JP2003066836A - Electronic signature method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To solve the problem that a means for easily correcting an electronic document even when the status of dealings is changed is not available and an electronic ticket needs to be issued at a center or by using a storage medium after the dealings are completed. SOLUTION: A service issuer system 1100 generates an electronic signature for the ticket by using a secret key, ciphers the electronic signature by using a password, and provides the ticket and electronic signature for a user terminal 1200 and an open key for a service executor system 1400; when a charge collector system 1300 collects the charge for the ticket, the password is obtained from the service issuer system 1100 and provided for the user terminal 1200, the service executor system 1400 obtains the ticket, electronic signature, and password from the user terminal 1200, deciphers the electronic signature with the password, and applies the open key to the deciphered electronic signature to verify the adequacy of the ticket.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an electronic signature method using public key cryptography and an electronic ticket system using the electronic signature method, and more particularly to an electronic signature for changing the validity of a digital signature depending on transaction status. Regarding the method.

[0002]

2. Description of the Related Art As a conventional technique, Japanese Patent Laid-Open No. 11-261550 discloses that characteristic data is generated by extracting a characteristic from an electronic document, and this characteristic data is encrypted with a party's encryption key to obtain encrypted data. By creating and further adding external authentication data such as date to this encrypted data and encrypting this with the encryption key of the external authenticator, it is possible to prevent even the parties from tampering with the document, Documents that promote the digitization of documents are disclosed.

Further, in Japanese Patent Laid-Open No. 2000-315265, in communication between an information processing terminal capable of reading / writing an IC card and an information processing device of a service center which provides a settlement service, the information processing terminal issues a ticket When the instructions are entered
Checks whether or not an electronic ticket corresponding to an IC card can be issued, sends a payment processing request according to the ticketing instruction to the settlement service center, and when the payment processing result notification is received, instructs the IC card to issue a ticket It is disclosed that an electronic ticket is issued and stored when instructed.

[0004]

According to Japanese Patent Laid-Open No. 11-261550, even if the person who created the electronic document cannot tamper with the electronic document, the encryption key of the external authenticator acts on the electronic document. You can In other words, in order to make any changes to the electronic document, both the person's decryption key and the external authenticator's decryption key are required. For example, it is effective for storing an electronic document of a loan agreement, but even if payment is made, this electronic document cannot be changed to "paid". This is because, even if a part of the electronic document can be changed, no one can guarantee that the electronic document has the same content as the original loan agreement.

According to Japanese Patent Laid-Open No. 2000-315265, by using a secure device called an IC card, the process of ticket type selection, payment procedure, ticket issuing and receipt can be performed at a personally-owned terminal, and it is received. "ticket"
Can be used as is at stations where services are provided. However, in order to connect to an information processing device of a service center and receive a payment service, it is necessary to apply for a payment service to a financial institution such as a credit card company and obtain a dedicated IC card. And not everyone can receive the settlement service of a financial institution, and there were cases where minors or people who were not in regular jobs could not join.

A first object of the present invention is to provide a mechanism for guaranteeing the validity of an electronic document even if the status of the electronic document is changed after a certain time due to payment of price or the like, and the validity of the electronic document is simplified. It is to provide an electronic signature method that can be changed (changed) by any method.

A second object of the present invention is to enable even a person who does not subscribe to a settlement service provided by a financial institution or service provider to receive the service. In other words, by providing a method that allows electronicization of tickets without using a special medium such as an IC card, users are always able to purchase tickets without being affected by the business hours of the store or the period required for delivery. It is to be able to purchase, and to allow anyone to enjoy such electronic ticket service.

[0008]

According to the present invention, an electronic signer system discloses an electronic document (for example, an electronic ticket or an electronic coupon), a common key (for example, a password), a secret key, and a public key corresponding to the secret key. Generate a key and generate a digital signature by acting the private key on the electronic document, encrypt the digital signature with the common key, and provide the electronic document and the encrypted digital signature to the user terminal, and the verifier The public key is provided to the system, and when the payment collector system receives the payment for the electronic document, it notifies the electronic signer system to that effect, acquires the common key from the electronic signer system, and obtains the common key. Is provided to the user terminal, and the verifier system
The electronic document, the encrypted electronic signature, and the common key are acquired from the user terminal, the electronic signature encrypted with the common key is decrypted, and the public key is applied to the decrypted electronic signature to operate the electronic document. Verify legitimacy. Instead of the verifier system, the payment collector system or the user terminal may decrypt the electronic signature with the common key. When the digital signature is decrypted by the common key, the digital signature becomes valid. That is, the status of the electronic signature changes from invalid to valid.

[0009]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in detail below.

FIG. 1 is an explanatory view showing the outline of the entire system of the present invention, showing the participants and the function outline of each participant.

Participants in the present invention include a service issuer that issues right information for receiving a service, a service implementer that provides the service, a price collector who collects the price for the service, and a use that uses the service. Person. For example, for concert tickets and travel coupon tickets, there are ticket vendors and travel agents that specialize in selling tickets. The present invention is considered to be particularly effective in an industry in which such a sales agent already exists. This is because the service provider uses such a sales agent because he / she wants to use the sales channel to have contact with many consumers and needs a means for collecting the payment. If there is no collector, the service issuer or service implementer will collect the payment.

A concert ticket will be described below as an example.

The service issuer is a vendor that issues and sells tickets (hereinafter referred to as a ticket issuer), and the service implementer is a company that manages concerts and collects tickets at the concert venue. The user is a person who purchases a ticket from the ticket issuer, transfers the ticket to the service provider, and listens to the concert.

The service issuer system 1100 has at least a member management function 1110 for managing users and a ticket management function 1120 for managing tickets. The member management function 1110 acquires a user's personal information (for example, name, address, telephone number, e-mail address, etc.) from the user, and identifies the user for each user (for example, a member ID. Issue a combination of letters and numbers such as numbers and member passwords) to users. The service issuer system 1100 stores the personal information of the user and the member ID in association with each other. The ticket management function 1120 manages the content of services guaranteed by the ticket and the sales status of the ticket (for example, pre-sale, reserved, unsettled, settled, unused, used, etc.). A data table for managing tickets will be described later with reference to FIG. Further, the service issuer system 1100 has a key generation means, and generates a secret key for generating an electronic signature and a public key corresponding to the secret key for verifying the validity of the ticket.

The user terminal 1200 has a communication function for accessing the server and downloading the contents of the server.
It has 1220 and a storage function 1210 for storing downloaded data, and can store electronic ticket data (hereinafter abbreviated as electronic ticket) obtained from the service issuer system. The electronic ticket according to the present invention includes an electronic signature having a function of changing the service content guaranteed by the ticket and the sales status of the ticket, that is, validating the electronic signature.

The payment collector system 1300 includes a user terminal 12
Electronic bill data is read from 00, and when payment (settlement) is made based on this bill, the receipt issue function 1310 for issuing an electronic receipt and this transaction service It has a communication function 1320 for notifying the issuer system 1100. In the present invention, a password is used as electronic data corresponding to this receipt. This password is preferably determined by the ticket issuer. This password acts as a common key that can be encrypted and decrypted. That is, the service issuer system 1100 has a password generation function and generates a password for encrypting and decrypting (validating) the electronic signature.

The service provider system 1400 reads the electronic ticket and the password (receipt) from the user terminal 1200, and applies the password (data string of the electronic receipt) to the electronic ticket to validate the electronic signature. A digital signature validation function 1410 for processing and a signature validation function 14 for validating a ticket using the validated digital signature
20, a ticket collection function 1430 for collecting and storing the ticket, and a communication function 1440 for sending the collected ticket to the service issuer for scrutiny. Then, the service issuer system 1100 performs a close inspection process to change the ticket status to used.

The network 1500 may be any network such as the Internet, a telephone line, a wireless communication network, or a combination thereof, and is not limited to the type or scale of the network.

FIG. 2 is a flow chart showing an outline of processing when issuing an electronic ticket.

First, the user terminal 1200 applies for a ticket to the service issuer system 1100 in step 2100. Specifically, the user terminal 1200 receives the input of the ticket type and the number of tickets, the member ID for identifying the user, and the like from the user, and transmits the information to the service issuer system 1100.

Next, the service issuer system 1100 authenticates the user. Specifically, it is determined whether or not the member ID obtained from the user terminal 1200 matches the member ID of the member information registered in advance in the service issuer system 1100. If the input information and the acquisition information match the member information registered in advance, it is determined that the member is an authorized member, and the process proceeds to step 2220. Note that the service issuer system 1100 uses the user terminal 1200 in addition to the member ID in order to authenticate the user (member) more reliably.
Get the unique ID (for example, phone number or terminal ID) of
Member authentication may be performed by comparing with member information registered in advance in the service issuer system 1100. The unique ID of the user terminal 1200 is given to each user terminal 1200 by the manufacturer of the user terminal 1200 or a communication carrier (for example, a telephone company) to which the user subscribes, and is stored in the storage area of the user terminal 1200. It The manufacturer and communication carrier of the user terminal 1200 is the user's personal information and the unique ID of the user terminal 1200.
Is managed in association with.

Step 2220 is a function of creating an electronic ticket. Specifically, the data that is the basis of the electronic ticket is created, and the data is encrypted. An electronic ticket creation algorithm (including encryption and electronic signature processing) will be described later with reference to FIG. Next, the encrypted data is converted into a code image. Then, in step 2240, a directory provided individually for each member in the service issuer system 1100 is created, and the code image is stored in this directory. Then, a URL (Uniform Resource Lo
cator) to the user terminal 1200. The URL is information for specifying the storage location of the electronic ticket.

Here, the electronic ticket is a barcode or 2
If represented by a dimensional code, a general-purpose reader (for example, a bar code reader, a two-dimensional code reader, etc.) can be used in the price collection system 1300 and the service system 1400 described below. However, the user terminal 12
If 00 and the interface of the reading device match, these data can be delivered and received, and the electronic ticket is not limited to the bar code or the two-dimensional code.

In response to a user's instruction, the user terminal 1200 uses the URL to access the directory specified by the URL and download the electronic ticket from the directory. In step 2120, the user terminal 12
The storage function 1210 of 00 receives an input of the storage location from the user and stores the electronic ticket in the designated local recording area. Instead of the user terminal 1200 downloading the electronic ticket using the URL, the service issuer system 1100 may directly send the electronic ticket to the user terminal 1200.

In step 2140, the service issuer system 1100 writes the URL information in an electronic mail, specifies the member information in the service issuer system 1100 using the member ID as a key, and extracts the member information from the member information. It is preferable to extract the user's mail address and send the e-mail containing the URL to the extracted mail address. This processing is not the essence of the present invention, but when this transaction is performed using wireless communication, for example, it cannot be said that there is no possibility that communication will be interrupted during the download due to changes in the surrounding environment, and it will Backup function when download is not done is essential. Figure 3
9 is a flowchart illustrating in detail a function of creating an electronic ticket in step 2220.

The electronic ticket creation function 1 (3000) creates the value 0 (3110) of the applied ticket in the ticket data generation means of step 3100. For example, in the case of a concert ticket, the value 0 includes the name of the concert and the artist, the date and time of the concert, the name of the concert venue, the seat type and seat number, the price, and the like. In step 3200, the service issuing system 1100 sets the value 0 as a signature target.
Create a hash value with a value of 0 using the hash function stored in. The hash function is an appropriate function for associating a numerical value (hash value) with a character string.
Next, in step 3300, the ticket issuer's private key 3310 is applied to the hash value to generate signature data. That is, the hash value is encrypted with the secret key 3310. This encrypted data becomes the signature data. It should be noted that a private key for making a signature and a public key for verifying the signature are paired. The service issuer system 1100 generates a public key 3200 together with the private key 3310, and sends the public key 3200 to the payment collector system 1300 and the service provider system 1400. Then, in step 3400, the password 34
The signature data is encrypted using 10 as a key, and in step 3400, the encrypted value and the value 0 (3110) are combined to create the value 1 (3510). The password 3410 may be set for each electronic ticket application or may be set for each user (member ID).

FIG. 4 shows a data table 40 managed by the ticket management function 1120 of the service issuer system 1100.
FIG. 4 is an explanatory diagram showing a relationship between 00 and the electronic ticket (value 1) generated in FIG. 3.

The data table 4000 has a field 4110 for storing a ticket ID for identifying a ticket.
And a field 4120 for storing ticket data indicating the contents of the ticket (name of concert and artist, date and time of concert, name of concert venue, seat type, seat number, price, etc.), and a field for storing password 3410. 4130 and a field 4140 for storing the transaction status. The transaction status refers to the state of the ticket at the time from when the ticket is sold until it is collected after use.For example, (pre-sale, reserved, unsettled, settled) There are statuses such as unused, used, etc. In addition, this data table 4000 is naturally associated with the electronic ticket 4200, the electronic invoice 4300, and the electronic receipt 4400, and these are ticket IDs (4110 , 4210, 4310, 4410)
Are tied together. Therefore, in the ticket data,
The same contents as the ticket data of the data table 4000 are described. Similarly, in the signature data, the data table
The same contents as the 4000 transaction status are described. And when the transaction status of the signature data is changed,
The transaction status of the data table 4000 is also preferably updated at the earliest possible timing.

On the other hand, the bill data 4320 describes the amount of money, the expiration date, and the payable place. Further, as will be described later, the bill data 4320 may include a key for changing the transaction status. The signature data 4330 is an electronic signature for the invoice data 4320 described above, and is different from the signature data 4230 included in the electronic ticket. Further, the receipt data 4420 includes the password of the data table 4000 and the store identification number of the payment collector system 1300. The signature data 4430 is an electronic signature for the receipt data 4420, and the signature data 4430 is signed using the private key of the payment collector system 1300.

FIG. 5 is a flow chart showing the processing for relieving the user terminal 1200 when the user terminal 1200 in FIG. 2 fails in the download.

The user terminal 1200 is a service issuer system
Even if the download fails due to a network failure or the like in a series of transactions with 1100, it is possible to receive the issuance confirmation e-mail issued by the service issuer system 1100. Therefore, if the user terminal 1200 can receive this email, in step 5100, by passing the URL information described in this email to the browser of the user terminal 1200,
You can reconnect to the member-only directory.

The service issuer system 1100 is a step
In 5200, the unique ID of the user terminal 1200 is obtained from the user terminal 1200 that has requested the connection, and it is verified whether this unique ID matches the member information registered in advance. If the authentication of this user terminal is successful (user terminal
Unique ID obtained from 1200 and service issuer system 11
When the unique ID stored in 00 matches), the access control function 5220 transitions the URL of the browser to the member-only directory. Then, the user terminal 1200 downloads the electronic ticket and saves it in a local storage area. Note that step 5300 is the same processing as step 2400 of FIG. 2 described above, so detailed description will be omitted.

FIG. 6 is a flow chart for making it possible to pay the ticket price at an actual store.

First, the user terminal 1200 determines the step 6100.
At, the electronic bill is displayed on the display unit of the user terminal.

The payment collector system 1300 is step 6200.
At, the electronic invoice 4300 is read and the signature data 4330
And invoice data 4320 are acquired. Further, the price collector system 1300 receives from the service issuer system 1100 a public key paired with the private key of the service issuer system 1100. Next, the invoice data 4320 and the public key of the service issuer system 1100 are used to verify the signature data 4330.
If this verification is successful, the electronic invoice 4300 is determined to be correct and the user's payment is accepted.

When the payment collector receives an instruction to complete the payment, in step 6220 the password 34
Perform the process to obtain 10. That is, the service issuer system 1100 is requested to update the status and the sales record is notified, and instead the service issuer system 1100 is notified.
Get password 3410 from 1100. And step
In 6240, receipt data including the password 3410 and the store identification number for identifying the person who collects the payment is created. As a result, the payment collector system 1300
Since you can get the password 3410, this password 3410
Can be notified to the user terminal 1200. In addition, instead of obtaining the password 3410 from the service issuer system 1100, the payment collector system 1300 uses the password 3410 in the electronic invoice to use the payment collector system 1300 instead of receiving the status update request and the sales performance notification. Worker terminal 12
You may get an electronic invoice from 00 and get a password from the electronic invoice. User terminal 1200, step 6120
In the payment collector system 1300, password 3410
And the receipt data including the identification number of the store is obtained and saved in the local storage area of the user terminal 1200.

The service issuer system 1100 is a step
At 6300, a request for updating the sales record and status of the store is obtained from the price collector system 1300, and the transaction status 4140 of the electronic ticket is changed from “reserved” to “settled”. The ticket issuer makes a sales request to the store based on the transaction status 4140 recorded in the database of the service issuer system 1100.

FIG. 7 is a flowchart showing in detail the electronic bill creating function which is created simultaneously with the electronic ticket in step 2220.

The payment collector system 1300 previously generates a public key for encryption and a private key for decrypting the encryption, and uses the public key as the service issuer system 1100.
Send to.

The electronic bill making function 7000 executes step 7100.
At 34, the password 3410 is encrypted as data to be encrypted with the public key of the payment collector system 1300. Next, in step 7200, this encrypted value and the invoice data (amount and expiration date, place where payment is possible, etc.) are combined to obtain the value 2 (721
Create 0). Next, in step 7300, the hash value (digest function) is applied to the signature target data with the value 2 as the signature target data, and the hash value is acquired. Further, in step 7400, signature data is created using this hash value and the private key 7410 of the service issuer system 1100. Then, the signature data 4330 and the signature target data 4320 are combined to create the value 3 (that is, the electronic bill 4300).

FIG. 8 is a flow chart showing a process for checking an electronic ticket at a concert hall or the like.

When using an electronic ticket, the user terminal 1200
In step 8100, displays one or a plurality of electronic tickets stored in the storage area of the user terminal 1200 on the display unit, receives the selection of the electronic ticket desired to be used from the user, and reads the electronic ticket. , On the display unit of the user terminal 1200. Also, step 81
At 20, the password 3410 for validating the electronic ticket and the store identification number are converted into a code image and displayed on the display unit of the user terminal 1200.

The service provider system 1400 is a step
At 8200, the electronic ticket is read. The service provider system 1400 also accepts the input of the password 3410 and the store identification number. Note that the service provider system 1400 may separately accept the input processing of the electronic ticket, the password 3410, and the store identification number,
One code image including these may be created by the user terminal 1200 and this code image may be accepted at once. next,
In step 8220, the password 3410 is used to decrypt the electronic ticket. The compounding process and the ticket validity verification process will be described with reference to FIG. If it is determined in step 8240 that the ticket is correct, the password 3410 and the store identification number are collected.

FIG. 9 is a flow chart showing a process for verifying the validity of an electronic ticket in the service provider system 1400.

The service provider system 1400 reads the value 1 (3510) of the electronic ticket from the user terminal 1200 and divides it into the value 0 (3110) and its electronic signature data in step 9100. However, this electronic signature data is encrypted, and in step 9120 it is decrypted using the password 3410. By decrypting this digital signature data,
The electronic signature data is validated, and thereby the electronic ticket is also validated. Next, in the signature verification means of step 9140, the value 0 (3110) and the service issuer system 110
The public key 3200 of 0 is used to verify the decrypted electronic signature data. Specifically, the service provider system 1400 stores the hash function used to generate the electronic signature data. And the service provider system
The 1400 operates the hash function on the value 0 (3110) to obtain the hash value of the electronic ticket. On the other hand, the service provider system 1400 further decrypts the electronic signature data decrypted by the password using the public key 3200.
Then, the service provider system 1400 compares the hash value of the electronic ticket with the value of the electronic signature data decrypted using the public key 3200, and if both values are the same, the electronic signature is valid. If both values are not the same, it is determined that the digital signature is invalid. When it is determined in step 9140 that the electronic signature is correct (that is, when the output value 9160 of the signature verification is TRUE), the service agent system 1400 determines that the correct electronic ticket has come and enters the venue. Display permission. The service provider system 1400 determines that the correct electronic ticket has arrived, and operates a permitting means (for example, a gate) for permitting entry to the venue. The service provider system
Instead of the 1400 validating the electronic ticket, the payment collector system 1300 or the user terminal 1200 may validate the electronic ticket. The process for validating the electronic ticket by the user terminal 1200 is the same as the process for validating the electronic ticket by the payment collector system 1300 and the service provider system 1400.

Although the service provider system 1400 collects the password 3410 and the store identification number in step 9120, the service provider system 1400 may have an input device for inputting these numerical values. In addition, the value displayed on the user terminal 1200 is used as the service provider system.
It may be read by the 1400 (using the character recognition function). Further, the user terminal 1200 may convert these numerical values into a code image, and the service provider system 1400 may read this image.

In the present embodiment, so-called personal computers, workstations, etc. are used as the service issuer system 1100, the service implementer system 1400, the payment collector system 1300, and the user terminal 1200. Each of the above-described means is functionally realized by a program that operates on a computer.

FIG. 11 is an explanatory view showing the hardware for implementing the present invention.

The service issuer system 1100 has a data input device 1101 for receiving input of ticket and member information.
0, access control device 11020 for storing electronic tickets and permitting access only to the correct user terminal to this area, communication device 11030 for accessing the participant device via network 1500, and transaction And a mail creating device 11040 for providing a contact means when a communication failure occurs, and a computing device 11050 for creating electronic ticket data and giving an electronic signature, and further invalidating the signature in the present invention. The table 4000 includes a recording device 11060 that manages tickets and the like.

The service provider system 1400 also includes a data input device 11120 for reading information from the user terminal.
In order to prevent unauthorized use of the ticket, a communication device 11130 for accessing the participant device via the network 1500, a computing device 11150 for validating the digital signature and verifying the digital signature, Double management device 11140, recording device 11 for collecting and storing receipt data used for scrutiny
160 and a display device 11110 for displaying the result of verifying the electronic signature.

Further, in particular, the user terminal 1200 may be a multifunctional mobile terminal having a storage means, a display / input means, a communication means, and capable of loading a program, or a so-called mobile phone, so a so-called computer device. It is not limited to.

Although the payment collector system 1300 is supposed to have a settlement function and a receipt creation function, the service issuer system is required to verify the invoice and issue receipt data (password 3410). In this case, a fax machine or the like having only a communication function may be used, and thus the invention is not limited to so-called computer equipment.

In the above-described embodiment, this processing program had to be installed in the user terminal in order for the user terminal to create the code image. However, using technology such as Java, If the processing corresponding to this program is implemented as a Java applet and the applet can be downloaded from the service issuer system and used, the installation work becomes unnecessary and there is no need to impose a special burden on the user.

FIG. 10 is an explanatory diagram showing the participants and the function of each participant when this mechanism is applied to a taxi coupon.

The taxi coupon shown here is
It is different from the taxi ticket generally called.If you collect the coupon tickets issued when you use the taxi and send the collected coupon tickets to the service issuing company, a part of the taxi price you paid will be cashed back. It is a medium for realizing the service of

The participants in FIG. 1 are replaced as follows. That is, the service issuer is a company that issues and manages taxi coupons, the service implementer is a partner company that uses taxi coupons, the price collection system is an in-vehicle system, and the user terminal is an employee's mobile terminal. Equivalent to.

Also, a taxi coupon management company system
10100 is member management function 10110 and coupon management function 10120
And the partner company system has an electronic signature validation function 10410
With signature verification function 10420, coupon collection function 10430 and communication function 10440, employee mobile terminal 10200 has memory function 10210.
And with communication function 10220.

When using a taxi, the employee's mobile terminal
10200 accesses the taxi coupon management company system 10100 to make a taxi reservation. Upon receipt of the reservation, the taxi coupon management company system 10100 issues an invoice and a coupon ticket with no written amount, and the employee's mobile terminal obtains them. The electronic ticket 4200 in FIG. 4 corresponds to the coupon ticket, and the electronic invoice 4300
Corresponds to the invoice.

On the other hand, the in-vehicle system 10300 has a receipt issuing function 10310 and a communication function 10320. Then, when using a taxi, the in-vehicle system 10300 issues a password 3410 corresponding to a receipt.

When the employee requests the company to settle the travel expenses, an electronic coupon ticket and password 3410 are sent to the affiliated company system 10400, and when the validity of the coupon ticket is confirmed, the settlement request is made. Is accepted, and otherwise it is not accepted.

The above-described embodiment can be realized by replacing the ticket with a coupon ticket by the same mechanism as that of the electronic ticket embodiment.

According to the above embodiment, when the payment is made at the actual store and the ownership of the electronic document is transferred by this, the validity of the electronic document can be changed (changed) by a simple method. become. That is, it is possible to provide a digital signature method capable of guaranteeing the validity of an electronic document after a certain time. Further, by computerizing the ticket, it is possible for anyone to enjoy the advantage that the user can immediately obtain the ticket without being affected by the business hours of the store. That is, even a person who does not subscribe to the payment service provided by a financial institution can enjoy such an electronic ticket service.

[0063]

According to the present invention, even if the status of an electronic document is changed after a certain time due to payment of a price or the like, a mechanism for guaranteeing its effectiveness is provided, and the effectiveness of the electronic document is simplified. It is possible to change (change) by the method.

Alternatively, according to the present invention, even a person who does not subscribe to the settlement service provided by a financial institution or service provider can receive the service.

[Brief description of drawings]

FIG. 1 is an explanatory diagram showing an overview of the entire system of the present invention, showing an overview of participants and the function of each participant.

FIG. 2 is a flowchart showing an outline of processing when issuing an electronic ticket.

FIG. 3 is a flowchart illustrating in detail a function of creating an electronic ticket in step 2220.

4 is an explanatory diagram showing a relationship between a data table 4000 managed by a ticket management function 1120 of the service issuer system 1100 and the electronic ticket (value 1) generated in FIG.

FIG. 5 is a flowchart showing a process for relieving a user terminal in FIG. 2 when the user terminal has failed in downloading.

FIG. 6 is a flowchart showing a process for enabling payment of a ticket price at an actual store.

FIG. 7 is a flowchart illustrating in detail an electronic bill creating function that is created at the same time as an electronic ticket in step 2220.

FIG. 8 is a flowchart showing a process of conducting electronic ticket inspection at a concert hall or the like.

FIG. 9 is a flowchart showing processing for verifying the validity of an electronic ticket in the service provider system 1400.

FIG. 10 is an explanatory diagram showing the participants when the mechanism is applied to a taxi coupon and the function of each participant.

FIG. 11 is an explanatory diagram describing a hardware configuration for implementing the present invention.

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) G06F 17/60 424 G06F 17/60 424 512 512 (72) Inventor Shuji Terada 890 Kashimada, Saiwai-ku, Kawasaki-shi, Kanagawa Address Company Hitachi Ltd. Information Service Division (72) Inventor Takeshi Kojima 890 Kashimada, Sachi-ku, Kawasaki City, Kanagawa Prefecture Corporate Solution Business Division (72) Inventor Mitsuru Iwamura 2-14 Nakamura, Nerima-ku, Tokyo 17 F term (reference) 5J104 AA09 LA03 LA05 LA06 NA02 PA10

Claims (15)

[Claims] 1. A digital signature method by a computer for digitally signing an electronic document, wherein a common key generation means issues to the user if the user who uses the electronic document satisfies a predetermined condition. A private key for obtaining the electronic signature, and a private key corresponding to the private key for verifying the legitimacy of the electronic document. Then, the electronic signature generation means generates the electronic signature of the electronic document by causing the private key to act on the electronic document, and the encryption calculation means encrypts the electronic signature with the common key. The document and the encrypted electronic signature are issued to the user by an electronic signer who applies the electronic signature to the electronic document, and the public key is used by the electronic signer to verify the validity of the electronic document. Verification Digital signature method that is issued to that verifier. 2. The electronic signature method according to claim 1, wherein the predetermined condition includes that the user has completed the payment of the consideration for the electronic document. 3. The electronic signature method according to claim 2, wherein the electronic document management means manages whether or not payment for the electronic document has been paid for the electronic document issued to the user. 4. The common key issuing means issues the common key to the payment collector of the payment collector when the payment collector collecting the payment notifies the payment collector of the payment. The electronic signature method according to claim 2, wherein the common key is issued from the price collector to the user. 5. The electronic signature according to claim 1, wherein the hash value generation means generates a hash value by applying a hash function to the electronic document, and the electronic signature is an electronic signature of the hash value. Method. 6. The electronic signature method according to claim 1, wherein the electronic document includes an electronic ticket or an electronic coupon. 7. A digital signature system for digitally signing an electronic document, wherein a common key to be issued to the user is generated when a user who uses the electronic document satisfies a predetermined condition. A common key generating means, a secret key for obtaining the electronic signature, and a secret key generating means for generating a public key corresponding to the secret key and verifying the legitimacy of the electronic document; By applying a key to the electronic document,
The electronic document and the encrypted electronic signature are provided to the user, the electronic document generating means generating an electronic signature of the electronic document, and the encryption operation means encrypting the electronic signature with the common key. An electronic signature system that is issued to a verifier that verifies the validity of the electronic document. 8. An electronic document verification method by a computer for verifying the authenticity of an electronic document by an electronic signature, wherein a storage means stores a public key issued by an electronic signer who applies the electronic signature to the electronic document. The first acquisition unit acquires the common key issued from the electronic signer to the user of the electronic document, and the second acquisition unit stores the electronic document from the user terminal of the user. And a digital signature encrypted by the common key, decryption operation means decrypts the digital signature by the common key, and verification means applies the public key to the digital signature. An electronic document verification method for verifying the legitimacy of the electronic document. 9. The verification means obtains a hash value by acting on the electronic document the hash function used to generate the electronic signature, and decrypts the decrypted electronic signature with the public key, 9. The legitimacy of the electronic document is verified by comparing the hash value with the value of the electronic signature decrypted by the public key.
Electronic document verification method described in. 10. The electronic document verification method according to claim 9, wherein the usage permission unit permits the usage of the electronic document when it is verified that the electronic document is valid. 11. An electronic document verification system for verifying the legitimacy of an electronic document by an electronic signature, a storage unit for storing a public key issued by an electronic signer who applies the electronic signature to the electronic document, First acquisition means for acquiring a common key issued from a digital signer to the user of the electronic document; a digital signature encrypted by the electronic document and the common key from a user terminal of the user A second obtaining unit that obtains, a decryption operation unit that decrypts the electronic signature with the common key, and a public key that acts on the electronic signature,
An electronic document verification system comprising a verification means for verifying the legitimacy of the electronic document. 12. A computer-based payment collection method for collecting a consideration for an electronic document from a user of an electronic document to which a digital signature has been applied, wherein the notification means collects the consideration from the user. To the issuer who issued the electronic document, and the obtaining means obtains the common key used for encryption of the electronic signature from the issuer, and the common key Is a payment collection method issued to the user by the payment collector who has collected the consideration. 13. A payment collection system for collecting a consideration for the electronic document from a user of an electronic document to which an electronic signature has been applied, wherein the consideration is collected when the consideration is collected from the user. To that effect, notification means for notifying the issuer who issued the electronic document, and a common key used for encryption of the electronic signature, acquisition means for acquiring from the issuer, the common key, A payment collection system that is issued to the user from a payment collector who has collected the consideration. 14. A computer-based payment collection method for collecting a charge for an electronic document from a user of an electronic document having an electronic signature, wherein the first acquisition means is a user terminal of the user. From the above, the electronic signature is acquired, and when the notification means collects the consideration from the user, the notification means notifies the issuer who issued the electronic document that the consideration has been collected, and the second acquisition means Obtains the common key used for encryption of the electronic signature from the issuer, the decryption operation means decrypts the electronic signature with the common key, and the issuing means obtains the decrypted electronic signature. , A method of collecting the price to be issued to the user terminal. 15. A price collection system for collecting a consideration for an electronic document from a user of an electronic document having an electronic signature, wherein the electronic signature is acquired from a user terminal of the user. And a notification means for notifying the issuer, who has issued the electronic document, that the consideration has been recovered when the consideration has been recovered from the user, and is used for encrypting the electronic signature. Second obtaining means for obtaining a common key from the issuer, decryption operation means for decrypting the electronic signature with the common key, and issuing means for issuing the decrypted electronic signature to the user terminal Payment collection system with and.