JP2018117287A - Certificate Distribution System, Certificate Distribution Method, and Certificate Distribution Program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To improve availability of certificate management.SOLUTION: Multiple block chain nodes 3a, 3b, 3c hold a first block 4 containing certification target information 4a, outputted from a terminal 2a and owned by a user 8, by a block chain. The multiple block chain nodes 3a, 3b, 3c also hold second blocks 4-1, 4-2, outputted from terminals 2b, 2c and including electronic signatures 5a, 5n indicating registration approval of the certification target information 4a, by a block chain. When there is a signature number satisfaction block where the number of included electronic signatures 5a, 5n reaches a prescribed number, the multiple block chain nodes 3a, 3b, 3c holds a third block 4-3, including an electronic certificate 6 certificating the owner of the certification target information 4a and the signature number satisfaction block, while dispersing by the block chain.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a certificate distribution system, a certificate distribution method, and a certificate distribution program.

  When a transaction is performed between users via a network, the identity of the communication partner is confirmed. For example, an electronic certificate is used for confirming the identity of the user. An electronic certificate is information issued by a trusted third party to prove the owner of information (for example, a public key).

  Electronic certificates are also used in systems using blockchains, for example. Blockchain is a technology that makes it possible to reach a credible agreement in a distributed computer network without a centralized management device. Here, “agreement” means to take consistency of transaction records between the user A and the user B in the distributed database. When recording transaction information in the blockchain, electronic certificates are used to prevent others from impersonating. For example, if data related to a transaction is transmitted after being encrypted with a public key whose owner is certified by an electronic certificate, the transmitted data is decrypted unless the private key held by the owner of the public key is used. I can't. Therefore, the transmitted data is securely transmitted to the target party. In this way, the security of transactions via the network is maintained.

  Various techniques have been developed to improve the safety of information communication. For example, there is a counter setting method for sharing a tree-structured counter while suppressing the amount of secure memory used among a plurality of security modules. There are also methods for individualizing subscriber devices to ensure that they cannot be used within networks of different service provider entities. Further, there is a control method for controlling whether or not the control target device can be operated according to the distance of the authentication device.

JP 2009-3855 A Special table 2013-53910 gazette Japanese Patent Laying-Open No. 2015-88804

  In the conventional technique, electronic certificates for proving the owner of electronic information such as public keys are centrally managed by a certificate management server. Therefore, the user who performs the transaction uses the terminal device to access the certificate management server as appropriate for identity verification.

  As described above, when the electronic certificate is centrally managed by the server, when the failure occurs in the server, the transaction using the electronic certificate is stopped. That is, central management of electronic certificates by the server causes a decrease in the availability of the entire system (the ability of the system to operate continuously).

  In one aspect, this case aims to improve system availability.

In one proposal, a certificate distribution system having a first terminal device, a plurality of second terminal devices, and a plurality of block chain nodes is provided.
The first terminal device outputs a first block registration request including certification target information owned by the user to a network holding a plurality of blocks by a block chain. The plurality of second terminal devices acquire a block including certification target information from the network as an approval target block, and an electronic signature and approval target block indicating registration approval of the certification target information according to an input from the administrator A registration request for the second block including the above is output to the network. A plurality of block chain nodes belong to the network, and according to the registration request of the first or second block, the first or second block is distributed and held by the block chain, and included in the held second block If there is a signature number satisfaction block in which the number of electronic signatures to be reached has reached a predetermined number, the third block including the electronic certificate that proves the owner of the certification target information and the signature number satisfaction block is distributed by the block chain. Hold.

  According to one aspect, system availability is improved.

It is a figure which shows the structural example of the certificate delivery system which concerns on 1st Embodiment. It is a figure which shows an example of a structure of the network system of 2nd Embodiment. It is a figure which shows one structural example of the hardware of the terminal device used for 2nd Embodiment. It is a figure which shows an example of the block chain network in 2nd Embodiment. It is a block diagram which shows an example of the function of a terminal device and a block chain node. It is a figure which shows an example of the block chain of issue and invalidation of a certificate. It is a figure which shows the creation example of the block for public key registration. It is a figure which shows the example of creation of the block at the time of the first registration approval. It is a figure which shows the creation example of the block at the time of Nth registration approval. It is a figure which shows the example of preparation of the public key certificate by a smart contract. It is a figure which shows the example of creation of the block at the time of public key destruction. It is a figure which shows the example of the invalidation of the public key by smart contract. It is a figure which shows the usage example of a public key. It is a sequence diagram which shows an example of the procedure of a public key registration process. It is a sequence diagram which shows an example of the procedure of a registration approval process. It is a sequence diagram which shows an example of the procedure of a public key certificate issue process. It is a sequence diagram which shows an example of the procedure of the destruction process of a public key. It is a sequence diagram which shows an example of the procedure of a public key invalidation process. It is a sequence diagram which shows an example of the use procedure of a public key. It is a figure which shows an example of a public key registration screen. It is a figure which shows an example of a registration approval screen. It is a figure which shows an example of a public key invalidation screen. It is a figure which shows the example of creation of the block for public key registration in 3rd Embodiment. It is a figure which shows the example of creation of the block at the time of the first registration approval in 3rd Embodiment. It is a figure which shows the example of creation of the block at the time of Nth registration approval in 3rd Embodiment. It is a figure which shows the example of creation of the block at the time of the public key destruction in 3rd Embodiment. It is a figure which shows the example of the invalidation of the public key by the smart contract in 3rd Embodiment. It is a sequence diagram which shows an example of the procedure of the public key registration process in 3rd Embodiment. It is a sequence diagram which shows an example of the procedure of the registration approval process in 3rd Embodiment. It is a sequence diagram which shows an example of the procedure of the public key certificate issuing process in 3rd Embodiment. It is a sequence diagram which shows an example of the procedure of the destruction process of the public key in 3rd Embodiment. It is a sequence diagram which shows an example of the procedure of the public key invalidation process in 3rd Embodiment. It is a sequence diagram which shows an example of the public key use procedure in 3rd Embodiment.

Hereinafter, the present embodiment will be described with reference to the drawings. Each embodiment can be implemented by combining a plurality of embodiments within a consistent range.
[First Embodiment]
First, a first embodiment will be described.

  FIG. 1 is a diagram illustrating a configuration example of a certificate distribution system according to the first embodiment. In the first embodiment, a network 1 that holds a plurality of blocks by a block chain is provided. The network 1 includes a plurality of block chain nodes 3a, 3b, 3c. The plurality of block chain nodes 3a, 3b, and 3c are computers having, for example, a processor and a memory. A plurality of terminal devices 2a, 2b, and 2c are connected to the network 1. The plurality of terminal devices 2a, 2b, and 2c are computers having, for example, a processor and a memory.

  Among the plurality of terminal devices 2a, 2b, 2c, for example, the terminal device 2a is used by a user 8 who desires to issue an electronic certificate for the certification target information 4a. The certification target information 4a is a public key possessed by the user 8, for example. The terminal devices 2b and 2c are used by system administrators 9a and 9b, for example.

  Here, it is assumed that the user 8 wishes to issue an electronic certificate indicating that the owner of the certification target information 4a is the user 8. In this case, the user 8 inputs the certification target information 4a to the terminal device 2a, and instructs the terminal device 2a to register the certification target information 4a in the network 1. Then, the terminal device 2a creates the block 4 (first block) including the certification target information 4a owned by the user 8. The block 4 includes an electronic signature 4b (owner electronic signature) of the user 8, for example. The electronic signature 4b is obtained by encrypting the certification target information 4a with the private key of the user 8, for example. Block 4 may include an identifier that uniquely identifies user 8.

  The terminal device 2a transmits the created registration request for the block 4 to one of the plurality of block chain nodes 3a, 3b, 3c in the network 1. The plurality of block chain nodes 3a, 3b, and 3c hold the block 4 in a distributed manner by the block chain in response to the registration request of the block 4.

  The plurality of second terminal devices 2b and 2c acquire blocks 4, 4-1 (second block) including the certification target information 4a from the network 1 as approval target blocks. The plurality of second terminal devices 2b and 2c receive electronic signatures 5a and 5n indicating registration approval of the certification target information 4a and approval target blocks 4 and 4-1, in response to inputs from the administrators 9a and 9b. Blocks 4-1 and 4-2 are created. In other words, new blocks 4-1 and 4-2 are obtained by adding the electronic signatures 5a and 5n to the approval target blocks 4 and 4-1.

  For example, the managers 9a and 9b confirm that the owner of the certification target information 4a included in the approval target blocks 4 and 4-1 is the user 8 by another procedure such as offline. Enter registration approval. Then, the plurality of second terminal apparatuses 2 b and 2 c output the registration requests of the blocks 4-1 and 4-2 to the network 1. The plurality of block chain nodes 3a, 3b, and 3c hold the blocks 4-1 and 4-2 in a distributed manner by the block chain in response to the registration requests of the blocks 4-1 and 4-2.

  If there is a signature number satisfying block in which the number of electronic signatures 5a, 5n included in the held blocks 4, 4-1, 4-2 reaches a predetermined number, this is indicated by a plurality of block chain nodes 3a, One of 3b and 3c detects. In the example of FIG. 1, it is assumed that the block chain node 3c detects that the block 4-2 is a signature number satisfaction block. Then, the block chain node 3c creates a block 4-3 (third block) including the electronic certificate 6 that proves that the owner of the certification target information 4a is the user 8 and the block 4-2.

  For example, the block chain node 3 c has a certificate issuing unit 7. The certificate issuing unit 7 is a smart contract, for example. The certificate issuing unit 7 assigns the digital signature 6 a (validation electronic signature) of the certificate issuing unit 7 to the certification target information 4 a to obtain the electronic certificate 6. The electronic signature 6a of the certificate issuing unit 7 is also an electronic signature of the block chain node 3c. A plurality of block chain nodes 3a, 3b, 3c hold the created block 4-3 in a distributed manner by the block chain.

  The block 4-3 to which the electronic certificate 6 is given is distributed and held by the block chain, so that the certification object information 4a is validated. That is, any user can refer to the block 4-3 using the terminal device used by the user. Then, the electronic certificate 6 included in the block 4-3 can confirm that the owner of the certification target information 4a included in the block 4-3 is the user 8.

  For example, a terminal device (not shown) used by a user who uses the certification target information 4a is sent from the block chain nodes 3a, 3b, 3c to the public key (certificate issuing unit 7) of the block chain nodes 3a, 3b, 3c itself. The public key). Then, the terminal device verifies the validity of the electronic certificate 6 using the acquired public key. For example, the terminal device decrypts the electronic signature included in the electronic certificate 6 with the obtained public key. The terminal device determines that the electronic certificate 6 is correct when the decrypted data matches the certification target information 4a. When the terminal device has been correctly verified, the terminal device determines that the owner of the certification target information 4a is the user 8. If the identifier of the user 8 is included in the block 4-3, it can be understood that the owner of the certification target information 4a is the user 8 indicated by the identifier. If the certification target information 4a is the public key of the user 8, for example, the user who uses the certification target information 4a secures the data by encrypting the data transmitted with the identifier of the user 8 with the public key. To the user 8.

  In this way, by issuing electronic certificates using blockchains, electronic certificate issuance is not concentrated on one server, and even if some nodes fail, it continues to issue electronic certificates. it can. As a result, the issuance of electronic certificates can be continued stably, and the system availability is improved.

  In addition, if a predetermined number of managers out of a number of managers approve registrations, an electronic certificate is issued. Therefore, even if one approver cannot approve, an electronic certificate cannot be approved by another manager. Can be issued. As a result, it is possible to prevent the electronic certificate issuance procedure from being stopped.

  Note that the number (predetermined number) of the administrator's electronic signature required to issue the electronic certificate 6 can be set to an arbitrary number of 1 or more. By setting a number equal to or greater than 2 as the predetermined number, the approval condition of a plurality of managers can be set as a condition for issuing the electronic certificate 6. By issuing the electronic certificate 6 only when the registration approval of a plurality of managers can be confirmed, it is possible to suppress the erroneous issuing of the electronic certificate 6 due to the mistake of the manager.

  The user 8 can invalidate the validated certification target information 4a with the intention of the user 8. For example, the user 8 performs an input for instructing the terminal device 2a to discard the certification target information 4a. The terminal device 2a outputs a registration request for a block including a flag indicating discard and the block 4-3 to the network 1 in response to an input from the user 8 instructing the discard of the certification target information 4a. In response to the registration request, the plurality of block chain nodes 3a, 3b, and 3c hold the corresponding blocks distributed by the block chain. In addition, any one of the plurality of block chain nodes 3a, 3b, 3c detects that the retained block includes a flag indicating discard. The detected block chain nodes 3a, 3b, and 3c generate a block including the block chain node's own electronic signature (invalidation electronic signature) for the information included in the block and the block. Then, the plurality of block chain nodes 3a, 3b, 3c hold the generated blocks distributed by the block chain.

  When any block chain node applies a digital signature to a block including a flag indicating discard, the certification target information 4a included in the block becomes invalid. As described above, when invalidating the certification target information 4a, the user 8 only needs to perform the registration procedure of the block indicating the discard, and the administrator's effort is not required. As a result, the certification target information 4a can be quickly invalidated.

  In addition, the terminal device 2a adds an electronic signature (owner's electronic signature) of the user 8 to the information in the block 4-3 in a block generated when receiving an instruction to discard the certification target information 4a from the user 8. May be included. The electronic signature of the user 8 is obtained by encrypting the information in the block 4-3 with the private key of the user 8. When the plurality of block chain nodes 3a, 3b, and 3c detect that the block held in response to the registration request includes a flag indicating discard, the user 8 uses the public key (owner public key) of the user 8 to Verify the validity of the electronic signature. For example, the plurality of block chain nodes 3a, 3b, 3c decrypts the electronic signature of the user 8 with the public key of the user 8, compares the decrypted data with the information in the block 4-3, and if they match, It is determined that the electronic signature of the user 8 is valid. When the plurality of block chain nodes 3a, 3b, and 3c can confirm that the electronic signature of the user 8 is valid, the block chain nodes 3a, 3b, and 3c include a block including the block chain node's own electronic signature for the information included in the block and the block. Generate. The plurality of block chain nodes 3a, 3b, 3c hold the generated blocks in a distributed manner by the block chain.

  In this way, by adding the electronic signature of the user 8 to the block indicating the destruction of the certification target information 4a and verifying the digital signature, the certification target information 4a is invalidated by a third party other than the user 8 It is possible to prevent the certification target information 4a from being invalidated.

[Second Embodiment]
Next, a second embodiment will be described. In the second embodiment, issuance and management of electronic certificates in a blockchain network is realized without using a centrally managed server. In the following description, the electronic certificate is simply referred to as a certificate.

  The block chain network can deliver electronic information even if several nodes go down, and high availability is realized. However, if certificates used in the blockchain network are centrally managed by the server, the operation of the blockchain network will be hindered if the server goes down. That is, if the certificate management server goes down, the terminal device of the user who uses the block chain cannot refer to the certificate of the public key and cannot encrypt data using the public key.

  Further, when the certificates are centrally managed by the server, when the number of nodes in the block chain increases, access to the certificate management server is concentrated, and processing delay is likely to occur. Concentration of access can also be caused by malicious attacks. A delay in processing of the server for certificate management causes a delay in transactions via the block chain.

  In addition, the user certificate is issued in the certificate management server through procedures such as confirmation of the user identity by the server administrator. In this way, since a specific administrator's work is involved, an incorrect certificate may be registered due to an administrator's mistake. In addition, since certificate issuance is centrally managed, there is a possibility that the certificate will not be registered easily if an administrator's work delay occurs.

  In the second embodiment, certificate issuance and management are also realized using a block chain, thereby solving problems caused by centrally managing certificate issuance and management with a certificate management server. .

  FIG. 2 is a diagram illustrating an example of a configuration of a network system according to the second embodiment. In the network system according to the second embodiment, a plurality of block chain nodes 200 and 200a to 200f are connected via network switches 31 to 35. Each of the block chain nodes 200, 200a to 200f is a computer that functions as one node on the block chain network. A plurality of terminal devices 100, 100a to 100c are connected to the network. The plurality of terminal devices 100, 100a to 100c are computers used by users 41, 42 who perform transactions via a network or network managers 51, 52.

  In addition to the block chain nodes 200 and 200a to 200f, a large number of block chain nodes (not shown) are connected to the network system according to the second embodiment. Similarly, in addition to the plurality of terminal devices 100, 100a to 100c, a large number of terminal devices not shown are connected to the network system of the second embodiment.

  FIG. 3 is a diagram illustrating a hardware configuration example of the terminal device used in the second embodiment. The entire terminal device 100 is controlled by the processor 101. A memory 102 and a plurality of peripheral devices are connected to the processor 101 via a bus 109. The processor 101 may be a multiprocessor. The processor 101 is, for example, a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or a DSP (Digital Signal Processor). At least a part of the functions realized by the processor 101 executing the program may be realized by an electronic circuit such as an ASIC (Application Specific Integrated Circuit) or a PLD (Programmable Logic Device).

  The memory 102 is used as a main storage device of the terminal device 100. The memory 102 temporarily stores at least part of an OS (Operating System) program and application programs to be executed by the processor 101. The memory 102 stores various data necessary for processing by the processor 101. As the memory 102, for example, a volatile semiconductor storage device such as a RAM (Random Access Memory) is used.

  Peripheral devices connected to the bus 109 include a storage device 103, a graphic processing device 104, an input interface 105, an optical drive device 106, a device connection interface 107, and a network interface 108.

  The storage device 103 writes and reads data electrically or magnetically with respect to a built-in recording medium. The storage device 103 is used as an auxiliary storage device of a computer. The storage device 103 stores an OS program, application programs, and various data. For example, an HDD (Hard Disk Drive) or an SSD (Solid State Drive) can be used as the storage device 103.

  A monitor 21 is connected to the graphic processing device 104. The graphic processing device 104 displays an image on the screen of the monitor 21 in accordance with an instruction from the processor 101. Examples of the monitor 21 include a display device using a CRT (Cathode Ray Tube) and a liquid crystal display device.

  A keyboard 22 and a mouse 23 are connected to the input interface 105. The input interface 105 transmits signals sent from the keyboard 22 and the mouse 23 to the processor 101. The mouse 23 is an example of a pointing device, and other pointing devices can also be used. Examples of other pointing devices include a touch panel, a tablet, a touch pad, and a trackball.

  The optical drive device 106 reads data recorded on the optical disc 24 using laser light or the like. The optical disc 24 is a portable recording medium on which data is recorded so that it can be read by reflection of light. The optical disc 24 includes a DVD (Digital Versatile Disc), a DVD-RAM, a CD-ROM (Compact Disc Read Only Memory), a CD-R (Recordable) / RW (ReWritable), and the like.

  The device connection interface 107 is a communication interface for connecting peripheral devices to the terminal device 100. For example, the memory device 25 and the memory reader / writer 26 can be connected to the device connection interface 107. The memory device 25 is a recording medium equipped with a communication function with the device connection interface 107. The memory reader / writer 26 is a device that writes data to the memory card 27 or reads data from the memory card 27. The memory card 27 is a card type recording medium.

  The network interface 108 is connected to the network switch 31. The network interface 108 transmits and receives data to and from other computers or communication devices via the network switch 31.

  With the hardware configuration as described above, the processing function of the terminal device 100 according to the second embodiment can be realized. The terminal devices 100a to 100c can also be realized by the same hardware as the terminal device 100. The block chain nodes 200 and 200a to 200f can also be realized by the same hardware as the terminal device 100. Furthermore, the terminal devices 2a, 2b, 2c and the block chain nodes 3a, 3b, 3c shown in the first embodiment can also be realized by the same hardware as the terminal device 100 shown in FIG.

  The terminal devices 100, 100a to 100c or the block chain nodes 200, 200a to 200f realize the processing functions of the second embodiment by executing a program recorded on a computer-readable recording medium, for example. The program describing the processing contents to be executed by the terminal devices 100, 100a to 100c or the block chain nodes 200, 200a to 200f can be recorded on various recording media. For example, a program to be executed by the terminal device 100 can be stored in the storage device 103. The processor 101 loads at least a part of the program in the storage apparatus 103 into the memory 102 and executes the program. A program to be executed by the terminal device 100 can also be recorded on a portable recording medium such as the optical disc 24, the memory device 25, and the memory card 27. The program stored in the portable recording medium becomes executable after being installed in the storage apparatus 103 under the control of the processor 101, for example. The processor 101 can also read and execute a program directly from a portable recording medium.

  In the second embodiment, a system having such a hardware configuration is used to issue and manage certificates using a block chain. That is, in the system of the second embodiment, a new block chain network for storing certificates is constructed in place of the block chain network for performing transactions such as bit coins, instead of the server for certificate management. .

  FIG. 4 is a diagram illustrating an example of a block chain network according to the second embodiment. In the second embodiment, two block chain networks 60 and 61 are provided. The block chain network 60 is a block chain network for storing blocks 60a and 60b related to electronic information transactions. The block chain network 61 is a block chain network for storing blocks 61a and 61b related to certificates.

Hereinafter, functions of the terminal device and the block chain node for performing processing related to the block chain networks 60 and 61 will be described.
FIG. 5 is a block diagram illustrating an example of functions of the terminal device and the block chain node. The terminal device 100 used by the user 41 has an OS 110 and a Web browser 120. The Web browser 120 includes a certificate using unit 121 that makes a public key registration request or reference. The certificate using unit 121 executes processing for transmitting a public key registration request, processing for transmitting a public key destruction request, processing for using another user's public key, and the like.

  The terminal device 100a used by the administrator 51 has an OS 110a and a Web browser 120a. The Web browser 120a includes a certificate management unit 122a that performs a certificate issuance procedure.

  The block chain node 200 includes an OS 210, a web server 220, and a block chain subsystem 230. The block chain subsystem 230 distributes and holds blocks via the two block chain networks 60 and 61. For example, the block chain subsystem 230 includes a block storage unit 231, and stores blocks acquired from the terminal device 100 or another block chain node 200 a in the block storage unit 231. The block chain subsystem 230 has a smart contract 232. The smart contract 232 issues and invalidates a certificate on the block chain network 61.

  Similarly, the block chain node 200a has an OS 210a, a Web server 220a, and a block chain subsystem 230a. The block chain subsystem 230a has a block storage unit 231a for holding blocks and a smart contract 232a for issuing and invalidating certificates.

  The user 41 who is a block chain participant uses the terminal device 100 to perform a transaction via the block chain network 60 and also performs identity verification using a certificate via the block chain network 61. The administrator 51 uses the terminal device 100a to manage electronic information held in the block chain network 60 and issue and manage certificates held in the block chain network 61.

  For example, the user 41 uses the terminal device 100 to create data including the value of the reference flag “0” (registration) and the public key, and performs an electronic signature on the data with his / her private key. Performing an electronic signature means encrypting data to be signed or a hash value of the data with a secret key. Hereinafter, the encrypted data generated by performing the electronic signature is simply referred to as “signature”. Then, the user 41 registers the signed data on the block chain network 61 using the terminal device 100a. At this time, each participant holds the secret key.

  The administrator 51 uses the terminal device 100a to create data in which his / her signature is added to the block before the certificate issuance (reference flag is “0”). Then, the administrator 51 registers the created data on the block chain network 61 using the terminal device 100a.

  When the smart contracts 232 and 232a on the block chain network 61 confirm the number of approved blocks, the reference flag of the block is changed to a value “1” (valid) greater than “0”. To do. Furthermore, the smart contracts 232 and 232a generate blocks in which the signatures of the smart contracts 232 and 232a are added. Then, the smart contracts 232 and 232a request that the generated block be newly registered in the block chain subsystems 230 and 230a as public key certificates.

  Other users who transmit electronic information to the user 41 encrypt the information sent to the user 41 with the public key registered in the blockchain network 61 and included in the reference flag certificate having a value greater than “0”. Used for.

  To invalidate the public key certificate of the user 41, the user 41 digitally signs data whose reference flag value is “−1” (invalid), and requests the blockchain subsystem 230 to register. The smart contract 232 reads the block whose reference flag value is “−1”, and verifies whether the user 41 has registered by the signature. If the smart contract 232 can be verified, the smart contract 232 adds the signature of the smart contract 232 itself to the block and registers the block in the block chain subsystem 230. Thereby, the certificate can be invalidated without bothering the administrator 51.

Hereinafter, a block chain for issuing and managing certificates will be described with reference to FIG.
FIG. 6 is a diagram showing an example of a block chain for issuing and revoking certificates. The user 41 who is a participant in the block chain uses, for example, the terminal device 100 to use the public key 62b used for encrypting data addressed to the user 41 and the decryption of data encrypted with the public key 62b. Generate a secret key. Then, the user 41 who is the owner of the public key 62b generates a block 62-1 using the terminal device 100, and transmits a registration request for the block 62-1 to the block chain node 200.

  The block 62-1 includes a reference flag 62a having a value of “0”, the public key 62b of the user 41, and the signature 62c of the key owner (user 41) for the public key 62b. This block 62-1 is distributed to all block chain nodes via the block chain network 61.

  And with respect to the block 62-1, a some administrator performs the electronic signature which shows approval of the public key 62b. For example, when the administrator 51 first performs an electronic signature, the block 62-2 with the signature 62d of the first administrator 51 is registered on the block chain network 61. This block 62-2 includes the hash value 62e of the previous block 62-1. Similarly, a predetermined number of administrators perform electronic signatures. In the example of FIG. 6, it is a condition for issuing a certificate for the public key 62 b that N (N is an integer of 1 or more) administrators perform an electronic signature.

  For example, the administrator 52 performs an electronic signature for registration approval as the Nth administrator. When the administrator 52 performs the electronic signature, the block 62-3 including the signature 62f of the Nth administrator 52 is registered on the block chain network 61. The block 62-3 includes the hash value 62g of the block generated by the N-1th administrator performing registration approval. In block 62-3, the value of the reference flag 62a is still “0”.

  When the approval of the specified number (N) of managers is obtained, the smart contract 232a on the block chain network 61 changes the reference flag 62a of the registered block 62-3 to “1” (valid), and the reference The electronic signature of the flag 62a is performed. As a result, a block 62-4 is generated. The block 62-4 includes the signature 62h of the smart contract in addition to the signature 62c of the user 41 and the signatures 62d and 62f of the administrator who approved the registration. The block 62-4 includes the hash value 62i and the public key certificate 62j of the previous block 62-3. The public key certificate 62j includes the public key 62b, and indicates that the owner of the public key 62b is the user 41.

  The block 62-4 including the public key certificate 62j proves that the owner of the public key 62b is the user 41. Other users can safely pass the electronic information to the user 41 by encrypting the electronic information to be transmitted to the user 41 using the public key 62b acquired from the block 62-4.

  When the user 41 invalidates the public key 62 b, the user 41 registers the block 62-5 in which the value of the reference flag 62 a in the block 62-4 is “−1” (invalid) on the block chain network 61. The block 62-5 includes the hash value 62k of the block 62-4. When the block 62-5 is registered, for example, the smart contract 232a performs an electronic signature.

 In the second embodiment, only blocks with the value of the reference flag 62a “1” and the signature of the smart contract on the block chain network 61 are valid and can be referenced by other users. It is.

Hereinafter, a method of creating a block to be registered on the block chain network 61 will be described with reference to FIGS.
FIG. 7 is a diagram showing an example of creating a public key registration block. For example, the user 41 inputs a public key 62b and a secret key 62m used for decrypting data encrypted with the public key 62b to the terminal device 100. Note that data encrypted with the private key 62m can be decrypted with the public key 62b. The user 41 inputs a registration instruction for the public key 62 b to the terminal device 100.

  Then, the terminal device 100 performs an electronic signature on the public key 62b of the user 41 with the secret key 62m. For example, the terminal device 100 encrypts the hash value of the public key 62b with the secret key 62m. Thereby, the signature 62c of the user 41 who is the owner of the key is generated. The terminal device 100 generates a registration block 63 including the public key 62b of the user 41, a reference flag 62a having a value “0”, and a signature 62c of the key owner (user 41). Then, the terminal device 100 transmits the registration block 63 to the block chain node 200 and requests the block chain subsystem 230 to register the registration block 63 in the block chain network 61.

  The block chain subsystem 230 stores the registration block 63 in the block storage unit 231 as the block 62-1 illustrated in FIG. 6 and transmits it to other block chain nodes.

  FIG. 8 is a diagram illustrating an example of creating a block at the time of initial registration approval. The administrator 51 has his own public key 71 and a secret key 72 used for decrypting data encrypted with the public key 71. The data encrypted with the private key 72 can be decrypted with the public key 71. The block chain subsystem 230a of the block chain node 200a connected to the terminal device 100a used by the administrator 51 stores the block 62-1 registered by the user 41 in the block storage unit 231a.

  In response to an input from the administrator 51, the terminal device 100a reads the block 62-1 having a reference flag 62a value of “0” from the block storage unit 231a in the block chain subsystem 230a. Then, the terminal device 100a performs a registration approval process for the public key 62b. For example, the administrator 51 inputs the secret key 72 to the terminal device 100a. The terminal device 100a calculates a hash value between the public key 62b and the signature 62c of the owner of the public key 62b. Next, the terminal device 100 a encrypts the calculated hash value with the secret key 72 of the first administrator 51. The encrypted data becomes the signature 62d of the first administrator 51. The terminal device 100a generates a registration block 64 including a reference flag 62a having a value of “0”, a public key 62b, a signature 62c of the key owner, and a signature 62d of the first administrator 51. The terminal device 100a transmits the registration block 64 to the block chain node 200a, and requests the block chain subsystem 230a to register the registration block 64 in the block chain network 61.

  The block chain subsystem 230a adds the hash value of the block 62-1 to the registration block 64 to generate the block 62-2. The block chain subsystem 230a stores the block 62-2 in the block storage unit 231a and transmits the block 62-2 to another block chain node.

Thereafter, similarly, the other managers also perform registration approval until the number of signatures of the manager reaches N.
FIG. 9 is a diagram illustrating an example of creating a block when the Nth registration is approved. The administrator 52 has his own public key 73 and a secret key 74 used for decrypting data encrypted with the public key 73. The data encrypted with the private key 74 can be decrypted with the public key 73. In addition, the block chain subsystem 230a of the block chain node 200a connected to the terminal device 100b used by the administrator 52 is registered in the block storage unit 231a with the block registered by the administrator who has performed the N-1th registration approval. 62-6 is stored.

  The value of the reference flag 62a of the block 62-6 is still “0”. The block 62-6 includes the public key 62b, the signature 62c of the owner of the public key 62b, and the signature of each administrator who has already approved the registration. In the example of FIG. 9, the block 62-6 includes the first administrator signature 62d to the N-1th administrator signature 62n.

  In response to an input from the administrator 52, the terminal device 100b reads the block 62-6 having a reference flag 62a value of “0” from the block storage unit 231a in the block chain subsystem 230a. Then, the terminal device 100b performs a registration approval process for the public key 62b. For example, the administrator 52 inputs the secret key 74 to the terminal device 100b. The terminal device 100b calculates the hash value of the public key 62b, the signature 62c of the owner of the public key 62b, and the signatures of the first to (N-1) th administrator. Next, the terminal device 100a encrypts the calculated hash value with the secret key 74 of the Nth administrator 52. The encrypted data becomes the signature 62f of the Nth administrator 52. The terminal device 100b generates a registration block 65 including a reference flag 62a having a value of “0”, a public key 62b, a signature of the key owner 62c, and signatures of the first to Nth administrators. Then, the terminal device 100b transmits the registration block 65 to the block chain node 200a, and requests the block chain subsystem 230a to register the registration block 65 in the block chain network 61.

  The block chain subsystem 230a adds the hash value of the block 62-6 to the registration block 65 to generate the block 62-3. Then, the block chain subsystem 230a stores the block 62-3 in the block storage unit 231a and transmits it to another block chain node.

In this way, when the registration approval for the prescribed number of persons is completed, the smart contract executed in one of the blockchain nodes issues a public key certificate.
FIG. 10 is a diagram illustrating an example of creating a public key certificate by a smart contract. The smart contract 232a has its own public key 75 and a secret key 76 used for decrypting data encrypted with the public key 75. The data encrypted with the private key 76 can be decrypted with the public key 75. In addition, the block chain subsystem 230a stores a block 62-3 registered by the administrator who performed N-th registration approval in the block storage unit 231a.

  The value of the reference flag 62a of this block 62-3 is still “0”. The block 62-3 includes the public key 62b, the signature 62c of the owner of the public key 62b, and the signature of each administrator who has already approved the registration. In the example of FIG. 10, the block 62-3 includes the first administrator signature 62d to the Nth administrator signature 62f.

  The smart contract 232a reads the block 62-3 in which the value of the reference flag 62a is “0” from the block storage unit 231a. Then, the smart contract 232a creates a public key certificate 62j for the public key 62b. For example, the smart contract 232a encrypts the hash value of the public key 62b with the secret key 76 of the smart contract 232a. The encrypted data is the signature of the smart contract 232a. The smart contract 232a gives a signature to the public key 62b, and sets it as a public key certificate 62j. The smart contract 232a changes the value of the reference flag 62a to a value “1” indicating validity. Then, the smart contract 232a includes a reference block 62a having a value “1”, a public key 62b, a signature 62c of the key owner, a signature of each of the first to Nth administrators, and a public block certificate 62j. Is generated. Then, the smart contract 232a requests the block chain subsystem 230a to register the registration block 66 in the block chain network 61.

  The block chain subsystem 230a adds the hash value of the block 62-3 to the registration block 66 to generate the block 62-4. The block chain subsystem 230a stores the block 62-4 in the block storage unit 231a and transmits the block 62-4 to another block chain node.

  In this way, the public key certificate 62j related to the public key 62b registered by the user 41 is issued, and other users can use the public key 62b with peace of mind. The public key 62b that has become usable can be discarded by the user 41.

  FIG. 11 is a diagram illustrating an example of creating a block when a public key is discarded. The user 41 inputs an instruction to destroy the public key 62b to the terminal device 100. Then, the terminal device 100 reads the block 62-4 from the block chain subsystem 230. Next, the terminal device 100 encrypts the public key 62b, the signature 62c of the key owner, the signatures 62d,..., 62f of each administrator, and the hash value of the public key certificate 62j with the private key 62m. Thereby, the signature 62n of the user 41 who is the owner of the key is generated. Further, the terminal device 100 changes the value of the reference flag 62a to a value “−1” indicating invalidity. Further, the terminal device 100 includes a public key 62b of the user 41, a reference flag 62a having a value “−1”, a signature 62c of the key owner, a signature 62d,..., 62f of each administrator, a public key certificate 62j, And a registration block 67 containing the key owner signature 62n added. Then, the terminal device 100 transmits the registration block 67 to the block chain node 200 and requests the block chain subsystem 230 to register the registration block 67 in the block chain network 61.

  The block chain subsystem 230 adds the hash value of the block 62-4 to the registration block 67 to create the block 62-5. The block chain subsystem 230 stores the block 62-5 in the block storage unit 231 and transmits it to other block chain nodes.

  When the block 62-5 indicating the destruction of the public key 62b of the user 41 is registered in the blockchain network 61, the public key 62b is invalidated by a smart contract executed in any blockchain node. .

  FIG. 12 is a diagram illustrating an example of revoking a public key by a smart contract. The smart contract 232 has its own public key 77 and a secret key 78 used for decrypting data encrypted with the public key 77. The data encrypted with the secret key 78 can be decrypted with the public key 77. Further, the block chain subsystem 230 stores the block 62-5 that has been subjected to the discarding process in the block storage unit 231.

  The value of the reference flag 62a of this block 62-5 is “−1”. The block 62-5 includes the public key 62b, the signature 62c of the owner of the public key 62b, the signature of each administrator who has already approved the registration, the public key certificate 62j, and the public key added by the destruction process. 62b owner's signature 62n is included.

  The smart contract 232 reads the block 62-5 whose reference flag 62 a is “−1” from the block storage unit 231. The smart contract 232 encrypts the hash values of all the signatures (including the public key certificate 62j) included in the block 62-5 and the reference flag 62a with the secret key 78 of the smart contract 232. The encrypted data is the signature 62 o of the smart contract 232. The smart contract 232 generates a registration block 68 in which the signature 62o is added to the information included in the block 62-5. The smart contract 232 requests the block chain subsystem 230 to register the registration block 68 in the block chain network 61.

  The block chain subsystem 230 adds the hash value of the block 62-5 to the registration block 68 to generate the block 62-8. Then, the block chain subsystem 230 stores the block 62-8 in the block storage unit 231 and transmits it to other block chain nodes.

  In the block chain network 61, only the last updated block is effective among a plurality of related blocks. Therefore, when the block 62-8 is registered, the block 62-4 becomes unusable. In the block 62-8, a reference flag 62a “−1” indicating that the public key 62b is invalid is set. As a result, subsequent use of the public key 62b is suppressed.

Before being invalidated, users other than the user 41 can use the public key 62b of the user 41 with reference to the block 62-4.
FIG. 13 is a diagram illustrating an example of using a public key. The user 42 instructs the terminal device 100c to acquire the public key 62b of the user 41. Then, the terminal device 100c reads the block 62-4 from the block storage unit 231c in the block chain subsystem 230c of the block chain node 200c. Further, the terminal device 100c reads the block 62-7 including the public key 75 of the smart contract 232a from the block storage unit 231c in the block chain subsystem 230c. Block 62-7 includes a public key certificate for public key 75, for example. It is assumed that the public key 75 can be verified by using a key that the terminal device 100c already has, for example.

  The terminal device 100c verifies the public key certificate 62j using the public key 75 of the smart contract 232a. For example, the terminal device 100c decrypts the signature of the smart contract 232a included in the public key certificate 62j with the public key 75 of the smart contract 232a. Next, the terminal device 100c compares the decrypted data with the hash value of the public key 62b included in the block 62-4. When the decrypted data matches the hash value of the public key 62b, it is confirmed that the owner of the public key 62b is the user 41.

  When it is confirmed that the owner of the public key 62b is the user 41, the terminal device 100c encrypts electronic information to be passed to the user 41 using the public key 62b according to the instruction of the user 42. The terminal device 100c generates a registration block including the encrypted electronic information, and transmits a registration request for the block to the block chain network 60 to the block chain subsystem 230c.

Hereinafter, with reference to FIGS. 14 to 19, a procedure for issuing a certificate and managing the certificate will be described in detail.
FIG. 14 is a sequence diagram illustrating an example of a procedure for public key registration processing. The terminal device 100 acquires a public key file from the location specified by the user 41 (step S101). The public key file includes the public key 62b of the user 41. Next, the terminal device 100 generates a public key file and a reference flag 62a having a value “0” (step S102). Next, the terminal device 100 applies an electronic signature to the hash value of the public key 62b of the user 41 using the secret key 62m of the user 41 (Step S103). Then, the terminal device 100 creates a registration block 63 and transmits a registration request for the registration block 63 to the block chain node 200 (step S104).

  The block chain node 200 stores the received registration block 63 as a block 62-1 (see FIG. 6) on the block chain network 61 (step S105). The block chain node 200 distributes the block 62-1 to other block chain nodes (step S106).

  FIG. 15 is a sequence diagram illustrating an example of the procedure of the registration approval process. The terminal device 100a used by the administrator 51 transmits an acquisition request for a block whose reference flag 62a is “0” to the block chain node 200a (step S111). In response to the block acquisition request, the block chain node 200a transmits, to the terminal device 100a, the block 62-1 in which the value of the reference flag 62a is “0” among the registered blocks (step S112).

  The terminal device 100a that acquired the block performs an electronic signature on the hash value of the public key 62b and the signature 62c of the user 41 with the secret key 72 of the administrator 51 (step S113). At this time, the value of the reference flag 62a remains “0”. The terminal device 100a transmits a registration request for the registration block 64 in which the signature 62d of the administrator 51 is added to the acquired block 62-1 to the block chain node 200a (step S114).

  The block chain node 200a adds the hash value of the block 62-1 to the received registration block 64 and stores it as the block 62-2 (see FIG. 6) on the block chain network 61 (step S115). The block chain node 200a distributes the block 62-2 to other block chain nodes (step S116).

When such registration approval is performed by N managers, a public key certificate issuance process for validating the public key 62b is performed.
FIG. 16 is a sequence diagram illustrating an example of a procedure for public key certificate issuance processing. Since the public key certificate issuance process is an internal process of the block chain node 200a, FIG. 16 shows a process of each element in the block chain node 200a in a sequence diagram.

  The smart contract 232a monitors the approval status of the block related to the registration request for the public key 62b among the blocks registered in the block chain subsystem 230a (step S121). For example, the smart contract 232a requests an unapproved block 62-3 (the value of the reference flag 62a is “0”) whose administrator signature is N or more to the block chain subsystem 230a. When the block chain subsystem 230a detects an unapproved block 62-3 having N or more administrator signatures, the block chain subsystem 230a transmits the block 62-3 to the smart contract 232a (step S122).

  The smart contract 232a determines whether or not an unapproved block 62-3 having N or more administrator signatures has been acquired (step S123). If the block 62-3 cannot be acquired, the smart contract 232a continues to monitor the block approval status. When the block 62-3 can be acquired, the smart contract 232a changes the value of the reference flag 62a of the acquired block to “1” (step S124). Next, the smart contract 232a creates a public key certificate 62j signed with the private key 76 of the smart contract 232a on the hash value of the public key 62b included in the acquired block 62-3 (step S125). Then, the smart contract 232a transmits a registration request for the registration block 66 including the public key certificate 62j in the acquired block 62-3 to the block chain subsystem 230a (step S126).

  The block chain subsystem 230a adds the hash value of the block 62-3 to the received registration block 66 and stores it as the block 62-4 (see FIG. 6) on the block chain network 61 (step S127). Further, the block chain subsystem 230a distributes the block 62-4 to other block chain nodes (step S128).

The public key 62b is validated by issuing the public key certificate 62j. The public key 62b is destroyed by an instruction from the user 41 who is the owner.
FIG. 17 is a sequence diagram illustrating an example of a procedure for public key destruction processing. When the user 41 receives an instruction to discard the public key 62b, the terminal device 100 transmits an acquisition request for the block 62-4 having the reference flag 62a value “1” to the block chain node 200 (step S131). ). In response to the acquisition request, the block chain node 200 transmits the block 62-4 having the value of the reference flag 62a “1” to the terminal device 100 (step S132).

  The terminal device 100 that has acquired the block 62-4 updates the value of the reference flag 62a to “−1” (invalid) (step S133). Next, the terminal device 100 calculates a hash value of the public key 62b, various signatures, and the public key certificate 62j included in the acquired block 62-4, and adds an electronic signature to the hash value using the private key 62m of the user 41. This is performed (step S134). Then, the terminal device 100 transmits a registration request for the registration block 67 in which the newly generated signature 62n is added to the acquired block 62-4 to the block chain node 200 (step S135).

  The block chain node 200 adds the hash value of the block 62-4 to the received registration block 67 and stores it as the block 62-5 (see FIG. 6) on the block chain network 61 (step S136). The block chain node 200 distributes the block 62-5 to other block chain nodes (step S137).

When the process of destroying the public key 62b is performed, the public key 62b is revoked on the block chain network 61.
FIG. 18 is a sequence diagram illustrating an example of a public key revocation process procedure. Since the public key invalidation process is an internal process of the block chain node 200, FIG. 18 shows a process of each element in the block chain node 200 in a sequence diagram.

  The smart contract 232 monitors the presence or absence of a block related to the discarded public key 62b among the blocks registered in the block chain subsystem 230 (step S141). For example, the smart contract 232 requests the block 62-5 whose value of the reference flag 62a is “−1” to the block chain subsystem 230. When the block chain subsystem 230 detects the corresponding block 62-5, the block chain subsystem 230 transmits the block 62-5 to the smart contract 232 (step S142).

  The smart contract 232 determines whether or not the block 62-5 in which the value of the reference flag 62a is “−1” (invalid) has been acquired (step S143). If the corresponding block 62-5 cannot be acquired, the smart contract 232 continues to monitor the discard block. If the block 62-5 can be acquired, the signature 62n added by the user 41 at the time of discarding is verified (step S144). For example, the smart contract 232 compares the result of decrypting the signature 62n with the public key 62b of the user 41 and the hash value of the data used for the signature. to decide.

  If the signature is correct, the smart contract 232 adds the electronic signature with the private key 78 of the smart contract 232 to the hash value of all the signatures (including the public key certificate 62j) included in the block 62-5 and the reference flag 62a. (Step S145). Then, the smart contract 232 transmits a registration request for the registration block 68 including the new signature 62o by the smart contract 232 to the acquired block 62-5 to the block chain subsystem 230 (step S146).

  The block chain subsystem 230 adds the hash value of the block 62-5 to the received registration block 68 and stores it as the block 62-8 on the block chain network 61 (step S147). Further, the block chain subsystem 230 distributes the block 62-8 to other block chain nodes (step S148).

In this way, the public key 62b that the user 41 has instructed to destroy is invalidated.
Next, a procedure for using a valid public key 62b by another user 41 will be described.
FIG. 19 is a sequence diagram illustrating an example of a procedure for using a public key. The user 42 who is a user of the public key 62b instructs the terminal device 100c to encrypt data using the public key 62b of the user 41, for example. Then, the terminal device 100c transmits an acquisition request for the latest block of the user 41 including the public key certificate to the block chain node 200c (step S151). The block chain node 200c transmits the latest block including the public key 62b of the user 41 to the terminal device 100c (step S152).

  The terminal device 100c that acquired the block determines whether or not the value of the reference flag 62a indicated in the acquired block is greater than “0” (step S153). If the value of the reference flag 62a is greater than “0”, the terminal device 100c advances the process to step S154. If the value of the reference flag 62a is “0” or less, the terminal device 100c advances the process to step S157.

  The terminal device 100c verifies the signature of the smart contract 232a attached to the public key certificate included in the acquired block by comparing the hash values (step S154). For example, the terminal device 100c acquires the public key 62b of the smart contract 232a via the block chain network 61, and decrypts the signature with the public key 62b. The terminal device 100c compares the decrypted data with the hash value of the public key 62b, and determines that the signature is correct if they match.

  The terminal device 100 determines whether or not the signature of the smart contract 232a has been correctly verified (step S155). If the terminal device 100c has been correctly verified, the process proceeds to step S156. If the terminal device 100c fails to verify correctly, the process proceeds to step S157.

  If the verification is successful, the terminal device 100c performs processing such as encryption of data to be transmitted to the user 41 using the public key 62b (step S156). Further, when the reference flag 62a is “0” or less or the validity of the public key 62b of the smart contract 232a cannot be confirmed, the terminal device 100c outputs a message indicating that the public key 62b of the user 41 cannot be used (Step S100c). S157).

In this way, the public key 62b can be used only when the validity is secured by the signature of the smart contract 232a.
Next, a user interface for causing the blockchain system to execute processing according to the second embodiment will be described with reference to FIGS.

  FIG. 20 is a diagram illustrating an example of a public key registration screen. The terminal device 100 used by the user 41 displays a public key registration screen 81. The public key registration screen 81 includes a text box 81a for specifying a public key file, a file selection button 81b, an OK button 81c, and a cancel button 81d. For example, the user 41 who registers the public key 62b inputs the name of the file including the public key 62b in the text box 81a. Further, the user 41 can display a list of files in the terminal device 100 on the screen by selecting the button 81b. The user 41 selects a file including the public key 62b from the displayed list of files. Then, the file name of the selected file is set in the text box 81a.

  When the user 41 presses the OK button 81c, the terminal device 100 transmits a block registration request including the public key 62b in the file indicated in the text box 81a to the block chain node 200. When the user 41 presses the cancel button 81d, the terminal device 100 closes the public key registration screen 81 without transmitting a block registration request.

  FIG. 21 is a diagram illustrating an example of a registration approval screen. The terminal device 100a used by the administrator 51 displays the registration approval screen 82. The registration approval screen 82 includes a public key display section 82a, an administrator count display section 82b, an already approved number display section 82c, a signature file designation text box 82d, a signature file selection button 82e, an approval button 82f, and a cancel. Button 82g is included.

  The public key 62b of the user 41 is displayed on the public key display part 82a. The number of managers who can perform registration approval is displayed in the manager number display part 82b. In the already-approved number display section 82c, the number of managers who have already approved for registration is displayed.

  For example, the administrator 51 who approves the public key 62b inputs the name of the file including the secret key of the administrator 51 in the text box 82d. The administrator 51 can display a list of files in the terminal device 100a on the screen by selecting the button 82e. The administrator 51 selects a file including a secret key from the displayed list of files. Then, the file name of the selected file is set in the text box 82d.

  When the administrator 51 depresses the approval button 82f, the terminal device 100a transmits a registration block registration request including the signature of the administrator 51 to the block chain node 200a. When the registration approval ends normally, a registration approval result screen 83 is displayed on the screen of the terminal device 100a, for example. The registration approval result screen 83 displays, for example, the number of managers who have performed registration approval. On the registration approval result screen 83, when the required number of managers approve registration and the public key 62b is activated, a message indicating activation of the public key 62b is displayed. When the administrator 51 presses the OK button 83a, the terminal device 100a closes the registration approval result screen 83.

When the administrator 51 depresses the cancel button 82g, the terminal device 100a closes the registration approval screen 82 without transmitting a block registration request.
FIG. 22 is a diagram illustrating an example of a public key revocation screen. The terminal device 100 used by the user 41 displays the public key revocation screen 84. The public key invalidation screen 84 includes a text box 84a for specifying a public key file, a file selection button 84b, an OK button 84c, and a cancel button 84d. The user 41 who invalidates the public key 62b inputs, for example, the name of the file including the public key 62b in the text box 84a. Further, the user 41 can display the list of files in the terminal device 100 on the screen by selecting the button 84b. The user 41 selects a file including the public key 62b from the displayed list of files. Then, the file name of the selected file is set in the text box 84a.

  When the user 41 presses the OK button 84c, the terminal device 100 issues a registration request for a block (the value of the reference flag 62a is “−1”) indicating the destruction of the public key 62b in the file indicated in the text box 84a. , Transmitted to the block chain node 200. When the user 41 presses the cancel button 84d, the terminal device 100 closes the public key revocation screen 84 without transmitting a block registration request.

  When the invalidation ends normally, an invalidation result screen 85 is displayed on the screen of the terminal device 100, for example. On the revocation result screen 85, the revoked public key 62b is displayed in the public key display portion 85a. When the user 41 presses the OK button 85b, the terminal device 100 closes the invalidation result screen 85.

  As described above, it is possible to issue and manage public key certificates using the block chain network 61. As a result, the availability is improved as compared with the case where the public key certificate is issued and managed by the certificate management server. That is, in the second embodiment, the issuance and management processing of the public key 62b is not centralized, and the public key certificate cannot be issued or the public key 62b cannot be referred to due to a specific server being down. Is deterred.

  In addition, in the second embodiment, since the approval is performed by the majority vote of a plurality of managers, registration errors can be prevented. Furthermore, since approval is performed by a plurality of managers, even if a certain approver cannot approve the public key 62b, another administrator can approve the public key 62b. As a result, the time until the public key certificate is issued can be shortened.

  Furthermore, in the second embodiment, a reference flag 62a is provided in a block that manages the public key 62b, and registration, valid, and invalid states are managed by the reference flag 62a. Thus, for example, when the public key 62b is revoked, the user 41 only has to register a block indicating the destruction of the public key 62b. be able to.

[Third Embodiment]
Next, a third embodiment will be described. In the third embodiment, when a digital signature is made, the signature target hash value is not calculated and the signature is directly attached. By omitting the calculation of the hash value, processing efficiency can be improved. Hereinafter, with reference to FIGS. 23 to 31, differences of the third embodiment from the second embodiment will be described.

  FIG. 23 is a diagram illustrating an example of creating a public key registration block according to the third embodiment. In the third embodiment, the terminal device 100 encrypts the public key 62b with the secret key 62m of the user 41. The data obtained by directly encrypting the public key 62b becomes the signature 62c-1 of the user 41.

  FIG. 24 is a diagram illustrating an example of creating a block at the time of first registration approval in the third embodiment. In the third embodiment, the terminal device 100a encrypts the public key 62b and the signature 62c-1 of the owner of the public key 62b with the secret key 72 of the administrator 51. The encrypted data becomes the signature 62d-1 of the administrator 51.

  FIG. 25 is a diagram illustrating an example of creating a block at the time of N-th registration approval in the third embodiment. The terminal device 100b receives the public key 62b, the signature 62c-1 of the owner of the public key 62b, and the signatures 62d-1,. The private key 74 is used for encryption. The encrypted data becomes the signature 62f-1 of the administrator 52.

  FIG. 26 is a diagram illustrating an example of creating a block when a public key is discarded in the third embodiment. The terminal device 100 uses the public key 62b, the signature 62c-1 of the owner of the public key 62b, and the signatures 62d-1,. Encrypt with key 62m. The encrypted data becomes the signature 62n-1 of the user 41.

  FIG. 27 is a diagram illustrating an example of revoking a public key by a smart contract according to the third embodiment. The smart contract 232 encrypts all the signatures (including the public key certificate 62j) included in the block 62-5 and the reference flag 62a having the value “−1” with the private key 78 of the smart contract 232. . The encrypted data is the signature 62o-1 of the smart contract 232.

  FIG. 28 is a sequence diagram illustrating an example of a procedure of public key registration processing according to the third embodiment. Of the processing shown in FIG. 28, the processing in step S103a is different from the second embodiment (see FIG. 14). In the third embodiment, in step S103a, the terminal device 100 performs an electronic signature on the public key 62b of the user 41 with the private key 62m of the user 41 without calculating a hash value.

  FIG. 29 is a sequence diagram illustrating an example of a procedure of a registration approval process in the third embodiment. In the process shown in FIG. 29, the process of step S113a is different from the second embodiment (see FIG. 15). In the third embodiment, in step S113a, the terminal device 100a performs an electronic signature on the public key 62b and signature of the user 41 with the private key 72 of the administrator 51 without calculating a hash value.

  FIG. 30 is a sequence diagram illustrating an example of a procedure of public key certificate issuance processing according to the third embodiment. Of the processes shown in FIG. 30, the process of step S125a is different from the second embodiment (see FIG. 16). In the third embodiment, in step S125a, the smart contract 232a creates a public key certificate 62j signed with the private key 76 of the smart contract 232a in the public key 62b of the user 41 without calculating a hash value. .

  FIG. 31 is a sequence diagram illustrating an example of a procedure for a public key destruction process according to the third embodiment. Of the processes shown in FIG. 31, the process of step S134a is different from the second embodiment (see FIG. 17). In the third embodiment, in step S134a, the terminal device 100 does not calculate a hash value, and adds an electronic signature to the public key 62b, various signatures, and the public key certificate 62j using the private key 62m of the user 41. To do.

  FIG. 32 is a sequence diagram illustrating an example of a public key revocation process procedure according to the third embodiment. Of the processes shown in FIG. 32, the difference from the second embodiment (see FIG. 18) is the process of step S145a. In the third embodiment, in step S145a, the smart contract 232 calculates the private key 78 of the smart contract 232 in all signatures (including the public key certificate 62j) and the reference flag 62a without calculating a hash value. Digitally sign with

  FIG. 33 is a sequence diagram illustrating an example of a public key use procedure according to the third embodiment. Of the processes shown in FIG. 33, the process of step S154a is different from the second embodiment (see FIG. 19). In the third embodiment, in step S154a, the terminal device 100c verifies the signature of the smart contract 232a by comparing not the hash value but the public key 62b of the user 41.

As described above, in the third embodiment, since the calculation of the hash value is omitted, the processing can be performed efficiently.
[Other Embodiments]
In the second and third embodiments, the public key certificate used for the transaction using the block chain network 60 is issued by the block chain network 61. This is an example of the use of the public key certificate. is there. That is, the public key certificate using the block chain network 61 can be used for other than the block chain network 60.

In the second and third embodiments, a certificate is issued for the public key 62b. However, for other information, a certificate certified by the owner of the information can be issued.
As mentioned above, although embodiment was illustrated, the structure of each part shown by embodiment can be substituted by the other thing which has the same function. Moreover, other arbitrary structures and processes may be added. Further, any two or more configurations (features) of the above-described embodiments may be combined.

1 Network 2a, 2b, 2c Terminal equipment 3a, 3b, 3c Block chain node 4, 4-1, 4-2, 4-3 Block 4a Information to be certified 4b, 5a, 5n, 6a Electronic signature 6 Electronic certificate 7 Certification Issuer 8 User 9a, 9b Administrator

Claims (6)

A first terminal device that outputs a registration request for a first block including certification target information owned by a user to a network holding a plurality of blocks by a block chain;
A block including the certification target information from the network is acquired as an approval target block, and includes a digital signature indicating registration approval of the certification target information and the approval target block according to an input from an administrator. A plurality of second terminal devices for outputting a block registration request to the network;
The electrons belonging to the network, distributed and held by a block chain in response to a registration request for the first or second block, and included in the held second block When there is a signature number satisfaction block in which the number of signatures reaches a predetermined number, a third block including an electronic certificate that proves the owner of the certification target information and the signature number satisfaction block is distributed by a block chain. Multiple blockchain nodes to hold,
Certificate distribution system with One block chain node of the plurality of block chain nodes gives an electronic signature for validation obtained by encrypting the certification target information with the private key of the one block chain node to the certification target information, Create the electronic certificate,
further,
The public key of the one block chain node is acquired, the validity of the electronic certificate is verified with the acquired public key, and if the verification is successful, the owner of the certification target information is determined to be the user. Having a third terminal device,
The certificate distribution system according to claim 1. The first terminal device sends a registration request for a fourth block including a flag indicating destruction and the third block to the network in response to an input from the user instructing the destruction of the certification target information. Output,
The plurality of block chain nodes detect that the fourth block is distributed and held by the block chain and the flag indicating discard is included in the fourth block in response to the registration request of the fourth block. Then, the fifth block including the invalidation electronic signature of the block chain node for the information included in the fourth block and the fourth block is distributed and held by the block chain.
The certificate distribution system according to claim 1 or 2. The first terminal device includes, in the fourth block, an owner electronic signature of the user for the information in the third block,
When the plurality of block chain nodes detect that the flag indicating discard is included in the fourth block, the owner electronic for the information in the third block is used by using the owner public key of the user. If the validity of the signature is verified and it is confirmed that the signature is valid, the fifth block is created, and the created fifth block is distributed and held by a block chain.
The certificate distribution system according to claim 3. The first terminal device outputs a registration request for the first block including the certification target information owned by the user to the network holding a plurality of blocks by the block chain,
A plurality of block chain nodes belonging to the network, in response to the registration request of the first block, the first block is distributed and held by the block chain,
A plurality of second terminal devices acquire a block including the certification target information from the network as an approval target block, and an electronic signature indicating registration approval of the certification target information according to an input from an administrator; A registration request for the second block including the block to be approved is output to the network;
The plurality of block chain nodes hold the second block distributed by the block chain in response to the registration request of the second block,
When there is a signature number satisfying block in which the number of the electronic signatures included in the second block held by one of the plurality of block chain nodes reaches a predetermined number, the owner of the certification target information Create a third block including an electronic certificate that certifies and a signature number satisfaction block,
A plurality of block chain nodes hold the third block distributed by the block chain.
Certificate delivery method. To a computer belonging to a network that holds multiple blocks by blockchain,
In the plurality of blocks, when there is a signature number satisfaction block including a certification target information owned by a user and a digital signature that has reached a predetermined number indicating registration approval of the certification target information, Create a block including an electronic certificate that proves the owner and the signature number satisfaction block,
Holding the created block and sending the block to another computer belonging to the network;
Certificate distribution program that executes processing.

Images