JP5734095B2 - Terminal device, server device, electronic certificate issuing system, electronic certificate receiving method, electronic certificate transmitting method, and program - Google Patents

Description

  The present invention relates to an electronic certificate issuing system, a terminal device, a server device, and a program for issuing an electronic certificate (where an electronic certificate is generated and the generated electronic certificate is transmitted as “electronic certificate Will be issued ").

There is a system in which a terminal device is arranged at a remote place and a server device remotely monitors the terminal device and delivers contents.
In such a system, when connecting to a server device via a public network (for example, the Internet), the terminal device needs to authenticate whether the connection destination server device is really a server device to be connected. Further, the server device needs to authenticate whether the connected terminal device is really a terminal device that should provide the service. That is, the terminal device and the server device need to authenticate each other (hereinafter, the mutual authentication between the terminal device and the server device is referred to as mutual authentication).
In particular, when the terminal device is an embedded device, the terminal device and the server device need to perform mutual authentication without human intervention.

  As a method of performing mutual authentication without human intervention, there is a method using a mutual authentication / key sharing protocol such as SSL (Secure Socket Layer) / TLS (Transport Layer Security) (for example, see Non-Patent Document 1).

  According to Non-Patent Document 1, it is necessary for the server device and the terminal device to issue electronic certificates to both. The electronic certificate is issued by a certificate authority (CA) operated by a trusted third party. Also, the certificate authority certificate (root certificate) needs to be preinstalled in both the server device and the terminal device in advance.

  When requesting issuance of an electronic certificate to a certificate authority operated by a third party organization, an issuance cost is incurred for each electronic certificate. When the number of terminal devices connected to the server device, that is, the number of clients increases, the issuance cost of the electronic certificate increases in proportion to the increase in the number of clients. In addition, since the expiration date of the electronic certificate is 1 to 2 years, the issuing cost is generated every 1 to 2 years.

  For this reason, in order to reduce the cost of issuing an electronic certificate, companies that use server devices and terminal devices independently do not request a certificate authority operated by a third party to issue an electronic certificate. It is necessary to realize the function of a certificate authority, that is, issue of an electronic certificate. At that time, since the root certificate of the certificate authority that has been realized also has an expiration date, the certificate authority that has been uniquely realized must provide the root certificate to the server device and terminal device that issue the electronic certificate. It is also necessary to update.

When implementing the functions of a certificate authority independently, “preventing certificate issuance to unauthorized terminal devices by impersonation” and “safe installation of various certificates on remote terminal devices” are issues. .
The root certificate of the certificate authority operated by a third party is distributed by an update function provided by an operating system (OS) between the server device and the terminal device. On the other hand, when the function of the certificate authority is uniquely realized, the certificate authority uniquely realized cannot use the update function of the OS.

  A method for performing “secure installation of various certificates to a terminal device at a remote location” is disclosed in Patent Document 1. Further, Patent Document 2 discloses a method of sharing resources by operating certificates independently.

  Further, Patent Document 3 discloses a method in which a communication device automatically issues an electronic certificate without relying on a certificate authority operated by a third party organization. Japanese Patent Laid-Open No. 2004-228688 shows a technique for enabling the self-signed certificate to be verified on the client side by signing the self-signed certificate with an ID-based signature (Identity-Based Signature).

JP 2005-332031 A JP 2004-164638 A WO 2010/067812

The TLS Protocol Version 1.0 RFC2246

According to Patent Document 1, a terminal device at a remote location is connected to a certificate authority (equipment that issues (maintains) an electronic certificate) that is uniquely realized, and is authenticated with a password, and then encrypted with a password. Decrypt and install the root certificate. However, the password must be entered manually, and a great deal of labor is required when there are many terminal devices.
In addition, the password must be registered in advance in a certificate authority (equipment that issues (maintains) an electronic certificate) that has been independently realized, and the terminal device and the certificate authority that has been uniquely realized communicate securely when registering the password. Need to do.

  According to Patent Document 2, a certificate authority that is uniquely realized needs to perform secure communication in order to deliver an electronic certificate to a remote terminal device.

  According to Patent Document 3, a terminal device (client) in a remote place needs to incorporate in advance a verification program for an electronic certificate issued by a certificate authority that is uniquely realized.

  The main object of the present invention is to solve the above-mentioned problems.For example, without the need for manual intervention, it is not necessary to incorporate an electronic certificate verification program in the terminal device in advance, and by secure communication, The main purpose is to realize an electronic certificate issuing system for issuing an electronic certificate.

The terminal device according to the present invention is
Received from the server device an electronic certificate and a program with an electronic signature for verifying whether the electronic certificate is an electronic certificate generated by the server device A communication unit
A certificate authority certificate storage unit for storing, as a certificate authority certificate, a certificate generated by a certificate authority and certifying that the certificate verification program is authenticated by the certificate authority;
An electronic signature is generated from a certificate authority certificate stored in the certificate authority certificate storage unit, and an electronic signature of a certificate verification program received by the communication unit is generated from the certificate authority certificate; The certificate received by the communication unit is verified if the digital signature of the certificate verification program received by the communication unit matches the electronic signature generated from the certificate authority certificate. A verification execution unit that executes a certificate verification program to verify whether the electronic certificate received by the communication unit is an electronic certificate generated by the server device.

Moreover, the server device according to the present invention provides:
A certificate verification program for storing a certificate verification program for verifying a generation source of an electronic certificate at a transmission destination of the electronic certificate, which is a program with an electronic signature added with an electronic signature generated by a certificate authority A storage unit;
An electronic certificate generation unit for generating an electronic certificate;
And a communication unit that transmits the certificate verification program stored in the certificate verification program storage unit and the electronic certificate generated by the electronic certificate generation unit to a transmission destination.

  The terminal device and the server device according to the present invention are, for example, an electronic certificate that issues an electronic certificate through secure communication, without the need to incorporate an electronic certificate verification program into the terminal device in advance without human intervention. Realize issuing system.

FIG. 3 shows the first embodiment and shows a configuration of an electronic certificate issuing system. FIG. 5 shows the first embodiment, and shows an example of the appearance of the terminal device 100. FIG. 5 shows the first embodiment, and shows an example of hardware resources of the terminal device 100. FIG. 3 shows the first embodiment, and shows a configuration of a terminal device 100 and a server device 200. FIG. 6 shows the first embodiment, and shows a flow when issuing an electronic certificate generated by the server device 200 to the terminal device 100. FIG. 5 shows the first embodiment and shows processing in the server apparatus 200. FIG. 5 shows the first embodiment and shows processing in the terminal device 100. FIG. 5 shows the second embodiment and shows the configuration of the terminal device 100 and the server device 200. The figure which shows Embodiment 2 and the figure which shows the flow at the time of issuing the electronic certificate which the server apparatus 200 produced | generated to the terminal device 100 based on the request | requirement of the terminal device 100. FIG. 10 shows the second embodiment and shows processing in the terminal device 100. FIG. 10 shows the second embodiment and shows processing in the server apparatus 200. FIG. 10 shows the third embodiment and shows processing in the terminal device 100. FIG. 10 shows the third embodiment and shows processing in the server apparatus 200.

Embodiment 1 FIG.
(Outline of electronic certificate issuing system)
FIG. 1 is a diagram showing a configuration of an electronic certificate issuing system.
In the electronic certificate issuance system, a service center 201 that issues an electronic certificate and a base 101 that uses the issued electronic certificate are connected by, for example, the Internet 940. The base 101 is a remote place that is geographically distant from the service center 201, for example. There may be a plurality of bases 101, and the plurality of bases 101 may be connected to one service center 201.
The service center 201 includes a server device 200 that issues an electronic certificate. The server device 200 is also referred to as a certificate issuing server that issues an electronic certificate.
A terminal device 100 is arranged at the base 101. One or a plurality of terminal devices 100 are arranged for one base 101. The terminal device 100 is also referred to as a client (client device) for the server device 200.
That is, it can be said that the electronic certificate issuing system includes the terminal device 100 and the server device 200.

The server device 200 issues various electronic certificates to the terminal device 100.
The types of electronic certificates issued by the server device 200 are a server certificate, a client certificate, and a root certificate.
The root certificate is a certificate that is a major security system using an electronic certificate that certifies the server device 200 itself.
The server certificate and the client certificate are certificates for authenticating the server or client (details will be described later). The root certificate (or an intermediate certificate issued by a certificate authority that can be verified by the root certificate) is required for verifying the server certificate and the client certificate.

(Overview of hardware configuration of terminal device 100 and server device 200)
Next, an outline of a hardware configuration of the terminal device 100 and the server device 200 will be described with reference to FIGS. 2 and 3.
Here, the server device 200 is configured by the same hardware as the terminal device 100. Therefore, only the example of the hardware configuration of the terminal device 100 will be described here, and the description of the hardware configuration of the server device 200 will be omitted.
That is, although explanation is omitted, the server device 200 is configured by hardware as shown in FIGS.
In the following description, when it is necessary to individually distinguish hardware between the terminal device 100 and the server device 200, for example, the display device of the terminal device 100 is “display device 901a”, and the server device 200 The display device is identified as “display device 901b” by adding “a” to the hardware and software constituting the terminal device 100 and adding “b” to the hardware and software constituting the server device 200.

FIG. 2 is a diagram illustrating an example of an appearance of the terminal device 100 according to the first embodiment.
2, the terminal device 100 includes a system unit 910, a display device 901 having a CRT (Cathode / Ray / Tube) or LCD (liquid crystal) display screen, a keyboard 902 (Key / Board: K / B), a mouse 903, Hardware resources such as an FDD 904 (Flexible Disk Drive), a compact disk device 905 (CDD), a printer device 906, and a scanner device 907 are provided, and these are connected by cables and signal lines.
The system unit 910 is a computer, and is connected to the facsimile machine 932 and the telephone 931 via a cable, and is connected to the Internet 940 via a local area network 942 (LAN) and a gateway 941.

FIG. 3 is a diagram illustrating an example of hardware resources of the terminal device 100 according to the first embodiment.
In FIG. 3, the terminal device 100 includes a CPU 911 (also referred to as a central processing unit, a central processing unit, a processing unit, an arithmetic unit, a microprocessor, a microcomputer, or a processor) that executes a program. The CPU 911 is connected to the ROM 913, the RAM 914, the communication board 915, the display device 901, the keyboard 902, the mouse 903, the FDD 904, the CDD 905, the printer device 906, the scanner device 907, and the magnetic disk device 920 via the bus 912, and the hardware. Control the device. Instead of the magnetic disk device 920, a storage device such as an SSD (Solid State Drive), an optical disk device, or a memory card read / write device may be used.
The RAM 914 is an example of a volatile memory. The storage media of the ROM 913, the FDD 904, the CDD 905, and the magnetic disk device 920 are an example of a nonvolatile memory. These are examples of a storage device or a storage unit.
The communication board 915, the keyboard 902, the scanner device 907, the FDD 904, and the like are examples of an input unit and an input device.
Further, the communication board 915, the display device 901, the printer device 906, and the like are examples of an output unit and an output device.

The communication board 915 is connected to the facsimile machine 932, the telephone 931, the LAN 942, and the like. The communication board 915 is not limited to the LAN 942 and may be connected to a WAN (wide area network) such as the Internet 940. When connected to a WAN such as the Internet 940, the gateway 941 is unnecessary.
The magnetic disk device 920 stores an operating system 921 (OS), a window system 922, a program group 923, and a file group 924. The programs in the program group 923 are executed by the CPU 911, the operating system 921, and the window system 922.

The program group 923 stores programs for executing functions described as “˜unit” (excluding “˜storage unit”) in the description of the embodiment described below. Further, a certificate verification program 508, a certificate issuance request signature program 505, and a certificate issuance request generation program 509 described later are stored in the program group 923a of the terminal device 100. Further, a certificate verification program 508, a certificate information generation program 550, a certificate issuance request verification program 506, a certificate information signature program 507, and a certificate generation program 514, which will be described later, are stored in the program group 923b of the server device 200. . The program is read and executed by the CPU 911.
The file group 924 includes information, data, signal values, variable values, and parameters that are described as “determination results of”, “calculation results of”, and “processing results of” in the description of the embodiments described below. Are stored as items of “file” and “database”. The “file” and “database” are stored in a recording medium such as a disk or a memory. Information, data, signal values, variable values, and parameters stored in a storage medium such as a disk or memory are read out to the main memory or cache memory by the CPU 911 via a read / write circuit, and extracted, searched, referenced, compared, and calculated. Used for CPU operations such as calculation, processing, output, printing, display, command, verification, execution, and storage. Information, data, signal values, variable values, and parameters are stored in the main memory and during the CPU operations of extraction, search, reference, comparison, operation, calculation, processing, output, printing, display, command, verification, execution, and storage. It is temporarily stored in the cache memory or buffer memory.
In addition, the arrows in the flowcharts described in the following description of the embodiments mainly indicate input / output of data and signals. The data and signal values are the RAM 914 memory, the FDD 904 flexible disk, the CDD 905 compact disk, and the magnetic field. The data is recorded on a recording medium such as a magnetic disk of the disk device 920, another optical disk, a mini disk, and a DVD (Digital Versatile Disk). Data and signals are transmitted online via a bus 912, signal lines, cables, or other transmission media.

  In addition, what is described as “to part” in the description of the embodiment described below may be “to circuit”, “to device”, “to device”, “means”, and “to step”. ”,“ ˜procedure ”, or“ ˜processing ”. What is described as “˜unit” (excluding “˜storage unit”) may be realized by firmware stored in the ROM 913. Alternatively, it may be implemented only by software, or only by hardware such as elements, devices, substrates, and wirings, by a combination of software and hardware, or by a combination of firmware. Firmware and software are stored as programs in a recording medium such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, and a DVD. The program is read by the CPU 911 and executed by the CPU 911. That is, programs (a certificate verification program 508, a certificate issuance request signature program 505, a certificate issuance request generation program 509, a certificate verification program 508, a certificate information generation program 550, a certificate issuance request verification program 506, a certificate) The certificate information signing program 507 and the certificate generation program 514) allow the computer to function as “to part” (excluding “to storage part”) described below. Alternatively, a procedure or method of “˜unit” (excluding “˜storage unit”) described below is executed by a computer.

(Configuration of terminal device 100 and server device 200)
FIG. 4 is a diagram illustrating the configuration of the terminal device 100 and the server device 200.
The terminal device 100 includes a terminal storage unit 130, a terminal control unit 110, and a terminal communication unit 120.
Here, the terminal storage unit 130 corresponds to a certificate authority certificate storage unit. The terminal control unit 110 corresponds to a verification execution unit. Further, the terminal communication unit 120 corresponds to the communication unit of the terminal device 100.
The terminal storage unit 130 is realized by a storage device such as the magnetic disk device 920 shown in FIG. 3, for example, the terminal control unit 110 is realized by the CPU 911 shown in FIG. 3, for example, and the terminal communication unit 120 is shown in FIG. This is realized by the communication board 915.

The server device 200 includes a server storage unit 230, a server control unit 210, and a server communication unit 220.
Here, the server storage unit 230 corresponds to a certificate verification program storage unit and a server specific information storage unit. The server control unit 210 corresponds to an electronic certificate generation unit. Further, the server communication unit 220 corresponds to the communication unit of the server device 200.
As described above, the server storage unit 230 is configured by hardware as illustrated in FIG. 2 and FIG. That is, the server storage unit 230 is realized by a storage device similar to the storage device such as the magnetic disk device 920 shown in FIG. 3, for example, and the server control unit 210 is realized by a CPU similar to the CPU 911 shown in FIG. The server communication unit 220 is realized by a communication board similar to the communication board 915 shown in FIG. 3, for example.

Server apparatus 200 is manufactured by manufacturer 501.
The server storage unit 230 stores in advance a certificate information generation program 550, a certificate information signature program 507, a certificate generation program 514, and a certificate verification program 508 generated by the manufacturer 501 at the time of manufacture by the manufacturer 501, for example. Yes.
Here, the certificate verification program 508 stored in the server storage unit 230 is added with the electronic signature 504 generated by the certificate authority 600 in advance by the manufacturer 501.
The certificate verification program 508 is a program for verifying whether the electronic certificate received by the terminal device 100 is generated by the server device 200. In other words, the certificate verification program 508 is a program for verifying the generation source of the electronic certificate at the transmission destination of the electronic certificate.

  Here, the manufacturer 501 may generate a certificate information generation program 550, a certificate information signature program 507, a certificate generation program 514, and a certificate verification program 508 for each server device 200. In that case, the manufacturer 501 can separate the data depending on the server device 200 in each program, and store the portion independent of the server device 200 in the server storage unit 230 when the server device 200 is manufactured. . The manufacturer 501 can generate data depending on each server device 200 after the server device 200 is manufactured, and can add and store the data in the server storage unit 230 of each server device 200 later. Alternatively, the server device 200 can generate data depending on each server device 200, and the server storage unit 230 can add and store data depending on each server device 200.

The server control unit 210 controls the server device 200.
The server communication unit 220 communicates with the terminal device 100.

The terminal device 100 may be manufactured by the same manufacturer 501 as the server device 200 or may be manufactured by a different manufacturer 501.
The terminal storage unit 130 stores a certificate verification program 508 and a certificate authority certificate 516.
Here, the certificate verification program 508 is downloaded from the server device 200 via the terminal communication unit 120 and stored in the terminal storage unit 130 (details will be described later). The certificate authority certificate 516 is an electronic certificate issued by the certificate authority 600 and is stored in the terminal storage unit 130 (details will be described later).

The terminal control unit 110 controls the terminal device 100.
The terminal communication unit 120 communicates with the server device 200.

(Operation of digital certificate issuance)
First, the outline of the operation of issuing an electronic certificate will be described with reference to FIG.
FIG. 5 is a diagram illustrating a flow when the electronic certificate generated by the server device 200 is issued to the terminal device 100.

The server control unit 210 (FIG. 4) executes the certificate information generation program 550 stored in the server storage unit 230 (FIG. 4) to generate certificate description information 608 (details will be described later).
Then, the server control unit 210 (FIG. 4) executes the certificate information signature program 507 stored in the server storage unit 230 (FIG. 4), and generates an electronic signature 609 from the certificate description information 608 (for details, see FIG. 4). Later).

  Further, the server control unit 210 (FIG. 4) executes the certificate generation program 514 stored in the server storage unit 230 (FIG. 4), and obtains the electronic certificate 611 from the certificate description information 608 and the electronic signature 609. Generate (details will be described later). Here, the electronic certificate 611 is an X. It may be a 509 certificate or may be encoded by PKCS (Public-Key Cryptography Standards) # 7. Furthermore, the electronic certificate 611 encoded with PKCS # 7 may be encoded with BASE64.

And the server communication part 220 (FIG. 4) transmits the produced | generated electronic certificate 611 with respect to the terminal device 100 by the command of the server control part 210 (FIG. 4).
Further, the server communication unit 220 (FIG. 4) transmits the certificate verification program 508 stored in the server storage unit 230 (FIG. 4) to the terminal device 100 (terminal communication unit 120) in accordance with an instruction from the server control unit 210 (FIG. 4). Send to.
Here, although illustration is omitted, the server control unit 210 receives a request from the terminal device 100 via the server communication unit 220 when, for example, a request for issuing an electronic certificate is received from the terminal device 100. The server communication unit 220 is instructed to transmit the electronic certificate 611 and the certificate verification program 508.

The terminal communication unit 120 (FIG. 4) receives (downloads) the electronic certificate 611 and the certificate verification program 508 from the server device 200 (server communication unit 220) according to the command of the terminal control unit 110 (FIG. 4).
The terminal communication unit 120 (FIG. 4) may receive (download) the electronic certificate 611 and the certificate verification program 508 at the same time, or receive (download) the electronic certificate 611 and the certificate verification program 508 separately. )
As described above, the certificate verification program 508 is previously attached with the electronic signature 504 of the certificate authority 600 by the manufacturer 501.
Although illustration is omitted here, the terminal control unit 110 transmits a request for issuing the electronic certificate 611 to the server apparatus 200 via the terminal communication unit 120 when the electronic certificate 611 is required. . Although illustration is omitted, the terminal control unit 110 transmits a request for downloading the certificate verification program 508 to the server apparatus 200 via the terminal communication unit 120 when the certificate verification program 508 is required. To do.

The terminal storage unit 130 (FIG. 4) stores the certificate authority certificate 516 issued by the certificate authority 600 (FIG. 4). The certificate authority certificate 516 is an electronic certificate that proves that the certificate verification program 508 is authenticated by the certificate authority 600 (FIG. 4). The certificate authority certificate 516 may be downloaded from the server device 200 or distributed on a recording medium such as a CD-ROM.
The terminal storage unit 130 (FIG. 4) may store the certificate authority certificate 516 when the terminal device 100 is newly installed, or store the certificate authority certificate 516 when the electronic certificate 611 is required. May be. At least, the terminal storage unit 130 (FIG. 4) acquires and stores the certificate authority certificate 516 by any of the methods described above before the terminal communication unit 120 downloads the certificate verification program 508.

The terminal control unit 110 (FIG. 4) executes the certificate authority certificate 516 stored in advance in the terminal storage unit 130 (FIG. 4) by executing an existing electronic signature verification program. 508 is verified.
That is, the terminal control unit 110 (FIG. 4) generates an electronic signature from the certificate authority certificate 516 stored in the terminal storage unit 130 (FIG. 4) by executing an existing electronic signature verification program, and It is verified whether or not the electronic signature assigned to the document verification program 508 matches.
The terminal control unit 110 (FIG. 4) executes the certificate verification program 508 when the electronic signature generated from the certificate authority certificate 516 matches the electronic signature assigned to the certificate verification program 508. Then, the terminal control unit 110 (FIG. 4) verifies whether or not the electronic certificate 611 is an electronic certificate generated by the server device 200 by executing the certificate verification program 508.
Here, the terminal control unit 110 (FIG. 4) can execute the certificate verification program 508 to decode the BASE64 or PKCS # 7 for the electronic certificate 611 if necessary.

Further, the terminal control unit 110 (FIG. 4) performs acceptance determination (outputs acceptance determination 602) when the electronic certificate 611 is an electronic certificate generated by the server device 200.
The electronic certificate 611 for which the acceptance determination has been performed is used in the terminal device 100 in the same manner as the electronic certificate issued from the certificate authority 600.
Here, the certificate verification program 508 may be implemented by, for example, ActiveX (registered trademark).

(Description of processing in server device 200)
FIG. 6 is a diagram illustrating processing in the server device 200.
Here, in the first embodiment, it is assumed that the server apparatus 200 issues a root certificate that is an electronic certificate that certifies the server apparatus 200 itself.
The electronic certificate 611 is an X. An electronic certificate in the 509 format is shown as an example.

The server storage unit 230 stores in advance server specifying information that is information for specifying the server itself.
This server specifying information is information that is the basis of certificate description information 608 including information included in certificate description information 608 described later. For example, the server identification information includes issuer information 305 described later.

(Processing in the certificate information generation program 550)
As described above, the server control unit 210 first executes the certificate information generation program 550 to generate the certificate description information 608. At this time, the server control unit 210 uses server specifying information stored in the server storage unit 230.
As shown in FIG. 6, the certificate description information 608 includes at least issuer information 305, expiration date 306, subject information 307, subject public key information 308, and extended information 309.
These pieces of information may be raw data or may be encoded by a specific method (for example, ASN.1 (Abstract Syntax Notation One)).

  Since the issuer information 305 is information indicating the issuer of the electronic certificate 611, the issuer information 305 is information indicating the server device 200. For example, the issuer information 305 is the name or identifier of the server device 200.

The subject information 307 is information to be certified by the electronic certificate 611. Here, in the case of the root certificate, since the subject is the server device 200, the subject information 307 is information indicating the server device 200. That is, in the case of a root certificate, subject information 307 and issuer information 305 may have the same contents.
At least the subject information 307 and the issuer information 305 are included in the server specifying information and stored in the server storage unit 230.

  The expiration date 306 is information indicating the expiration date of the electronic certificate 611. The server control unit 210 sets the expiration date 306 when a predetermined period of time programmed in advance in the certificate information generation program 550 has elapsed since the execution of the certificate information generation program 550.

The subject person public key information 308 is information on a public key for plainening the information encrypted by the server control unit 210 with the secret key of the server device 200.
The subject public key information 308 may be stored in advance in the server storage unit 230 as part of the server identification information. Alternatively, the subject public key information 308 may be generated when the server control unit 210 executes the certificate information generation program 550.
Note that the secret key of the server device 200 is stored in the server storage unit 230 in advance.

  The extended information 309 is information other than the issuer information 305, expiration date 306, subject information 307, and subject public key information 308 described in the electronic certificate 611. For example, it may be an identifier of the electronic certificate 611 or information indicating a public key algorithm. The extended information 309 may be generated when the terminal control unit 110 executes the certificate information generation program 550, or may be stored in the server storage unit 230.

(Processing in the certificate information signature program 507)
Next, the server control unit 210 executes the certificate information signature program 507.
Here, the server control unit 210 executes the certificate information signature program 507 to generate the electronic signature 609 from the certificate description information 608.
The electronic signature 609 may be in any format as long as it can be verified by the terminal device 100 executing the certificate verification program 508. That is, the electronic signature 609 may be a public key encryption signature or an ID-based signature, or may be an original electronic signature generation method.

Further, the server control unit 210 executes the signature verification parameter 311 that is information necessary for the terminal device 100 to execute the certificate verification program 508 and verify the electronic signature 609, and the certificate information signature program 507. Generate.
The signature verification parameter 311 includes, for example, information such as a generation algorithm (a hash function, a public key encryption method, or a unique electronic signature generation method) of the electronic signature 609 in the certificate information signature program 507.

(Processing in the certificate generation program 514)
Then, the server control unit 210 executes the certificate generation program 514.
The server control unit 210 executes the certificate generation program 514 to generate the electronic certificate 611 from the certificate description information 608, the electronic signature 609, and the signature verification parameter 311.

As shown in FIG. 6, the server control unit 210 uses the issuer information 305, the expiration date 306, the subject information 307, the subject public key information 308, and the extended information 309 included in the certificate description information 608 as they are as the electronic certificate 611. To store.
And the server control part 210 is X.X. When generating an electronic certificate in the 509 format, the electronic signature 609 may be stored in the electronic certificate 611 as the serial number 313 and the signature verification parameter 311 as the issuer unique ID 315.

Further, the electronic certificate 611 includes version information 312 generated by the execution of the certificate generation program 514, an electronic signature 314, and a subject unique ID 316.
The version information 312 is information indicating the version of the electronic certificate 611.
The subject unique ID 316 is, for example, an identifier of the subject (the server device 200 in the case of a root certificate). The subject person unique ID 316 may be the same as the subject person information 307.
The electronic signature 314 is obtained by, for example, obtaining a hash value of predetermined information by the certificate generation program 514 and further encrypting the obtained hash value with a private key stored in the server storage unit 230. . Here, the predetermined information is, for example, a subject unique ID 316 or the like.

  The generated electronic certificate 611 is transmitted to the terminal device 100 by the server communication unit 220 as described above.

(Description of processing in terminal device 100)
FIG. 7 is a diagram illustrating processing in the terminal device 100.
As described above, when receiving the electronic certificate 611 via the terminal communication unit 120, the terminal control unit 110 executes the certificate verification program 508 to verify the electronic certificate 611.
Here, the electronic certificate 611 is the X. It is assumed that the electronic signature 609 is stored in the serial number 313 and the signature verification parameter 311 is stored in the issuer unique ID 315.

The terminal control unit 110 executes the certificate verification program 508 to verify the information indicated by the issuer information 305, the expiration date 306, the subject information 307, the subject public key information 308, and the extended information 309 from the electronic certificate 611. Get as target information.
Further, the terminal control unit 110 executes the certificate verification program 508 to acquire the serial number 313 (electronic signature 609) and the issuer unique ID 315 (signature verification parameter 311) from the electronic certificate 611.

Then, the terminal control unit 110 executes the certificate verification program 508 and performs verification target information (issuer) based on information such as a generation algorithm of the electronic signature 609 indicated by the issuer unique ID 315 (signature verification parameter 311). An electronic signature is generated from information 305, expiration date 306, subject information 307, subject public key information 308, and extended information 309).
Then, the terminal control unit 110 executes the certificate verification program 508 and compares the electronic signature generated from the verification target information with the serial number 313 (electronic signature 609).

  When the electronic signature generated from the verification target information matches the serial number 313 (electronic signature 609), the terminal control unit 110 determines whether to accept the electronic certificate 611 (outputs the acceptance determination 602).

(Effect of Embodiment 1)
The electronic certificate issuance system (terminal device 100 and server device 200) in Embodiment 1 is operated by a third party by adding an electronic signature 609 that can be verified by the certificate verification program 508 to the electronic certificate 611. It is possible to issue the electronic certificate 611 without relying on the certificate authority that performs the process and without human intervention.
Further, the terminal device 100 does not need to perform special settings (such as incorporating an electronic certificate verification program in the terminal device) in advance in the terminal device 100 itself by downloading the certificate verification program 508 from the server device 200. .

Furthermore, since the certificate verification program 508 is given the electronic signature 504 of the certificate authority 600, the terminal device 100 can verify whether the certificate verification program 508 has been tampered with. That is, since the terminal device 100 executes the certificate verification program 508 that has been confirmed not to be falsified and verifies the electronic certificate 611, it is possible to guarantee the safety of communication.
The certificate authority certificate 516 is issued by a certificate authority operated by a third party to a single certificate verification program 508. Therefore, the cost can be reduced compared to a case where a certificate authority operated by a third party organization issues an electronic certificate for each terminal device 100.

Embodiment 2. FIG.
In the second embodiment, it is assumed that the server device 200 issues a server certificate or a client certificate that certifies the terminal device 100.
The terminal device 100 can be a client that receives a service, or can be a server that provides the service. When the terminal device 100 functions as a client, the certificate that certifies the terminal device 100 is a client certificate. When the terminal device 100 functions as a server, the certificate that certifies the terminal device 100 is a server certificate. It becomes.

(Configuration of Terminal Device 100 and Server Device 200 in Embodiment 2)
FIG. 8 is a diagram illustrating a configuration of the terminal device 100 and the server device 200.
Each component is the same as in the first embodiment, but the program used is different, so only the parts different from the first embodiment will be described.
The terminal control unit 110 corresponds to a certificate transmission request generation unit in addition to the verification execution unit described in the first embodiment.

The server storage unit 230 stores in advance a certificate issuance request verification program 506 generated by the manufacturer 501 instead of the certificate information generation program 550 of the first embodiment, for example, at the time of manufacture by the manufacturer 501. The certificate verification program 508, the certificate information signature program 507, and the certificate generation program 514 are the same as those in the first embodiment.
Here, the manufacturer 501 may generate the certificate issuance request verification program 506 for each server device 200. In that case, the manufacturer 501 can separate data depending on each server device 200 in the program and store a portion independent of the server device 200 in the server storage unit 230 when the server device 200 is manufactured. The manufacturer 501 can generate data depending on each server device 200 after the server device 200 is manufactured, and can add and store the data in the server storage unit 230 of each server device 200 later. Alternatively, the server device 200 can generate data depending on each server device 200, and the server storage unit 230 can add and store data depending on each server device 200.

The terminal storage unit 130 stores a certificate issuance request signature program 505 and a certificate issuance request generation program 509 in addition to the certificate verification program 508 and the certificate authority certificate 516.
Here, the certificate issuance request signature program 505 and the certificate issuance request generation program 509 are generated by the manufacturer 501.
The terminal device 100 may be manufactured by the manufacturer 501. In this case, the terminal storage unit 130 can store the certificate issue request signature program 505 and the certificate issue request generation program 509 in advance at the time of manufacture. Alternatively, the terminal storage unit 130 may store a certificate issuance request signature program 505 and a certificate issuance request generation program 509 distributed on a recording medium such as a CD-ROM.

  Further, the manufacturer 501 may generate a certificate issuance request signature program 505 and a certificate issuance request generation program 509 for each terminal device 100. In that case, the manufacturer 501 separates data that depends on each terminal device 100 in the program, distributes a portion that does not depend on the terminal device 100 over the Internet or the like, and only secures data that depends on each terminal device 100 It may be distributed by any method (for example, distribution by CD-ROM).

(Operation of issuing server certificate or client certificate)
An outline of the operation of issuing a server certificate or a client certificate will be described with reference to FIG.
FIG. 9 is a diagram illustrating a flow when the electronic certificate generated by the server device 200 is issued to the terminal device 100 based on the request from the terminal device 100.

The terminal control unit 110 (FIG. 8) of the terminal device 100 executes the certificate issuance request generation program 509 stored in the terminal storage unit 130 (FIG. 8) to generate a certificate issuance request 610 (details will be described later). .
Then, the terminal control unit 110 (FIG. 8) executes the certificate issuance request signing program 505 stored in the terminal storage unit 130 (FIG. 8) to generate a signed certificate issuance request 601 from the certificate issuance request 610. Generate.
That is, the terminal control unit 110 (FIG. 8) generates a certificate transmission request with an electronic signature that requests transmission of an electronic certificate (server certificate or client certificate) of the terminal device 100.
The terminal communication unit 120 transmits the generated signed certificate issuance request 601 (certificate transmission request) to the server device 200.
The signed certificate issuance request 601 includes terminal device specifying information for specifying the terminal device 100 (details will be described later).

The server communication unit 220 (FIG. 8) of the server device 200 includes a terminal device identification information, and a signed certificate issuance request 601 that requests transmission of the electronic certificate (server certificate or client certificate) of the terminal device 100 ( A certificate transmission request with an electronic signature) is received from the terminal device 100.
Here, the terminal device specifying information is, for example, the name or identifier of the terminal device 100. Further, when the terminal device 100 functions as a client, information indicating that it functions as a client, and when the terminal device 100 functions as a server, information indicating that it functions as a server is also included in the terminal device specifying information.

The server control unit 210 (FIG. 8) executes the certificate issuance request verification program 506 stored in the server storage unit 230, and the received signed certificate issuance request 601 is signed by the certificate issuance request signature program 505. It is verified whether it is done.
That is, the server control unit 210 (FIG. 8) generates an electronic signature from the terminal device identification information included in the signed certificate issuance request 601 (certificate transmission request) received by the server communication unit 220, and the server communication unit 220. It is verified whether or not the electronic signature of the signed certificate issuance request 601 (certificate transmission request) received by this matches the electronic signature generated from the terminal device identification information.

  When the server control unit 210 (FIG. 8) verifies that the signed certificate issuance request 601 is signed by the certificate issuance request signing program 505, the server control unit 210 (FIG. 8) receives the certificate from the signed certificate issuance request 601. The description information 608 is extracted.

  Further, the server control unit 210 executes the certificate information signature program 507 and the certificate generation program 514 stored in the server storage unit 230, and generates an electronic certificate 611 from the extracted certificate description information 608. . Here, the electronic certificate 611 is a server certificate or a client certificate.

  That is, when the electronic signature of the signed certificate issuance request 601 (certificate transmission request) received by the server communication unit 220 matches the electronic signature generated from the terminal device identification information, the server control unit 210 An electronic certificate (server certificate or client certificate) of the terminal device 100 is generated based on the terminal device identification information included in the signed certificate issuance request 601 (certificate transmission request) received by the server communication unit 220.

  Since the generation process of the electronic certificate 611 in the server apparatus 200 is the same as that in the first embodiment, the description thereof is omitted.

Similarly, the terminal communication unit 120 receives the electronic certificate (server certificate or client certificate) of the terminal device 100 and the certificate verification program 508 from the server device 200.
Since the verification process of the electronic certificate 611 in the terminal device 100 is the same as that in the first embodiment, the description thereof is omitted.

(Description of processing in terminal device 100)
FIG. 10 is a diagram illustrating processing in the terminal device 100.
As described above, the terminal device 100 executes the certificate issuance request generation program 509 and generates the certificate issuance request 610.
Here, the terminal storage unit 130 stores terminal device specifying information for specifying the terminal device 100 in advance.
The difference from the server certificate or the client certificate is whether the terminal device 100 includes information indicating that the terminal device 100 functions as a server, or includes information indicating that the terminal device 100 functions as a client. is there.
Then, the terminal device 100 executes the certificate issuance request generation program 509 and generates a certificate issuance request 610 based on the terminal device identification information.

Next, the terminal control unit 110 generates certificate issuance request information 704 from the certificate issuance request 610 by executing the certificate issuance request signature program 505.
The certificate issuance request information 704 includes version information 312, subject information 307, subject public key information 308, attributes 708, and electronic signature 701 as shown in FIG.

The version information 312 is information indicating the version of the server certificate or the client certificate, is generated by executing the certificate issuance request generation program 509, and is included in the certificate issuance request 610 in advance.
The subject information 307 is information to be certified by the electronic certificate 611. Here, since the subject is the terminal device 100, the subject information 307 is information indicating the terminal device 100. The subject information 307 is extracted from the terminal device identification information. The subject information 307 is included in advance in the certificate issuance request 610 by executing the certificate issuance request generation program 509.

The subject public key information 308 is information on a public key for plainening the information encrypted by the subject private key 603 of the terminal device 100.
The subject public key information 308 may be stored in advance in the terminal storage unit 130 as part of the terminal device identification information. Alternatively, the subject public key information 308 may be generated when the terminal control unit 110 executes the certificate issuance request generation program 509. The subject public key information 308 is included in the certificate issuance request 610 in advance.
Note that the subject secret key 603 of the server device 200 is stored in the server storage unit 230 in advance.
The attribute 708 includes, for example, information such as a generation algorithm (a hash function, a public key encryption method, or a unique electronic signature generation method) of the electronic signature 810 in the certificate issuance request signature program 505. The attribute 708 is generated when the certificate issuance request generation program 509 is executed, and is included in the certificate issuance request 610 in advance.

Then, the terminal control unit 110 executes the certificate issuance request signature program 505 to generate the electronic signature 810 from the subject information 307 and the subject public key information 308.
The electronic signature 810 may be in any format as long as it can be verified by the server apparatus 200 executing the certificate issuance request verification program 506. That is, the electronic signature 810 may be a public key encryption signature or an ID-based signature, or may be a unique electronic signature generation method.
Then, the terminal control unit 110 adds the electronic signature 810 as part of the attribute 708 information.
Here, the terminal control unit 110 may generate the electronic signature 810 from the subject information 307, the subject public key information 308, and the attribute 708 by executing the certificate issuance request signature program 505.

Further, the terminal control unit 110 executes the certificate issuance request signature program 505 to obtain a hash value of predetermined information, and encodes (encrypts) the obtained hash value with the subject private key 603, thereby obtaining an electronic signature. 701 is generated.
Here, the predetermined information is certificate issuance request information 704 (version information 312, subject information 307, subject public key information 308, attribute 708).

  The terminal control unit 110 uses the version information 312, subject information 307, subject public key information 308, and attribute 708 as certificate issuance request information 704, and signs the certificate issuance request information 704 with the electronic signature 701 added. The attached certificate issuance request 601 is transmitted to the server device 200 via the terminal communication unit 120.

(Description of processing in server device 200)
FIG. 11 is a diagram illustrating processing in the server device 200.
When the server control unit 210 receives the signed certificate issuance request 601 via the server communication unit 220, the server control unit 210 executes the certificate issuance request verification program 506 to verify the signed certificate issuance request 601.
First, the server control unit 210 executes the certificate issuance request verification program 506 to extract (decode) the certificate issuance request information 704 from the signed certificate issuance request 601.
Further, the server control unit 210 executes the certificate issuance request verification program 506 and extracts the electronic signature 701 from the signed certificate issuance request 601 (not shown).

Next, although not shown, the server control unit 210 executes the certificate issuance request verification program 506 to verify the electronic signature 701. That is, the server control unit 210 decrypts the electronic signature 701 with the subject public key information 308, generates an electronic signature from the certificate issuance request information 704, and compares it with the decrypted electronic signature 701. The signature 701 is verified.
When the electronic signature generated from the certificate issuance request information 704 matches the decrypted electronic signature 701, the server control unit 210 can determine that the certificate issuance request information 704 has not been tampered with.

Then, the server control unit 210 executes the certificate issuance request verification program 506 to generate an electronic signature from the subject information 307 and the subject public key information 308 using the algorithm for creating the electronic signature 810 described in the attribute 708. To do. Then, the server control unit 210 verifies the electronic signature 810 by comparing the generated electronic signature with the electronic signature 810 included in the attribute 708.
When the generated electronic signature matches the electronic signature 810 included in the attribute 708, the server control unit 210 determines that the signed certificate issuance request 601 includes the certificate issuance request signature program 505. Can be determined to have been generated.
Here, the terminal device 100 provided with the certificate issuance request signature program 505 can be said to be a legitimate terminal device 100 that is permitted to issue an electronic certificate (server certificate or client certificate) of the terminal device 100. I can do it.

  Further, the server control unit 210 requests the certificate-added certificate issuance request 601 from the legitimate terminal device 100 when the generated electronic signature matches the electronic signature 810 included in the attribute 708. The verification result 711 indicating that is output.

Then, as described in the first embodiment, the server control unit 210 executes the certificate information generation program 550 and generates certificate description information 608. At this time, the server control unit 210 extracts subject information 307 and subject public key information 308 from the certificate issuance request information 704 and stores them in the certificate description information 608.
Since the subsequent processing is the same as that of the first embodiment, description thereof is omitted.

  In this way, the server device 200 issues an electronic certificate 611 (server certificate or client certificate) with the terminal device 100 as the subject.

(Effect of Embodiment 2)
In the electronic certificate issuance system (terminal device 100 and server device 200) in the second embodiment, in addition to the effects of the first embodiment, the terminal device 100 generates a signed certificate issuance request 601 (certificate transmission request). Thus, the server apparatus 200 can generate the requested electronic certificate 611 that is transmitted to the server apparatus 200.
Then, the server device 200 can reject the certificate transmission request from an unauthorized third party by verifying the signed certificate issuance request 601 (certificate transmission request), and can issue an unlimited certificate issuance. Can be suppressed.

Embodiment 3 FIG.
In the third embodiment, it is assumed that the server apparatus 200 issues a server certificate or a client certificate that certifies the terminal apparatus 100 as in the second embodiment.
Since the configuration of the third embodiment is the same as that of the second embodiment, the description thereof is omitted.

(Description of processing in terminal device 100)
FIG. 12 is a diagram illustrating processing in the terminal device 100.
First, the terminal control unit 110 generates a certificate issuance request 610 by executing the certificate issuance request generation program 509 as in the second embodiment.
Then, the terminal control unit 110 generates the certificate issuance request information 704 by executing the certificate issuance request signature program 505 as in the second embodiment.
Further, the terminal control unit 110 generates a digital signature 810 by executing the certificate issuance request signature program 505 as in the second embodiment. Here, the electronic signature 810 may be a public key encryption signature or an ID-based signature as in the second embodiment, or may be a unique electronic signature generation method.
The electronic signature 810 may be generated from the subject information 307 and the subject public key information 308 as in the second embodiment, or may be generated from the certificate issuance request 610.

  Next, the terminal control unit 110 executes the certificate issuance request signature program 505, encodes the electronic signature 810 using a predetermined method defined in the certificate issuance request signature program 505, and encodes the electronic signature 812. Is generated. Here, the predetermined encoding method is, for example, BASE64.

Further, the terminal control unit 110 executes the certificate issuance request signature program 505, integrates (superimposes) the certificate issuance request 610 and the encoded electronic signature 812 into one file, and issues a signed certificate issuance request 601. Is generated.
The signed certificate issuance request 601 is proved by using a specific character string (“Begin CSR”, “End CSR”, “Begin CSR Signature”, “End CSR Signature”) as shown in FIG. 12, for example. The document issuance request 610 and the encoded electronic signature 812 may be distinguishable.

  The signed certificate issuance request 601 is transmitted to the server device 200 via the terminal communication unit 120.

(Description of processing in server device 200)
FIG. 13 is a diagram illustrating processing in the server device 200.
Upon receiving the signed certificate issuance request 601 via the server communication unit 220, the server control unit 210 executes the certificate issuance request verification program 506 to separate the certificate issuance request 610 and the encoded electronic signature 812. .

Similarly to the processing of the certificate issuance request signature program 505 in the terminal device 100, the server control unit 210 converts the certificate issuance request 610 to the certificate issuance request information 704 (version information 312, subject information 307, subject public key information). 308, attribute 708).
Then, the server control unit 210 generates an electronic signature 820 from the subject information 307 and the subject public key information 308, similarly to the processing of the certificate issuance request signature program 505 in the terminal device 100.
Here, when the terminal control unit 110 executes the certificate issuance request signature program 505 and generates the electronic signature 810 from the certificate issuance request 610, the server control unit 210 performs the electronic signature 820 from the certificate issuance request 610. Is generated.

  On the other hand, the server control unit 210 decodes the encoded electronic signature 812 by a predetermined method defined by the certificate issuance request verification program 506 to generate an electronic signature 810. Here, the predetermined decoding method is a method for decoding the encoding method defined in the certificate issuance request signature program 505.

The server control unit 210 executes the certificate issuance request verification program 506 to verify whether the electronic signature 820 and the electronic signature 810 match.
When the electronic signature 820 and the electronic signature 810 match, the server control unit 210 may determine that the signed certificate issuance request 601 has been generated by the terminal device 100 including the certificate issuance request signature program 505. I can do it.
Here, the terminal device 100 provided with the certificate issuance request signature program 505 can be said to be a legitimate terminal device 100 that is permitted to issue an electronic certificate (server certificate or client certificate) of the terminal device 100. I can do it.

  Further, when the electronic signature 820 and the electronic signature 810 match, the server control unit 210 outputs a verification result 711 indicating that the signed certificate issuance request 601 is requested from the valid terminal device 100. To do.

Then, as described in the first and second embodiments, the server control unit 210 executes the certificate information generation program 550 to generate the certificate description information 608. At this time, the server control unit 210 extracts subject information 307 and subject public key information 308 from the certificate issuance request information 704 and stores them in the certificate description information 608.
Since the subsequent processing is the same as in the first and second embodiments, the description thereof is omitted.

  In this way, the server device 200 issues an electronic certificate 611 (server certificate or client certificate) with the terminal device 100 as the subject.

(Effect of Embodiment 3)
The electronic certificate issuance system (terminal device 100 and server device 200) in the third embodiment can realize the effects of the second embodiment without using the subject private key 603.
For example, when a Web server is constructed using Internet Information Service (IIS) (registered trademark), the terminal device 100 cannot acquire the subject private key 603 even if a certificate issuance request is generated. The electronic certificate issuing system (terminal device 100 and server device 200) in the third embodiment can issue an electronic certificate even in such a case.

In summary, in the first to third embodiments,
A certificate for verifying whether or not the electronic certificate 611 is an electronic certificate 611 generated by the server apparatus 200 from the server apparatus 200, which is a program with an electronic certificate 611 and an electronic signature 504. A communication unit (terminal communication unit 120) that receives the document verification program 508;
A certificate authority certificate storage unit that stores a certificate generated by the certificate authority 600 and certifying that the certificate verification program 508 is authenticated by the certificate authority 600 as the certificate authority certificate 516 ( Terminal storage unit 130),
An electronic signature is generated from the certificate authority certificate 516 stored in the certificate authority certificate storage unit (terminal storage unit 130), and the certificate verification program 508 received by the communication unit (terminal communication unit 120) is electronic. It is verified whether the signature 504 matches the electronic signature generated from the certificate authority certificate 516, and the electronic signature 504 of the certificate verification program 508 received by the communication unit (terminal communication unit 120) is used for the authentication. If it matches the electronic signature generated from the station certificate 516, the certificate verification program 508 received by the communication unit (terminal communication unit 120) is executed, and the communication unit (terminal communication unit 120) A verification execution unit (terminal control unit 110) that verifies whether or not the received electronic certificate 611 is the electronic certificate 611 generated by the server device 200; It has been described terminal apparatus 100, wherein the obtaining.

Furthermore, in the second to third embodiments,
The terminal device 100 further includes:
A certificate transmission request generation unit (terminal control unit 110) that generates a certificate transmission request with a digital signature (signed certificate issuance request 601) that requests transmission of the electronic certificate 611 of the terminal device 100;
The communication unit (terminal communication unit 120)
The certificate transmission request (signed certificate issuance request 601) is transmitted to the server device 200, and the electronic certificate 611 of the terminal device 100 and the certificate verification program 508 are received from the server device 200. The terminal device 100 characterized by this has been described.

Furthermore, in the first to third embodiments,
A program with an electronic signature to which an electronic signature 504 generated by the certificate authority 600 is added, and a certificate verification program 508 for verifying the generation source of the electronic certificate 611 at the transmission destination of the electronic certificate 611 is stored. A certificate verification program storage unit (server storage unit 230),
An electronic certificate generation unit (server control unit 210) that generates an electronic certificate 611;
A certificate verification program 508 stored in the certificate verification program storage unit (server storage unit 230) and an electronic certificate 611 generated by the electronic certificate generation unit (server control unit 210) The server device 200 including the communication unit (server communication unit 220) that transmits to the server has been described.

Furthermore, in the first embodiment,
The server device 200 further includes:
A server specifying information storage unit (server storage unit 230) for storing server specifying information for specifying the server device 200;
The electronic certificate generation unit (server control unit 210)
The server device that generates the electronic certificate 611 of the server device 200 based on the server specification information stored in the server specification information storage unit (server storage unit 230) has been described.

Furthermore, in the second to third embodiments,
The communication unit (server communication unit 220)
A certificate transmission request with a digital signature (signed certificate issuance request 601) including terminal device identification information for identifying the terminal device 100 and requesting transmission of the electronic certificate 611 of the terminal device 100 from the terminal device 100. )
The electronic certificate generation unit (server control unit 210)
An electronic signature is generated from the terminal device specifying information included in the certificate transmission request (signed certificate issuance request 601) received by the communication unit (server communication unit 220) and received by the communication unit (server communication unit 220). It is verified whether the electronic signature of the received certificate transmission request (signed certificate issuance request 601) matches the electronic signature generated from the terminal device specifying information, and the communication unit (server communication unit 220) Received by the communication unit (server communication unit 220) when the electronic signature of the received certificate transmission request (signed certificate issuance request 601) matches the electronic signature generated from the terminal device identification information The electronic certificate 611 of the terminal device 100 is generated based on the terminal device specifying information included in the certificate transmission request (signed certificate issuance request 601). It has been described that the server device.

Furthermore, in the first to third embodiments,
The electronic certificate issuing system including the terminal device 100 and the server device 200 has been described.

As already described, the terminal device 100 and the server device 200 shown in the first embodiment are a CPU as a processing device, a memory as a storage device, a magnetic disk, etc., a keyboard as an input device, a mouse, a communication board, etc. A computer including a display device, a communication board, and the like as an output device.
Then, as described above, the functions indicated as “˜units” are realized using these processing devices, storage devices, input devices, and output devices.

  100 terminal device, 101 base, 110 terminal control unit, 120 terminal communication unit, 130 terminal storage unit, 200 server device, 201 service center, 210 server control unit, 220 server communication unit, 230 server storage unit, 305 issuer information, 306 Valid period, 307 Subject information, 308 Subject public key information, 309 Extended information, 311 Signature verification parameter, 312 Version information, 313 Serial number, 314 Electronic signature, 315 Issuer unique ID, 316 Subject unique ID, 501 Manufacturer, 504 Electronic signature, 505 Certificate issuance request signature program, 506 Certificate issuance request verification program, 507 Certificate information signature program, 508 Certificate verification program, 509 Certificate issuance request generation program, 514 Certificate generation program Program, 516 certificate authority certificate, 550 certificate information generation program, 600 certificate authority, 601 signed certificate issuance request, 602 acceptance determination, 603 subject private key, 608 certificate description information, 609 electronic signature, 610 certificate Issuance request, 611 electronic certificate, 701 electronic signature, 704 certificate issuance request information, 708 attribute, 711 verification result, 810 electronic signature, 812 encoded electronic signature, 820 electronic signature, 901 display device, 902 keyboard, 903 mouse, 904 FDD, 905 compact disk device, 906 printer device, 907 scanner device, 910 system unit, 911 CPU, 912 bus, 913 ROM, 914 RAM, 915 communication board, 920 magnetic disk device, 921 operating system System, 922 window system, 923 program group, 924 file group, 931 telephone, 932 facsimile machine, 940 Internet, 941 gateway, 942 local area network.

Claims (10)

A terminal device,
An electronic certificate generated by the server device after the server device determines that the terminal device is a legitimate terminal device permitted to issue an electronic certificate from the server device, and a program with an electronic signature. there are, a communication unit for the electronic certificate receives a certificate verifying program for verifying whether the electronic certificate generated by the server device,
A certificate authority certificate storage unit for storing, as a certificate authority certificate, a certificate generated by a certificate authority and certifying that the certificate verification program is authenticated by the certificate authority;
An electronic signature is generated from a certificate authority certificate stored in the certificate authority certificate storage unit, and an electronic signature of a certificate verification program received by the communication unit is generated from the certificate authority certificate; The certificate received by the communication unit is verified if the digital signature of the certificate verification program received by the communication unit matches the electronic signature generated from the certificate authority certificate. run the book validation program, and characterized in that it comprises a verification execution unit before Symbol electronic certificate received by the communication unit to verify whether the electronic certificate generated by the server device Terminal device to do. The terminal device further includes:
Requesting transmission of the digital certificate includes a certificate transmission request generation unit that generates a certificate transmission request with an electronic signature,
The communication unit is
The certificate transmission request transmits to the server apparatus, from the server apparatus, terminal apparatus according to claim 1, wherein the receiving and the certificate verification program and the electronic certificate. Electronic signature generated by the certificate authority is an addition electronic signature program, and stores the certificate verification program for verifying an electronic certificate of the destination odor Te electronic certificate of origin certification Certificate verification program storage unit;
A communication unit that receives a certificate transmission request for requesting transmission of an electronic certificate of the terminal device from the terminal device;
It is determined whether or not the terminal device is a valid terminal device that is permitted to issue an electronic certificate. If the terminal device is a valid terminal device, an electronic certificate for the terminal device is generated. and an electronic certificate generation unit which,
The communication unit is
The certificate and certificate verification program stored in the verification program storage unit, and electronic certificate generated by the electronic certificate generating unit, the server device comprising a Turkey be transmitted to the terminal device . The server device further includes:
A server specifying information storage unit for storing server specifying information for specifying the server device;
The electronic certificate generation unit
The server identification information storage unit on the basis of the stored server specifying information and generates the electronic certificate of the server apparatus according to claim 3 server apparatus according. The communication unit is
Wherein the terminal device includes a terminal device identification information for identifying the terminal device requests transmission of electronic certificate of the terminal device receives the digital-signed certificate transmission request,
The electronic certificate generation unit
An electronic signature is generated from the terminal device specifying information included in the certificate transmission request received by the communication unit, and the electronic signature of the certificate transmission request received by the communication unit is generated from the terminal device specifying information If the electronic signature of the certificate transmission request received by the communication unit matches the electronic signature generated from the terminal device specifying information, the terminal device is a legitimate terminal device. and determines that the server device according to claim 3, wherein the generating the electronic certificate of the terminal device based on the terminal device identification information included in the received certificate transmission request by the communication unit . The terminal device according to claim 1 or 2,
An electronic certificate issuing system comprising the server device according to claim 3. An electronic certificate generated by the server device after the server device determines that the computer is a legitimate computer that is permitted to issue an electronic certificate request from the server device, and a program with an electronic signature a is a communication step in which the electronic certificate is received by the communication unit and a certificate verification program for verifying whether the electronic certificate generated by the server device,
An authentication in which a computer is a certificate generated by a certificate authority, and a certificate certifying that the certificate verification program is authenticated by the certificate authority is stored in the certificate authority certificate storage unit as a certificate authority certificate A station certificate storage step;
A computer generates an electronic signature from a certificate authority certificate stored in the certificate authority certificate storage unit, and an electronic signature of a certificate verification program received by the communication unit is generated from the certificate authority certificate Whether the digital signature matches the electronic signature generated from the certificate authority certificate is verified by the communication unit. the certificate by running a verification program, the verification execution step of the previous SL electronic certificate received is verified by verification execution section that judges whether the electronic certificate generated by the server device by the communication unit has An electronic certificate receiving method comprising: Computer is an electronic signature of the program an electronic signature that is generated is added by a certificate authority, the certificate verification program for verifying the destination odor electronic certificate Te electronic certificate origin A certificate verification program storage step to be stored in the certificate verification program storage unit;
A reception step of receiving, from the terminal device, a certificate transmission request for requesting transmission of the electronic certificate of the terminal device by the communication unit;
When the computer determines whether or not the terminal device is a valid terminal device for which an electronic certificate issuance request is permitted, and when the terminal device is a valid terminal device, an electronic certificate generation step of generating an electronic certificate of the terminal device by the electronic certificate generating unit,
Computer, a certificate verification program stored in the certificate verification program storage unit, and the electronic certificate electronic certificate generated by the generation unit, transmission is transmitted to the terminal device by the communication unit Shin And a digital certificate transmission method. On the computer,
An electronic certificate generated by the server device after the server device determines that the computer is a legitimate computer permitted to issue an electronic certificate from the server device, and a program with an electronic signature. a communication step of receiving by said digital certificate the communication unit and a certificate verification program for verifying whether the electronic certificate generated by the server device,
A certificate authority certificate that is a certificate generated by a certificate authority and that stores a certificate that proves that the certificate verification program is authenticated by the certificate authority in the certificate authority certificate storage unit as a certificate authority certificate A memory step;
An electronic signature is generated from a certificate authority certificate stored in the certificate authority certificate storage unit, and an electronic signature of a certificate verification program received by the communication unit is generated from the certificate authority certificate; The certificate received by the communication unit is verified if the digital signature of the certificate verification program received by the communication unit matches the electronic signature generated from the certificate authority certificate. run the book validation program, executing a verification execution step of pre Symbol electronic certificate received by the communication unit is verified by said whether the verification execution unit is an electronic certificate generated by the server device A program characterized by letting On your computer,
The electronic signature of the program an electronic signature that is generated is added by a certificate authority, the certificate verification program for verifying the destination odor electronic certificate Te electronic certificate of origin certificate validation program A certificate verification program storage step to be stored in the storage unit;
A receiving step of receiving, from the terminal device, a certificate transmission request for requesting transmission of the electronic certificate of the terminal device by the communication unit;
The terminal device determines whether or not the terminal device is a legitimate terminal device that is permitted to issue an electronic certificate by the electronic certificate generation unit. When the terminal device is a legitimate terminal device, the terminal device an electronic certificate generation step of an electronic certificate generated by the electronic certificate generating unit,
And certificate verification program stored in the certificate verification program storage unit, and the electronic certificate electronic certificate generated by the generation unit, by the communication unit and a signal step feed to be transmitted to the terminal device A program characterized by being executed.

Images