JP2003043916A - Computer and computer program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a computer which can know whether the contents of a web page are forged or not when browsing the web page in a client apparatus, and to provide a computer program for the same. SOLUTION: A web server 1 creates a URL from own public key, encrypts the contents with own secret key to create a digital signature, and then attaches the digital signature to the contents. The client apparatus 2 receives the contents of the web page of the above URL, creates the public key from the URL, decodes the digital signature attached to the contents with the public key, and then determines whether a decoded result and the contents are identical or not.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a computer having a function as a web server device or a client device for browsing web pages, and a computer program for realizing the computer as the web server device or the client device.

[0002]

2. Description of the Related Art In recent years, companies and the like have been conducting publicity activities using web pages on the Internet. The web page is stored in the web server device, and a client device connected to the web server device via a communication network can obtain information by browsing the output web page.

[0003]

When the content of the web page is tampered with by a third party, the client device cannot know that the content has been tampered with, and thus obtains incorrect information. .

The present invention has been made in view of such circumstances, and a computer having a function of a web server device includes means for encrypting the content of a web page to create a digital signature, and a computer on the client side. When the content has been tampered with by a third party by providing means for decrypting the digital signature and means for determining whether or not the decrypted result and the content are the same, An object of the present invention is to provide a computer and a computer program by which a client can know that the content has been tampered with when browsing a web page.

[0005]

A computer according to a first aspect of the present invention is a computer which has its own public key and private key, and which stores the contents of a web page.
Means for generating a URL from the public key, means for encrypting the data of the content using the secret key to create a digital signature, and storing the URL in association with the content including the digital signature. And means.

The computer according to the second aspect of the invention is connected to another computer that stores the content of the web page corresponding to the URL, receives the content, and browses the web page. A means for generating, a decrypting means for decrypting the digital signature included in the content with the public key, and a means for determining whether or not the result decrypted by the decrypting means is the same as the content. It is characterized by being provided.

A computer program according to a third aspect of the present invention is a computer program for a computer which has its own public key and private key and stores the contents of a web page, wherein the public key is transferred to
A step of generating an RL, a step of encrypting the data of the content using the secret key to create a digital signature, and a step of storing the URL in association with the content including the digital signature. It is characterized by being executed.

A computer program according to a fourth aspect of the present invention is a computer program for a computer that connects to another computer that stores content of a web page corresponding to a URL, receives the content, and browses the web page. U to the computer
Whether the public key is generated from the RL, the decryption step of decrypting the digital signature included in the content with the public key, and whether the result decrypted by the decryption step is the same as the content And a step of determining

In the first and third aspects of the invention, the computer functions as a web server device, generates a URL from its own public key, and encrypts the content of the web page with its own private key to create a digital signature. Then, the digital signature is attached to the content and stored in association with the URL. The second invention and the fourth invention
In the invention, the computer functions as a client device for browsing a web page, receives the content of the web page corresponding to the URL,
From the above, the public key is generated, the digital signature attached to the content is decrypted by the public key, and it is determined whether or not the decrypted result is the same as the content. If it is determined that they are the same, it is notified that the decrypted result and the content are authenticated, and if they are not the same, it is notified that the content may have been tampered with. To do. As a result, the web server device does not need to send its public key to the client device in advance, and the client device can easily authenticate whether the content has been tampered with without using a certification authority or the like. If the content has been tampered with, it is possible to know that the content has been tampered with when browsing a web page.

[0010]

DESCRIPTION OF THE PREFERRED EMBODIMENTS The present invention will be described below with reference to the drawings showing the embodiments thereof. FIG. 1 is a schematic diagram showing a connection form of a web server device 1 and a client device 2 which are computers according to the present invention to a network. The web server device 1 is connected to a large number of client devices 2, 2, ... Via the Internet 3. The web server device 1 outputs the content of the web page requested by the client device 2, and the client device 2 receives the content via the Internet 3 and browses the web page.

FIG. 2 is a block diagram showing the configuration of the web server device 1 according to the present invention. The web server device 1 is
The control unit 11, the storage unit 12, the RAM 13, the network interface 14, the input unit 15, the display unit 16 and the like are provided.

The RAM 13 is composed of SRAM, flash memory or the like, and temporarily stores data. The network interface 14 is an interface for outputting the content of a web page to a large number of client devices 2, 2, ... Via the Internet 3.

The input unit 15 is an input device such as a keyboard and receives input from the outside. The display unit 16 is CR
The operating state of the web server device 1 is displayed on a display device such as a T display or a liquid crystal display device.

The storage unit 12 is a storage device such as a hard disk, and has a program for creating a URL from a public key and an encryption program for creating a digital signature on a CD-ROM.
It is installed by a recording medium (not shown) such as a ROM. These programs are loaded into the RAM 13 and executed. In addition, the data of the contents (texts, drawings, etc.) that form the web page is stored.

The control unit 11 is composed of a CPU,
It is connected to the above-described hardware via the bus 17 and executes a computer program stored in the storage unit 12 which is necessary for the operation of the web server device 1 and performs a predetermined function.

FIG. 3 shows a client device 2 according to the present invention.
3 is a block diagram showing the configuration of FIG. Client device 2
Includes a control unit 21, a storage unit 22, a RAM 23, a network interface 24, an input unit 25, a display unit 26, and the like.

The RAM 23 is composed of SRAM, flash memory or the like, and temporarily stores data. The network interface 24 is an interface for connecting to the web server device 1 via the Internet 3 and receiving the content of a web page.

The input unit 25 is an input device such as a keyboard and receives input from the outside. The display unit 26 is CR
A display device such as a T display or a liquid crystal display device displays a web browser screen for browsing a web page.

The storage unit 22 is a storage device such as a hard disk, in which a program for generating a public key from a URL and a program for decrypting a digital signature are installed on a recording medium (not shown) such as a CD-ROM. These programs are loaded into the RAM 23 and executed.

The control unit 21 is composed of a CPU,
It is connected to the above-described hardware via the bus 27 and executes a computer program stored in the storage unit 22 necessary for the operation of the client device 2 to perform a predetermined function.

The encryption program for creating the digital signature in the web server device 1 and the decryption program for the digital signature in the client device 2 are methods using public key encryption, and the public key and the public key in the web server device 1 are used. Generate a private key that pairs with the public key in advance,
These keys are used for encryption and decryption. In the web server device 1, the hash value of the content data is calculated and the hash value is encrypted with the secret key to create a digital signature. In the client device 2, the digital signature is decrypted with the public key and returned to the hash value.

From the public key in the web server device 1 to U
The program for generating the RL and the program for generating the public key from the URL in the client device 2 are, for example, methods using a predetermined calculation, and the web server device 1
At, the URL is generated from the public key of itself by the above calculation. The client device 2 generates the public key by performing the inverse operation in the operation from the URL. Therefore, the web server device 1 does not need to send a copy of the public key to the client device 2 in advance.

FIG. 4 shows a web server device 1 according to the present invention.
4 is a flowchart showing a processing procedure of the control unit 11 of FIG.
The control unit 11 generates a URL from its public key (step S11). The hash value h of the data D forming the content of the web page is calculated (step S12), and the hash value h is calculated using the secret key of the web server device 1.
To create a digital signature S (step S1
3). The digital signature S is attached to the data D (step S14). The URL generated in step S11 and the content formed by the data D and the digital signature S are stored in association with each other (step S15), and the process ends.

The H of the contents shown in FIG.
In the TML format file, a digital signature is attached after the portion forming the web page.

FIG. 6 is a flowchart showing the processing procedure of the control unit 21 of the client device 2 according to the present invention. The control unit 21 requests the content for the URL (step S21), and receives the content formed of the data D'and the digital signature S (step S22).
A public key is generated from the URL (step S23).
The hash value h'of the data D'is obtained by calculation (step S24), the digital signature S is decrypted with the public key generated in step S23, and returned to the hash value h (step S25). It is determined whether the hash value h and the hash value h ′ are the same (step S26), and when they are the same (step S26: YES), the data D and the data D ′ are the same. The authentication is notified by an appropriate method (step S27), and the process ends. When it is determined in step S26 that the data D and the data D ′ are not the same (step S26: N0), the data D ′ is suspected of being tampered with by an appropriate method (step S28). , The process ends.

[0026]

According to the first and third aspects of the invention, the computer functions as a web server device, generates a URL from its own public key, and encrypts the content of the web page with its own secret key to digitally generate it. A signature is created, and the digital signature is attached to the content and stored in association with the URL. The second invention and the fourth invention
According to the invention, the computer functions as a client device for browsing a web page, receives the content of the web page corresponding to the URL, generates the public key from the URL, and attaches the public key to the content. The digital signature is decrypted by the public key, and it is determined whether or not the decrypted result is the same as the content. If it is determined that they are the same, it is notified that the decrypted result and the content are authenticated, and if they are not the same, it is notified that the content may have been tampered with. To do. As a result, the web server device does not need to send its public key to the client device in advance, and the client device can easily authenticate whether the content has been tampered with without using a certification authority or the like. Can be done
If the content has been tampered with, it can be known when the web page is browsed that the content has been tampered with.

[Brief description of drawings]

FIG. 1 is a schematic diagram showing a connection form of a web server device and a client device according to the present invention to a network.

FIG. 2 is a block diagram showing a configuration of a web server device according to the present invention.

FIG. 3 is a block diagram showing a configuration of a client device according to the present invention.

FIG. 4 is a flowchart showing a processing procedure of a control unit of the web server device according to the present invention.

FIG. 5 is a schematic diagram showing an example of content data of a web page according to the present invention.

FIG. 6 is a flowchart showing a processing procedure of a control unit of the client device according to the present invention.

[Explanation of symbols]

1 Web server device 11 Control unit 12 Memory 2 Client device 21 Control unit 22 Memory 3 Internet

   ─────────────────────────────────────────────────── ─── Continued front page    F-term (reference) 5B017 AA02 BA07 CA15 CA16                 5B082 GA11                 5B085 AE29 BE07 BG07                 5J104 AA09 LA03 LA05 NA02 NA12                       PA09

Claims (4)

[Claims] 1. Own own public and private keys, and
In a computer that stores the content of a web page, means for generating a URL from the public key, means for encrypting the data of the content using the secret key to create a digital signature, and the URL for the digital signature. And a means for storing the contents in association with the contents. 2. A means for generating a public key from a URL in a computer that connects to another computer that stores the content of a web page corresponding to a URL to receive the content and browse the web page, and the content. And a means for determining whether or not the result of the decoding by the decrypting means and the content are the same. Computer. 3. A computer program for a computer having its own public key and private key, for storing the content of a web page, the method comprising: causing the computer to generate a URL from the public key; A computer program characterized by executing a step of encrypting with a key to create a digital signature and a step of storing the URL in association with the content including the digital signature. 4. A computer program for a computer that connects to another computer that stores the content of a web page corresponding to a URL, receives the content, and browses the web page. Is generated, a decryption step of decrypting the digital signature included in the content with the public key, and a step of determining whether or not the result decrypted by the decryption step is the same as the content A computer program characterized by causing to execute.