KR20230163970A - Method for providing certificate service based on smart contract and server using the same - Google Patents

Abstract

According to the present invention, a method for providing smart contract-based certificate registration, approval, and destruction services and an authentication support server using the same are provided. In the method according to the present invention, when a public key PubA corresponding to a user terminal, which is a terminal used by a user, an identification value corresponding to the user, and a validity condition VcertA of the certificate are obtained, the authentication support server, Create or support the creation of a smart contract SC(VcertA) corresponding to a valid condition, obtain a byte code BC (SC(VcertA)) that is a result of compiling the smart contract, and when the byte code is obtained, The authentication support server registers or supports registration of the public key PubA, the identification value, and the byte code BC (SC(VcertA)) in a private blockchain database as information of the certificate, and registers the public key PubA, the identification value, and the byte code BC (SC(VcertA)) in a private blockchain database as information of the certificate. A transaction location identifier PrivTxidA referring to the location is acquired as reference information of the certificate, and when the transaction location identifier PrivTxidA is obtained, the authentication support server determines the status S(SC(VcertA)) of the smart contract SC(VcertA). Set as the initial state, register or support the transaction location identifier PrivTxidA and the state S (SC (VcertA)) in a state database, and support the authentication if a predetermined condition is satisfied. The server provides a specific hash value, which is a hash value calculated from the public key, the identification value, and the byte code, and at least one neighboring hash value matching the specific hash value - the neighboring hash value is: (i) a specific public key , a hash value calculated from a specific identification value and a specific byte code, (ii) approval target information corresponding to approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or a processed value thereof, or destruction request information corresponding to destruction of the certificate. or message record data that is a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire content SDB registered in the state database or a change in the registered content SDB. It is one of the hash values of delta (SDB) - Obtaining a representative hash value generated by calculating together or a processed value of the representative hash value, and registering or supporting registration of the obtained value in a public blockchain database. Provides a method and an authentication support server using the method.

Description

Method of providing smart contract-based certificate service and server using the same {METHOD FOR PROVIDING CERTIFICATE SERVICE BASED ON SMART CONTRACT AND SERVER USING THE SAME}

The present invention relates to a method of providing a smart contract-based certificate service and a server using the same. More specifically, a method of providing a smart contract-based certificate registration, approval, and destruction service and authentication to perform the same. It's about support servers.

With the advancement of IT technology, anyone, regardless of age or gender, can use a variety of services based on the Internet, regardless of location.

In other words, it sells financial services such as account transfers and stock trading by accessing servers operated by banks or securities companies, civil service services and goods such as issuing various certification documents such as resident registration certificates by accessing servers operated by government agencies. It has become possible to receive services in various industrial fields in real time through the Internet, such as e-commerce services such as purchasing goods by accessing a server.

Meanwhile, when using services in various industries, the customer, the user, must perform authentication to prove his or her identity, and a public certificate is used in this case.

Here, a public certificate is electronic information issued by a public certification authority (CA) for the purpose of verifying the user's identity when using services in various industries and preventing forgery and alteration of documents or denial of transaction facts, etc. It represents a type of seal certificate for cyber transactions. These public certificates include the certificate version, certificate serial number, certificate validity period, issuing authority, user's electronic signature verification information, user name, identity verification information, electronic signature method, etc.

These public certificates are used in the public key infrastructure (PKI), a security standard method.

*Public key-based structure refers to a user authentication system that encrypts transmitted and received data using a public key consisting of encryption and decryption keys and verifies the identity of the trader using the password held by the Internet user.

However, in the public key-based structure, the user's private key exists in the form of a file in a standardized storage location due to the soft token-based storage method, so it is easy to copy and automatically collect the private key file, resulting in financial damage to the user due to private key leakage. It also involves the risk of information theft.

For this reason, a public certification authority (CA) must establish a public certificate issuance system with a high-level security system to prevent hacking as much as possible, and operate and maintain the public certificate issuance system. Because it has to be done, there is a problem that a high cost of issuance is caused when issuing a conventional public certificate.

In addition, the public certificate is essentially a separate security module for security purposes (for example, consisting of ActiveX under the Microsoft Windows Operating System) when performing the user authentication process through a web browser. It must be installed.

As such, Active ) is used to use content downloaded from the World Wide Web (WWW). ActiveX is mostly used to create plug-ins for Internet Explorer (IE).

However, since Active Due to Active

For this reason, in South Korea, the government is pursuing a policy of abolishing Active

Moreover, the public certificate, which requires the installation of Active Safari, Firefox, etc.), it is often impossible to use it.

In other words, users access servers operated by banks or securities companies through an Internet-based web browser to provide financial services such as account transfers or stock trading, and access servers operated by government agencies to issue various certification documents such as resident registration certificates. Active It is possible to use the service because it is supported, but because Active

In addition, the public certificates currently used have a security vulnerability when the certificate and password are stolen because the authentication process only consists of checking the existence of the certificate and whether the password matches.

As mentioned above, the public certificates currently used not only have security problems, but also require a high issuance cost and are subject to restrictions on use. Therefore, a technical solution that can replace the existing public certificates at a low cost with strong security and usability is needed. It is requested.

In addition, the currently used public certificate only divides the conditions under which a specific user can use the public certificate into banking/insurance use, securities use, general purpose, etc., and certain conditions (e.g., consent from others, restrictions on the number of uses). The disadvantage is that the use of the certificate is not limited to conditions (conditions related to weather, date, etc.).

Accordingly, the present inventors would like to propose a smart contract-based certificate that can overcome security problems, high issuance costs, restrictions on use, and insufficient conditions of use by replacing existing public certificates.

In this specification, the 'smart contract' is code that is compiled into executable byte code and can be executed on at least one computing device, and is configured to perform a predetermined procedure when a specific condition is satisfied at the time of execution, and the result of the execution is The integrity of the execution result refers to a concept characterized in that it is verified by consensus on the execution result calculated from the at least one computing device.

Patent Document 1: Korea Intellectual Property Office Registered Patent Publication No. 10-0411448 (December 3, 2003), issuance method and issuance system for optical recording media storing private keys and certificates of public key infrastructure.

Non-patent Document 1: Content related to Active Non-patent Document 2: Contents of Media It (Internet newspaper) article related to ActiveX abolition policy (http://www.it.co.kr/news/article.html?no=2793878&sec_no=)

The present invention is intended to solve the problems of the conventional public certificate described above. The purpose of the present invention is to replace the existing public certificate at a low cost with strong security and usability, and to provide an approval validity condition, which is a condition for using the certificate. The goal is to provide a technical solution that is essentially included in the certificate itself.

Another object of the present invention is to provide a blockchain-based certificate provision system that is equipped with a means to directly generate public keys and private keys on a user terminal operated by the user. there is.

In addition, the present invention records certificate-related information in the private/public blockchain of virtual currency, making it impossible to forge or modify it, while also reducing the transaction fee required for recording in the public blockchain using a predetermined data structure. The purpose is to provide a way to save.

In addition, the present invention records certificate-related information - information corresponding to the certificate and information on approval/destination of use of the certificate - in the database, by constructing a Merkle tree using this instead of uploading all certificate-related information to the blockchain. Another purpose is to improve service speed and reduce transaction costs by registering only the root value of the configured Merkle tree in the blockchain.

In addition, another purpose of the present invention is to ensure the integrity of the database by performing verification using the Merkle tree generated as described above.

In addition, another purpose of the present invention is to ensure the integrity of the execution result by checking the validity conditions of the certificate using a smart contract.

In order to achieve the object of the present invention as described above and realize the characteristic effects of the present invention described later, the characteristic configuration of the present invention is as follows.

According to one aspect of the present invention, a method of providing a smart contract-based certificate registration service is provided, the method comprising: (a) a public key PubA corresponding to the user terminal, which is a terminal used by the user; When the identification value corresponding to the user and the validity condition VcertA of the certificate are obtained, the authentication support server creates or supports creating a smart contract SC (VcertA) corresponding to the validity condition, and the smart contract compiles ( Obtaining byte code BC (SC (VcertA)), which is a compiled result; (b) When the byte code is obtained, the authentication support server registers or causes the public key PubA, the identification value, and the byte code BC (SC (VcertA)) to be registered in a private blockchain database as information of the certificate. Obtaining a transaction location identifier PrivTxidA that supports and references a location registered in the private blockchain database as reference information of the certificate; (c) When the transaction location identifier PrivTxidA is obtained, the authentication support server sets the state S(SC(VcertA)) of the smart contract SC(VcertA) as the initial state, and sets the transaction location identifier PrivTxidA and registering or supporting registration of the state S(SC(VcertA)) in a state database; and (d) when a predetermined condition is satisfied, the authentication support server provides a specific hash value that is a hash value calculated from the public key, the identification value, and the byte code, and at least one neighboring hash matching the specific hash value. Value - The neighboring hash value is (i) a hash value calculated from a specific public key, a specific identification value, and a specific byte code, (ii) approval target information corresponding to the approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or this. Message record data that is a processed value or destruction request information corresponding to the destruction of the certificate or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the state database. Obtain a representative hash value or a processed value of the representative hash value, which is either the entire contents registered in the SDB or a hash value of the change delta (SDB) of the registered contents SDB, and the obtained It includes the step of registering or supporting registration of the received value in a public blockchain database.

According to another aspect of the present invention, a method of providing an approval service for the certificate for use of a smart contract-based certificate is provided, the method comprising: (a) (i) corresponding to the user terminal, which is a terminal used by the user; public key PubA, (ii) an identification value corresponding to the user, and (iii) a byte code BC that is the result of compiling the smart contract SC (VcertA) corresponding to the validity condition VcertA of the certificate. (SC(VcertA)) is registered in a location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S(SC(VcertA)) of the smart contract SC(VcertA) are stored in the state database. While registered in the state database, the authentication support server directly or indirectly obtains a smart contract certificate approval request message, which is a message requesting approval of a smart contract certificate based on the smart contract SC (VcertA). ; (b) When the smart contract certificate approval request message is obtained, the authentication support server sends the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the approval target information TI generated for the approval request to the user terminal. By transmitting or supporting transmission, the user terminal signs the approval target information or its processed value TI with PrivA, a private key corresponding to the PubA, and sends the resulting approval target information signature value SigPrivA ( Supporting the creation of TI or TI'); (c) When the approval target information signature value SigPrivA(TI or TI') is obtained, the authentication support server, (i) the approval target information signature value SigPrivA(TI or TI'), (ii) the approval target information determining the validity of the certificate with reference to TI or its processed value TI' and (iii) the transaction location identifier PrivTxidA; (d) If the certificate is valid, the authentication support server sends (i) the approval target information signature value SigPrivA (TI or TI'), (ii) the approval target information TI or its processed value TI', and (iii) ) Register or support the transaction location identifier PrivTxidA as certificate approval completion record data in the private blockchain database, and the byte code BC (SC (VcertA)) and the state S (SC (VcertA)) of the smart contract supporting execution on the at least one computing device, and registering or supporting the registration of the execution result obtained as a result of the execution as a new state S'(SC(VcertA)) in the state database; and (e) when a predetermined condition is satisfied, the authentication support server selects a specific hash value that is a hash value of the certificate approval completion record data and at least one neighboring hash value matching the specific hash value - the neighboring hash value is , (i) a hash value calculated from the public key, the identification value, and the byte code, (ii) the approval target information corresponding to the approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or a processed value thereof, or the certificate message record data corresponding to destruction request information or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire SDB content registered in the state database. Or, one of the hash values of delta (SDB) of the registered content SDB changes - Obtain a representative hash value generated by calculating together or a value processed by the representative hash value, and transfer the obtained value to a public blockchain. It includes steps for registering or assisting to register in a database.

According to another aspect of the present invention, a method of destroying the certificate is provided in a smart contract-based certificate provision and use service, the method comprising: (a) (i) a user terminal, which is a terminal used by the user; The corresponding public key PubA, (ii) an identification value corresponding to the user, and (iii) a byte code that is the result of compiling the smart contract SC (VcertA) corresponding to the validity condition VcertA of the certificate. BC (SC(VcertA)) is registered in a location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S(SC(VcertA)) of the smart contract SC(VcertA) are in the state While registered in a database (state database), the authentication support server directly or indirectly obtains a smart contract certificate destruction request message, which is a message requesting destruction of a smart contract certificate based on the smart contract SC (VcertA). step; (b) When the smart contract certificate destruction request message is obtained, the authentication support server sends the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the destruction request information RR generated in response to the destruction request to the user terminal. By transmitting or supporting transmission, the user terminal signs the destruction request information RR or its processed value RR' with PrivA, a private key corresponding to the PubA, and the resulting destruction request information signature value. Supporting generating SigPrivA(RR or RR'); (c) When the destruction request information signature value SigPrivA(RR or RR') is obtained, the authentication support server, (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) the destruction request information determining the validity of the certificate with reference to RR or its processed value RR' and (iii) the transaction location identifier PrivTxidA; (d) If the certificate is valid, the authentication support server sends (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) the destruction request information RR or its processed value RR', and (iii) ) Registering or supporting registration of the transaction location identifier PrivTxidA in the private blockchain database as certificate destruction completion record data; and (e) when a predetermined condition is satisfied, the authentication support server selects a specific hash value that is a hash value of the certificate destruction completion record data and at least one neighboring hash value matching the specific hash value - the neighboring hash value is , (i) a hash value calculated from the public key, the identification value, and the byte code, (ii) the approval target information corresponding to the approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or a processed value thereof, or the certificate message record data corresponding to the destruction request information or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire content SDB registered in the state database. Or, one of the hash values of delta (SDB) of the registered content SDB changes - Obtain a representative hash value generated by calculating together or a value processed by the representative hash value, and transfer the obtained value to a public blockchain. It includes steps for registering or assisting to register in a database.

Again, according to one aspect of the present invention, an authentication support server that provides a smart contract-based certificate registration service is provided, and the authentication support server provides a public key corresponding to the user terminal, which is a terminal used by the user. ) A communication unit that obtains PubA, an identification value corresponding to the user, and a validity condition VcertA of the certificate; And when the public key, the identification value, and the validity conditions of the certificate are obtained, generate or support the creation of a smart contract SC (VcertA) corresponding to the validity conditions, and the result of the smart contract being compiled. A processor that obtains a byte code BC(SC(VcertA)), wherein when the byte code is obtained, the processor combines the public key PubA, the identification value, and the byte code BC(SC(VcertA)) with the certificate. A transaction location identifier PrivTxidA that supports registration or registration in a private blockchain database as information of and refers to a location registered in the private blockchain database is obtained as reference information of the certificate, and when the transaction location identifier PrivTxidA is obtained, the transaction location identifier PrivTxidA is obtained. Set the state S(SC(VcertA)) of the smart contract SC(VcertA) as the initial state, and register the transaction location identifier PrivTxidA and the state S(SC(VcertA)) in the state database. or supports registration, and when a predetermined condition is satisfied, a specific hash value that is a hash value calculated from the public key, the identification value, and the byte code, and at least one neighboring hash value matching the specific hash value - the neighbor The hash value is (i) a hash value calculated from a specific public key, a specific identification value, and a specific byte code, (ii) information to be approved corresponding to the approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or a processed value thereof, or Message record data, which is destruction request information corresponding to the destruction of the certificate or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) contents registered in the state database Either the entire SDB or the hash value of the change delta (SDB) of the registered content SDB - Obtain a representative hash value generated by calculating together or a processed value of the representative hash value, and make the obtained value public. It is characterized by supporting registration or registration in a blockchain database.

According to another aspect of the present invention, an authentication support server that provides an approval service for the certificate is provided for the use of a smart contract-based certificate. The authentication support server includes (i) a user terminal, which is a terminal used by a user; The corresponding public key PubA, (ii) an identification value corresponding to the user, and (iii) a byte code that is the result of compiling the smart contract SC (VcertA) corresponding to the validity condition VcertA of the certificate. BC (SC(VcertA)) is registered in a location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S(SC(VcertA)) of the smart contract SC(VcertA) are in the state A communication unit that directly or indirectly obtains a smart contract certificate approval request message, which is a message requesting approval of a smart contract certificate based on the smart contract SC (VcertA), while registered in a state database; And when the smart contract certificate approval request message is obtained, the authentication support server transmits the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the approval target information TI generated for the approval request to the user terminal. By supporting transmission, the user terminal signs the approval target information or its processed value TI with PrivA, a private key corresponding to the PubA, and the resulting approval target information signature value SigPrivA (TI or TI'), wherein the processor, when the approval target information signature value SigPrivA (TI or TI') is obtained, (i) the approval target information signature value SigPrivA (TI or TI') , (ii) the approval target information TI or its processed value TI' and (iii) the transaction location identifier PrivTxidA to determine the validity of the certificate, and if the certificate is valid, (i) the approval target information Signature value SigPrivA (TI or TI'), (ii) the approval target information TI or its processed value TI', and (iii) the transaction location identifier PrivTxidA are registered or registered in the private blockchain database as certificate approval completion record data. support to execute the byte code BC(SC(VcertA)) and the state S(SC(VcertA)) of the smart contract on the at least one computing device, and the execution obtained as a result of the execution. The result value is registered or supported in the state database as a new state S' (SC(VcertA)), and when a predetermined condition is satisfied, the authentication support server generates a specific hash that is a hash value of the certificate approval completion record data. value and at least one neighboring hash value matching the specific hash value - the neighboring hash value is: (i) a hash value calculated from the public key, the identification value, and the byte code, (ii) a specific transaction location identifier PrivTxid1 Message record data, which is the approval target information or its processed value corresponding to the approval of the referenced certificate, or the destruction request information or its processed value corresponding to the destruction of the certificate, the signature value of the message record data, and the specific transaction A hash value calculated from a position identifier, and (iii) a hash value of the entire content SDB registered in the state database or a hash value of the change delta (SDB) of the registered content SDB - a representative hash value generated by calculating together. Or, it is characterized by obtaining a value obtained by processing the representative hash value, and registering or supporting registration of the obtained value in a public blockchain database.

According to another aspect of the present invention, an authentication support server that destroys the certificate is provided in a service for providing and using a certificate based on a smart contract. The authentication support server includes (i) the information used by the user; The public key PubA corresponding to the user terminal, (ii) the identification value corresponding to the user, and (iii) the smart contract SC (VcertA) corresponding to the validity condition VcertA of the certificate is compiled. The resulting byte code BC (SC (VcertA)) is registered in the location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S (SC (SC) of the smart contract SC (VcertA) With VcertA)) registered in the state database, a communication unit that directly or indirectly obtains a smart contract certificate destruction request message, which is a message requesting destruction of a smart contract certificate based on the smart contract SC (VcertA) ; And when the smart contract certificate destruction request message is obtained, the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the destruction request information RR generated in response to the destruction request are transmitted or supported to be transmitted to the user terminal, The user terminal signs the destruction request information RR or its processed value RR' with PrivA, the private key corresponding to the PubA, and uses the resulting destruction request information signature value SigPrivA (RR or RR'). A processor that supports generating, wherein, when the destruction request information signature value SigPrivA(RR or RR') is obtained, (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) The validity of the certificate is determined with reference to the destruction request information RR or its processed value RR' and (iii) the transaction location identifier PrivTxidA, and if the certificate is valid, (i) the destruction request information signature value SigPrivA ( RR or RR'), (ii) the destruction request information RR or its processed value RR', and (iii) the transaction location identifier PrivTxidA are registered or supported in the private blockchain database as certificate destruction completion record data, When a predetermined condition is satisfied, a specific hash value that is a hash value of the certificate destruction completion record data and at least one neighboring hash value matching the specific hash value - the neighboring hash value is: (i) the public key, the identification value and a hash value calculated from the byte code, (ii) approval target information corresponding to approval of the certificate referenced by the specific transaction location identifier PrivTxid1, or a processed value thereof, or the destruction request information corresponding to destruction of the certificate, or the same. Message record data as a processed value, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire contents SDB registered in the state database or changes to the registered contents SDB delta It is one of the hash values of (SDB) - is characterized by obtaining a representative hash value generated by calculating together or a processed value of the representative hash value, and registering or supporting registration of the obtained value in a public blockchain database. Do it as

According to the method of the present invention, a certificate service is provided that has strong security and usability, can replace an existing public certificate at a low cost, and essentially includes a configuration regarding approval validity conditions, which are conditions for using the certificate, in the certificate itself. There is an effect.

Additionally, the method of the present invention has the effect of providing a high level of security through high-level encryption.

In addition, according to the method of the present invention, forgery and alteration of certificate-related information is fundamentally prevented, thereby ensuring reliability.

The following drawings attached to be used in explaining the embodiments of the present invention are only some of the embodiments of the present invention, and are intended for use by those skilled in the art (hereinafter referred to as “those skilled in the art”) in the technical field to which the present invention pertains. Other drawings may be obtained based on these drawings without inventive work being done.
1 is a conceptual diagram schematically showing an exemplary configuration of an authentication support server that performs a method of providing a smart contract-based certificate service according to the present invention.
Figure 2 is a sequence diagram illustrating a method of providing a registration service for registering a smart contract-based certificate according to the present invention.
Figure 3 is a sequence diagram illustrating a method of providing a certificate approval service for use of a smart contract-based certificate according to the present invention.
Figure 4 is a sequence diagram illustrating a method of destroying a certificate in a smart contract-based certificate provision and use service according to the present invention.
Figures 5 and 6 are diagrams illustrating the smart contract (source code) that limits the number of uses of the certificate to initNumber and 10 times, respectively.
FIG. 7 is a diagram illustrating byte codes resulting from compilation from the smart contract of FIG. 6.
Figures 8 and 9 are diagrams showing an example of a Merkle tree generated for a smart contract-based certificate service according to the present invention.
Figure 10 is a diagram showing another example of a Merkle tree generated for a smart contract-based certificate service according to the present invention.

The detailed description of the present invention described below refers to the accompanying drawings, which show by way of example specific embodiments in which the present invention may be practiced to make clear the objectives, technical solutions and advantages of the present invention. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention.

In this specification, “public blockchain database” refers to utilizing all computing devices on the virtual currency system that governs the public blockchain, which is a blockchain widely used by the public as a blockchain for virtual currency, as a database.

In addition, in this specification, “private blockchain database” refers to a so-called independently configured private database that uses the blockchain of virtual currency but is directly managed by the authentication support server according to the present invention rather than the public blockchain used for the public. Refers to a database that uses blockchain.

Additionally, throughout the description and claims of the present invention, the word 'comprise' and variations thereof are not intended to exclude other technical features, attachments, components or steps. Other objects, advantages and features of the invention will appear to those skilled in the art, partly from this description and partly from practice of the invention. The examples and drawings below are provided by way of example and are not intended to limit the invention.

Moreover, the present invention encompasses all possible combinations of the embodiments shown herein. It should be understood that the various embodiments of the present invention are different from one another but are not necessarily mutually exclusive. For example, specific shapes, structures and characteristics described herein with respect to one embodiment may be implemented in other embodiments without departing from the spirit and scope of the invention. Additionally, it should be understood that the location or arrangement of individual components within each disclosed embodiment may be changed without departing from the spirit and scope of the invention. Accordingly, the detailed description that follows is not intended to be taken in a limiting sense, and the scope of the invention is limited only by the appended claims, together with all equivalents to what those claims assert, if properly described. Similar reference numbers in the drawings refer to identical or similar functions across various aspects.

In this specification, unless otherwise indicated or clearly contradictory to the context, items referred to in the singular include plural unless the context otherwise requires. Hereinafter, in order to enable those skilled in the art to easily practice the present invention, preferred embodiments of the present invention will be described in detail with reference to the attached drawings.

1 is a conceptual diagram schematically showing an exemplary configuration of an authentication support server that performs a method of providing a smart contract-based certificate service according to the present invention.

Referring to FIG. 1, the authentication support server 100 according to an embodiment of the present invention includes a communication unit 110 and a processor 120, and can communicate indirectly or directly with a user terminal and an authentication request server.

Specifically, authentication support servers, user terminals, and authentication request servers typically include computing devices (e.g., devices that may include computer processors, memory, storage, input and output devices, and other components of conventional computing devices; routers) a combination of computer software (i.e., instructions that cause a computing device to function in a particular way) and electronic communication devices, such as switches, etc.; electronic information storage systems, such as network attached storage (NAS) and storage area networks (SAN) The desired system performance can be achieved by using .

The communication unit 110 of such a computing device can transmit and receive requests and responses with other computing devices that are linked to it. As an example, such requests and responses may be made through the same TCP session, but are not limited to this. For example, it may be transmitted and received as a UDP datagram.

Additionally, the processor 120 of the computing device may include hardware components such as a Micro Processing Unit (MPU) or Central Processing Unit (CPU), cache memory, and data bus. In addition, it may further include an operating system and software configuration of an application that performs a specific purpose.

We will now describe a method of providing a smart contract-based certificate service according to the present invention.

Figure 2 is a sequence diagram illustrating a method of providing a registration service for registering a smart contract-based certificate according to the present invention.

Referring to Figure 2, the method of providing a certificate registration service according to the present invention involves hashing the public key PubA corresponding to the user terminal, which is the terminal used by the user, and the already registered personal information of the user. When the resulting personal information hash value IdhashA and the validity condition VcertA of the certificate are obtained (S205 and S210), the authentication support server generates or supports the creation of a smart contract SC (VcertA) corresponding to the validity condition, It includes the step of acquiring (line 1 of S215) the byte code BC (SC(VcertA)), which is the result of compiling the smart contract (line 1 of S205 to S215).

Specifically, the personal information hash value IdhashA may be a result of hashing the user's personal information, which is the user's personal information. The user personal information may include, for example, at least one of the user name, user date of birth, user contact information, and user e-mail, but is not limited thereto. A person skilled in the art will know that the personal information The hash value may also be an identification value corresponding to the user that is randomly determined without a hash.

In addition, the hash functions used in the hash operation include MD4 function, MD5 function, SHA-0 function, SHA-1 function, SHA-224 function, SHA-256 function, SHA-384 function, SHA-512 function, and HAS- It may include 160 functions, but is not limited to this. For example, Triple SHA256 would also be possible.

Here, the validity condition VcertA of the certificate may include any condition based on information that can be obtained by the smart contract, but to give some examples, (i) information about the user's characteristics, (ii) ) weather information at the time of use of the above certificate, (iii) date information at the time of use of the above certificate, (v) information obtained upon consent to use by a specific other person, and (iv) a predetermined limit on the number of uses of the above certificate. It may be a condition based on at least one of the information about. Here, information about the user's characteristics refers to information such as the user's gender, height, age, etc., which can be obtained from various sources on a computing device executing a smart contract. It could even be included within the smart contract. In addition, date information when using the certificate can also be obtained as data provided by an Internet website, etc., and all of the information (i) to (iv) can be obtained from various information on the computing device executing the smart contract. It can be obtained from the source.

An example of the smart contract being configured according to the validity condition VcertA is shown in Figures 5 and 6. Figures 5 and 6 show the smart contract (source code) limiting the number of uses of the certificate to initNumber and 10 times, respectively. ) is an exemplary drawing.

Referring to Figure 5 or 6, the source code of a smart contract is disclosed where the validity condition is that the number of uses of the certificate is limited to initNumber or 10 times. useCounter refers to an arbitrary title given to a smart contract, and the state of the counter that counts the number of uses is a command specified as int counter;, and after one execution, it is changed by the command counter -= 1; The status of the counter is returned by the command return counter;

These smart contracts are intended to be converted into byte code and executed by multiple computing devices (referred to as “nodes”) that make up the public blockchain database, and each execution result is a consensus algorithm. The execution result that accounts for the largest number of the execution results can be verified as the true execution result. In short, a person skilled in the art will understand that the integrity of the execution result of a smart contract is verified by consensus on the execution result calculated from the nodes. Of course, in some cases, there may be only one node, and in this case, one computing device may output verification results consistent with this consensus.

For reference, an example of the byte code resulting from compilation of the smart contract shown in FIG. 6 is shown in FIG. 7.

Meanwhile, in S205 or S210, the authentication support server confirms or supports confirmation of registration of the obtained public key PubA and data processed therefrom (not shown); And if it is in the registered state as a result of the confirmation, it may include the step (not shown) of the authentication support server transmitting or supporting transmission of a message indicating that the public key PubA obtained from the user terminal is already registered. there is. This is because the PubA is a public key corresponding to a smart contract-based certificate, and if it is already registered, there is no need to create a new one because the smart contract-based certificate is already registered.

Next, in the method of providing a certificate registration service according to the present invention, when the byte code BC (SC (VcertA)) is obtained, the authentication support server receives the public key PubA, the personal information hash value IdhashA, and the byte code. Register or support registration of BC (SC(VcertA)) in a private blockchain database as information in the certificate (line 2 of S215) and a transaction location identifier PrivTxidA referring to the location registered in the private blockchain database as information in the certificate. It further includes the step of acquiring (line 3 of S215) as reference information.

Next, in the method of providing a certificate registration service of the present invention, when the transaction location identifier PrivTxidA is obtained, the authentication support server sets the state S (SC (VcertA)) of the smart contract SC (VcertA) to the initial state (initial state). ), and registering or supporting registration of the transaction location identifier PrivTxidA and the state S (SC(VcertA)) in a state database (line 4 of S215).

Here, the initial state refers to the state first given to the certificate in order to determine whether the validity condition is satisfied. For example, the initial state corresponding to the smart contract in FIG. 6 would be counter = 10.

Next, in the certificate registration service providing method of the present invention, when a predetermined condition is satisfied, the authentication support server, a specific hash value that is a hash value calculated from the public key, the personal information hash value, and the byte code, and the Obtaining a representative hash value or a processed value of the representative hash value generated by calculating together at least one neighboring hash value that matches a specific hash value, and registering or supporting registration of the obtained value in a public blockchain database It further includes steps S220 to S230. Here, the neighboring hash value is (i) a hash value calculated from a specific public key, a specific personal information hash value, and a specific byte code, (ii) approval target information corresponding to the approval of the certificate referenced by the specific transaction location identifier PrivTxid1. or message record data that is a processed value or destruction request information corresponding to the destruction of the certificate or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the above It may be either the entire content SDB registered in the state database or a hash value of the change delta (SDB) of the registered content SDB. For reference, it is preferable that one of the neighboring hash values is a hash value of the entire content SDB registered in the state database or the change delta (SDB) of the registered content SDB. By recording the value of delta(SDB) every time a block is created, even if an accident occurs in the future, such as the loss of some blocks, the state of the block can be easily restored by tracking the value of delta(SDB). Because.

Meanwhile, calculation of a specific hash value and at least one neighboring hash value can be performed by various functions. A specific hash value is denoted as input, and at least one neighboring hash value is x1, x2,... , xn, the representative hash value t can be expressed as the following equation.

At this time, the authentication support server may store and manage the specific hash value and the at least one neighboring hash god in a predetermined data structure. Here, the data structure may vary, for example, it may be a Merkle tree structure. In this case, the calculation of the specific hash value and at least one neighboring hash can be performed through a Merkle tree.

That is, the authentication support server may generate or support the creation of a Merkle tree in which the specific hash value is assigned to a leaf node, and when the predetermined condition is satisfied, at least one matching the specific hash value Obtain the representative hash value or a processed value of the representative hash value generated by hashing the hash values assigned to other leaf nodes together, and register or support the registration of the obtained value in the public blockchain database. there is.

The authentication support server may register or support registration of the hash value finally assigned to the root node of the Merkle tree as a representative hash value in the public blockchain database. At this time, a value obtained by processing the representative hash value may be registered. For example, the result of performing a hex operation on a representative hash value may be registered.

Meanwhile, when the authentication support server stores the specific hash value and the at least one neighboring hash value in a predetermined first data structure, and then stores and manages a second data structure of the same type as the first data structure. , the first data structure and the second data structure may be connected in a chain form.

In particular, when the first data structure and the second data structure are Merkle trees as in the above-described example, the root value of the first data structure or the hash value of the root value is the first leaf of the second data structure. Can be assigned to a node.

Additionally, when the second data structure is created, the first data structure is verified, so that the integrity of the data can be more clearly guaranteed.

In addition, when the Merkle tree is the first Merkle tree among at least one Merkle tree connected in a chain, the first leaf node of the Merkle tree contains a hash value of predetermined message data consisting of text, numbers, or symbols or a processing thereof. One value can be assigned. For example, when creating a Merkle tree, a hash value of the input message initially given by the authentication support server may be assigned.

Figures 8 and 9 are diagrams showing examples of Merkle trees generated according to an embodiment of the present invention.

In Figure 8, a Merkle tree with 4 (2 ² ) leaf nodes is shown. Since the depicted Merkle tree is the first Merkle tree (tree_id = 0), it can be seen that the hash value SHA256 (PrivBCM_unique_message) of predetermined message data PrivBCM_unique_message is assigned to the h1 node, which is the first leaf node. When the certificate is registered, the authentication support server generates a leaf node following the last leaf node of the Merkle tree currently being constructed and supports assigning or assigning a specific hash value or a value obtained by processing the specific hash value. For example, in the Merkle tree of FIG. 8, when the value assignment up to the h1 node, which is the second leaf node, is completed in the previous step, the h2 node, which is the next leaf node, is created and a specific hash value or a value processed from a specific hash value (SHA256 ( input2)) can be assigned. In addition, the authentication support server calculates or supports calculating (i) a specific hash value, and (ii) a hash value assigned to the h3 node, which is a sibling node of the h2 node, which is the third leaf node to which the specific hash value is assigned. You can. The hash value for the operation value that is the result of the above operation is assigned to the h2 node and the parent node (h23 node) of the h3 node. Since the parent node (h23 node) is not the root node of the Merkle tree, the authentication support server can repeatedly perform the above process using the hash value assigned to the h23 node as the specific hash value. In other words, the hash value assigned to the h23 node can be set as a specific hash value, and the hash value assigned to the h23 node and the hash value assigned to the h01 node can be calculated and assigned to the h23 node and the parent node (h0123) of the h01 node. there is. At this time, since the h0123 node is the root node of the Merkle tree, the authentication support server registers or supports registration of the hash value assigned to the h0123 node or its processed value (hex(h{node_index})) in the public blockchain database. You can.

To explain this recursively, when the predetermined condition is satisfied, (x1) the authentication support server connects (i) the specific hash value and (ii) a sibling node of the node to which the specific hash value is assigned. Supports hash operation or hash operation with the hash value assigned to the node, supports assigning or assigning the hash value for the operation value that is the result of the operation to the parent node of the node, and (x2) the parent node is the merkle If it is the root node of the tree, it registers or supports registration of the hash value assigned to the parent node as the representative hash value in the public blockchain database, and (x3) if the parent node is not the root node of the Merkle tree, The steps (x1) to (x3) are repeatedly performed using the hash value assigned to the parent node as the specific hash value.

Meanwhile, the above-described predetermined conditions include (i) a condition in which a predetermined number of the specific hash value and neighboring hash values are obtained or generated, (ii) a condition in which a predetermined time elapses, and (iii) the private blockchain database. It may include at least one of the following conditions: conditions under which a block is created, and (iv) conditions regarding service characteristics.

For example, when multiple certificates are registered, approved, or destroyed, the hash values of the relevant data are collected, that is, (i) a hash value calculated from a specific public key, a specific personal information hash value, and a specific byte code, (ii) a specific hash value, Message record data, which is approval target information corresponding to the approval of the certificate referred to by the transaction location identifier PrivTxid1 or a processed value thereof, or destruction request information corresponding to destruction of the certificate or a processed value thereof, a signature value of the message record data, and A hash value calculated from the specific transaction location identifier, and (iii) a hash value of the entire content SDB registered in the state database or the change delta (SDB) of the registered content SDB by a predetermined number of leaf nodes. Once obtained, the hash value of each corresponding data can become the input value (value assigned to the leaf node) of the above-described Merkle tree.

As another example, the authentication support server may generate the root value of the Merkle tree described above in predetermined time units (condition (ii) above). In this case, the authentication support server can generate a Merkle tree using the input values up to that point when a predetermined time has elapsed and register or support the registration of the root value of the Merkle tree in a public blockchain database.

However, in this case, even after a predetermined time has elapsed, the value may not be assigned to the sibling node of the node to which a specific hash value of the Merkle tree is assigned. In this way, even though the predetermined condition is satisfied, if the hash value is not assigned to the sibling node of the node to which the specific hash value is assigned, the authentication support server assigns or supports assigning a predetermined hash value to the sibling node as described above. In one way, the root value of the Merkle tree can be calculated. For example, the authentication support server may replicate the specific hash value and allocate or support allocation to the sibling node.

In addition, the service characteristics include at least information on the cost paid by the user who registered the certificate, information on the time zone in which registration of the certificate is performed, information on the area in which the registration is performed, and information on the company type that is the management entity of the predetermined server involved in the registration. can be a part However, it is not limited to what is described here, and may include various condition information under which generally recognized differentiated services can be provided.

Meanwhile, when the creation of a new Merkle tree begins and the predetermined condition is satisfied without obtaining data related to registration, approval, or destruction of a certificate, the authentication support server sends predetermined message data to the first leaf node and It can create or support the creation of a Merkle tree assigned to the second leaf node, and register or support the registration of the root value of the Merkle tree or its processed value in a public blockchain database. For example, in this case, a Merkle tree with two leaf nodes may be created.

Meanwhile, as described above, the authentication support server stores the specific hash value and the at least one neighboring hash value in a predetermined first data structure, and then stores and manages a second data structure of the same type as the first data structure. In this case, the first data structure and the second data structure may be connected in a chain form. In particular, when the first data structure and the second data structure are Merkle trees, the root value of the first data structure or a hash value of the root value may be assigned to the first leaf node of the second data structure. .

Figure 9 is a diagram illustrating a Merkle tree generated as the second data structure according to an embodiment of the present invention.

Referring to FIG. 9, it can be seen that the root value (hex(h0123)) of the Merkle tree (tree_id = 0) of FIG. 8 has been assigned to the first leaf node (h4 node) of the new Merkle tree. The present invention has the advantage of improving data integrity by connecting multiple data structures created when a transaction occurs, enabling easy tracking even if data is tampered with in the middle.

Referring again to FIG. 2, the method of providing a certificate registration service according to the present invention includes, when the public key, the personal information hash value, and the byte code are registered in the private blockchain database, the authentication support server, By transmitting a registration response message indicating that registration has occurred and the transaction location identifier PrivTxidA to a predetermined server (e.g., the authentication request server of FIG. 2) (S235), the predetermined server provides the certificate to the user terminal. A step of delivering or supporting delivery of a certificate registration completion message indicating that registration has been completed (S240) may be further included. At this time, the certificate registration completion message includes the transaction location identifier PrivTxidA, allowing the user to obtain the transaction location identifier PrivTxidA.

Next, Figure 10 is a diagram showing another example of a Merkle tree generated for a smart contract-based certificate service according to the present invention.

According to another example, when a block is created in the private blockchain database, the entire content SDB registered in the state database or the change in the registered content SDB in the block header of the generated block delta The state database header hash value, which is a hash value calculated from (SDB), may be recorded.

In this embodiment, there may be a case where data regarding registration of a certificate and data regarding approval or destruction of a certificate are each composed of leaf nodes of different Merkle roots. In this case, specifically (i) individual A certificate representative hash value, which is a representative hash value, is generated from the Merkle tree assigned to leaf nodes only with hash values calculated from the public key, individual personal information hash value, and individual byte code, and (ii) the hash value referenced by the individual transaction location identifier. Individual message record data that is approval target information corresponding to approval of a certificate or a processed value thereof, destruction request information corresponding to destruction of the certificate or a processed value thereof, a signature value of the individual message record data, and the individual transaction location identifier. After a message representative hash value, which is a representative hash value, is generated from a Merkle tree in which only the hash values calculated from are assigned to leaf nodes, the certificate representative hash value and the message representative hash value are added to the block header of the generated block. In a recorded state, the authentication support server may register or support registration of the state database header hash value, the certificate representative hash value, and the message representative hash value, or their processed values, in a public blockchain database.

In the same embodiment, there may be a case where data regarding registration of a certificate and data regarding approval or destruction of a certificate are composed of leaf nodes of the same Merkle root. In this case, specifically (i) individual public key , hash values calculated from individual personal information hash values and individual byte codes, and (ii) approval target information corresponding to approval of the certificate referenced by the individual transaction location identifier, or a processed value thereof, or corresponding to destruction of the certificate. A private representative hash value is generated from a Merkle tree in which hash values calculated from the destruction request information or the individual message record data, the signature value of the individual message record data, and the individual transaction location identifier are assigned to the leaf nodes. Then, with the private representative hash value further recorded in the block header of the generated block, the authentication support server sends the state database header hash value and the private representative hash value, or their processed values, to the public blockchain. We can assist you in registering or registering in the database.

Next, a method of providing a certificate approval service for use of a registered certificate using the above-described data structure will be described.

Figure 3 is a sequence diagram illustrating a method of providing a certificate approval service for use of a smart contract-based certificate according to the present invention.

Referring to FIG. 3, the method of providing the certificate approval service includes (i) a public key PubA corresponding to the user terminal, which is a terminal used by the user, and (ii) the user's already registered personal information. Personal information hash value IdhashA, which is the result of hashing the information, and (iii) byte code BC (SC(VcertA)), which is the result of compiling the smart contract SC(VcertA) corresponding to the validity condition VcertA of the certificate. is registered in a location corresponding to the transaction location identifier PrivTxidA on the private blockchain database, and the transaction location identifier PrivTxidA and the state S(SC(VcertA)) of the smart contract SC(VcertA) are registered in the state database. In this state, the authentication support server sends a smart contract certificate approval request message, which is a message requesting approval of a smart contract certificate based on the smart contract SC (VcertA), directly or to a predetermined server (e.g., authentication request in FIG. 3 It includes a step (S305) of obtaining indirectly through a server).

In one embodiment for verifying the integrity of the content registered in the state database, the method of providing the approval service includes the entire content SDB registered in the state database or the change delta (SDB) of the registered content SDB. Request for approval of the smart contract certificate while the first representative hash value generated by calculating at least one neighboring hash value that matches the hash value or a processed value of the first representative hash value is registered in the public blockchain database. When a message is obtained, the authentication support server processes a second representative hash value or a second representative hash value generated by hashing all or changes registered in the state database obtained from the state database. Determining or supporting determining whether a value corresponds to the first representative hash value registered in the public blockchain database or a value obtained by processing the first representative hash value; And, as a result of the determination, if the second representative hash value or a value obtained by processing the second representative hash value does not correspond to the first representative hash value or a value obtained by processing the first representative hash value, the authentication support server , may further include determining or supporting determination that the integrity of the state database is damaged.

Similarly, in another embodiment for verifying the integrity of the contents of the certificate registered in the private blockchain database, the method of providing the approval service includes: (i) a public key corresponding to the user terminal, (ii) a personal information hash value that is the result of a hash operation of the already registered personal information of the user, and (iii) at least a hash value that matches the hash value calculated from the byte code that is the result of compiling the smart contract corresponding to the validity conditions of the certificate. If the smart contract certificate approval request message is obtained while the first representative hash value generated by calculating one neighboring hash value or the processed value of the first representative hash value is registered in the public blockchain database, the authentication The second representative hash value generated by the support server hashing the public key, the personal information hash value, and the byte code registered in the private blockchain database, or a value processed by the second representative hash value, is the public Determining or supporting the determination of whether the first representative hash value registered in the blockchain database or a value obtained by processing the first representative hash value corresponds to the first representative hash value (Sb0; not shown); And, as a result of the determination, if the second representative hash value or a value obtained by processing the second representative hash value does not correspond to the first representative hash value or a value obtained by processing the first representative hash value, the authentication support server , it may further include a step (Sb1; not shown) of determining or supporting determination that the integrity of the certificate has been damaged.

In this embodiment, the step (Sb0) is where the authentication support server receives the public key, the personal information hash value, and performing a process that obtains or supports obtaining the byte code, and a process that references a predetermined transaction ID associated with the transaction location identifier PrivTxidA (Sb0-1; not shown); And the authentication support server may include a step (Sb0-2; not shown) of obtaining an OP_RETURN message from the public blockchain database using the transaction ID. In this case, the step (Sb1) may include the step (Sb1): The second representative hash value or a processed value of the second representative hash value generated using the public key obtained from a private blockchain database, the personal information hash value, and the byte code is included in the OP_RETURN message. If it does not correspond to the first representative hash value or a value obtained by processing the first representative hash value, the authentication support server may determine or support the determination that the integrity of the certificate has been damaged.

More specifically, in step Sb0-1, in order to refer to a predetermined transaction ID related to PrivTxid, the authentication support server identifies Merkle tree information and leaf node information related to the transaction location identifier PrivTxidA, and The predetermined transaction ID corresponding to the identified Merkle tree information may be referred to.

Here, the second representative hash value matches the public key registered in the private blockchain database regarding the transaction location identifier PrivTxidA, the personal information hash value, and a second specific hash value that is a hash value of the byte code. Since it can be generated by calculating at least one neighboring hash value, the above-described description of the first specific hash value can be equally applied to the second specific hash value. That is, the calculation of the second specific hash value and at least one neighboring hash value may be performed by various functions. Since this has been described above, description is omitted.

In this case, calculation of the second specific hash value and at least one neighboring hash value may be performed through a Merkle tree. When the smart contract certificate approval request message is obtained, the authentication support server may identify Merkle tree information and leaf node information related to the transaction location identifier PrivTxidA included in the smart contract certificate approval request message.

And, the second representative hash value is the second specific hash value and at least one other hash value that matches the second specific hash value in a Merkle tree in which the second specific hash value is assigned to a specific leaf node. It can be generated by calculating the hash value assigned to the leaf node.

Specifically, (x1) the authentication support server calculates or supports calculating (i) the second specific hash value and (ii) a hash value assigned to a sibling node of the node to which the second specific hash value is assigned, , supports assigning or assigning a hash value for the operation value to the parent node of the node, and (x2) if the parent node is the root node of the Merkle tree, the hash value assigned to the parent node is assigned to the second representative As a hash value, it compares or supports comparison with the value included in the OP_RETURN message, and (x3) if the parent node is not the root node of the Merkle tree, the hash value assigned to the parent node is converted to the second specific hash value. Thus, the above (x1) to (x3) can be repeatedly performed.

The above-described process was to determine whether the smart contract certificate was forged or tampered with. As a next step, the method of providing the certificate approval service is: When the smart contract certificate approval request message is obtained, the authentication The support server transmits or supports transmission (S315) of the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the approval target information TI generated for the approval request (S310) to the user terminal, Sign the approval target information TI or its processed value TI' with PrivA, the private key corresponding to the PubA, and generate the resulting approval information signature value SigPrivA (TI or TI'). It further includes support steps (S310 to S320) (S320).

Here, the approval target information TI may include at least one of the approval request time and a randomly generated nonce. The nonce value may be a random value intended to be used once or a processed value thereof.

Specifically, in the steps (S310 to S320), the authentication support server determines whether the PrivTxidA or the processed data obtained directly or indirectly from the user terminal is registered, and as a result of the determination, it is not registered. If so, the authentication support server may deliver or support delivery of a certificate approval error message indicating that approval of the certificate has failed to the user terminal.

Next, a method of providing an approval service of the certificate includes, when the approval target information signature value SigPrivA (TI or TI') is obtained, the authentication support server (i) obtains the approval target information signature value SigPrivA (TI or TI'). TI'), (ii) the approval target information TI or its processed value TI', and (iii) the transaction location identifier PrivTxidA to determine the validity of the certificate (S325).

Specifically, the step (S325) determines whether the authentication support server registers the public key RegPubA corresponding to the user terminal and the personal information hash value IdhashA, which is a result of hashing the already registered personal information of the user. confirming or assisting in confirming; If, as a result of the confirmation, it is not registered, the authentication support server transmits or supports transmission of a message indicating that the public key is not registered; As a result of the confirmation, if it is in a registered state, the authentication support server determines or supports determining whether the registered RegPubA and the PubA match each other, and if the RegPubA and the PubA do not match each other, the authentication support server determines or supports determining whether the registered RegPubA and the PubA match each other. transmitting or supporting transmission of a message indicating that the public key PubA is incorrect, and determining that the public key PubA is valid if the RegPubA and the PubA match each other; And when the public key PubA is determined to be valid, the authentication support server determines or supports determining whether the approval target information signature value SigPrivA (TI or TI') is a normal signature (Sc4; not shown). It can be configured to do so.

Specifically, in step Sc4, whether the approval target information signature value SigPrivA (TI or TI') is normally signed can be determined by referring to the approval target information TI or its processed value TI' and the PubA. there is. For example, whether the hash value of TI or TI' calculated from SigPrivA (TI or TI') using PubA and the hash value (fingerprint) included in the approval target information signature value SigPrivA (TI or TI') match each other. This allows you to determine whether the signature is normal.

Meanwhile, in step S325, the authentication support server determines or supports determining whether the certificate destruction completion record data indicating that the certificate has been revoked is already registered, and as a result of the determination, if it is already registered, , the authentication support server may deliver or support delivery of a certificate approval error message indicating that approval of the certificate has failed to the user terminal.

After the step (S325), the method of providing an approval service for the certificate is that, if the certificate is valid, the authentication support server: (i) the approval target information signature value SigPrivA (TI or TI'), (ii) ) Register or support the registration of the approval target information TI or its processed value TI' and (iii) the transaction location identifier PrivTxidA in the private blockchain database as certificate approval completion record data (line 1 of S330), and Supports execution of the byte code BC(SC(VcertA)) and the state S(SC(VcertA)) of a smart contract on the at least one computing device, and converts the execution result obtained as a result of the execution into a new state. It further includes a step (S330) of registering or supporting registration in the state database as S'(SC(VcertA)) (line 2 of S330).

Specifically, the conditions for the certificate to be valid include at least the condition that SigPrivA (TI or TI') is determined to have been properly signed, the condition that the PubA matches the already registered RegPubA, and the certificate destruction completion record data of the certificate. It may be a condition in which all unregistered conditions are satisfied. If at least one of these conditions is not satisfied, the authentication support server may transmit or support transmission of the certificate approval error message to the user terminal (S360 to S395).

As a next step, the method of providing the certificate approval service may include, if a predetermined condition is satisfied, the authentication support server, a specific hash value that is a hash value of the certificate approval completion record data, and at least one matching the specific hash value. It further includes obtaining a representative hash value generated by calculating one neighboring hash value together or a processed value of the representative hash value, and registering or supporting registration of the obtained value in a public blockchain database. For reference, the neighbor hash value is (i) a hash value calculated from the public key, the personal information hash value, and the byte code, (ii) the approval corresponding to the approval of the certificate referenced by the specific transaction location identifier PrivTxid1. Message record data that is target information or a processed value thereof, destruction request information corresponding to destruction of the certificate or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii ) It may be either the entire content SDB registered in the state database or a hash value of the change delta (SDB) of the registered content SDB. As mentioned earlier, it is preferable that one of the neighboring hash values is a hash value of the entire content SDB registered in the state database or the change delta (SDB) of the registered content SDB. Meanwhile, here, the process of generating a representative hash value from a specific hash value and registering it in the public blockchain database is the same as described above, so redundant explanation will be omitted.

The method of providing the certificate approval service further includes the step of, if the certificate is valid, the authentication support server delivering or supporting delivery of a certificate approval completion message indicating that approval of the certificate has been completed to the user terminal. You may. In this case, the certificate approval completion message may include the PrivTxidA.

Finally, a method for destroying the registered certificate will be explained. Figure 4 is a sequence diagram illustrating a method of destroying a certificate in a smart contract-based certificate provision and use service according to the present invention.

Referring to FIG. 4, the certificate destruction method uses (i) a public key PubA corresponding to the user terminal, which is the terminal used by the user, and (ii) the result of a hash operation of the user's already registered personal information. The personal information hash value IdhashA, and (iii) the byte code BC (SC(VcertA)), which is the result of compiling the smart contract SC (VcertA) corresponding to the validity condition VcertA of the certificate, is used as a transaction on the private blockchain database. The authentication is registered in a location corresponding to the location identifier PrivTxidA, and the transaction location identifier PrivTxidA and the state S(SC(VcertA)) of the smart contract SC(VcertA) are registered in a state database. A support server directly or indirectly obtaining a smart contract certificate destruction request message, which is a message requesting destruction of a smart contract certificate based on the smart contract SC (VcertA) (S405); When the smart contract certificate destruction request message is obtained, the authentication support server sends the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the destruction request information RR generated in response to the destruction request (S410) to the user terminal. By transmitting or supporting transmission (S415), the user terminal signs the destruction request information RR or its processed value RR' with PrivA, a private key corresponding to the PubA, and sends the resulting destruction request. Supporting the generation of an information signature value SigPrivA (RR or RR') (S420); When the destruction request information signature value SigPrivA(RR or RR') is obtained, the authentication support server: (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) the destruction request information RR or determining the validity of the certificate with reference to the processed value RR' and (iii) the transaction location identifier PrivTxidA (S425); If the certificate is valid, the authentication support server: (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) the destruction request information RR or its processed value RR', and (iii) the transaction Registering or supporting registration of the location identifier PrivTxidA in the private blockchain database as certificate destruction completion record data (S430); When a predetermined condition is satisfied, the authentication support server calculates a specific hash value, which is a hash value of the certificate destruction completion record data, and at least one neighboring hash value matching the specific hash value. A representative hash value generated by It includes steps (S435 to S445) of obtaining a value obtained by processing the representative hash value and registering or supporting registration of the obtained value in a public blockchain database. For reference, the neighbor hash value is (i) a hash value calculated from the public key, the personal information hash value, and the byte code, (ii) an approval target corresponding to the approval of the certificate referenced by the specific transaction location identifier PrivTxid1. Message record data that is information or a processed value thereof or the destruction request information or a processed value thereof corresponding to the destruction of the certificate, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii ) It may be either the entire content SDB registered in the state database or a hash value of the change delta (SDB) of the registered content SDB. As mentioned earlier, it is preferable that one of the neighboring hash values is a hash value of the entire content SDB registered in the state database or the change delta (SDB) of the registered content SDB.

Accordingly, the process of destruction is similar to the process of acknowledgment, with the difference being that in acknowledgment, the execution of the byte code and its resulting state are recorded in the state database, whereas in destruction, the execution of the byte code is recorded in the status database. It is not absolutely necessary, and recording of any state in the state database is also not necessarily necessary.

However, the byte code may be executed to complete the procedure to be performed in the final stage of destruction, and a predetermined status indicating the destruction of the certificate may be recorded in the status database.

In addition, in step S425, the authentication support server determines or supports determining whether the certificate destruction completion record data indicating that the certificate has been revoked is already registered, and as a result of the determination, if it is already registered, , The authentication support server may deliver or support delivery of a certificate revocation error message indicating that the certificate has failed to be revoked to the user terminal.

In addition, in one embodiment, in the steps (S410 to S420), the authentication support server determines whether the PrivTxidA or the processed data obtained directly or indirectly from the user terminal is registered, and As a result, if it is not registered, the authentication support server may deliver or support delivery of a certificate revocation error message indicating that the certificate has failed to be revoked to the user terminal.

In all embodiments of the present invention described above, the certificate itself contains a configuration regarding approval validity conditions, which are conditions for using the certificate, which can replace the existing public certificate at a low cost while having strong security and usability. It works.

The advantage of the technology described here in the above embodiments is that the reliability of the certificate is guaranteed by making it virtually impossible to falsify or falsify authentication-related information such as public keys and hash values, and falsification of the validity conditions of the certificate is also virtually impossible. Reliability in the use of the certificate is also guaranteed, and when recording certificate-related information (e.g., information corresponding to the certificate and information on approval/revocation of use of the certificate) in the database, this is used instead of uploading all certificate-related information to the blockchain. By constructing a Merkle tree and registering only the root value of the constructed Merkle tree in the blockchain, it is possible to improve service speed and reduce transaction costs.

Based on the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be achieved through a combination of software and hardware or can be achieved with hardware alone. The subject matter of the technical solution of the present invention or the parts contributing to the prior art may be implemented in the form of program instructions that can be executed through various computer components and recorded on a computer-readable recording medium. The computer-readable recording medium may include program instructions, data files, data structures, etc., singly or in combination. Program instructions recorded on the computer-readable recording medium may be specially designed and configured for the present invention or may be known and usable by those skilled in the art. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical recording media such as CD-ROMs and DVDs, and magneto-optical media such as floptical disks. media), and hardware devices specifically configured to store and perform program instructions, such as ROM, RAM, flash memory, etc. Examples of program instructions include not only machine language code such as that created by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules to perform processing according to the invention and vice versa. The hardware device may include a processor such as a CPU or GPU combined with a memory such as ROM/RAM for storing program instructions and configured to execute instructions stored in the memory, and may send and receive signals to and from an external device. It may include a communication department. In addition, the hardware device may include a keyboard, mouse, and other external input devices to receive commands written by developers.

In the above, the present invention has been described with specific details such as specific components and limited embodiments and drawings, but this is only provided to facilitate a more general understanding of the present invention, and the present invention is not limited to the above embodiments. , a person skilled in the art to which the present invention pertains can make various modifications and variations from this description.

Therefore, the spirit of the present invention should not be limited to the above-described embodiments, and the scope of the patent claims described below as well as all modifications equivalent to or equivalent to the scope of the claims fall within the scope of the spirit of the present invention. They will say they do it.

Claims (17)

As a method of providing an approval service for the certificate for use of a smart contract-based certificate,
(a) (i) public key PubA corresponding to the user terminal, which is the terminal used by the user, (ii) identification value corresponding to the user, and (iii) smart contract corresponding to the validity condition VcertA of the certificate SC (VcertA) - The smart contract is source code that is compiled into executable byte code and can be executed on at least one computing device, and is configured to perform a predetermined procedure if a specific condition is satisfied during the execution - compile ), the resulting byte code BC (SC (VcertA)) is registered in the location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S (SC) of the smart contract SC (VcertA) With (VcertA)) registered in the state database, the authentication support server obtains a smart contract certificate approval request message, which is a message requesting approval of a smart contract certificate based on the smart contract SC (VcertA). steps;
(b) When the smart contract certificate approval request message is obtained, the authentication support server transmits the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the approval target information TI generated for the approval request to the user terminal. Or, by supporting transmission by another device linked to the authentication support server, the user terminal signs the approval target information or its processed value TI with PrivA, a private key corresponding to the PubA, and the result. Supporting the generation of an approval target information signature value SigPrivA (TI or TI'), which is a value;
(c) When the approval target information signature value SigPrivA(TI or TI') is obtained, the authentication support server sends (i) the approval target information signature value SigPrivA(TI or TI'), (ii) the approval target information TI or a processed value TI' and (iii) determining the validity of the certificate with reference to the transaction location identifier PrivTxidA;
(d) If the certificate is valid, the authentication support server sends (i) the approval target information signature value SigPrivA (TI or TI'), (ii) the approval target information TI or its processed value TI', and (iii) Supports registration of the transaction location identifier PrivTxidA in the private blockchain database as certificate approval completion record data or registration by other devices linked to the authentication support server, and the byte code BC (SC (VcertA)) of the smart contract and Supports execution of the state S(SC(VcertA)) on the at least one computing device, and registers the execution result obtained as a result of the execution as a new state S'(SC(VcertA)) in the state database. or supporting registration by another device linked to the authentication support server; and
(e) When a predetermined condition is satisfied, the authentication support server generates a specific hash value that is a hash value of the certificate approval completion record data and at least one neighboring hash value matching the specific hash value - the neighboring hash value is, i) a hash value calculated from the public key, the identification value, and the byte code, (ii) the approval target information corresponding to the approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or the processed value thereof, or the destruction of the certificate message record data corresponding to destruction request information or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire content SDB or the above registered content in the state database. Registered content Changes to SDB One of the hash values of delta (SDB) - Obtain a representative hash value generated by calculating together or a processed value of the representative hash value, and store the obtained value in a public blockchain database. Registering or assisting another device linked to the authentication support server to register;
Including,
In step (c),
(c1) confirming, by an authentication support server, whether the public key RegPubA corresponding to the user terminal and an identification value corresponding to the user are registered, or supporting another device linked to the authentication support server to confirm;
(c2) If, as a result of the confirmation, it is not registered, the authentication support server transmits a message indicating that the public key is not registered, or supports another device linked to the authentication support server to transmit a message indicating that the public key is not registered;
(c3) If it is in the registered state as a result of the confirmation, the authentication support server determines whether the registered RegPubA and the PubA match each other or supports another device linked to the authentication support server to determine, If the RegPubA and the PubA do not match each other, a message indicating that the public key PubA is incorrect is transmitted or another device linked to the authentication support server is supported to transmit it, and if the RegPubA and the PubA match each other, the determining that the public key PubA is valid; and
(c4) If the public key PubA is determined to be valid, the authentication support server determines whether the authentication target information signature value SigPrivA (TI or TI') is normally signed, or allows another device linked to the authentication support server to determine whether supporting steps; Including,
In step (c4) above,
A method characterized in that whether the approval target information signature value SigPrivA (TI or TI') is normally signed is determined with reference to the approval target information TI or its processed value TI' and the PubA. According to paragraph 1,
Before step (b) above,
(b0') a first representative hash value generated by calculating at least one neighboring hash value matching the hash value of the entire content SDB registered in the state database or the change delta (SDB) of the registered content SDB, or When the smart contract certificate approval request message is obtained while a value obtained by processing the first representative hash value is registered in the public blockchain database, the authentication support server registers the information in the state database obtained from the state database. The second representative hash value generated by hashing the entire content or changes thereof, or the processed value of the second representative hash value, is the first representative hash value or the first representative hash value registered in the public blockchain database. determining whether the value corresponds to the processed value or supporting another device linked to the authentication support server to determine; and
(b1') If, as a result of the determination, the second representative hash value or a value obtained by processing the second representative hash value does not correspond to the first representative hash value or a value obtained by processing the first representative hash value, the authentication A support server determining that the integrity of the state database has been damaged or assisting another device linked to the authentication support server to determine that the integrity of the state database has been damaged.
How to further include . According to paragraph 1,
Before step (b) above,
(b0) Calculated from (i) a public key corresponding to the user terminal, (ii) an identification value corresponding to the user, and (iii) a byte code that is the result of compiling a smart contract corresponding to the validity conditions of the certificate. The smart contract certificate approval request message while the first representative hash value generated by calculating at least one neighboring hash value that matches the hash value or a processed value of the first representative hash value is registered in the public blockchain database. When obtained, the authentication support server processes the second representative hash value or the second representative hash value generated by hashing the public key, the identification value, and the byte code registered in the private blockchain database. Determining whether a value corresponds to the first representative hash value registered in the public blockchain database or a value obtained by processing the first representative hash value or supporting another device linked to the authentication support server to determine. ; and
(b1) As a result of the determination, if the second representative hash value or a value obtained by processing the second representative hash value does not correspond to the first representative hash value or a value obtained by processing the first representative hash value, the authentication is supported. A step of the server determining that the integrity of the certificate has been damaged or assisting another device linked to the authentication support server to determine that the integrity of the certificate has been damaged.
How to further include . According to paragraph 1,
In step (c),
The authentication support server determines whether or not the certificate destruction completion record data indicating that the certificate has been revoked is already registered, or assists another device linked to the authentication support server to determine,
As a result of the determination, if it is already registered, the authentication support server delivers a certificate approval error message indicating that approval of the certificate has failed to the user terminal, or supports other devices linked to the authentication support server to deliver it. A method characterized by: According to paragraph 1,
(f) If the certificate is valid, the authentication support server transmits a certificate approval completion message indicating that approval of the certificate has been completed to the user terminal or assists another device linked to the authentication support server to transmit it.
How to further include . According to paragraph 1,
The information subject to the above approval TI is,
A method comprising at least one of the approval request time and a randomly generated nonce value. According to paragraph 1,
In step (b),
The authentication support server determines whether the PrivTxidA or data processed therefrom obtained directly or indirectly from the user terminal is registered,
As a result of the determination, if it is not registered, the authentication support server delivers a certificate approval error message indicating that approval of the certificate has failed to the user terminal, or supports other devices linked to the authentication support server to deliver it. A method characterized by: As a method of destroying the certificate in the provision and use service of a smart contract-based certificate,
(a) (i) public key PubA corresponding to the user terminal, which is the terminal used by the user, (ii) identification value corresponding to the user, and (iii) smart contract corresponding to the validity condition VcertA of the certificate SC (VcertA) - The smart contract is source code that is compiled into executable byte code and can be executed on at least one computing device, and is configured to perform a predetermined procedure if a specific condition is satisfied during the execution - compile ), the resulting byte code BC (SC (VcertA)) is registered in the location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S (SC) of the smart contract SC (VcertA) (VcertA)) is registered in the state database, the authentication support server obtains a smart contract certificate destruction request message, which is a message requesting destruction of the smart contract certificate based on the smart contract SC (VcertA). steps;
(b) When the smart contract certificate destruction request message is obtained, the authentication support server transmits the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the destruction request information RR generated in response to the destruction request to the user terminal. Or, by supporting transmission by another device linked to the authentication support server, the user terminal signs the destruction request information RR or its processed value RR' with PrivA, a private key corresponding to the PubA. Supporting the generation of the resulting destruction request information signature value SigPrivA (RR or RR');
(c) When the destruction request information signature value SigPrivA(RR or RR') is obtained, the authentication support server, (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) the destruction request information RR or a processed value RR' and (iii) determining the validity of the certificate with reference to the transaction location identifier PrivTxidA;
(d) If the certificate is valid, the authentication support server sends (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) the destruction request information RR or its processed value RR', and (iii) Registering the transaction location identifier PrivTxidA as certificate destruction completion record data in the private blockchain database or supporting registration by another device linked to an authentication support server; and
(e) When a predetermined condition is satisfied, the authentication support server provides a specific hash value that is a hash value of the certificate destruction completion record data and at least one neighboring hash value matching the specific hash value - the neighboring hash value is, ( i) a hash value calculated from the public key, the identification value, and the byte code, (ii) information to be approved corresponding to the approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or a processed value thereof, or destruction of the certificate. The message record data corresponding to the destruction request information or a processed value thereof, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire content SDB or the content registered in the state database. Registered content Changes to SDB One of the hash values of delta (SDB) - Obtain a representative hash value generated by calculating together or a processed value of the representative hash value, and store the obtained value in a public blockchain database. Registering or assisting another device linked to the authentication support server to register;
Including,
In step (c),
(c1) confirming, by an authentication support server, whether the public key RegPubA corresponding to the user terminal and an identification value corresponding to the user are registered, or supporting another device linked to the authentication support server to confirm;
(c2) If, as a result of the confirmation, it is not registered, the authentication support server transmits a message indicating that the public key is not registered, or supports another device linked to the authentication support server to transmit a message indicating that the public key is not registered;
(c3) If it is in the registered state as a result of the confirmation, the authentication support server determines whether the registered RegPubA and the PubA match each other or supports another device linked to the authentication support server to determine, If the RegPubA and the PubA do not match each other, a message indicating that the public key PubA is incorrect is transmitted or another device linked to the authentication support server is supported to transmit it, and if the RegPubA and the PubA match each other, the determining that the public key PubA is valid; and
(c4) If the public key PubA is determined to be valid, the authentication support server determines whether the authentication target information signature value SigPrivA (TI or TI') is normally signed, or allows another device linked to the authentication support server to determine whether supporting steps; Includes,
In step (c4) above,
A method characterized in that whether the approval target information signature value SigPrivA (TI or TI') is normally signed is determined with reference to the approval target information TI or its processed value TI' and the PubA. According to clause 8,
In step (c),
The authentication support server determines whether or not the certificate destruction completion record data indicating that the certificate has been revoked is already registered, or assists another device linked to the authentication support server to determine,
As a result of the determination, if it is already registered, the authentication support server delivers a certificate revocation error message indicating that the certificate has failed to be revoked to the user terminal, or supports other devices linked to the authentication support server to deliver it. A method characterized by: According to clause 8,
In step (b),
The authentication support server determines whether the PrivTxidA or data processed therefrom obtained directly or indirectly from the user terminal is registered,
As a result of the determination, if it is not registered, the authentication support server delivers a certificate revocation error message indicating that the certificate has failed to be revoked to the user terminal, or supports other devices linked to the authentication support server to deliver it. A method characterized by: As an authentication support server that provides an approval service for the certificate for the use of a smart contract-based certificate,
(i) public key PubA corresponding to the user terminal, which is the terminal used by the user, (ii) identification value corresponding to the user, and (iii) smart contract SC (VcertA) corresponding to the validity condition VcertA of the certificate ) - The smart contract is source code that is compiled into executable byte code and can be executed on at least one computing device, and is configured to perform a predetermined procedure if a specific condition is satisfied during the execution - The compiled result The in-byte code BC(SC(VcertA)) is registered in the location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S(SC(VcertA)) of the smart contract SC(VcertA) ) is registered in a state database, a communication unit that obtains a smart contract certificate approval request message, which is a message requesting approval of a smart contract certificate based on the smart contract SC (VcertA); and
When the smart contract certificate approval request message is obtained, the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the approval target information TI generated for the approval request are transmitted to the user terminal or linked to the authentication support server. By supporting transmission by other devices, the user terminal signs the approval target information or its processed value TI with PrivA, a private key corresponding to the PubA, and obtains the resulting approval target information signature value. A processor that supports generating SigPrivA (TI or TI');
Including,
The processor,
When the approval target information signature value SigPrivA(TI or TI') is obtained, (i) the approval target information signature value SigPrivA(TI or TI'), (ii) the approval target information TI or its processed value TI', and (iii) determine the validity of the certificate by reference to the transaction location identifier PrivTxidA,
If the certificate is valid, (i) the approval target information signature value SigPrivA (TI or TI'), (ii) the approval target information TI or its processed value TI', and (iii) the transaction location identifier PrivTxidA are approved for the certificate. As completion record data, it supports registration in the private blockchain database or registration by other devices linked to the authentication support server, and the byte code BC(SC(VcertA)) and the state S(SC(VcertA) of the smart contract )) on the at least one computing device, and register the execution result obtained as a result of the execution in the state database as a new state S'(SC(VcertA)) or link to the authentication support server. Supports registration by other devices,
When a predetermined condition is satisfied, a specific hash value that is a hash value of the certificate approval completion record data and at least one neighboring hash value matching the specific hash value - the neighboring hash value is: (i) the public key, the identification value and a hash value calculated from the byte code, (ii) the approval target information corresponding to the approval of the certificate referred to by the specific transaction location identifier PrivTxid1, or a processed value thereof, or the destruction request information corresponding to the destruction of the certificate, or the same Message record data as a processed value, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire contents SDB registered in the state database or changes to the registered contents SDB delta (One of the hash values of (SDB) - Obtain a representative hash value generated by calculating together or a processed value of the representative hash value, and register the obtained value in a public blockchain database or link it to the authentication support server. Supports registration by other devices,
In determining the validity of the certificate, confirming whether the public key RegPubA corresponding to the user terminal and the identification value corresponding to the user are registered or supporting confirmation by another device linked to the authentication support server,
As a result of the confirmation, if it is not registered, a message indicating that the public key is not registered is transmitted or it is supported to transmit it by another device linked to the authentication support server. If it is in a registered state as a result of the confirmation, the message is sent indicating that the public key is not registered. A step of determining whether the registered RegPubA and the PubA match each other or supporting another device linked to the authentication support server to determine whether the RegPubA and the PubA do not match each other, the public key PubA is incorrect. transmits a message indicating that it is not or supports transmission by another device linked to the authentication support server, and if the RegPubA and the PubA match each other, the public key PubA is determined to be valid,
If the public key PubA is determined to be valid, determine whether the approval target information signature value SigPrivA (TI or TI') is normally signed, or support another device linked to the authentication support server to determine,
An authentication support server, characterized in that whether the approval target information signature value SigPrivA (TI or TI') is normally signed is determined with reference to the approval target information TI or its processed value TI' and the PubA. According to clause 11,
The processor,
A first representative hash value generated by calculating at least one neighboring hash value matching the hash value of the entire content SDB registered in the state database or the change delta (SDB) of the registered content SDB, or the first representative hash When the smart contract certificate approval request message is obtained while the processed value is registered in the public blockchain database, a hash operation is performed on all or the changes registered in the state database obtained from the state database. Determine whether the generated second representative hash value or a processed value of the second representative hash value corresponds to the first representative hash value or a processed value of the first representative hash value registered in the public blockchain database. Or, support other devices linked to the authentication support server to make a decision,
As a result of the determination, if the second representative hash value or a value obtained by processing the second representative hash value does not correspond to the first representative hash value or a value obtained by processing the first representative hash value, the integrity of the state database is compromised. An authentication support server characterized in that it determines that it is damaged or supports other devices linked to the authentication support server to determine that it is damaged. According to clause 11,
The processor,
(i) a public key corresponding to the user terminal, (ii) an identification value corresponding to the user, and (iii) a hash value calculated from the byte code that is the result of compiling a smart contract corresponding to the validity conditions of the certificate, and If the smart contract certificate approval request message is obtained while the first representative hash value generated by calculating at least one matching neighboring hash value or a processed value of the first representative hash value is registered in the public blockchain database , A second representative hash value generated by hashing the public key, the identification value, and the byte code registered in the private blockchain database or a processed value of the second representative hash value is registered in the public blockchain database. Determining whether the first representative hash value or a value obtained by processing the first representative hash value corresponds to the first representative hash value or supporting another device linked to the authentication support server to determine,
As a result of the determination, if the second representative hash value or a value obtained by processing the second representative hash value does not correspond to the first representative hash value or a value obtained by processing the first representative hash value, the integrity of the certificate is damaged. An authentication support server, characterized in that it determines or supports other devices linked to the authentication support server to make the decision. According to clause 11,
The processor,
An authentication support server, characterized in that, if the certificate is valid, delivering a certificate approval completion message indicating that approval of the certificate has been completed to the user terminal or supporting another device linked to the authentication support server to deliver it. As an authentication support server that destroys the certificate in the provision and use service of a smart contract-based certificate,
(i) public key PubA corresponding to the user terminal, which is the terminal used by the user, (ii) identification value corresponding to the user, and (iii) smart contract SC (VcertA) corresponding to the validity condition VcertA of the certificate ) - The smart contract is source code that is compiled into executable byte code and can be executed on at least one computing device, and is configured to perform a predetermined procedure if a specific condition is satisfied during the execution - The compiled result The in-byte code BC(SC(VcertA)) is registered in the location corresponding to the transaction location identifier PrivTxidA in the private blockchain database, and the transaction location identifier PrivTxidA and the state S(SC(VcertA)) of the smart contract SC(VcertA) ) is registered in a state database, a communication unit that obtains a smart contract certificate destruction request message, which is a message requesting destruction of a smart contract certificate based on the smart contract SC (VcertA); and
When the smart contract certificate destruction request message is obtained, the transaction location identifier PrivTxidA corresponding to the smart contract certificate and the destruction request information RR generated for the destruction request are transmitted to the user terminal or linked to the authentication support server. By supporting transmission by another device, the user terminal signs the destruction request information RR or its processed value RR' with PrivA, a private key corresponding to the PubA, and sends the resulting destruction request information. Processors that support generating the signature value SigPrivA(RR or RR')
Including,
The processor,
When the destruction request information signature value SigPrivA(RR or RR') is obtained, (i) the destruction request information signature value SigPrivA(RR or RR'), (ii) the destruction request information RR or its processed value RR', and (iii) determine the validity of the certificate by reference to the transaction location identifier PrivTxidA,
If the certificate is valid, (i) the destruction request information signature value SigPrivA (RR or RR'), (ii) the destruction request information RR or its processed value RR', and (iii) the transaction location identifier PrivTxidA are used to destroy the certificate. As completion record data, it supports registration in the private blockchain database or registration by other devices linked to the authentication support server,
When a predetermined condition is satisfied, a specific hash value that is a hash value of the certificate destruction completion record data and at least one neighboring hash value matching the specific hash value - the neighboring hash value is: (i) the public key, the identification value and a hash value calculated from the byte code, (ii) approval target information corresponding to approval of the certificate referenced by the specific transaction location identifier PrivTxid1, or a processed value thereof, or the destruction request information corresponding to destruction of the certificate, or the same. Message record data as a processed value, a signature value of the message record data, and a hash value calculated from the specific transaction location identifier, and (iii) the entire contents SDB registered in the state database or changes to the registered contents SDB delta (One of the hash values of (SDB) - Obtain a representative hash value generated by calculating together or a processed value of the representative hash value, and register the obtained value in a public blockchain database or link it to the authentication support server. Supports registration by other devices,
In determining the validity of the certificate, confirming whether the public key RegPubA corresponding to the user terminal and the identification value corresponding to the user are registered or supporting confirmation by another device linked to the authentication support server,
As a result of the confirmation, if it is not registered, a message indicating that the public key is not registered is transmitted or it is supported to transmit it by another device linked to the authentication support server. If it is in a registered state as a result of the confirmation, the message is sent indicating that the public key is not registered. A step of determining whether the registered RegPubA and the PubA match each other or supporting another device linked to the authentication support server to determine whether the RegPubA and the PubA do not match each other, the public key PubA is incorrect. transmits a message indicating that it is not or supports transmission by another device linked to the authentication support server, and if the RegPubA and the PubA match each other, the public key PubA is determined to be valid,
If the public key PubA is determined to be valid, determine whether the approval target information signature value SigPrivA (TI or TI') is normally signed, or support another device linked to the authentication support server to determine,
An authentication support server, characterized in that whether the approval target information signature value SigPrivA (TI or TI') is normally signed is determined with reference to the approval target information TI or its processed value TI' and the PubA. According to clause 15,
The processor,
Determining whether the certificate destruction completion record data indicating that the certificate has been revoked is already registered, or supporting another device linked to the authentication support server to determine,
As a result of the determination, if it is already registered, authentication is characterized in that it delivers a certificate revocation error message indicating that the certificate has failed to be revoked to the user terminal or supports delivering it to another device linked to the authentication support server. Support server. According to clause 15,
The processor,
Determine whether the PrivTxidA or its processed data obtained directly or indirectly from the user terminal is registered,
As a result of the determination, if it is not registered, authentication support is provided to the user terminal to deliver a certificate revocation error message indicating that the certificate has failed to be revoked, or to support another device linked to the authentication support server to transmit it. server.