JP2016006945A - Digital signature two-dimensional code generation device, and digital signature two-dimensional code authentication device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide means for detecting falsification/alteration on a two-dimensional code and means for performing identity verification, by using digital signature algorithm.SOLUTION: A digital signature two-dimensional code generation device, according to digital signature algorithm using an elliptic curve having safety mathematically guaranteed, generates a digital signature two-dimensional code in which a signature value for detecting falsification/alteration on the digital signature two-dimensional code is embedded. A digital signature two-dimensional code authentication device reads a digital signature two-dimensional code and performs error correction processing; acquires a signature value embedded in the digital signature two-dimensional code; and performs authentication of the digital signature two-dimensional code and identity verification, by using the digital signature algorithm using the elliptic curve.

Description

The present invention relates to a digital signature type two-dimensional code generation device, a digital signature type two-dimensional code authentication device, a digital signature type two-dimensional code, a digital signature type two-dimensional code generation device capable of detecting forgery / falsification of the digital signature type two-dimensional code and personal authentication. The present invention relates to a signature type two-dimensional code generation method, a digital signature type two-dimensional code authentication method, and a program.

A QR code (registered trademark, the same applies hereinafter), which is a kind of two-dimensional code that can be optically read, is used in various fields as a means for easily obtaining predetermined information. For example, information on the website can be obtained by using a QR code containing boarding information in an airline ticket, or by reading URL information of a company website into a QR code and reading it with a terminal device such as a smartphone. The use of QR codes is expanding (see, for example, Patent Document 1).

Further, a technique for detecting fraud related to a QR code by embedding alteration detection information in the QR code is known (for example, see Patent Document 2).

  Personal authentication using IC cards is also widespread, and possession confirmation by having the IC card as a technology to determine whether the IC card owner is a legitimate person (person with authority to use) Recently, biometric information confirmation such as fingerprints has been put into practical use in addition to memory confirmation by storing a personal identification number or a personal identification number (for example, see Patent Document 3).

JP 2006-318328 A Japanese Patent Laid-Open No. WO2014027424 A1 JP 2010-152841

However, when the URL information acquired by reading the two-dimensional code has been tampered with, there is a problem that it is connected to a website different from the desired website. Such a falsification problem is not limited to a URL, and when information on a two-dimensional code that has been falsified or forged is read, damage due to reading of the illegal information occurs unless there is a method for reliably detecting the fraud.

In addition, the two-dimensional code authentication device described in Patent Document 2 is not based on an authentication algorithm that is mathematically guaranteed in safety, and thus has a problem that it may be tampered with. In addition, since such a two-dimensional code authentication device does not have a function of authenticating a two-dimensional code user, there is a problem that it is not suitable for transactions and access that require user authentication.

  Furthermore, even with smart cards, attacks such as side channel attacks can be used to steal personal information, etc. stored on smart cards, and damage can be caused by a malicious third party “spoofing” a legitimate owner. There is a problem.

The present invention has been made to solve the above-described problems, and includes a digital signature type two-dimensional code generation device, a digital signature type two-dimensional code authentication device, a digital signature type two-dimensional code generation method, and a digital signature type two-dimensional code. It is an object to provide a code authentication method and program.

In order to achieve the above object, a digital signature type two-dimensional code generation device according to a first aspect of the present invention includes:
A digital signature type two-dimensional code comprising a code word region obtained by merging an information region expressing predetermined information with a symbol distribution pattern and a correction region expressing correction information for correcting an error with a symbol distribution pattern A digital signature type two-dimensional code generation device for generating,
Means for reading a two-dimensional code and obtaining a symbol group from a code word region of the two-dimensional code;
Means for calculating a signature value corresponding to a digital signature according to a digital signature algorithm using an elliptic curve together with a secret key for authentication and a hash value calculated from the symbol group of the two-dimensional code;
An exclusive OR of a symbol at a predetermined position and a symbol representation of the signature value is calculated in the code word region, and the signature value is replaced with the exclusive OR by replacing the symbol at the predetermined position with the exclusive OR. Means for generating the digital signature type two-dimensional code embedded in
Characterized by comprising

In the digital signature type two-dimensional code generation device,
The signature value includes an elliptic curve together with a hash value calculated from the symbol group of the two-dimensional code, an elliptic curve base point on a finite field, the order of the base point, a predetermined random number, a public key, and a secret key. Calculated according to the digital signature algorithm used,
It is characterized by that.

In the digital signature type two-dimensional code generation device,
The private key uses a random number generated by a random number algorithm when authenticating a digital signature type two-dimensional code, and identifies the individual when verifying the identity of a digital signature type two-dimensional code user. Use a numeric string linked to a unique identifier that can be
It is characterized by that.

In order to achieve the above object, a digital signature type two-dimensional code authentication device according to a second aspect of the present invention comprises:
Means for obtaining a decoded word by performing an error correction process on the received word obtained by reading the digital signature type two-dimensional code;
Means for obtaining the signature value embedded in the predetermined position of the digital signature type two-dimensional code by calculating an exclusive OR of the symbol representation of the received word and the symbol representation of the decoded word;
By using the acquired value of the signature value and determining whether or not the first determination value calculated according to the digital signature algorithm using an elliptic curve matches one acquired value of the signature value, the digital signature type two-dimensional A means of detecting forgery and tampering with the code;
It is characterized by providing.

In the digital signature type two-dimensional code authentication device,
The first discriminant value includes an acquired value of the signature value, a hash value calculated from a symbol group of a two-dimensional code restored using the decryption word, a public key, an elliptic curve base point, and an order of the base point Along with a digital signature algorithm using an elliptic curve,
It is characterized by that.

In order to achieve the above object, a digital signature type two-dimensional code authentication device according to a third aspect of the present invention is the digital signature type two-dimensional code authentication device according to the second aspect,
A second identification value calculated from a product of a secret key associated with the unique identifier and a base point, using a unique identifier that identifies the user, Means for authenticating the identity by determining whether or not the obtained value of the signature value matches;
It is characterized by providing.

In order to achieve the above object, a two-dimensional code generation method according to a fourth aspect of the present invention includes:
A digital signature type two-dimensional code generation method comprising: an information region expressing predetermined information by a symbol distribution pattern; and a correction region expressing correction information for correcting an error by a symbol distribution pattern,
In accordance with a digital signature algorithm using an elliptic curve, together with a step of reading a two-dimensional code, obtaining a symbol group from the two-dimensional code, a secret key for authentication, and a hash value calculated from the symbol group of the two-dimensional code Calculating a signature value corresponding to the signature;
The signature value is embedded by calculating an exclusive OR of the symbol representation of the signature value and a symbol at a predetermined position in the code word region, and replacing the symbol at the predetermined position with the exclusive OR. Generating the digital signature type two-dimensional code;
It is characterized by providing.

In order to achieve the above object, a program according to the fifth aspect of the present invention provides:
A computer of a two-dimensional code generation device comprising: an information area that expresses predetermined information by a symbol distribution pattern; and a correction area that expresses correction information for correcting an error by a symbol distribution pattern;
A procedure for reading a two-dimensional code and obtaining a symbol group from the two-dimensional code;
A procedure for calculating a signature value corresponding to a digital signature according to a digital signature algorithm using an elliptic curve together with a hash value calculated from a secret key for authentication and a symbol group of the two-dimensional code,
In accordance with a digital signature algorithm using an elliptic curve, a procedure for calculating a signature value corresponding to a digital signature from a secret key for authentication and the acquired symbol;
The signature value is embedded by calculating an exclusive OR of the symbol representation of the signature value and a symbol at a predetermined position in the code word region, and replacing the symbol at the predetermined position with the exclusive OR. Generating the digital signature type two-dimensional code;
Is executed.

According to the present invention, it is not necessary to use an external device such as a server in detecting forgery / falsification related to a digital signature type two-dimensional code, and therefore it is possible to investigate fraud related to such code by a terminal device such as a smartphone alone. It is possible to perform detection easily and inexpensively.

In e-commerce, for example, a smartphone is often used to acquire URL information of a related website from a QR code displayed on a display. However, if the URL information has been tampered with, there is a risk of being directed to a website different from the original, but according to the present invention, the digital signature type two-dimensional code can be used to prevent the code from being illegal. Since it can be detected, such danger can be prevented.

According to the present invention, since personal information is not directly stored in a digital signature type two-dimensional code, there is little risk of leakage of personal information, and therefore a digital signature type two-dimensional code generation device capable of safely performing personal authentication is provided. A digital signature type two-dimensional code authentication device can be provided.

It is a figure which shows the structural example of a two-dimensional code. It is a block diagram which shows the structure of a digital signature type two-dimensional code production | generation apparatus. (First and second embodiments) It is a schematic diagram for demonstrating the embedding procedure of a signature value. It is a block diagram which shows the structure of a digital signature type two-dimensional code authentication apparatus. (First embodiment) It is a schematic diagram for demonstrating the acquisition procedure of the embedded signature value. It is a flowchart which shows the detail of a digital signature type | mold two-dimensional code production | generation apparatus. (First embodiment and second embodiment) It is a flowchart which shows the detail of a digital signature type | mold two-dimensional code authentication process. (First embodiment) It is a block diagram which shows the structure of a digital signature type two-dimensional code authentication apparatus. (Second Embodiment) It is a flowchart which shows the detail of the personal authentication process by a digital signature type | mold two-dimensional code. (Second Embodiment)

(First embodiment)
The first embodiment of the present invention will be described below. The QR code (registered trademark, the same applies hereinafter) is exemplified as the two-dimensional code, and will be described in detail with reference to the drawings. Other two-dimensional codes such as maxi code and the like may be used.

FIG. 1 is a diagram illustrating a configuration example of a two-dimensional code to be embedded in the present embodiment.

As shown in FIG. 1, the two-dimensional code 100 represents information by an arrangement pattern of white cells and black cells, and includes three position detection patterns 104A, 104B, 104C, a code word region 106, a timing cell 108, and a format. Information 109, model number information 110, and the like are provided. Although only some cells and some symbols (symbol is a unit composed of 8 cells) are shown in FIG. Distributed.

The timing cell 108 is arranged as a reference pattern of cells arranged in a straight line between the position detection patterns 104A, 104B, and 104C. This timing cell 108 is used as an index of each data cell position.

The format information 109 is arranged in the vicinity of the position detection pattern 104A, and indicates mask pattern information and error correction level information defined in advance for the format of the code word recorded in the code word area 106. The model number information 110 is arranged in a two-dimensional code having a version of 7 or more, and indicates version information defined in advance. The two-dimensional code has 1 to 40 type standards as versions, and each version has four error correction levels L, M, Q, and H (the error correction capability increases in order from L to H). Yes.

The version type is determined by the total number of symbols. Since there are 256 cell patterns for one symbol, an integer value of 0 to 255 (hereinafter referred to as a symbol value) can be associated with one symbol. Further, the error correction level (L, M, Q, H) corresponds to a high ratio of allowing unreadable symbols among all symbols, that is, a high allowable defect rate. The allowable defect rate of each level is about 7% for error correction level, about 15% for error correction level M, about 25% for error correction level Q, and about 30% for error correction level H. In this embodiment, a two-dimensional code of error correction level H is used in version 7 (the total number of symbols is 196), and a two-dimensional code having this version and error correction level is “two-dimensional of 7-H”. “Code”. The present invention is not limited to the 7-H two-dimensional code, and may be a two-dimensional code having other versions and other error correction levels.

The code word area 106 is composed of a symbol group representing information data and a symbol group having an error correction function. In the case of a 7-H two-dimensional code, the entire code word area 106 includes five blocks B1 to B1. It is divided into B5. Each block is composed of a symbol sequence of a data portion (hereinafter referred to as a data code) and an error correction portion symbol sequence (hereinafter referred to as an RS code) obtained by RS (Reed-Solomon) encoding of the data code. The data code and the RS code are concatenated to form a code word. Accordingly, there are five code words in the code word area 106. Among them, each of the four blocks B1 to B4 is composed of a total of 39 symbols (symbol length of the code word is 39) of 13 symbols for the data code and 26 symbols for the RS code. The remaining one block B5 is composed of a total of 40 symbols (symbol length of the code word is 40) of 14 symbols for the data code and 26 symbols for the RS code.

FIG. 2 is a block diagram illustrating a configuration example of the digital signature type two-dimensional code generation device 10 according to the present embodiment.

  In the present embodiment, a signature by a widely used elliptic curve digital signature algorithm (hereinafter referred to as ECDSA) is illustrated as a digital signature algorithm using an elliptic curve, but the present invention is not limited to this. There may be other digital signature algorithms. For example, an elliptic ElGamal signature algorithm and an elliptic Schnorr signature algorithm are also applicable to the present invention.

The digital signature type two-dimensional code generation device 10 embeds a signature value in the two-dimensional code 100 to generate a digital signature type two-dimensional code. The two-dimensional code decoding unit 1, the signature value calculation unit 2, and the digital signature A type two-dimensional code generation unit 3 is provided. Each of these units may be configured by a dedicated hardware device, or may be realized as a function of one or a plurality of processors based on a software program.

  The digital signature type two-dimensional code generation apparatus 10 is realized by, for example, a general-purpose computer including a central processing unit (CPU), a read only memory (ROM), a random access memory (RAM), and a hard disk.

The two-dimensional code decoding unit 1 captures and reads the two-dimensional code 100, and includes a light receiving element such as a CCD (Charge Couple Device) that takes in the two-dimensional code 100. The two-dimensional code decoding unit 1 decodes the format information of the read two-dimensional code, determines the model number, and cancels the mask process. Next, the symbol group of the code word area 106 of the two-dimensional code 100 is fetched for each block according to the code arrangement rule, and a symbol group consisting of a total of 196 symbols is acquired.

  The signature value calculation unit 2 uses a base point G and its 160 bits based on a finite field GF determined by a 160-bit prime and an elliptic curve E on the finite field GF (for example, y ^ 2 = x ^ 3 + ax + b). An execution environment of ECDSA is determined by determining a long order n, generating a random number d (0 <d <n), and calculating a public key Q = dG (Mod n). In this case, the public key Q has two sets of integer values having a length of 160 bits as components. The present invention is not limited to the above bit length, and may be determined according to the required security strength.

  The signature value calculation unit 2 first concatenates the 196 symbols acquired by the two-dimensional code decoding unit 1 in a predetermined order to generate one symbol string. Next, using the hash function SHA-256, a hash value h for the connected symbol string is calculated. The present invention is not limited to this hash function, and other hash functions such as SHA-224 may be used.

The signature value calculation unit 2 calculates 160-bit signature values c and u in accordance with ECDSA according to the following procedure (Equation 1), together with the ECDSA execution environment, the hash value h, and the secret key k. The secret key k uses a random number generated by a random number algorithm when the object to be authenticated is a digital signature type two-dimensional code itself. A numeric string associated with the relationship (the unique identifier and the numeric string correspond to 1: 1) is used. The unique identifier may be a biometric data of the user such as a fingerprint, a palm print, an iris, a face, a vein, a voice, an ear shape, and DNA information in addition to the personal identification number and password.
(Equation 1)

  First, as shown in FIG. 3, the digital signature type two-dimensional code generation unit 3 in the block group of the code word region 106 has eight positions Pi (i = 1 to 1) in one block and a total of 40 positions. 40) is arbitrarily determined in advance, and symbol values ai (i = 1 to 40) of symbols corresponding to the positions Pi (i = 1 to 40) are concatenated to generate one symbol string D1: a1a2. To do. Next, symbol expressions of the calculated signature values c and u each having a 160-bit length, c: b1b2... B20 and u: b21b22... B40 (bi (i = 1 to 40) are at the position Pi. Symbol values) are concatenated to generate a symbol string D2: b1b2... B40. Then, an exclusive OR (ai ^ bi) (i = 1 to 40) of the symbol sequence D1 and the symbol sequence D2 is calculated, and the symbol value ai (i = 1) at the predetermined position Pi (i = 1 to 40). ˜40) is replaced with the exclusive OR (ai ^ bi) (i = 1 to 40) to embed the signature values c and u in the two-dimensional code. Subsequently, a digital signature type two-dimensional code 200 is generated by performing mask processing of the code word area 106. The digital signature type two-dimensional code 200 generated in this way is printed out by a printer or displayed on an LCD (Liquid Crystal Display).

FIG. 4 is a block diagram showing the digital signature type two-dimensional code authentication device 20 in the present embodiment.

  The digital signature type two-dimensional code authentication device 20 determines whether the digital signature type two-dimensional code 200 is forged or falsified based on a signature value embedded in the digital signature type two-dimensional code 200. , A ROM, a RAM, a hard disk drive, and the like.

  As shown in FIG. 4, the digital signature type two-dimensional code authentication device 20 includes a digital signature type two-dimensional code decoding unit 4, a signature value acquisition unit 5, and a digital signature type two-dimensional code authentication unit 6. Each of these units may be configured by a dedicated hardware device, or may be realized as a function of one or a plurality of processors based on a software program.

  The digital signature type two-dimensional code decoding unit 4 captures and reads the digital signature type two-dimensional code 200, and includes a light receiving element such as a CCD that captures the digital signature type two-dimensional code 200.

The digital signature type two-dimensional code decoding unit 4 decodes the format information of the read digital signature type two-dimensional code 200, determines the model number, and cancels the mask process. Next, according to the code arrangement rule, the symbol group in the code word area 106 of the digital signature type two-dimensional code 200 is read for each block, and a code word (hereinafter referred to as a received word) that may contain an error is acquired.
Next, using a Reed-Solomon code decoding algorithm (for example, Euclidean decoding method), error correction processing is performed on each received word (there are five) to obtain a decoded word.

  Similar to the calculation of the hash value in the signature value calculation unit 2, the signature value acquisition unit 5 concatenates symbol representations of the five decoded words in a predetermined order to generate a symbol string (consisting of 196 symbols). Generate a hash value h ′ for the symbol string. Subsequently, as shown in FIG. 5, in five received words, a symbol string A: c1c2... C40 in which symbol values corresponding to the symbols at the predetermined position Pi (i = 1 to 40) are concatenated, In the five decoded words, an exclusive OR is calculated with the symbol string B: d1d2... D40 concatenated with the symbol values corresponding to the symbols at the predetermined position Pi (i = 1 to 40). From the exclusive OR (ci ^ di) (i = 1 to 40), the symbol representation of the acquired value of the embedded signature value, c ′ :( c1 ^ d1) (c2 ^ d2) (c20) ^ D20) and u ':( c21 ^ d21) (c22 ^ d22) (c40 ^ d40) are acquired.

  The digital signature type two-dimensional code authenticating unit 6 uses the ECDSA and a signature value obtained by embedding the digital signature type two-dimensional code to check whether the digital signature type two-dimensional code is forged or falsified. The validity of the type 2D code is determined.

The digital signature type two-dimensional code authenticating unit 6 includes the obtained values c ′ and u ′ of the signature value, the hash value h ′, and the base point G of the elliptic curve on the finite field that is the execution environment of ECDSA, the base The first discriminant value cp is calculated according to ECDSA using the order n of points, a predetermined random number d (0 <d <n), and the public key Q (= dG) as shown in (Equation 2) below,
(Equation 2)
If the first discriminant value cp matches the acquired value c ′, it is discriminated that the digital signature type two-dimensional code 200 is not forged or falsified, the authentication result is “OK”, and the first discriminant value is obtained. If cp does not match the acquired value c ′, the digital signature type two-dimensional code 200 is assumed to be counterfeited / tampered, and the authentication result is “NG”.

  Next, operations of the digital signature type two-dimensional code generation device 10 and the digital signature type two-dimensional code authentication device 20 having the above-described configuration will be described with reference to the drawings.

  FIG. 6 is a flowchart showing a digital signature type two-dimensional code generation process executed by the digital signature type two-dimensional code generation device.

  The digital signature type two-dimensional code generation device 10 starts the digital signature type two-dimensional code generation process shown in FIG. 6 in response to the two-dimensional code decoding unit 1 reading the two-dimensional code to be embedded. In the digital signature type two-dimensional code generation processing, the two-dimensional code decoding unit 1 reads a total of 196 symbols from five blocks in the code word area 106 of the two-dimensional code subjected to the mask release processing (step S1). .

  Next, in the digital signature type two-dimensional code generation device 10, the signature value calculation unit 2 calculates the hash value h for the symbol string generated from the 196 symbols, using the hash function SHA-256. Then, under the ECDSA execution environment, together with the hash value h and the secret key k, signature values c and u having a 160-bit length are calculated according to ECDSA as shown in (Equation 1) (step S2). .

Subsequently, the digital signature type two-dimensional code generation device 10 is configured so that the digital signature type two-dimensional code generation unit 3 totals all the blocks by arbitrarily determining eight symbol positions in each block of the code word area. Forty symbol positions Pi (i = 1 to 40) are designated (step S3).

Then, the digital signature type two-dimensional code generation device 10 uses the digital signature type two-dimensional code generation unit 3 to connect a symbol string (40 symbols long) in which the symbol values of the signature values c and u are concatenated in a predetermined order, and the code An exclusive OR is calculated with a symbol string obtained by concatenating the symbols at the symbol positions Pi (i = 1 to 40) selected from the block group of the word area 106 in a predetermined order, and an exclusive OR of 40 symbols is calculated. Obtain (step S4).

Subsequently, in the digital signature type two-dimensional code generation device 10, the digital signature type two-dimensional code generation unit 3 converts the 40 symbols at the symbol positions Pi (i = 1 to 40) in the code word area 106 into the symbols. A digital signature type two-dimensional code is generated by replacing the exclusive OR and performing mask processing of the code word area (step S5).

  FIG. 7 is a flowchart showing a digital signature type two-dimensional code authentication process executed by the digital signature type two-dimensional code authentication device 20 according to this embodiment.

  In response to reading the digital signature type two-dimensional code 200 generated by the digital signature type two-dimensional code generation device 10 as image data, the digital signature type two-dimensional code authentication device 20 receives the digital signature type 2 shown in FIG. Start the authentication process of the dimension code. In the digital signature type two-dimensional code authentication process, the digital signature type two-dimensional code authentication device 20 uses the digital signature type two-dimensional code decoding unit 4 to block the block of the code word area 106 of the captured digital signature type two-dimensional code 200. By decoding according to the code arrangement rule, 196 symbols in the code word area 106 are acquired (step S6).

  Then, the digital signature type two-dimensional code authenticating device 20 performs a mask release process of the digital signature type two-dimensional code 200 in the digital signature type two-dimensional code decoding unit 4. Subsequently, five received words are acquired from the code word area 106 of the digital signature type two-dimensional code 200. Next, using a Reed-Solomon decoding algorithm (for example, Euclidean decoding), error correction processing is performed on each received word to obtain a decoded word (step S7).

Subsequently, the digital signature type two-dimensional code authentication device 20 uses the signature value acquisition unit 5 to connect symbol values corresponding to the predetermined positions Pi (i = 1 to 40) in the five received words. A: exclusive of c1c2... C40 and symbol sequence B: d1d2... D40 concatenating symbol values corresponding to the predetermined positions Pi (i = 1 to 40) in the five decoded words A logical sum (ci ^ di) (i = 1 to 40) is calculated. It is checked whether any of the exclusive OR (ci ^ di) (i = 1 to 40) is different from zero. If any of the exclusive OR (ci ^ di) (i = 1 to 40) is different from zero (there is an error), the process proceeds to the next step S9. If the exclusive OR (ci ^ di) (i = 1 to 40) is all zero (no error), the authentication result is “NG” and the process proceeds to step S11 (step S8).

  Then, the digital signature type two-dimensional code authentication device 20 uses the signature value acquisition unit 5 to obtain the symbol values c ′ and u ′ of the signature values c ′ and u ′ from the exclusive OR (ci ^ di) (i = 1 to 40). ': (C1 ^ d1) (c2 ^ d2) (c20 ^ d20) and u': (c21 ^ d21) (c22 ^ d22) (c40 ^ d40) are acquired. Subsequently, the symbol representations of the five decoded words acquired in step S7 are concatenated in a predetermined order, and a hash value h 'for the concatenated symbol sequence is calculated (step 9).

  Next, the digital signature type two-dimensional code authentication device 20 uses the digital signature type two-dimensional code authentication unit 6 to execute the execution of the acquired values c ′ and u ′ of the acquired signature value, the hash value h ′, and ECDSA. Along with the base point G of the elliptic curve on the finite field that is the environment, the order n of the base point, the predetermined random number d, and the public key Q (= dG), according to ECDSA, One discrimination value cp is calculated (step S10).

  Then, the digital signature type two-dimensional code authentication device 20 sets the authentication result to “OK” if the digital signature type two-dimensional code authentication unit 6 matches the first discriminant value cp and the acquired value c ′. If the first discriminant value cp and the acquired value c ′ do not match, the authentication result is set to “NG” (step S11).

(Second Embodiment)
The second embodiment of the present invention described below relates to personal authentication using a digital signature type two-dimensional code, and will be described with reference to FIGS. 1, 2, 8, and 9. In the present embodiment, the QR code of FIG. 1 is illustrated and described as a two-dimensional code, but the present invention is not limited to this, and the two-dimensional code includes a data matrix, an aztec code, a maxi code, and the like. Other two-dimensional codes may be used. Further, the same components as those of the digital signature type two-dimensional code authentication device 30 are denoted by the same reference numerals as those of the digital signature type two-dimensional code authentication device 20, and the description thereof is omitted. In the flowchart in the second embodiment, the same operations as those in the first embodiment are denoted by the same reference numerals, and the description thereof is omitted.

FIG. 2 is a block diagram illustrating a configuration example of the digital signature type two-dimensional code generation device 10 according to the present embodiment. This is the same as the block diagram in the first embodiment, but the secret key in the signature value calculation unit 2 is different from that in the first embodiment. That is, the secret key in the first embodiment uses a random number generated by a random number algorithm, and the secret key in the second embodiment uses a numeric string associated with a unique identifier that identifies an individual.

FIG. 8 is a block diagram illustrating a configuration example of the digital signature type two-dimensional code authentication device 30 according to the present embodiment.

  The authentication process in the digital signature type two-dimensional code authentication device 30 is to verify the identity based on the input unique identifier, and is realized by a general-purpose computer including a CPU, a ROM, a RAM, a hard disk drive, and the like. .

The authentication process in the digital signature type two-dimensional code authentication device 30 is performed when forgery / falsification is not detected in the digital signature type two-dimensional code, and is acquired from the unique identifier for identifying the person and the digital signature type two-dimensional code 200. A personal signature type two-dimensional code reading unit 4, a signature value acquisition unit 5, a digital signature type two-dimensional code authentication unit 6, a unique identifier input unit 7, and a personal authentication unit. 8 is provided. Each of these units may be configured by a dedicated hardware device, or may be realized as a function of one or more processors based on a software program.

  The unique identifier input unit 7 takes in a unique identifier s for identifying the person. The unique identifier is the same as the unique identifier used to generate the digital signature type two-dimensional code in the signature value calculation unit 2 of the digital signature type two-dimensional code generation device 10. You can only verify your identity if they match.

  The personal authentication unit 8 uses a secret key k ′ associated with the unique identifier in a predetermined relationship together with the unique identifier, the base point G of the elliptic curve that is the execution environment of ECDSA, and the order n of the base point, On the elliptic curve, a second discriminant value cq, which is an x component of the product k′G (modn) of k ′ and G, is calculated.

  The personal authentication unit 8 determines whether or not the second determination value cq matches the acquired value c ′ of the signature value. If both match, the personal authentication unit 8 determines that the user is authentic and the authentication result is “OK”. If the two do not match, it is determined that the user is not the person, and the authentication result is “NG”.

  Next, the operation of the digital signature type two-dimensional code authentication device 30 will be described with reference to the drawings.

FIG. 9 is a flowchart showing an authentication process executed by the digital signature type two-dimensional code authentication device 30.

The digital signature type two-dimensional code authentication device 30 performs the processing from step S1 to step S10, and the digital signature type two-dimensional code authentication unit 6 determines that the digital signature type two-dimensional code is not forged or falsified. In response, the personal authentication process is started (step S11).

Then, the digital signature type two-dimensional code authentication device 30 inputs a unique identifier for identifying the person at the unique identifier input unit 7. The input unique identifier is converted into a secret key k 'according to a predetermined conversion rule (step S12).

Subsequently, in the digital signature type two-dimensional code authentication device 30, the personal authentication unit 8 uses the secret key k ′, the base point G of the elliptic curve that is the execution environment of ECDSA, and the order n of the base point. Then, the second discriminant value cq, which is the x component of the product k′G (modn) on the elliptic curve, is calculated (step S13).

Next, in the digital signature type two-dimensional code authentication device 30, the personal authentication unit 8 determines whether or not the second determination value cq matches the acquired value c ′ of the signature value, and if both match, As the person concerned, the authentication result is “OK”. If the two do not match, it is determined that the person is not the authentication person, and the authentication result is “NG” (step 14).

Then, the digital signature type two-dimensional code authentication device 30 outputs the authentication result obtained from step S14 at the personal authentication unit 8 (step 15).
Explanation of symbols

DESCRIPTION OF SYMBOLS 1 .... Two-dimensional code decoding part 2 .... Signature value calculation part 3 .... Digital signature type two-dimensional code generation part 4 .... Digital signature type two-dimensional code decoding part 5 .... Signature value acquisition unit 6... Digital signature type two-dimensional code authentication unit 7... Unique identifier input unit 8... Personal authentication unit 10. Embodiment and Second Embodiment)
20... Digital signature type two-dimensional code authentication device (first embodiment)
30... Digital signature type two-dimensional code authentication device (second embodiment)
100 ... 2D code 200 ... Digital signature type 2D code

Claims (8)

A digital signature type two-dimensional code comprising a code word region obtained by merging an information region expressing predetermined information with a symbol distribution pattern and a correction region expressing correction information for correcting an error with a symbol distribution pattern A digital signature type two-dimensional code generation device for generating,
Means for reading a two-dimensional code and obtaining a symbol from a code word area of the two-dimensional code;
Means for calculating a signature value corresponding to a digital signature according to a digital signature algorithm using an elliptic curve together with a secret key for authentication and a hash value of the two-dimensional code;
An exclusive OR of a symbol at a predetermined position and a symbol representation of the signature value is calculated in the code word region, and the signature value is replaced with the exclusive OR by replacing the symbol at the predetermined position with the exclusive OR. Means for generating the digital signature type two-dimensional code embedded in
A digital signature type two-dimensional code generation device comprising: The signature value includes an elliptic curve together with a hash value calculated from the symbol group of the two-dimensional code, an elliptic curve base point on a finite field, the order of the base point, a predetermined random number, a public key, and a secret key. Calculated according to the digital signature algorithm used,
The digital signature type two-dimensional code generation device according to claim 1. As the secret key, a random number generated by a random number algorithm is used for authentication of the digital signature type two-dimensional code itself, and for the identity verification of the user of the digital signature type two-dimensional code, the person concerned is used. Use a numeric string linked to a unique identifier that can identify
The digital signature type two-dimensional code generation device according to claim 1 or 2, wherein the digital signature type two-dimensional code generation device according to claim 1 or 2 is provided. A digital signature type two-dimensional code authentication device for authenticating a digital signature type two-dimensional code generated by the digital signature type two-dimensional code generation device according to claim 1,
Means for obtaining a decoded word by performing an error correction process on the received word obtained by reading the digital signature type two-dimensional code;
Means for obtaining the signature value embedded in the predetermined position of the digital signature type two-dimensional code by calculating an exclusive OR of the symbol representation of the received word and the symbol representation of the decoded word;
By using the acquired value of the signature value and determining whether or not the first determination value calculated according to the digital signature algorithm using an elliptic curve matches one acquired value of the signature value, the digital signature type Means for detecting counterfeiting / falsification of 2D codes;
A digital signature type two-dimensional code authentication apparatus comprising: The first discriminant value includes an acquired value of the signature value, a hash value calculated from a symbol group of a two-dimensional code restored using the decryption word, a public key, an elliptic curve base point, and an order of the base point Along with a digital signature algorithm using an elliptic curve,
5. The digital signature type two-dimensional code authentication apparatus according to claim 4, wherein The digital signature type two-dimensional code authentication device according to claim 4, further comprising:
By discriminating whether or not the second discriminant value calculated from the product of the secret key associated with the unique identifier that identifies the principal and the base point matches the acquired value of the signature value, A means of authenticating,
The digital signature type two-dimensional code authentication device according to claim 4, wherein the digital signature type two-dimensional code authentication device is provided. A two-dimensional code generation method comprising: an information region expressing predetermined information by a symbol distribution pattern; and a correction region expressing correction information for correcting an error by a symbol distribution pattern,
Reading a two-dimensional code and obtaining a symbol group from the two-dimensional code;
Calculating a signature value corresponding to a digital signature according to a digital signature algorithm using an elliptic curve together with a secret key for authentication and a hash value of the two-dimensional code;
The signature value is embedded by calculating an exclusive OR of the symbol representation of the signature value and a symbol at a predetermined position in the code word region, and replacing the symbol at the predetermined position with the exclusive OR. Generating the digital signature type two-dimensional code;
A digital signature type two-dimensional code generation method comprising: A computer of a two-dimensional code generation device comprising: an information area that expresses predetermined information by a symbol distribution pattern; and a correction area that expresses correction information for correcting an error by a symbol distribution pattern;
A procedure for reading a two-dimensional code and obtaining a symbol group from the two-dimensional code;
A procedure for calculating a signature value corresponding to a digital signature according to a digital signature algorithm using an elliptic curve together with a secret key for authentication and a hash value of the two-dimensional code;
An exclusive OR of a symbol representation of the signature value and a symbol at a predetermined position in the code word region is calculated, and the signature value is authenticated by replacing the symbol at the predetermined position with the exclusive OR. Generating the digital signature type two-dimensional code embedded as
A program for running