JP2020072307A - Secret key management system in distributed network and secret key management method - Google Patents

Abstract

To provide a secret key management system in a distributed network in which a private key can be retained and used in a safe and convenient manner without impairing the convenience of use, and a holder of a legitimate private key can be prevented from fraud, and a secret key management method.SOLUTION: A secret key management system S mainly includes an information terminal 1 that is communicably connected to a block chain, an IC card 3 incorporating an IC chip 2 holding a BC secret key 33, and an IC reader 4. The BC secret key 33 is held in an encrypted memory on the IC chip 2 side that is completely cut off from a network. The information terminal 1 and the IC chip 2 perform authentication with IC unlock keys 31 and 32, and the information terminal 1 requests the IC chip 2 to use the BC secret key 33 via the IC reader 4, and a processing message 34 is signed using the BC private key 33 read from the IC chip 2, and the signed processing message 35 is transmitted to the block chain.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a private key management system and a private key management method in a distributed network, and more particularly to a private key in a distributed network that holds and uses private key information for owner confirmation in transactions operating in the distributed network. The present invention relates to a management system and a secret key management method.

In recent years, a technology called block chain, which is a distributed ledger technology, has been developed as one of distributed networks, and has been attracting attention in the financial field such as cryptocurrency and other wide fields (for example, Patent Documents 1 and 2).
This blockchain is based on public key cryptography, and in the cryptocurrency operating on the blockchain, private key information is used to confirm the ownership of the assets on the blockchain. In other words, the person holding the private key becomes the owner of the asset on the blockchain.

Japanese Patent No. 5858506 JP, 2008-117287, A

  However, if this private key is obtained by someone other than the original owner due to theft or the like, there arises a problem that the assets recorded on the block chain are illegally operated. Therefore, in a block chain or a system using the block chain, how to securely store the private key is a very important issue. On the other hand, if the private key is strictly managed, the convenience (mainly immediacy) of using the private key is often lost, and the convenience of using the private key is lost while keeping the private key safe. There is a need for a method that does not. Furthermore, there is a fraud risk of double payment by a legitimate private key holder in cryptocurrency, and a method for solving such fraud risk is also required.

The most convenient method is to hold the private key on the server (node) that constitutes the blockchain network.
This private key holding method is generally called a hot wallet.Since the private key and the program that uses the private key exist on the same server, the procedure from the private key usage request to the usage and the physical It has the advantages that there are few physical obstacles and convenience is not impaired. The convenience here means, for example, a procedure or a short time required until the remittance process is actually completed in response to the remittance process request of the cryptocurrency. However, since this hot wallet holds the private key in the server existing on the network, it can be said that the method has a relatively high risk of theft due to so-called hacking.

On the other hand, there is a secret key holding method called a cold wallet, which has a relatively higher security than the above hot wallet. This method is a holding method for completely blocking the private key from the network, for example, by printing the private key information on paper and storing it in a physical safe.
With this method, at least the theft of the private key via the network can be completely prevented. However, in the case of the cold wallet, when using the private key information, there is a disadvantage that convenience is lost because a procedure of unlocking the safe, re-digitizing the private key information, and using is required. In other words, since it takes a certain amount of time from the generation of a processing request until the processing is completed, it can be said that this method is not suitable for the usage situation where immediate processing is required.

The method of printing a private key on paper and storing it in a safe is an unrealistic management method in many usage situations, and therefore, block chains are commercially used, for example, by cryptocurrency trading companies. In the field, an intermediate method between hot wallet and cold wallet is used.
Specifically, it is a method of holding a private key by a dedicated device specialized in electronic key management called HSM (Hardware Security Module) installed on an internal network that is shielded from the external network by a firewall.
This method prevents hacking from the outside and at the same time removes the paper on which the private key information is printed from the safe and re-digitizes it, ensuring a certain balance of security and convenience without human intervention. It has become a method taken.

  However, whether a hot wallet, a cold wallet, or an intermediate method between them, if the secret key information is centrally managed by one place or business, it is under the management when the theft occurs. There is a risk that the private key information of all users will be stolen. In fact, many cryptocurrency business operators often steal secret key information that is centrally managed, resulting in loss of users' cryptocurrency assets.

In order to reduce the risk due to centralized management of private keys, it is fundamental to carry out distributed management, that is, private key holders manage private keys individually.
There are roughly two methods for distributed management. One is a method of managing the private key with dedicated application software generally called "wallet application" installed in an information terminal such as a personal computer or a smart phone owned by the user. The other is a method of using dedicated hardware generally called "hardware wallet" designed exclusively for secret key management.
However, with the conventional distributed management method, the former is highly convenient because it can be used as a smartphone application that is used on a daily basis, but the risk of secret key leakage due to theft via the network or computer virus infection cannot be denied. Although the latter is highly safe, it is not a device that is used on a daily basis and requires a certain amount of knowledge to operate, so it cannot be said to be highly convenient.

In addition, the system using the blockchain has a problem of fraud by a legitimate secret key holder, as represented by the double payment problem of cryptocurrency.
This is a fraud utilizing the time lag of data synchronization that occurs because the blockchain is a distributed system. The root of this fraud is that the cryptocurrency can be moved at multiple locations, that is, the private key can be copied and used at multiple locations. For example, assume that a user holds 100 units of virtual currency. If this user remits 100 units to the address managed by him / herself and then immediately shops at the store, the remittance history of the user is not reflected in the node used by the store, and the user This is a case where the product is handed over when it is determined that there is a balance of 100 units.

  Therefore, the present invention has been made in view of the above problems, and an object thereof is to retain and use a secret key in a safe and simple method without impairing the convenience of use, and Another object of the present invention is to provide a private key management system and a private key management method in a distributed network that can prevent fraud by a holder of a valid private key.

  According to the secret key management system in a distributed network of the present invention, the above-mentioned problem is solved by an information terminal that is communicably connected to a node that configures a distributed network and that transmits and receives processing information to and from the node. A secret key management system comprising: a medium that is cut off and has an IC chip incorporated therein that can communicate with the information terminal by a contact-type or non-contact-type communication means via a dedicated reader, the IC chip comprising: Information related to owner information on the distributed network, secret key information for signing the processing information, and first for determining whether or not the secret key information can be accessed from the outside. And unlocking key information, the information terminal stores second unlocking key information for accessing the secret key information stored in the IC chip, and The private key management system includes an unlocking key verification means for verifying the consistency between the first unlocking key information and the second unlocking key information, and the availability of the private key information for verifying the secret key information. And a private key using unit that signs the processing information by using the private key information when it is determined that the private key is available.

  Further, according to the secret key management method in the distributed network of the present invention, an information terminal that is communicatively connected to a node that constitutes the distributed network and that transmits and receives processing information to and from the node is disconnected from the network. A secret key management method using a medium incorporating an IC chip capable of communicating with the information terminal by a contact type or non-contact type communication means via a dedicated reader, wherein the IC chip is the distributed network. Secret key information for signing the processing information, which is information related to the above owner information, and first unlocking key information for judging whether or not the secret key information can be accessed from the outside. And the information terminal stores second unlocking key information for accessing the secret key information stored in the IC chip. The chip can use the secret key information by verifying the unlock key verification step of verifying the consistency between the first unlock key information and the second unlock key information, and the availability of the secret key information. If it is determined that the private key information is used to sign the processing information, the private key using step is executed.

In the private key management system and the private key management method in the distributed network of the present invention configured as described above, in the distributed network, that is, in the distributed ledger technology such as the block chain, the owner certification of the information on the network and the direct The secret key information to be linked is stored in an IC chip that is completely cut off from a network such as a block chain, and only when the secret key information is used, the IC chip and the information terminal communicate with each other via a dedicated reader. It is possible. Then, by using the secret key information, the processing information transmitted / received to / from the block chain (strictly speaking, the nodes forming the block chain) is signed. Further, in order to access the secret key information stored in the IC chip, the IC chip and the information terminal authenticate with the unlock key information held by each other, and the consistency of the unlock key information is obtained. Only in this case, the information terminal can access the secret key information in the IC chip.
As a result, the private key used in the block chain can be held and used by a simple method that does not require the user to make an effort to learn the operation, without sacrificing security or convenience. That is, by using the memory area of the IC chip as the storage location of the private key information, from the viewpoint of improving the security, the private key can be safely held in an environment completely shielded from the network. From the viewpoint of improving convenience, when using the private key, the private key can be easily used by simply holding the IC chip over a dedicated reader that is a reading device. Further, when the private key is used, mutual authentication between the IC chip and the information terminal side prevents the unauthorized use of the private key by a third party.
Since the present invention is characterized in that the IC chip holds secret key information that is directly linked to the owner certification of the information on the block chain, as already performed with electronic money, credit cards, etc., The IC chip is very different from financial information and the like, that is, the balance itself and the authentication information of the user and the user company.

Particularly, describing a preferable configuration of the secret key management system and the secret key management method in the distributed network, the secret key management system is provided with the secret key utilization means on the information terminal side, and the information terminal, It is preferable to further include a secret key requesting unit that requests the IC chip to transmit the secret key information, and a secret key acquiring unit that acquires the secret key information transmitted from the IC chip.
In addition, the information terminal executes the secret key utilization step, and at the same time performs a secret key request step of requesting the IC chip to transmit the secret key information and the secret key information transmitted from the IC chip. The private key acquisition step of acquiring may be further executed.

  In this way, by transmitting the secret key information from the IC chip side to the information terminal side and using the secret key information on the information terminal side to sign the processing information, the processing load on the IC chip side is reduced, The private key can be held and used in a safe and simple manner without impairing the convenience of use.

Further, in particular, a preferable configuration of the private key management system and the private key management method in the distributed network will be described. In the private key management system, the private key utilization means is provided on the IC chip side, and the IC chip Further comprises signed processing information transmitting means for transmitting to the information terminal signed processing information that has signed the processing information by the secret key utilizing means, the information terminal having the IC chip as the processing information. It is preferable to further include unsigned processing information transmitting means for transmitting the above, and signed processing information verifying means for acquiring the signed processing information transmitted from the IC chip and verifying the signed processing information.
The IC chip further executes a signed processing information transmitting step of executing the secret key using step, signing the processing information by the secret key using step, and transmitting the signed processing information to the information terminal. The information terminal executes, the unsigned process information transmitting step of transmitting the process information to the IC chip, and the signed process information transmitted from the IC chip to obtain the signed process information. The signed process information verification step of verifying may be further executed.

  In this way, the information terminal side sends unprocessed processing information to the IC chip side, the IC chip side uses the secret key information to sign the processing information, and the signed processing information is sent to the information terminal side. By doing so, it is not necessary to transmit the secret key information from the IC chip side to the information terminal side to expand it, and thus the security is further improved. Therefore, the private key can be held and used in a safe and simple manner without impairing the convenience of use.

  In addition, to describe a preferable configuration of the private key management system in the distributed network, the information terminal may further include a usage history recording unit that records a usage history of the private key information.

  In this way, by recording the usage history of the private key information, it is possible to prevent the same private key information from being used multiple times, so that it is possible to prevent double payment processing from occurring. .. Therefore, the private key can be held and used by a safe and simple method without impairing the convenience at the time of use, and it is also possible to prevent fraud by the holder of the legitimate private key.

  A preferred configuration of the secret key management system in the distributed network will be described. The secret key information is discarded after the processing information is signed by the secret key using means using the secret key information. , Good.

  In this way, by secretly discarding the private key information in a non-reproducible state immediately after using it, it is possible to prevent the same private key information from being used more than once, thus improving the safety. In addition, it is possible to prevent double payment processing from occurring. Therefore, the private key can be held and used by a safe and simple method without impairing the convenience at the time of use, and it is also possible to prevent fraud by the holder of the legitimate private key.

  In addition, to describe a preferable configuration of the private key management system in the distributed network, it is preferable that the private key information cannot be copied to another medium.

  In this way, the secret key information is prevented from being copied to a medium such as another IC chip, so that the security is further improved and the double payment process can be prevented. Therefore, the private key can be held and used by a safe and simple method without impairing the convenience at the time of use, and it is also possible to prevent fraud by the holder of the legitimate private key.

  In addition, to describe a preferable configuration of the private key management system in the distributed network, the medium is information generated by the private key information and transfers the owner information on the distributed network. It is good to display information for.

  In this way, by displaying the address information and the like generated from the secret key information on the medium such as an IC card incorporating the IC chip, the ownership of the information on the block chain can be easily transferred to the address. , While improving safety, the convenience is improved. Therefore, the private key can be held and used in a safe and simple manner without impairing the convenience of use.

  A preferred configuration of the secret key management system in the distributed network will be described. It is preferable that the medium is a contactless IC card.

  As described above, by using the non-contact type IC card which is widely used as a medium for incorporating the IC chip, the implementation cost can be suppressed, and the user holds the IC card over the dedicated IC reader. Since it is only a simple operation, it ensures safety and improves convenience. Therefore, the private key can be held and used in a safe and simple manner without impairing the convenience of use.

  According to the private key management system and the private key management method in the distributed network of the present invention, it is possible to hold and use the private key in a safe and simple manner without impairing the convenience at the time of use. It is possible to prevent fraud by a holder of such a private key.

It is an image figure showing an outline of a secret key management system. It is a figure for demonstrating the detailed structure of a secret key management system. It is a figure which shows an example of a secret key. It is a flow chart which shows a series of flows of secret key management processing. It is a figure for demonstrating the detailed structure of the secret key management system in other embodiment. It is a flow chart which shows a series of flows of secret key management processing in other embodiments.

Hereinafter, one embodiment of the present invention (hereinafter referred to as “the present embodiment”) will be described.
The present embodiment is a distributed network, that is, private key information used for confirming the ownership of assets on the network in a distributed ledger technology such as a blockchain, without sacrificing convenience at the time of use. The present invention relates to an invention of a private key management system and a private key management method in a distributed network, which can be managed (held and used) by a simple method and can also prevent fraud by a legitimate holder. is there.
In the following, in this specification, the expression "BC" means the abbreviation of block chain. Further, since the technology related to the block chain and the encryption technology using the secret key and the common key are known in the related art, detailed description thereof will be omitted here.

<Outline of private key management system>
First, an outline of the secret key management system S according to the present invention will be described.
FIG. 1 is an image diagram showing an outline of the secret key management system S. FIG. 2 is a diagram for explaining the detailed configuration of the secret key management system S. FIG. 3 is a diagram showing an example of the secret key.

  As shown in FIGS. 1 and 2, the secret key management system S of the present embodiment stores secret key information and an information terminal 1 that is communicatively connected to a block chain (strictly speaking, a node that constitutes the block chain). It mainly comprises an IC card 3 which is a medium incorporating the IC chip 2 to be held, and an IC reader 4 which is a dedicated reader for reading the secret key information in the IC chip 2.

The information terminal 1 has a block chain control program installed, and uses the BC secret key 33 read from the IC chip 2 via the IC reader 4 to make various processing requests to the block chain.
Specifically, as shown in FIG. 1, the BC secret key 33 read from the IC chip 2 is verified, and the BC secret key 33 is used to execute an unsigned transaction (unsigned processing message 34). The signature process. Then, the signed transaction (signed processing message 35) is transmitted to the block chain, and various transactions are executed in the block chain.

When performing a process of changing specific information on the blockchain, the BC secret key 33, which is information related to the owner information of the asset on the blockchain and is directly linked to the owner certificate, is used, and the owner of the information uses it. A signed statement is required.
In the present embodiment, the BC secret key 33 used in the block chain is held not in the information terminal 1 side but in the encrypted memory on the IC chip 2 side completely shielded from the network. Then, the information terminal 1 requests the IC chip 2 to use the BC secret key 33 via the IC reader 4 when performing the process requiring the BC secret key 33 for the block chain as described above.
As is already known about the security of the IC chip 2 as a storage place of information, the IC chip 2 is sufficiently safe and optimal as a storage place of the BC secret key 33.

  Further, in order to prevent unauthorized use of the BC private key 33 by an unauthorized third party, the information terminal 1 and the IC chip 2 perform authentication with the IC unlock keys 31 and 32 that are common keys. Specifically, the information terminal 1 attaches together with the IC unlocking key 31 corresponding to the second unlocking key information, which is the key information for authentication possessed by itself when requesting the BC private key 33. .. The IC chip 2 that has received the request command first corresponds to the first unlocking key information that is the key information for authentication that the IC unlocking key 31 transmitted from the information terminal 1 is held on the IC chip 2 side. The IC unlock key 32 is matched and the communication is permitted only when both the IC unlock keys 31 and 32 match, and the subsequent processing is continued. It should be noted that the IC chip 2 side may also perform the same authentication on the information terminal 1 side by attaching the IC unlock key 32 owned by itself to the reply information to the information terminal 1 side.

  Further, in order to prevent unauthorized use of the BC private key 33 by an unauthorized third party, the BC private key 33 held in the IC chip 2 cannot be copied to other IC chips or other media. And

  Note that, as shown in FIG. 3, an address indicating the information of the owner of the asset on the block chain generated from the BC secret key 33 is displayed by a predetermined algorithm.

<Detailed configuration of the private key management system>
Next, a detailed configuration of each of the information terminal 1 and the IC chip 2 configuring the secret key management system S will be described.

(Information terminal)
First, the information terminal 1 will be described.
The information terminal 1 has at least a CPU as an arithmetic unit that performs control and data calculation / processing, a ROM as a read-only storage device, a RAM as a main memory (main storage device), and an external device that can communicate via a communication line N. And a communication interface for transmitting and receiving data to and from the above devices, and a hard disk drive as an auxiliary storage device and the like as components. It also has an operation screen 5 having the functions of an input device and an output device.

Further, in the information terminal 1, as a constituent element of the secret key management system S, a control program (hereinafter, secret key management program) for exhibiting its function is installed in advance. When the secret key management program is read and executed by the CPU, the function as a device that serves as a component of the secret key management system S is exerted.
Although the function of the information terminal 1 is enjoyed by the user, the method of providing the function to the user may be, for example, a method such as a cloud service or an ASP service.

The hardware configuration of the information terminal 1 is as described above, but the configuration of the information terminal 1 will be described below again in terms of function.
As shown in FIG. 2, the information terminal 1 includes a storage unit 11, a BC secret key request generation unit 12, a BC secret key request transmission unit 13, a BC secret key acquisition unit 14, a BC secret key verification unit 15, and a BC secret key utilization. It has a unit 16, a BC secret key use history recording unit 17, and a BC communication unit 18 as main components.
These functional units are responsible for various kinds of processing executed by the information terminal 1, and are configured by the above-mentioned hardware constituent devices constituting the information terminal 1 and the above-mentioned secret key management program working together. .. Hereinafter, each of the functional units of the information terminal 1 described above will be described.

(Storage unit)
The storage unit 11 includes a hard disk drive, a ROM or a RAM, and stores a secret key management program stored in advance, another program for controlling various functions of the information terminal 1, and other various data. Remembered In addition, when the IC unlock key 31 corresponding to the second unlock key information and the unprocessed processing message 34 corresponding to the processing information are generated, the processing message 34 is stored.

(BC private key request generation unit)
The BC private key request generation unit 12 functions as a private key requesting unit, and requests the BC private key 33 for signing the processing message 34 from the IC chip 2 using the operation screen 5 operated by the user as a starting point. This is a process for generating a secret key request command for performing.

(BC private key request transmission unit)
The BC secret key request transmitting unit 13 functions as a secret key requesting unit, and performs a process of transmitting the secret key request command generated by the BC secret key request generating unit 12 to the IC chip 2. At this time, the IC unlock key 31 held by the information terminal 1 is attached to the secret key request command, and is transmitted to the IC chip 2 together with the secret key request command. The communication with the IC chip 2 is performed by relaying the IC reader 4.

(BC private key acquisition unit)
The BC secret key acquisition unit 14 functions as a secret key acquisition unit, and performs a process of receiving the BC secret key 33 transmitted from the IC chip 2 by relaying it to the IC reader 4.

(BC private key verification unit)
The BC secret key verification unit 15 functions as a secret key utilization unit, expands the BC secret key 33 received by the BC secret key acquisition unit 14, verifies the validity, and determines whether or not the BC secret key 33 can be used. This is a process for confirming.

(BC Private Key Usage Department)
The BC secret key utilization unit 16 functions as a secret key utilization unit, and uses the BC secret key 33 determined to be usable by the BC secret key verification unit 15 to perform a process of signing the processing message 34. .. After using the BC secret key 33, that is, after signing the processing message 34, the BC secret key 33 is immediately discarded in a non-reproducible state.

(BC private key usage history recording unit)
The BC secret key use history recording unit 17 functions as a secret key use history recording unit, and performs a process of checking all use histories of the BC secret key 33. In the usage history here, not only is the processing message 34 signed using the BC secret key 33, but also the processing message 35 signed using the BC secret key 33 is approved by the block chain. It also includes whether or not there is approval and the number of approvals.

(BC communication department)
The BC communication unit 18 is configured by a communication interface, and exchanges data with the outside of the information terminal 1, that is, a block chain, via the Internet, a network such as 3G, 4G, or LTE. The data here includes the signed processing message 35 corresponding to the processing information for the block chain.

(IC chip)
Next, the IC chip 2 will be described.
The IC chip 2 of this embodiment is a semiconductor memory such as a RAM, a ROM, or an EEPROM in which an integrated circuit is formed for recording or calculating information, and a CPU or the like for performing complicated arithmetic processing. Is a type that is not built-in.
Further, in the present embodiment, the non-contact type IC chip 2 capable of communication is incorporated in the IC card 3 as a medium. In this way, by using the non-contact type IC card 3, the processing request using the secret key information can be issued to the block chain simply by holding the IC card 3 having the IC chip 2 over the IC reader 4. You can

  Further, on the face of the IC card 3, a two-dimensional code (not shown) indicating address information indicating information on the owner of the asset on the block chain generated from the BC secret key 33 is printed. By reading the two-dimensional code, the ownership of the information on the block chain can be easily transferred to the address associated with the IC chip 2.

  In the present embodiment, the non-contact type IC card 3 that wirelessly communicates with the IC reader 4 which is a dedicated reader via the built-in antenna is used as the medium incorporating the IC chip 2. The present invention is also applicable to a contact type IC card in which an external device connection terminal formed on the surface of the card and a contact of the external device are directly contacted to communicate. The medium in which the IC chip 2 is incorporated is not limited to the card shape, and may be an IC tag, a mobile information terminal, or the like. When the medium is a portable information terminal or the like, the above two-dimensional code can be displayed on the screen.

Hereinafter, with reference to FIG. 2, the configuration of the IC chip 2 will be described again in terms of function.
The IC chip 2 has a storage unit 21, a BC private key request receiving unit 22, an IC unlocking key verification unit 23, and a BC private key transmitting unit 24 as main components.

(Storage unit)
The storage unit 21 includes a RAM, a ROM, an EEPROM, and the like, and is a BC secret key corresponding to secret key information for signing the processing telegram 34, which is information directly linked to the owner certificate of the information on the block chain. 33 and an IC unlocking key 32 corresponding to the first unlocking key information for determining whether or not the information such as the BC secret key 33 and the like can be accessed from the outside.

(BC private key request receiving unit)
The BC secret key request receiving unit 22 performs a process of receiving the secret key request command transmitted from the information terminal 1 by relaying it to the IC reader 4.

(IC unlock key verification unit)
The IC unlock key verification unit 23 functions as an unlock key verification unit, and when the private key request command transmitted from the information terminal 1 is received by the BC private key request receiving unit 22, the IC unlock key verification unit 23 unlocks the IC from the storage unit 21. The key 32 is taken out, and a process of verifying the consistency between the IC unlocking key 32 and the IC unlocking key 31 transmitted from the information terminal 1 is performed. Then, as a result of the verification, when both the IC unlock keys 31 and 32 are coincident with each other, a process of permitting access to the storage section 21 of the IC chip 2, that is, the IC chip 2 is performed.

(BC private key transmitter)
The BC secret key transmission unit 24 takes out the BC secret key 33 from the storage unit 21 and transmits the BC secret key 33 to the information terminal 1 based on the secret key request command from the information terminal 1. .. The communication with the IC chip 2 is performed by relaying the IC reader 4.

<About private key management method>
Hereinafter, as a description of the secret key management method according to the present embodiment, a flow of a series of operations in the secret key management system S having the above configuration will be described.
The secret key management method according to this embodiment is performed in the entire secret key management system S including the information terminal 1 which is a computer on which the secret key management program operates. In other words, in the secret key management process executed by the secret key management system S, the secret key management method according to this embodiment is applied.
FIG. 4 is a flowchart showing a series of flows of the secret key management process.

First, the information terminal 1 causes the BC secret key request processing to occur due to the user's operation of the operation screen 5 or the like serving as a request starting point (S101), and attaches the IC unlock key 31 held on the information terminal 1 side. Then (S102), a BC secret key request command is generated (S103). The generated BC secret key request command is received by the IC chip 2 side held over the IC reader 4 via the process relay of the IC reader 4 (S104) (S105).
The IC chip 2 takes out the IC unlocking key 32 held on the IC chip 2 side (S106), and verifies the consistency between the IC unlocking key 32 and the received IC unlocking key 31 (S107). As a result of the verification, when it is determined that they match (S108: Yes), the BC secret key 33 is extracted from the storage unit 21 and transmitted to the information terminal 1 (S109).
The information terminal 1 receives the BC secret key 33 via the process relay of the IC reader 4 (S110) (S111), and confirms whether the BC secret key 33 can be used (S112). Then, an unsigned processing message 34 is generated (S113), and a signature process is performed on the processing message 34 using the BC secret key 33 (S114). After using the BC secret key 33, the BC secret key is promptly destroyed (S115). Then, the signed processing message 35 is transmitted to the block chain (S116, S117).
The blockchain side receives the signed processing message 35 and verifies it (S118), and then executes various processes based on the processing message 35 (S119).
The information terminal 1 receives the processing result executed by the block chain (S120), and ends the private key management processing. When it is determined that the IC unlocking keys 31 and 32 do not match (S108: No), the private key management process is ended as it is.

<Overview of Private Key Management System in Other Embodiments>
In the above-described embodiment (first embodiment), with an emphasis on reducing the processing load on the IC chip 2 side, the IC chip 2 holding the BC secret key 33 has a relatively simple configuration and is used as a simple memory medium. An example of using it has been explained.
Hereinafter, as another embodiment (second embodiment), a case where a calculation function such as a CPU is available on the IC chip 102 will be described. In the following description, the same members and the same functional parts as those in the first embodiment will be referred to with the reference numerals in the 100s.

In the second embodiment, the information terminal 101 is mounted on the IC chip 102 on the IC chip 102 side without requesting the IC chip 102 to transmit the BC secret key 133 itself via the IC reader 104. This is different from the first embodiment in that a request is made for processing using the BC secret key 133 that has been generated.
Specifically, the information terminal 101 transmits a processing message 134 in an unsigned state to the IC chip 102, and the BC secret key 133 is not received by the information terminal 101 side, but the BC secret is not changed by the IC chip 102 side. After signing the processing message 134 using the key 133, the signed processing message 135 is received.

<Detailed Configuration of Private Key Management System in Other Embodiments>
Next, a detailed configuration of each of the information terminal 101 and the IC chip 102 configuring the secret key management system S in the second embodiment will be described focusing on the differences from the first embodiment.
FIG. 5 is a diagram for explaining the detailed configuration of the secret key management system S in another embodiment (second embodiment).

(Information terminal)
First, the information terminal 101 will be described.
The hardware configuration of the information terminal 101 is the same as that of the first embodiment, but there is a difference in the functional aspect of the information terminal 101.
That is, as shown in FIG. 5, the information terminal 101 includes a storage unit 111, a BC secret key request generation unit 112, a BC secret key request transmission unit 113, an unsigned process message transmission unit 114, a signed process message acquisition unit 115, It has a signed message telegram verification unit 116, a BC private key usage history recording unit 117, and a BC communication unit 118 as main components.

(BC private key request generation unit)
The BC secret key request generation unit 112 functions as a secret key requesting unit, and uses the BC secret key 133 to sign the processing message 134 with the operation screen 5 operated by the user as a request origin, and the IC chip 102. To generate a secret key request command for requesting the request.

(Unsigned message transmission unit)
The unsigned processing message sending unit 114 functions as an unsigned processing message sending unit and performs a process of sending the generated unsigned processing message 134 to the IC chip 102. At this time, the unsigned processing message 134 is transmitted to the IC chip 102 together with the secret key request command and the IC unlock key 131 transmitted by the BC secret key request transmission unit 113. Communication with the IC chip 102 is performed by relaying the IC reader 104.

(Signed processing message acquisition unit)
The signed processing message acquiring unit 115 functions as a signed processing message verifying unit, and performs a process of receiving the signed processing message 135 transmitted from the IC chip 102 through the IC reader 104.

(Signed processing message verification unit)
The signed processing message verification unit 116 functions as a signed processing message verification unit, and performs a process of verifying the signed processing message acquired by the signed processing message acquisition unit 115.

  The other functions, that is, the storage unit 111, the BC secret key request transmission unit 113, the BC secret key use history recording unit 117, and the BC communication unit 118 are the same as those in the first embodiment. Therefore, the description is omitted here.

(IC chip)
Next, the IC chip 102 will be described.
The IC chip 102 according to the second embodiment is different from that of the first embodiment in that the IC chip 102 has an arithmetic processing function by incorporating a CPU, a coprocessor, or the like, and complicated information processing can be performed in the IC chip 102. To do.
In addition, the non-contact type and the contact type are not limited, and the medium is not limited to the card shape, and the like, as in the first embodiment.

Hereinafter, the configuration of the IC chip 102 will be described in terms of function with reference to FIG.
The IC chip 102 has a storage unit 121, a BC private key request receiving unit 122, an IC unlocking key verification unit 123, a BC private key using unit 124, and a signed processing message sending unit 125 as main components. There is.

(BC private key request receiving unit)
The BC secret key request receiving unit 122 performs a process of receiving the secret key request command and the unsigned processing message 134 transmitted from the information terminal 101 by relaying them through the IC reader 104. The secret key request command in the second embodiment does not mean that the BC secret key 133 is requested to be transmitted, but that the BC secret key 133 is requested to be used.

(BC Private Key Usage Department)
The BC secret key utilization unit 124 functions as a secret key utilization unit, and uses the BC secret key 133 retrieved from the storage unit 121 to perform a process of signing the processing message 134 received from the information terminal 101.

(Signed processing message sending part)
The signed processing message sending unit 125 functions as a signed processing message sending unit, and performs a process of sending the signed processing message 135 signed by the BC secret key using unit 24 to the information terminal 101. Communication with the IC chip 102 is performed by relaying the IC reader 104.

  Since the storage unit 121 and the IC unlocking key verification unit 123 are the same as those in the above-described first embodiment, description thereof will be omitted here.

<Regarding Private Key Management Method in Other Embodiments>
Hereinafter, as a description of the secret key management method according to the second embodiment, a flow of a series of operations in the secret key management system S having the above configuration will be described.
FIG. 6 is a flowchart showing a series of flows of secret key management processing in another embodiment (second embodiment).

First, the information terminal 101 causes the BC secret key request processing to occur due to the user's operation of the operation screen 105 or the like serving as the request starting point (S201), and the IC unlock key 131 held on the information terminal 101 side and the IC unlock key 131 The processing message 134 of the signature is attached (S202, S203) and a BC secret key request command is generated (S204). The generated BC secret key request command is received by the IC chip 102 side over the IC reader 104 via the process relay of the IC reader 104 (S205) (S206).
The IC chip 102 takes out the IC unlocking key 132 held on the IC chip 102 side (S207), and verifies the consistency between the IC unlocking key 132 and the received IC unlocking key 131 (S208). When it is determined that they match with each other as a result of the verification (S209: Yes), the BC secret key 133 is retrieved from the storage unit 121 (S210) and the BC secret key 133 is used for the unsigned processing message 134. Signature processing is performed (S211), and the signed processing message 135 is transmitted to the information terminal 101 (S212).
The information terminal 101 receives the signed processing message 135 via the process relay of the IC reader 104 (S213) and verifies the content of the signed processing message 135 (S215). Then, the signed processing message 135 is transmitted to the block chain (S216, S217).
The blockchain side receives the signed processing message 135 and verifies it (S218), and then executes various processes based on the processing message 135 (S219).
The information terminal 1 receives the processing result executed by the block chain (S220), and ends the private key management processing. If it is determined that the IC unlocking keys 131 and 132 do not match (S209: No), the private key management process is terminated.

<Summary>
As explained above, when performing processing to change specific information on the blockchain, a command statement (processing message) signed by the owner of that information will be required. The request to use the private key can be made using two methods depending on the state of the IC chip at the storage destination. That is, a method of requesting the private key itself and a method of not requesting the private key itself but requesting the IC chip to perform processing such as electronic signature using the private key. In either case, the signed statement is It will be sent to the blockchain.

In the first method (first embodiment), an information terminal communicatively connected to a block chain receives a secret key from an IC chip and signs a command statement on the information terminal side. It is used when the chip is used as a secure memory medium.
In this method, the secret key held in the IC chip is acquired and used by the information terminal via the IC reader. At this time, the private key is expanded in the memory of the information terminal, but the obfuscation technology and the memory space separation function installed in the information terminal itself are used to reduce the risk of leaking the private key. Measure Further, after using the private key, the private key is promptly destroyed in a non-reproducible state.

In the second method (second embodiment), the information terminal communicatively connected to the block chain sends an unsigned command statement to the IC chip, and the IC chip uses the private key to sign the signature. It is used to receive a completed command statement and is used when an arithmetic processing function such as a CPU is available on the IC chip.
In this method, the information terminal requests, via the IC reader, the IC chip to perform processing using the private key mounted on the IC chip instead of the private key itself. Specifically, an unsigned processing message is sent to the IC chip, and a signed processing message electronically signed by the private key in the IC chip is received. In this method, the secret key is not expanded in the memory of the information terminal communicatively connected to the block chain, so that the method emphasizes security more than the first method.

Further, when transmitting the command statement to the block chain, the information terminal becomes in a state in which it is possible to grasp all of the secret key (or the address associated with the secret key or the like) used. In particular, since the private key is not copied, the usage history grasped by the information terminal becomes the entire usage history of the private key.
Furthermore, by checking whether the latest (previous) process using the latest private key has been approved by the blockchain by the information terminal, and the number of times of approval, etc., the previous process has already been transferred to another node. Since it is possible to check whether or not it is also synchronized, it is possible to prevent double payment processing by blocking the next processing request when unapproved processing or the number of approvals is small. it can.

  In addition, there is a risk that information on the block chain associated with the private key will be used by a person other than the original owner if the IC chip or the medium equipped with the IC chip is lost or stolen. This function can stop the use of a specific private key by receiving a report of loss or theft by registering the suspension of use as well as the double payment check.

By using the memory area of the contactless IC chip as the storage location of the private key of the cryptocurrency, from the viewpoint of improving the security, the private key can be safely held in an environment completely shielded from the network. From the viewpoint of improving convenience, when using the private key, the private key can be easily used by simply holding the IC chip over a dedicated reader that is a reading device.
Further, when the private key is used, mutual authentication between the IC chip and the information terminal side prevents the unauthorized use of the private key by a third party.
Furthermore, by preventing copying of the private key to other than the IC chip, it is possible to prevent payment processing from occurring other than to a legitimate information terminal, and prevent fraud called double payment, which is a problem in using cryptocurrency. You can also do it.

As described above, according to the present invention, a secret key that is information related to owner information of an asset on a network in a distributed ledger technology such as a blockchain, and that is directly associated with the owner certificate is stored by the owner himself. Can be managed (held and used) safely and without sacrificing convenience, so that transaction safety and convenience can be improved.
In addition, it is possible to prevent fraud (whether intentionally or unintentionally) by a valid private key holder.
Further, for example, by holding a private key in a contactless IC card that is used daily in Japan or a smart phone equipped with a contactless IC chip, anyone can use the same technology as conventional electronic money. It will be possible to safely and easily make payments in cryptocurrency, etc., and to be able to perform personal authentication, etc. in a system using a blockchain.

In the above-described embodiments (first and second embodiments), the block chain, which is a typical distributed ledger technology, has been mainly described as an example of the distributed network.
However, the above embodiment is merely an example for facilitating the understanding of the present invention, and does not limit the present invention. That is, the present invention can be modified and improved without departing from the spirit thereof and, of course, the present invention includes equivalents thereof.

1 information terminal 2 IC chip 3 IC card 4 IC reader 5 operation screen, etc. 11 storage unit 12 BC secret key request generation unit 13 BC secret key request transmission unit 14 BC secret key acquisition unit 15 BC secret key verification unit 16 BC secret key usage Part 17 BC private key usage history recording part 18 BC communication part 21 Storage part 22 BC secret key request receiving part 23 IC unlocking key verification part 24 BC secret key sending part 31 IC unlocking key 32 IC unlocking key 33 BC secret key 34 Processing message (unsigned)
35 Processing message (signed)
114 unsigned processing message transmitting unit 115 signed processing message acquiring unit 116 signed processing message verifying unit 124 BC private key using unit 125 signed processing message sending unit S private key management system BC block chain

Claims (11)

An information terminal that is communicatively connected to a node that constitutes a distributed network and that transmits and receives processing information to and from the node;
A secret key management system comprising: a medium that is cut off from a network and has an IC chip incorporated therein that can communicate with the information terminal via a dedicated reader by contact-type or non-contact type communication means,
The IC chip determines secret key information for signing the process information, which is information related to owner information on the distributed network, and whether or not the secret key information can be accessed from the outside. To store the first unlocking key information for
The information terminal stores second unlocking key information for accessing the secret key information stored in the IC chip,
The secret key management system is
An unlocking key verification means for verifying the consistency between the first unlocking key information and the second unlocking key information,
Private key use means for verifying availability of the private key information and signing the processing information by using the private key information when it is determined that the private key information is available. Private key management system for distributed network. The secret key management system comprises the secret key utilization means on the information terminal side,
The information terminal,
Secret key request means for requesting the IC chip to transmit the secret key information;
The private key management system in the distributed network according to claim 1, further comprising: a private key acquisition unit that acquires the private key information transmitted from the IC chip. The private key management system includes the private key using means on the IC chip side,
The IC chip is
Further comprising signed processing information transmitting means for transmitting the signed processing information signed by the secret key utilizing means to the processing terminal,
The information terminal,
An unsigned processing information transmitting means for transmitting the processing information to the IC chip;
The distributed network according to claim 1, further comprising: signed processing information verification means for acquiring the signed processing information transmitted from the IC chip and verifying the signed processing information. Private key management system.   4. The secret key management system in a distributed network according to claim 1, wherein the information terminal further includes a usage history recording unit that records a usage history of the secret key information.   5. The distributed type according to claim 1, wherein the secret key information is discarded after the processing information is signed by the secret key using means using the secret key information. Private key management system in network.   6. The secret key management system in a distributed network according to claim 1, wherein the secret key information cannot be copied to another medium.   7. The medium displays information for generating the private key information, the information being for transferring the owner information on the distributed network. A secret key management system in a distributed network according to the paragraph.   8. The secret key management system in a distributed network according to claim 1, wherein the medium is a contactless IC card. An information terminal that is communicatively connected to a node that constitutes a distributed network and that transmits and receives processing information to and from the node;
A secret key management method using a medium that is cut off from a network and has an IC chip incorporated therein, which is capable of communicating with the information terminal by a contact-type or non-contact-type communication means via a dedicated reader,
The IC chip determines secret key information for signing the process information, which is information related to owner information on the distributed network, and whether or not the secret key information can be accessed from the outside. To store the first unlocking key information for
The information terminal stores second unlocking key information for accessing the secret key information stored in the IC chip,
The information terminal or the IC chip is
An unlocking key verification step of verifying the consistency between the first unlocking key information and the second unlocking key information,
A private key using step of verifying the availability of the private key information and signing the processing information by using the private key information when it is judged that the private key information is available. Key management method for distributed network. The information terminal executes the secret key utilization step,
A secret key requesting step for requesting the IC chip to transmit the secret key information;
The secret key management method in a distributed network according to claim 9, further comprising: a secret key acquisition step of acquiring the secret key information transmitted from the IC chip. The IC chip executes the secret key utilization step,
Further executing a signed processing information transmitting step of signing the processing information by the secret key using step and transmitting the signed processing information to the information terminal,
The information terminal,
An unsigned processing information transmitting step of transmitting the processing information to the IC chip;
10. The distributed network according to claim 9, further comprising: a signed processing information verification step of acquiring the signed processing information transmitted from the IC chip and verifying the signed processing information. Private key management method in.

Images