JP2005311531A5 - - Google Patents
Download PDFInfo
- Publication number
- JP2005311531A5 JP2005311531A5 JP2004123299A JP2004123299A JP2005311531A5 JP 2005311531 A5 JP2005311531 A5 JP 2005311531A5 JP 2004123299 A JP2004123299 A JP 2004123299A JP 2004123299 A JP2004123299 A JP 2004123299A JP 2005311531 A5 JP2005311531 A5 JP 2005311531A5
- Authority
- JP
- Japan
- Prior art keywords
- signature
- key
- information
- signer
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Claims (6)
鍵センタ装置は、鍵生成検証公開情報と鍵生成秘密情報を保持しており、
署名者端末が、署名対象文書に所定のハッシュ関数を作用させた情報と署名対象文書の送信先情報とのうちのいずれか1つ又は両方を含む署名有効条件と署名者の識別子とを含む署名鍵要求情報を鍵センタ装置に送信するステップと、
鍵センタ装置が、署名者端末から受信した署名鍵要求情報と、保持している鍵生成検証公開情報及び鍵生成秘密情報とから、当該署名鍵要求情報と鍵生成検証公開情報を含む情報を用いることによってのみ検証可能なように署名鍵を作成し、当該署名鍵を署名者端末に送信するステップと、
署名者端末が、鍵センタ装置から受信した署名鍵を用いて、署名対象文書のデジタル署名を作成し、署名対象文書と、作成したデジタル署名と、署名者の識別子と、署名有効条件とを含む情報を検証者端末に送信するステップと
を有することを特徴とするデジタル署名処理方法。 A digital signature processing method for creating and transmitting a digital signature in a system having a key center device and a signer terminal connected to the key center device via a communication network,
The key center device holds key generation verification public information and key generation secret information,
The signer terminal includes a signature validity condition including any one or both of information obtained by applying a predetermined hash function to the signature target document and transmission destination information of the signature target document, and a signer identifier. Transmitting key request information to the key center device;
The key center device uses information including the signature key request information and the key generation verification public information from the signature key request information received from the signer terminal and the held key generation verification public information and key generation secret information. Creating a signing key so that it can only be verified, and sending the signing key to the signer terminal;
The signer terminal creates a digital signature of the document to be signed using the signature key received from the key center apparatus, and includes the signature target document, the created digital signature, the signer identifier, and the signature validity condition. And a step of transmitting information to the verifier terminal.
鍵センタ装置は、
鍵生成検証公開情報と鍵生成秘密情報を保持する手段と、
署名対象文書に所定のハッシュ関数を作用させた情報と署名対象文書の送信先情報とのうちのいずれか1つ又は両方を含む署名有効条件と署名者の識別子とを含む、署名者端末から受信した署名鍵要求情報と、保持している鍵生成検証公開情報及び鍵生成秘密情報とから、当該署名鍵要求情報と鍵生成検証公開情報を含む情報を用いることによってのみ検証可能なように署名鍵を作成し、当該署名鍵を署名者端末に送信する手段とを有し、
署名者端末は、
前記署名鍵要求情報を鍵センタ装置に送信する手段と、
鍵センタ装置から受信した署名鍵を用いて、署名対象文書のデジタル署名を作成し、署名対象文書と、作成したデジタル署名と、署名鍵要求情報とを含む情報を検証者端末に送信する手段とを有し、
前記デジタル署名処理方法は、
検証者端末が、署名対象文書と、デジタル署名と、署名鍵要求情報とを署名者端末から受信するステップと、
署名者端末から受信した署名者の識別子と、別に取得した当該署名者の識別子とを比較することにより、署名者端末から取得した前記署名者の識別子の正当性を検証するステップと、
署名鍵要求情報と鍵生成検証公開情報とを含む情報を用いることによって、デジタル署名を検証するステップと
を有することを特徴とするデジタル署名処理方法。 A digital signature processing method for verifying a digital signature created by a system having a key center device and a signer terminal connected to the key center device via a communication network,
The key center device
Means for holding key generation verification public information and key generation secret information;
Received from the signer terminal including a signature valid condition including any one or both of information obtained by applying a predetermined hash function to the signature target document and destination information of the signature target document, and the signer identifier. signature and key request information, and a the held key generation verification public information and the key generation secret information, signature key as verifiable only by using the information including the signature key request information and the key generation verification public information And means for transmitting the signing key to the signer terminal,
The signer's terminal
Means for transmitting the signature key request information to a key center device;
Means for creating a digital signature of the signature target document using the signature key received from the key center device, and transmitting information including the signature target document, the created digital signature, and signature key request information to the verifier terminal; Have
The digital signature processing method includes:
A step in which a verifier terminal receives a document to be signed, a digital signature, and signature key request information from the signer terminal;
Verifying the validity of the signer identifier obtained from the signer terminal by comparing the signer identifier received from the signer terminal with the signer identifier obtained separately;
And a step of verifying the digital signature by using information including the signature key request information and the key generation verification public information.
デジタル署名の検証をするステップの前に、検証者端末が、署名者端末から受信した署名対象文書に前記ハッシュ関数を作用させた情報と、署名者端末から受信した前記署名有効条件に含まれる、署名対象文書にハッシュ関数を作用させた情報とを比較することにより、署名有効条件が署名対象文書に対応しているか否かを検証するステップを更に有する請求項2に記載のデジタル署名処理方法。 In the case where the signature valid condition includes information obtained by applying a predetermined hash function to the signature target document,
Before the step of verifying the digital signature, the verifier terminal is included in information obtained by applying the hash function to the signature target document received from the signer terminal, and the signature validity condition received from the signer terminal. 3. The digital signature processing method according to claim 2 , further comprising a step of verifying whether the signature validity condition corresponds to the signature target document by comparing with information obtained by applying a hash function to the signature target document.
署名者端末は、前記ハッシュ関数を作用させた情報を除いた署名鍵要求情報を含む情報を検証者端末に送信し、検証者端末は、署名対象文書に所定のハッシュ関数を作用させた情報を作成し、その情報を含む情報を用いてデジタル署名の検証をする請求項2に記載のデジタル署名処理方法。 In the case where the signature valid condition includes information obtained by applying a predetermined hash function to the signature target document,
The signer terminal transmits information including signing key request information excluding information obtained by applying the hash function to the verifier terminal, and the verifier terminal transmits information obtained by applying a predetermined hash function to the signature target document. The digital signature processing method according to claim 2 , wherein the digital signature is created using information including the information.
鍵センタ装置は、
鍵生成検証公開情報と鍵生成秘密情報を保持する手段と、
署名対象文書に所定のハッシュ関数を作用させた情報と署名対象文書の送信先情報とのうちのいずれか1つ又は両方を含む署名有効条件と署名者の識別子とを含む、署名者端末から受信した署名鍵要求情報と、保持している鍵生成検証公開情報及び鍵生成秘密情報とから、当該署名鍵要求情報と鍵生成検証公開情報を含む情報を用いることによってのみ検証可能なように署名鍵を作成し、当該署名鍵を署名者端末に送信する手段とを有し、
前記プログラムは、前記コンピュータを、
前記署名鍵要求情報を作成し、鍵センタ装置に送信する手段、
鍵センタ装置から受信した署名鍵を用いて、署名対象文書のデジタル署名を作成し、署名対象文書と、作成したデジタル署名と、署名者の識別子と、署名有効条件とを含む情報を検証者端末に送信する手段
として機能させることを特徴とするプログラム。 A program for causing a computer to function as the signer terminal used in a system having a key center device and a signer terminal connected to the key center device via a communication network,
The key center device
Means for holding key generation verification public information and key generation secret information;
Received from the signer terminal including a signature valid condition including any one or both of information obtained by applying a predetermined hash function to the signature target document and destination information of the signature target document, and the signer identifier. signature and key request information, and a the held key generation verification public information and the key generation secret information, signature key as verifiable only by using the information including the signature key request information and the key generation verification public information And means for transmitting the signing key to the signer terminal,
The program causes the computer to
Means for creating the signature key request information and transmitting it to the key center device;
The signature key received from the key center device is used to create a digital signature of the signature target document, and information including the signature target document, the generated digital signature, the signer identifier, and the signature validity condition is verified. A program characterized by functioning as a means for transmitting to a computer.
鍵センタ装置は、
鍵生成検証公開情報と鍵生成秘密情報を保持する手段と、
署名対象文書に所定のハッシュ関数を作用させた情報と署名対象文書の送信先情報とのうちのいずれか1つ又は両方を含む署名有効条件と署名者の識別子とを含む、署名者端末から受信した署名鍵要求情報と、保持している鍵生成検証公開情報及び鍵生成秘密情報とから、当該署名鍵要求情報と鍵生成検証公開情報を含む情報を用いることによってのみ検証可能なように署名鍵を作成し、当該署名鍵を署名者端末に送信する手段とを有し、
署名者端末は、
前記署名鍵要求情報を鍵センタ装置に送信する手段と、
鍵センタ装置から受信した署名鍵を用いて、署名対象文書のデジタル署名を作成し、署名対象文書と、作成したデジタル署名と、署名者の識別子と、署名有効条件とを含む情報を検証者端末に送信する手段とを有し、
前記プログラムは、前記コンピュータを、
署名対象文書と、デジタル署名と、署名者の識別子と、署名有効条件とを署名者端末から受信する手段、
署名者端末から受信した署名者の識別子と、別に取得した当該署名者の識別子とを比較することにより、署名者端末から取得した前記署名者の識別子の正当性を検証する手段、
前記署名鍵要求情報と鍵生成検証公開情報とを含む情報を用いることによって、デジタル署名を検証する手段
として機能させることを特徴とするプログラム。 A program for causing a computer to function as a verifier terminal for verifying a digital signature created by a system having a key center device and a signer terminal connected to the key center device via a communication network,
The key center device
Means for holding key generation verification public information and key generation secret information;
Received from the signer terminal including a signature valid condition including any one or both of information obtained by applying a predetermined hash function to the signature target document and destination information of the signature target document, and the signer identifier. signature and key request information, and a the held key generation verification public information and the key generation secret information, signature key as verifiable only by using the information including the signature key request information and the key generation verification public information And means for transmitting the signing key to the signer terminal,
The signer's terminal
Means for transmitting the signature key request information to a key center device;
The signature key received from the key center device is used to create a digital signature of the signature target document, and information including the signature target document, the generated digital signature, the signer identifier, and the signature validity condition is verified. Means for transmitting to
The program causes the computer to
Means for receiving from the signer terminal a document to be signed, a digital signature, an identifier of the signer, and a signature valid condition;
Means for verifying the validity of the signer identifier obtained from the signer terminal by comparing the identifier of the signer received from the signer terminal with the identifier of the signer obtained separately;
A program that functions as means for verifying a digital signature by using information including the signature key request information and key generation verification public information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2004123299A JP4554264B2 (en) | 2004-04-19 | 2004-04-19 | Digital signature processing method and program therefor |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2004123299A JP4554264B2 (en) | 2004-04-19 | 2004-04-19 | Digital signature processing method and program therefor |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| JP2005311531A JP2005311531A (en) | 2005-11-04 |
| JP2005311531A5 true JP2005311531A5 (en) | 2007-06-07 |
| JP4554264B2 JP4554264B2 (en) | 2010-09-29 |
Family
ID=35439825
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2004123299A Expired - Fee Related JP4554264B2 (en) | 2004-04-19 | 2004-04-19 | Digital signature processing method and program therefor |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JP4554264B2 (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4906449B2 (en) * | 2006-09-13 | 2012-03-28 | 株式会社リコー | Image processing apparatus, electronic signature assigning method, and electronic signature assigning program |
| JP4829737B2 (en) * | 2006-09-27 | 2011-12-07 | 日本放送協会 | Personal information protection system, key management device and key generation program, signature key generation device and signature key generation program, personal information management device and personal information collection program, and receiving terminal and personal information management program |
| TWI340354B (en) | 2006-12-14 | 2011-04-11 | Inst Information Industry | System, method, and computer readable medium for micropayment with varying denomination |
| US20110238402A1 (en) * | 2010-03-23 | 2011-09-29 | Fujitsu Limited | System and methods for remote maintenance in an electronic network with multiple clients |
| JP2013198123A (en) * | 2012-03-22 | 2013-09-30 | Toshiba Corp | Access control system |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2904819B2 (en) * | 1989-08-25 | 1999-06-14 | 日本電信電話株式会社 | Digital signature method |
| JPH11316543A (en) * | 1998-02-13 | 1999-11-16 | Matsushita Electric Ind Co Ltd | Card data authentication system |
| JP2001042769A (en) * | 1999-07-28 | 2001-02-16 | Cti Co Ltd | Communicating method for electronic data, repeating server and recording medium |
| JP2003244137A (en) * | 2002-02-18 | 2003-08-29 | E Japan:Kk | Method of verifying electronic signature |
-
2004
- 2004-04-19 JP JP2004123299A patent/JP4554264B2/en not_active Expired - Fee Related
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11128477B2 (en) | Electronic certification system | |
| US10511440B2 (en) | Methods of proving validity and determining validity, electronic device, server and computer programs | |
| JP5196021B2 (en) | Trusted platform verification method based on three-factor peer authentication (TePA) | |
| CN109905405B (en) | Security method for lawful interception | |
| CN109729523B (en) | Terminal networking authentication method and device | |
| CN103167491B (en) | A kind of mobile terminal uniqueness authentication method based on software digital certificate | |
| US8533482B2 (en) | Method for generating a key pair and transmitting a public key or request file of a certificate in security | |
| CN104753881B (en) | A kind of WebService safety certification access control method based on software digital certificate and timestamp | |
| RU2008141089A (en) | APPLICATION AUTHENTICATION | |
| WO2013087039A1 (en) | Secure data transmission method, device and system | |
| CN100344208C (en) | Identification method for preventing replay attack | |
| CN101610150B (en) | Third-party digital signature method and data transmission system | |
| CN102577301A (en) | Method and apparatus for trusted authentication and logon | |
| CN101212293A (en) | Identity authentication method and system | |
| CN107517194B (en) | Return source authentication method and device of content distribution network | |
| WO2018076377A1 (en) | Data transmission method, terminal, node device and system | |
| CN102196423A (en) | Safety data transferring method and system | |
| CN104717063A (en) | Software security protection method of mobile terminal | |
| RU2016149497A (en) | SECURITY OF COMMUNICATION WITH ADVANCED MULTIMEDIA PLATFORMS | |
| CN104392185A (en) | Method for verifying data integrity during log forensics in cloud environments | |
| WO2013135170A1 (en) | Method, device, and system for identity authentication | |
| US8452966B1 (en) | Methods and apparatus for verifying a purported user identity | |
| WO2007115495A1 (en) | Cpk-based gateway authenticating apparatus and method | |
| US7975142B2 (en) | Ring authentication method for concurrency environment | |
| CN110336773B (en) | Credibility guaranteeing system, verification method and storage medium of IoT (Internet of things) equipment data |