JP2003158513A - Ic card, its writing method and apparatus, and ic card system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an IC card system that can securely and flexibly issue IC cards and write an application to the IC card so as to improve the convenience of a card issuer and users, and to provide the IC card and its writing method and apparatus. SOLUTION: The IC card system 1 writes an application to the IC card 10, an application developer terminal 20 (card issuer terminal 30) is provided with a first encryption section 222 (322) that encrypts information items AP, AD of a program part and a data part of the application by using a common key DK2 (DK3), a digest generating section 224 (324) for generating an electronic signature on the basis of the information items and a third encryption section 225 (325), and the IC card 10 is provided with a first decoding section 121 that decodes received and encrypted information items CAP, CAD and a decision section 125 that decides whether or not the sender and/or contents of the information items are correct on the basis of the decoded information and the electronic signature.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an IC card in which an application is written, an IC card writing method which is a method for writing an application in the IC card, a writing device for writing in the IC card, and an I.
It relates to a C card system.

[0002]

2. Description of the Related Art Conventionally, since the confidentiality of an application installed in an IC card is emphasized due to the nature of the application, the entire application is collectively encrypted by a common key cryptosystem and a public key cryptosystem, It is sent with the signature of the application that is the signature. IC
The card decrypts by RSA, DES, etc., and stores the application in the non-volatile memory. This guarantees the confidentiality of the application, and also guarantees that the application is authentic (the sender is not false, the contents are not tampered with, etc.).

In addition, ICs are used as SIM cards for mobile phones.
Dynamic download is being carried out in which necessary applications are installed on the spot by using radio waves, such as when a card is installed or when an IC card is used at a ticket office.

The common key cryptosystem is DES, Tr.
The encryption key and the decryption key are the same (common key), such as in the triple-DES, which is a cipher that both the sender and the receiver have in secret and is also called a secret key cryptosystem (hereinafter referred to as a secret key cryptosystem). , "Common key cryptosystem".). Public key cryptosystems are RSA and Diffie-Hellman.
The encryption key is different from the decryption key, and one key (public key) is made public and the other key (secret key) is kept secret, and is also called an asymmetric encryption method (hereinafter "Public key cryptosystem".). A digital signature is a message digest function such as MD5, which is used to irreversibly convert plaintext or ciphertext information into a hash value, which is small data of a certain size, to create a digest, and to use this digest as a public key. This is an encrypted digest that is encrypted with a secret key according to the encryption method. The recipient is
It is possible to confirm from the electronic certificate that the owner of the private key paired with the public key has created the information by performing decryption with the public key according to the public key cryptosystem. It is assumed that the private key cannot be used by anyone other than its owner. A public key certificate is an electronic certificate that a certificate authority guarantees that the information contained in the certificate, such as the public key and the owner's name and affiliation, is that of the principal.

[0005]

However, the application developer encrypts the program part in order to protect the confidentiality, and the card issuer encrypts the data part in order to protect the common key used by the personal information and the application. There is a demand that multiple people individually want to encrypt part of the information of the application that they want to protect from leakage, etc., and if you write the application all at once, there is a problem that it lacks flexibility. It was Further, in the dynamic download, since the radio wave condition is bad, if the communication is interrupted while writing the application, the writing has to be restarted from the beginning, which causes a problem of burdening the user. Further, in order to solve this problem, it is considered that the application is divided and mounted on the IC card, but there are the following problems. (1) When a part of the application is installed, it cannot be determined when the continuation will be performed next time. For example, it may be one second later, while it may be one year later. (2) There is a possibility that the program part and the data part may differ from those of the intended application due to minor version upgrades. (3) Key distribution to decrypt the application is 1
It is desirable to send in one command. If multiple common keys are attached to each part and it is installed in each part, it is possible that a third party creates information and a proper common key to replace the part, and the whole key can be replaced, reducing security. . It should be noted that, here, “to be mounted separately” means that, for example, in the case of a contact type IC card, power is applied to the IC card,
Clock is supplied, ATR from card (initial response)
Command is sent from the terminal side after the command is sent, and even if the power is cut off with only a part of the application being loaded, the remaining part will be loaded next time. It means that the application loading process of can be completed. On the contrary, when the application loading process is collectively performed without powering off, each command is referred to as a batch process even if a part of the divided application is repeatedly loaded.

An object of the present invention is to provide an IC card which enables secure and flexible card issuing, application writing, and improves convenience for the card issuer and user, a writing method, a writing device, and an IC. It is to provide a card system.

[0007]

The present invention solves the above-mentioned problems by the following means for solving the problems. It should be noted that, for ease of understanding, reference numerals corresponding to the embodiments of the present invention will be given and described, but the present invention is not limited thereto. That is, the invention of claim 1 is a writing device of an IC card for writing an application to the IC card (10), wherein the information (AP, AD) of the first part which is a part of the application to be written in the IC card. ) Is encrypted with the first common key (DK2, DK3, DK4), and first encrypted information creating means (222, 322, 422) for creating the first encrypted information (CAP, CAD). , The first common key is encrypted with the public key (PK1) corresponding to the private key (SK1) stored in the IC card, and the first encrypted common key (CDK2, CDK3, CDK4)
First encrypted common key creating means (223, 3)
23, 423) and first transmitting means (23, 33, 43) for transmitting the first encrypted information and the first encrypted common key to the IC card. IC card writing device (20, 30, 40)
Is.

The invention according to claim 2 is the IC according to claim 1.
A writing device for a card, which is a first digital signature creating means (224, 225, 324, 3) for creating a first digital signature (CDAP, CDAD) from the information of the first part.
25, 424, 425) and a first electronic signature transmitting means (23,) for transmitting the first electronic signature to the IC card.
33, 43), and an IC card writing device (20, 30, 40).

The invention of claim 3 relates to claim 1 or claim 2.
An IC card writing apparatus according to claim 1, wherein the IC
Information of a second part (AD) different from the first part, which is a part of the application written in the card, is encrypted with a second common key (DK5) different from the first common key, Second encrypted information creating means (422) for creating encrypted information (CAD) of the second encrypted common key and the second encrypted common key (CDK) by encrypting the second common key with the public key.
5) second encrypted common key creating means (42)
3) and second transmitting means for transmitting the second encrypted information and the second encrypted common key to the IC card, and a writing device (40) for an IC card. ).

The invention according to claim 4 is the IC according to claim 3.
A writing device of a card, wherein a second electronic signature creating means (424, 425) for creating a second electronic signature (CDAD) from the information of the second part, and the second electronic signature by the IC And a second electronic signature transmitting means (43) for transmitting to the card.

The invention of claim 5 is from claim 1 to claim 4.
The IC card writing device according to any one of items 1 to 3, wherein the first or second part of the application written in the IC card is a program part or a data part of the application. An IC card writing device (20, 30, 40).

According to a sixth aspect of the present invention, there is provided an IC card writing method for writing an application in the IC card (10), wherein information of a first portion (AP, which is a part of the application written in the IC card). AD) is encrypted with the first common key (DK2, DK3, DK4),
First to create first encrypted information (CAP, CAD)
Encrypted information creation step (S201, S301, S
402) and the public key (PK1) corresponding to the private key (SK1) stored in the IC card, and encrypts the first common key to generate the first encrypted common key (CDK2, CK2).
DK3, CDK4) first encrypted common key creating step (S203, S303, S404), and transmitting the first encrypted information and the first encrypted common key to the IC card First transmitting step (S20)
6, S306, S407) is provided.

The invention according to claim 7 is the IC according to claim 6.
A method of writing to a card, which is a first electronic signature creating step (S204, S205, S) of creating a first electronic signature (CDAP, CDAD) from the information of the first portion.
304, S305, S405, S406) and the first
And a first electronic signature transmitting step (S206, S306, S407) for transmitting the electronic signature of 1. to the IC card.

The invention of claim 8 is claim 6 or claim 7.
The method of writing to an IC card according to claim 1, wherein the IC
Information of a second part (AD) different from the first part, which is a part of the application to be written in the card, is encrypted with a second common key (SK5) different from the first common key, Second encrypted information creation step (S402) of creating encrypted information (CAD) of the second encrypted key, and the second encrypted common key is encrypted with the public key to obtain a second encrypted common key (CSK5). A second encrypted common key creating step (S404), and a second step of transmitting the second encrypted information and the second encrypted common key to the IC card.
And a transmitting step (S407).

The invention according to claim 9 is the IC according to claim 8.
A method for writing a card, comprising: a second digital signature creating step (S405, S406) of creating a second digital signature (CDAD) from the information of the second portion;
And a second electronic signature transmitting step (S407) of transmitting the electronic signature of 1. to the IC card.

According to a tenth aspect of the present invention, there is provided the IC card writing method according to any one of the sixth to ninth aspects, wherein the first or second part of the application written in the IC card is And a program part or a data part of the application.
It is a card writing method.

According to the invention of claim 11, a secret key storage means (14) for storing the secret key (SK1) and a first part information (AP) which is a part of an application are encrypted. The encrypted information (CAP) and the first common key (DK
2, DK4) is the public key (PK1) corresponding to the private key
The first encrypted common key (CDK2, CD
K4), and a first common key decryption means (121) for decrypting the first encrypted common key into the first common key with the secret key. , The first
A first information decrypting means (122) for decrypting the encrypted information of (1) into the information of the first portion by the first common key decrypted by the first common key decrypting means (IC) ( 10).

According to a twelfth aspect of the present invention, in the IC card according to the eleventh aspect, the first electronic signature reception for receiving the first electronic signature (CDAP) created from the information of the first portion. Means (11) and the first electronic signature and / or the first information decrypted by the first information decryption means
Determination means (12) for determining whether the sender and / or the content of the information of the first part is authentic based on the information of the part
5) and an IC card (10) characterized by
Is.

The invention of claim 13 is the IC card according to claim 11 or claim 12, wherein the information (AD) of a second part which is a part of the application and is different from the first part ) Encrypted second encrypted information (CAD) and a second common key (DK3, DK5) different from the first common key encrypted with the public key. Second receiving means (11) for receiving the encrypted common key
And the second encrypted common key with the secret key
Second common key decryption means (121) for decrypting into the common key of
And a second information decrypting means (122) for decrypting the second encrypted information into the information of the second part with the second common key decrypted by the second common key decrypting means. The IC card (10) is characterized by being provided.

According to a fourteenth aspect of the present invention, in the IC card according to the thirteenth aspect, a second electronic signature reception for receiving a second electronic signature (CDAD) created from the information of the second portion. The sender and / or the content of the information of the second portion based on the means (11) and the information of the second portion decrypted by the second electronic signature and / or the second information decrypting means. Judgment means (125) for judging whether or not it is authentic
And an IC card (10).

A fifteenth aspect of the present invention is the IC card according to any one of the eleventh to fourteenth aspects, wherein the first or second portion is a program section or a data section of the application. The IC card (10) is characterized in that

The invention of claim 16 is an IC card system for writing an application in an IC card, wherein the first IC card writing device (20) according to claim 1 or 2 and the first IC card writing device. A second IC card writing device (30) according to claim 1 or 2, which is different from the writing device of the IC card, and the first encrypted information creating means included in the second IC card writing device. (322) and / or first electronic signature creating means (32
4, 325) of the application relating to the processing by the first encrypted information creating means (222) and / or the first electronic signature creating means (224, 225) included in the first IC card writing device. The IC card system (1) is characterized in that processing is performed on a second part different from the first part.

A seventeenth aspect of the present invention is an IC card system for writing an application in an IC card (10), wherein the IC card writing device (20, 20) according to any one of the first to fifth aspects. 30, 40),
An IC card comprising the IC card (10) according to any one of claims 11 to 15.
It is a card system (1, 1-2).

[0024]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in more detail below with reference to the drawings. (First Embodiment) FIG. 1 shows an IC card I according to the present invention.
First of C card writing device and IC card system
It is a block diagram showing an embodiment. As shown in Figure 1,
The IC card system 1 includes an IC card 10, an application developer terminal 20, a card issuer terminal 30, and the like. The IC card 10 is individually connected to the application developer terminal 20 and the card issuer terminal 30. The IC card system 1 is a system in which the application developer terminal 20 writes the program part of the application to the IC card 10 and the card issuer terminal 30 writes the data part by communicating.
The application is mainly composed of a program part which is a part of program code, a data part which is data necessary for processing of the program part such as personal information, and an attribute information part which is information for informing the outside. Hereinafter, C will be referred to as "OS").
This is information gathered to cause the PU 12 to perform processing suitable for various uses of the IC card 10.

The application developer terminal 20 is a terminal managed by an application developer who develops an application, and the card issuer terminal 30.
Is a terminal managed by a card issuer who distributes the IC card 10 to customers and uses the application for business. Application developer terminal 20
Also, the card issuer terminal 30 includes the storage units 21 and 31, the CP.
U22, 32, communication units 23, 33, etc. are provided, and a part of the application is encrypted and transmitted, and the IC card 1
It is a writing device of an IC card for writing to 0.

The storage unit 21 stores information such as the public key certificate PD2 (including the public key PK2) of the application developer, the secret key SK2 paired with the public key PK2, the program, and the application management database ( Hereinafter, the database is referred to as “DB”) 211. The application management DB 211 is an IC
The information AP of the program part, which is a part of various applications to be mounted on the card 10, is stored and managed. Similarly, the storage unit 31 stores information such as the public key certificate PD3 (including the public key PK3) of the card issuer, the private key SK3, the program, and the like, and includes an application management DB 311. The application management DB 311 stores and manages information AD of the data section which is a part of the application.

The CPUs 22 and 32 are central processing units that centrally control the application developer terminal 20 or the card issuer terminal 30, and are the storage units 21 and 31 and the communication unit 2.
3, 33, etc. are connected. The CPUs 22 and 32 include a common key creation unit 221, 321 and a first encryption unit 222, 32.
2. The second encryption unit 223, 323, the digest creation unit 224, 324, the third encryption unit 225, 325, etc. are provided to create information to be transmitted to store the application in the IC card 10. Each part has a CPU 22, 32.
Is realized by executing the programs stored in the storage units 21 and 31.

FIG. 2 is a diagram for explaining each unit of the CPU. FIG. 2A is a diagram showing encryption of an application, and FIG. 2B is a diagram showing creation of a digital signature. Note that FIG. 2 mainly shows each part of the CPU 22, and C
Parts of the PU 32 different from the CPU 22 are shown in parentheses. The common key creation unit 221 includes a random number generator, creates a common key DK2 used in the common key cryptosystem based on the generated random numbers, and similarly, the common key creation unit 321.
Creates a common key DK3. Common key DK2, DK3
Are deleted after use. As illustrated in FIG. 2A, the first encryption units 222 and 322 use the common key DK2 and DK3 and the common key cryptosystem algorithm stored in the storage units 21 and 31 to determine the application management DB 21.
Information AP and AD of the program part or the data part stored in 1, 311 are encrypted, and encrypted information CAP and CAD that are ciphertexts are created.

As shown in FIG. 2B, the second encryption unit 2
23 and 323 are private keys SK1 of the IC card 10.
The public key PK1 paired with and the common keys DK2, D used in the first encryption units 222, 322 by the algorithm of the public key cryptosystem stored in the storage units 21, 31.
K3 encryption is performed and encrypted common keys CDK2 and CDK
Create 3. The CPUs 22 and 32 obtain a public key as a response by transmitting a command to the IC card 10. As shown in FIG. 2C, the digest creation units 224 and 324 use the message digest functions stored in the storage units 21 and 31, and convert the plaintext or ciphertext information into hash values that are small data of a certain size. It is a means to create a digest by irreversibly converting the value. The digest creating unit 224 creates the digests DAP and DAD from the information AP and AD of the program unit or the data unit stored in the application management DBs 211 and 311.

As shown in FIG. 2 (4), the third encryption unit 2
25 and 325 encrypt the digests DAP and DAD by the secret key SK3 stored in the storage units 21 and 31 and the algorithm of the public key cryptosystem, and create the electronic signatures CDAP and CDAD which are the encrypted digests. . The digest creating units 224 and 324 and the electronic signature units 225 and 325 constitute electronic signature creating means for creating the electronic signatures CDAP and CDAD.

As shown in FIG. 1, the communication units 23 and 33 are
A reader / writer (hereinafter referred to as “R / W”) or the like is a means for communicating with the I / O interface 11 of the IC card 10 in contact or non-contact, and information such as information created by the CPUs 22 and 32 and commands Is transmitted to the IC card 10, and information such as a response is received.

The IC card 10 includes a RAM 13 and a ROM 1
4, an EEPROM 15, a CPU 12, an I / O interface 11 and the like, and an application developer terminal 20.
And the card issuer terminal 30 are separately connected. The IC card 10 has been initialized and is ready for adding applications (OS is operable, EEPROM
15), which has a sufficient free space, and can mount multiple applications in the EEPROM 15.
tos card and Java card (JAVA is a registered trademark)
Etc. is a multi-application IC card. I / O
The interface 11 includes communication units 23, 33 such as R / W.
It is an input / output circuit that enables communication with, and receives other information such as a command from the application developer terminal 20 or the card issuer terminal 30 and transmits information such as a response.

The CPU 12 is a central processing unit that controls the IC card 10 as a whole, and the I / O interface 11
Also, the RAM 13, the ROM 14, the EEPROM 15 and the like are connected. The CPU 12 uses the first decoding unit 121 and the second decoding unit 121.
The decoding unit 122, the third decoding unit 123, the digest creating unit 124, the determining unit 125, and the like are provided. Each part is a CPU
By using the work area of the RAM 13 and executing the program stored in the ROM 14 based on the command received from the application developer terminal 20 or the card issuer terminal 30 via the I / O interface 11, Will be realized. The CPU 12 sends a response, which is the result of the processing, from the I / O interface 11 to the application developer terminal 20 or the card issuer terminal 30.
Return to.

FIG. 3 is a diagram for explaining each unit of the CPU. Note that FIG. 3 mainly shows processing of information received from the application developer terminal 20, and processing different from that of the application developer terminal 20 regarding information received from the card issuer terminal 30 is shown in parentheses. . As shown in FIG. 3A, the first decoding unit 121
Is based on the secret key SK1 stored in the ROM 14 and the public key cryptosystem.
And the second encryption units 223, 32 of the card issuer terminal 30.
Encrypted common key CDK2, CDK created by 3
3 is decrypted into common keys DK2 and DK3. As shown in FIG. 3C, the second decryption unit 122 uses the common keys DK2 and DK3.
And the common key cryptosystem stored in the ROM 14, the encrypted information CAP ', CAD' (possibility of falsification) created by the first encryption units 222, 322 of the application developer terminal 20 and the card issuer terminal 30. The encrypted information CAP and CAD including CAP ', CAD'
And same as below. ) Is decoded into information AP ', AD' in the program section or the data section.

As shown in FIG. 3B, the third decoding unit 12
3 is the public key P included in the public key certificates PD2, PD3
The digital signatures CDAP and CDAD created by the third encryption units 225 and 325 of the application developer terminal 20 and the card issuer terminal 30 are digested by K2, PK3, and the algorithm of the public key cryptosystem.
Decode to P, DAD. As shown in FIG. 3 (4), the digest creating unit 124 uses the message digest function stored in the ROM 14, and the second decrypting unit 12 uses the message digest function.
From the information AP ', AD' of the program part or the data part decrypted by 2, the digest DAP ', DAD'
To create. As shown in FIG. 3 (5), the determination unit 125
Determines whether the sender of the information is authentic or not, depending on whether or not the decryption by the third decryption unit 123 is normally performed. Digest DAP, DAD and Digest D
By comparing AP ′ and DAD ′ and determining whether or not they match, it is determined whether or not the contents of the decrypted program part or data part information AP ′ and AD ′ are authentic.

As shown in FIG. 1, RAM 13, ROM 1
4 and the EEPROM 15 are storage means for storing information. RAM 13 is a volatile memory, CP
It is used as a work area where U12 processes. ROM
14 is a non-volatile read-only memory,
S, private key SK1 unique to IC card 10, public key certificates PD2, P of application developer and card issuer
It stores information such as D3, algorithms such as common key cryptosystem and public key cryptosystem. The EEPROM 15 is a non-volatile memory that can be rewritten at any time, and is usually used as a user work area, program area, or the like. Incidentally, the EEPROM 15 or the ROM 14 and E
EPROM 15 has private key SK1, public key certificate PD2
Information such as PD3, algorithms such as common key cryptosystem and public key cryptosystem may be stored.

FIG. 4 is a flow chart showing the first embodiment of the writing method of the IC card according to the present invention. Mainly, application developer terminal 20 and IC card 1
0 processing is mainly shown, and the card issuer terminal 30 and the IC
Parts of the processing of the card 10 different from those of the application developer terminal 20 are shown in parentheses. S10
In 0 and S200, the IC card 10 is connected to the communication unit 23 of the application developer terminal 20.

In S201, the common key creating unit 221 of the application developer terminal 20 creates the common key DK2, and the first encryption unit 222 encrypts the information AP of the program unit with this common key DK2. In S202, the CPU 22 sends a command to the IC via the communication unit 23.
The IC card 10 receives the public key PK1 transmitted to the card 10 and transmitted as a response to this command (S101). The second encryption unit 223 encrypts the common key DK2 used for encryption in S201 with this public key PK1 (S203).

In S204, the digest creating section 2
24 creates a digest DAP of the program section. The third encryption unit 225 encrypts this digest DAP with the secret key SK2 of the application developer (S205). In S206, the CPU 22 attaches the attribute information of the application and the mounted certificate header from the communication unit 23, and the encrypted information CAP which is the ciphertext of the program unit created in S201 and S203.
The encrypted common key CDK2 created in step S204
And the onboard certificate including the electronic signature CDAP of the application developer created in S205 to the IC card 1
Send to 0. In S207, the application developer terminal 20 ends the process.

At S102, the I / I of the IC card 10 is
The O interface 11 has application attribute information, encrypted information CAP ′, encrypted common key CDK2,
The mounted certificate header and the electronic signature CDAP are received from the application developer terminal 20. The first decryption unit 121 of the IC card 10 decrypts the encrypted common key CDK2 into the common key DK2 using the secret key SK1 (S10).
3). The second decryption unit 122 uses this common key DK2 for S10.
The encrypted information CAP ′ received in 2 is decrypted into the program part information AP ′ (S104).

In S105, the third decoding unit 123
The electronic signature C received in S102 with the public key PK2 included in the public key certificate PD2 of the application developer
Decrypt DAP to digest DAP. Judgment unit 1
25 determines whether or not the decryption has been normally performed, thereby determining whether or not the transmission source is the application developer indicated by the public key certificate PD2 (S).
106). If the transmission is not normally performed, the transmission source is determined to be not authentic (error) (S109), and the IC card 10
Ends the process (S110).

When the decryption is completed normally, the digest creating section 124 creates the digest DAP 'of the program section decrypted in S104. Judgment unit 1
25 determines whether or not the contents of the program portion information AP has been tampered with by determining whether or not the digest DAP ′ and the digest DAP decrypted in S105 match. If they do not match, it is determined that the content is not authentic (error) (S109), and the IC card 10 ends the process (S110). If they match, the IC card 10 writes the information AP of the program section in the EEPROM 15, and ends the processing (S11).
0).

The card issuer terminal 30 also performs the same processing as S200 to S207 of the application developer terminal 20 (S300 to S307).

According to the first embodiment, the application developer and the card issuer each have their own common key DK.
2, DK3 encrypts the information AP and AD of the program part and the data part of the application, so while maintaining the security in communication, protects part of the information of the application that affects self-interest from leakage. In addition, it is possible to improve convenience for application developers, card issuers and users by flexible card issuing and application writing. Also, the electronic signature C of the program section is used for transmission from the application developer terminal 20.
Since the transmission from the DAP and the card issuer terminal 30 is attached with an on-board certificate including the electronic signature CDAD of the data section,
It has become possible to judge whether the sender and the received information are authentic.

(Second Embodiment) FIG. 5 shows the I according to the present invention.
It is a block diagram which shows C card, the writing device of an IC card, and 2nd Embodiment of an IC card system. As shown in FIG. 5, the IC card system 1-2 includes an IC card 10, a user terminal 50, a distribution server 40, etc., and the user terminal 50 and the distribution server 40 have a telephone line, an optical cable or other priority, or infrared rays or the like. Are connected to each other via the wireless communication line 60. The IC card system 1-2 is a system that writes the application distributed by the distribution server 40 into the IC card 10.

The distribution server 40 is managed by a distributor that distributes applications, and has a storage unit 41 and a CP.
A U42, a communication unit 43 and the like are provided. The storage unit 41 has a public key certificate PD4 (including a public key PK4) and a public key P.
It stores information such as a secret key SK4 paired with K4 and a program, and is provided with an application management DB 411.

The CPU 42 is a central processing unit for centrally controlling the distribution server 40, and includes a storage unit 41 and a communication unit 43.
Etc. are connected. The CPU 42 uses the common key creation unit 42
1, a first encryption unit 422, a second encryption unit 423, a digest creation unit 424, a third encryption unit 425, and the like. Each unit is realized by the CPU 42 executing a program stored in the storage unit 41.

FIG. 6 is a diagram for explaining each unit of the CPU. FIG. 6A is a diagram showing the encryption of the application, and FIG. 6B is a diagram showing the creation of the electronic signature. The common key creation unit 421 uses two different common keys DK.
4 and DK5 are created, and the common key creation unit similarly creates the common key D
Create K3. As shown in FIG. 6 (1), the first encryption unit 422 includes the application management DBs 211 and 311.
The application stored in is divided into information AP and AD of the program part and the data part, each of which is encrypted with common keys DK4 and DK5, and converted into encrypted information CAP and CAD which are ciphertexts.

As shown in FIGS. 6 (2) to 6 (4), the second encryption unit 423, the digest creation unit 424 and the third encryption unit 425 are also the second encryption unit 223 in the first embodiment. , 323, digest creating units 224, 32
The fourth and third encryption units 225 and 325 have the same functions and perform the same processing on the information AP and AD of the program unit and the data unit, respectively. As shown in FIG. 5, the communication unit 43 communicates with the user terminal 50 via the communication line 60, and transmits the information and the like created by the CPU 42 to the IC card 10 via the user terminal 50.

The user terminal 50 is a mobile phone, a mobile terminal,
I such as a personal computer with an R / W connected
It can be used by the user who is the owner of the C card 10,
A terminal that can be connected to the communication line 60 and to which the IC card 10 can be connected. The user terminal 50 includes a communication unit 51, a CPU 52, a storage unit 53, an R / W 54 and the like. The user terminal 50 communicates with the distribution server 40 via the communication line 60, gives commands, power supplies, clocks, etc. to the IC card, receives a response, and repeatedly exchanges information, thereby distributing the server 40 and the IC1.
0 mediates communication between cards.

The IC card 10 includes an I / O interface 11, a CPU 12, a RAM 13, a ROM 14 and an EEP.
It is provided with the ROM 15 and the like, and is inserted and connected to the user terminal 50. FIG. 7 is a diagram illustrating each unit of the CPU. The CPU 12 includes a first decoding unit 121 and a second decoding unit 12
2, a third decoding unit 123, a digest creation unit 124, a determination unit 125, and the like. Each unit performs the same processing as in the first embodiment (see FIG. 3).

FIG. 8 is a flow chart showing a second embodiment of an IC card writing method according to the present invention. S
At 501, the user terminal 50 starts the process when the user inserts the IC card 10 and accesses the distribution server 40 via the communication line 60. The user inputs the information requesting the download of the application, and the user terminal 50 transmits the write request information to the distribution server 40.

The distribution server 40 receives this information and starts processing (S401). The distribution server 40 is as follows.
From S402 to S408 S201 and S of the first embodiment
The same processing from 301 to S207 and S307 is performed. The user terminal 50 mediates communication between the distribution server 40 and the IC card 10 (S502, S503), and ends the process (S504). The IC card 10 is from S601 to S6.
Processing similar to that of the first embodiment is performed up to 11 (see FIG. 3).

As described above, according to the second embodiment, the first
In addition to the effect similar to the embodiment, the distribution server 40 individually processes and distributes the application to the program part and the data part, and therefore, even if communication is interrupted after writing the program part, the data will be transmitted next time. It was sufficient to write only the copy, and it became possible to improve user convenience.

(Modifications) The present invention is not limited to the above-described embodiments, but various modifications and changes can be made, which are also within the scope of the present invention. For example, in the first embodiment, the card issuer terminal 30 uses the public key PK as the common key DK3 used to encrypt the information AD in the data section.
When encrypting with 1, digest D of the program part
The IC card 10 may be encrypted together with the AP so that the validity of only the information AP of the program section can be determined. In this case, the information AD of the data section can be freely changed, but the card issuer knows the structure of the data section and manages the data. This can be understood from the viewpoint of the application developer because it is important that the information AP of the program section is not modified. Further, since the data section is considered to be individual for each IC card 10 such as personal information, it is easy to change,
It has the advantage of being easy to operate.

In the first embodiment, the application developer terminal 20 and the card issuer terminal 30 have the information AP and AD of the program part and the data part, and the common keys DK2 and C.
D3 encryption (see Figure 4, from S201 to S203,
After S301 to S303), the digital signature CDA
Creation of P and CDAD (S204, S205, S304,
Although S305) is performed, the information AP and AD of the program section and the data section may be encrypted after the electronic signatures CDAP and CDAD are created. In addition, in the second embodiment,
Similarly, the distribution server 40 uses the digital signatures CDAP, CDA
After creation of D (see FIG. 8, S405, S406), encryption of information AP, AD, etc. of the program part and data part (S4
02 to S404) may be performed.

In each embodiment, the IC card 10 is
It may be a contact type, non-contact type or contact / non-contact type IC card.

In each embodiment, the encryption is performed by dividing the information AP and AD of the program portion and the data portion of the application, but not only by two, but also by dividing into three or more portions and the like. You may go. Also,
You may divide equally into the amount of information.

In each embodiment, S109 or S60
9 (see FIGS. 4 and 8), the IC card 10 notifies the application developer terminal 20, the card issuer terminal 30 or the user terminal 40 of the error.
The same process may be repeated.

In each embodiment, the IC card 10 is
Decryption of electronic signatures CDAP and CDAD (FIG. 4; S105,
FIG. 8; S605 refer to the encrypted information CAP ', CA.
It may be performed before the decoding of D ′ (see FIG. 4; S104, FIG. 8; S604).

In each embodiment, the IC card 10 is
Although the public key certificates PD2, PD3, and PD4 of the application developer and the card issuer or the distributor are installed in advance, the application developer terminal 20 and the card issuer terminal 30 or the distribution server 40 to another It may be transmitted together with the information (see FIG. 4; S206, FIG. 8; S407).

[0062]

As described above in detail, according to the present invention, the first and / or the partial information of the application is provided.
Alternatively, since the information of the second part is encrypted with the common key, while maintaining the security in communication, for example, a plurality of persons protect some information of the application that affects their own interests from leakage or the like. It becomes possible to improve the convenience of IC card suppliers, users and users by flexibly issuing cards and writing applications. Also, the information of the first part and / or the information of the second part of the application is
Since they are individually encrypted and transmitted to the IC card, for example, even if the communication is interrupted in the middle, it is sufficient to communicate only the part that could not be written next time. Also, it has become possible to improve user convenience. Furthermore, since the IC card receives the first and / or second electronic signature created from the first information and / or the second information of the application, and performs the decoding and the determination, the user of the IC card , It has become possible to determine whether the sender and / or the content is authentic.

[Brief description of drawings]

FIG. 1 is a block diagram showing a first embodiment of an IC card, an IC card writing device, and an IC card system according to the present invention.

FIG. 2 shows a first IC card writing device according to the present invention.
It is a figure explaining each part of CPU in embodiment.

FIG. 3 is a diagram illustrating each part of the CPU in the first embodiment of the IC card according to the present invention.

FIG. 4 is a first IC card writing method according to the present invention.
It is a flow chart which shows an embodiment.

FIG. 5 is a block diagram showing an IC card, an IC card writing device, and an IC card system according to a second embodiment of the present invention.

FIG. 6 shows a second IC card writing device according to the present invention.
It is a figure explaining each part of CPU in embodiment.

FIG. 7 is a diagram illustrating each part of the CPU in the second embodiment of the IC card according to the present invention.

FIG. 8 is a second IC card writing method according to the present invention.
It is a flow chart which shows an embodiment.

[Explanation of symbols]

1,1-2 IC card system 10 IC card 11 I / O interface 12 CPU 13 RAM 14 ROM 15 EEPROM 20 Application Developer Terminal 21, 31, 41 storage 22, 32, 42 CPU 23, 33, 43 Communication unit 30 card issuer terminal 40 distribution server 50 user terminals 60 communication lines 121 First Decoding Unit 122 Second Decoding Unit 123 Third Decoding Unit 124 Digest creator 125 determination unit 221, 321, 421 common key generation unit 222, 322, 422 first encryption unit 223, 323, 423 2nd encryption part 224, 324, 424 Digest creator 225, 325, 425 Third encryption unit

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) H04L 9/32 H04L 9/00 675B 621A

Claims (17)

[Claims] 1. An IC card writing device for writing an application to an IC card, wherein information of a first part which is a part of an application to be written in the IC card is encrypted with a first common key, First encrypted information creating means for creating the first encrypted information, and the first common key is encrypted with the public key corresponding to the private key stored in the IC card, and the first encrypted information is encrypted. First encrypted common key creating means for creating an encrypted common key, and first transmitting means for sending the first encrypted information and the first encrypted common key to the IC card An IC card writing device comprising: 2. The IC card writing device according to claim 1, wherein the first electronic signature creating means creates a first electronic signature from the information of the first part, and the first electronic signature. An IC card writing apparatus, comprising: a first electronic signature transmitting means for transmitting a signature to the IC card. 3. The IC card writing device according to claim 1, wherein the information of a second part that is a part of an application to be written in the IC card and is different from the first part. Is encrypted with a second common key different from the first common key, and second encrypted information creating means for creating second encrypted information; Second encrypted common key creating means for encrypting and creating a second encrypted common key, and transmitting the second encrypted information and the second encrypted common key to the IC card And a second transmitting unit that controls the writing of the IC card. 4. The IC card writing device according to claim 3, wherein the second electronic signature creating means creates a second electronic signature from the information of the second part, and the second electronic device. An IC card writing device, comprising: a second electronic signature transmitting means for transmitting a signature to the IC card. 5. Any one of claims 1 to 4
Item 5. The IC card writing device according to paragraph 1, wherein the first or second part of the application written in the IC card is a program part or a data part of the application. . 6. An IC card writing method for writing an application to an IC card, comprising: encrypting information of a first part, which is a part of the application to be written in the IC card, with a first common key; A first encrypted information creating step of creating encrypted information of No. 1, and encrypting the first common key with a public key corresponding to a secret key stored in the IC card, A first encrypted common key creating step of creating an encrypted common key; a first sending step of sending the first encrypted information and the first encrypted common key to the IC card. A method for writing to an IC card, comprising: 7. The IC card writing method according to claim 6, further comprising: a first electronic signature creating step of creating a first electronic signature from the information of the first portion; A first electronic signature transmitting step of transmitting a signature to the IC card.
How to write a C card. 8. The method for writing to an IC card according to claim 6 or 7, wherein information of a second part which is a part of an application to be written in the IC card and which is different from the first part. Is encrypted with a second common key different from the first common key, and second encrypted information creation step of creating second encrypted information, and the second common key is created with the public key. A second encrypted common key creating step of encrypting and creating a second encrypted common key; transmitting the second encrypted information and the second encrypted common key to the IC card And a second transmitting step of performing the writing. 9. The IC card writing method according to claim 8, further comprising: a second electronic signature creating step of creating a second electronic signature from the information of the second portion; A second electronic signature transmitting step of transmitting a signature to the IC card.
How to write a C card. 10. The IC card writing method according to claim 6, wherein the first or second part of the application written in the IC card is a program of the application. Method of writing to an IC card, which is a data section or a data section. 11. A secret key storage means for storing a secret key, first encrypted information in which information of a first part which is a part of an application is encrypted, and a first common key is the secret. First receiving means for receiving a first encrypted common key encrypted with a public key corresponding to the key, and the first encrypted common key with the private key, the first common key A first common key decryption means for decrypting the first encrypted information, and a first common key decrypted by the first common key decrypting means for decrypting the first encrypted information into information of the first part And an information decryption unit of 1. 12. The IC card according to claim 11, wherein the first electronic signature receiving means receives a first electronic signature created from the information of the first portion, and the first electronic signature. Determination means for determining whether the sender and / or the content of the information of the first portion is authentic based on the signature and / or the information of the first portion decrypted by the first information decrypting means I, characterized in that
C card. 13. The I according to claim 11 or claim 12.
A C card, which is a part of the application and is different from the second encrypted information in which information of a second part different from the first part is encrypted and the first common key Second receiving means for receiving a second encrypted common key in which a second common key is encrypted with the public key; and the second encrypted common key in the second with the secret key. Second common key decryption means for decrypting the second common key decrypting means to decrypt the second encrypted information to the second part information by the second common key decrypted by the second common key decrypting means. An IC card, comprising: a second information decoding means for decoding. 14. The IC card according to claim 13, wherein the second electronic signature receiving unit receives a second electronic signature created from the information of the second portion, and the second electronic signature. Determination means for determining whether the sender and / or the content of the information of the second portion is authentic based on the signature and / or the information of the second portion decrypted by the second information decrypting means. An IC card characterized by being provided. 15. The IC card according to claim 11, wherein the first or second part is a program part or a data part of the application. Featured IC
card. 16. An IC card system for writing an application to an IC card, wherein the first IC card writing device according to claim 1 or 2 is different from the first IC card writing device. Item 1
Or a second IC card writing device according to claim 2, wherein the first encrypted information creating means and / or the first electronic signature creating means included in the second IC card writing device is the Performing a second part different from the first part of the application related to the process by the first encrypted information creating means and / or the first electronic signature creating means included in the first IC card writing device. An IC card system characterized by. 17. An IC card system for writing an application in an IC card, wherein the IC according to any one of claims 1 to 5.
An IC card system comprising: a card writing device; and the IC card according to any one of claims 11 to 15.