JP2006129143A - Secret information transmission/reception system and method therefor, server apparatus and program, and key information storing apparatus - Google Patents

Secret information transmission/reception system and method therefor, server apparatus and program, and key information storing apparatus Download PDF

Info

Publication number
JP2006129143A
JP2006129143A JP2004315632A JP2004315632A JP2006129143A JP 2006129143 A JP2006129143 A JP 2006129143A JP 2004315632 A JP2004315632 A JP 2004315632A JP 2004315632 A JP2004315632 A JP 2004315632A JP 2006129143 A JP2006129143 A JP 2006129143A
Authority
JP
Japan
Prior art keywords
key
certificate
validity
public key
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2004315632A
Other languages
Japanese (ja)
Inventor
Natsuko Hayashi
Yusaku Masunaga
Manabu Mitsuyu
Yoshiyo Mototani
学 三露
優作 増永
佳代 本谷
奈津子 林
Original Assignee
Toppan Printing Co Ltd
凸版印刷株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toppan Printing Co Ltd, 凸版印刷株式会社 filed Critical Toppan Printing Co Ltd
Priority to JP2004315632A priority Critical patent/JP2006129143A/en
Publication of JP2006129143A publication Critical patent/JP2006129143A/en
Application status is Pending legal-status Critical

Links

Images

Abstract

PROBLEM TO BE SOLVED: To provide a secret information transmission / reception system and method, a server device and a program, and a key information holding device for establishing a secure communication path between a key information holding device (IC card) and a server device.
A server 200 on the Internet N transmits a server certificate to a PC 300. The PC 300 verifies the server certificate. The security chip of the IC card 400 transmits the client certificate to the PC 300. The PC 300 transmits the client certificate to the server 200. The server 200 verifies the client certificate. The server 200 encrypts the session key in the storage unit, generates a signature with the server's private key, and transmits these to the PC 300. The PC 300 verifies the received signature using the server public key of the server certificate and transmits it to the security chip. The security chip decrypts the encrypted session key with the client secret key.
[Selection] Figure 1

Description

  The present invention relates to a secret information transmission / reception system and method, a server device and a program, and a key information holding device.

  In recent years, music distribution systems using the Internet, educational course attendance systems using an intranet in companies and schools, and the like have become widespread. Paid music data, educational course data, and the like (hereinafter referred to as content) must be received only by the purchaser who purchased the content. For example, when receiving content using terminals used by an unspecified number of people (such as in school or corporate educational facilities, or shared terminals such as Internet cafes), as shown in FIG. Are connected to the PC 300 via the IC card reader / writer 320, and the PC 300 transmits the information in the IC card 400 to the server 200 and is authenticated by the server 200. Receive.

  However, since the content transmitted from the server 200 is a conventional technique for encrypting communication on the Internet and is distributed using SSL (Secure Socket Layer) that can only be used between the server 200 and the PC 300, the PC 300 And the IC card reader / writer 320, or between the IC card 400 and the IC card reader / writer 320, unencrypted data may be exchanged. There is a problem of being.

As a technique for safely exchanging data between the IC card 400 and the IC card reader / writer 320, the technique of Patent Document 1 is disclosed. This technology is a technology in which the IC card 400 exchanges a public key with the IC card reader / writer 320, and all subsequent data between the IC card 400 and the IC card reader / writer 320 is encrypted by a public key cryptosystem. However, when this technology is used, the information on the IC card 400 that should be directly confirmed by the server is once converted into data by the IC card reader / writer 320, and security is not necessarily ensured.
Japanese Patent Laid-Open No. 2004-38445

  The present invention has been made in view of the above points, a secret information transmission / reception system and method for establishing a secure communication path between a key information holding device (IC card) and a server device, a server device and a program, and key information An object is to provide a holding device.

In order to solve the above problems, the present invention provides a server device connected to a network, a communication device that establishes a session with the server device and transmits / receives data, and key information that stores key information and is incorporated into the communication device. In a secret information transmission / reception system having a holding device, the server device stores a first public key and a first secret key, a certificate that ensures the validity of the first public key, and a session key. Server storage means, first certificate transmission control means for transmitting a certificate that guarantees the validity of the first public key to the communication apparatus, and the second public key received from the communication apparatus. First certificate verification means for verifying whether a certificate that guarantees validity is valid; and a public key of the communication device is extracted from a certificate that guarantees validity of the second public key, and A session key encryption unit that encrypts the session key with the public key of the communication device, and a session key valid information generation unit that creates information indicating the validity of the encrypted session key with the secret key of the server device. And an encrypted session key transmission control means for transmitting the encrypted session key and information indicating the validity of the session key to the communication device, wherein the key information holding device includes a second public key and A key information holding device storing means for storing a second secret key and a certificate for guaranteeing the validity of the second public key; and a certificate for guaranteeing the validity of the second public key. A second certificate transmission control unit for transmitting to the device; and an encrypted session key decrypting unit for decrypting the encrypted session key received from the communication device with the second secret key. Requests the server device to send a certificate that guarantees the validity of the first public key, and sends the certificate that guarantees the validity of the second public key to the key information holding device. Certificate requesting means for requesting, second certificate verifying means for verifying whether or not the certificate that guarantees the validity of the first public key received from the server device is valid, and the key information A certificate relay transmitting means for transmitting to the server device a certificate that guarantees the validity of the second public key received from the holding device; and a certificate that guarantees the validity of the first public key. Session key validity information verification means for extracting one public key and verifying with the first public key whether or not the information indicating the validity of the encrypted session key received from the server device is valid; Receive from server device A secret information transmission / reception system comprising: an encrypted session key transmission unit configured to transmit the encrypted session key to the key information holding device.
Accordingly, since the session key generated by the server device on the network is securely transmitted to the key information holding device, it is possible to perform secure communication between the server device and the key information holding device.

The present invention also provides a server device connected to a network, a communication device that establishes a session with the server device and transmits / receives data, and secret information that stores key information and is incorporated in the communication device. In the transmission / reception system, the server device includes a first public key and a first secret key, server storage means for storing a certificate that ensures the validity of the first public key, and the first public key. First certificate transmission control means for transmitting a certificate that guarantees the validity of the second public key to the communication device, and whether or not the certificate that guarantees the validity of the second public key received from the communication device is valid. A first certificate verification means for verifying, and an encryption received from the communication device by extracting the second public key from a certificate that guarantees the validity of the second public key received from the communication device. A session key validity information verification unit that verifies whether the information indicating the validity of the session key is valid with the second public key, and decrypts the encrypted session key with the first secret key. An encryption session key decryption unit, wherein the key information holding device includes a second public key and a second secret key, a certificate that ensures the validity of the second public key, and a session key. Key information holding device storing means for storing; second certificate transmission control means for sending a certificate that guarantees the validity of the second public key to the communication device; and the first public information from the communication device. A public key receiving means for receiving a key, a session key encryption means for reading out the session key and encrypting it with the received first public key, and a session key encrypted with the second secret key. Create legitimate information Session key valid information generating means, and encrypted session key transmission control means for transmitting the encrypted session key and information indicating the validity of the encrypted session key to the communication device, the communication An apparatus requests the server apparatus to transmit a certificate that guarantees the validity of the first public key, and transmits a certificate that guarantees the validity of the second public key to the key information holding apparatus. Certificate requesting means for requesting, second certificate verifying means for verifying whether or not the certificate that guarantees the validity of the first public key received from the server device is valid, and the key information A certificate relay transmitting means for transmitting to the server device a certificate that guarantees the validity of the second public key received from the holding device; and a certificate that guarantees the validity of the first public key. 1 public key Public key transmitting means for extracting and transmitting the first public key to the key information holding device, and encryption for requesting transmission of the encrypted session key received from the key information holding device to the server device A secret information transmission / reception system comprising a session key transmission unit.
Thus, since the session key generated by the key information holding device is securely transmitted to the server device on the network, secure communication can be performed between the server device and the key information holding device.

Preferably, in the secret information transmission / reception system of the present invention, the session key is different for each session.
Thereby, since the session key is updated for each session established between the server device on the network and the key information holding device, the communication path can be made more secure.

The present invention also provides a server device connected to a network, a communication device that establishes a session with the server device and transmits / receives data, and secret information that stores key information and is incorporated in the communication device. In the transmission / reception system, the server device has a first public key and a first secret key, a server storage unit that stores a session key, and a first public key that transmits the first public key to the communication device. Key transmission control means; session key encryption means for receiving the second public key from the communication device and encrypting the session key with the second public key; and the encryption with the first secret key. Session key validity information generating means for creating information indicating the validity of the encrypted session key, and indicating the validity of the encrypted session key and the session key Encrypted session key transmission control means for transmitting information to the communication device, the key information holding device, key information holding device storage means for storing the second public key and the second secret key, A second public key transmission control means for transmitting the second public key to the communication device; and an encrypted session for decrypting the encrypted session key received from the communication device with the second secret key. A public key request for requesting the server device to transmit the first public key and requesting the key information holding device to transmit the second public key. Means, public key relay transmission means for receiving the second public key from the key information holding device and transmitting the second public key to the server device, and the encrypted data received from the server device Session key Session key validity information verifying means for verifying whether or not the information indicating validity is valid with the public key of the server device, and transmitting the encrypted session key received from the server device to the key information holding device A secret information transmission / reception system comprising: an encrypted session key transmission unit.
As a result, since the session key generated by the key information holding device without using the certificate is transmitted to the server device on the network, a certificate authority that performs processing such as certificate generation and management is not required. Easy to build.

  The present invention also provides a server device connected to a network, a communication device that establishes a session with the server device and transmits / receives data, and secret information that stores key information and is incorporated in the communication device. A server device in a transmission / reception system, which is a first public key and a first secret key, a certificate that guarantees the validity of the first public key, a server storage unit that stores a session key, and the first First certificate transmission control means for transmitting a certificate that guarantees the validity of the public key to the communication device, and whether the certificate that guarantees the validity of the second public key received from the communication device is valid First certificate verification means for verifying whether or not, and extracting the second public key from a certificate that guarantees the validity of the second public key, and encrypting the session key with the second public key Session key encryption means for generating, session key validity information generation means for creating information indicating the validity of the session key encrypted with the first secret key, the encrypted session key, and the encryption An encrypted session key transmission control unit that transmits information indicating the validity of the session key to the communication device.

  Further, the present invention provides a server device connected to a network and storing a first public key and a first secret key, a certificate for assuring the validity of the first public key, and a session key. A communication device that connects to the network, establishes a session with the server device and transmits / receives data, and a certificate that is incorporated in the communication device and ensures the validity of the second public key and the second public key In a secret information transmission / reception system having a key information holding device in which is stored, a certificate for ensuring the validity of the first public key is transmitted to the computer of the server device to the communication device; From the step of verifying whether the certificate that guarantees the validity of the second public key received from the key information holding device is valid, and the certificate that guarantees the validity of the second public key Taking out the second public key, encrypting the session key with the second public key, and creating information indicating the validity of the encrypted session key with the first secret key And a step of transmitting the encrypted session key and information indicating the validity of the encrypted session key to the communication device.

  The present invention also provides a server device connected to a network, a communication device that establishes a session with the server device and transmits / receives data, and secret information that stores key information and is incorporated in the communication device. A key information holding device in a transmission / reception system, wherein the key information holding device stores a public key and a secret key, and a key information holding device storage unit that stores a certificate that guarantees the validity of the public key, and the certificate A certificate transmission control unit that requests to transmit a certificate to the communication device, and an encrypted session key decryption unit that decrypts the encrypted session key received from the communication device with the secret key. And a key information holding device.

  Further, the present invention is connected to a network, the server device in which a first public key and a first secret key, a certificate that guarantees the validity of the first public key, and a session key are stored; A communication device that connects to the network, establishes a session with the server device and transmits / receives data, and is incorporated in the communication device, and the validity of the second public key, the second secret key, and the second public key And a secret information transmission / reception system having a key information holding device storing a certificate that guarantees the certificate, the server device transmits a certificate that guarantees the validity of the first public key to the communication device, The communication device verifies the validity of the certificate that ensures the validity of the first public key transmitted from the server device, and the key information holding device confirms the validity of the second public key. Certificate to ensure Transmitted to the communication device, the communication device transmits to the server device a certificate that ensures the validity of the second public key transmitted from the key information holding device, and the server device transmits the communication to the communication device. Verifying whether the certificate that guarantees the validity of the second public key transmitted from the device is valid, encrypting the session key, and encrypting the session key encrypted with the secret key of the server device Creating information indicating validity, transmitting the encrypted session key and information indicating the validity of the encrypted session key to the communication device, and the communication device transmits the first public key The first public key is extracted from a certificate that guarantees the validity of the encrypted data, and whether the information indicating the validity of the encrypted session key is valid or not is verified with the first public key. The session key Transmitted to the information holding device, the key information holding device, a secret information transmission and reception method characterized by the session key the encrypted received from the communication device decrypts the secret key of the communication device.

  According to the present invention, since the session key generated by the server on the network is securely transmitted to the security chip, security can be ensured over the entire communication path between the server and the security chip. Thus, secure communication can be performed between the server and the security chip.

  The key information holding device (hereinafter referred to as a security chip) of the present invention is a device that transmits and receives secret information and both, and is attached to a device with a detachable casing such as an IC card or an SD card. What is built in or what is built in the device in advance. The security chip may have tamper resistance. Hereinafter, a method for securing a secure communication path (hereinafter referred to as a secure channel) between the IC card 400 and the server 200 (server apparatus) on the Internet N, which is an embodiment to which the present invention is applied, will be described. FIG. 1 is a schematic diagram of a secure channel. The IC card 400 communicates with the IC card reader / writer 320 to transmit / receive data. The IC card reader / writer 320 is connected to a PC 300 (communication device) that can be connected to the Internet N, transmits data received from the PC 300 to the IC card 400, and transmits data received from the IC card 400 to the PC 300. . The PC 300 transmits data received from the IC card reader / writer 320 via the Internet N to the server 200 and receives data from the server 200. The server 200 receives data from the IC card 400 by transmitting and receiving data to and from the PC 300 via the Internet N. In the present embodiment, a method in which the server 200 transmits a session key that is secret data to the IC card 400 in the system connected as shown in FIG. 1 will be described.

  FIG. 2 is a block diagram showing a part of the configuration of the security chip mounted on the IC card 400 used in the present embodiment. A storage unit 120 includes a client public key 121 (second public key) and a client secret key 122 (second secret key) necessary for establishing a session between the security chip 100 and the server 300, a client A certificate 123 (a certificate that ensures the validity of the second public key) is stored. The storage unit 120 is configured by a nonvolatile memory such as a flash memory, or a combination of a nonvolatile memory and a RAM (Random Access Memory). A control unit 110 is a client certificate transmission control unit 111 (second certificate transmission control unit) that instructs the communication unit 130 to transmit the client certificate 123 to the PC 300. An encrypted session key decryption unit 112 that decrypts the session key is included. The communication unit exchanges data with the IC card reader / writer 320 connected to the PC 300.

  FIG. 3 is a block diagram showing a part of the configuration of the server 200 used in this embodiment. A storage unit 220 includes a server public key 221 (first public key), a server secret key 222 (second secret key), and a server necessary for establishing a session between the security chip 100 and the server 300. A certificate 223 (a certificate that ensures the validity of the first public key), a session key 224, and a transmission database 225 to be transmitted to the security chip 100 are stored. A control unit 210 includes a server certificate transmission control unit 211 (first certificate nest control unit), a client certificate verification unit 212 (first certificate verification unit), a session key generation unit 213, and a session key. It includes an encryption unit 214, a session key valid information generation unit 215, and an encrypted session key transmission control unit 216.

  The server certificate transmission control unit 211 performs control to instruct the communication unit 230 to transmit the server certificate 221 to the PC 300. The client certificate verification unit 212 performs processing for verifying the validity of the client certificate received from the PC 300. The session key generation unit 213 generates a session key used for data encryption and decryption after the session is established, and stores the session key in the storage unit 220. The session key encryption unit 213 performs processing for encrypting the session key 224 in the storage unit 220 with the client public key in the client certificate received from the PC 300. The session key validity information generation unit 215 generates information indicating the validity of the session key generated by the session key generation unit 213. The encrypted session key transmission control unit 216 controls the communication unit 230 to transmit the encrypted session key to the client. The communication unit 230 is connected to the Internet wirelessly or by wire. Reference numeral 340 denotes a display unit configured by a CRT (Cathode Ray Tube), a liquid crystal display, or the like.

  FIG. 4 is a block diagram showing a part of the configuration of the PC 300 as a client used in this embodiment. A control unit 310 includes a certificate request unit 311, a server certificate verification unit 312 (second certificate verification unit), a client certificate relay transmission unit 313 (certificate relay transmission unit), and a session key valid information verification unit. 314. An encrypted session key transmission control unit 315 is included.

  The certificate request unit 311 causes the server 200 to transmit a transmission request for the server certificate 223 from the communication unit 330 to the server 200, and also transmits a transmission request for the client certificate 123 to the security chip. To the server 200. The server certificate verification unit 312 performs processing for verifying the validity of the server certificate 223 received from the server 200. The client certificate relay transmission unit 313 instructs the communication unit to transmit the client certificate 123 received from the security chip 100 to the server 200. The session key validity information verification unit 314 verifies the validity of the encrypted session key transmitted from the server 200. The encrypted session key transmission control unit 315 controls the communication unit 330 to transmit the encrypted session key transmitted from the server 200 to the security chip 100. The communication unit 330 is connected to the Internet wirelessly or by wire. 320 is an IC card reader / writer. An input unit 350 includes a keyboard, a mouse, and the like.

Each control unit of the security chip 100, the server 200, and the PC 300 described above is configured by a memory and a CPU (central processing unit), and a program (not shown) for realizing the function of each control unit is loaded into the memory and executed. The function is realized by doing.
Each of these control units may be realized by dedicated hardware.
The storage units of the server 200 and the PC 300 described above are configured by a hard disk device, a magneto-optical disk device, a nonvolatile memory such as a flash memory, a volatile memory such as a RAM, or a combination thereof.

  Hereinafter, an operation of establishing a secure channel between the security chip and the server 200 on the Internet N when distributing content from the server 200 will be described with reference to the flowchart of FIG.

  First, the user inputs data for requesting content distribution from the input unit 330 of the PC 300. When the certificate request unit 311 detects this data, the communication unit 330 is controlled to transmit data requesting the server certificate to the server 200 in order to establish a session with the server 200 (step S1). In response to this, the server certificate transmission control unit 211 of the server 200 reads the server certificate 223 from the storage unit 220 and controls the communication unit 230 to transmit it to the PC 300 (step S2). As shown in step S2 of FIG. 5, the server certificate transmission control unit 211 of the server 200 may generate and further transmit a server signature in addition to the server certificate.

  Next, when the server certificate verification unit 312 of the PC 200 receives the server certificate from the communication unit 330, it verifies the validity of the server certificate (step S3). In addition to the server certificate, when a signature is received from the server, a process for verifying the validity is performed. Any existing certificate / signature verification technique can be applied to these certificate / signature verification methods.

  Thereafter, the certificate request unit 311 of the PC 300 controls the IC card reader / writer 320 so as to transmit data requesting the client certificate 123 to the security chip 100. At this time, if the IC card reader / writer 320 does not detect the IC card 400, the certificate request unit 311 causes the display unit 360 to display an instruction for the IC card reader / writer 320 to detect the IC card 400. . When the IC card reader / writer 320 detects the IC card 400, the client certificate transmission request is transmitted to the security chip (step S4). In response to this, the client certificate transmission control unit 111 of the security chip 100 reads the client certificate 123 from the storage unit 120 and controls the communication unit 130 to transmit it to the PC 300 (step S5). Thereafter, the PC 300 controls the communication unit 330 to transmit the client certificate received from the IC card reader / writer 320 to the server 200 (step S6).

  When receiving the client certificate from the communication unit 230, the client certificate verification unit 212 of the server 200 verifies the validity of the client certificate (step S7). In addition to the client certificate, when a signature is received from the client, processing for verifying the validity is performed. This verification method can also apply any existing certificate / signature verification technology.

If the validity is confirmed as a result of the verification process, the session key generation unit 213 of the server 200 generates a session key and stores it in the storage unit 220. Thereafter, the session key encryption unit 214 of the server 200 reads the client public key from the above-described client certificate received from the PC 300 and uses this to encrypt the session key 224 stored in the storage unit 220. Next, the session key valid information generation unit 215 generates a signature with the server private key 222 of the storage unit 220 (step S8).
Thereafter, the communication unit 230 is controlled to transmit the above-described encrypted session key and the generated signature to the PC 300 (step S9).

  Next, the session key validity information verification unit of the PC 300 reads the server public key from the received server certificate, and verifies the signature received from the server using this (Step S10). Thereafter, the encrypted session key transmission control unit 315 controls the IC card reader / writer 320 to transmit the encrypted session key to the security chip 100 (step S11).

  Receiving this, the security chip 100 reads the client secret key from the storage unit 120, decrypts the encrypted session key using this (step S12), and stores it in the storage unit 120. Then, the communication unit 130 is controlled to transmit data indicating that the process is completed and the session is established to the PC 300. In response to this, the PC 300 transmits data indicating that the session is established to the server 200 (step S14).

  Thereby, a secure channel can be secured between the IC card 400 equipped with the security chip and the server, and secret data can be transmitted and received by encrypting and decrypting data with each other using the session key.

  In the above-described embodiment, the session key is generated by the server 200. However, the server public key is stored in the storage unit 120 of the security chip 100, and the session key generation unit 213 installed in the server 200 in the above-described embodiment. , A function having a processing capability equivalent to that of the session key encryption unit 214, the session key valid information generation unit 215, and the encrypted session key transmission control unit 216 is mounted on the control unit 210, and the PC 300 uses the server chip as a security chip 100. The security chip may generate a session key by installing means for transmitting to the security chip and means for receiving the security chip. The operation in that case is shown below.

  First, the processing of steps S1 to S7 in FIG. Next, the server 200 notifies the PC 300 that the verification of the client certificate has been completed. In response to this, the PC 300 reads the server public key from the server certificate and transmits it to the security chip 100. In response to this, the security chip 100 is similar to the session key generation unit 213, session key encryption unit 214, session key valid information generation unit 215, and encrypted session key transmission control unit 216 installed in the server 200 in the above-described embodiment. The communication unit 130 is controlled to transmit the encrypted session key and information indicating the validity of the encrypted session key to the PC 300. The PC 300 controls the communication unit 330 to transmit the data received from the IC card reader / writer 320 to the server 200 as it is. As a result, the session key is transmitted from the security chip 100 to the server 200.

  FIG. 6 shows a specific example in which secret data necessary for content distribution is transmitted from the server 200 to the security chip 100. The control unit 210 of the server 200 reads the license data from the transmission database 225 of the storage unit 220, encrypts the license data with the above-described session key, and controls the communication unit 230 to transmit to the PC 300 (step Sa). The control unit 310 of the PC 300 controls the IC card reader / writer 320 to transmit the encrypted license data received from the communication unit 330 as it is to the security chip. The security chip 100 receives the encrypted license data from the communication unit 130, decrypts it with the session key stored in the storage unit 120 as described above (step Sb), and stores the decrypted license data in the nonvolatile memory of the storage unit 120 (Step Sc). After that, the security chip control unit 110 controls the communication unit 130 to transmit data notifying that the license data writing process has been completed to the PC 300. The PC 300 controls the communication unit 230 to transmit the notification data received from the IC card reader / writer 320 from the security chip to the server 200 as it is.

  In the above-described embodiment, the server certificate 223 held by the server 200 and the client certificate 123 held by the security chip 100 are transmitted and received, and the certificate verification process is performed. However, these certificates are transmitted and received. Instead, the client public key 121 held by the security chip 100 is transmitted to the security chip 100, and then the server 200 generates a session key, encrypts it with the received client public key, and transmits it to the security chip 100. The chip 100 may receive this and decrypt it with the server public key described above to establish a session.

  In the above-described embodiment, the session key is generated by the server 200 or the security chip 100 every time a session is established. However, one or more session keys are previously stored in the storage unit 220 or the security chip of the server 200. 100 storage units 120 may be used.

  In this way, the security chip 100 transmits the client public key to the server 200, the server 200 generates a session key, encrypts it with the received client public key, and transmits it to the security chip 100. Since the session key is read by decrypting with the secret key, the server 200 and the security chip 100 encrypt and transmit the secret data with the session key, and vice versa. Decryption can be performed, and a secure communication path can be secured. Further, the server 200 transmits a server public key to the security chip 100, the security chip 100 generates a session key, encrypts it with the received server public key, and transmits it to the server 200. The server 200 uses the server secret key. Similarly, when decrypting and reading the session key, the server 200 and the security chip 100 encrypt and transmit the secret data with the session key, and vice versa. Decryption can be performed, and a secure communication path can be secured.

  Further, since the security chip 100 is authenticated using the server certificate and the server 200 is authenticated using the client certificate, there is another device between the server 200 and the security chip 100. Even in an intervening system, it is possible to prevent data from being falsified in the device or the like, thereby ensuring a continuous and safe communication path from the server 200 to the security chip 100.

  As mentioned above, although one embodiment of this invention has been described in detail with reference to the drawings, the specific configuration is not limited to this embodiment, and design and the like within the scope not departing from the gist of this invention are included. .

FIG. 2 is a schematic diagram of a secure channel according to an embodiment of the present invention. It is a block diagram which shows a part of structure of the security chip mounted in an IC card used for the embodiment. It is a block diagram which shows a part of structure of the server on the internet used for the embodiment. It is a block diagram which shows a part of structure of PC used for the embodiment. 4 is a flowchart showing an operation of establishing a secure channel between a security chip and a server on the Internet according to the embodiment. It is a flowchart which transmits the secret data required for content delivery from a server to a security chip by the embodiment. It is the schematic diagram of the system used when transmitting / receiving secret data between the server on the internet and PC using the conventional SSL technique.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 ... Security chip 110 ... Control part 111 ... Client certificate transmission control part 112 ... Encryption session key decoding part 120 ... Storage part 121 ... Client public key 122 ... Client private key 123 ... Client certificate 130 ... Communication part 200 ... Server 210: Control unit 211 ... Server certificate transmission control unit 212 ... Client certificate verification unit 213 ... Session key generation unit 214 ... Session key encryption unit 215 ... Session key valid information generation unit 216 ... Encrypted session key transmission control unit 220 ... Storage unit 221 ... Server public key 222 ... Server private key 223 ... Server certificate 224 ... Session key 225 ... Transmission database 230 ... Communication unit 300 ... PC
DESCRIPTION OF SYMBOLS 310 ... Control part 311 ... Certificate request part 312 ... Server certificate verification part 313 ... Client certificate relay transmission part 314 ... Session key legitimate information verification part 315 ... Encrypted session key transmission control part 320 ... IC card reader / writer 330 ... Communication unit 340 ... Display unit 350 ... Input unit 400 ... IC card N ... Internet network

Claims (8)

  1. In a secret information transmission / reception system comprising: a server device connected to a network; a communication device that establishes a session with the server device and transmits / receives data; and a key information holding device that stores key information and is incorporated in the communication device.
    The server device is
    A first public key and a first secret key, a certificate that ensures the validity of the first public key, and server storage means for storing a session key;
    First certificate transmission control means for transmitting a certificate ensuring the validity of the first public key to the communication device;
    First certificate verification means for verifying whether a certificate that guarantees the validity of the second public key received from the communication device is valid;
    Session key encryption means for extracting the public key of the communication device from a certificate that guarantees the validity of the second public key, and encrypting the session key with the public key of the communication device;
    Session key validity information generating means for creating information indicating the validity of the encrypted session key with the secret key of the server device;
    An encrypted session key transmission control means for transmitting the encrypted session key and information indicating the validity of the session key to the communication device;
    The key information holding device includes:
    A key information holding device storage means for storing a second public key and a second secret key, and a certificate that ensures the validity of the second public key;
    Second certificate transmission control means for transmitting a certificate for ensuring the validity of the second public key to the communication device;
    An encrypted session key decrypting means for decrypting the encrypted session key received from the communication device with the second secret key;
    The communication device
    Request the server device to send a certificate that guarantees the validity of the first public key, and request the key information holding device to send a certificate that guarantees the validity of the second public key. A certificate requesting means,
    Second certificate verification means for verifying whether a certificate that guarantees the validity of the first public key received from the server device is valid;
    Certificate relay transmission means for transmitting to the server device a certificate ensuring the validity of the second public key received from the key information holding device;
    The first public key is extracted from a certificate that guarantees the validity of the first public key, and whether or not the information indicating the validity of the encrypted session key received from the server device is valid Session key valid information verification means for verifying with the first public key;
    A secret information transmission / reception system comprising: an encrypted session key transmission unit configured to transmit the encrypted session key received from the server device to the key information holding device.
  2. In a secret information transmission / reception system comprising: a server device connected to a network; a communication device that establishes a session with the server device and transmits / receives data; and a key information holding device that stores key information and is incorporated in the communication device.
    The server device is
    Server storage means for storing a first public key and a first private key, and a certificate for ensuring the validity of the first public key;
    First certificate transmission control means for transmitting a certificate ensuring the validity of the first public key to the communication device;
    First certificate verification means for verifying whether a certificate that guarantees the validity of the second public key received from the communication device is valid;
    The second public key is extracted from a certificate that guarantees the validity of the second public key received from the communication device, and information indicating the validity of the encrypted session key received from the communication device is valid. Session key validity information verification means for verifying whether or not with the second public key;
    Encrypted session key decrypting means for decrypting the encrypted session key with the first secret key,
    The key information holding device includes:
    A second public key and a second secret key; a certificate that guarantees the validity of the second public key; a key information holding device storage unit that stores a session key;
    Second certificate transmission control means for transmitting a certificate for ensuring the validity of the second public key to the communication device;
    Public key receiving means for receiving the first public key from the communication device;
    Session key encryption means for reading the session key and encrypting it with the received first public key;
    Session key legitimate information generating means for creating information indicating the legitimacy of the session key encrypted with the second secret key;
    An encrypted session key transmission control means for transmitting the encrypted session key and information indicating the validity of the encrypted session key to the communication device;
    The communication device
    Request the server device to send a certificate that guarantees the validity of the first public key, and request the key information holding device to send a certificate that guarantees the validity of the second public key. A certificate requesting means,
    Second certificate verification means for verifying whether a certificate that guarantees the validity of the first public key received from the server device is valid;
    Certificate relay transmission means for transmitting to the server device a certificate ensuring the validity of the second public key received from the key information holding device;
    Public key transmitting means for extracting the first public key from a certificate that guarantees the validity of the first public key and transmitting the first public key to the key information holding device;
    A secret information transmission / reception system comprising: encrypted session key transmission means for requesting the server apparatus to transmit the encrypted session key received from the key information holding apparatus.
  3.   The secret information transmission / reception system according to claim 1, wherein the session key is different for each session.
  4. In a secret information transmission / reception system comprising: a server device connected to a network; a communication device that establishes a session with the server device and transmits / receives data; and a key information holding device that stores key information and is incorporated in the communication device.
    The server device is
    Server storage means for storing the first public key and the first secret key, and a session key;
    First public key transmission control means for transmitting the first public key to the communication device;
    Session key encryption means for receiving the second public key from the communication device and encrypting the session key with the second public key;
    Session key validity information generating means for creating information indicating the validity of the session key encrypted with the first secret key;
    An encrypted session key transmission control means for transmitting the encrypted session key and information indicating the validity of the session key to the communication device;
    The key information holding device includes:
    Key information holding device storage means for storing the second public key and the second secret key;
    Second public key transmission control means for transmitting the second public key to the communication device;
    An encrypted session key decrypting means for decrypting the encrypted session key received from the communication device with the second secret key;
    The communication device
    Public key requesting means for requesting the server device to transmit the first public key and requesting the key information holding device to transmit the second public key;
    Public key relay transmission means for receiving the second public key from the key information holding device and transmitting the second public key to the server device;
    Session key validity information verification means for verifying whether or not the information indicating the validity of the encrypted session key received from the server device is valid with the public key of the server device;
    A secret information transmission / reception system comprising: an encrypted session key transmission unit configured to transmit the encrypted session key received from the server device to the key information holding device.
  5. A server apparatus in a secret information transmission / reception system comprising: a server apparatus connected to a network; a communication apparatus that establishes a session with the server apparatus and transmits / receives data; and a key information holding apparatus that stores key information and is incorporated in the communication apparatus. There,
    A first public key and a first secret key, a certificate that ensures the validity of the first public key, and server storage means for storing a session key;
    First certificate transmission control means for transmitting a certificate ensuring the validity of the first public key to the communication device;
    First certificate verification means for verifying whether a certificate that guarantees the validity of the second public key received from the communication device is valid;
    Session key encryption means for extracting the second public key from a certificate that guarantees the validity of the second public key and encrypting the session key with the second public key;
    Session key validity information generating means for creating information indicating the validity of the session key encrypted with the first secret key;
    A server apparatus comprising: an encrypted session key transmission control unit configured to transmit the encrypted session key and information indicating validity of the encrypted session key to the communication apparatus.
  6. Connected to a network, connected to the network, the server device storing a first public key and a first secret key, a certificate that guarantees the validity of the first public key, and a session key. A communication device that establishes a session with the server device and transmits / receives data, and a key that is incorporated in the communication device and stores a second public key and a certificate that ensures the validity of the second public key In a secret information transmission / reception system having an information holding device,
    In the computer of the server device,
    Transmitting a certificate ensuring the validity of the first public key to the communication device;
    Verifying whether the certificate that guarantees the validity of the second public key received from the key information holding device is valid;
    Retrieving the second public key from a certificate that ensures the validity of the second public key, and encrypting the session key with the second public key;
    Creating information indicating the validity of the session key encrypted with the first secret key;
    A program for executing the step of transmitting the encrypted session key and information indicating the validity of the encrypted session key to the communication device.
  7. Key information retention in a secret information transmission / reception system including a server device connected to a network, a communication device that establishes a session with the server device and transmits / receives data, and a key information holding device that stores key information and is incorporated in the communication device A device,
    The key information holding device includes:
    A key information holding device storage means for storing a public key and a private key, and a certificate for ensuring the validity of the public key;
    Certificate transmission control means for requesting transmission of the certificate to the communication device;
    A key information holding device comprising: an encrypted session key decrypting unit configured to decrypt the encrypted session key received from the communication device with the secret key.
  8. Connected to the network, connected to the network, the server device storing a first public key and a first secret key, a certificate for ensuring the validity of the first public key, and a session key; A communication device that establishes a session with the server device and transmits / receives data, a second public key, a second secret key, and a certificate that guarantees the validity of the second public key, incorporated in the communication device; In a secret information transmission / reception system having a key information holding device in which is stored,
    The server device transmits a certificate ensuring the validity of the first public key to the communication device;
    The communication device verifies the validity of the certificate that guarantees the validity of the first public key transmitted from the server device;
    The key information holding device transmits a certificate ensuring the validity of the second public key to the communication device;
    The communication device transmits a certificate ensuring the validity of the second public key transmitted from the key information holding device to the server device;
    The server device is
    Verifying whether the certificate that guarantees the validity of the second public key transmitted from the communication device is valid;
    Encrypting the session key;
    Creating information indicating the validity of the encrypted session key with the secret key of the server device;
    Sending the encrypted session key and information indicating the validity of the encrypted session key to the communication device;
    The communication device is
    The first public key is extracted from a certificate that guarantees the validity of the first public key, and whether or not the information indicating the validity of the encrypted session key is valid is determined using the first public key. Validate
    Sending the encrypted session key to the key information holding device;
    The key information holding device is
    A method for transmitting and receiving secret information, comprising: decrypting the encrypted session key received from the communication device with a secret key of the communication device.

JP2004315632A 2004-10-29 2004-10-29 Secret information transmission/reception system and method therefor, server apparatus and program, and key information storing apparatus Pending JP2006129143A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2004315632A JP2006129143A (en) 2004-10-29 2004-10-29 Secret information transmission/reception system and method therefor, server apparatus and program, and key information storing apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2004315632A JP2006129143A (en) 2004-10-29 2004-10-29 Secret information transmission/reception system and method therefor, server apparatus and program, and key information storing apparatus

Publications (1)

Publication Number Publication Date
JP2006129143A true JP2006129143A (en) 2006-05-18

Family

ID=36723331

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2004315632A Pending JP2006129143A (en) 2004-10-29 2004-10-29 Secret information transmission/reception system and method therefor, server apparatus and program, and key information storing apparatus

Country Status (1)

Country Link
JP (1) JP2006129143A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008033512A (en) * 2006-07-27 2008-02-14 Toppan Printing Co Ltd Security chip and platform
JP2014530578A (en) * 2011-10-14 2014-11-17 オランジュ Method for transferring control of a security module from a first entity to a second entity
CN105138892A (en) * 2015-08-06 2015-12-09 深圳市文鼎创数据科技有限公司 Data interaction method and apparatus applied to composite smart card device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000312203A (en) * 1999-04-27 2000-11-07 Nippon Telegr & Teleph Corp <Ntt> Method and system for passing control in encryption communication
JP2001237818A (en) * 2000-02-22 2001-08-31 Nec Corp Proxy encryption communication system and method, and recoding medium having program recorded thereon
JP2001358711A (en) * 2000-06-15 2001-12-26 Toden Software Inc Method for certifying third party of electronic distribution data
JP2003124926A (en) * 2001-10-15 2003-04-25 Hitachi Ltd Authentication processing method for encryption communication system and its system
JP2003143136A (en) * 2001-10-30 2003-05-16 Toshiba Corp Identification system and apparatus
JP2003338812A (en) * 2002-05-22 2003-11-28 Uchida Ryuichi Encryption system
JP2003337924A (en) * 2002-05-21 2003-11-28 Sony Corp Information providing system, method for controlling access to authentication medium, and computer program

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000312203A (en) * 1999-04-27 2000-11-07 Nippon Telegr & Teleph Corp <Ntt> Method and system for passing control in encryption communication
JP2001237818A (en) * 2000-02-22 2001-08-31 Nec Corp Proxy encryption communication system and method, and recoding medium having program recorded thereon
JP2001358711A (en) * 2000-06-15 2001-12-26 Toden Software Inc Method for certifying third party of electronic distribution data
JP2003124926A (en) * 2001-10-15 2003-04-25 Hitachi Ltd Authentication processing method for encryption communication system and its system
JP2003143136A (en) * 2001-10-30 2003-05-16 Toshiba Corp Identification system and apparatus
JP2003337924A (en) * 2002-05-21 2003-11-28 Sony Corp Information providing system, method for controlling access to authentication medium, and computer program
JP2003338812A (en) * 2002-05-22 2003-11-28 Uchida Ryuichi Encryption system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008033512A (en) * 2006-07-27 2008-02-14 Toppan Printing Co Ltd Security chip and platform
JP2014530578A (en) * 2011-10-14 2014-11-17 オランジュ Method for transferring control of a security module from a first entity to a second entity
CN105138892A (en) * 2015-08-06 2015-12-09 深圳市文鼎创数据科技有限公司 Data interaction method and apparatus applied to composite smart card device

Similar Documents

Publication Publication Date Title
CA2341784C (en) Method to deploy a pki transaction in a web browser
CN102812684B (en) Implement the system and method for computer strategy
US6314521B1 (en) Secure configuration of a digital certificate for a printer or other network device
EP0880254B1 (en) Security system and method for financial institution server and client web browser
JP3776619B2 (en) Encryption communication terminal, encryption communication center apparatus, encryption communication system, and storage medium
CN101189827B (en) Method for inclusive authentication and management of service provider, terminal and user identity module, and system and terminal device using the method
EP1473869B1 (en) Universal secure messaging for cryptographic modules
US7845011B2 (en) Data transfer system and data transfer method
US7386722B2 (en) Certificate management system and method
US7688975B2 (en) Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure
JP2012044670A (en) User authentication method based on utilization of biometric identification techniques, and related architecture
US7155616B1 (en) Computer network comprising network authentication facilities implemented in a disk drive
JP4907895B2 (en) Method and system for recovering password-protected private data over a communication network without exposing the private data
CA2560570C (en) Authentication between device and portable storage
US8930700B2 (en) Remote device secure data file storage system and method
US6185308B1 (en) Key recovery system
EP2267628A2 (en) Token passing technique for media playback devices
JP2008533882A (en) How to backup and restore encryption keys
US6229894B1 (en) Method and apparatus for access to user-specific encryption information
EP1696602A1 (en) Cryptographic communication system and method
US5784463A (en) Token distribution, registration, and dynamic configuration of user entitlement for an application level security system and method
JP4744785B2 (en) Session key security protocol
US7254705B2 (en) Service providing system in which services are provided from service provider apparatus to service user apparatus via network
JP4617763B2 (en) Device authentication system, device authentication server, terminal device, device authentication method, and device authentication program
JP4755189B2 (en) Content encryption method, network content providing system and method using the same

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20070920

A131 Notification of reasons for refusal

Effective date: 20100803

Free format text: JAPANESE INTERMEDIATE CODE: A131

A521 Written amendment

Effective date: 20101001

Free format text: JAPANESE INTERMEDIATE CODE: A523

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20101026