JP2001298448A - Utilizing device for public key and utilization grant device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a public key utilizing device, by which a user belonging to a different authentication domain can use a public key of an opposite party, without the need for issuing a public key certificate, and to provide a utilization grant device. SOLUTION: When an information user terminal 1 investigates and utilizes information SK(J) with an electronic signature from an information server terminal 2, the information user terminal 1 transmits the information denoting that an authentication station authenticating the public key of the information user terminal 1 is an authentication station CA1, and the information denoting that an authentication station authenticating the public key of the information server terminal 2 is an authentication station CA2, to a certificate validity management station 3 to inquire about the grant of use. The certificate validity management station 3 performes a judgement processing 32, according to a judgement policy 31 that permits the use when the authentication station CA1 is in cooperation with the authentication station CA2, and replies the information user terminal 1 as to the permission or rejection of the use. The information user terminal 1 uses the public key C21 of the information server terminal 2 or conducts prescribed error processing.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an apparatus for using a public key which uses the public key of an information provider or an information user, and an apparatus for licensing the public key which uses the public key of an information provider or an information user. About.

[0002]

2. Description of the Related Art In recent electronic commerce, encryption and authentication techniques based on an asymmetric key scheme are indispensable.
A public key, which is one of the asymmetric keys, is used as an encryption key for encrypting information by an information provider, and a verification key used by an information provider who receives and uses digitally signed information for verification.

[0003] The public key is usually authenticated by a certificate authority trusted by the user, and the authenticated public key is electronically signed by the certificate authority, and a public key certificate (hereinafter abbreviated to a certificate as appropriate).
Issued as Further, it is general to form a hierarchical structure in which public keys of several certificate authorities are authenticated by a higher-level certificate authority and a certificate is issued. This is called a tree structure or a certification domain of a certification authority, and the highest-order certification authority is called a “root certification authority”. The public key of the root certificate authority is issued as a certificate (self-signed certificate) digitally signed by the certificate authority itself.

[0004] Usually, a root certificate authority is provided for each authentication domain such as a company, and its effective range is limited within the authentication domain. Therefore, a user who belongs to a different authentication domain exchanges information with each other. The public key authentication method becomes a problem. The authentication methods proposed so far will be described below.

(1) The first method is a self-signed certificate sharing system.

[0006] Each other has a self-signed certificate of a root certificate authority subordinated to a partner user, and communicates based on the existence of the self-signed certificate as a basis of trust.

(2) The second method is a method of setting up a new root certificate authority under the control of both users. That is, the tree structure of the certificate authority is extended to the upper side.

(3) A third method is a method (so-called cross-sert method) in which root certification authorities each having the user under their control issue certificates to each other.

As described above, according to any of the above methods,
Public keys of users belonging to different authentication domains are authenticated, and information is transmitted.

[0010]

However, as described above, a root certificate authority is provided for each authentication domain of a company or the like. There is a problem.

(1) Problems with the self-signed certificate crossover method In this method, since the self-signed certificate must be separately managed, if the number of self-signed certificates increases, the management is likely to be neglected. However, the possibility that a fake self-signed certificate is mixed cannot be denied.

(2) Problems with the method of installing a new root certificate authority In this method, there is a problem in the operation of a new root certificate authority. In other words, it is not practical to establish a third-party organization that operates a new root CA, and even if the same root CA is installed in one company, the public key of the user of the partner company is authenticated one by one. Issuing a certificate is difficult in operation.

(3) Problems of the cross-sert method This method is similar to the method of (2) in that the public key of the user of the partner company is authenticated and a certificate is issued. difficult.

That is, according to the conventional public key authentication method, the public key of the information provider or the information user can be used for encryption or digital signature verification on the other side, but a certificate must be issued. There is a problem that.

The present invention has been made in view of the above-mentioned conventional problems, and has as its object to enable users belonging to different authentication domains to use the public key of the other party without issuing a public key certificate. An object of the present invention is to provide a device for using a public key.

Further, in a network, when a public key is used, the information provider or the information user does not authenticate the public key but permits the parties to use the public key, thereby reducing the burden of the authentication process. Can be.

Therefore, another object of the present invention is to provide a public key use licensing apparatus capable of permitting users belonging to different authentication domains to use the other party's public key.

[0018]

In order to solve the above-mentioned conventional problems, an apparatus for using a public key according to the present invention according to the first aspect of the present invention comprises a certificate authority relating to a public key of an information provider and an information user. When cooperation information indicating cooperation with a certificate authority related to a public key is stored, the public key of the information user or the public key of the information provider is stored on the information provider side or the information user based on the cooperation information. It is characterized in that it is used on the side.

According to the first aspect of the present invention, an information user based on cooperation information indicating a cooperation between a certificate authority related to a public key of an information provider and a certificate authority related to a public key of an information user. By using the public key of the information provider or the public key of the information provider on the information provider side or the information user side, users belonging to different authentication domains can obtain the public key of the other party without issuing a public key certificate. It can be used for encryption or digital signature verification as legitimate.

According to a second aspect of the present invention, there is provided a public key use licensing apparatus according to the present invention, wherein the certificate authority relating to the public key of the information provider and the certificate authority relating to the public key of the information user are linked. Cooperation information storage means for storing information, and use of a public key of the information provider or a public key of the information user to the information user or information provider based on the cooperation information stored in the cooperation information storage means License means for giving permission.

[0021] In the present invention according to claim 2, the cooperation information storage means indicates cooperation between a certificate authority related to the public key of the information provider and a certificate authority related to the public key of the information user. The information is stored, and the licensing unit grants the information user or the information provider a use key of the information provider's public key or the information user's public key based on the cooperation information stored in the cooperation information storage unit. Thus, the information provider or the information user can perform encryption using a public key or verify an electronic signature without performing authentication processing.

According to a third aspect of the present invention, there is provided a public key use licensing apparatus according to the second aspect, wherein the public key licensing apparatus includes a certificate authority relating to the information provider's public key and the public key. It is characterized by having a license prohibition unit for prohibiting the license of the public key when any public key certificate of the certificate authority related to the public key of the information user has expired.

According to the third aspect of the present invention, the public key certificate of one of the certificate authority associated with the public key of the information provider and the certificate authority associated with the public key of the information user is revoked. In such a case, the use prohibition unit prohibits the use license, thereby preventing the inconvenience of using the revoked public key.

In the present invention, the certificate authority related to the public key of the information provider or the certificate authority related to the public key of the information user is not limited to the certificate authority directly authenticating each public key. , And even higher-level certificate authorities than that certificate authority.

[0025]

Embodiments of the present invention will be described below with reference to the drawings. In the following description, the public key is used as a verification key.

FIG. 1 is a diagram showing a configuration of a network system to which the embodiment of the present invention is applied. Specifically, this network system includes the Internet and LA.
N (Local Area Network).

In FIG. 1, an information user terminal 1 is a computer that uses information with an electronic signature provided from an information provider terminal 2 and has a function of inquiring for a certificate license when using the information. I have. The certificate validity management office (also referred to as a validation center) 3 is a computer that manages the validity of the certificate, manages the status (validity) of whether the certificate is valid or expired, and In the embodiment, in response to the above-mentioned inquiry from the information user terminal 1, a determination is made in accordance with a determination policy 31 that a license is granted if certification authorities trusted by each user who provides / uses information cooperate with each other. The process 32 is executed to answer. Note that the information user terminal 1 and the certificate validity management station 3 correspond to a public key using device and a use licensing device, respectively.

As for the authentication domain, the information user terminal 1 belongs to the authentication domain under the certification authority CA1, while the information provider terminal 2 belongs to the authentication domain under the certification authority CA2 different from the certification authority CA1. .

The certificate authority CA1 includes a certificate C11 for certifying the public key of the user U1 of the information user terminal 1, and a certificate authority CA.
1 issues a self-signed certificate C12 for certifying its own public key, and the information user terminal 1 holds these certificates.

The certificate authority CA2 includes a certificate C21 for certifying the public key of the user U2 of the information provider terminal 2, and a certificate authority CA.
2 issues a self-signed certificate C22 for certifying its own public key, and the information provider terminal 2 holds these certificates.

FIG. 2 is a block diagram showing the configuration of the information user terminal 1. The information user terminal 1 includes an AP unit 11 that executes an application such as a web browser, a license processing unit 12 that inquires of the certificate validity management station 3 about a certificate license, and an information user terminal 1 that includes: A certificate authority information storage unit 13 for storing information related to a trusted certificate authority is provided.

The AP section 11 includes a certificate use determination request section 111 for requesting the use permission processing section 12 to determine the use of a certificate according to the execution status of the application program, and a certificate authority for verifying the public key certificate of the certificate authority. It comprises a key verification unit 112 and a user key verification unit 113 for verifying a user's public key certificate issued by a certificate authority.

The use permission processing unit 12 receives a request from the certificate use determination request unit 111 and a use request that inquires the certificate validity management station 3 about a certificate use permission. License inquiry section 122
And a response receiving unit 123 that receives a response from the certificate validity management station 3 and notifies the certificate authority key verification unit 112 of the response.

As described above with reference to FIG. 1, the information user terminal 1 sends the application for the public key of the user U1 to the certificate authority CA1.
The certificate C11 has already been issued. It also has a self-signed certificate C12 of the certificate authority CA1. That is, the information user terminal 1 is connected to the certificate authority CA1.
Only, the certificate authority information storage unit 13 stores information that the certificate authority trusted by the information user terminal 1 is the certificate authority CA1 and that the certificate authority CA1 is usable. ing.

The information user terminal 1 has a certificate authority CA
2 has a public key certificate C21 of the user U2 of the information provider terminal 2 and a self-signed certificate C22 of the certificate authority CA2, which are issued from the information provider terminal 2. 2 and the certificate authority CA2, the information with the electronic signature from the information provider terminal 2 cannot be used.

FIG. 3 is a block diagram showing the configuration of the certificate validity management station 3. In the present embodiment, the certificate validity management station 3 stores a certificate revocation status database DB1 for managing the validity of a certificate. DB2
It has. In the certificate authority cooperation status database DB2, similar cooperation information including cooperation information E indicating that the certificate authority CA1 and the certificate authority CA2 are linked is stored. The certificate authority cooperation status database DB2 corresponds to a cooperation information storage unit.

The certificate validity management station 3 refers to the license inquiring unit 301 for accepting a certificate license inquiry from the information user terminal 1 and refers to the certificate revocation status database DB1 for certification. Certificate revocation determination unit 302 for determining whether a certificate is valid or revoked
A certificate authority cooperation determination unit 303 that refers to the certificate authority cooperation status database DB2 to determine the cooperation status of the certificate authorities;
An answer replying unit 304 is provided to send a reply based on these determinations to the information user terminal 1. The license inquiry receiving unit 301, the certification authority cooperation determining unit 303, and the answer reply unit 304 constitute a license unit. Further, the certificate revocation determination unit 302 corresponds to a license prohibition unit.

Next, the operation of the network system to which the embodiment of the present invention is applied will be described. First, the information provider terminal 2 of FIG. 1 attaches an electronic signature to the information J with a secret key SK (not shown) paired with the public key of the information provider terminal 2, and adds information SK (J) with an electronic signature. To generate the information user terminal 1
Send to

FIG. 4 is a flowchart showing processing in the information user terminal 1. In the information user terminal 1, A
In the processing in the P section 11, the information SK with the electronic signature
When verifying the electronic signature of (J) and using the information J, the certificate use determination requesting unit 111 refers to the certificate authority information storage unit 13 to determine whether the certificate authority CA2 can be trusted, in other words, It is determined whether the certificate C22 can be used (step S11). The information user terminal 1 has certificates C21 and C22 for verifying the information SK (J) with the electronic signature.
However, since the certificate authority information storage unit 13 does not store information indicating that the certificate authority CA2 that has issued the certificate can be trusted, the name of the information SK (J) with the electronic signature is stored. Cannot verify. That is, in step S11, it is determined that use is impossible, and the process proceeds to step S13.

In step S13, the use determination request receiving section 121 gives an instruction in response to a determination request from the certificate use determination request section 111 to the use determination request receiving section 121, and the license inquiring section 122 is instructed by the certificate authority. It inquires of the certificate validity management station 3 about the permission to use the self-signed certificate C22 issued from the CA2. At this time, information to the effect that the object of the license is the certification authority CA2 and information to the effect that the certification authority trusted by the information user terminal 1 is the certification authority CA1 are transmitted to the certificate validity management authority 3. . Note that the answer receiving unit 123 waits for an answer from the certificate validity management station 3 when the license inquiring unit 122 makes the inquiry.

Here, the process of the certificate validity management station 3 for this inquiry will be described. FIG. 5 is a flowchart showing the processing of the certificate validity management station 3. The license inquiry receiving unit 301 receives an inquiry from the information user terminal 1 and issues a certificate revocation determination unit 302.
Is issued, first, in step S31, the certificate revocation determination unit 302 determines whether each of the certificates C12 and C22 has been revoked with reference to the certificate revocation status database DB1. I do. Here, if any one of the certificates has been revoked, the credibility of the certificate C12 or C22 is denied, and in step S33, the response reply unit 304 sends the certificate C22 to the information user terminal 1.
Answer that the user is not allowed to use (cannot use).

On the other hand, in step S31, when the certificate revocation determination unit 302 determines that both the certificate C12 and the certificate C22 are valid, the process proceeds to step S35, where the certificate authority cooperation determination unit 303 By referring to the cooperation information stored in the certificate authority cooperation status database DB2, it is determined whether or not the certificate authority CA1 and the certificate authority CA2 are linked. Here, the cooperation information E indicating the cooperation between the certificate authority CA1 and the certificate authority CA2 is stored in the certificate authority cooperation status database DB2.
, The credibility of the certificate C22 is affirmed. In step S37, the response reply unit 304 replies to the information user terminal 1 with the license of the certificate C22.

On the other hand, if the link information E is not stored and therefore it is determined in step S35 that the respective certificate authorities are not linked, the credibility of the certificate C22 is denied, and In S33, the response reply unit 304 makes a response indicating that the use of the certificate C22 is not permitted (cannot be used). Then, the certificate validity management station 3 performs step S33.
Alternatively, the process ends with the answer in step S37.

Returning to FIG. 4, the description of the processing in the information user terminal 1 will be continued. When receiving an answer from the certificate validity management station 3, the answer receiving unit 123 determines in step S15 whether the answer is a use permission answer. Here, when it is determined that the answer is a license agreement (YES).
In step S17, the response receiving unit 123 notifies the certificate authority key verification unit 112 of the AP unit 11 of the response. In step S17, the certificate authority key verification unit 112 verifies the certificate C22 and
Obtain the public key of A2. Subsequently, in step S19,
The user key verification unit 113 verifies the certificate C21 to obtain the public key of the user U2 of the information provider terminal 2. Therefore, the AP unit 11 can verify and use the information with the electronic signature.

In step S11, the certificate C
When it is determined that the certificate No. 22 is usable, there is no need to inquire of the certificate validity management bureau 3 about a license to use the certificate validity management station 3. Therefore, the processes in steps S17 and S19 are performed to obtain a public key.

If it is determined in step S15 that the response is not a response to the license (NO), the process proceeds to step S15.
At 21, a predetermined error processing is performed.

In the above description, the public key is used as an authentication key when authenticating an electronic signature. However, since the public key is also used as an encryption key when encrypting a plaintext into a ciphertext, FIG. By providing the configuration 2 in the information provider terminal 2, the same effect as described above can be obtained when using a public key for encryption.

As is apparent from the above description, according to the embodiment of the present invention, the information user terminal 1 or the information provider terminal 2 corresponding to the public key using device uses the information provider public key as the key. The public key of the information user or the public key of the information provider is provided to the information provider or to the information use based on the link information E indicating the link between the related certificate authority CA2 and the certificate authority CA1 related to the information user's public key. Is used by the party, so that users belonging to different authentication domains can use the other party's public key as a valid one for encryption or digital signature verification without issuing a public key certificate. it can.

Further, in the certificate validity management station 3 corresponding to the public key use permission device, the certificate authority cooperation status database DB2 corresponding to the cooperation information storage means relates to the public key of the information provider. It stores cooperation information E indicating the cooperation between the certificate authority CA2 and the certificate authority CA1 related to the public key of the information user, and receives a license inquiry receiving unit 301, a certificate authority cooperation determination unit 303, and a reply reply corresponding to a license unit. The unit 304 gives the information user or the information provider the public key of the information provider or the use license of the public key of the information user to the information user or the information provider based on the cooperation information E stored in the cooperation information storage means (DB2). Therefore, the information provider or the information user can perform encryption using a public key or verify an electronic signature without performing authentication processing. as a result,
The burden of the authentication process on the terminal of the party providing / using information is reduced.

In particular, the certificate revocation judging unit 302 corresponding to the license prohibition unit prohibits the license of the public key when the certificate CA22 of the certificate authority related to the public key to be used is revoked. Therefore, the inconvenience of using the revoked public key can be prevented beforehand.

In this embodiment, the public key of the partner is determined based on the cooperation information between the certificate authorities (CA1 and CA2) that directly authenticate the public key of the information provider and the public key of the information user. In the present invention, a certificate authority that directly authenticates each public key is used as a certificate authority related to the information provider or the public key of the information user. Not only that, but also a certificate authority higher than that certificate authority can be included.

[0052]

As described above, according to the first aspect of the present invention,
According to the public key using apparatus according to the present invention, the public key is used based on the stored cooperation information, so that a user belonging to a different authentication domain can use the public key of the partner without issuing a public key certificate. Can be used as valid. As a result, encryption or verification of an electronic signature can be performed safely.

Further, according to the public key use licensing apparatus according to the second aspect of the present invention, the use of the public key is permitted based on the stored coordination information, so that the load on the public key authentication process is reduced. Is done.

According to the public key licensing apparatus of the third aspect of the present invention, the license is prohibited when the public key certificate of the certificate authority is revoked. The inconvenience of using the key can be prevented beforehand.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration of a network system to which an embodiment of the present invention is applied.

FIG. 2 is a block diagram showing a configuration of the information user terminal 1.

FIG. 3 is a block diagram showing a configuration of a certificate validity management station 3;

FIG. 4 is a flowchart showing processing of the information user terminal 1;

FIG. 5 is a flowchart showing processing of the certificate validity management station 3;

[Explanation of symbols]

 REFERENCE SIGNS LIST 1 information user terminal 2 information provider terminal 3 certificate validity management station 11 AP unit 12 license processing unit 13 certificate authority information storage unit 111 certificate use determination request unit 112 certificate authority key verification unit 113 user key verification unit 121 Usage determination request receiving unit 122 License inquiring unit 123 Answer receiving unit 301 License inquiring receiving unit 302 Certificate revocation determining unit 303 Certificate authority cooperation determining unit 304 Response returning unit C11, C12, C21, C22 Public key certificates CA1, CA2 Certificate Authority DB1 Certificate Revocation Status Database DB2 Certification Authority Cooperation Status Database E Cooperation Information J Information SK (J) Information with Electronic Signature

 ──────────────────────────────────────────────────続 き Continuing on the front page (72) Inventor Hiroshi Muto 1-6-6 Uchisaiwaicho, Chiyoda-ku, Tokyo NTT Communications Corporation (72) Inventor Masakazu Shimada Uchisaichicho, Chiyoda-ku, Tokyo No. 1-6, NTT Communications, Inc. (72) Inventor Katsutoshi Watanabe 1-6-1, Uchisaiwaicho, Chiyoda-ku, Tokyo F-term, NTT Communications Inc. (Reference) 5B017 AA07 BA07 CA16 5J104 MA02 MA06 MA07

Claims (3)

[Claims] When link information indicating a link between a certificate authority related to a public key of an information provider and a certificate authority related to a public key of an information user is stored, the information is based on the link information. An apparatus for using a public key, wherein the information provider or the information user uses the user's public key or the information provider's public key. 2. Cooperation information storage means for storing cooperation information indicating cooperation between a certificate authority associated with a public key of an information provider and a certification authority associated with a public key of an information user; A public key usage permitting device for providing the information user or the information provider with a license of the information provider's public key or the information user's public key based on the cooperation information stored in the public key. 3. Use of the public key when one of the public key certificates of the certificate authority associated with the public key of the information provider and the certificate authority associated with the public key of the information user has expired. 3. The public key use permission device according to claim 2, further comprising a use permission prohibition unit for prohibiting permission.