JP2010136176A - Electronic signature system, authentication supporting server and ic card, and electronic signature method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an electronic signature system appropriate for preventing a document which the user does not intend, from being signed electronically. <P>SOLUTION: An authentication supporting server 100 generates a hash, on the basis of a document received from a user terminal 200; generates an electronic signature, on the basis of the generated hash and a private key of the authentication supporting server 100; and transmits the generated electronic signature and hash to the user terminal 200. The user terminal 200 transmits the document to the authentication support server 100 and transmits the electronic signature and hash received from the authentication support server 100, to an IC card 250. The IC card 250 verify the veracity of the hash, on the basis of the electronic signature and hash received from the user terminal 200 and a public key of the authentication supporting server 100, and generates an electronic signature, on the basis of the hash and a private key of the IC card 250, only when the verification is successful. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a system and method for performing an electronic signature, and a server and an IC card applied to the system and method, and in particular, an electronic signature system suitable for preventing an electronic signature from being performed on a document not intended by a user. The present invention relates to an authentication auxiliary server, an IC card, and an electronic signature method.

  FIG. 7 is a flowchart showing a conventional implementation procedure for an electronic signature using an IC card.

  Conventionally, as a technique for adding an electronic signature to a document using an IC card, as shown in FIG. 7, the user terminal or server software has hash information (hereinafter simply abbreviated as hash) of the signature target document. Is generated, the hash is transmitted to the IC card, and the IC card performs a signature operation on the hash by using a secret key held by the IC card.

As another technique for electronic signature using an IC card, for example, a technique described in Non-Patent Document 1 is known. The technology described in Patent Document 1 transmits a signature target document held by a user terminal to an IC card, and the IC card performs a signature operation on the signature target document to perform an electronic signature.
“Outline of electronic signature”, [online], Aichi Prefecture, [Searched on December 1, 2008], Internet <URL: http://www.pref.aichi.jp/joho/jpki/pki.html>

  In electronic signatures using IC cards, user terminals such as PCs are often used. However, since PCs are susceptible to attacks by viruses and malicious people, software and devices for user terminals are used. The driver may be tampered with. Specifically, in the user terminal, the software that transmits the hash or the device driver that is interposed between the software that transmits the hash and the IC card is illegally tampered. In such a case, it is assumed that an electronic signature is added to a document not intended by the user by transmitting a hash of the document not intended by the user to the IC card instead of the hash of the document to be signed.

  Therefore, in both the above-described conventional technology and the technology of Non-Patent Document 1, a malicious person uses a vulnerability such as a PC and the electronic signature of the user is added. Document ”could be available.

  Therefore, the present invention has been made paying attention to such an unsolved problem of the conventional technology, and is suitable for preventing an electronic signature from being applied to a document not intended by the user. It is an object of the present invention to provide a signature system, an authentication auxiliary server, an IC card, and an electronic signature method.

  [Invention 1] In order to achieve the above object, an electronic signature system of Invention 1 assists an IC card for electronic signature of a document, a user terminal to which the IC card is connected, and authentication by the IC card. An electronic signature system comprising an authentication auxiliary server, wherein the authentication auxiliary server includes a document receiving means for receiving a document from the user terminal, and the content of the document based on the document received by the document receiving means. Hash information generating means for generating hash information based thereon, first electronic signature generating means for generating an electronic signature based on the hash information generated by the hash information generating means and the secret key of the authentication auxiliary server, and the first electronic A first electronic signature that transmits the electronic signature generated by the signature generation means and the hash information generated by the hash information generation means to the user terminal The user terminal includes: a document transmission unit that transmits a document to the authentication auxiliary server; a first electronic signature reception unit that receives the electronic signature and the hash information from the authentication auxiliary server; Second electronic signature transmission means for transmitting the electronic signature and hash information received by the first electronic signature reception means to the IC card, wherein the IC card sends the electronic signature and hash information to the user terminal. Based on the second electronic signature receiving means received from the electronic signature and hash information received by the second electronic signature receiving means, and the public key of the authentication auxiliary server corresponding to the secret key, A digital signature verifying unit that verifies whether or not the certificate is generated by the authentication auxiliary server; Only when the authentication condition is satisfied, the second electronic signature generation unit generates an electronic signature based on the hash information and the secret key of the IC card.

  [Invention 2] Further, the electronic signature system of Invention 2 is the electronic signature system of Invention 1, wherein the authentication assistant server further uses a document received by the document receiving means by a user of the user terminal. A content confirmation requesting means for requesting confirmation of the content of the document to be transmitted to another user terminal; and a generation request receiving means for receiving an electronic signature generation request, wherein the first electronic signature generation means comprises: The electronic signature is generated when the generation request receiving means receives the generation request.

  [Invention 3] On the other hand, in order to achieve the above object, an authentication assistant server of Invention 3 is an authentication assistant server applied to the electronic signature system of Invention 1, and includes the document receiving means, the hash information generating means, The first electronic signature generation means and the first electronic signature transmission means.

  [Invention 4] On the other hand, in order to achieve the above object, an IC card of Invention 4 is an IC card applied to the electronic signature system of Invention 1, wherein the second electronic signature receiving means, the electronic signature verification means And a second electronic signature generation means.

  [Invention 5] On the other hand, in order to achieve the above object, an electronic signature method of Invention 5 includes an IC card for electronic signature of a document, a user terminal to which the IC card is connected, and authentication by the IC card. An electronic signature method for performing an electronic signature using an auxiliary authentication auxiliary server, comprising: a document transmission step for transmitting a document to the authentication auxiliary server for the user terminal; On the other hand, a document receiving step for receiving a document from the user terminal, a hash information generating step for generating hash information based on the contents of the document based on the document received in the document receiving step, and the hash information A first electronic signature generation step for generating an electronic signature based on the hash information generated in the generation step and the secret key of the authentication auxiliary server; A first electronic signature transmission step for transmitting the electronic signature generated in the electronic signature generation step and the hash information generated in the hash information generation step to the user terminal, and for the user terminal, A first electronic signature receiving step for receiving the electronic signature and the hash information from the authentication auxiliary server; and a second electronic signature transmitting step for transmitting the electronic signature and hash information received in the first electronic signature receiving step to the IC card. A second electronic signature receiving step for receiving the electronic signature and the hash information from the user terminal, and the electronic signature and hash information received in the second electronic signature receiving step for the IC card. And the hash information based on the public key of the authentication assistant server corresponding to the secret key. An electronic signature verification step for verifying whether or not the information is generated by the authentication auxiliary server, and only when a predetermined authentication condition including that verification was successful in the electronic signature verification step is satisfied A second electronic signature generation step for generating an electronic signature based on the hash information and the secret key of the IC card.

  As described above, according to the electronic signature system of the invention 1, the electronic signature of the authentication auxiliary server for the hash information is verified with the IC card, and the electronic signature is generated only when a predetermined authentication condition is satisfied. When the hash information is tampered with in the middle of being transmitted to the IC card, it is possible to prevent the electronic signature from being generated by the IC card. Therefore, as compared with the prior art, there is an effect that it is possible to reduce the possibility that an electronic signature is performed on a document that is not intended by the user.

  Furthermore, according to the electronic signature system of the second aspect, the contents of the document received by the authentication assistant server are not illegally tampered with, for example, by checking the contents of the document on the user terminal other than the user terminal. It is possible to prevent the user terminal software from deceiving the user by presenting contents different from the document transmitted to the authentication auxiliary server. Therefore, it is possible to further reduce the possibility that an electronic signature is applied to a document that is not intended by the user.

  On the other hand, according to the authentication auxiliary server of the invention 3, the IC card of the invention 4, or the electronic signature method of the invention 5, the same effect as the electronic signature system of the invention 1 can be obtained.

  Embodiments of the present invention will be described below with reference to the drawings. 1 to 6 are diagrams showing an embodiment of an electronic signature system, an authentication auxiliary server and an IC card, and an electronic signature method according to the present invention.

  First, an outline of functions of an electronic signature system to which the present invention is applied will be described.

  FIG. 1 is a functional block diagram showing an outline of functions of the electronic signature system.

  As shown in FIG. 1, the electronic signature system includes a user terminal 200 for use by a user, an IC card 250 that performs an electronic signature of a document, and an authentication auxiliary server 100 that assists authentication by the IC card 250. Configured.

  The authentication auxiliary server 100 and the user terminal 200 are connected via a network 199 such as the Internet. Further, the IC card 250 is connected to the user terminal 200 via a card reader or the like.

  The network 199 is further connected to a relay station 320 that relays communication with the network 199. The relay station 320 is connected to a plurality of base stations 310 that perform wireless communication with the mobile terminal 300 used by the user of the user terminal 200.

  The authentication auxiliary server 100 includes a secret key storage unit 10 that stores the secret key of the authentication auxiliary server 100, a document reception unit 12 that receives a document from the user terminal 200, and confirmation of the content of the document received by the document reception unit 12. The content confirmation requesting unit 14 that requests the portable terminal 300 and the generation request receiving unit 16 that receives an electronic signature generation request from the portable terminal 300 are configured.

  The authentication auxiliary server 100 further includes a hash generation unit 18 that generates a hash of the document received by the document reception unit 12 and a hash generated by the hash generation unit 18 when the generation request reception unit 16 receives the generation request. An electronic signature generation unit 20 that generates an electronic signature based on the private key in the private key storage unit 10, an electronic signature generated by the electronic signature generation unit 20 and a hash generated by the hash generation unit 18 are transmitted to the user terminal 200. And an electronic signature transmission unit 22.

  The authentication auxiliary server 100 is managed in a high security environment, and its operation is sufficiently reliable.

  The user terminal 200 includes a document storage unit 30 that stores a document to be signed, and a document transmission unit 32 that transmits the document stored in the document storage unit 30 to the authentication assistant server 100. Here, the document includes, for example, text data, image data, moving image data, audio data, a program, and other digitized data.

  The user terminal 200 further includes an electronic signature receiver 34 that receives an electronic signature and hash from the authentication assistant server 100, and an electronic signature transmitter that transmits the electronic signature and hash received by the electronic signature receiver 34 to the IC card 250. 36, an electronic signature receiving unit 38 that receives an electronic signature from the IC card 250, and an electronic signature adding unit 40 that adds the electronic signature received by the electronic signature receiving unit 38 to a document.

  The IC card 250 includes a public key storage unit 50 that stores the public key of the authentication auxiliary server 100, a secret key storage unit 52 that stores the secret key (user secret key) of the IC card 250, and the user terminal 200. An electronic signature receiving unit 54 that receives an electronic signature and a hash, and an electronic signature verification unit 56 that verifies the authenticity of the hash based on the electronic signature received by the electronic signature receiving unit 54 and the public key of the public key storage unit 50. It is configured.

  The IC card 250 further generates an electronic signature based on the hash received by the electronic signature receiving unit 54 and the private key of the private key storage unit 52 only when the verification by the electronic signature verification unit 56 is successful. And an electronic signature transmission unit 60 that transmits the electronic signature generated by the electronic signature generation unit 58 to the user terminal 200.

  Next, the configuration of the authentication auxiliary server 100 will be described.

  FIG. 2 is a block diagram illustrating a hardware configuration of the authentication auxiliary server 100.

  As shown in FIG. 2, the authentication auxiliary server 100 reads out from the CPU 70 that controls the operation and the whole system based on the control program, the ROM 72 that stores the control program of the CPU 70 in a predetermined area, the ROM 72, and the like. It is composed of a RAM 74 for storing data and calculation results required in the calculation process of the CPU 70, and an I / F 78 that mediates input / output of data to / from an external device, and these are used for transferring data. They are connected to each other via a bus 79 which is a signal line so as to be able to exchange data.

  The I / F 78 includes, as external devices, an input device 80 including a keyboard and a mouse that can input data as a human interface, a storage device 82 that stores data, tables, and the like as files, and a screen based on image signals. Is connected to a signal line for connecting to the network 199. Here, the storage device 82 is configured as the secret key storage unit 10.

  The CPU 70 includes a microprocessing unit or the like, activates a predetermined program stored in a predetermined area of the ROM 72, and executes the authentication assisting process shown in the flowchart of FIG. 3 according to the program.

  FIG. 3 is a flowchart showing the authentication assistance process.

  When the authentication assistant process is executed in the CPU 70, as shown in FIG. 3, first, the process proceeds to step S100.

  In step S100, it is determined whether or not a document is received from the user terminal 200. When it is determined that the document is received (Yes), the process proceeds to step S102, but when it is determined that the document is not received (No). The process waits in step S100 until a document is received.

  In step S102, the received document is transmitted to the mobile terminal 300, the confirmation of the content of the document is requested, the process proceeds to step S104, it is determined whether a generation request is received from the mobile terminal 300, and the generation request (Yes), the process proceeds to step S106.

  In step S106, based on the received document, a hash of the document is generated by a known hash function, and the process proceeds to step S108, where the secret key of the authentication auxiliary server 100 is read from the storage device 82, and the generated hash and read An electronic signature is generated based on the private key. Specifically, the electronic signature can be generated by performing a signature operation on the hash with a secret key by a public key encryption method.

  Next, the process proceeds to step S110, where the generated electronic signature and hash are transmitted to the user terminal 200, and a series of processing is terminated and the original processing is restored.

  On the other hand, if it is determined in step S104 that the generation request is not received (No), the process proceeds to step S112, and whether or not a predetermined time has elapsed (timed out) after requesting the mobile terminal 300 to confirm the contents. If it is determined that a time-out has occurred (Yes), the series of processing is terminated and the original processing is restored.

  On the other hand, when it is determined in step S112 that the timeout has not occurred (No), the process proceeds to step S104.

  Next, the configuration of the user terminal 200 will be described.

  Similarly to the authentication auxiliary server 100, the user terminal 200 is configured by connecting a CPU, a ROM, a RAM, and an I / F via a bus. The I / F includes an input device, a storage device, a display device, and a network 199. A signal line for connecting to is connected. Here, the storage device is configured as the document storage unit 30.

  The CPU activates a predetermined program stored in a predetermined area of the ROM, and executes the electronic signature request process shown in the flowchart of FIG. 4 according to the program.

  FIG. 4 is a flowchart showing the electronic signature request process.

  The electronic signature request process is a process for requesting the IC card 250 to generate an electronic signature. When the electronic signature request process is executed by the CPU, the process first proceeds to step S200 as shown in FIG.

  In step S200, the document to be signed is read from the storage device, the process proceeds to step S202, the read document is transmitted to the authentication assistant server 100, and the process proceeds to step S204.

  In step S204, it is determined whether or not the electronic signature and hash are received from the authentication assistant server 100. When it is determined that the electronic signature and hash are received (Yes), the process proceeds to step S206, but it is determined that it is not so. If (No), the process waits in step S204 until an electronic signature and a hash are received.

  In step S206, the received electronic signature and hash are transmitted to the IC card 250, and the process proceeds to step S208.

  In step S208, it is determined whether or not an electronic signature has been received from the IC card 250. When it is determined that the electronic signature has been received (Yes), the process proceeds to step S210, but when it is determined that it is not (No). Waits in step S208 until an electronic signature is received.

  In step S210, the received electronic signature is added to the document to be signed, a series of processing is terminated, and the original processing is restored.

  Next, the configuration of the IC card 250 will be described.

  The IC card 250 is configured by incorporating an IC chip including an arithmetic circuit, a memory, and a communication circuit. Here, the memory is configured as a public key storage unit 50 and a secret key storage unit 52.

  The arithmetic circuit starts a predetermined program stored in a predetermined area of the memory, and executes the electronic signature generation process shown in the flowchart of FIG. 5 according to the program.

  FIG. 5 is a flowchart showing the electronic signature generation process.

  The electronic signature generation process is a process for generating an electronic signature in response to a request from the user terminal 200. When the electronic signature generation process is executed in the arithmetic circuit, as shown in FIG. 5, the process first proceeds to step S300.

  In step S300, it is determined whether or not the electronic signature and hash have been received from the user terminal 200. When it is determined that the electronic signature and hash have been received (Yes), the process proceeds to step S302, but it is determined that this is not the case. If (No), the process waits in step S300 until an electronic signature and a hash are received.

  In step S302, the public key of the authentication assistant server 100 is read from the memory, and a hash is acquired based on the received electronic signature and the read public key. Specifically, this hash can be obtained by performing a signature operation on the electronic signature with the public key by a publicly known public key cryptosystem.

  Next, the process proceeds to step S304, where it is determined whether or not the hash received in step S300 matches the hash acquired in step S302. If it is determined that they match (Yes), the process proceeds to step S306. To do.

  In step S306, the private key of the IC card 250 is read from the memory, and an electronic signature is generated based on the received hash and the read private key. Specifically, the electronic signature can be generated by performing a signature operation on the hash with a secret key by a public key encryption method as in step S108.

  Next, the process proceeds to step S308, where the generated electronic signature is transmitted to the user terminal 200, and a series of processes is terminated and the original process is restored.

  On the other hand, if it is determined in step S304 that the hashes do not match (No), the series of processes is terminated and the original process is restored.

  Next, the operation of the present embodiment will be described.

  FIG. 6 is a flowchart showing an implementation procedure according to the present embodiment for an electronic signature using the IC card 250.

  First, the user creates a document to be signed at the user terminal 200 and stores it in the storage device 82 as shown in FIG. In the user terminal 200, when a document is created, the document in the storage device 82 is read out and transmitted to the authentication assistant server 100 through steps S200 and S202.

  When the authentication auxiliary server 100 receives the document, the received document is transmitted to the portable terminal 300 for content confirmation through step S102.

  In the portable terminal 300, when a document is received, the received document is displayed and the user is requested to confirm the contents. On the other hand, when the user confirms that the content of the displayed document matches the content of the document created by the user, the user inputs a request for generating an electronic signature in the portable terminal 300.

  In the portable terminal 300, when a request for generating an electronic signature is input, an electronic signature generation request is transmitted to the authentication assistant server 100.

  When receiving the generation request, the authentication auxiliary server 100 generates a hash of the received document through steps S106 and S108, and generates an electronic signature based on the generated hash and the secret key of the authentication auxiliary server 100. Then, through step S110, the generated electronic signature and hash are transmitted to the user terminal 200.

  Next, at the user terminal 200, the user inserts the IC card 250 into a card reader or the like, and establishes connection with the IC card 250 by PIN authentication using a PIN code. When the user terminal 200 receives the electronic signature and hash with the connection established, the received electronic signature and hash are transmitted to the IC card 250 through step S206.

  When the IC card 250 receives the electronic signature and hash, the hash is acquired based on the received electronic signature and the public key of the authentication auxiliary server 100 through step S302. At this time, if the received hash matches the acquired hash, an electronic signature is generated based on the received hash and the private key of the IC card 250 through step S306. Then, through step S308, the generated electronic signature is transmitted to the user terminal 200.

  When receiving the electronic signature, the user terminal 200 adds the received electronic signature to the document through step S210. The document with the electronic signature added is stored in a storage device or transmitted to another terminal as necessary.

  On the other hand, if the hash has been tampered with in the middle of being transmitted to the IC card 250, the IC card 250 determines that the received hash and the acquired hash do not match, so an electronic signature is not generated.

  In this way, in the present embodiment, the authentication auxiliary server 100 generates a hash based on the document received from the user terminal 200, and generates an electronic signature based on the generated hash and the secret key of the authentication auxiliary server 100. The generated electronic signature and hash are transmitted to the user terminal 200. The user terminal 200 transmits the document to the authentication auxiliary server 100, and the electronic signature and hash received from the authentication auxiliary server 100 are stored in the IC card 250. Then, the IC card 250 verifies the authenticity of the hash based on the electronic signature and hash received from the user terminal 200 and the public key of the authentication auxiliary server 100, and only when the verification is successful, the hash and IC An electronic signature is generated based on the secret key of the card 250.

  As a result, the electronic signature of the authentication auxiliary server 100 for the hash is verified by the IC card 250, and the electronic signature is generated only when the verification is successful, so that the hash is tampered with in the middle of being transmitted to the IC card 250. In this case, it is possible to prevent an electronic signature from being generated by the IC card 250. Therefore, the possibility that an electronic signature is performed on a document that is not intended by the user can be reduced as compared with the conventional case.

  Furthermore, in this embodiment, the authentication assistant server 100 requests the mobile terminal 300 to confirm the content of the received document, and generates an electronic signature when a generation request is received from the mobile terminal 300.

  As a result, the content of the document received by the authentication assistant server 100 is confirmed not by the user terminal 200 but by the user's portable terminal 300, so that, for example, the software of the user terminal 200 that has been tampered with is authenticated. It is possible to prevent the user from being deceived by presenting contents different from the document transmitted to the auxiliary server 100. Therefore, it is possible to further reduce the possibility that an electronic signature is performed on a document not intended by the user.

  In the above embodiment, the mobile terminal 300 corresponds to the other user terminal of the invention 2, the document receiving unit 12 corresponds to the document receiving means of the inventions 1 to 3, and the content confirmation requesting unit 14 is the invention 2 The generation request receiving unit 16 corresponds to the generation request receiving unit of the second aspect. The hash generation unit 18 corresponds to the hash information generation unit of the invention 1 or 3, the electronic signature generation unit 20 corresponds to the first electronic signature generation unit of the inventions 1 to 3, and the electronic signature transmission unit 22 Corresponding to the first electronic signature transmission means of the invention 1 or 3, the document transmission section 32 corresponds to the document transmission means of the invention 1.

  In the above embodiment, the electronic signature receiving unit 34 corresponds to the first electronic signature receiving unit of the first aspect, and the electronic signature transmitting unit 36 corresponds to the second electronic signature transmitting unit of the first aspect. The receiving unit 54 corresponds to the second electronic signature receiving unit of the invention 1 or 4, and the electronic signature verification unit 56 corresponds to the electronic signature verification unit of the invention 1 or 4. The electronic signature generation unit 58 corresponds to the second electronic signature generation means of the invention 1 or 4, the step S100 corresponds to the document reception step of the invention 5, and the step S106 corresponds to the hash information generation step of the invention 5. Correspondingly, step S108 corresponds to the first electronic signature generation step of the fifth aspect.

  In the above embodiment, step S110 corresponds to the first electronic signature transmission step of invention 5, step S202 corresponds to the document transmission step of invention 5, and step S204 corresponds to the first electronic signature of invention 5. Corresponding to the reception step, step S206 corresponds to the second electronic signature transmission step of the invention 5. Step S300 corresponds to the second electronic signature receiving step of invention 5, steps S302 and S304 correspond to the electronic signature verification step of invention 5, and step S306 corresponds to the second electronic signature generation step of invention 5. It corresponds.

  In the above embodiment, the generation request for the electronic signature is configured to be transmitted from the portable terminal 300. However, the present invention is not limited to this, and the request may be configured to be transmitted from the user terminal 200.

  In the above embodiment, the portable terminal 300 is used to check the contents of the document. However, the present invention is not limited to this, and any terminal other than the user terminal 200 may be a user's FAX machine, PC, or other device. A terminal can also be used.

  In the above embodiment, a hash is used as information for proving the content of the document. However, the present invention is not limited to this, and a checksum, a CRC (Cyclic Redundancy Check) code value, a Hamming code, other error detection codes, Any other information can be used as long as it can prove the contents of the document.

  In the above embodiment, the IC card 250 is configured to generate an electronic signature only when verification is successful. However, the present invention is not limited to this, and other authentication conditions are satisfied in addition to successful verification. Sometimes it can be configured to generate an electronic signature. In other words, the authentication condition for generating the electronic signature only needs to include that at least the verification is successful.

  In the above embodiment, the authentication assistant server 100 is configured to transmit the hash to the user terminal 200. However, the present invention is not limited to this, and instead of the hash, the document or other information necessary for generating the hash is transmitted. The user terminal 200 or the IC card 250 can generate a hash based on the information, and the IC card 250 can be configured to perform verification based on the generated hash and electronic signature.

It is a functional block diagram which shows the function outline | summary of an electronic signature system. 2 is a block diagram illustrating a hardware configuration of an authentication auxiliary server 100. FIG. It is a flowchart which shows an authentication assistance process. It is a flowchart which shows an electronic signature request process. It is a flowchart which shows an electronic signature production | generation process. 5 is a flowchart showing an implementation procedure according to the present embodiment for an electronic signature using an IC card 250. It is a flowchart which shows the conventional implementation procedure about the electronic signature using an IC card.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 ... Authentication assistance server, 200 ... User terminal, 300 ... Portable terminal, 310 ... Base station, 320 ... Relay station, 10, 52 ... Secret key memory | storage part, 12 ... Document receiving part, 14 ... Content confirmation request part, 16 ... Generation request reception unit 18 ... Hash generation unit 20,58 ... Digital signature generation unit 22,36,60 ... Digital signature transmission unit 30 ... Document storage unit 32 ... Document transmission unit 34,38, 54 ... Electronic signature receiving unit, 40 ... Electronic signature adding unit, 50 ... Public key storage unit, 56 ... Electronic signature verification unit, 70 ... CPU, 72 ... ROM, 74 ... RAM, 78 ... I / F, 80 ... Input device, 82 ... Storage device 84 ... Display device 199 ... Network

Claims (5)

An electronic signature system comprising an IC card for electronic signature of a document, a user terminal connected to the IC card, and an authentication auxiliary server for assisting authentication by the IC card,
The authentication auxiliary server is:
Document receiving means for receiving a document from the user terminal;
Hash information generating means for generating hash information based on the contents of the document based on the document received by the document receiving means;
First electronic signature generation means for generating an electronic signature based on the hash information generated by the hash information generation means and the secret key of the authentication auxiliary server;
First electronic signature transmission means for transmitting the electronic signature generated by the first electronic signature generation means and the hash information generated by the hash information generation means to the user terminal;
The user terminal is
Document transmission means for transmitting a document to the authentication auxiliary server;
First electronic signature receiving means for receiving the electronic signature and the hash information from the authentication auxiliary server;
Second electronic signature transmission means for transmitting the electronic signature and hash information received by the first electronic signature reception means to the IC card;
The IC card is
Second electronic signature receiving means for receiving the electronic signature and the hash information from the user terminal;
Whether the hash information is generated by the authentication assistant server based on the electronic signature and hash information received by the second electronic signature receiver and the public key of the authentication assistant server corresponding to the secret key Electronic signature verification means for verifying whether or not,
A second electronic signature generation means for generating an electronic signature based on the hash information and the private key of the IC card only when a predetermined authentication condition including that the verification by the electronic signature verification means is successful is established; An electronic signature system comprising: In claim 1,
The authentication auxiliary server further includes:
A content confirmation requesting means for transmitting a document received by the document receiving means to another user terminal used by a user of the user terminal and requesting confirmation of the content of the document;
Generation request receiving means for receiving an electronic signature generation request;
The electronic signature system, wherein the first electronic signature generation unit generates the electronic signature when the generation request reception unit receives the generation request. An authentication auxiliary server applied to the electronic signature system according to claim 1,
An authentication auxiliary server comprising the document receiving means, the hash information generating means, the first electronic signature generating means, and the first electronic signature transmitting means. An IC card applied to the electronic signature system according to claim 1,
An IC card comprising the second electronic signature receiving means, the electronic signature verification means, and the second electronic signature generation means. An electronic signature method for performing an electronic signature using an IC card that performs electronic signature of a document, a user terminal to which the IC card is connected, and an authentication auxiliary server that assists authentication by the IC card,
For the user terminal,
A document transmission step of transmitting a document to the authentication assistant server,
For the authentication auxiliary server,
A document receiving step of receiving a document from the user terminal;
A hash information generating step for generating hash information based on the content of the document based on the document received in the document receiving step;
A first electronic signature generation step for generating an electronic signature based on the hash information generated in the hash information generation step and the secret key of the authentication auxiliary server;
A first electronic signature transmission step of transmitting the electronic signature generated in the first electronic signature generation step and the hash information generated in the hash information generation step to the user terminal,
For the user terminal,
A first electronic signature receiving step of receiving the electronic signature and the hash information from the authentication auxiliary server;
A second electronic signature transmission step of transmitting the electronic signature and hash information received in the first electronic signature reception step to the IC card,
For the IC card,
A second electronic signature receiving step of receiving the electronic signature and the hash information from the user terminal;
Whether the hash information is generated by the authentication assistant server based on the electronic signature and hash information received in the second electronic signature reception step and the public key of the authentication assistant server corresponding to the secret key An electronic signature verification step for verifying whether or not,
A second electronic signature generation step of generating an electronic signature based on the hash information and the private key of the IC card only when a predetermined authentication condition including that the verification is successful in the electronic signature verification step is satisfied An electronic signature method comprising:

Images