: Generate a certificate using the secret key of the certificate authority and send it to the issuing terminal.

Step 1107: The issuing terminal verifies the digital signature of the received certificate and confirms the security of the communication.
If not, the process jumps to step 1120.

Step 1108: The certificate of step 1107, the public key and secret key of step 1102, the owner information of step 1101 are stored in the storage unit (EEPROM) of the newly issued IC card.
In addition, an electronic signature using the secret key of the issuer that certifies the validity of the issuing procedure, the public key of the issuer, an algorithm for generating an electronic signature, and the like are registered. Jump to FIG.

Step 1120: If the security of the communication and the validity of the newly registered owner information cannot be confirmed, the certificate authority makes a communication record and terminates the issuing application.

Next, the registration flow of the personal authentication function to the new IC card will be described (FIG. 12).

Step 1201: The issuing terminal sets an empty area of the storage unit (EEPROM) of the IC card as the personal authentication application area and formats it.

Step 1202: The issuing terminal registers the personal authentication algorithm in the storage unit of the IC card.

Step 1203: The biological information of the owner of the new IC card of the issuing terminal is input by the biological information input device.

Step 1204: Extract a feature amount for owner verification from the biometric information input in step 1203.

Step 1205: After the issuer's electronic signature, the feature amount information extracted in step 1204 and the certificate ID for specifying the certificate for electronic authentication registered in FIG. 11 are requested to certify the certificate authority.

Step 1206: The certificate authority checks the security of the communication from the received digital signature. If not, the process jumps to step 1220.

Step 1207: A signature is created on the received information such as the characteristic amount using the secret key of the certificate authority, and a certificate is created. This certificate is issued to the issuing terminal.

Step 1208: The issuing terminal confirms communication security from the received certificate. If not, the process jumps to step 1220.

Step 1209: In the newly issued IC card,
In step 1208, the digital signature of the person (in this case, the issuer) who has registered the certificate and the fingerprint feature amount received in step 1208 is registered. Proceed to FIG.

Step 1220: If the security of the communication cannot be confirmed, record the communication at the certificate authority and terminate the issuing application.

Next, the end processing of the issuing business will be described (FIG. 13).

Step 1301: The secret key information generated for the newly issued IC card by the issuing terminal is deleted from the program.

Step 1302: An issuance completion report is created by electronic signature using the issuer's private key, and sent to the certificate authority.

Step 1303: The certificate authority verifies the electronic signature of step 1302 to confirm the security of communication. If not, the process jumps to step 1320.

Step 1304: The certificate authority normally saves the record issued by the personal identification IC card. The stored contents include information for specifying the issuer and the owner of the new IC card (such as an ID number), information for specifying the issuing terminal (such as a MAC address and serial number of the issued software), and the date and time when the issuing operation was performed. save.

Step 1305: The end of the issuing task is notified to the issuing terminal.

Step 1306: The certificate authority discards the shared key used for secure communication.

Step 1307: The issuing terminal that has received the notification of step 1306 also discards the shared key.

Step 1308: The issuing application ends.

Step 1320: If the security of the communication cannot be confirmed, the communication record is recorded at the certificate authority and the issuing application is terminated.

The above flow has been described for the example of the system configuration in FIG. 4, but in the case of the system configuration in FIG.
The process excluding the flow in FIG. 12 is performed by the electronic certificate authority 501 and the IC card issuing terminal 511, and the process excluding the flow in FIG. 11 is subsequently performed by the biometrics authentication authority 521 and the personal authentication application registration terminal. This can be achieved by:

FIG. 14 is a function-related diagram summarizing the flows of FIGS. 8 to 13 of the present invention.

With the above issuance flow, counterfeiting of an IC card that is not related to the certificate authority can be prevented, and a log that can identify the person who performed the issuance operation can be traced for improper issuance. Has the effect of preventing spoofing.

(5) Application Registration Here, a flow of registering an application in the personal identification IC card will be described. Using this application registration flow, a certificate for permitting the business of the IC card issuing application is issued.

FIG. 15 shows a schematic flow of registering a new application in the personal identification IC card.

Step 1501: The application registration application is started.

Step 1502: Establish secure communication with the application server (application certification authority) as described in FIG.

Step 1503: The authentication of the application registration operator (or the registered application) is performed as described with reference to FIG. In the case of a registered application, only electronic authentication is performed.

Step 1504: Verify whether the application recipient is the proper owner of the IC card, verify the biometric information registered in the IC card with the biometric information input from the registered application terminal, and authenticate the user.

Step 1505: An application use certificate is issued from the application server.

Step 1506: Register information in the IC card for registering a new application.

Step 1606: The registered application ends.

FIG. 16 shows a detailed flow of steps 1504-1506.

Step 1601: In the application registration terminal,
Whether the application registration requester is a legitimate owner of the IC card,
Authenticates the user.

Step 1602: The authentication result of step 1601 is digitally signed with the secret key of the application registration operator (or registered application).

Step 1603: The application server (application certificate authority) verifies the electronic signature in step 1602, and checks whether there is any problem in the communication or whether there is no problem by giving the application registration authority to the application registration requester. If not, the process jumps to step 1620.

Step 1604: Generate an application use certificate and deliver it to the application registration terminal.

Step 1605: The application registration terminal verifies the application use certificate and confirms whether there is any communication problem.
If not, the process jumps to step 1620.

Step 1606: The application use certificate of step 1605, the application initial data, the application program, etc. are registered in the IC card of the application registration requester.

Step 1620: If the security of the communication cannot be confirmed, or if there is a problem with the application registration requester,
Record the communication record at the certificate authority and terminate the registration application.

FIG. 17 shows an example of the stored contents of an IC card in which an IC card issuing application use certificate has been registered.

The IC card 1701 is issued by a certificate authority.
Certificate 1702 that certifies the validity of the IC card, public key 1703 of the IC card issuer, electronic signature 1704 of the issuer that certifies the validity of the issuing procedure, disclosure of the IC card 1701 (given to the IC card owner) It includes a key 1705, a secret key 1706 of the IC card 1701 (given to the IC card owner), an encryption algorithm 1707 for signature generation, IC card owner information 1721, and a biometric authentication application area 1731.

The personal authentication application area 1731 includes a certificate 1732 of the characteristic amount authenticated by the biometric certification authority, a digital signature 1733 of a registrant who authenticates the validity of the personal authentication application registration procedure, and a disclosure of the personal authentication application registrant. It is composed of a key 1734, a biometric feature amount 1735 of the IC card owner, an authentication algorithm 1736, and another application registration area 1737 for performing biometric authentication. However, the authentication algorithm 1736 may be protected in the terminal.

The personal authentication application registration area 1737 has an IC card issued application use certificate 1737, an electronic signature 1742 of the application registration operator, and a public key 1743 of the application registration operator.

As described above, by limiting the owners of IC cards that perform application registration and IC card issuance,
It is possible to manage the writing work on the card and to prevent the contents of the IC card from being tampered with.

(6) Use of Personal Authentication IC Card FIG. 18 shows an example of a flow in the case where the personal authentication IC card is used to receive a service from an application that verifies the validity of the owner of the IC card.

Step 1801: The application is started.

Step 1802: If there is a service request, proceed to step 1803; otherwise, return to step 1802.

Step 1803: A request is made to present a personal identification IC card and biometric information registered in the IC card.

Step 1804: A certificate of the characteristic amount of the biometric information is called from the personal identification IC card, and decrypted with the public key of the certificate authority that issued the biometric information certificate.

Step 1805: The feature amount of the biometric information is called from the personal identification IC card, and the message digest is obtained by the message digest function.

Step 1806: The result of step 1804 is compared with the result of step 1805, and the certificate ID of the electronic authentication certificate registered in the personal identification IC card is compared. It is determined that the biometric information of the card has not been tampered with, and the process proceeds to step 1807. If not, go to step 1820.

Step 1807: The feature amount called in step 1805 is compared with the biometric information of the IC card owner.

Step 1808: As a result of step 1807, if the validity of the owner of the IC card can be confirmed, the process proceeds to step 1808. If the validity cannot be confirmed, the process proceeds to step 1830.

Step 1809: The service requested in step 1802 is provided. Upon completion, the process returns to the step 1802.

Step 1820: Judge that the fingerprint feature of the personal identification IC card has been tampered with, record the information of the personal identification IC card, and lock the IC card. Depending on the operation, an alarm is sounded to notify the staff. Step 18
Return to 02.

Step 1830: “The biometric information of the IC card and
Unable to verify owner biometric information. Please consult with the person who registered the authentication function. To the requester, and record the information of this IC card. Depending on the operation, an alarm is sounded to notify the staff. Return to step 1802. Here, when the data M of an arbitrary length is input, the message digest function is a short data h of a certain length.
This is a function for compressing to (M), and is called a hash function. This function has the following features.

The original message cannot be restored from the compression result.

· Another data N such that h (M) = h (N)
Difficult to find.

It is difficult to find a combination of M and N that has the same hash value h (M).

The certificate of the present invention uses this function to create a message digest of the characteristic amount of biometric information and encrypt it with the secret key of the certificate authority.

As described above, when using the application,
By confirming the validity of the feature amount of the biometric information registered in the IC card, it is possible to prevent spoofing due to tampering of the biometric information registered in the IC card.

Next, the group authentication will be described.

FIG. 19 shows an example of a group attribute registration screen.

The group registration screen includes a field 1901 for entering the institution to which the user belongs, a field 1902 for entering the position,
Field 1903 for entering the department to which the user belongs, second to which the user belongs
A field 1904 for inputting the department, a registration button 1905 for reading the input information, requesting the certificate authority for an electronic signature, and registering the result in the IC card, and a cancel button 1906 for canceling the processing.

The registration of the group attribute can also be performed by a processing procedure according to the application registration procedure.

FIG. 20 shows a processing flow of group authentication.

Step 2001: An application for verifying group authority is activated by the user.

Step 2002: The user is requested to present an IC card.

Step 2003: The certificate of the IC card is verified, and if there is no problem, proceed to the next step. If you have any problems,
Quit the app.

Step 2004: The biometric certificate is verified, and if there is no problem, proceed to the next step. If there is a problem, close the app.

Step 2005: Owner authentication processing is performed based on the biometric information registered in the IC card, and if the owner is confirmed valid, the process proceeds to the next step. If not, exit the app.

Step 2006: The electronic signature of the group information is verified. If there is no problem, the process proceeds to the next step. If there is a problem, close the app.

Step 2007: Using the IC card group information, the use of the application is permitted within this authority.

Step 2008: Terminate the application.

By performing such processing, the owner can be authenticated with the IC card after the owner is authenticated by the personal authentication, and the impersonation of the group can be prevented.

[0174]

According to the issuing system of the present invention, it is possible to prevent forgery of a portable storage medium which is not related to the certificate authority, and to have a log which can identify a person who has performed the issuing operation. It is possible to prevent spoofing due to rewriting of the biological information feature. Further, the present invention can be applied to the registration of a multi-purpose application, and since the registrant of the application can be specified, the writing to the portable storage medium can be monitored, which has the effect of preventing tampering.

[Brief description of the drawings]

FIG. 1 is an apparatus configuration diagram of an IC card.

FIG. 2 is a life cycle diagram of an IC card.

FIG. 3 is a diagram illustrating an example of stored contents of an IC card having an electronic authentication function.

FIG. 4 is a diagram showing a first example of a system configuration of the present invention.

FIG. 5 is a diagram showing a second example of the system configuration of the present invention.

FIG. 6 is a diagram showing an example of the stored contents of the personal identification IC card of the present invention.

FIG. 7 is a schematic flow chart up to issuance of an identity authentication IC card of the present invention.

FIG. 8 is a flowchart of establishing secure communication with a certificate authority in issuing an identity authentication IC card according to the present invention.

FIG. 9 is a flowchart of issuing business person authentication in issuing the personal identification IC card of the present invention.

FIG. 10 is a diagram showing an example of an input screen of owner information of a newly issued IC card in issuing an identification IC card according to the present invention.

FIG. 11 is a flowchart of issuing a personal identification IC card and registering an IC card such as electronic authentication information in the present invention.

FIG. 12 is a flow chart of registering an identity authentication function in an IC card in issuing an identity authentication IC card according to the present invention.

FIG. 13 is a flowchart of a termination process of an IC card issuing application in issuing an identity authentication IC card according to the present invention.

FIG. 14 is a diagram related to the function of issuing an identification IC card according to the present invention.

FIG. 15 is a schematic flow chart of registering a new application in the personal identification IC card of the present invention.

FIG. 16 is a flowchart of application registration in new application registration of the present invention.

FIG. 17 is a diagram illustrating an example of the stored contents of an IC card with an IC card issuance certificate according to the present invention.

FIG. 18 is a flow chart of personal authentication when the IC card of the present invention is used.

FIG. 19 is a diagram showing an example of an input screen for group registration according to the present invention.

FIG. 20 is a flowchart of group authentication when using an IC card according to the present invention.

[Explanation of symbols]

101: IC card, 102: IC card I / O unit, 103: IC card CPU, 104: IC card temporary storage unit (RAM), 105: IC card procedure storage unit (ROM), 106: IC card Non-volatile storage unit (EEPROM).

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G06K 19/10 G09C 1/00 660A 9A001 G09C 1/00 640 G06F 15/62 465A 660 6G06K 19/00 R H04L 9/32. 890 Hitachi Systems Co., Ltd. System Development Division (72) Inventor Hiromichi Murakami 1 Horiyamashita, Hadano-shi, Kanagawa Pref. Within Nitachi Information Technology Co., Ltd. No. 1 Hitachi Engineer Ring Co., Ltd. in the F-term (reference) 5B035 AA14 BB09 BC00 BC02 CA01 CA38 5B043 AA04 BA01 BA05 CA05 CA10 FA04 FA07 GA02 5B058 CA23 CA27 KA02 KA35 KA37 KA38 5B085 AE09 AE12 AE13 AE23 AE25 5J104 AA07 KA01 KA07 KA16 LA06 MA02 NA38 9A001 BZ03 EE03 LL03

Claims (1)

[Claims] A function of authenticating the owner of the portable storage medium by using a characteristic amount of biometric information unique to the user registered in the portable storage medium; and a public key registered in the portable storage medium. In a system for issuing a new portable storage medium of a personal authentication system having a function of performing electronic authentication in communication via a network using a secret key of a system, a person (new owner) requesting issuance of the new portable storage medium A) generating a digital signature using a secret key of a certification authority with respect to the characteristic amount of the biometric information and information for specifying a key for electronic authentication to be registered in a new portable storage medium; An identity authentication system having a function of registering a signature in the new portable storage medium.