JP2021073564A - Communication device, communication method, and computer program - Google Patents

Abstract

To provide a communication device, a communication method, and a computer program for verifying the legitimacy of a communication partner between communication devices when distributing a public key by means of subscriber identification information associated with user identification information.SOLUTION: In a communication system 1, a communication device 3-1 is equipped with a SIM 100-1 that stores SIM identification information associated with user identification information, and a communication unit 130 that communicates with another communication device 3-2. The SIM 100-1 has a certification authority key storage unit 105 that stores a certification authority public key certificate and a certification authority private key, as a pair, which are shared with the another communication device 3-2, a public key certificate generation unit 102 that generates a first public key certificate containing the SIM identification information or the user identification information associated with the SIM identification information using the certification authority private key, and a private key storage unit 106 that stores the private key paired with the first public key certificate. The communication unit 130 sends the first public key certificate to the another communication device 3-2.SELECTED DRAWING: Figure 1

Description

The present invention relates to communication devices, communication methods, and computer programs.

Conventionally, public key cryptography is known as one of the techniques for concealing communication data. In public key cryptography, public keys (public key certificates) are generally exchanged using PKI (Public Key Infrastructure) (see, for example, Non-Patent Document 1).

ITpro, "Introduction to Information Security --PKI (Part 2) --- Mechanism of X.509 Certificates and PKI", Internet <URL: http://itpro.nikkeibp.co.jp/article/COLUMN/20060725/244233/>

However, in the conventional exchange of public keys (public key certificates) using PKI, the supply side of the public keys (public key certificates) sends the public keys to a certificate authority (CA) of a third-party organization. It took time and effort to send it and have it issued a public key certificate.

The present invention has been made in consideration of such circumstances, and verifies the validity of a communication partner between communication devices when distributing a public key by using the subscriber identification information associated with the user identification information. It is an object of the present invention to provide a communication device, a communication method, and a computer program capable of providing a communication device and a communication method.

(1) One aspect of the present invention is the subscriber identification unit identification which is the subscriber identification unit issued by the communication operator to the user authenticated by the communication operator and is the identification information of the subscriber identification unit. The other communication device receives a verification target public key certificate received from a subscriber identification unit that stores information and a communication device other than the other communication device that stores the public key certificate in advance. The subscriber identification unit includes a communication unit that communicates with the other communication device that is verified by using the public key certificate that is stored in advance, and the subscriber identification unit is the public key certificate that the other communication device stores in advance. Using the key storage unit that stores the private key of the pair for the document in advance and the private key stored in the key storage unit, "the subscriber identification unit identification information or the user identification information that is the user identification information" is used. A public key certificate generation unit that generates a "public key certificate including" and a private key storage unit that stores a pair of private keys for the public key certificate generated by the public key certificate generation unit are provided. The communication unit is a communication device that transmits the public key certificate generated by the public key certificate generation unit to the other communication device, and is a predetermined user identification information and a predetermined user identification information corresponding to the user identification information. The ID password authentication requesting unit that transmits the password to the other communication device and the challenge received from the other communication device are encrypted using the private key stored in the private key storage unit, and the challenge is encrypted. A challenge response authentication processing unit that transmits the received response to the other communication device is further provided, and user authentication by two authentication elements of user identification information and password authentication and challenge and response authentication is the other communication. It is a communication device performed by the device.
(2) One aspect of the present invention is the communication device of (1) above, wherein the other communication device is a communication device of an online service site.
(3) One aspect of the present invention is the subscriber identification unit identification which is the subscriber identification unit issued by the communication operator to the user authenticated by the communication operator and is the identification information of the subscriber identification unit. Another communication device having a subscriber identification unit that stores information and storing a private key in advance, and using the private key that the other communication device stores in advance, "the subscriber identification unit identification information or A communication unit that communicates with the other communication device that generates a "verification target public key certificate including the user identification information that is the user identification information" and the verification target that the communication unit receives from the other communication device. A public key certificate management unit that stores a public key certificate, a key storage unit that stores a pair of public key certificates for the private key stored in advance by the other communication device, and a communication unit that stores the other communication unit. The public key certificate management unit includes a verification unit that verifies the verification target public key certificate received from the communication device using the public key certificate stored in the key storage unit, and the public key certificate management unit performs the verification. A communication device that stores the verification target public key certificate whose validity has been verified in association with the subscriber identification unit identification information or the user identification information included in the verification target public key certificate. , The ID password authentication unit that verifies the validity of the user identification information and the password received from the other communication device, sends a challenge to the other communication device, and receives a response to the challenge from the other communication device. The user identification unit is further provided with a challenge response authentication unit that verifies the received response using the verification target public key certificate of the other communication device stored in the public key certificate management unit. It is a communication device that performs user authentication using two authentication elements: information and password authentication and challenge and response authentication.
(4) One aspect of the present invention is the communication device of (3) above, which is a communication device of an online service site.

(5) One aspect of the present invention is the subscriber identification unit identification which is the subscriber identification unit issued by the communication operator to the user authenticated by the communication operator and is the identification information of the subscriber identification unit. The other communication device receives a verification target public key certificate received from a subscriber identification unit that stores information and a communication device other than the other communication device that stores the public key certificate in advance. In a communication method of a communication device including a communication unit that communicates with the other communication device to be verified by using the public key certificate stored in advance, the subscriber identification unit is used by the other communication device in advance. Using the key storage step in which the private key of the pair for the public key certificate to be stored is stored in advance and the private key stored in the key storage step by the subscriber identification unit, "the subscriber identification unit identification information" is used. Alternatively, the public key certificate generation step for generating the "public key certificate including the user identification information which is the user identification information" and the public key certificate generated by the subscriber identification unit in the public key certificate generation step. A secret key storage step for storing a pair of private keys for a document and a transmission step for the communication unit to transmit the public key certificate generated in the public key certificate generation step to the other communication device are included. In the communication method, the ID password authentication request step in which the communication device transmits the user identification information and a predetermined password corresponding to the user identification information to the other communication device, and the communication device is the other communication device. A challenge response authentication processing step of encrypting a challenge received from a communication device using the private key stored in the secret key storage unit and transmitting the encrypted response of the challenge to the other communication device. Further included, it is a communication method in which user authentication by two authentication elements, authentication by user identification information and key and authentication by challenge and response, is performed by the other communication device.
(6) One aspect of the present invention is the subscriber identification unit identification which is the subscriber identification unit issued by the communication operator to the user authenticated by the communication operator and is the identification information of the subscriber identification unit. Another communication device having a subscriber identification unit that stores information and storing a private key in advance, and using the private key that the other communication device stores in advance, "the subscriber identification unit identification information or In a communication method of a communication device including a communication unit that communicates with the other communication device that generates a "verification target public key certificate including the user identification information that is the user identification information", the communication device is the other. A key storage step for pre-storing a pair of public key certificates for the private key stored in advance by the communication device, and the verification target public key certificate received by the communication unit from the other communication device. The verification step of verifying using the public key certificate stored in the key storage step, and the verification target public key certificate whose validity has been verified by the communication device in the verification step are subjected to the verification target. A communication method including a subscriber identification unit identification information included in a public key certificate or a public key certificate management step stored in association with the user identification information, wherein the communication device is the other communication device. An ID password authentication step for verifying the validity of the user identification information and the password received from the communication device, the communication device transmits a challenge to the other communication device, and a response to the challenge is received from the other communication device. The communication device further includes a challenge response authentication step of verifying the received response using the verification target public key certificate of the other communication device stored in the public key certificate management step. Is a communication method in which user authentication is performed by two authentication elements, authentication by user identification information and password and authentication by challenge and response.

(7) One aspect of the present invention is the subscriber identification unit identification which is the subscriber identification unit issued by the communication operator to the user authenticated by the communication operator and is the identification information of the subscriber identification unit. A verification target public key certificate received from a communication device other than the other communication device that stores the public key certificate in advance in the computer of the self-communication device having a subscriber identification unit that stores information. A communication function for communicating with the other communication device is realized by using the public key certificate stored in advance by the other communication device, and the computer of the subscriber identification unit is used with the other communication device. Using the key storage function that stores in advance the private key of the pair for the public key certificate that is stored in advance and the private key that is stored by the key storage function, "the subscriber identification unit identification information or the user. A public key certificate generation function that generates a "public key certificate that includes user identification information that is the identification information of the user" and a secret that stores the private key of the pair for the public key certificate generated by the public key certificate generation function. The communication function is a computer program that realizes a key storage function and transmits the public key certificate generated by the public key certificate generation function to the other communication device, and is a computer of the own communication device. The secret key storage function stores the ID password authentication request function for transmitting the user identification information and the predetermined password corresponding to the user identification information to the other communication device, and the challenge received from the other communication device. The challenge response authentication processing function of encrypting using the private key and transmitting the encrypted response of the challenge to the other communication device is further realized, and the authentication and challenge using the user identification information and the password and the challenge It is a computer program in which user authentication by two authentication elements, that is, authentication by response, is performed by the other communication device.
(8) One aspect of the present invention is a subscriber identification unit issued by the communication operator to a user authenticated by the communication operator on the computer of the self-communication device, and the identification information of the subscriber identification unit. Another communication device having a subscriber identification unit that stores the subscriber identification unit identification information and storing the private key in advance, and using the private key that the other communication device stores in advance, "the said A communication function that communicates with the other communication device that generates a "verification target public key certificate including the subscriber identification unit identification information or the user identification information that is the user identification information", and the communication function is the other communication. A public key certificate management function for storing the verification target public key certificate received from the device, a key storage function for storing a pair of public key certificates for the private key stored in advance by the other communication device, and a key storage function. The communication function realizes a verification function of verifying the verification target public key certificate received from the other communication device by using the public key certificate stored in the key storage function, and realizes the public key. The certificate management function associates the verification target public key certificate whose validity has been verified by the verification function with the subscriber identification unit identification information or the user identification information included in the verification target public key certificate. A computer program to be stored, which is an ID password authentication function for verifying the validity of the user identification information and password received from the other communication device to the computer of the own communication device, and sends a challenge to the other communication device. Then, the response to the challenge is received from the other communication device, and the received response is used by the verification target public key certificate of the other communication device stored in the public key certificate management function. It is a computer program that further realizes a challenge response authentication function for verification by the user and a function for performing user authentication by two authentication elements, authentication by user identification information and password and authentication by challenge and response.

According to the present invention, it is possible to obtain the effect that the validity of the communication partner can be verified between the communication devices when the public key is distributed by the subscriber identification information associated with the user identification information.

It is a block diagram which shows the communication system 1 which concerns on 1st Embodiment. It is explanatory drawing of the communication method which concerns on 1st Embodiment. It is a block diagram which shows the communication system 1 which concerns on 2nd Embodiment. It is a block diagram which shows the communication system 1 which concerns on 3rd Embodiment. It is explanatory drawing which shows the communication system 1 which concerns on Example 1 of 3rd Embodiment. It is explanatory drawing which shows the communication system 1 which concerns on Example 2 of 3rd Embodiment.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
FIG. 1 is a configuration diagram showing a communication system 1 according to the first embodiment. In FIG. 1, the communication system 1 includes a communication device 3-1 and a communication device 3-2. The communication device 3-1 includes a SIM (Subscriber Identity Module) 100-1, a communication unit 130, and a control unit 140. SIM100-1 stores SIM identification information simid1. SIM identification information simid1 is identification information unique to SIM100-1. SIM100-1 includes a key generation unit 101, a public key certificate generation unit 102, a verification unit 103, an encryption processing unit 104, a certificate authority key storage unit 105, and a secret key storage unit 106.

The communication device 3-2 has the same configuration as the communication device 3-1. In the communication device 3-2 shown in FIG. 1, the parts corresponding to the respective parts of the communication device 3-1 are designated by the same reference numerals. In the following description, when the communication device 3-1 and the communication device 3-2 are not particularly distinguished, they are referred to as "communication device 3". Note that one communication device 3 may include a plurality of SIMs. For example, the communication device 3 may be a communication device having a plurality of SIM slots and capable of switching the connection destination to an arbitrary communication network from the communication networks corresponding to the SIMs inserted in each SIM slot. ..

The communication device 3-2 includes SIM100-2. SIM100-2 stores SIM identification information simid2. The SIM identification information simid2 is identification information unique to SIM100-2.

SIM100-1 is a SIM issued to a user authenticated by a telecommunications carrier. The SIM identification information simid1 of SIM100-1 is stored in the telecommunications carrier database 10 in association with the user identification information of the user authenticated by the telecommunications carrier. Similar to SIM100-1, SIM100-2 is also a SIM issued to a user authenticated by a telecommunications carrier. The SIM identification information simid2 of SIM100-2 is stored in the telecommunications carrier database 10 in association with the user identification information of the user authenticated by the telecommunications carrier. In the following description, when SIM100-1 and SIM100-2 are not particularly distinguished, they are referred to as "SIM100". The SIM 100 may be a SIM issued to a user authenticated by a virtual network operator.

As the SIM identification information, for example, IMSI (International Mobile Subscriber Identity) or ICCID (Integrated Circuit Card ID) may be used. Further, the telephone number associated with the SIM 100 may be used for the SIM identification information of the SIM 100.

The communication unit 130 of the communication device 3-1 and the communication unit 130 of the communication device 3-2 communicate with each other. The communication between the communication unit 130 of the communication device 3-1 and the communication unit 130 of the communication device 3-2 may be wireless communication or wired communication. For example, the communication unit 130 of the communication device 3-1 and the communication unit 130 of the communication device 3-2 may communicate with each other via a wireless communication network such as a wireless LAN or a mobile phone network. Alternatively, the communication unit 130 of the communication device 3-1 and the communication unit 130 of the communication device 3-2 may directly transmit and receive signals by short-range wireless communication technology to perform communication. Alternatively, the communication unit 130 of the communication device 3-1 and the communication unit 130 of the communication device 3-2 may communicate with each other via a communication network such as the Internet, a fixed telephone network, or a wired LAN. Alternatively, the communication unit 130 of the communication device 3-1 and the communication unit 130 of the communication device 3-2 may be connected by a communication cable to perform communication.

In the communication device 3, the control unit 140 includes a CPU (Central Processing Unit) and a memory, and controls each unit included in the communication device 3. The control unit 140 includes an application 150 as its functional unit.

The SIM 100 is a kind of computer, and realizes a desired function by a computer program. In the SIM 100, the certificate authority key storage unit 105 stores a pair of the certificate authority public key certificate C_Krp and the certificate authority private key Krs. The certificate authority public key certificate C_Krp is a public key certificate of the certificate authority public key of the pair of the certificate authority private key Krs. The certificate authority public key certificate C_Krp and the certificate authority private key Krs are safely stored in the SIM 100, for example, at the time of manufacturing the SIM 100. Certificate authority public key certificate C_Krp and certificate authority private key Krs stored in SIM100-1 of communication device 3-1 and certificate authority public key certificate C_Krp and authentication stored in SIM100-2 of communication device 3-2. It is the same as the station secret key Krs.

The certificate authority key storage unit 105 is provided in a non-volatile storage area of the storage area in the SIM 100 that cannot be accessed from the outside of the SIM 100. Therefore, the certificate authority public key certificate C_Krp and the certificate authority private key Krs stored in the certificate authority key storage unit 105 are not accessed from the outside of the SIM 100. In addition, SIM100 has tamper resistance. Therefore, the certificate authority public key certificate C_Krp and the certificate authority private key Krs stored in the certificate authority key storage unit 105 are protected from attacks on the SIM 100.

The key generation unit 101 generates a pair of a public key and a private key. The public key certificate generation unit 102 generates a public key certificate by using the pair of the certificate authority public key certificate C_Krp and the certificate authority private key Krs stored in the certificate authority key storage unit 105. The private key storage unit 106 stores the private key paired with the public key certificate generated by the public key certificate generation unit 102. The secret key storage unit 106 is provided in the non-volatile storage area of the storage area in the SIM 100 that cannot be accessed from the outside of the SIM 100, similarly to the certificate authority key storage unit 105. Therefore, the private key stored in the private key storage unit 106 is not accessed from the outside of the SIM 100. Further, since the SIM 100 has tamper resistance, the private key stored in the private key storage unit 106 is protected from an attack on the SIM 100.

The verification unit 103 verifies the public key certificate received by the communication unit 130 from the other communication device 3 by using the certificate authority public key certificate C_Krp stored in the certificate authority key storage unit 105. The encryption processing unit 104 executes the encryption processing of the public key cryptosystem by using the private key stored in the private key storage unit 106.

Next, the operation of the communication system 1 shown in FIG. 1 will be described with reference to FIG. FIG. 2 is an explanatory diagram of a communication method according to the present embodiment. FIG. 2 shows a case where information is transmitted from the communication device 3-1 to the communication device 3-2. Here, a case where information is transmitted from the communication device 3-1 to the communication device 3-2 will be described as an example, but conversely, a case where information is transmitted from the communication device 3-2 to the communication device 3-1 is also described. Is. The same applies to the case where information is transmitted / received from the communication device 3-1 to another communication device other than the communication device 3-2. That is, the same applies to the case of transmitting and receiving information between a plurality of three or more communication devices.

SIM100-1 of communication device 3-1 and SIM100-2 of communication device 3-2 store the same certificate authority public key certificate C_Krp and certificate authority private key Krs in each certificate authority key storage unit 105. .. In FIG. 2, the certificate authority public key certificate C_Krp and the certificate authority private key Krs are stored in a secure ROM (Secure ROM) in the SIM 100. The secure ROM in the SIM 100 is a non-volatile storage area that cannot be accessed from the outside of the SIM 100.

The control unit 140 of the communication device 3-1 includes a public key / private key issuing application and a signature generation application as the application 150. The processing of these applications is performed in the flash memory (Flash memory) in the control unit 140 of the communication device 3-1. The control unit 140 of the communication device 3-2 includes a public key certificate management application and a signature verification application as the application 150. The processing of these applications is performed in the flash memory in the control unit 140 of the communication device 3-2.

[Procedure for sending public key certificate]
First, steps S1 to S6 of the procedure for sending the public key certificate will be described.

(Step S1) In the communication device 3-1 the public key / private key issuing application instructs SIM100-1 to generate a public key / private key pair. The key generation unit 101 of the SIM 100-1 generates the public key K1p and the private key K1s in response to the instruction. The public key K1p and the private key K1s are generated in the secure RAM (Secure RAM) in the SIM100-1. The secure RAM in the SIM100-1 is a volatile storage area that cannot be accessed from the outside of the SIM100-1. Therefore, the processing performed in the secure RAM in the SIM100-1 is concealed from the outside of the SIM100-1.

(Step S2) In SIM100-1, the secret key storage unit 106 stores the secret key K1s generated by the key generation unit 101. In FIG. 2, the private key K1s is stored in the secure ROM in the SIM100-1.

(Step S3) In SIM100-1, the public key certificate generation unit 102 generates the public key certificate C_K1p of the public key K1p generated by the key generation unit 101. The public key certificate C_K1p is generated in the secure RAM in SIM100-1. The public key certificate C_K1p includes a public key K1p, SIM identification information simid1, and an electronic signature of the public key K1p. The electronic signature of the public key K1p is the encrypted data obtained by encrypting the digest of the data including the public key K1p and the SIM identification information simid1 with the certificate authority private key Krs. Here, a hash value is used as an example of the digest. Further, as an example of the public key certificate format, the public key certificate format of the "X.509" standard defined by ITU-T (International Telecommunication Union-Telecommunication) or the like is used. The public key K1p is stored in a predetermined position in the public key certificate format of the "X.509" standard. Further, the SIM identification information simid1 is stored in the position of "subject parameter: subject name" in the public key certificate format of the "X.509" standard.

The method of generating the public key certificate C_K1p in SIM100-1 will be specifically described. In SIM100-1, the public key certificate generation unit 102 uses a hash value hash (K1p, simid1) of data in the "X.509" standard public key certificate format that stores the public key K1p and the SIM identification information simid1. calculate. Next, the public key certificate generation unit 102 encrypts the hash value hash (K1p, simid1) with the certificate authority private key Krs stored in the certificate authority key storage unit 105 of SIM100-1. The encrypted data Krs (hash (K1p, simid1)) is an electronic signature of the public key K1p. Next, the public key certificate generation unit 102 public key certificate of the "X.509" standard including the public key K1p, the SIM identification information simid1, and the electronic signature Krs (hash (K1p, simid1)) of the public key K1p. It constitutes a public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" in a written format.

SIM100-1 passes the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" generated by the public key certificate generation unit 102 to the public key / private key issuing application.

(Step S4) In the communication device 3-1 the public key / private key issuing application uses the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" received from SIM100-1 in the communication unit 130. Output to. The communication unit 130 transmits the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" to the communication device 3-2.

In the communication device 3-2, the communication unit 130 receives the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" from the communication device 3-1. The communication unit 130 passes the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" to the public key certificate management application.

(Step S5) In the communication device 3-2, the public key certificate management application applies the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" received from the communication device 3-1 to SIM100-. Pass it to 2 and instruct the verification of the public key certificate C_K1p. In SIM100-2, the verification unit 103 uses the certificate authority public key certificate C_Krp stored in the certificate authority key storage unit 105 of SIM100-2 to use the public key certificate C_K1p "K1p, simid1, Krs (hash). (K1p, simid1)) ”will be verified. Verification of this public key certificate C_K1p is performed in the secure RAM in SIM100-2. The secure RAM in the SIM 100-2 is a volatile storage area that cannot be accessed from the outside of the SIM 100-2. Therefore, the processing performed in the secure RAM in the SIM100-2 is concealed from the outside of the SIM100-2.

The verification method of the public key certificate C_K1p in SIM100-2 will be specifically described. In SIM100-2, the verification unit 103 acquires the public key K1p and the SIM identification information simid1 from the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))", and together with the acquired public key K1p. The verification data in which the SIM identification information simid1 is stored in the public key certificate format of the "X.509" standard is generated. In the verification data, the public key K1p is stored at a predetermined position in the public key certificate format of the "X.509" standard. In the verification data, the SIM identification information simid1 is stored at the position of "subject parameter: subject name" in the public key certificate format of the "X.509" standard. Next, the verification unit 103 calculates a verification hash value hash'(K1p, simid1), which is a hash value of the verification data. Next, the verification unit 103 acquires the electronic signature Krs (hash (K1p, simid1)) from the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))", and the acquired electronic signature Krs (hash). (K1p, simid1)) is decrypted with the certificate authority public key Krp of the certificate authority public key certificate C_Krp stored in the certificate authority key storage unit 105 of SIM100-2. By this decoding, the decoded data "Krp · Krs (hash (K1p, simid1))" is obtained. Next, the verification unit 103 determines whether the verification hash value hash'(K1p, simid1) and the decoded data "Krp · Krs (hash (K1p, simid1))" match. As a result of this determination, if they match, the verification of the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" is passed, and if they do not match, the public key certificate C_K1p "K1p," The verification of "simid1, Krs (hash (K1p, simid1))" fails.

In the communication device 3-2, the SIM100-2 notifies the public key certificate management application of the verification result of the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))".

(Step S6) In the communication device 3-2, the public key certificate management application is the result of verification of the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" notified from SIM100-2. If is passed, the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" is stored. In the storage of the public key certificate C_K1p, the SIM identification information stored in the position of "subject parameter: subject name" of the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))". The flash memory in the control unit 140 of the communication device 3-2 is obtained by acquiring the simid1 and associating the acquired SIM identification information simid1 with the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))". Store in.

On the other hand, if the public key certificate management application fails the verification result of the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" notified from SIM100-2, The public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" is destroyed. Moreover, you may execute a predetermined error processing.

[Procedure for sending information]
Next, steps S7 to S12 of the information sending procedure will be described.

(Step S7) In the communication device 3-1 the signature generation application calculates a digest of information to be transmitted to the communication device 3-2. Here, a hash value is used as an example of the digest. The signature generation application passes the calculated hash value hash (information) to SIM100-1 and instructs SIM100-1 to generate a signature.

(Step S8) The encryption processing unit 104 of the SIM 100-1 calculates the hash value hash (hash (information), simid1) of the data including the hash value hash (information) received from the signature generation application and the SIM identification information simid1. To do. Further, the encryption processing unit 104 encrypts the calculated hash value hash (hash (information), simid1) with the secret key K1s stored in the secret key storage unit 106 of the SIM100-1. The encrypted data K1s (hash (hash (information), simid1)) is an electronic signature of information to be transmitted to the communication device 3-2. The generation of the electronic signature K1s (hash (hash (information), simid1)) is performed in the secure RAM in the SIM100-1.

(Step S9) SIM100-1 passes the electronic signature K1s (hash (hash (information), simid1)) generated by the encryption processing unit 104 to the signature generation application.

(Step S10) In the communication device 3-1 the signature generation application outputs the electronic signature K1s (hash (hash (information), simid1)) received from the SIM100-1 to the communication unit 130. The communication unit 130 transmits the electronic signature K1s (hash (hash (information), simid1)), the information to be transmitted to the communication device 3-2, and the SIM identification information simid1 to the communication device 3-2.

In the communication device 3-2, the communication unit 130 receives the electronic signature K1s (hash (hash (information), simid1)), the information, and the SIM identification information simid1 from the communication device 3-1. The communication unit 130 passes the received electronic signature K1s (hash (hash (information), simid1)), information, and SIM identification information simid1 to the signature verification application.

(Step S11) In the communication device 3-2, the signature verification application calculates a verification hash value hash'(information) which is a hash value of the information received from the communication device 3-1. Further, the signature verification application has a verification hash value hash'(information) which is a hash value of data including the verification hash value hash'(information) and SIM identification information simid1 received from the communication device 3-1. , Simid1) is calculated.

(Step S12) In the communication device 3-2, the signature verification application notifies the public key certificate management application of the SIM identification information simid1 received from the communication device 3-1 and requests the public key certificate. The public key certificate management application signs the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" stored in association with the SIM identification information simid1 notified from the signature verification application. Pass to. The signature verification application acquires the public key K1p from the public key certificate C_K1p "K1p, simid1, Krs (hash (K1p, simid1))" received from the public key certificate management application. The signature verification application decrypts the electronic signature K1s (hash (hash (information), simid1)) received from the communication device 3-1 with the acquired public key K1p. By this decoding, the decoded data "K1p · K1s (hash (hash (information), simid1))" is obtained. The signature verification application determines whether the verification hash value hash'(hash' (information), simid1) and the decrypted data "K1p · K1s (hash (hash (information), simid1))" match. If the results of this determination match, the verification of the validity of the information received from the communication device 3-1 is passed. On the other hand, if they do not match, the verification of the validity of the information received from the communication device 3-1 fails. If it fails, the information received from the communication device 3-1 is discarded. Moreover, you may execute a predetermined error processing. For example, it may notify that the information received from the communication device 3-1 has been tampered with, or that the transmitting side of the information is a fake (spoofing, etc.)).

According to this embodiment, the communication device 3 functions as a certificate authority (CA) and generates a public key certificate. Therefore, the supply side of the public key (public key certificate) does not have to send the public key to the certificate authority of a third-party organization to have the public key certificate issued. This has the effect of reducing the time and effort required to exchange the public key (public key certificate). In addition, the burden of costs and application procedures can be reduced as compared with the case of using the conventional PKI.

In the present embodiment, the SIM 100 included in the communication device 3 is a SIM that has been user-authenticated by the communication carrier. This can be the basis of trust in the communication device 3 as a certificate authority.

In the present embodiment, the encryption processing unit 104 of the SIM 100 is an example of the first encryption processing unit. The signature verification application, which is one of the applications 150 of the control unit 140 of the communication device 3, is an example of the second encryption processing unit. The public key certificate management application, which is one of the applications 150 of the control unit 140 of the communication device 3, is an example of the public key certificate management unit. SIM100 is an example of a subscriber identification unit.

The person operating the communication device 3 may be bound (associated) with the communication device 3. For example, a memory authentication for inputting a predetermined password is added to the operation or information to be authenticated. Specifically, for example, when the communication device 3 generates a public key or a public key certificate, a person operating the communication device 3 may be required to enter a predetermined password. Further, when digitally signing with the private key in the SIM 100 of the communication device 3, a person operating the communication device 3 may be required to enter a predetermined password.

Further, on condition that the consent of the owner of the communication device 3 is obtained, the operation history of the communication device 3 (position information at the time of operation, application execution history, etc.) is associated with the public key certificate or the public key certificate. It may be electronically signed by filling in the form of the attached attribute certificate.

Further, on condition that the consent of the owner of the communication device 3 is obtained, the information of the owner owned by the communication carrier is described in the public key certificate or the form of the attribute certificate associated with the public key certificate. You may give an electronic signature.

Further, SIM is a general term for communication modules that store unique identification information associated with user identification information, and is not limited to communication modules used in a specific communication system system. For example, UIM (User Identity Module), USIM (Universal Subscriber Identity Module), eSIM (Embedded Subscriber Identity Module) and the like may be used.

The communication device 3 on the sending side of the public key certificate does not have to have a public key certificate verification function and a public key certificate storage function. Specifically, the communication device 3 on the sending side of the public key certificate does not have to include the verification unit 103 and the public key certificate management application.

Further, the communication device 3 on the receiving side of the public key certificate does not have to have the function of generating the public key certificate. Specifically, the communication device 3 on the receiving side of the public key certificate does not have to include the public key certificate generation unit 102 and the private key storage unit 106.

Further, the SIM 100 may store a pair of a public key and a private key in advance. For example, at the time of manufacturing the SIM 100, a pair of a public key and a private key may be stored in the SIM 100. When the SIM 100 stores a public key / private key pair in advance, the SIM 100 does not have to include the key generation unit 101.
Further, the SIM 100 may have a plurality of public key (public key certificate) and private key pairs generated or stored. In this case, for example, the communication device 3 may use a pair of a public key (public key certificate) and a private key properly according to the communication partner. Further, the communication device 3 may switch to another pair when a certain public key (public key certificate) and private key pair is leaked.

The user identification information associated with the SIM identification information may be included in the public key certificate. When the user identification information is included in the public key certificate, the SIM identification information may not be included in the public key certificate. When the user identification information is included in the public key certificate, the public key certificate management unit may store the public key certificate in association with the user identification information.

Further, the user identification information associated with the SIM identification information may be included in the electronic signature of the information to be transmitted. In this case, when the information is transmitted, the user identification information and the electronic signature are transmitted together.

[Second Embodiment]
The second embodiment is a modification of the first embodiment described above. FIG. 3 is a configuration diagram showing a communication system 1 according to the second embodiment. In FIG. 3, the parts corresponding to the parts of FIG. 1 are designated by the same reference numerals, and the description thereof will be omitted. The communication device 3 according to the second embodiment shown in FIG. 3 further includes a wireless communication unit 160 and a certificate authority key update unit 170 with respect to the communication device 3 of the first embodiment shown in FIG. 1 described above. Hereinafter, the difference from the above-described first embodiment will be mainly described.

In the communication device 3, the wireless communication unit 160 communicates via the wireless communication network 40 connected by using the SIM 100. The SIM 100 stores information for using the wireless communication network 40. The wireless communication unit 160 can use the wireless communication network 40 by using the SIM 100. The wireless communication unit 160 connects to the wireless communication network 40 by a wireless communication line established by using the SIM 100.

The certificate authority key update unit 170 receives a pair of a new certificate authority public key certificate and a certificate authority private key shared with the SIM 100 of the other communication device 3 from the management server device 30 via the wireless communication network 40. The management server device 30 manages a pair of a certificate authority public key certificate and a certificate authority private key. The management server device 30 transmits a new certificate authority public key certificate and a certificate authority private key pair to be shared by the SIM 100s of the plurality of communication devices 3 to the plurality of communication devices 3 via the wireless communication network 40. The certificate authority key update unit 170 passes the pair of the certificate authority public key certificate and the certificate authority private key received from the management server device 30 via the wireless communication network 40 to the SIM 100, and the certificate authority public key certificate and the certificate authority Instruct to update the private key pair. The SIM 100 stores the pair of the certificate authority public key certificate and the certificate authority private key received from the certificate authority key update unit 170 as the latest certificate authority public key certificate and the certificate authority private key pair in the certificate authority key storage unit 105. To do. As a result, the certificate authority public key certificate and the certificate authority private key pair shared by the SIM 100s of the plurality of communication devices 3 are updated with the new certificate authority public key certificate and the certificate authority private key pair.

According to the present embodiment, when the pair of the certificate authority public key certificate and the certificate authority private key held by the SIM 100 is updated to a new one for some reason, the new certificate authority public key certificate and the certificate authority private key are used. The pair can be supplied to each SIM 100 by wireless communication. Therefore, there is no need to replace the SIM100 in order to update the pair of the certificate authority public key certificate and the certificate authority private key to a new one. This has the effect of reducing the burden of updating the pair of the certificate authority public key certificate and the certificate authority private key to a new one.

[Third Embodiment]
The third embodiment is an application example of the first embodiment or the second embodiment described above. FIG. 4 is a configuration diagram showing a communication system 1 according to a third embodiment. The communication system 1 shown in FIG. 4 includes a communication terminal 3-3 and a communication terminal 3-4. The communication terminal 3-3 and the communication terminal 3-4 have the same configuration as the communication device 3 of the first embodiment or the second embodiment described above. The communication terminal 3-3 and the communication terminal 3-4 may be, for example, a mobile communication terminal device such as a smartphone or a tablet computer (tablet PC), or a stationary communication terminal device (for example, stationary). It may be a stationary personal computer, a server computer, a home gateway, etc.).

The communication terminal 3-3 includes SIM100-3. The communication terminal 3-4 includes SIM100-4. SIM100-3 and SIM100-4 have the same configuration as SIM100 of the first embodiment or the second embodiment described above. As a result, SIM100-3 and SIM100-4 are provided with a certificate authority (CA) 210 as a functional unit thereof. Therefore, the communication terminal 3-3 and the communication terminal 3-4 function as a certificate authority (CA). The certificate authority 210 of SIM100-3 and the certificate authority 210 of SIM100-4 have the same certificate authority public key certificate and certificate authority private key pair.

SIM100-3 and SIM100-4 include a client 220 as a functional unit thereof. In SIM100-3, the client 220 passes its public key to the certificate authority 210 to generate a public key certificate (client public key certificate) of the public key. Similarly, in SIM100-4, the client 220 passes its public key to the certificate authority 210 to generate a public key certificate (client public key certificate) of the public key.

The communication terminal 3-3 and the communication terminal 3-4 include an application 240. The processing of the application 240 is performed in the memory 230 in the self-communication terminal. Application 240 performs authentication processing and signature processing.

As shown in FIG. 4, in the communication system 1 according to the third embodiment, the communication terminal 3-3 and the communication terminal 3-4 transmit their own client public key certificate to the communication partner. Each of the communication terminal 3-3 and the communication terminal 3-4 verifies the validity of the received client public key certificate by its own certificate authority 210. The communication terminal 3-3 and the communication terminal 3-4 use the client public key certificate of the communication partner after confirming the validity by its own certificate authority 210. The client public key certificate is used for mutual authentication between communication terminals and electronic signatures of information exchanged between communication terminals. Examples of the mutual authentication method include a challenge-response authentication method.

Next, an embodiment according to the third embodiment will be described.

(Example 1)
The first embodiment according to the third embodiment will be described with reference to FIG. FIG. 5 is an explanatory diagram showing a communication system 1 according to a first embodiment of the third embodiment. Communication system 1 shown in FIG. 5 is applied to an online banking service system. In FIG. 5, the communication terminal 3-3 includes an application 310 of an online banking service system. The communication terminal 3-4 includes a service site 320 of an online banking service system. Hereinafter, the communication method according to the communication system 1 shown in FIG. 5 will be described.

(Step S101) In the communication terminal 3-3, the application 310 performs an input process of a user ID (identification information) and a password (Password) as a login process to the service site 320. The application 310 transmits the ID and password input by the user to the service site 320 of the communication terminal 3-4. In the communication terminal 3-4, the service site 320 verifies the validity of the ID and password received from the application 310 of the communication terminal 3-3 as a login process. If the result of this verification is acceptable, the process proceeds to the subsequent processing. On the other hand, if the verification of the ID and password fails, the process ends. If the verification of the ID and password fails, a predetermined error process may be executed.

(Step S102) In the communication terminal 3-3, the application 310 transmits the client public key certificate of the own communication terminal to the service site 320 of the communication terminal 3-4.

(Step S103) In the communication terminal 3-4, the service site 320 verifies the validity of the client public key certificate received from the application 310 of the communication terminal 3-3 by the certificate authority 210 of the own communication terminal. If the result of this verification is acceptable, the process proceeds to the subsequent processing. On the other hand, if the verification of the client public key certificate fails, the process ends. If the verification of the client public key certificate fails, the predetermined error processing may be executed.

(Step S104) In the communication terminal 3-4, the service site 320 generates a random number, and the generated random number is used as a challenge value. The service site 320 transmits a challenge value (random number) to the application 310 of the communication terminal 3-3.

(Step S105) In the communication terminal 3-3, the application 310 uses the challenge value (random number) received from the service site 320 of the communication terminal 3-4 as a secret pair with the public key of the client public key certificate of the own communication terminal. Encrypt with key Ks. The encryption of the challenge value (random number) is performed in the secure RAM in the SIM100-3 of the communication terminal 3-3. The application 310 transmits the encrypted data Ks (random number), which is the result of encryption of the challenge value (random number), as a response value to the service site 320 of the communication terminal 3-4.

(Step S106) In the communication terminal 3-4, the service site 320 verifies the validity of the response value Ks (random number) received from the application 310 of the communication terminal 3-3 by the client public key certificate of the communication terminal 3-3. Validate using the public key. For example, if the result of decoding the response value Ks (random number) with the public key matches the challenge value (random number), the verification is passed, while if it does not match the challenge value (random number), the verification is rejected. To do. If the result of verification of the response value Ks (random number) is passed, the login to the service site 320 is successful. On the other hand, if the verification of the response value Ks (random number) fails, the login to the service site 320 fails. If the verification of the response value Ks (random number) fails, a predetermined error process may be executed.

According to the first embodiment, in the user authentication, in addition to the ID / password authentication, the challenge / response authentication can be further performed. As a result, user authentication can be performed by two authentication elements, ID / password authentication and challenge / response authentication, so that the reliability of user authentication is improved. For this reason, conventionally, in order to improve the reliability of ID / password authentication, tools such as a random number table for updating passwords and a time-synchronized one-time password generation application have been used. This makes it possible to avoid using those tools.

Further, since the service site 320 stores the client public key certificate of the communication terminal 3-3, if the communication terminal 3-3 is lost, the user cannot use the client public key certificate of the communication terminal 3-3. In that case, the user authentication of the user fails in the challenge-response authentication. This functions as a remote lock for logging in to the service site 320 by the user's ID when the communication terminal 3-3 is lost.

(Example 2)
The second embodiment according to the third embodiment will be described with reference to FIG. FIG. 6 is an explanatory diagram showing a communication system 1 according to a second embodiment of the third embodiment. The communication system 1 shown in FIG. 6 is applied to an online shopping service system. In FIG. 6, the communication terminal 3-3 includes the application 410 of the online shopping service system. The communication terminal 3-4 includes a service site 420 of the online shopping service system. Hereinafter, the communication method according to the communication system 1 shown in FIG. 6 will be described. In FIG. 6, the parts corresponding to each step in FIG. 5 are designated by the same reference numerals, and the description thereof will be omitted.

In FIG. 6, as a result of executing the processes from steps S101 to S106, the user authentication passed, and the login to the service site 420 with the user's ID was successful. After that, the user executes an online shopping purchasing operation with the ID at the service site 420.

(Step S201) In the communication terminal 3-3, the application 410 digitally signs the purchase operation information indicating the purchase operation performed by the user by using the public key of the client public key certificate of the own communication terminal and the private key Ks of the pair. Generate. The generation of the electronic signature is performed in the secure RAM in the SIM100-3 of the communication terminal 3-3. The application 410 transmits the purchase operation information and the electronic signature of the purchase operation information to the service site 320 of the communication terminal 3-4.

(Step S202) In the communication terminal 3-4, the service site 420 verifies the validity of the electronic signature of the purchase operation information received from the application 410 of the communication terminal 3-3 of the client public key certificate of the communication terminal 3-3. Validate using public key. If the result of the verification of the electronic signature of the purchase operation information is passed, the service site 420 accepts the purchase operation indicated by the purchase operation information received from the application 410 of the communication terminal 3-3. As a result, the purchasing operation performed by the user is executed at the service site 420. On the other hand, if the verification of the electronic signature of the purchase operation information fails, the service site 420 does not accept the purchase operation indicated by the purchase operation information received from the application 410 of the communication terminal 3-3. As a result, the purchasing operation performed by the user is not executed at the service site 420. If the verification of the electronic signature of the purchase operation information fails, a predetermined error process may be executed.

According to the second embodiment, as in the first embodiment, the user authentication can be performed by two authentication elements, ID / password authentication and challenge / response authentication, so that the reliability of the user authentication is improved. To do.

Further, according to the second embodiment, when accepting a purchase operation, the validity of the purchase operation can be confirmed by verifying the validity of the electronic signature of the purchase operation information. For this reason, conventionally, identity verification by telephone was performed to confirm the validity of the purchasing operation, but according to the second embodiment, it is possible to avoid performing identity verification by telephone. ..

Although the embodiments of the present invention have been described in detail with reference to the drawings, the specific configuration is not limited to this embodiment, and design changes and the like within a range not deviating from the gist of the present invention are also included.

A computer program for realizing the functions of the communication device or the communication terminal according to the above-described embodiment is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read by the computer system and executed. You may try to do it. The "computer system" referred to here may include hardware such as an OS and peripheral devices.
The "computer-readable recording medium" is a writable non-volatile memory such as a flexible disk, a magneto-optical disk, a ROM, or a flash memory, a portable medium such as a DVD (Digital Versatile Disc), or a built-in computer system. A storage device such as a hard disk.

Furthermore, the "computer-readable recording medium" is a volatile memory inside a computer system that serves as a server or client when a program is transmitted via a network such as the Internet or a communication line such as a telephone line (for example, DRAM (Dynamic)). It also includes those that hold the program for a certain period of time, such as Random Access Memory)).
Further, the program may be transmitted from a computer system in which this program is stored in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the "transmission medium" for transmitting a program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line.
Further, the above program may be for realizing a part of the above-mentioned functions. Further, a so-called difference file (difference program) may be used, which can realize the above-mentioned functions in combination with a program already recorded in the computer system.

1 ... Communication system, 3-1, 3-2 ... Communication device, 3-3, 3-4 ... Communication terminal, 10 ... Communication operator database, 30 ... Management server device, 40 ... Wireless communication network, 100-1 to 4 ... SIM, 101 ... Key generation unit, 102 ... Public key certificate generation unit, 103 ... Verification unit, 104 ... Cryptographic processing unit, 105 ... Certificate authority key storage unit, 106 ... Private key storage unit, 130 ... Communication unit, 140 ... Control unit, 160 ... Wireless communication unit, 170 ... Certificate authority key update unit, 210 ... Certificate authority

Claims (8)

A subscriber identification unit that is a subscriber identification unit issued by the telecommunications carrier to a user authenticated by the telecommunications carrier and stores the subscriber identification unit identification information that is the identification information of the telecommunications carrier.
Use the public key certificate that is another communication device that stores the public key certificate in advance and that the other communication device stores in advance the public key certificate to be verified received from the communication device other than the other communication device. A communication unit that communicates with the other communication device is provided.
The subscriber identification unit
A key storage unit that stores in advance the private key of the pair for the public key certificate that is stored in advance by the other communication device, and
Public key certificate generation to generate "public key certificate including the subscriber identification unit identification information or the user identification information which is the user identification information" using the private key stored in the key storage unit. Department and
A private key storage unit that stores a pair of private keys for the public key certificate generated by the public key certificate generation unit is provided.
The communication unit is a communication device that transmits the public key certificate generated by the public key certificate generation unit to the other communication device.
An ID password authentication requesting unit that transmits the user identification information and a predetermined password corresponding to the user identification information to the other communication device, and
A challenge response authentication processing unit that encrypts a challenge received from the other communication device using the secret key stored in the secret key storage unit and transmits a response in which the challenge is encrypted to the other communication device. And, with more
User authentication by two authentication elements, authentication by user identification information and password and authentication by challenge and response, is performed by the other communication device.
Communication device. The other communication device is a communication device of an online service site.
The communication device according to claim 1. It is provided with a subscriber identification unit that stores the subscriber identification unit identification information that is the subscriber identification unit issued by the communication operator and is the identification information of the subscriber identification unit for the user authenticated by the communication operator. Another communication device that stores the private key in advance, and the private key that the other communication device stores in advance is used to "use the subscriber identification unit identification information or the user identification information that is the user identification information. A communication unit that communicates with the other communication device that generates a "verification target public key certificate including"
A public key certificate management unit that stores the verification target public key certificate received by the communication unit from the other communication device, and a public key certificate management unit.
A key storage unit that stores in advance a pair of public key certificates for the private key that the other communication device stores in advance.
The communication unit includes a verification unit that verifies the verification target public key certificate received from the other communication device by using the public key certificate stored in the key storage unit.
The public key certificate management unit uses the verification target public key certificate whose validity has been verified by the verification unit as the subscriber identification unit identification information or the user identification information included in the verification target public key certificate. A communication device that is stored in association with
An ID password authentication unit that verifies the validity of the user identification information and password received from the other communication device, and
The challenge is transmitted to the other communication device, the response to the challenge is received from the other communication device, and the received response is stored in the public key certificate management unit. Challenge-response authentication unit that verifies using the public key certificate to be verified,
With more
User authentication is performed using two authentication factors: user identification information and password authentication, and challenge and response authentication.
Communication device. A communication device for online service sites,
The communication device according to claim 3. A subscriber identification unit that is a subscriber identification unit issued by the telecommunications carrier to a user authenticated by the telecommunications carrier and stores the subscriber identification unit identification information that is the identification information of the telecommunications carrier.
Use the public key certificate that is another communication device that stores the public key certificate in advance and that the other communication device stores in advance the public key certificate to be verified received from the communication device other than the other communication device. In a communication method of a communication device including a communication unit that communicates with the other communication device.
A key storage step in which the subscriber identification unit stores in advance the private key of the pair for the public key certificate that is stored in advance by the other communication device.
The subscriber identification unit uses the private key stored in the key storage step to generate "a public key certificate including the subscriber identification unit identification information or the user identification information which is the user identification information". Public key certificate generation step and
A private key storage step in which the subscriber identification unit stores a pair of private keys for the public key certificate generated in the public key certificate generation step.
A communication method including a transmission step in which the communication unit transmits the public key certificate generated in the public key certificate generation step to the other communication device.
An ID password authentication request step in which the communication device transmits the user identification information and a predetermined password corresponding to the user identification information to the other communication device.
The communication device encrypts the challenge received from the other communication device using the secret key stored in the secret key storage unit, and transmits the response in which the challenge is encrypted to the other communication device. Including the challenge-response authentication processing step,
User authentication by two authentication elements, authentication by user identification information and password and authentication by challenge and response, is performed by the other communication device.
Communication method. It is provided with a subscriber identification unit that stores the subscriber identification unit identification information that is the subscriber identification unit issued by the communication operator and is the identification information of the subscriber identification unit for the user authenticated by the communication operator. Another communication device that stores the private key in advance, and the private key that the other communication device stores in advance is used to "use the subscriber identification unit identification information or the user identification information that is the user identification information. In the communication method of the communication device including the communication unit that communicates with the other communication device that generates the "verification target public key certificate including".
A key storage step in which the communication device previously stores a pair of public key certificates for the private key that the other communication device stores in advance.
A verification step in which the communication device verifies the verification target public key certificate received by the communication unit from the other communication device using the public key certificate stored in the key storage step.
The communication device stores the verification target public key certificate whose validity has been verified in the verification step in association with the subscriber identification unit identification information or the user identification information included in the verification target public key certificate. A communication method that includes a public key certificate management step.
An ID password authentication step in which the communication device verifies the validity of the user identification information and the password received from the other communication device.
The communication device transmits a challenge to the other communication device, receives a response to the challenge from the other communication device, and stores the received response in the public key certificate management step. Challenge-response authentication step to verify using the verification target public key certificate of the communication device of
Including
The communication device performs user authentication by two authentication elements, authentication by user identification information and password and authentication by challenge and response.
Communication method. It is provided with a subscriber identification unit that stores the subscriber identification unit identification information that is the subscriber identification unit issued by the telecommunications carrier and is the identification information of the subscriber identification unit for the user authenticated by the telecommunications carrier. To the computer of the self-communication device
Use the public key certificate that is another communication device that stores the public key certificate in advance and that the other communication device stores in advance the public key certificate to be verified received from the communication device other than the other communication device. To realize a communication function that communicates with the other communication device
On the computer of the subscriber identification unit,
A key storage function that stores in advance the private key of the pair for the public key certificate that is stored in advance by the other communication device, and
A public key certificate generation that uses the private key stored by the key storage function to generate a "public key certificate including the subscriber identification unit identification information or the user identification information which is the user identification information". Function and
A private key storage function for storing a pair of private keys for the public key certificate generated by the public key certificate generation function is realized.
The communication function is a computer program that transmits the public key certificate generated by the public key certificate generation function to the other communication device.
To the computer of the self-communication device
An ID password authentication request function for transmitting the user identification information and a predetermined password corresponding to the user identification information to the other communication device, and
A challenge response authentication processing function that encrypts a challenge received from the other communication device using the secret key stored in the secret key storage function and transmits the encrypted response of the challenge to the other communication device. And, further realized,
User authentication by two authentication elements, authentication by user identification information and password and authentication by challenge and response, is performed by the other communication device.
Computer program. To the computer of the self-communication device
It is provided with a subscriber identification unit that stores the subscriber identification unit identification information that is the subscriber identification unit issued by the communication operator and is the identification information of the subscriber identification unit for the user authenticated by the communication operator. Another communication device that stores the private key in advance, and the private key that the other communication device stores in advance is used to "use the subscriber identification unit identification information or the user identification information that is the user identification information. A communication function that communicates with the other communication device that generates a "verification target public key certificate including"
A public key certificate management function for storing the verification target public key certificate received by the communication function from the other communication device, and a public key certificate management function.
A key storage function that stores in advance a pair of public key certificates for the private key that the other communication device stores in advance,
The communication function realizes a verification function of verifying the verification target public key certificate received from the other communication device by using the public key certificate stored in the key storage function.
The public key certificate management function uses the verification target public key certificate whose validity has been verified by the verification function as the subscriber identification unit identification information or the user identification information included in the verification target public key certificate. A computer program that is stored in association with
To the computer of the self-communication device
An ID password authentication function that verifies the validity of the user identification information and password received from the other communication device, and
The challenge is transmitted to the other communication device, a response to the challenge is received from the other communication device, and the received response is stored in the public key certificate management function of the other communication device. Challenge-response authentication function that verifies using the public key certificate to be verified,
Further realize the function of performing user authentication by two authentication elements, authentication by user identification information and password and authentication by challenge and response.
Computer program.

Images