JPS6172436A - Digital signature system - Google Patents

Abstract

PURPOSE:To attain the realization of digital signature with high reliability in a high speed by ciphering a telegraphic message between users at a central equipment, decoding the result and preserving a proof data obtained through the decoding of the ciphered signal with a key decided between the users. CONSTITUTION:When the user 1 communicates with the user 2, a telegraphic message M1 including a communication request RQ2 to the user 2 and the own identification code ID1 is transmitted to the central device 3. The device 3 adds a time stamp TSP12 and a check sum CS to the received code ID1, uses a key decided between the device 3 and the user 1 to generate a ciphered message EZ13 and returns it to the user 1. The user 1 ciphers the TSP12 decoded from the returned ciphering message EZ13 by using the key to generate proof data EZ13 (TSP12) and transmits the ciphered message EZ12 to the user 2 by using the key decided between the users 1, 2 together with the message M and the communication request RQ12 to the user 2. The user 2 preserves the proof data EZ13 (TSP12) of a sender obtained by decoding the ciphering message EZ12 to prove the transmission of the sender at any time.

Description

[Detailed Description of the Invention] [Industrial Application Field] The present invention is used in a digital communication system to confirm the sender of a message transmitted via a digital signature system communication system that recognizes the sender of the message. It is widely used to add the sender's signature to messages.

[Conventional technology]

Even in conventional digital signature systems, public key cryptography is used to enable digital signatures.

[Problem that the invention seeks to solve]

However, since the signal processing process of the public key cryptosystem is complicated, there are problems such as an enormous hardware configuration or an extended software processing time.

[Means for solving problems]

The problem is that in a digital communication system that communicates between a central organization and a plurality of users, a first user who requests communication with a second user receives information indicating a communication request for the second user and his/her own information. and the central agency encrypts the received identification code, time stamp, and checksum of the first user using a key determined between the central agency and the first user. and the first user decrypts the ciphertext received from the central agency using the key and encrypts the obtained time stamp using the key to create evidence data; A message etc. to a second user is encrypted using a key determined between the first and second users and transmitted to the second user, and the second user receives the encrypted message from the first user. This problem is solved by the present invention, which is characterized in that the evidence data obtained by decoding a sentence is stored.

[Effect]

1, that is, according to the present invention, the sender of the message encrypts the timestamp transmitted from the central agency and adds it to the message etc. as evidence data and transmits it to the destination, and the destination that receives the message By storing encrypted timestamps, it is possible to verify the sender.

〔Example〕

An embodiment of the present invention will be described below with reference to the drawings.

FIG. 1 is a diagram showing a digital signature system according to an embodiment of the invention, and FIG. 2 is a diagram illustrating an example of a communication process according to an embodiment of the invention.

In FIG. 2, the digital communication system to which the present invention is applied is comprised of users 1 and 2 and a central authority 3. Each user 1, user 2, and central agency 3 have a configuration as shown in FIG.

In FIG. 1, 11 is a power remainder calculation unit that performs calculations necessary to create various keys for key input K, and 12 is a checksum that creates checksums to check the normality of various telegrams Mi. 13 is a checksum section for confirming that the received message is normal using a checksum added to the message; 14 is an encryption section for encrypting the transmitted message; and 15 is a decryption section for the received encrypted message. decoding unit, 16
17 is a key storage memory that stores a public key or a private key, and 18, 19, and 10 are selectors that perform various switching operations.

In FIG. 2, a communication request RQ in which user 1 requires communication with user 2 and requests communication with user 2;
and an identification code ID that identifies user 1.
, is transmitted to the central authority 3 without encryption.

The central agency 3 receives the identification code ID extracted from the received message M1, and the first timestamp TSP indicating the time.
A checksum CS is added to the message M2 containing uZI3 is created, and the message M2 to which the checksum cS is added is encrypted using the t'JI Z l 3 to create a ciphertext EZI:l (IDI, TSP12, C3), which is sent back to the user 1.

The user 1 creates the key Z13 obtained by multiplying the public key KFff of the central agency 3 by the private key KsI of the user 1, and uses the key Zl+ to generate the ciphertext Ez+z (I D+ , TS P+□, C3) and once extracts the first time stamp TSP, 2, the extracted time stamp TSPlz is further encrypted using the key Z If, and the evidence data EZ13 (T
Create SPI□).

Next, user 1 adds checksum O3 to message M3, which includes communication request RQ + z requesting communication to user 2, message M to be transmitted to user 2, and the evidence data Ez + z (TSP, □). Then, the key Zl determined between User 1 and User 2 obtained by multiplying User 2's public key KPZ by User 1's private key by 3+
Create □, encrypt message M3 with checksum C8 added using key Z1□, and create ciphertext Ez+□ (RQ
I□, M, E213 (T S P +□), C3
) and transmit it to User 2.

User 2 creates the key Z12 obtained by multiplying user 1's public key KPI by user 2's private key by 5□, and uses the key Z1□ to generate the ciphertext E transmitted from user 1.
Z I□ (RQ, □, M, Ez. (TSP, □), C
S) is decrypted to extract the message M, and the evidence data EZI3 (TSPI□) is also saved.

Next, the user 2 sends a communication request RQ r requesting communication to the user and an identification code IDz for identifying the user 2.
The message M4 including the above is transmitted to the central agency 3 without being encrypted.

The central agency 3 receives the identification code ID extracted from the received message M4 and the second time stamp TSPz indicating the time.
A key determined between the central agency 3 and the user 2 obtained by adding a checksum CS to the message M containing + and multiplying the public key KP2 of the user 2 by the private key KS3 of the central agency 3. ZZ3 is created, and the message M to which the checksum C3 is added is encrypted using the key 221 to generate the ciphertext Ezzx.
(r Dz , TSPHI, CS) and sends it back to user 2.

The user 2 obtains the key Z23 obtained by multiplying the public key of the central institution 3 by 3 by the private key Ksz of the user → 2.
The ciphertext E2□3 (I Dz , TS P z i CS
) and once extracts the second time stamp TSPz+, the extracted time stamp TSPHI is further encrypted using the key Z23 and becomes the evidence data Ezz+.
Create (TSPz+).

Next, the user 2 obtains the evidence data Ez+z (TSp
, z), and encrypts it with the key Z1□ determined between User 1 and User 2, resulting in the ciphertext EZI2 (EZZ3 (TSPHI), CS)
Create and transmit to user 1.

User 1 receives the ciphertext E z r z (E z□* (TSP
Decrypt the evidence data EZZ:l
Extract and save (T S P z+).

User 1 transmits evidence data E2□3 (TSPz+) to central agency 3 as necessary, and user 2 and central agency 3
The user 2 decrypts the second timestamp TSP received from the central agency 3 by having it decrypted using the key ZZ4 determined between It becomes possible to prove it.

Similarly, the user 2 transmits the evidence data E2゜(TSP1□) to the central agency 3 as necessary, and the user 1 and the central agency 3
User 1 decrypts the first timestamp TSP, □ received from central agency 3 by having it decrypted using key Z13 determined between It becomes possible to prove it.

As is clear from the above description, according to this embodiment, user 1 and user 2 receive time stamps TSPIz and Tsp2 . N Z l 3 or Z2. determined with the central authority 3. The evidence data E213 (TSPI2) or Ezzz (TSP21) is encrypted by User 2.
Or transmit it to User 1, and User 1 and User 2 store the transmitted evidence data EZI3 (TSP) or E2 It becomes possible to prove the transmission from User 2 or User 1.

Note that FIGS. 1 and 2 are merely one embodiment of the present invention, and many modifications may be made within the scope of the claims, but the effects of the present invention remain the same in any case. It goes without saying that the configuration of the communication system to which the present invention is applied is not limited to that shown in the drawings.

〔Effect of the invention〕

As described above, according to the present invention, in the communication system, the destination can store proof data of the sender and prove the sender's transmission at any time, making it possible to realize a high-speed and highly reliable digital signature.

[Brief explanation of drawings]

FIG. 1 is a diagram showing a digital signature system according to an embodiment of the invention, and FIG. 2 is a diagram illustrating an example of a communication process according to an embodiment of the invention. In the figure, 1 and 2 are users, 3 is a central authority, and 11
is an exponent remainder calculation unit, 12 and 13 are checksum units,
14 is an encryption unit, 15 is a decryption unit, 16 is an evidence data storage memory, 17 is a key storage memory, 18, 19 and 10 are selectors, CS is a checksum, EZI□, EZI
3 and E2□3 are ciphertexts, EZI3 (T S P
+z) and E223 (T S P z+) are evidence data, ID and ID are identification codes, M is a message, RQ, , RQI□ and RQ2 are communication requests, TS
P, □ and TSPz+ indicate time stamps. Figure 1 Figure 2

Claims (1)

[Claims] In a digital communication system that performs communication between a central organization and a plurality of users, a first user who requests communication with a second user sends information indicating a communication request to the second user and his own identification code as described above. communicated to the central agency;
The central agency encrypts the received identification code, time stamp, and checksum of the first user using a key determined between the central agency and the first user, and returns the encrypted information to the first user; The first user decrypts the ciphertext received from the central agency using the key, encrypts the obtained time stamp using the key to create evidence data, and
along with a message to the user, encrypted with a key determined between the first and second users, and sent to the second user.
1. A digital signature system, wherein the second user stores the evidence data obtained by decoding the encrypted text received from the first user.