JP2000134194A - Confidential information storage method, its system and electronic bidding system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an electronic bidding system in which forgery or the like of bid information can be prevented without the use of a 3rd party agency. SOLUTION: This electronic bidding system 1 consists of a plurality of supply devices (information processing units) 20 which take part in bids and a purchaser side device (information processing unit) 10 that opens a bit based on bid information. Each of the supply devices 20 informs the purchaser side device 10 of a specific encryption key respectively, encrypts the bid information of its own device by using all encryption keys including that of its own device acquired at the same time and transmits the encrypted bid information and a decoding key to the purchaser side device 10. The purchaser side device 10 opens all the encryption keys at a prescribed period, acquires the encrypted bid information and the decoded key at the same time from all the supply devices 20 corresponding to the opening and uses them for bit opening, by decoding the encrypted bit information by all the decoding keys.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION The present invention relates to a technique for securely keeping secret information used between a plurality of parties, for example.
And an electronic bidding system to which this technique is applied.

[0002]

2. Description of the Related Art An information processing apparatus operated by an organizer who sponsors a bid (hereinafter referred to as a "procurement apparatus") and an information processing apparatus operated by a plurality of participants participating in the bid (hereinafter referred to as a "supply side"). An electronic bidding system is known in which the electronic bidding is performed by connecting the device to a device via the Internet, for example. In this type of electronic bidding system, it is a major problem to hold a bid form (a bid participation application form), which is confidential information, without being tampered with until a bid opening time is reached. Therefore, conventionally, when the bidding procedure is digitized, two methods, a "time key method" and a "common key method", have been adopted, thereby trying to prevent tampering within a certain time.

[0003] The "time key method" manages a public key for encrypting information and a corresponding private key by a trusted third party (hereinafter referred to as "TT").
P "). That is, a public key and a corresponding secret key are generated by TTP, and the TTP publishes the public key in response to a request from the procurement-side device. The procurement-side device passes the public key to each of the supply-side devices that make a bid application.
The supply-side device encrypts the bid document with the passed public key, and submits the encrypted bid document (hereinafter, “encrypted bid document”) to the procurement-side device. The TTP also manages the bidding time, and issues a secret key to the procurement-side device when the time has been reached. As a result, the procurement-side device decrypts the encrypted bid document with the secret key, and provides the decrypted bid document for bid opening. By using this time key method, no one can know the contents of the bid information until the bidding time is reached. Further, it is possible to prevent the procurement-side device from being tampered with after the opening of the tender due to the advance disclosure of the hash value of the bid book.

[0004] On the other hand, the "common key distribution method" is a method in which a unique common key is used for each supply side device. That is, a common key is held in each of the supply-side devices, and an encrypted bid document encrypted with the common key is submitted to the procurement-side device. At the opening time, the supply-side device autonomously passes its own common key to the procurement-side device. Using this common key, the procurement-side device
Decrypt the encrypted bid book and open the bill. By using the common key distribution method, the procurement-side device cannot know the contents of the bidding information until the bidding time is reached. Further, it is possible to prevent the procurement-side device from being tampered with after the opening of the tender due to the advance disclosure of the hash value of the bid book.

[0005]

However, each of the above methods has the following problems. First, in the time key method, the existence of TTP for managing keys is indispensable. Also, without TTP, it is not possible to set the bill opening times. Also, with the shared key distribution method, it is difficult to guarantee the same time ticket opening, and in order to realize this, it is necessary to transmit each common key to multiple supply side devices to the procurement side device at the same time. It is necessary to devise the operation form such as requesting. In addition, the supply-side device requires two transmission operations, that is, transmission of the encrypted bid document to the procurement-side device and transmission of the common key at the time of opening the bid, which takes time and effort.

Accordingly, an object of the present invention is to provide a secret information holding method capable of reliably preventing tampering of secret information without using a third party organization such as TTP. . Another object of the present invention is to provide a secret information holding system suitable for implementing the above secret information holding method and an electronic bidding system to which the method is applied.

[0007]

According to the present invention, there is provided a method for holding secret information, comprising the steps of: encrypting secret information using all of a plurality of encryption keys released at the same time; Decrypting the secret information at the same time with all decryption keys corresponding to the encryption keys. As a result, since the decryption cannot be performed unless a plurality of decryption keys are prepared at the same time, the security of the secret information can be ensured. Note that the “period” here does not necessarily have to be the same time, and if it is a fixed time, it corresponds to the same period.

A confidential information holding system according to the present invention for solving the above-mentioned other problems encrypts confidential information with encryption keys obtained from all of a predetermined number of devices each holding a unique encryption key and a corresponding decryption key. Means for decrypting the encrypted secret information with decryption keys obtained from all of the predetermined number of devices, and performing the decryption only when the predetermined number of decryption keys exist at the same time. It is characterized in that In order to further secure the security of the secret information, the first means is configured to add a digital signature to the secret information before encryption,
The second means is configured to determine the validity of the digital signature after decryption.

This confidential information holding system includes, for example, one of the following first and second information processing apparatuses. The first information processing device includes an encryption unit that encrypts secret information based on encryption keys obtained from all of a predetermined number of devices each having a unique encryption key and a corresponding decryption key; At least one of decryption means for decrypting the encrypted secret information based on decryption keys obtained from all of the number of devices, and performing the decryption only when the predetermined number of decryption keys exist at the same time. It is characterized in that

The second information processing device is a device that holds a unique encryption key and a corresponding decryption key, and encrypts secret information with encryption keys obtained from all of a predetermined number of devices including its own device. Sending the encryption key of its own device to the encrypting means, and sending the decryption key of its own device to the decrypting means for decrypting the encrypted secret information with the decryption key obtained from the predetermined number of devices. And the decryption is permitted only when the predetermined number of decryption keys exist at the same time.

An electronic bidding system according to the present invention for solving the above-mentioned other problems has a plurality of first devices participating in bidding and a second device for opening a bid based on bid information from the plurality of first devices.
And the first device notifies the second device of a unique encryption key, and transmits the bidding information of the own device using the encryption keys of all the first devices including the own device acquired at the same time. First means for encrypting and transmitting the encrypted bid information and a decryption key corresponding to the encryption key to a second device, wherein the second device transmits all of the first devices at a predetermined time. The encryption key is made public, and the encrypted bid information and the decryption key are simultaneously obtained from all the first devices in response to the disclosure, and the encrypted bid information is obtained using all the decryption keys. There is provided a second means for decrypting and providing the decrypted bill. The second device is provided with third means for presenting, as necessary, the main part information of the bill opening to the first device in real time.

In the present invention, key generation and delivery thereof may be performed by a public key system, a secret key system, or a common key system.

[0013]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An embodiment in which the secret information holding method of the present invention is applied to an electronic bidding system using the Internet will be described below with reference to the drawings. FIG.
1 is a configuration diagram of an electronic bidding system according to the present embodiment. The electronic bidding system 1 includes a procurement-side device 10 and a plurality of supply-side devices 20.

The procurement-side device 10 includes an operating system (hereinafter, referred to as an “OS”) 11 and a transmission control protocol / integration (TCP / IP) as its protocol.
rnetProtocol), HTTP (Hyper Text Transfer P)
rotocol), SMTP (Simple Mail Transfer Proto)
col) that supports the functions of a mail client 12, a web server 13, and a mail server 14.

The mail client 12 receives a mail from, for example, the supply side device 20, and the web server 13 publishes information on its own web which can be browsed on the supply side 20. The mail server 14
For example, a mail is sent to the supply side device 20. For example, a well-known S / MIME (Se
curity Services for MIME) method. Thereby, security of the transmission content can be ensured. The names of the functions 12 to 14 are given for convenience in describing the contents of the functions in the present embodiment.

The procurement-side apparatus 10 also has a dedicated application 15 for enabling an electronic bidding procedure using the OS 11 and the functions 12 to 14 described above. This dedicated application 15 cooperates with the OS 11 in various modules shown in FIG. 2, that is, a bid permission module 151, an e-mail transmission command module 152, a web publication command module 153, a bid acceptance module 154,
Decryption key storage module 155, open bid determination module 15
6, bill opening module 157, decryption module 158,
The display module 159 is formed. In FIG. 2, reference numerals (1) to (16) show the flow of processing between the modules.

The function contents of each of the modules 151 to 159 are as follows. Bid permission module 151
When an e-mail is received through the e-mail client 12 (symbol (1)), the e-mail transmission instruction module 152 instructs the e-mail transmission source, that is, the supply-side apparatus 20, to transmit a bid participation permission e-mail and to disclose an encryption key. (Sign (2)). Further, it instructs the web server 13 via the web publishing instruction module 153 to display that the key has been released or the deadline has passed (references (3) and (4)). Until the deadline, the processes of reference numerals (1) to (3) are repeated.

The bid receiving module 154 sends a bid receiving phase shift notification (reference numeral) from the bid permitting module 151.
(5)), the decryption key and the encrypted bid document for each supply-side apparatus 20 are received through the mail client 12 (code
(6)), the decryption key is passed to the decryption key storage module 157 (code (7)). In addition, an inquiry is made to the billing determination module 155 as to whether or not all the supply-side devices 20 participating in the bidding are completed (reference numeral (8)). When a notification of completion is received (reference numeral (10)), A notice of transition to the bid opening phase is sent to the bid opening module 157 together with the encrypted bid documents of all the supply-side devices 20 (reference (11)).

The bid opening determination module 155 knows the number of the supply side devices 20 participating in the bidding, and transmits a bid opening notification mail to all the supply side devices 20 through the mail transmission command module 152 and the mail server 14 ( Sign (9)). Further, the number of receptions (the number of decryption keys and encrypted bid documents) from the bid receiving module 154 is compared with the number of e-mail destinations, and if they match, the above notification is returned to the bid receiving module 154 (code (10)). ).

The bid opening module 157 acquires the decryption keys of all the supply-side apparatuses 20 from the decryption key storage module 156 in response to the opening phase shift notification (codes (12) and (1)).
3)), and pass it to the decryption module 158 together with the encrypted bid documents of all the supply devices 20 (code (14)). When the decrypted bid book is received from the decryption module 158 (symbol (15)), a successful bid is made, and information on the main part, such as the lowest price (excluding the company name) and the necessity of re-bid, is displayed. It is displayed on the web through the module 159 and the web server 13 (reference numeral (16)).

Returning to FIG. 1, the supply side device 20
And TCP / IP, HTT as the protocol
Mail client 22 supporting P, SMTP,
This is an information processing apparatus having the functions of a web browser 23 and a mail server 24.

The mail client 22 receives a mail from the procurement-side apparatus 10, for example. The web browser 23 is, for example, an SSL (Secure Socket Layer).
It is for browsing and acquiring information published on the corresponding web. The mail server 24 is for sending a mail to the procurement-side apparatus 10, for example. The mail transmission is performed using, for example, the S / MIME method. In addition,
These function names are also given for convenience in the present embodiment.

The supply-side device 20 also has the functions 22
, A dedicated application 25 for enabling an electronic bidding procedure. The dedicated application 25 cooperates with the OS 21 in various modules shown in FIG. 3, that is, a bid participation application module 251, a key pair creation module 252, and a mail transmission instruction module 2
53, a key acquisition module 254, a bid book creation module 255, and an encryption module 256. In FIG. 3, reference numerals (1) to (11) show the flow of processing between the modules.

The functional contents of each of the modules 251 to 259 are as follows. Bid participation application module 25
1 is a key pair for a participating case, that is, a pair of an encryption key and a decryption key, when information on a case to be bid (hereinafter referred to as “case information”) is confirmed through the web browser 23 (code (1)). Is received from the key pair creation module 253 (codes (2) and (3)). Then, the encryption key and the bid participation application are sent to the mail transmission command module 252 and the mail server 2.
4 to the procurement-side apparatus 10 (reference numeral (4)). If participation is permitted, the key acquisition module 254 is notified of the shift of the key acquisition phase (reference numeral (5)).

The key acquisition module 254 acquires the public encryption key through the web browser 23 (reference numeral (6)), and when the encryption keys of all the supply-side apparatuses 20 have been acquired, the bid document creation module 255. Is notified to the tender book creation phase (reference (7)). In addition, in response to a request from the encryption module 256, all the obtained encryption keys are presented (codes (9) and (10)).

The bid book creation module 255 creates the bid book created upon receipt of the notification of the transition to the bid book creation phase, and requests the encryption module 256 to encrypt the bid book (reference (8)). If the encryption module 256 receives the presentation of the encrypted bid document encrypted with all the encryption keys (reference (11)), it sends it to the mail transmission command module 2
52 and the mail server 24 to transmit to the procurement-side apparatus 10 (reference numeral (12)).

Next, an operation mode of the electronic bidding system 1 configured as described above will be specifically described with reference to FIG. <Bid Participation Application Phase> First, the procurement-side apparatus 10 discloses case information on the web (T1). Supply side device 20
Creates the pair of the encryption key and the decryption key when each of them knows the case information through the web browser 23 of the own device. These keys are specialized for each case information and will not be used after the bidding. Thereafter, the encryption key of the key pair is transmitted to the procurement-side apparatus 10 by e-mail using the S / MIME method (K1, K2). At the same time, it sends an application form (electronic information) for bid participation and waits for permission for bid participation.

The procurement-side apparatus 10 transmits a notice of participation to the supply-side apparatus 20 by e-mail, and publishes the encryption key of the supply-side apparatus 20 on the web via the web server 13 (T2). This processing (K1 to T2)
Repeat until the deadline for bid participation has come. At this time, the procurement-side apparatus 10 discloses the bidding participation status on the web in real time. Thus, each supply-side device 20 can know how much participation has been made in the case information. When the deadline for participating in the bidding has been reached, the procurement-side apparatus 10 discloses this fact on the web (T3).

<Bid Accepting Phase> When the supply-side device 20 permitted to participate knows the bid participation deadline through the web browser, the supply-side device 20 exchanges the encryption keys of all other competing supply-side devices 20 through the SSL-compatible web browser 23. Acquire (K3, K4). In addition, a bid is prepared in which the proposed price and the name of the user are described (K5), and the bid is written in a predetermined order with all the encryption keys (for example, the encryption key for company A → the encryption key for company B →
Encrypt with a C company encryption key ...) to create an encrypted bid book. Thereafter, this encrypted bid document and its own decryption key are transmitted by mail to the procurement-side apparatus 10 in the form of E / MIME (K
6). These processes (K3 to K6) are executed in all the supply side devices 20.

The procurement-side apparatus 10 publishes the bid reception status on the web in real time and stores the received decryption key of the supply-side apparatus 20 (T4). Also, whether or not bids can be opened, that is, all the supply-side devices 2 participating in the bidding
From 0, it is determined whether or not the decryption key and the encrypted bid document have been prepared (T5). When the decryption keys and the like have been prepared, the fact that the operation will shift to the bid opening phase is disclosed on the web.

<Bid Opening Phase> In the bid opening phase, a bid opening notification is transmitted by mail from the procurement-side apparatus 10 to each supply-side apparatus 20. The procurement-side apparatus 10 also decrypts each encrypted bid document with all decryption keys in the reverse order of encryption (... decryption key for C company → decryption key for B company → decryption key for A company) ( T6).
At this point, the procurement-side apparatus 10 can visualize the proposed price or the like for the first time, and that time becomes the bidding time, so that the procurement-side apparatus 10 cannot set the bidding time to any time.

Then, the main part information of the successful bid is disclosed on the web, and a necessary subsequent procedure, for example, when a successful bid is made, an e-mail is sent to the corresponding supply side device 20 or when a bid is made again, A public release to that effect is made (T7).

When the supply-side apparatus 20 refuses after submitting the cryptographic bidding form, it is preferable to have the bidding rejection form (electronic information) and the decryption key submitted. When there are a large number of supply-side devices 20 participating in the bidding, the supply-side device 20 is arbitrarily divided into several groups, and the above-described encryption and decryption are performed for each group, and the electronic The processing can be reduced.

As described above, in the electronic bidding system 1 of the present embodiment, since the electronic bidding procedure can be performed through the Internet L, it is not necessary for the participants to go to the procurement side. Moreover, if all keys are not available, the contents of the bid information cannot be grasped, and the status of receiving bids and the results of bids will be disclosed on the web in real time, giving bidders a strong sense of realism and transparency. You can appeal to.

Further, unlike the conventional method, the tampering of the bid information can be reliably prevented without using TTP, and the bidding times can be aligned, so that the fairness of the bid can be maintained. Become. In addition, there is an advantage that transmission from each supply-side device 20 to the procurement-side device 10 can be performed only once.

The above is an example of the system configuration in the case where the TTP is not used. From the viewpoint of effectively preventing tampering of the bid information, in particular, tampering after bid opening, the TTP is used to manage the encryption key and the decryption key. It can be used in another form.
That is, before the bidding document is encrypted by the supply-side device 20, a digital signature is added to each of the bidding documents.
In this case, the procurement-side apparatus 10 obtains the key from the TTP and checks the validity of the digital signature.

In the present embodiment, an example is shown in which the procurement-side apparatus 10 and the supply-side apparatus 20 are connected via the Internet L. However, an embodiment in which both apparatuses are connected via a wide area network other than the Internet or a local network is used. Is also possible. Further, a key, an encrypted bid document, or the like may be delivered using a portable medium instead of a network. In this case, the mail means is not required, but a large-sized view system instead of the web will be required.

Further, the present invention is mainly focused on the fact that secret information can be decrypted only when all decryption keys corresponding to a plurality of encryption keys are prepared at the same time. Examples are possible. For example, the present invention can be applied to a will system using secret information as a will. That is, after a digital signature is added to a will, it is encrypted in a predetermined order with an encryption key assigned to a plurality of heirs. Then, when all the heirs' decryption keys are prepared, the encrypted will is decrypted by the reverse procedure of the encryption, and the validity of the digital signature is determined. This allows
The falsification of the will will be reliably prevented.

[0039]

As is apparent from the above description, according to the present invention, the content of the secret information can be visualized only when all the keys for the parties relating to the secret information are available. This has a unique effect that the security of the device can be significantly improved.

[Brief description of the drawings]

FIG. 1 is a configuration diagram showing an embodiment of an electronic bidding system to which the present invention is applied.

FIG. 2 is an explanatory diagram showing a relationship between various modules included in the procurement-side apparatus according to the embodiment.

FIG. 3 is an explanatory diagram illustrating a relationship between various modules included in a supply-side device according to the embodiment.

FIG. 4 is a sequence chart showing an operation procedure from bidding to bid opening in the electronic bidding system of the embodiment.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Electronic bidding system 10 Procurement side device 151 Bid permission module 152 E-mail transmission command module 153 Web publication command module 154 Bid reception module 155 Decryption key storage module 156 Opening judgment module 157 Opening module 158 Decryption module 159 Display module 20 Supply side device 251 Bid participation application module 252 Key pair creation module 253 E-mail transmission instruction module 254 Key acquisition module 255 Bid book creation module 256 Encryption module L Internet

 ────────────────────────────────────────────────── ─── Continuing on the front page (72) Inventor Hiroshi Demoto 3-3-3 Toyosu, Koto-ku, Tokyo F-term in NTT Data Corporation (reference) 5B049 AA05 BB36 CC05 CC08 EE03 FF03 FF04 GG04 GG07 GG10 5J104 AA01 EA01 EA16 JA03 JA21 PA07 PA17

Claims (7)

[Claims] 1. A process for encrypting secret information using all of a plurality of encryption keys released at the same time, and simultaneously encrypting the encrypted secret information with all decryption keys corresponding to the encryption keys. Decrypting the secret information. 2. A first means for encrypting secret information with encryption keys obtained from all of a predetermined number of devices each having a unique encryption key and a corresponding decryption key, and all of the predetermined number of devices. And second means for decrypting the encrypted secret information with a decryption key obtained from, wherein the decryption is permitted only when the predetermined number of decryption keys exist at the same time. Confidential information storage system. 3. The first means is configured to add a digital signature to the secret information before encryption, and the second means is configured to determine the validity of the digital signature after decryption. The secret information holding system according to claim 2, wherein the secret information holding system is configured as follows. 4. An encryption means for encrypting secret information based on encryption keys obtained from all of a predetermined number of devices each having a unique encryption key and a corresponding decryption key, and said predetermined number of devices. Having at least one of decryption means for decrypting the encrypted secret information based on the decryption key obtained from all of the above, and permitting the decryption only when the predetermined number of decryption keys exist at the same time. An information processing apparatus characterized in that: 5. An encryption device that holds a unique encryption key and a decryption key corresponding thereto, and encrypts secret information with encryption keys obtained from all of a predetermined number of devices including its own device. Transmitting the encryption key of the own device, and transmitting the decryption key of the own device to decryption means for decrypting the encrypted secret information with a decryption key obtained from the predetermined number of devices, An information processing apparatus, wherein the decryption is permitted only when the predetermined number of decryption keys exist at the same time. 6. A system comprising: a plurality of first devices participating in a bid; and a second device for opening a bid based on bid information from the plurality of first devices, wherein each of the first devices has a unique encryption code. Notifying the key to the second device, encrypting the bid information of the own device with the encryption keys of all the first devices including the own device acquired at the same time, and corresponding to the encrypted bid information and the encryption key. And transmitting the decryption key to the second device. The second device publishes the encryption keys of all the first devices at a predetermined time and all the crypt keys corresponding to the disclosure. A second device that acquires the encrypted bid information and the decryption key from one device at the same time, decrypts the encrypted bid information with all the decryption keys, and provides the decrypted bid information to the bid opening. Do
Electronic bidding system. 7. The electronic bidding system according to claim 6, wherein said second device has a third means for presenting information on a main part of the bill opening to the first device in real time.