JP2002190796A - Electronic mail device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To automatically register a disclosed key necessary for a disclosed key data base without imposing burden on a manager of an electronic mail (e-mail) device shared by plural users. SOLUTION: The e-mail device 10 realizes a disclosed key verification means for verifying the availability of a disclosed key attached to a received e-mail, an address judgment means for judging whether a mail address corresponding to the disclosed key attached to the e-mail exists in an address/disclosed key storage means or not and a disclosed key registration means for registering the disclosed key in the address/disclosed key storage means corresponding to the mail address when the availability of the disclosed key is judged by the disclosed key verification means and the existence of the mail address corresponding to the disclosed key in the disclosed key storage means is judged by the address judgment means by a program to be carried out by a CPU 11.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to an electronic mail apparatus for transmitting and receiving an encrypted electronic mail using a public key cryptosystem, and more particularly to registration management of a public key corresponding to a destination mail address. It is about.

[0002]

2. Description of the Related Art In recent years, Internet facsimile apparatuses for transmitting and receiving image data on the Internet using electronic mail have been put to practical use. In this Internet facsimile machine, image data is TIFF (Tag
ged Image File Format) attached to an email. The technical contents of the Internet facsimile apparatus are specified in RFCs (Request For Comments) 2301 to 2306 issued by the Internet Engineering Task Force (IETF), which is a standardization organization of Internet technology.

[0003] With the spread of the Internet, electronic mail devices such as Internet facsimile machines have been used in business and electronic commerce sites.

However, since e-mails are sequentially stored and transferred to destinations via an unspecified number of mail servers on the Internet, e-mails can be eavesdropped on communication paths on the Internet or mail servers on the way. Falsification,
There is a risk of sender spoofing, and e-mail devices such as Internet facsimile devices
There was a problem when using it in business or e-commerce sites.

As a method of solving this problem, there is a method of using an encrypted electronic mail using a public key encryption technology, a common key encryption technology, or a message digest technology. By using the encrypted e-mail, it is possible to realize functions of e-mail encryption, falsification detection, and sender authentication in an e-mail device such as an Internet facsimile device.

[0006] Conventionally, encrypted e-mails are MIME (Mul
S / MIME (Secure MIME) that can handle encrypted e-mail using the tipurpose Internet Mail Extension
ME) and PGP / MIME (Pretty Good Privacy MIME) are widely used.

[0007] S / MIME is currently in version 2 and version 3, and its technical content is described in RFC 2311 of the IETF, respectively.
RFRFC2312 and RFC2632 to RFC2633.
The technical contents of PGP / MIME are defined in IETF RFC1991,2015.

[0008] Among them, S / MIME is the International Telecommunication Union (I
Utilizes the public key infrastructure of Recommendation X.509 specified by the International Telecommunication Union (TU), and is adaptable for use in the field of business and e-commerce. X.50
9 In the public key infrastructure, the correspondence between the names and e-mail addresses of users and devices called entities and public keys is
(CA: Certificate Authority) guarantees that the certificate authority issues a public key certificate that digitally signs the entity name, e-mail address, and public key with the certificate authority's private key.

[0009] On the other hand, unlike S / MIME, PGP / MIME guarantees the correspondence between the name or e-mail address of an entity that is a user or a device and a public key, not by a certificate authority but by another entity as an authenticator. Is used,
It is adaptable to easily use encrypted e-mail in small groups and organizations.

When encrypting the contents of an e-mail and sending it to a destination by using an encrypted e-mail function such as S / MIME or PGP / MIME, a public key of the destination corresponding to the destination is required.

Here, as a method of obtaining the public key of the destination, a method of obtaining the public key of the destination attached to the e-mail received from the destination such as a signed e-mail, and a method of obtaining the public key of the destination from the public key server outside the apparatus. There is a way to get it.

According to the method, when an e-mail attached with a public key is received, the validity of the public key is verified, and if it is valid, the public key is stored in its own public key database. When an electronic mail is encrypted and transmitted to the destination, the electronic mail is used with reference to the public key stored in the public key database of the own device.

In this method, the public key of the destination is stored in the public key database of the own device. Therefore, there is an advantage that the overhead related to the acquisition of the public key is small as compared with the method. It is necessary to prepare the necessary public key.

According to the method, each time an electronic mail is encrypted and transmitted to a destination, an external public key server is accessed, a public key of the destination is obtained from the public key server, and its validity is verified. Then use it.

In this method, only the authenticator's public key and the public key of the own device need to be stored in the public key database of the own device, and the public key of the transmission destination of the e-mail is stored on the device side. Since there is no necessity, there is an advantage that the capacity of the public key database of the device can be reduced as compared with the method, but since the e-mail must be encrypted and sent to the destination, the public key server must be accessed. There is a problem that overhead involved in accessing the public key server is large. Further, there is a possibility that the public key cannot be obtained and the encrypted e-mail cannot be transmitted due to the failure or load concentration of the public key server. Therefore, the method is usually used in combination with the above method.

Conventionally, for example, as an S / MIME compatible e-mail device, US Netscape Communications Corporation
Netscape Messenger and Microsoft Corporation
There is application software (generally called a mailer) that runs on a personal computer such as Outlook Express of the company.

With these application software,
When a user performs a signature confirmation operation upon receiving a signed e-mail containing a public key certificate, the user is confirmed whether to register the public key certificate in a certificate database, If you accept the registration, the public key certificate will be registered in the mailer's certificate database, and when you send encrypted mail to the destination, the public key certificate in the certificate database will be Use

Japanese Patent Application Laid-Open No. 2000-49850 discloses that a public key of a destination is first searched in a public key database of its own device, and only when it is not found there, a public key is retrieved and obtained from an external public key server. An electronic mail transmission device capable of performing an offline mail transmission operation is disclosed.

[0019]

In the above-described conventional e-mail apparatus, it is assumed that the user operates the e-mail reception like a personal computer or a mobile computer. When an e-mail with a public key attached is received, a decision is made as to whether or not to register the public key in one's own public key database. The management of the public key database, such as deleting from the public key, is performed by the user every time.

However, in an electronic mail apparatus such as an Internet facsimile apparatus in which a plurality of users share the apparatus, it is assumed that the apparatus automatically processes the reception of the electronic mail without the intervention of the user. Has become. For this reason, each time the device receives an e-mail with a public key attached, the administrator decides whether to register the public key in the device's public key database, or the administrator Performing public key database management, such as checking the public key database of the device for a revoked public key and deleting the revoked public key, is a heavy burden on the administrator, and is virtually impossible to execute. There is.

As a method for solving this problem, there is an electronic mail apparatus in which when an electronic mail to which a public key is attached is received, all the public keys are automatically registered in a public key database of the own apparatus. However, in this case, until the administrator deletes unnecessary public keys from the public key database of the device, unnecessary public keys are registered in the public key database of the device more and more. There is a problem in that the capacity is exhausted, and a large amount of unnecessary public keys are registered, so that it takes a lot of time to search for a desired public key.

Further, in a conventional electronic mail apparatus, even if a public key database is provided inside the apparatus and a public key can be obtained from an external public key server, the public key database of the apparatus is stored in the public key database. The public key of the destination is obtained from the external public key server only when the public key of the desired destination does not exist, or the user specifies the destination one by one from the external public key server and stores the public key in the device. Can only be registered in the public key database of the public key database, so frequently receive e-mails with the public keys of all the destinations to be used, or specify the destinations one by one If the public key database is not registered from the external public key server to the public key database of the device, the public key database of the device will be stored even if all necessary public keys are stored in the external public key server. A problem arises in that the public key required for the source cannot be registered.

The present invention has been made in view of such a problem, and has as its object to provide a public key database of an electronic mail device without burdening an administrator of the electronic mail device shared by a plurality of users. It is an object of the present invention to provide an electronic mail device capable of automatically setting and registering only a public key necessary for the electronic mail.

Another object of the present invention is to automatically manage a public key database so that only a valid public key is stored in a public key database of an electronic mail device without burdening an administrator. Is to provide an e-mail device capable of doing so.

[0025]

In order to achieve the above object, in the electronic mail apparatus according to the present invention, the address public key storage means stores the mail address and the public key of the destination of the electronic mail, and the mail reception means Upon receiving the e-mail attached with the public key, the public key verification means verifies the validity of the public key attached to the e-mail, and the e-mail address corresponding to the public key is stored in the address public key storage by the address determination means. It is determined whether it exists in the means. Only when it is determined by the public key verification means and the address determination means that a mail address corresponding to a valid public key exists in the address public key storage means, the public key registration means stores the public key in the mail address. The information is automatically registered in the address public key storage means in association with the address. Thus, only the public key of the frequently used mail address registered in the address public key storage unit can be automatically registered in the address public key storage unit. Further, it is possible to set an environment for encrypting and transmitting an e-mail to a frequently used destination registered in the address public key storage unit.

In the electronic mail device according to the present invention, the address public key storage means stores the mail address of the destination of the electronic mail and the public key, and the domain registration means permits or prohibits the automatic registration of the public key. Register the domain information of the email address. When the e-mail with the public key attached is received by the e-mail receiving means, the validity of the public key attached to the e-mail is verified by the public key verification means, and the domain of the e-mail address corresponding to the public key is verified by the domain judgment means. Is registered in the domain registration means. If the domain of the e-mail address corresponding to the valid public key is registered in the domain registration means and has a permission attribute, the public key registration means associates the public key with the e-mail address. If the domain is registered in the address public key storage unit and the domain registered in the domain registration unit has a prohibition attribute, the public key is not registered by the public key registration unit. This allows situations such as when it is necessary to communicate with an organization or company with a specific domain name by encrypted e-mail, or when it is not necessary to communicate with an organization with a specific domain name by encrypted e-mail. At the same time, the necessary public key can be automatically registered in the address public key storage means, and an environment for encrypting and transmitting an e-mail can be set.

According to a third aspect of the present invention, in the electronic mail device, the address public key storage means stores the mail address of the destination of the electronic mail and the public key, and when the manager instructs the registration of the public key by the registration instructing means, the public key is stored. The obtaining unit obtains a public key corresponding to the mail address registered in the address public key storage unit from an external public key server, and checks the validity of the public key obtained by the public key obtaining unit by the public key verification unit. After verification, the public key registration unit registers the valid public key in the address public key storage unit in association with the mail address, so that the public key is registered in the address public key storage unit at the timing when registration is instructed. A public key of a frequently used mail address can be automatically registered in an address public key storage unit from an external public key server. This makes it possible to set an environment for encrypting and transmitting an e-mail to a frequently used destination registered in the address public key storage unit.

In the electronic mail device according to the fourth aspect, in the electronic mail device according to the third aspect, the clocking means detects a predetermined elapsed time or time and issues a registration instruction to the registration instruction means. Every time the elapsed time or time elapses, the public key of the frequently used mail address registered in the address storage can be automatically registered and updated from an external public key server to the address public key storage means. . This makes it possible to set an environment for encrypting and transmitting an e-mail to a frequently used destination registered in the address public key storage unit.

According to a fifth aspect of the present invention, in the electronic mail device according to any one of the first to fourth aspects, the public key corresponding to the mail address of the received or obtained public key is an address public key storage. Even if it is already registered in the means, if the revocation determination means determines that the already registered public key has been revoked, the public key registration means registers and updates the received or obtained public key. In addition, the revoked public key registered in the address public key storage means can be automatically updated to a valid public key.

In the electronic mail device according to the sixth aspect, in any one of the electronic mail devices according to the first to fourth aspects, the revocation determining means determines whether or not the registered public key has been revoked. Since the public key deletion means deletes the revoked public key already registered, the revoked public key remains registered in the address public key storage means,
It is possible to prevent the storage capacity of the address public key storage means from being wasted.

In the electronic mail device according to the seventh aspect, in the electronic mail device according to the sixth aspect, when the public key deletion unit deletes the registered public key that has been revoked, the deletion notification unit notifies the administrator of the deletion. Since the notification that the public key has been deleted from the address public key storage means is made, the administrator can know that the public key has been deleted from the address public key storage means of the apparatus.

According to an eighth aspect of the present invention, in the electronic mail apparatus according to any one of the first to seventh aspects, the administrator sets a certifier that permits registration of a public key by a certifier registration unit. In this case, the public key registration unit registers only the public key set in the certifier setting unit among the received or obtained public keys in the address public key storage unit. Even if a different public key is received or obtained, only the public key authenticated by the authenticator authorized by the administrator is automatically registered in the address public key storage means, and authenticated by an unauthorized authenticator. It is possible to prevent the public key from being registered in the address public key storage means and performing an operation not intended by the administrator.

In the electronic mail apparatus according to the ninth aspect, in any one of the electronic mail apparatuses according to the first to seventh aspects, the administrator permits the registration of the public key for each mail address by the address authenticator setting means. When the certifier of the public key to be set is set, the public key registration unit sets the public key that has been authenticated by the certifier set in the address certifier setting unit for the mail address of the received or obtained public key. Since only the key is registered in the address public key storage means, it is possible to automatically register only the public key authenticated by the desired authenticator for each e-mail address, and use a different public key for each e-mail address. It is possible to encrypt and send the e-mail.

According to a tenth aspect of the present invention, in the electronic mail device according to any one of the first to seventh aspects, the administrator can permit the registration of the public key by the encryption method setting means. When the scheme is set, the public key registration unit registers only the public key whose encryption scheme is set in the encryption scheme setting unit out of the received or acquired public keys in the address public key storage unit. Only the public key of the encryption method permitted by the administrator is automatically registered in the address public key storage means, and it is possible to prevent a public key of an unauthorized encryption method from being registered in the address public key storage means. .

According to an eleventh aspect of the present invention, in the electronic mail device according to the tenth aspect, an encryption system automatic setting unit acquires a public key encryption system that can be processed by the device, and sets the encryption system setting. Since the encryption method is automatically set in the means, only the public key of the encryption method that can be processed by the device is automatically registered in the address public key storage means, and the public key of the encryption method that cannot be processed by the device is stored in the address public key storage means. Can be prevented from being registered.

In the electronic mail apparatus according to the twelfth aspect, in the electronic mail apparatus according to any one of the first to seventh aspects, the administrator sets the encryption method of the public key for each mail address by the address encryption method setting means. If set, the public key registration means registers only the public key of the encryption method set in the address encryption method setting means for the mail address among the received or obtained public keys in the address public key storage means. Therefore, only the public key of the desired encryption method can be automatically registered for each mail address, and it is possible to prevent a public key of an encryption method not permitted for each mail address from being registered in the address public key storage means. become.

In the electronic mail device according to the thirteenth aspect, in any one of the electronic mail devices according to any one of the first to seventh aspects, the administrator can permit the automatic registration of the public key by the key length setting means. When the key length and the comparison determination condition are set, the public key registration unit compares the key length of the received or acquired public key with the key length set in the key length setting unit, and compares the key length with the key length. The public key is registered in the address public key storage means when the comparison determination condition set in the length setting means is met, so that only the public key of the key length condition permitted by the administrator is automatically stored in the address public key storage means. It is possible to prevent a public key having a key length that is not registered and permitted from being registered in the address public key storage unit. This makes it possible to take measures such as prohibiting the registration of a public key having a short encryption key and a short key length.

In the electronic mail apparatus according to the present invention, the key length automatic setting means may acquire a maximum key length of a public key which can be processed by the apparatus, and Since the maximum key length and the comparison determination condition are automatically set in the setting unit, only the public key having a length smaller than the maximum key length that can be processed by the device is automatically registered in the address public key storage unit, and the key length that cannot be processed by the device is set. Can be prevented from being registered in the address public key storage means.

According to a fifteenth aspect of the present invention, in the electronic mail device according to any one of the first to seventh aspects, an administrator automatically registers a public key for each mail address by an address key length setting means. When the key length of the permitted public key and the comparison determination condition have been set, the public key registration unit sets the key length of the received or obtained public key to the mail address. Is registered in the address public key storage means only when the comparison condition set by the address key length setting means is compared with the key length set in the address key length setting means. Is automatically registered, and a public key having a key length not permitted for each mail address can be prevented from being registered in the address public key storage means. This makes it possible to take measures such as prohibiting the registration of a public key having a short encryption key and a short key length.

In the electronic mail apparatus according to the present invention, when the public key is automatically registered in the address public key storage means, the registration notifying means is provided. Since the administrator is notified to that effect, the administrator can know that the public key has been registered in the address public key storage means of the apparatus.

According to a seventeenth aspect of the present invention, in the electronic mail device according to any one of the first to sixteenth aspects, the public key registration unit determines that the free space of the address public key storage unit is equal to or less than a predetermined value. In this case, the registration of the public key in the address public key storage unit is stopped, so that the storage capacity of the address public key storage unit is depleted and the device can be prevented from being stopped. It is possible to leave an area for registering the public key of the user.

In the electronic mail apparatus according to the eighteenth aspect, the address public key storage means stores the mail address of the destination of the electronic mail and the public key, and the check means checks the free space of the address public key storage means. When the free space is equal to or less than a predetermined value, the revocation determining means determines whether the public key stored in the address public key storage means has been revoked, and the deleting means determines that the public key has been revoked. Deletes the public key stored in the address public key storage means, and detects and deletes the expired public key when the free space of the address public key storage means becomes low, and deletes the address. It is possible to increase the free space of the public key storage means.

[0043]

Embodiments of the present invention will be described below in detail with reference to the drawings. FIG. 1 shows an electronic mail device 1 according to the first and second embodiments of the present invention.
FIG. 1 is a diagram showing a schematic configuration and a network configuration of a network 0.

In FIG. 1, reference numeral 11 denotes a CPU;
The device is controlled according to a program stored in the OM 13. 12 is an address / data bus, and C
The communication of data is performed by connecting to each part to be controlled by the PU 11. 13 is a ROM (read only memory)
In addition, various programs related to control of the e-mail device 10, encryption and decryption of e-mail, and transmission and reception of e-mail are stored.

In this embodiment, as various programs,
Public key verification means (performs processing for verifying the validity of the public key attached to the received e-mail), address determination means (e-mail address corresponding to the public key attached to the e-mail is disclosed to its own address) A process of determining whether or not the hard disk (HD) 15 is a key storage unit is performed.) A public key registration unit (a process of registering a public key in an address public key storage unit in accordance with predetermined conditions) ,
Domain registration means (performs processing for registering domain information that permits or prohibits registration of a public key in the address public key storage means among domain information of a mail address corresponding to a public key attached to an electronic mail), Domain determination means (performs processing for determining whether or not the domain of the mail address corresponding to the public key attached to the electronic mail is registered in the domain registration means), registration instructing means (instructs registration of the public key) Public key acquisition means (performs processing of acquiring a public key corresponding to the mail address registered in the address public key storage means from an external public key server based on an instruction to the registration instruction means). Revocation determination means (performs processing for determining revocation of a public key stored in an address public key storage means), public key deletion means (revocation determination A process of deleting the public key determined to be invalid from the stage from the address public key storage unit is performed.) A deletion notifying unit (if the public key is deleted from the address public key storage unit, the fact is notified to the administrator. Notification processing is performed.) Automatic encryption method setting means (obtains a public key encryption method that can be processed by the apparatus itself, and performs processing for automatically setting the encryption method in the encryption method setting means), automatic key length Setting means (obtains the maximum key length of the public key that can be processed by the own device,
A process for automatically setting the maximum key length in the key length setting means is performed. ), Registration notifying means (when the public key is registered in the address public key storage means, processing for notifying the administrator of the registration is performed), checking means (processing for checking the free space of the address public key storing means) Do).

Reference numeral 14 denotes a RAM (random access memory), which serves as a work memory when executing a program and a communication buffer memory for transmitting and receiving electronic mail. Reference numeral 15 denotes a hard disk (HD) for storing received e-mail data, an address book 100 for storing e-mail addresses and public keys of each destination, automatic registration permission condition data 110,
Various setting parameters of the apparatus such as the automatic registration permission domain data 120 and the mail address of the administrator are stored and saved.

In this embodiment, the hard disk 15
The address public key storage means (a part for storing the e-mail destination mail address and the corresponding public key), the authenticator setting means (public address permitting registration of the public key to the address public key storage means) Key certifier setting part), address certifier setting means (part for setting a public key certifier permitting registration of a public key for each mail address), encryption scheme setting means (address public key storage means) A part for setting a public key encryption method permitting registration of a public key), an address encryption method setting means (part for setting a public key encryption method for permitting registration of a public key for each mail address), a key length setting means (A part for setting the key length of the public key to permit registration of the public key in the address public key storage means and the comparison judgment condition) And a portion) to set the key length of the public key and the comparison criterion that.

A printer unit 16 prints out the text of the received e-mail and the contents of the attached image file. Reference numeral 17 denotes an operation display unit for displaying the status of the apparatus, registering a mail address in the address book 100, setting permission conditions in the address book 100 and the automatic registration permission condition data 110, and displaying the automatic registration permission domain data 120. Performs setting of permitted domains and e-mail transmission instructions.

Reference numeral 18 denotes a scanner for reading image data of a document attached to an electronic mail. Reference numeral 19 denotes a network interface, which communicates with another e-mail device 21 connected to the network 30 and transmits / receives e-mail.

Reference numeral 20 denotes a timer for measuring time.
Reference numeral 21 denotes a network, which is an e-mail device 10 of the present embodiment, another e-mail device 22 that communicates with the e-mail device 10 of the present embodiment by e-mail, and an X.509 public key infrastructure managed by a certificate authority. Is connected to a public key server 23 storing a public key certificate based on the public key certificate. In the present embodiment, the X.509 public key infrastructure is used, but the present invention is not limited to this, and another public key infrastructure such as PGP may be used.

FIG. 2 is a diagram showing the data structure of the address book of the electronic mail device 10 according to the first and second embodiments of the present invention. The administrator of the e-mail device 10 registers the frequently used e-mail address from the operation display unit 17, and thereafter, when sending an e-mail, refers to the e-mail address registered in the address book. Set as a destination.

FIG. 2 shows that three mail addresses are registered as mail addresses 101 in address book 100. If necessary, the administrator can use the operation display unit 17 to display the permitted certificate authority 102, the permitted encryption method 103, and the permitted key length condition 104 for each mail address.
Can be set. Here, the authorized certificate authority 102
Indicates a certificate authority that permits automatic registration of the public key certificate corresponding to the mail address.

In FIG. 2, the mail address of the address book 100 ochaddress1 @ domainA CA # 1
Only the public key certificate whose issuer (certificate authority) is CA # 1 is allowed to be automatically registered, and the public key of the other issuer (certificate authority) is set as the e-mail address. The certificate will not be automatically registered.

Similarly, the permission encryption method 103 indicates a public key encryption method that permits automatic registration of a public key certificate corresponding to a mail address. In FIG. 2, the mail address medium address1 @ domainA medium of the address book 100 is set to RSA as a permitted encryption method, and the public key certificate of this mail address is the public key encryption method of RSA. Only a certain public key certificate is permitted to be automatically registered, and other public key certificates of public key cryptosystems are not automatically registered.

Similarly, the permission key length condition 104 indicates a key length condition of a public key that permits automatic registration of a public key certificate corresponding to a mail address. In FIG. 2, address book 1
In the mail address medium address1 @ domainA medium of 00, (512, ==) is set as the permitted key length condition, and only the public key certificate whose public key length is 512 bits is permitted to be automatically registered. A public key certificate having a public key having a key length that does not satisfy this condition is not automatically registered.

Here, the permission key length condition is set in the format of (the number of bits of the public key, determination condition). As the determination condition, medium == medium (equal), medium> = medium (or more), medium <= medium (below) can be set.

In the public key certificate field 105, a file name of the public key certificate corresponding to each mail address is set. In FIG. 2, the public key certificate of the mail address “address1 @ domainA medium” of the address book 100 is not registered, but the public key certificate of the mail address medium address2 @ domainA medium or medium address3 @ domainB medium is registered. The state is shown.

FIG. 3 is a diagram showing a configuration of the automatic registration permission condition data 110 of the electronic mail device 10 according to the first and second embodiments of the present invention. The automatic registration permission condition data 110 includes permission condition data (permission certificate authority 102, permission encryption method 1) for each mail address in the address book 100.
03, different from the permission key length condition 104), data on permission conditions for automatic registration of the public key certificate in the address book 100 in the entire apparatus are shown.

Permission encryption method 112, permission key length condition 113
After the power of the e-mail device 10 is turned on, the e-mail device 10 acquires capability information on the encryption method and key length of the public key certificate that can be processed by the e-mail device 10 and automatically sets it.

FIG. 5 is a flowchart showing an operation of automatically setting the permission encryption method 112 and the permission key length condition 113 of the electronic mail device 10 according to the first and second embodiments of the present invention.

In FIG. 5, first, in step S50, capability information of a public key cryptosystem that can be processed by the own device is obtained. Next, in step S51, step S50
The encryption method of the public key is set to the permission encryption method 112 on the basis of the capability information of the encryption method of the public key obtained in step (1). Further, in step S52, the capability information of the key length of the public key that can be processed by the own device is acquired. In step S53, the key length condition of the public key is set in the permission key length condition 113 based on the capability information of the key length of the public key acquired in step S50.

Further, the administrator can set a permitted certificate authority 111, a permitted encryption method 112, and a permitted key length condition 113 in the entire apparatus from the operation display unit 17 as necessary.

FIG. 4 is a diagram showing a configuration of the automatic registration permitted domain data 120 of the electronic mail device 10 according to the first and second embodiments of the present invention. The automatic registration permission domain data 120 indicates a domain of a mail address and a mail address to which automatic registration of the public key certificate in the address book 100 is permitted.

The administrator operates the operation display unit 17 as necessary.
From the e-mail address and its public key certificate address book 1
It is possible to set the domain name of an e-mail address that allows automatic registration to 00.

In FIG. 4, a medium domainC medium is registered as a domain name. If the subject of the public key certificate
If the address is medium address4 @ domainC medium, the domain name medium domainC
Since the medium has been registered, automatic registration of the mail address medium address4 @ domainC medium and its public key certificate in the address book 100 is permitted.

When the domain name is not set in the automatic registration permitted domain data 120, it means that the mail address and the public key certificate are not automatically registered from the domain name.

In this embodiment, the domain name for which the automatic registration of the public key is permitted is set. However, the domain name for which the automatic registration of the public key is prohibited is registered so that the domain name having the prohibited domain name is registered. An unregistered mail address and its public key certificate may be automatically registered.

Next, the processing when the electronic mail device 10 according to the first embodiment of the present invention receives an electronic mail will be described with reference to the flowcharts of FIGS. 6 and 7 in the following description refer to FIG. 1 unless otherwise indicated.

When the network interface 19 receives the electronic mail, first, in step S10,
Check whether the public key certificate is attached to the e-mail.

For example, if the e-mail is S / MIME version 3
If it complies with the CMS (Cryptographic Message Syntax) of the signature data type defined in RFC2630
Since the public key certificate is set in the certificate field of the object, it is checked whether the public key certificate of the sender of the e-mail is present in this field.

In this case, the e-mail sender's public key certificate is such that the e-mail address set in the subject alias of the X.509 public key certificate matches the e-mail sender's e-mail address. If it is determined in step S10 that the public key certificate is attached to the received mail, the process proceeds to step S11; otherwise, the process proceeds to step S2.
The process proceeds to step S4, where the received mail is printed.

In step S11, it is verified whether the sender's public key certificate attached to the received mail is valid. The validity verification is performed by verifying the electronic signature of the issuer (certificate authority) of the public key certificate and checking whether the validity period of the public key certificate has expired.

Next, in step S12, step S11
It is determined whether the public key certificate is valid based on the result of the verification. If the public key certificate is valid, step S13
If not, the process proceeds to step S24, where the received mail is printed.

In step S13, it is determined whether the mail address of the subject of the public key certificate exists in the address book. The subject's alias, which is the mail address of the subject of the public key certificate, has already been confirmed in step S10 to match the mail address of the sender of the received mail.

If it is determined in step S13 that the mail address of the subject of the public key certificate exists in the address book, the process proceeds to step S15, otherwise, the process proceeds to step S15.
Proceeding to step S14, an automatic permitted domain is determined.

In step S14, it is determined whether or not the domain of the mail address of the subject of the public key certificate is registered in the public key certificate automatic registration permitted domain data 120. If it is determined in step S14 that the domain of the e-mail address of the subject of the public key certificate is registered in the automatic registration permitted domain data 120 of the public key certificate, the process proceeds to step S15; The process proceeds to step S24.

In step S15, it is determined whether a public key certificate corresponding to the mail address of the subject of the public key certificate is registered in address book 100. In FIG. 2, if the mail address is the medium address1 @ domainA medium, the public key certificate has not been registered yet, and the mail address medium address2 @ domainA medium and the mail address medium address3 medium are not registered.
It indicates that the public key certificate is registered in the @domainB medium.

At step S15, if the public key certificate corresponding to the mail address has already been registered in address book 100, the process proceeds to step S16, otherwise, the process proceeds to step S18.

Next, in step S18, it is checked whether the public key certificate already registered in the address book has been revoked. In FIG. 2, the mail address is medium addres.
Although the public key certificate medium CERT # 001 medium of s2 @ domainA medium is registered, it is checked whether this public key certificate medium CERT # 001 medium has expired due to expiration of the validity period.

Thus, even if the public key certificate has already been registered in the address book 100, if the public key certificate has expired, the registered contents are updated with the new public key certificate. You can do so.

Step S17 is based on the result of the public key certificate revocation check in step S16.
This is a step of determining whether or not the public key certificate corresponding to the mail address registered in “0” has been revoked. If the public key certificate has been revoked, step S
The process proceeds to step S17 and proceeds to the registration process of the public key certificate. Otherwise, the process proceeds to step S24.

Next, in step S 18, the issuer (certificate authority) of the public key certificate to be registered is first permitted by the permitted certificate authority 111 of the registration permission condition data 110. Authorized certificate authority 1 of address book 100
In step 02, it is determined whether or not the permission is given. Only when permitted by all the permitted certificate authorities 102, it is determined that the permission is granted. When there is no setting data in the authorized certification authority 102, it means that all the certifiers are permitted.

Here, the certificate authority (CA # 2) of the public key certificate of the mail address “address1 @ domainA” to be registered
In the case where CA # 1 and CA # 2 are permitted as certification authorities by the permitted certification authority 111 of the registration permission condition data 110, the mail address medium address1 @ dom
Since only CA # 1 is permitted and CA # 2 is not permitted as the permitted certification authority 102 for the ainA medium, the public key certificate of the certification authority (CA # 2) is not registered.

Next, in step S 19, the issuer (certificate authority) of the public key certificate to be registered is firstly permitted by the permission encryption method 112 of the registration permission condition data 110. It is determined whether or not permission is granted in the permission encryption method 112 of the address book 100. Only when permission is granted in all of the permission cryptosystems 112 and 103, it is determined that the permission is granted. Here, when there is no setting data in the permitted encryption methods 103 and 112, it means that all the encryption methods are permitted.

Here, the encryption method of the public key certificate of the mail address “address1 @ domainA” to be registered is DH (D
iffie Hellman), the encryption scheme 112 in the permission encryption scheme 112 of the registration permission condition data 110 is RSA.
And DH are permitted, but the permission encryption method 10 for the mail address medium address1 @ domainA medium of the address book 100 is used.
Third, since only RSA is permitted and DH is not permitted, registration of the public key certificate of the encryption method DH is not permitted.

The encryption method of the public key certificate of the mail address “address1 @ domainA” to be registered is RSA.
In the case of the scheme, the public key certificate of the encryption scheme RSA is permitted to be registered because both are permitted in the permission encryption schemes 103 and 112.

Next, in step S 20, the key length condition of the public key certificate to be registered is first determined as to whether it is permitted by the permitted key length condition 113 of the registration permission condition data 110.
Then, the permission key length condition 104 of the address book 100
It is determined whether or not permission is granted. Permitted key length condition 1
Only when permission is granted in all 04 and 113, it is determined that permission is granted. Here, the permission key length condition 104,
If there is no setting data in 113, it means that all key lengths of the public key are permitted.

If the key length of the public key certificate of the mail address “address1 @ domainA” to be registered is 1024 bits, the permission key length condition 113 of the registration permission condition data 110 indicates that the key length is 1024 bits or less. But the mail address medium address1 @ dom of the address book 100
Since only 512 bits are permitted in the permitted key length condition 104 for the ainA medium, registration of a public key certificate having a public key with a key length of 1024 bits is not permitted.

The key length of the public key of the public key certificate of the mail address “address1 @ domainA” to be registered is
If it is 512 bits, the permission key length conditions 104, 11
3 is permitted in both, so the key length of the public key is
Registration of the 512-bit public key certificate is permitted.

If it is determined that the permission is granted in all the steps from step S18 to step S20, the process proceeds to step S21.

In step S21, it is determined whether the free space in address book 100 is equal to or less than a predetermined value. if,
If the free space is equal to or less than the predetermined value, the process proceeds to step S26 without registering the public key certificate. If the free space is larger than the predetermined value, the process proceeds to step S22, and the public key certificate is registered in the address book 100 in association with the mail address of the subject of the public key certificate.

If it is determined in any of the steps S18 to S20 that the permission is not granted, the process proceeds to step S24, and the received mail is printed.

In step S23, a notification to the effect that the public key certificate has been registered is transmitted by e-mail to the e-mail address of the administrator registered in the e-mail device 10. The notification content includes a mail address at which the public key certificate has been registered, a certificate authority name of the public key certificate, a certificate number, a public key encryption method, a key length of the public key, and the like.

Next, in step S24, it is determined whether there is a text (text data) or attached image data as the content to be printed on the received e-mail.
If there is content to be printed, the process proceeds to step S25, where the text (text data) or the attached image data is printed out by the printer unit 16. On the other hand, if there is no content to be printed, the process proceeds to step S26, in which all public key certificates registered in the address book 100 are checked for revocation. Delete from.

According to this step, if there is a public key certificate whose validity period has expired and has expired in the address book 100, the public key certificate is deleted.

Thus, the e-mail receiving process of the e-mail device 10 is completed.

Next, the electronic mail device 10 according to the second embodiment of the present invention transmits a public key certificate corresponding to a destination registered in the address book 100 to an external public key server 23.
The process in the case where the information is acquired and automatically registered will be described with reference to the flowcharts of FIGS. In the following description, reference numerals shown in FIGS. 7 and 8 refer to FIG. 1 unless otherwise specified.

The automatic registration of the public key certificate from the external public key server 23 to the address book 100 of the e-mail device 10 is performed when the administrator instructs the automatic registration from the operation display unit 17 or when the administrator performs the operation. This is performed when the time of the automatic registration set from the display unit 17 comes. The time of automatic registration is a predetermined date and time (for example, August 01, 2000).
Day 10:00) or time interval (for example, 12
(Time interval).

First, in step S30, it is determined whether the time of the timer 20 has reached the automatic registration time set by the administrator. If it is the time set for automatic registration,
Proceeding to step S32, all mail addresses registered in the address book 100 are checked, and processing for automatic registration is started. If it is not the time set for automatic registration,
In step S31, the self-registration instruction of the public key is
It is determined whether or not it has been instructed from. If the self-registration instruction of the public key has not been issued, the process returns to step S30, and a standby loop is performed until the set time of the automatic registration or until the automatic registration instruction is detected.

[0100] In steps S32 to S42, processing is performed for all the first to Nth mail addresses registered in the address book 100. Therefore, N
When the number of mail addresses is registered in the address book 100, the processing from step S32 to step S42 is performed N times.

In step S32, it is checked whether a public key certificate has been registered for the mail address registered in the address book 100. If the public key certificate has already been registered, the process proceeds to step S33 to check whether the public key certificate registered in the address book 100 has expired due to an expiration of the validity period or the like.

In step S34, it is determined whether or not the certificate has expired based on the inspection result in step S33.
If the public key certificate has been revoked, the process proceeds to step S35, and a process for acquiring a valid new public key certificate from the public key server 23 is started.

If the public key certificate has not been revoked, it is not necessary to obtain the public key certificate from the public key server 23 for the mail address.
Until the processing of all the mail addresses in the address book 100 is completed, the process returns to step S32, and the processing of the next mail address is performed.

Next, in step S35, a public key certificate is obtained from the public key server 23. Public key server 2
Acquisition of a public key certificate from LDAP3 is based on LDAP (Lightweight Dir
ectory Accesss Protocol) and HTTP (Hyper Text Transfer)
Protocol).

At step S36, the validity of the public key certificate obtained at step S35 is verified. The verification of the validity of the public key certificate is performed by verifying the electronic signature of the certifier of the public key certificate and checking the expiration of the validity period.

In step S37, it is determined whether the obtained public key certificate is valid based on the result of the validity check in step S36. If valid, step S38
To check for permission to automatically register the public key certificate. If it is not valid, the process returns to step S32 until the processing of all mail addresses in the address book 100 is completed, and the processing of the next mail address is performed.

In step S 38, the issuer (certificate authority) of the public key certificate to be registered is first checked whether it is permitted by the permitted certificate authority 111 of the registration permission condition data 110.
Then, it is determined whether the permitted certificate authority 102 of the address book 100 is permitted. Authorized certificate authority 111
Only when permitted in all 102, it is determined that permission is granted. When there is no setting data in the authorized certification authority 111102, it means that all the certifiers are permitted.

Here, the certificate authority (CA # 2) of the public key certificate of the mail address “address1 @ domainA” to be registered
In the case where CA # 1 and CA # 2 are permitted as certification authorities by the permitted certification authority 111 of the registration permission condition data 110, the mail address medium address1 @ dom
Since only CA # 1 is permitted and CA # 2 is not permitted as the permitted certification authority 102 for the ainA medium, the public key certificate of the certification authority (CA # 2) is not registered.

Next, in step S39, the issuer (certificate authority) of the public key certificate to be registered is first permitted by the permission encryption method 112 of the registration permission condition data 110, and It is determined whether the address book 100 is permitted in the permission encryption method 112. Only when permission is granted in all of the permission cryptosystems 112 and 103, it is determined that the permission is granted. Here, when there is no setting data in the permitted encryption methods 103 and 112, it means that all the encryption methods are permitted.

Here, the encryption method of the public key certificate of the mail address “address1 @ domainA” to be registered is DH (D
iffie Hellman), the encryption scheme 112 in the permission encryption scheme 112 of the registration permission condition data 110 is RSA.
And DH are permitted, but the permission encryption method 10 for the mail address medium address1 @ domainA medium of the address book 100 is used.
Third, since only RSA is permitted and DH is not permitted, registration of the public key certificate of the encryption method DH is not permitted.

The encryption method of the public key certificate of the mail address “address1 @ domainA” to be registered is RSA.
In the case of the scheme, the public key certificate of the encryption scheme RSA is permitted to be registered because both are permitted in the permission encryption schemes 103 and 112.

Next, in step S 40, the key length condition of the public key certificate to be registered is first determined as to whether or not it is permitted by the permitted key length condition 113 of the registration permission condition data 110.
Then, the permission key length condition 104 of the address book 100
It is determined whether or not permission is granted. Permitted key length condition 1
Only when permission is granted in all 04 and 113, it is determined that permission is granted. Here, the permission key length condition 104,
If there is no setting data in 113, it means that all key lengths of the public key are permitted.

Here, if the key length of the public key certificate of the mail address “address1 @ domainA” to be registered is 1024 bits, the permission key length condition 113 of the registration permission condition data 110 indicates that the key length is 1024 bits or less. But the mail address medium address1 @ dom of the address book 100
Since only 512 bits are permitted in the permission key length condition 104 for the ainA medium, registration of a public key certificate having a public key with a key length of 1024 bits is not permitted. If the key length of the public key of the public key certificate of the e-mail address “address1 @ domainA” to be registered is 512 bits, it is permitted under both the permitted key length conditions 104 and 113. Registration of a public key certificate whose public key has a key length of 512 bits is permitted.

If it is determined that the permission is granted in all steps from step S38 to step S40, the process proceeds to step S41, and the public key certificate is registered in the address book 100 in association with the mail address.

If it is determined in any of the steps S38 to S40 that the permission is not granted, the process proceeds to a step S43 to process the next mail address.

In step S42, a notification that the public key certificate has been registered is transmitted by e-mail to the e-mail address of the administrator registered in the e-mail device 10. The notification content includes a mail address at which the public key certificate has been registered, a certificate authority name of the public key certificate, a certificate number, a public key encryption method, and a key length of the public key.

In step S43, it is determined whether or not processing has been performed for all mail addresses registered in the address book 100. If there is a mail address that has not been processed yet, the flow returns to step S32. Start processing for the next email address. If the processing has been completed for all mail addresses, the process returns to step S30.

[0118]

As described above, the electronic mail device of the present invention can automatically set and register only the necessary public key in the public key database of the electronic mail device without imposing a burden on the administrator. it can. Further, the electronic mail device of the present invention can automatically manage the public key database so that only the valid public key is stored in the public key database of the electronic mail device without burdening the administrator. it can.

[Brief description of the drawings]

FIG. 1 is a diagram showing a schematic configuration and a network configuration of an electronic mail device according to an embodiment of the present invention.

FIG. 2 is a diagram showing a data structure of an address book of the electronic mail device according to the embodiment of the present invention.

FIG. 3 is a diagram showing a data configuration of automatic registration permission condition data of the electronic mail device according to the embodiment of the present invention.

FIG. 4 is a diagram illustrating a data configuration of automatic registration permission domain data of the electronic mail device according to the embodiment of the present invention.

FIG. 5 is an operation flowchart of automatic setting of a permission encryption method and a permission key length condition of the electronic mail device according to the embodiment of the present invention.

FIG. 6 is an operation flowchart (part 1) of a process when the electronic mail device receives an electronic mail according to the first embodiment of the present invention.

FIG. 7 is an operation flowchart (part 2) of a process when the electronic mail device receives an electronic mail according to the first embodiment of the present invention.

FIG. 8 is an operation flowchart (part 1) of processing for automatically registering a public key certificate from a public key server to an address book in an electronic mail device according to a second embodiment of the present invention.

FIG. 9 is an operation flowchart (part 2) of processing for automatically registering a public key certificate from a public key server to an address book in an electronic mail device according to a second embodiment of the present invention.

[Explanation of symbols]

10, 22: e-mail device, 11: CPU, 12: address data bus, 13: ROM (read only)
14) RAM (random access memory), 15 ... hard disk, 16 ... printer unit, 17
... Operation display section, 18 ... Scanner, 19 ... Network
Interface, 20 ... Timer, 23 ... Public key server

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) H04N 1/44 H04L 9/00 601F

Claims (18)

[Claims] An electronic mail apparatus for encrypting an electronic mail using a public key of a destination and transmitting the encrypted electronic mail, comprising: an address public key storage unit for storing a mail address as a destination of the electronic mail and a corresponding public key; Mail receiving means for receiving an e-mail attached with a public key, public key verification means for verifying the validity of the public key attached to the e-mail received by the e-mail receiving means, attached to the e-mail Address determining means for determining whether or not a mail address corresponding to the obtained public key exists in the address public key storage means; and the public key verifying means determines that the public key is valid, and When the determining unit determines that the mail address corresponding to the public key exists in the address public key storage unit, the public key is stored in the address public key storage unit. Electronic mail apparatus characterized by having a public key registration unit in association with the-mail address registered in the address public key storage unit. 2. An electronic mail apparatus for encrypting an electronic mail using a public key of a destination and transmitting the encrypted electronic mail. E-mail receiving means for receiving an e-mail attached with the e-mail, public key verification means for verifying the validity of a public key attached to the e-mail received by the e-mail receiving means, and a public key attached to the e-mail Domain registration means for registering domain information for permitting or prohibiting registration of a public key in the address public key storage means among domain information of a mail address corresponding to the public key corresponding to the public key attached to the electronic mail. Domain determining means for determining whether or not a domain of a mail address is registered in the domain registering means; If the public key is determined to be valid by the stage and the domain determination means determines that the domain of the mail address corresponding to the public key is registered in the domain registration means, the domain registration A public key registration unit for registering the public key in the address public key storage unit in association with the mail address according to an attribute of permission or prohibition of the domain information registered in the unit. Mail device. 3. An electronic mail apparatus for encrypting an electronic mail using a destination public key and transmitting the encrypted electronic mail, comprising: an address public key storage unit for storing a mail address serving as a destination of the electronic mail and a corresponding public key; Registration instructing means for instructing registration of a public key, and, when the registration instructing means instructs, acquiring a public key corresponding to a mail address registered in the address public key storage means from an external public key server. A public key obtaining unit, a public key verifying unit for verifying the validity of the public key obtained by the public key obtaining unit, and determining that the public key obtaining unit obtains the public key obtained by the public key obtaining unit. And a public key registration unit for registering the public key in the address public key storage unit in association with the mail address. Apparatus. 4. The e-mail device according to claim 3, further comprising a clock unit for performing clocking, wherein said clocking unit issues a registration instruction to said registration instruction unit at a predetermined elapsed time or time. Email device. 5. The e-mail device according to claim 1, further comprising: an expiration determination unit that determines an expiration of a public key stored in said address public key storage unit. The public key registration unit is configured so that, even if a public key attached to the e-mail received by the mail reception unit is already registered in the address public key storage unit in correspondence with a mail address, the e-mail is rejected by the revocation determination unit. If it is determined that the public key registered corresponding to the address has expired, the public key attached to the electronic mail is registered in the address public key storage unit in association with the mail address. E-mail device characterized. 6. The e-mail apparatus according to claim 1, further comprising: an expiration determination unit configured to determine whether the public key stored in the address public key storage unit is invalid; An e-mail device comprising: a public key deleting unit that deletes, from the address public key storage unit, the public key determined by the determining unit to be invalid. 7. The electronic mail device according to claim 6, further comprising: when the public key deleting unit deletes a public key from the address public key storing unit, notifying an administrator of the deletion. An e-mail device comprising: 8. The e-mail device according to claim 1, further comprising: a certifier for setting a certifier of a public key which permits registration of the public key in said address public key storage means. Setting means, wherein the public key registration means registers a public key in the address public key storage means only when a certifier of a public key is set in the certifier setting means. Email device. 9. An e-mail device according to claim 1, further comprising: an address certifier setting means for setting a certifier of a public key which permits registration of the public key for each mail address. The public key registration unit stores the public key in the address public key storage unit only when the certifier of the public key is set for the mail address of the public key by the address certifier setting unit. An electronic mail device characterized by registering. 10. The e-mail device according to claim 1, further comprising a public key encryption system for permitting registration of a public key in said address public key storage means. Setting means, wherein the public key registration means registers a public key in the address public key storage means only when a public key encryption method is set by the encryption method setting means. Email device. 11. An electronic mail apparatus according to claim 10, further comprising: an encryption method automatic setting means for acquiring a public key encryption method which can be processed by the apparatus and automatically setting the encryption method in said encryption method setting means. An e-mail device comprising: 12. The electronic mail device according to claim 1, further comprising an address encryption method setting means for setting an encryption method of a public key for permitting registration of the public key for each mail address. The public key registration unit registers the public key in the address public key storage unit only when the encryption method of the public key is set by the address encryption system setting unit for the mail address of the public key. An e-mail device, comprising: 13. The electronic mail device according to claim 1, further comprising: a key length of a public key that permits registration of the public key in said address public key storage means; The public key registration means compares the key length of the public key with the key length set by the key length setting means, and is set by the key length setting means. An electronic mail device wherein a public key is registered in the address public key storage means only when a comparison judgment condition is satisfied. 14. The electronic mail apparatus according to claim 13, further comprising: acquiring a maximum key length of a public key processable by the apparatus, and automatically setting the maximum key length in the key length setting means. An e-mail device comprising a means. 15. The electronic mail apparatus according to claim 1, further comprising: an address for setting a key length of a public key permitting registration of the public key and a comparison determination condition for each mail address. A key length setting unit, wherein the public key registration unit compares a key length of a public key to be registered with a key length set by the address key length setting unit for a mail address of the public key. An electronic mail apparatus wherein a public key is registered in the address public key storage means only when the comparison judgment condition set by the address key length setting means is satisfied. 16. The electronic mail device according to claim 1, wherein said public key registering means further registers a public key in said address public key storing means when said public key is registered in said address public key storing means. An electronic mail device comprising a registration notifying means for notifying an administrator. 17. The e-mail device according to claim 1, wherein the public key registration unit opens the public key when the free space of the address public key storage unit becomes a predetermined value or less. An electronic mail device for stopping registration of a key. 18. An electronic mail apparatus for encrypting an electronic mail using a destination public key and transmitting the encrypted electronic mail, comprising: an address public key storage unit for storing a mail address to be a destination of the electronic mail and a corresponding public key; Checking means for checking the free space of the address public key storage means, and revoking the public key stored in the address public key storage means when the free space checked by the checking means is equal to or less than a predetermined value. An electronic mail apparatus comprising: revocation determining means for determining; and a public key deleting means for deleting, from the address public key storage means, a public key determined to be revoked by the revocation determining means.