JP4130575B2 - Digital signature method in signer apparatus and digital signature program for signer apparatus - Google Patents

Description

まず、場合Ａについては、さらに詳細には次の４つの場合があり得る。
【０１９９】
Ａ−１．自身が持つ部分秘密鍵の漏洩を検知した第三者機関装置３がその部分秘密鍵を用いた署名要求には応じない場合。
【０２００】
この場合は、正当な方法によらずに、署名検証に合格し、かつ第三者機関装置３に署名ログが残るように署名付きメッセージが生成されることはありえない。したがって、ディジタル署名の真正性判定の手順（図１２を参照）に基づいた真正性判定が行われる場合、その対象となる署名付きメッセージは不正な方法で生成されたものであると判定される。具体的には、図１２のステップＳ８０３あるいはＳ８０５において、真正性判定の対象となる署名付きメッセージは不正と判定され（ステップＳ８０４あるいはＳ８０６での判定に対応）、ディジタル署名の非生成証明が成立する（○）。
【０２０１】
Ａ−２．第三者機関装置３において自身の持つ部分秘密鍵の漏洩が検知されず、署名者装置１においては、自身の持つ部分秘密鍵の漏洩が検知され、第三者機関装置３に対してその部分秘密鍵に対応する秘密鍵の失効を通知する場合。
【０２０２】
この場合は、第三者機関装置３が署名者装置１から失効通知を受信した後、その第三者機関装置３に対して当該部分秘密鍵を用いた署名要求が届いたとき、第三者機関装置３は失効通知の記録からその部分秘密鍵に対応する秘密鍵が失効していることを検知し、署名要求には応じないことになるので、正当な方法によらずに署名検証に合格し、なおかつ第三者機関装置３の署名ログが残るように署名付きメッセージが生成されることはありえない。したがって、ディジタル署名の真正性判定においては、対象となる署名付きメッセージが不正な方法で生成されたものである他はない。すなわち、図１２のステップＳ８０３あるいはＳ８０５において、調停の対象となる署名付きメッセージは不正と判定され（ステップＳ８０４あるいはＳ８０６での判定に対応）、ディジタル署名の非生成証明が成立する（○）。
【０２０３】
Ａ−３．第三者機関装置３において自身の持つ部分秘密鍵の漏洩が検知されず、署名者装置１においては、自身の持つ部分秘密鍵の漏洩が検知されるが、当該秘密鍵の失効を第三者機関装置３に通知しない場合。
【０２０４】
この場合は、「非生成証明の実現条件１」が満たされておらず、正当な方法によらずにディジタル署名が生成されたのにも関わらず、図１２の真正性判定処理において不正な署名と判定されないことがありえる（図２０の場合３０２に該当）。具体的には、図１２のステップＳ８０３においてＹｅｓと判定され、さらにステップＳ８０５でもＹｅｓと判定される可能性がある。すなわち、不正な方法でディジタル署名が生成されたにもかかわらず、そのディジタル署名の非生成証明を行うことができないこともあり得る（○または×）。
【０２０５】
Ａ−４．第三者機関装置３において自身の持つ部分秘密鍵の漏洩が検知されず、署名者装置１においても自身の持つ部分秘密鍵の漏洩が検知されない場合。攻撃者装置２１が暗号ブレーク等の何らかの方法により、署名者装置１や第三者機関装置３に知られることなく秘密鍵の全体を取得する状況もこの場合に含まれる。
【０２０６】
この場合も、「非生成証明の実現条件１」が満たされておらず、正当な方法によらずにディジタル署名が生成されたのにも関わらず、図１２の真正性判定処理において不正と判定されないことが起こる可能性があり（図２０の場合３０２に該当）、非生成証明が実現されないこともある（○または×）。このことが起こる具体的な真正性判定処理の流れは、上記Ａ−３と同様である。
【０２０７】
次に、場合Ｂについて説明する。場合Ｂにおいては、より詳細には次の３つの場合があり得る。
【０２０８】
Ｂ−１．署名者装置１においては、自身の持つ部分秘密鍵の漏洩が検知きれ、その部分秘密鍵に対応する秘密鍵の失効を第三者機関装置３に通知する場合。
【０２０９】
この場合は、第三者機関装置３が失効通知を受信した後においては、第三者機関装置３に対して、当該部分秘密鍵を用いた署名要求が届いたとき、第三者機関装置３は失効通知の記録からその部分秘密鍵に対応する秘密鍵が失効していることを検知し、署名要求には応じないことになる。よって、正当な方法によらずに、署名検証に合格する署名付きメッセージが生成されることはありえない。したがって、ディジタル署名の真正性についての調停手続きが行われる場合、調停の対象となる署名付きメッセージは不正な方法で生成されたものである他はない。具体的には、図１２のステップＳ８０３において、調停の対象となる署名付きメッセージは不正と判定され（ステップＳ８０４の判定に相当）、署名の非生成証明が成立する（○）。
【０２１０】
Ｂ−２．署名者装置１で自身の持つ部分秘密鍵の漏洩が検知されたにも関わらず、第三者機関装置３に対して対応する秘密鍵の失効を通知しない場合。
【０２１１】
この場合は、「非生成証明の実現条件２」が満たされておらず、正当な方法によらずにディジタル署名が生成されたのにもかかわらず、図１２に示す真正性判定処理において不正なディジタル署名と判定されないことがあり得る（図２０の場合３０２に該当）。
【０２１２】
具体的には、署名者装置１の持つ部分秘密鍵を不正に取得した攻撃者装置２１が、分散署名生成手続きにおいて、何らかの方法で第三者機関装置３に対する本人認証を通過することによって本人になりすまし、分散署名を生成することが可能である。この場合、図１２のステップＳ８０３においてＹｅｓと判定され、さらにステップＳ８０５の判定でもＹｅｓと判定されることになる。すなわち、不正な方法でディジタル署名が生成されたにもかかわらず、署名の非生成証明を行うことができないこともある（○または×）。
【０２１３】
Ｂ−３．署名者装置１においても自身の持つ部分秘密鍵の漏洩が検知されない場合。
【０２１４】
この場合は、「非生成証明の実現条件２」が満たされておらず、正当な方法によらずに署名が生成されたのにもかかわらず、図１２の調停手続きにおいて不正な署名と判定されないことがありえる。具体的には場合（Ｂ−２）で述べたのと同様の手順により、不正な方法でディジタル署名が生成されたにもかかわらず、署名の非生成証明を行うことができないことがあり得る（○または×）。
【０２１５】
第３に、場合Ｃについて説明する。詳細には次の２つの場合がありえる。
【０２１６】
Ｃ−１．第三者機関装置３において自身の持つ部分秘密鍵の漏洩が検知され、それ以後はその部分秘密鍵を用いた署名要求には応じない場合。
【０２１７】
この場合、第三者機関装置３の持つ部分秘密鍵を不正に取得した攻撃者装置２１が、分散署名生成手続きにおいて、何らかの方法で署名者装置１に対する第三者機関認証を通過することによって第三者機関装置３になりすまし、分散署名を生成することが可能である。しかし、第三者機関装置３はその部分秘密鍵を用いた署名要求には応じないため、第三者機関装置３の署名ログに当該の署名ログを残すことは不可能である。したがって、ディジタル署名の真正性判定処理が行われる場合、判定の対象となる署名付きメッセージは、図１２のステップＳ８０３においてＹｅｓと判定されることは可能であるが、ステップＳ８０５においてＮｏと判定され（ステップＳ８０６の判定に対応）、不正なディジタル署名と判定される。この結果、非生成証明が成立する（○）。
【０２１８】
Ｃ−２．第三者機関装置３において自身の持つ部分秘密鍵の漏洩が検知されない場合。
【０２１９】
この場合にも前述したＣ−１における場合と同様に、第三者機関装置３の持つ部分秘密鍵を不正に取得した攻撃者装置２１が、分散署名生成手続きにおいて、何らかの方法で署名者装置１に対する第三者機関認証を通過することにより第三者機関装置３になりすまし、分散署名を生成することが可能である。このように生成された署名付きメッセージの真正性を判定する場合には、場合Ｃ−１と同様に、その署名付きメッセージは不正な署名と判定され、非生成証明が成立する（○）。
【０２２０】
なお、この場合には、署名者装置１が分散署名の要求を第三者機関装置３に送信したとき、第三者機関装置３はそれに応じるため、秘密鍵の一部漏洩にもかかわらず、正当な分散署名手続きによって署名付きメッセージが生成されることもあり得る。このように生成された署名付きメッセージが真正性判定装置７に持ち込まれたときには、その署名付きメッセージは正当なものと判定され、否認の防止が実現されることになる。
【０２２１】
最後に、場合Ｄについて説明する。
この場合、不正に生成された署名付きメッセージについて、ディジタル署名の真正性判定処理が行われる場合、図１２のステップＳ８０３においてＮｏと判定され、そのディジタル署名は不正なものと判定される（ステップＳ８０４の判定に対応）。よってディジタル署名の非生成証明が実現される（図２０の場合２０１に該当、○）。
【０２２２】
以上をまとめると、ディジタル署名の非生成証明が実現されないことが起こり得るのは、場合Ａ−３，場合Ａ−４，場合Ｂ−２，場合Ｂ−３において、不正に署名者装置１の部分秘密鍵を入手した攻撃者装置２１が第三者機関装置３における本人認証を通過するときである。
【０２２３】
このうち、場合Ａ−３およびＡ−４においてディジタル署名の非生成証明が実現不可能となるためには、第三者機関装置３が持つ部分秘密鍵が自身に検知されることなく漏洩し、かつ署名者装置１の持つ部分秘密鍵が漏洩しながら署名者装置１がそれを通知することなく、さらに不正に署名者装置１の部分秘密鍵を入手した攻撃者装置２１が第三者機関装置３における本人認証を通過する必要がある。
【０２２４】
場合Ｂ−２およびＢ−３においてディジタル署名の非生成証明が実現不可能となるためには、署名者装置１の部分秘密鍵が漏洩しながら、対応する秘密鍵の失効通知が第三者機関装置３に対してなされず、かつ不正に署名者装置１の部分秘密鍵を入手した攻撃者装置２１が第三者機関装置３における本人認証を通過する必要がある。
【０２２５】
ここで、ディジタル署名の真正性について紛争が起こる場合の一例として、真正性判定装置７による判定によってディジタル署名が不正に偽造されたと判定され、その結果、秘密鍵の所有者の非生成証明があると判定される場合について具体的に説明する。
【０２２６】
図１３は、真正性が問題となる署名付メッセージが攻撃者装置２１によって偽造される場合の当該署名付きメッセージの生成履歴を示す処理フロー図である。
【０２２７】
同図においては、時刻ｔ_bで署名者装置１の保持する部分秘密鍵ＳＫ_AT（Ａ）が漏洩したとする（ステップＳ９０２）。
【０２２８】
署名者装置１はこの漏洩を検知し、秘密鍵ＳＫ_ATの失効を直ちに第三者機関装置３に通知するものとする（ステップＳ９０３）。
【０２２９】
その後、ｔ_c＞ｔ_bであるような時刻ｔ_cにおいて、攻撃者装置２１はｔ_a ＜ｔ_bとなるような時刻値ｔ_aを署名時刻として含むような署名付きメッセージ SigMsg(SK’_AT, h(M)‖t_a) を偽造したものとする（ステップＳ９０４）。
【０２３０】
なお、図１３のステップＳ９０１に「？」が付されているのは、この時刻ｔ_a において署名されたとされる署名付メッセージ（SigMsg(SK_AT, h(M)‖t_a) と記載）が真正であるか否かが問題となっていることを意味している。
【０２３１】
攻撃者装置２１は、上述した生成履歴を経て作成した署名付メッセージSigMsg(SK’_AT, h(M)‖t_a) を真正性判定装置７へ送信する。
以後の処理については、再び図１２のフローチャート図を用いて説明する。
【０２３２】
ステップＳ８０１でディジタル署名の所持者（実際には攻撃者装置２１）から署名付メッセージ SigMsg(SK’_AT, h(M)‖t_a) を受信した真正性判定装置７は、続くステップＳ８０２において、受信した署名付メッセージに含まれる秘密鍵ＳＫ_ATに対応する公開鍵ＰＫ_AT を抽出する。
【０２３３】
その後、真正性判定装置７は、署名付メッセージSigMsg(SK’_AT, h(M)‖t_a ) と、その署名付きメッセージ SigMsg(SK’_AT , h(M)‖t_a ) から抽出した公開鍵ＰＫ_ATとを入力として、署名検証演算 Veri(PK_AT, SigMsg(SK’_AT, h(M)‖t_a))を実行し、その結果が真正（Ｙｅｓ）であるか不正（Ｎｏ）であるかに応じて次のステップを選択する（ステップＳ８０３）。
【０２３４】
このステップＳ８０３の署名検証の結果がＹｅｓとなるためには、メッセージＭに対して、署名者装置１と第三者機関装置３を含む複数の部分署名を行う装置が、部分秘密鍵ＳＫ_AT（Ａ）とＳＫ_AT（Ｔ）を含む複数の部分秘密鍵を用いて分散署名する必要がある。ところが、図１３に示す生成履歴を有する署名付メッセージ SigMsg(SK’_AT, h(M)‖t_a) の場合には、第三者機関装置３は自身が担当する分散署名を実行していないので、ステップＳ８０３の署名検証の結果がＹｅｓとなることはありえない。したがって、署名付メッセージ SigMsg(SK’_AT, h(M)‖t_a) は不正と判定され、署名者装置１に対する署名の非生成証明が成立する。
【０２３５】
以上説明した本発明の第１の実施形態によれば、ある秘密鍵を用いたディジタル署名を生成するには、その秘密鍵の本来の持主である署名者（装置）と第三者機関（装置）とが協働しなければ生成することのできないディジタル署名の生成方法を実現できる。
【０２３６】
また、本実施形態によれば、署名者装置が署名することなく、その署名者装置の保持する秘密鍵を用いたディジタル署名が生成された場合には、第三者機関装置に蓄積される署名ログ情報からその事実が判明するようなディジタル署名の生成システムを提供することにより、後刻、紛争等が生じてそのディジタル署名の真正性が問題となったとき、署名者（装置）に対して非生成証明を実現することができる。
【０２３７】
この意味で、上述した従来技術とは、第三者機関装置３が正常に動作し、部分秘密鍵が漏洩した場合には漏洩が検知され、対応する秘密鍵の失効が通知される限り、署名の真偽が問題となる状況を不可能とし、秘密鍵の本来の所有者である署名者の非生成証明を容易に実現できる点が顕著に異なっている。
【０２３８】
（第２の実施形態）
図１４は、本発明の第２の実施形態に係るシステムの全体構成を示す説明図である。同図に示すように、本実施形態において想定されるシステムは、上記第１の実施形態と同様の装置に加え、上位機関としての時刻認証機関（ＴＳＡ：Time-Stamp Authority）に設けられる時刻認証機関装置９が通信ネットワーク４１を介して相互に接続されている。この時刻認証機関装置９が電子的な装置から構成されていることは、他の装置と同様である。
【０２３９】
なお、秘密鍵の分散生成については、上記第１の実施形態と同様に行われるものとする。すなわち、署名者装置１は部分秘密鍵ＳＫ_AT（Ａ）を、第三者機関装置３₁, ３₂,・・・, ３_k（ｋは正の整数）は、部分秘密鍵ＳＫ_AT（Ｔ₁），・・・，ＳＫ_AT （Ｔ_k）をそれぞれ生成する。秘密鍵の全体が、ＳＫ_AT＝ＳＫ_AT（Ａ）＋ＳＫ_AT（Ｔ₁ ）＋…＋ＳＫ_AT（Ｔ_k ）であることも第１の実施形態と同様である。
【０２４０】
また、本実施形態においても、ディジタル署名の対象となるメッセージＭに対して、秘密鍵ＳＫを用いて署名した結果を、第１の実施形態と同様の記号「Ｓｉｇ」を用いて Sig(SK, h(M)) などと記載する。ここで、ｈはハッシュ関数を表す。さらに、Ｍと Sig(SK, h(M)) を連接して得られる署名付メッセージについても、記号「SigMsg」を用いて SigMsg(SK, h(M)) などと記載する。
【０２４１】
＜分散署名＞
図１５は、本発明の第２の実施形態に係る分散署名生成方法の処理内容を示す処理フロー図である。ここでも、最初に一つの第三者機関装置３からシステムが構成される場合について説明する。
【０２４２】
署名者装置１および第三者機関装置３は、（部分秘密鍵、公開鍵）の組として、（ＳＫ_AT（Ａ）、ＰＫ_AT）および（ＳＫ_AT（Ｔ）、ＰＫ_AT）をそれぞれ保持する（ステップＳ１００１およびＳ１００２）。
【０２４３】
署名者装置１は、署名対象のメッセージのハッシュ値ｈ（Ｍ）を用いて部分署名 Sig(SK_AT(A)，h(M)) を生成する（ステップＳ１００３）。
【０２４４】
次に、署名者装置１と第三者機関装置３は、相互にエンティティ認証を行う（ステップＳ１００４）。即ち、署名者装置１に対する第三者機関装置３による本人認証および第三者機関装置３に対する署名者装置１による第三者機関認証を行う。
【０２４５】
その後、署名者装置１は、部分署名 Sig(SK_AT(A)，h(M)) と署名対象メッセージのハッシュ値ｈ（Ｍ）を第三者機関装置３に送付する（ステップＳ１００５）。
【０２４６】
一方、第三者機関装置３は、受信したハッシュ値ｈ（Ｍ）に対して自身の保持する部分秘密鍵ＳＫ_AT（Ｔ）を作用させ、部分署名 Sig(SK_AT(T)，h(M)) を生成し（ステップＳ１００６）、署名者装置１から送付された署名者装置１の部分署名 Sig(SK_AT(A)，h(M)) と自身の生成した部分署名 Sig(SK_AT(T)，h(M)) を組み合わせることにより、全体署名 Sig(SK_AT，h(M)) を生成する（ステップＳ１００７）。
【０２４７】
続くステップＳ１００８において、第三者機関装置３は、生成した全体署名 Sig(SK_AT，h(M)) のハッシュ値であるh（Sig(SK_AT，h(M))）に対する時刻証明書要求TSTReq(h(Sig(SK_AT, h(M)))) を時刻認証機関装置９に送信する（ステップＳ１００８）。
【０２４８】
時刻証明書要求 TSTReq(h(Sig(SK_AT，h(M)))) を受信した時刻認証機関装置９は、受信時刻ｔを添付した時刻証明書 TST(h(Sig(SK_AT，M)), t) を第三者機関装置３に返送する（ステップＳ１００９）。
【０２４９】
この時刻証明書 TST(h(Sig(SK_AT，M)), t) を受信した第三者機関装置３は、全体署名 Sig(SK_AT，h(M)) と時刻証明書 TST(h(Sig(SK_AT，M)), t) を署名者装置１に送信する（ステップＳ１０１０）。
【０２５０】
署名者装置１は、後刻の利用のために、受信した全体署名 Sig(SK_AT，h(M)) を記憶部１５に保存するか、またはさらに別の第三者にこれを発行する等の方法で利用する（ステップＳ１０１１）。
【０２５１】
他方、第三者機関装置３は、署名ログ (h(M), t, Sig(SK_AT(T), h(M)) と時刻証明書 TST(h(Sig(SK_AT，M)), t) を記憶部３５に保存する（ステップＳ１０１２）。
【０２５２】
上述した第１の実施形態におけるディジタル署名の分散生成処理においては、ディジタル署名の対象となるメッセージのハッシュ値ｈ（Ｍ）に時刻ｔを連接し、その結果であるｈ（Ｍ）‖ｔに対して、ディジタル署名を実行することにより署名時刻とディジタル署名を関連づけていた。これに対して、本実施形態においては、ディジタル署名に対して時刻証明書を取得することができるため、署名時刻とディジタル署名を関連づけるために，ｈ（Ｍ）‖ｔに対してディジタル署名を実行する必要はなく、単にハッシュ値ｈ（Ｍ）に対してディジタル署名を実行すればよい。
【０２５３】
なお、第三者機関装置が２つ以上のｋ個あるときには、予め第三者機関装置３₁, ３₂,・・・, ３_kの中から代表となる第三者機関装置を選んでおき、この選ばれた第三者機関装置が上記同様の処理を実行する。その際には、以下のような修正を行う。
【０２５４】
まず、ステップＳ１００５において、署名者装置１は第三者機関装置３₁ ，…，３_k の各々と相互にエンティティ認証を行う。
【０２５５】
続いて、ステップＳ１００５において、Sig(SK_AT(A), h(M)) とｈ（Ｍ）を代表第三者機関装置に送信後、それ以外の第三者機関装置に向けてｈ（Ｍ）のみを送信する。ｈ（Ｍ）を受信した代表第三者機関装置以外の第三者機関装置は、部分署名 Sig(SK_AT(T), h(M)) を生成し、代表第三者機関装置に送信する。
【０２５６】
ステップＳ１００７では、代表第三者機関装置が、署名者装置１から送付された部分署名 Sig(SK_AT(A), h(M)) と自身を含めて複数の第三者機関装置が生成した部分署名 Sig(SK_AT(T_i), h(M)) を組み合わせることによって全体署名Sig(SK_AT, h(M)) を生成する。ここでｉ＝１，…，ｋである。
【０２５７】
ステップＳ１００８とＳ１００９は各第三者機関装置が行う。
【０２５８】
その後、代表第三者機関装置が、全体署名Sig(SK_AT, h(M)) および時刻証明書 TST(h(Sig(SK_AT，M)), t) を署名者装置１および他の第三者機関装置に向けて送信する。
【０２５９】
この全体署名 Sig(SK_AT, h(M)) と時刻証明書 TST(h(Sig(SK_AT，M)), t) を受信した代表以外の第三者機関装置は、署名ログ (h(M), t, Sig(SK_AT(T_i), h(M)) と時刻証明書 TST(h（Sig(SK_AT，M)), t) を保存する（ステップＳ１０１２に相当）。
【０２６０】
本実施形態に係る分散署名生成方法は、上記第１の実施形態と同様の効果を奏することに加えて、時刻については専門の時刻認証機関に証明を依頼することにより、時刻の信頼性、正確さを向上させることができる上、分散署名を行う複数のエンティティが用いる時計が互いに誤差を生じていることにより、ディジタル署名が生成できないという状況を回避することができる。
【０２６１】
＜秘密鍵の失効＞
次に、署名者装置１と第三者機関装置３が、それぞれ部分秘密鍵ＳＫ_AT（Ａ）とＳＫ_AT（Ｔ）を分散して保持した後、署名者装置１と第三者機関装置３のいずれかが秘密鍵の漏洩を検知したときに実行する秘密鍵の失効処理について説明する。
【０２６２】
図１６は、署名者装置１が秘密鍵の漏洩を検知した場合の失効処理の流れを説明する処理フロー図である。
【０２６３】
ステップＳ１１０１およびＳ１１０２の処理は、各々の装置が部分秘密鍵と公開鍵を所定の鍵生成法によって生成、保持するステップを表している。
【０２６４】
その後、署名者装置１が自身の持つ部分秘密鍵ＳＫ_AT（Ａ）の漏洩を検知したとする（ステップＳ１１０３）。
【０２６５】
このとき、署名者装置１は、直ちに秘密鍵ＳＫ_ATの失効を第三者機関装置３に通知する（ステップＳ１１０４）。
【０２６６】
この通知を受信した第三者機関装置３は、その秘密鍵ＳＫ_ATと対をなす公開鍵ＰＫ_ATの失効を、公開鍵証明書を発行した認証機関装置５に要求する（ステップＳ１１０５）。
【０２６７】
第三者機関装置３からの失効要求を受信した認証機関装置５は、失効要求を受けた時刻ｔ₁を添付して公開鍵ＰＫ_ATの失効を記録し（ステップＳ１１０６）、その失効要求に対する応答（ＰＫ_ATの証明書失効応答）として、時刻ｔ₁の付いたＰＫ_ATの失効通知の受取証明を第三者機関装置３に送付する（ステップＳ１１０７）。
【０２６８】
その後、第三者機関装置３は、受信したＰＫ_ATの失効通知の受取証明を署名者装置１に転送し（ステップＳ１１０８）、そのＰＫ_ATの失効通知の受取証明を記憶部３５に保存する（ステップＳ１１０９）。
【０２６９】
ＰＫ_AT の失効通知の受取証明を第三者機関装置３から転送された署名者装置１も、受信したＰＫ_ATの失効通知の受取証明を記憶部１５に保存する（ステップＳ１１１０）。
【０２７０】
尚、公開鍵証明書の失効要求とそれに対する証明書失効応答の形式については、R. Housley et al., RFC2459 「Internet X.509 Public key Infrastructure Certificate and CRL Profile」で定められている標準に従うことにしてもよい。
【０２７１】
第三者機関装置が複数ある場合には、その各々が図１６における第三者機関装置３の処理を実行する。
【０２７２】
図１７は、第三者機関装置３が秘密鍵の漏洩を検知した場合の失効処理の流れを説明する処理フロー図である。
【０２７３】
ステップＳ１２０１およびＳ１２０２は、図１６におけるステップＳ１１０１およびＳ１１０２とそれぞれ同じ処理である。
【０２７４】
その後、第三者機関装置３が、自身の持つ部分秘密鍵ＳＫ_AT（Ｔ）の漏洩を検知したとする（ステップＳ１２０３）。
【０２７５】
部分秘密鍵ＳＫ_AT（Ｔ）の漏洩を検知した第三者機関装置３は、直ちに秘密鍵ＳＫ_ATと対をなす公開鍵ＰＫ_AT の公開鍵証明書の失効を認証機関装置５に対して要求する（ステップＳ１２０４）。
【０２７６】
以後のステップＳ１２０５、Ｓ１２０６、・・・、Ｓ１２０９の処理については、図１６を用いて説明した前述のケースと同じなので、説明を省略する。
【０２７７】
この場合にも、第三者機関装置が複数ある場合には、その各々が図１７における第三者機関装置３の処理を実行する。
【０２７８】
＜署名の真正性判定＞
次に、ディジタル署名が上述したいずれかの分散署名方法によって生成された場合に、そのディジタル署名の真正性を判定する真正性判定装置７の処理について説明する。
【０２７９】
図１８は、真正性判定装置７が行うディジタル署名の真正性判定処理の流れを説明するフローチャート図である。
【０２８０】
真正性判定装置７は、ディジタル署名の所持者から署名付メッセージSigMsg(SK’_AT，h(M)) と公開鍵証明書 Cert(PK_AT)を受信する（ステップＳ１３０１）。
【０２８１】
その後、受信した公開鍵証明書Cert(PK_AT) から公開鍵ＰＫ_ATを鍵抽出部７１で抽出する（ステップＳ１３０２）。
【０２８２】
次のステップＳ１３０３では、ステップＳ１３０２で抽出した公開鍵ＰＫ_AT と、ステップＳ１３０１で受信した署名付メッセージ SigMsg(SK’_AT ，h(M)) を入カとして、署名検証演算 Veri(PK_AT，SigMsg(SK’_AT，h(M))) を真正性判定部７２において実行する。
【０２８３】
ここでの署名検証演算 Veri(PK_AT，SigMsg(SK’_AT，h(M))) の概要ならびに出力は、第１の実施形態における署名検証演算と本質的に同じである。このステップにおいて、署名検証演算の出力が不正（ＮＯ）のときは、ステップＳ１３０４に進み、署名付きメッセージ SigMsg(SK’_AT，h(M)) を不正なものと判定する。他方、出力結果が真正（ＹＥＳ）のときはステップＳ１３０５へ進む。
【０２８４】
ステップＳ１３０５では、署名検証演算Veri(PK_AT，SigMsg(SK’_AT，h(M))) を実行したディジタル署名の署名ログおよび時刻証明書の存否について第三者機関装置３に照会し、それらの署名ログと時刻証明書が共に存在する場合以外（ＮＯ）のときは、署名付きメッセージSigMsg(SK’_AT ，h(M)) を不正なものと判定する（ステップＳ１３０６）。
【０２８５】
ステップＳ１３０５において署名ログと時刻証明書が共に第三者機関装置３に存在したとき（ＹＥＳ）には、ステップＳ１３０７に進んで、その時刻証明書と署名ログの情報が矛盾なく合致しているか否かの判定を行う。
【０２８６】
ここでの判定は、署名ログを (h(M), t, Sig(SK_AT(T), h(M)))、時刻証明書を TST(h(Sig(SK_AT，M), t)、時刻認証機関装置９の時刻証明書発行に用いられる秘密鍵に対応する公開鍵をＰＫ_TSA とするとき、その時刻証明書TST(h(Sig(SK_AT，M), t) に含まれるディジタル署名に対してＰＫ_TSAを作用させて復元した署名対象のハッシュ値が、h(Sig(SK_AT(T), h(M))) と時刻ｔを連接したもののハッシュ値に等しいか否かの判定を行う。この判定の結果がＮｏのときは、署名付きメッセージ SigMsg(SK’_AT ，h(M)) を不正なものと判定する（ステップＳ１３０８）。
【０２８７】
他方、Ｙｅｓのときは、署名ログ (h(M), t, Sig(SK_AT(T), h(M))) に含まれる署名時刻ｔを抽出し（ステップＳ１３０９）、公開鍵証明書 Cert(PK_AT) を発行した認証機関装置５に対し、時刻ｔにおいて公開鍵ＰＫ_AT が有効だったか否かを照会する（ステップＳ１３１０）。
【０２８８】
この照会に対して、認証機関装置５からＹｅｓの回答を得た場合には、署名付メッセージ SigMsg(SK’_AT(T), h(M)) の署名が真正である可能性が高いと判定する（ステップＳ１３１１（ＹＥＳ）、Ｓ１３１３）。他方、Ｎｏの回答を得た場合には、署名付メッセージ SigMsg(SK’_AT(T), h(M)) の署名を不正なものと判定する（ステップＳ１３１１（ＮＯ）、Ｓ１３１２）。
【０２８９】
以上の真正性判定方法を用いれば、上記第１の実施形態と同様に、署名の真正性を推定したり、紛争時の調停等の場合、さらに関連情報を収集することによって調停を進めていったりすることができる。
【０２９０】
なお、第三者機関装置が複数ある場合には、ステップＳ１３０５において、各第三者機関装置３₁ ，…，３_kの各々が署名ログおよび時刻証明書の存否を検査するものとする。
【０２９１】
またステップＳ１３０６においては、第三者機関装置３₁ ，…，３_kの各々に対して、記録されていた署名ログと時刻証明書の情報が矛盾なく合致しているか否かを検査するものとする。
【０２９２】
なお、ディジタル署名についてのサービス提供を業務とする第三者機関装置３が時刻認証機関装置９を用いる場合には、個人を含む一般的なエンティティとしての署名者装置１が時刻認証機関装置９を用いる場合（図１９を参照して説明した場合）とは異なり、時刻認証機関装置９によって発行される時刻証明書の取得をサービス約款等に含めることにより、ディジタル署名に際して時刻証明書の取得が義務化されたのと同様の効果を得ることができる。
【０２９３】
この場合に、正規の手段以外で生成された不正なディジタル署名についての真正性判定が必要となったとき（例えば紛争が起こった場合等）には、上記第１の実施形態で述べた条件（ＴＴＰ非不正の前提１、２、３、並びに非生成証明の実現条件１、２）の下で署名者装置１に対してディジタル署名の非生成証明を提供することが可能となる。
【０２９４】
さらに、部分秘密鍵が漏洩した場合には、図１６または図１７に示す手順により、その部分秘密鍵を含む秘密鍵の全体と対をなす公開鍵の失効要求を認証機関装置５に通知することにより、前述したＴＴＰ非不正の前提１，２，３の一部を省略してもディジタル署名の非生成証明を実現することが可能となる。より具体的には、図１８に示した真正性判定処理を採用することにより、ＴＴＰ非不正の前提１および２に記載された内容のうち、「部分秘密鍵の失効が記録されている場合には、その部分秘密鍵による署名要求には応じないものとする」という部分、並びにＴＴＰ非不正の前提３を省略することができる。これは、ディジタル署名用の秘密鍵失効後に、その秘密鍵を用いたディジタル署名がなされた場合には、そのディジタル署名に係る時刻証明書と、認証機関装置５に記録・保存されている公開鍵証明書の失効記録とを照合することにより、そのディジタル署名が秘密鍵の失効後になされたものであるか否かを判定できるためである。
【０２９５】
以上説明した本発明の第２の実施形態によれば、上述した第１の実施形態と同様の効果を得ることができる。
【０２９６】
加えて、本実施形態によれば、時刻情報については専門の時刻認証機関の証明を用いることができるので、時刻情報の信頼性や正確さを向上させることが可能になる。これにより、分散署名を行う複数のエンティティが用いる時計の誤差によってディジタル署名の生成が不可能になるという事態を回避することも可能になる。
【０２９７】
なお、本実施形態においても、上記第１の実施形態と同様にＲＳＡ公開鍵暗号方式を用いることを前提としているが、それ以外のさまざまな公開鍵暗号方式を採用した場合にも同様の効果を得ることができるのはいうまでもない。
【０２９８】
【発明の効果】
以上の説明からも明らかなように、本発明によれば、秘密鍵を用いたディジタル署名を生成するに際して、秘密鍵の本来の持主である署名者が署名することなくその秘密鍵からディジタル署名が生成された場合には、第三者機関の署名ログ情報からその不正な事実を判明させるとともに、秘密鍵の本来の持主に対して署名の非生成証明を実現することのできる署名者装置におけるディジタル署名方法、第三者機関装置におけるディジタル署名方法、ディジタル署名の真正性判定方法、署名者装置、第三者機関装置、ディジタル署名の真正性判定装置、署名者装置用ディジタル署名プログラム、第三者機関装置用ディジタル署名プログラム、ディジタル署名の真正性判定プログラム、およびプログラム記録媒体を提供することができる。
【０２９９】
これにより、偽造された不正なディジタル署名に対し、秘密鍵の本来の所有者が署名しなかったことの証明、即ち署名の非生成証明が可能となるだけでなく、真正なディジタル署名に対しては、秘密鍵の本来の所有者による否認を不可能にするという効果も得ることができる。
【図面の簡単な説明】
【図１】本発明の第１の実施形態に係るシステム全体の構成を示す説明図である。
【図２】署名者装置が有する機能の概略を示す機能ブロック図である。
【図３】第三者機関装置が有する機能の概略を示す機能ブロック図である。
【図４】真正性判定装置が有する機能の概略を示す機能ブロック図である。
【図５】秘密鍵の分散生成の第１の方法を示す処理フロー図である。
【図６】秘密鍵の分散生成の第２の方法を示す処理フロー図である。
【図７】本発明の第１の実施形態に係る分散署名生成方法（第１の方法）の処理内容を示す処理フロー図である。
【図８】本発明の第１の実施形態に係る分散署名生成方法（第２の方法）の処理内容を示す処理フロー図である。
【図９】本発明の第１の実施形態に係る分散署名生成方法（第３の方法）の処理内容を示す処理フロー図である。
【図１０】本発明の第１の実施形態において、署名者装置が秘密鍵の漏洩を検知した場合の失効処理の流れを説明する処理フロー図である。
【図１１】本発明の第１の実施形態において、第三者機関装置が秘密鍵の漏洩を検知した場合の失効処理の流れを説明する処理フロー図である。
【図１２】本発明の第１の実施形態において、真正性判定装置が行うディジタル署名の真正性判定処理の流れを説明するフローチャート図である。
【図１３】本発明の第１の実施形態において、真正性が問題となる署名付メッセージが攻撃者装置によって偽造される場合の生成履歴を示す処理フロー図である。
【図１４】本発明の第２の実施形態に係るシステム全体の構成を示す説明図である。
【図１５】本発明の第２の実施形態に係る分散署名生成方法の処理内容を示す処理フロー図である。
【図１６】本発明の第２の実施形態において、署名者装置が秘密鍵の漏洩を検知した場合の失効処理の流れを説明する処理フロー図である。
【図１７】本発明の第２の実施形態において、第三者機関装置が秘密鍵の漏洩を検知した場合の失効処理の流れを説明する処理フロー図である。
【図１８】本発明の第２の実施形態において、真正性判定装置が行うディジタル署名の真正性判定処理の流れを説明するフローチャート図である。
【図１９】ディジタル署名の非生成証明が実現されるシナリオの一例を示す処理フロー図である。
【図２０】ディジタル署名における否認防止とディジタル署名の非生成証明の関係を示す説明図である。
【符号の説明】
１ 署名者装置
３、３₁ ，３₂ ，…，３_k 第三者機関装置
５ 認証機関装置
７ 真正性判定装置
９ 時刻認証機関装置
１１、３１ 鍵生成部
１２、３２ 署名生成部
１３、３３ 認証部
１４ メッセージ作成部
１５、３５、７３ 記憶部
１６、３６、７４ 送受信部
１７、３７、７５ 入出力部
２１ 攻撃者装置
３４ 証明書要求作成部
４１ 通信ネットワーク
７１ 鍵抽出部
７２ 真正性判定部[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a digital signature method in a signer apparatus when performing a digital signature using a public key cryptosystem, a digital signature method in a third party organization apparatus, a digital signature authenticity determination method, a signer apparatus, a third party The present invention relates to an institution apparatus, a digital signature authenticity determining apparatus, a signer apparatus digital signature program, a third party institution apparatus digital signature program, a digital signature authenticity determining program, and a program recording medium.
[0002]
[Prior art]
In April 2001, the “Act on Electronic Signatures and Authentication Services” (Law No. 102, May 31, 2000, commonly known as the Electronic Signatures Act) came into force, and digital signatures are now legally supported. It was. Currently, in many digital signature systems, a public key infrastructure (PKI) based on public key cryptography is adopted as a basic framework. This framework provides a rich means of non-repudiation that makes it impossible to deny this fact at a later time if the original owner of the private key for the digital signature has signed the digital signature. .
[0003]
In digital signatures, the same important issue as non-repudiation is the non-generational proof of signatures. This means that when someone other than the owner of one private key has illegally generated a digital signature using the private key, the original owner of the private key has not generated the digital signature. Prove it. However, in the current framework such as public key infrastructure, the means for realizing the signature non-generation proof is extremely poor, and enhancement of this means is required.
[0004]
FIG. 20 is an explanatory diagram showing the relationship between non-repudiation in a digital signature and non-signature certificate of signature. Non-repudiation guarantees the interest of the recipient of the digital signature, while non-signature proof of signature guarantees the interest of the signature creator. Both of these functions are essential for using digital signatures with peace of mind.
[0005]
Under such circumstances, conventionally, one standard protocol for realizing the digital time stamp service has been defined (for example, see Non-Patent Document 1).
[0006]
Using this standard protocol, a time stamp was added to a trusted third party for the digital signature generated by the owner of a private key, and a dispute arose later regarding the authenticity of the digital signature. In some cases, non-repudiation can be prevented.
[0007]
If it is mandatory to add a time stamp to a digital signature, that is, for a digital signature generated by the owner of a private key, be sure to add the time stamp to a predetermined trusted third party. If there is a provision that must be provided, a non-signature proof is realized by adding a time stamp to a trusted third party for a digital signature generated using this standard protocol. Is possible under certain conditions.
[0008]
FIG. 19 is a process flow diagram illustrating an example of a scenario in which signature non-generation proof is realized. Here, SK is a secret key stored in the signer device 1 used by the signer who is the original owner of the secret key, and PK is a public key that is paired with the secret key SK. The certification authority apparatus 5 is an apparatus provided in a certification authority (CA) that is a certificate issuing authority that issues a certificate (public key certificate) for the public key PK.
[0009]
When the signer device 1 detects leakage of the private key SK held by the signer device 1 (step S1401), the signer device 1 transmits a revocation request for the public key PK paired with the secret key SK to the certification authority device 5 (step S1402). T_aAnd
[0010]
Based on the transmission from the signer device 1, the certification authority device 5_aThe revocation of the public key PK is recorded (step S1403).
[0011]
Thereafter, the attacker device 21 obtains the secret key SK of the signer device 1 illegally, generates a digital signature Sig (SK, M) for the electronic document M using the secret key SK (step S1404), and time t_b(> T_a) Is a device provided in a time-stamp authority (TSA) that issues a time certification request for the hash value h (Sig (SK, M)) of the digital signature Sig (SK, M) Is sent to the time certification authority apparatus 9 (step S1405).
[0012]
The time certification authority device 9 receives the request at time t_bWith time certificate TST (h (Sig (SK, M)), t_b) Is created and returned to the attacker device 21 (step S1406).
[0013]
In the event of a dispute over the authenticity of the digital signature Sig (SK, M), the appropriate mediation agency shall obtain the time certificate TST (h (Sig (SK, M)), t_b) And the time t attached to it_bIs the expiration time t of PK_aBy being later, it can be determined that the digital signature Sig (SK, M) is not authentic. Thereby, the signature non-generation proof is realized.
[0014]
However, in the distribution of digital signatures, the addition of a time stamp is generally not obligatory and is not so widely requested or implemented. For example, in the above-described electronic signature method, addition of a time stamp is not obligatory. Therefore, the scope of application of this method is currently limited.
[0015]
Even when a time stamp is required, it is generally possible to select a time certificate from a plurality of time certificate authorities and issue a time certificate. Therefore, in order to realize signature non-generation proof by this method, it is premised that all of the plurality of time certification authorities do not cheat, but in this case, the validity of this premise becomes a problem.
[0016]
As an example devised in view of the above problems, a technology that can identify the authenticity of a digital signature is disclosed (see Patent Document 1).
[0017]
The first method described in Patent Document 1 uses a simple digital signature by a tamper resistant signature device. In this method, an issuer of an IC card having a digital signature function is assumed, and a digital signature generator issues a message with a digital signature using an IC card issued by the issuer. The issued IC card has tamper resistance and has a function of recording a signature log. When the signature log information exceeds the capacity limit of the IC card, the signature log information is moved from the IC card to an external recording medium such as a hard disk.
[0018]
Issued by a third party other than the issuer by storing all signature log notifications of the digitally signed message issued by the issuer on a tamper-resistant IC card at the issuer of the digitally signed message There has been proposed a method for detecting forgery of a signature by checking with log information recorded on an IC card in the case of impersonating a person and impersonating a signature illegally.
[0019]
The second method described in Patent Document 1 uses a linking digital signature as a method for more effectively preventing signature log falsification.
[0020]
The third method described in Patent Document 1 is the above-described first method using a simple digital signature by a tamper-resistant signature device. By including time information in the digital signature, the time information is also digitally generated. It makes it possible to determine the validity of a signature. This method is a combination of the first method and the digital time stamp service described in Non-Patent Document 1. By using a digital time stamp service, when a revocation notification is made due to a leak of a secret key, the digital signature after the revocation notification is invalidated by comparing the revocation notification date and time with the time stamp date and time for the digital signature. The means to judge is given.
[0021]
[Patent Document 1]
JP 2001-331104 A
[0022]
[Non-Patent Document 1]
C. Adams, et al., RFC3161 "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)"
[0023]
[Problems to be solved by the invention]
However, the first to third methods disclosed in Patent Document 1 described above have the following problems.
[0024]
(1) First method
One of the problems with this method is that the signature log information on the external recording medium is likely to be tampered with when moving the signature log information from the IC card to an external recording medium such as a hard disk. Despite the fact that the owner has generated a legitimate digital signature, it becomes difficult to prevent it from being denied later.
[0025]
In addition, it is assumed that the issuer of the IC card is fully trusted, and there is no method for dealing with the internal fraud of the issuer.
[0026]
(2) Second method
When this method is applied to the exchange of digital signatures between general individuals, the following problems can be considered.
[0027]
For mediation in the event of a dispute over the authenticity of a digital signature, it is assumed that the recipient of the digital signature has cooperated and that the digital signature received by the recipient of the digital signature has been securely stored. I must. However, this assumption may not always hold when a general individual is the recipient of a digital signature.
[0028]
Also, unlike the time stamp service as a public service that was originally assumed as an application area of linking digital signatures, when an individual issues a digital signature, the issuer and the recipient of the digital signature collaborate. There is also a problem that the possibility of falsification of the digital signature log so that it cannot be detected later cannot be ignored. Specifically, when the issuer of a digital signature is an individual, the number of signature requests is generally small, and by conspiring with the signature requestor, it is easy to control who and when the signature request comes from. This can lead to the possibility of tampering with the digital signature log so that it cannot be detected later.
[0029]
(3) Third method
This method has the same problem as the time stamp service according to Non-Patent Document 1 in realizing non-signature proof of signature. In other words, when a time stamp is required to be added to a digital signature, it is possible to realize a non-signature proof of the signature under certain conditions. However, since the current electronic signature law does not require the addition of a time stamp, the scope of application of this method is limited.
[0030]
The present invention has been made in view of the above, and an object of the present invention is to generate a digital signature from a private key without signing by a signer who is the original owner of the private key when generating a digital signature using the private key. In the signer device that can identify the fraud fact from the third party's signature log information and can realize non-signature proof of signature for the original owner of the private key Digital signature method, digital signature method in third party organization device, digital signature authenticity judgment method, signer device, third party organization device, digital signature authenticity judgment device, digital signature program for signer device, third Another object of the present invention is to provide a digital signature program for a personal institution apparatus, a digital signature authenticity determination program, and a program recording medium.
[0031]
[Means for Solving the Problems]
In order to achieve the above object, the present invention as claimed in claim 1 is a signer apparatus for carrying out a digital signature based on the public key cryptosystem with a private key in order to carry out a digital signature by the public key cryptosystem. And a third party apparatus provided in a third party independent of the public key certification authority via a communication network, wherein the signer apparatus and the third party apparatus are A storage unit that collaborates to generate the secret key and stores the partial secret key held by each device when any of the partial secret keys divided from the secret key is possessed A digital signature method in a signer device executed by the signer device comprising: a signature target data composed of a hash value of a message to be signed and a current time, and the storage unit A partial signature that is a partial digital signature using the partial private key read out from the step, a step of transmitting the partial signature created in this step and the data to be signed to the third party organization device, Receives the entire signature, which is a digital signature generated by the third party organization apparatus, by combining the partial signature transmitted in the step and the partial signature generated using the partial secret key possessed by the third party organization apparatus. And storing the data in the storage unit.
[0032]
According to a second aspect of the present invention, there is provided a signer device that possesses a secret key and performs a digital signature based on the public key cryptosystem in order to perform a digital signature by a public key cryptosystem, and a public key certification authority In a system in which a third-party organization apparatus provided in a third-party organization independent of the system is connected via a communication network, the signer device and the third-party organization device cooperate to obtain the secret key. The signer device including a storage unit that stores the partial secret key that is generated and each of the devices possesses any of the partial secret keys that are divided from the secret key. A digital signature method in a signer device to be executed, comprising: a signature target data composed of a hash value of a message to be signed and a current time; and a partial secret key read from the storage unit A partial signature that is a partial digital signature, and a digital signature that is a combination of the partial signature created in this step and the partial signature created from the partial private key held by the third-party organization device And a step of generating an overall signature.
[0033]
According to a third aspect of the present invention, in the first or second aspect of the invention, the partial signature is obtained by connecting the partial secret key to a value obtained by concatenating a hash value of the message to be signed and a value representing the current time. The gist is that it is configured by action.
[0034]
According to a fourth aspect of the present invention, in the invention according to any one of the first to third aspects, when the leakage of the partial private key is detected, the revocation of the private key corresponding to the partial private key is The gist is to further execute the step of notifying the person engine device.
[0035]
The invention according to claim 5 is the invention according to any one of claims 1 to 3, wherein when the revocation of the secret key corresponding to the partial secret key is notified from the third party organization device, the secret The gist is to further execute the step of detecting and recording the key revocation.
[0048]
  Claim6The present invention described herein is independent of a signer apparatus that carries a digital signature based on the public key cryptosystem and possesses a secret key in order to perform a digital signature by a public key cryptosystem. In a system in which a third party organization device provided in a third party organization is connected via a communication network, the signer device and the third party organization device cooperate to generate the secret key. When each device possesses one of the partial secret keys divided from the secret key, the signer device having a storage unit for storing the possessed partial secret key is signed Creating a partial signature, which is a partial digital signature, using the signature target data composed of the hash value of the message to become and the current time, and the partial secret key read from the storage unit , A step of transmitting the partial signature created in this step and the data to be signed to the third party organization device, and a generation using the partial signature transmitted in this step and the partial secret key possessed by the third party organization device And a step of receiving an entire signature, which is a digital signature generated by the third-party organization apparatus, and storing it in the storage unit.
[0049]
  Claim7The present invention described herein is independent of a signer apparatus that carries a digital signature based on the public key cryptosystem and possesses a secret key in order to perform a digital signature by a public key cryptosystem. In a system in which a third party organization device provided in a third party organization is connected via a communication network, the signer device and the third party organization device cooperate to generate the secret key. When each device possesses one of the partial secret keys divided from the secret key, the signer device having a storage unit for storing the possessed partial secret key is signed Creating a partial signature, which is a partial digital signature, using the signature target data composed of the hash value of the message to become and the current time, and the partial secret key read from the storage unit And a step of generating an overall signature that is a digital signature formed by combining the partial signature created in this step and the partial signature created from the partial private key held by the third-party organization apparatus. .
[0050]
  Claim8The invention as described is claimed.6Or7The gist of the invention is that the partial signature is configured by operating the partial secret key on a value obtained by concatenating a hash value of the message to be signed and a value representing the current time.
[0051]
  Claim9The invention as described is claimed.6Thru8The invention according to any one of claims 1 to 3, further comprising the step of notifying the third party institution device of the expiration of the secret key corresponding to the partial secret key when leakage of the partial secret key is detected. And
[0052]
  Claim10The invention as described is claimed.6Thru8In the invention described in any one of the above, when the revocation of the secret key corresponding to the partial secret key is notified from the third party organization device, the step of detecting and recording the revocation of the secret key is further executed This is the gist.
[0063]
Here, the recording medium means a computer-readable recording medium such as a flexible disk, a CD-ROM (Compact Disc Read Only Memory), a DVD (Digital Versatile Disk), a magneto-optical disk, and a PC card. .
[0064]
DETAILED DESCRIPTION OF THE INVENTION
Next, embodiments of the present invention will be described with reference to the drawings.
[0065]
(First embodiment)
<System configuration>
FIG. 1 is an explanatory diagram showing the overall configuration of a system according to the first embodiment of the present invention. As shown in the figure, the system assumed in the present embodiment includes a signer device 1 in which the signer who is the original owner of the private key and who performs the digital signature performs the actual processing, and a trusted third party organization. (TTP: Third Trusted Party) The third party organization device 3 that actually performs the processing, the certification authority device 5 that actually performs the processing at the certification authority (CA) that is the public key certificate issuing organization, the digital signature The authenticity determination device 7 that actually performs processing in an arbitration engine or the like that determines the authenticity of each of these devices is configured to be connected to each other via a communication network 41. The communication network here refers to a network capable of transmitting and receiving electronic information (data) such as the Internet and a dedicated line.
[0066]
Of these, at least one third-party organization device 3 is required, but in some cases, third-party organization devices in a plurality of third-party organizations may cooperate to execute the processing according to the present embodiment. . In this sense, in FIG.₁, 3₂, ..., 3_k(K is a positive integer). In the following description, when processing is performed using one third-party institution apparatus, reference numeral 3 is assigned to the third-party institution apparatus.
[0067]
Each of the above devices has a central processing unit (CPU: Central Processing Unit) having at least an arithmetic function and a control function, a main storage device (RAM) having a function of storing programs and data, and comprising a RAM (Random Access Memory) or the like. It is composed of an electronic device having a memory.
[0068]
A program for executing various processes according to the present embodiment is stored in the main storage device or the hard disk described above.
[0069]
Each of the above devices is assumed to include an auxiliary storage device such as a hard disk drive, a flexible disk drive, a CD-ROM drive, a DVD drive, a magneto-optical disk drive, and a PC card drive. In this sense, it is of course possible to record a program for performing various processes described later on a computer-readable recording medium such as a flexible disk, a CD-ROM, a DVD, a magneto-optical disk, and a PC card and widely distribute it. is there.
[0070]
FIG. 2 is a functional block diagram showing an outline of functions for the signer apparatus 1 to perform processing. The signer apparatus 1 shown in FIG. 1 includes a key generation unit 11 that is a key generation unit that generates a secret key or a public key, a signature generation unit 12 that is a signature generation unit that generates a digital signature of the signer, and the received data An authentication unit 13 that is an authentication unit that performs authentication, a message creation unit 14 that is a message creation unit that creates a message to be signed, and a storage unit 15 as a part of a storage unit that stores various data and programs. ing. In addition, a transmission / reception unit 16 including an interface for transmitting / receiving data via the communication network 41 and an input / output unit 17 for inputting or outputting various data by the signer are provided.
[0071]
Among these, the processing of the key generation unit 11, the signature generation unit 12, the authentication unit 13, and the message creation unit 14 is nothing but a specific example of the calculation control function by the CPU.
[0072]
The storage unit 15 includes functions of a main storage device and various auxiliary storage devices.
[0073]
FIG. 3 is a functional block diagram showing an outline of functions for the third party organization apparatus 3 to perform processing. In the figure, the above-described signature is excluded except for the certificate request creation unit 34 (certificate request creation means) that creates data for requesting a certificate such as a public key certificate or a revocation certificate from the certification authority apparatus 5. The parts having the same functions as those of the signer apparatus 1 are described by aligning the last one digit with the code given to the corresponding part of the signer apparatus 1.
[0074]
FIG. 4 is a functional block diagram illustrating an outline of functions for the authenticity determination device 7 to perform processing. The authenticity determination device 7 shown in FIG. 1 includes a key extraction unit 71 (key extraction unit) that extracts a public key from data received from the signer device 1 or the third-party organization device 3 in order to determine the authenticity of the digital signature. And an authenticity determining unit 72 (authentication determining unit) for determining the authenticity of the digital signature by performing a predetermined calculation based on the public key extracted by the key extracting unit 71. It is the same as that of the signer apparatus 1 and the third party institution apparatus 3 that these processes specifically show the calculation control function by the CPU.
[0075]
About the memory | storage part 73, the transmission / reception part 74, and the input-output part 75, it has a function similar to the corresponding | compatible part of the signer apparatus 1 and the third party organization apparatus 3. FIG.
[0076]
In addition, each apparatus demonstrated above is constructed | assembled with two or more electronic apparatuses not only when it is constructed | assembled by one electronic apparatus but dividing each means or execution of each step. Including cases.
[0077]
Details of the digital signature method performed by the system having the above configuration will be described. In the present embodiment, in order to generate a digital signature using a certain secret key, the secret key is used as a signer device 1 and one or a plurality of third party organization devices 3.₁, 3₂, ..., 3_kThe authenticity of the digital signature generated by a method other than the regular signature generation means becomes a problem by performing distributed signature using these partial secret keys when generating the digital signature. A non-signature proof of signature is provided to the original owner of the private key.
[0078]
<Generation of secret key>
First, as a premise for performing a distributed signature, a private key owned by a user is generated and held by dividing it between multiple entities consisting of the signer device and one or more third-party organizations devices. Two methods that are assumed to be performed will be described with reference to the processing flowcharts of FIGS. 5 and 6, respectively. In the following description using FIGS. 5 and 6, the case where there is one third-party organization device 3 will be mainly described.
[0079]
The first method will be described with reference to FIG. In this method, the secret key of the signer apparatus 1 is generated by the third party institution apparatus 3, and it is divided among a plurality of entities including the signer apparatus 1, and each entity holds its own interest. It is.
[0080]
First, the third party institution apparatus 3 has a secret key SK._ATAnd public key PK_ATAre generated by the key generation unit 31 (step S101).
[0081]
Thereafter, the third party institution apparatus 3 uses the public key PK generated in step S101._ATPublic key certificate request for CertReq (PK_AT) Is generated by the certificate request creation unit 34 (step S102), and the generated public key certificate request is sent to the certification authority apparatus 5 (step S103).
[0082]
The certificate authority apparatus 5 receives the received public key certificate request CertReq (PK_AT) Public key certificate Cert (PK_AT) Is returned to the third party organization apparatus 3 (step S104).
[0083]
Public key certificate Cert (PK_AT) Receives the secret key SK._ATSK in the key generation unit 31_AT= SK_AT(A) + SK_AT(T) is divided (step S105). Where SK_AT(A) and SK_AT(T) is a partial secret key that is appropriately determined by the third party organization apparatus 3.
[0084]
Thereafter, the third party institution apparatus 3 uses the partial secret key SK._AT(A) and public key certificate Cert (PK_AT) Is transmitted to the signer apparatus 1 (step S106).
[0085]
The signer apparatus 1 receives the received partial secret key SK._AT(A) and public key certificate Cert (PK_AT) Is stored in the storage unit 15 (step S107).
[0086]
On the other hand, the third party institution apparatus 3 sends the transmitted partial secret key SK._ATAfter (A) is discarded (step S108), the partial secret key SK that has not been discarded_AT(T) and public key certificate Cert (PK_AT) Is stored in the storage unit 35 (step S109).
[0087]
In this first method, before each divided partial secret key is divided and held by the signer apparatus 1 and the third party institution apparatus 3, the third party apparatus 3 once relates to the secret key. Since the information is accumulated, if there is an unauthorized intrusion into the third party organization apparatus 3, the information can be known. Therefore, when this method is used, it is assumed that the third party institution apparatus 3 satisfies the following two requirements.
[0088]
The first requirement is that sufficient security measures are provided and unauthorized intruders are not allowed to enter during the generation or division of the secret key.
[0089]
The second requirement is that after the private key is generated and the partial private key obtained by dividing the private key is sent to the assignment destination of the partial private key including the signer device 1, the third party organization device 3 assigns the private key to itself. The partial secret key other than the partial secret key is securely destroyed.
[0090]
In addition, when there are two or more third-party engine devices, the third-party engine device 3₁, 3₂, ..., 3_kA representative third party institution apparatus is selected from among the above, and the selected third party institution apparatus executes the same processing as described above. In that case, the following modifications are made.
[0091]
First, after executing steps S101 to S104, in step S105, the secret key SK_ATIs divided as follows:
SK_AT= SK_AT(A) + SK_AT(T₁) + ... + SK_AT(T_k)
Where SK_AT(T₁) ... SK_AT(T_k) Is a third party organization device 3₁, ..., 3_kAre partial secret keys to be stored.
[0092]
In step S106, the partial secret key SK_AT(A) and public key PK_ATIs transmitted to the signer apparatus 1 and the partial secret key SK_AT(T_i) And public key PK_ATIs transmitted to a third party organization apparatus other than the representative third party organization apparatus. Here, i = 1,..., K.
[0093]
Next, the second method will be described with reference to FIG. In this method, a plurality of entities including the signer device 1 generate a secret key stored in the signer device 1 in a distributed manner. As an algorithm for this purpose, an existing distributed generation algorithm can be applied (for an algorithm for distributed generation of RSA key pairs, see, for example, Boneh and MK Franklin, “Efficient generation of shard RSA keys ( extended abstract) ”, in Proceedings Crypto '97, pp.425-439, 1997.).
[0094]
In this method, unlike the first method described above, since the secret key stored in the signer device 1 is never known to the third-party organization device 3, the third-party organization device 3 is illegal. It has the advantage that it is impossible to keep and use the private key.
[0095]
First, in steps S201 and S202 of FIG. 6, the signer apparatus 1 and the third party institution apparatus 3 respectively execute predetermined algorithms for secret key distributed generation (step S203).
[0096]
Next, the signer apparatus 1 uses the partial secret key SK generated in step S201._AT(A) is stored in the storage unit 15 (step S204), while the third party institution apparatus 3 generates the partial secret key SK generated in step S202._AT(T) is stored in the storage unit 35 (step S205).
[0097]
Subsequently, the signer device 1 and the third party organization device 3 execute a predetermined distributed generation algorithm for requesting a public key certificate (step S206), whereby a public key certificate request CertReq (PK_AT) Is generated (steps S207 and S208). The reason why the distributed generation algorithm needs to be executed is that it is necessary to generate a digital signature using a plurality of partial secret keys generated in steps S201 and S202. In the distributed generation of public key certificate requests here, using the certificate request creation unit 34 in the third-party organization device 3 is the same as in the first method, but in the case of the signer device 1. For example, the message creating unit 14 is provided with such a function.
[0098]
The third-party organization device 3 and the signer device 1 are distributed and generated public key certificate request CertReq (PK_AT) Is sent to the certification authority apparatus 5 (step S209).
[0099]
On the other hand, the certification authority device 5 uses the public key certificate Cert (PK_AT) Is sent to the third party organization apparatus 3 (step S210).
[0100]
Public key certificate Cert (PK_AT) Receives the public key certificate Cert (PK_AT) Is transferred to the signer apparatus 1 (step S211).
[0101]
After this, the signer apparatus 1 determines that the partial secret key SK_AT(A) and the received public key certificate Cert (PK_AT) Is stored in the storage unit 15 (step S212), while the third party institution apparatus 3 stores the partial secret key SK._AT(T) and public key certificate Cert (PK_AT) Is saved (step S213).
[0102]
In addition, when there are two or more third-party engine devices, the third-party engine device 3₁, 3₂, ..., 3_kA representative third party institution apparatus is selected from among the above, and the selected third party institution apparatus executes the same processing as described above. In that case, the following modifications are made.
[0103]
First, in steps S201 and S202, the third party institution apparatus 3₁, ..., 3_kThe algorithm is applied to generate key pairs in a distributed manner by k + 1 entities including the signer device 1. Thereafter, in step S205, all the third party institution devices 3₁, ..., 3_kEach of which is a partial secret key SK held by itself_AT(T_i) Is stored in each storage unit. Again, i = 1,..., K. Steps S206, S207, S208, and S209 are assumed to be executed by a third-party organization apparatus selected as a representative.
[0104]
<Distributed signature>
The secret key is divided using one of the above two methods, and the partial secret key is distributed and stored in the signer device and one or a plurality of third-party organizations devices. A description will be given of a method in which the three-party engine apparatus cooperates to perform distributed signature. Here, the case where there is one third-party organization apparatus that performs distributed signature first will be described.
[0105]
In the distributed signature method described below, in a digital signature, a time value indicating the date and time when the signature is signed is concatenated with the hash value of the message to be signed, and the digital signature is executed on the concatenated result. The reason why the time values are concatenated is that when some kind of dispute about the digital signature occurs later and the authenticity of the digital signature needs to be determined, the determination is made using the connected time.
[0106]
For methods of digitally signing messages with time values, see B. Kaliski et al .: RFC2315 “PKCS # 7: Cryptographic Message Syntax, Version 1.5” and R. Housley et al .: RFC2630 “Cryptographic Message”. You may decide to follow standards such as “Syntax”. As is clear from the fact that these standards have been established, the inclusion of the date and time of signatures in a part of the data to be signed is now widely requested or implemented in the distribution of digital signatures. Needless to say, limiting the digital signature to such a form does not narrow the scope of application of the method described below.
[0107]
In the following description, the result of signing the message M to be signed using the secret key SK is represented as Sig (SK, h (M) ‖t). Here, h is a hash function, and h (M) ‖t represents a concatenation of h (M) and time t (a combination of a bit string and a bit string). Further, a signed message obtained by concatenating M, t, and Sig (SK, h (M) ‖t) is represented as SigMsg (SK, h (M) ‖t).
[0108]
When the signature time is determined from the clock referred to by each entity that performs the digital signature, the value is determined in a predetermined step size, for example, 1 second.
[0109]
For example, Japanese Patent Laid-Open No. 2001-142398 discloses a method in which a plurality of entities that hold private keys in a distributed manner execute a distributed signature using the RSA public key cryptosystem (for the RSA public key cryptosystem). RL Rivest et al., A method for obtaining digital Signatures and public-key cryptosystems, Communications of ACM Vol.21 (1978), pp.120-126.). In the following description, it is assumed that the RSA public key cryptosystem is used. However, in the present invention, the public key cryptosystem that is the base of the digital signature is not limited to the RSA public key cryptosystem. Of course, it is possible to use a digital signature based on a public key cryptosystem such as Rabin cipher, ElGamal cipher, elliptic curve cipher, etc., and the effect is the same.
[0110]
In the RSA public key cryptosystem, two large prime numbers p and q are selected at random, N = p · q, Φ (N) = (p−1) · (q−1), and Φ (N) and By appropriately determining a relatively prime integer e, (N, e) is used as a public key. Further, the integer d is selected so that e · d = 1 mod Φ (N) and is used as a secret key. Here, “1 mod Φ (N)” means to be 1 modulo Φ (N). The digital signature for message M expressed as an integer between 0 and N−1 is M^d given by mod N.
[0111]
When the secret key d is divided into partial secret keys d (1),..., D (r) such that d = d (1) +... + D (r), each partial secret key d (i) Partial signature M generated using (i = 1,..., R)^{d (i)} For mod N, a signature for M using the secret key d can be generated by multiplying N by modulus. That is,
M^d mod N = (M^{d (i)} mod N) ...... (M^{d (r)} mod N) mod N
(See JP 2001-142398 A).
[0112]
Hereinafter, three methods for generating a distributed signature will be described. Also here, the case where there is a single third-party organization apparatus will be described with reference to the processing flowcharts shown in FIGS.
[0113]
FIG. 7 is a processing flowchart showing detailed processing contents of the distributed signature generation method (first method) according to the present embodiment.
[0114]
Steps S301 and S302 include a partial secret key SK generated using any of the distributed generation methods described above._AT(A) and SK_AT(T), public key PK_ATIs stored in the signer device 1 and the third-party organization device 3, respectively.
[0115]
In this first method, when generating a digital signature for a message to which a time value is assigned, first, the signer apparatus 1 sets the time t of the clock to which it refers to the hash value h (M) of the message to be signed. The partial secret key SK that the signer device 1 stores in the concatenated h (M) ‖t as a result_ATBy applying (A), the partial signature Sig (SK_AT(A), h (M) ‖t) is generated (step S303).
[0116]
Subsequently, the signer apparatus 1 and the third party institution apparatus 3 perform entity authentication with each other by the authentication units 13 and 33 (step S304). That is, identity authentication by the third party organization device 3 for the signer device 1 and third party organization authentication by the signer device 1 for the third party organization device 3 are performed. The entity authentication may be performed using a public key certificate for entity authentication owned by each entity. Further, in the personal authentication by the third party institution apparatus 3 for the signer apparatus 1, various methods for authenticating the user such as a password, a one-time password, or biometrics, and combinations thereof are used as public keys for entity authentication. It may be used as an alternative to a certificate, or may be used in combination with a public key certificate for entity authentication.
[0117]
Needless to say, if an error occurs during authentication here, the subsequent processing is not performed.
[0118]
In step S305, the signer apparatus 1 determines that the partial signature Sig (SK_AT(A), h (M) ‖t) and the signature object data h (M), t that are the object of signature are sent to the third party organization apparatus 3.
[0119]
The third party organization device 3 that has received the data to be signed compares the time t sent from the signer device 1 with the time of the clock to which it refers, and the difference between the two values is within a predetermined allowable range. If there is a partial secret key SK_ATPartial signature Sig (SK using (A)_AT(A), h (M) ‖t) is generated (step S306). Here, the “predetermined allowable range” changes depending on the guaranteed accuracy when proving the time, and for example, a value about a fraction of the set guaranteed accuracy is assumed as the threshold of the allowable range. The Further, when the difference between the two time values is not within the allowable range, the subsequent processing is not performed. The above two points also apply when a similar situation occurs in the processing described later.
[0120]
Thereafter, the third party organization apparatus 3 sends the partial signature Sig (SK) sent from the signer apparatus 1._AT(A), h (M) ‖t) and the partial signature Sig (SK_AT(T), h (M) ‖t)_AT, h (M) ‖t) (step S307), and transmits this entire signature to the signer apparatus 1 (step S308).
[0121]
After that, the third party institution apparatus 3 uses the signature log (h (M), t, Sig (SK_AT(T), h (M) ‖t)) is stored (step S310).
[0122]
On the other hand, the signer apparatus 1 that has received the overall signature stores it for later use or uses it by issuing it to another third party (step S309).
[0123]
In addition, when there are two or more third-party engine devices, the third-party engine device 3₁, 3₂, ..., 3_kA representative third party institution apparatus is selected from among the above, and the selected third party institution apparatus executes the same processing as described above. In that case, the following modifications are made.
[0124]
In step S304, the signer apparatus 1 that originally owns the private key is a plurality of third party institution apparatuses 3₁, ..., 3_kEntity authentication with each other. That is, the third party organization device 3 for the signer device 1_i User authentication by 3rd party equipment 3_i The third party institution authentication is performed by the signer apparatus 1 for. Again, i = 1,..., K.
[0125]
In step S305, the signer apparatus 1 receives the third party institution apparatus 3.₁, ..., 3_kFor each of the partial signatures Sig (SK_AT(A), h (M) ‖t) and signature target data h (M), t are sent.
[0126]
Each third-party organization device 3_iCompares the sent time t with its own clock, and if the difference is within an allowable range, the partial secret key SK stored by itself_AT(T_i) Using partial signature Sig (SK_AT(T_i), h (M) ‖t) are generated (step S306).
[0127]
After that, each third-party organization device other than the third-party organization device selected as the representative will receive the partial signature Sig (SK_AT(T_i), h (M) ‖t) is sent to the representative third-party organization device.
[0128]
In step S307, the representative third-party organization apparatus sends the partial signature Sig (SK_AT(A), h (M) ‖t) and the partial signature Sig (SK_AT(T_i), h (M) ‖t)_AT, h (M) ‖t).
[0129]
Steps S308 to S310 are the same as described above.
[0130]
FIG. 8 is a processing flowchart showing detailed processing contents of the distributed signature generation method (second method) according to the present embodiment. This method is different from the first method described above in that the signer apparatus 1 generates a whole signature.
[0131]
Steps S401,..., S406 are the same as those in the first method (see steps S301,.
[0132]
In step S407, the third party institution apparatus 3 generates the partial signature Sig (SK_AT(T), h (M) ‖t) is returned to the signer apparatus 1.
[0133]
Upon receiving this partial signature, the signer apparatus 1 receives the partial signature and its partial signature Sig (SK_AT(A), h (M) ‖t)_AT, h (M) ‖t) (step S408), and sends the entire signature to the third party organization apparatus 3 (step S409).
[0134]
The third-party organization device 3 has an overall signature Sig (SK_AT, h (M) ‖t), and then the signature log (h (M), t, Sig (SK_AT(T), h (M) ‖t)) is stored in the storage unit 35 (step S410).
[0135]
On the other hand, the signer apparatus 1 uses the entire signature Sig (SK for later use._AT, h (M) ‖t) is stored or used by another method such as issuing it to another third party (step S411).
[0136]
Next, the case where there are a plurality of third-party organization devices will be described focusing on the correction steps as in the first method.
[0137]
First, the partial signature Sig (SK_AT(A), h (M) ‖t) and signature target data h (M), t₁, 3₂, ..., 3_k(Step S405).
[0138]
Third-party organization device 3₁, 3₂, ..., 3_kEach executes steps S402, S406, and S407 of FIG.
[0139]
In step S408, the signer apparatus 1 generates the partial signature Sig (SK_AT(A), h (M) ‖t) and multiple third party institutional devices 3₁, 3₂, ..., 3_kMultiple partial signatures Sig (SK_AT(T₁), h (M) ‖t), ..., Sig (SK_AT(T_k), h (M) ‖t)_AT, h (M) ‖t).
[0140]
In step S409, the signer apparatus 1 determines that the entire signature Sig (SK_AT, h (M) ‖t) are sent to each of the plurality of third party institution apparatuses 3, and then step S411 is executed.
[0141]
On the other hand, third-party engine device 3₁, 3₂, ..., 3_kEach executes step S410.
[0142]
FIG. 9 is a processing flowchart showing detailed processing contents of the distributed signature generation method (third method) according to the present embodiment.
[0143]
Steps S501 and S502 are steps in which each of the signer apparatus 1 and the third party institution apparatus 3 holds its partial secret key and public key, as in the above-described two distributed signature generation methods.
[0144]
In step S503, the signer device 1 that is the original owner of the secret key and the third party organization device 3 perform entity authentication with each other. That is, identity authentication by the third party organization device 3 for the signer device 1 and third party organization authentication by the signer device 1 for the third party organization device 3 are performed.
[0145]
Thereafter, the signer apparatus 1 sends the hash value h (M) of the signature target message M to the third party institution apparatus 3 as signature target data (step S504).
[0146]
The third-party organization device 3 that has received the signature object data connects the time t of the clock to which it refers to h (M), and the partial secret key held by itself in h (M) ‖t obtained as a result. SK_ATBy applying (T), the partial signature Sig (SK_AT(T), h (M) ‖t) is generated (step S505), and this partial signature Sig (SK_AT(T), h (M) ‖t) and time t are returned to the signer apparatus 1 (step S506).
[0147]
The signer device 1 that has received these data compares the time t sent from the third party organization device 3 with the time of the clock to which it refers, and if the difference between these two values is within a predetermined allowable range. For example, the partial secret key SK_ATBy using (T), the partial signature Sig (SK_AT(A), h (M) ‖t) is generated (step S507).
[0148]
Subsequently, the signer apparatus 1 receives the partial signature Sig (SK_AT(T), h (M) ‖t) and the partial signature Sig (SK_AT(A), h (M) ‖t)_AT, h (M) ‖t) (step S508), and transmits this entire signature to the third party organization apparatus 3 (step S509).
[0149]
The third-party organization device 3 has its entire signature Sig (SK_AT, h (M) ‖t) and then the signature log (h (M), t, Sig (SK_AT, h (M) ‖t)) are stored (step S510).
[0150]
On the other hand, the signer device 1 uses the entire signature Sig (SK) for later use._AT, h (M) ‖t) is stored, or is used by issuing it to another third party (step S511).
[0151]
Next, the case where there are a plurality of third-party organization apparatuses will be described with a focus on the correction steps similar to the above two methods.
[0152]
In step S503, signer apparatus 1 receives third party institution apparatus 3₁ , ..., 3_kEntity authentication with each other.
[0153]
In step S504, the signer apparatus 1 transmits the data h (M) to be signed to the third party institution apparatus 3.₁ , ..., 3_kSend to each.
[0154]
Third-party organization device 3₁ , ..., 3_kIs the time t of the clock to which it refers_iH (M) ‖t connected to h (M)_iThe partial secret key SK held by itself_AT(T_i), The partial signature Sig (SK_AT(T_i), h (M) ‖t_i) Is generated (step S505), and the partial signature Sig (SK_AT(T_i), h (M) ‖t_i) And t_iIs returned to the signer apparatus 1 (step S506).
[0155]
The signer device 1 receives the time t sent from each third-party organization device.₁ , ..., t_kIf these values match, this matched value is assumed to be t, and this value t is compared with the time of the clock to which it refers, and the difference between the two values is within a predetermined tolerance. For example, its own partial secret key SK_ATBy using (T), the partial signature Sig (SK_AT(A), h (M) ‖t) is generated (step S507). Where time t₁ , ..., t_kIf they do not match, the entire signature is not generated.
[0156]
Thereafter, the signer apparatus 1 generates the partial signature Sig (SK_AT(A), h (M) ‖t) and third-party engine device 3₁ , ..., 3_kA plurality of partial signatures Sig (SK_AT(T₁), h (M) ‖t),…, Sig (SK_AT(T_k), h (M) ‖t)_AT, h (M) ‖t) (step S508), and the entire signature is obtained from the third party organization apparatus 3.₁ , ..., 3_k(Step S509).
[0157]
Third-party organization device 3_iThe overall signature Sig (SK_AT, h (M) ‖t) and then the signature log (h (M), t, Sig (SK_AT, h (M) ‖t)) are stored (step S510).
[0158]
Step S511 performed by the signer apparatus 1 is the same as described above.
[0159]
According to the first to third distributed signature methods described above, in any case, it is essential that the signer device and the third-party organization device cooperate to generate a digital signature. In the apparatus, signature log information as information relating to the digital signature is stored, and when the authenticity of the digital signature becomes a problem later, the signature log information can be effectively used.
[0160]
<Revocation of private key>
Next, the signer device 1 and the third-party organization device 3 make a partial secret key SK._AT(A) and SK_ATA secret key revocation process executed when either of the signer apparatus 1 and the third party institution apparatus 3 detects leakage of a secret key after (T) is held in a distributed manner will be described.
[0161]
FIG. 10 is a process flow diagram showing the flow of the revocation process when the signer apparatus 1 detects the leakage of the secret key.
[0162]
The signer device 1 and the third party organization device 3 hold the partial secret key and the public key by any of the methods described above (steps S601 and S602).
[0163]
Thereafter, the signer device 1 has a partial secret key SK._ATIt is assumed that (A) has detected leakage (step S603).
[0164]
In this case, the signer apparatus 1 immediately uses the private key SK._ATIs notified to the third party organization apparatus 3 (step S604). Thereafter, this notification time is set to t₁And
[0165]
Private key SK from signer device 1_ATThe third party apparatus 3 that has received the revocation notification of₁With a secret key SK_ATIs recorded, and after that, the partial secret key SK_ATThe distributed signature request using (T) is not responded (step S605).
[0166]
The signer apparatus 1 transmits the revocation notice to the third party institution apparatus 3, and then the secret key SK._ATIs recorded in the storage unit 15 (step S606). In this step, the private key SK_ATMay be deleted.
[0167]
In addition, when there are two or more third-party organization devices, each third-party organization device 3₁, 3₂, ..., 3_k10 executes the same processing as that in the third party organization device 3 in FIG. 10, but in step S604, the signer device 1 stores the SK of the private key._ATRevocation notices for all third party devices 3₁ , ..., 3_kSend to.
[0168]
FIG. 11 is a process flow diagram for explaining the flow of the revocation process when the third party institution apparatus 3 detects the leakage of the secret key.
[0169]
First, steps S701 and S702 are the same as steps S601 and S602 described above, respectively (see FIG. 10).
[0170]
Thereafter, the partial secret key SK held by the third party organization apparatus 3_ATIt is assumed that (T) has been detected as leaked (step S703). Again, the detection time of secret key leak is t₁And
[0171]
In this case, the third party organization apparatus 3 immediately uses the secret key SK._ATIs notified to the signer apparatus 1 (step S704).
[0172]
The third-party organization device 3 has a partial secret key SK_ATTime t when leakage of (T) was detected₁With a secret key SK_ATIs recorded, and after that, the partial secret key SK_ATThe distributed signature request using (T) is not responded (step S705).
[0173]
The signer apparatus 1 has a secret key SK._ATWhen the revocation of the password is received from the third party organization device 3, the secret key SK_ATIs detected (step S706). After that, the private key SK_AT, And in some cases, its private key SK_ATIs deleted from the storage unit 15.
[0174]
When there are a plurality of third-party organization devices, each of them executes the processing of the third-party organization device 3 of FIG.
[0175]
<Authentication of signature>
Next, processing of the authenticity determination device 7 that determines the authenticity of a digital signature when the digital signature is generated by any one of the distributed signature methods described above will be described. Such authenticity determination processing is assumed to be used in an appropriate mediation organization (court or the like), for example, in mediation in the event of a dispute between the parties regarding the authenticity of a digital signature.
[0176]
Again, the result of signing the message M that is the subject of the digital signature using the secret key SK is represented as Sig (SK, h (M) Mt). Further, h is a hash function, t is a numerical value representing the signature time, and h (M) ‖t represents the concatenation of M and t. Also, the signed message obtained by concatenating M, t and Sig (SK, h (M) ‖t) is expressed as SigMsg (SK, h (M) ‖t) as described above.
[0177]
FIG. 12 is a flowchart for explaining the flow of the digital signature authenticity determination process performed by the authenticity determination apparatus 7 according to the present embodiment.
[0178]
The authenticity determination device 7 sends a signed message SigMsg (SK ′) from the digital signature holder._AT, h (M) ‖t) and public key certificate Cert (PK_AT) Is received (step S801).
[0179]
After that, the received public key certificate Cert (PK_AT) To public key PK_ATIs extracted by the key extraction unit 71 (step S802).
[0180]
In the next step S803, the public key PK extracted in step S802._ATAnd the signed message SigMsg (SK ′ received in step S801_AT, h (M) ‖t) as input, signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, h (M) ‖t)) in the authenticity determination unit 72.
[0181]
This signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, h (M) ‖t)) performs a plurality of operations (verification procedures) on the aforementioned input value, and outputs a value for determining the authenticity of the digital signature as a result. A value of 1 is output as the determination value when the determination is true (YES), and a value of 0 is output when the determination is incorrect (NO).
[0182]
The subsequent steps are the signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, h (M) ‖t)). That is, if the output result of the signature verification procedure is invalid (No), the process proceeds to step S804, and the received signed message is determined to be illegal.
[0183]
On the other hand, when the output result is authentic (YES), the process proceeds to step S805. In step S805, the signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, h (M) ‖t)), the third party apparatus 3 is inquired about the existence of the signature log related to the digital signature, and the corresponding signature log does not exist as a response from the third party apparatus 3 (NO ), The process proceeds to step S806, and the received signed message is determined to be invalid as in step S804.
[0184]
On the other hand, when it is determined as a result of the inquiry to the third party organization apparatus 3 that the signature log corresponding to the third party organization apparatus 3 exists, the signature of the signed message may be authentic. Is determined to be high (step S807).
[0185]
If the authenticity determination method described above is used, the authenticity of the digital signature can be estimated based on the determination result. In the case of mediation at the time of dispute, mediation can be promoted by collecting related information.
[0186]
If there are a plurality of third party institution apparatuses, in step S805, each third party institution apparatus 3₁ , ..., 3_kAre inquired to verify whether there is a corresponding signature log.
[0187]
In the authenticity determination process of the digital signature in the authenticity determination apparatus 7 described above, inquiries regarding the presence / absence of a signature log to one or a plurality of third party institutions are indispensable. Therefore, the legitimacy of the processing performed by the third-party organization device 3 that receives the inquiry (assuming that TTP is not fraudulent) is based on the following three assumptions, and is authentic when a dispute arises regarding the authenticity of the digital signature. It is assumed that the arbitration organization that uses the sex determination device 7 also accepts this premise. In the following description, reference numeral 3 is assigned assuming that there is one third-party engine device, but there is no essential difference even when there are a plurality of cases.
[0188]
TTP non-fraud assumption 1: When the third party institution apparatus 3 detects the leakage of the partial secret key held by itself, the third party institution apparatus 3 records the revocation of the partial secret key. When the revocation of the partial secret key has already been recorded, the signature request with the partial secret key is not responded (see FIG. 11).
TTP Non-Unauthorized Premise 2: When the third party organization apparatus 3 receives the revocation notification of the private key from the signer apparatus 1, it records the revocation of the private key. If the revocation of the partial secret key has already been recorded, the signature request with the partial secret key is not responded (see FIG. 10).
TTP non-fraud assumption 3: The clock referenced by the third-party organization device 3 to determine the signature time is accurate within a certain tolerance range determined by the field in which the digital signature is used.
[0189]
In addition to the above assumptions, the following two conditions are imposed as conditions for realizing the non-generation proof of the digital signature based on the authenticity determination processing described with reference to FIG. (See FIGS. 10 and 11).
[0190]
Realization Condition of Non-Generation Certificate 1: When both the signer device 1 and the third party institution device 3 leak their own partial private key, the signer device 1 The third party institution apparatus 3 detects the leakage of its own partial secret key.
Non-Generation Certification Realization Condition 2: When the partial private key of the signer apparatus 1 leaks and the partial private key held by the third party organization apparatus 3 does not leak, the signer apparatus 1 The leakage is detected and notified to the third party institution apparatus 3.
[0191]
The details of how the non-generation proof is realized based on the TTP non-fraud premise described above and the conditions for realizing the non-generation proof will be described.
[0192]
The following four cases are assumed when a signed message generated by an unauthorized method is transmitted to the authenticity determination device 7.
[0193]
A. When both the partial secret key possessed by the signer apparatus 1 and the partial secret key possessed by the third party institution apparatus 3 are leaked. The attacker device 21 used by the attacker is known to the signer device 1 or the third-party organization device 3 by some method, for example, a cryptographic break (calculating a secret key from a verification public key by a large amount of calculation). This situation also includes the situation where the entire private key is acquired.
[0194]
B. The partial secret key held by the signer apparatus 1 leaks while the partial secret key held by the third party organization apparatus 3 does not leak. In this case, the attacker device 21 who has illegally acquired the partial secret key possessed by the signer device 1 passes the authentication of the third party device 3 in some way in the distributed signature generation procedure, thereby signing the device 1. Impersonate and generate a distributed signature.
[0195]
C. The partial secret key of the signer apparatus 1 does not leak, while the partial secret key of the third party organization apparatus 3 leaks. In this case, the attacker device 21 that has illegally acquired the partial secret key possessed by the third party organization device 3 passes the third party organization authentication for the signer device 1 by some method in the distributed signature generation procedure. Impersonate the three-party organization device 3 to generate a distributed signature.
[0196]
D. The partial secret key possessed by the signer apparatus 1 does not leak and the partial secret key possessed by the third party organization apparatus 3 does not leak. In this case, the attacker device 21 generates a digital signature using a different secret key without acquiring a secret key.
[0197]
How the signature non-generation certificate is realized in each of the cases A to D will be described in detail with reference to Table 1 shown below.
[0198]
[Table 1]

First, regarding the case A, there are the following four cases in more detail.
[0199]
A-1. A case where the third party organization apparatus 3 that has detected the leakage of the partial private key of itself does not respond to a signature request using the partial private key.
[0200]
In this case, a signed message cannot be generated so as to pass the signature verification and leave the signature log in the third party organization apparatus 3 without using a valid method. Therefore, when authenticity determination is performed based on the authenticity determination procedure of the digital signature (see FIG. 12), it is determined that the signed message that is the target is generated by an unauthorized method. Specifically, in step S803 or S805 of FIG. 12, the signed message that is the object of authenticity determination is determined to be invalid (corresponding to the determination in step S804 or S806), and the digital signature non-generation certificate is established. (○).
[0201]
A-2. The third party apparatus 3 does not detect the leakage of the partial secret key that the third party apparatus 3 has, and the signer apparatus 1 detects the leakage of the partial secret key that the third party apparatus 3 has. When notifying the expiration of the private key corresponding to the private key.
[0202]
In this case, after the third party organization device 3 receives the revocation notification from the signer device 1, the third party organization device 3 receives a signature request using the partial secret key, and then the third party The institutional device 3 detects that the private key corresponding to the partial private key has expired from the record of the revocation notification, and does not respond to the signature request, so it passes the signature verification without using a valid method. However, a signed message cannot be generated so that the signature log of the third party organization apparatus 3 remains. Therefore, in authenticity determination of a digital signature, there is no other way than the subject signed message is generated by an illegal method. That is, in step S803 or S805 in FIG. 12, the signed message to be arbitrated is determined to be invalid (corresponding to the determination in step S804 or S806), and the digital signature non-generation certificate is established (◯).
[0203]
A-3. The third party organization device 3 does not detect leakage of its own partial secret key, and the signer device 1 detects leakage of its own partial secret key. When the engine device 3 is not notified.
[0204]
In this case, although “realization condition 1 for non-generation proof” is not satisfied and the digital signature is generated without using a valid method, an illegal signature is obtained in the authenticity determination process of FIG. May not be determined (corresponding to 302 in FIG. 20). Specifically, there is a possibility that it is determined as Yes in step S803 in FIG. 12 and further determined as Yes in step S805. In other words, there is a possibility that a non-generated proof of the digital signature cannot be performed even when the digital signature is generated by an illegal method (◯ or ×).
[0205]
A-4. The third party apparatus 3 does not detect leakage of its own partial secret key, and the signer apparatus 1 does not detect leakage of its own partial secret key. The situation where the attacker device 21 obtains the entire secret key without being known to the signer device 1 or the third party organization device 3 by some method such as a cryptographic break is also included in this case.
[0206]
Also in this case, it is determined that the authenticity determination process in FIG. 12 is illegal even though “realization condition 1 for non-generation proof” is not satisfied and the digital signature is generated without using a valid method. May not occur (corresponding to 302 in FIG. 20), and the non-generation proof may not be realized (O or X). The specific flow of authenticity determination processing in which this occurs is the same as in A-3 above.
[0207]
Next, Case B will be described. In case B, there are three cases in more detail:
[0208]
B-1. The signer apparatus 1 detects the leakage of its own partial secret key and notifies the third party institution apparatus 3 of the expiration of the secret key corresponding to the partial secret key.
[0209]
In this case, after the third party apparatus 3 receives the revocation notification, the third party apparatus 3 receives a signature request using the partial secret key. Detects that the private key corresponding to the partial private key has expired from the record of the revocation notice, and does not respond to the signature request. Therefore, a signed message that passes signature verification cannot be generated without using a valid method. Therefore, when the arbitration procedure for the authenticity of the digital signature is performed, the signed message to be arbitrated is nothing but an illegal method. Specifically, in step S803 in FIG. 12, the signed message to be arbitrated is determined to be illegal (corresponding to the determination in step S804), and a signature non-generation certificate is established (◯).
[0210]
B-2. The signer apparatus 1 does not notify the revocation of the corresponding private key to the third party institution apparatus 3 even though the signer apparatus 1 has detected the leakage of the partial private key it has.
[0211]
In this case, “real condition 2 for non-generation proof” is not satisfied, and the digital signature is generated without using a valid method, but the authenticity determination process shown in FIG. It may not be determined as a digital signature (corresponding to 302 in FIG. 20).
[0212]
Specifically, the attacker device 21 who has illegally acquired the partial secret key possessed by the signer device 1 passes the user authentication to the third-party organization device 3 in some way in the distributed signature generation procedure, thereby authenticating the principal. It is possible to generate spoofed and distributed signatures. In this case, it is determined as Yes in step S803 in FIG. 12, and further determined as Yes in the determination in step S805. In other words, there is a case where the signature non-generation proof cannot be performed even when the digital signature is generated by an illegal method (◯ or ×).
[0213]
B-3. The signer apparatus 1 also does not detect leakage of its partial secret key.
[0214]
In this case, “realization condition 2 for non-generation proof” is not satisfied and the signature is not determined by the arbitration procedure in FIG. 12 even though the signature is generated without using a valid method. It can happen. Specifically, it may not be possible to perform non-signature proof of signature even though the digital signature is generated by an illegal method by the same procedure as described in the case (B-2) ( ○ or ×).
[0215]
Third, Case C will be described. There are the following two cases in detail.
[0216]
C-1. When the third party apparatus 3 detects the leakage of its own partial secret key and does not respond to a signature request using the partial secret key thereafter.
[0217]
In this case, the attacker device 21 that has illegally acquired the partial secret key possessed by the third party organization device 3 passes the third party organization authentication for the signer device 1 by some method in the distributed signature generation procedure. It is possible to generate a distributed signature by impersonating the three-party organization apparatus 3. However, since the third-party organization device 3 does not respond to a signature request using the partial secret key, it is impossible to leave the signature log in the signature log of the third-party organization device 3. Therefore, when the digital signature authenticity determination process is performed, the signed message to be determined can be determined as Yes in step S803 in FIG. 12, but is determined as No in step S805 ( Corresponding to the determination in step S806), it is determined that the digital signature is invalid. As a result, a non-generation proof is established (◯).
[0218]
C-2. The third party apparatus 3 does not detect the leakage of its partial secret key.
[0219]
Also in this case, as in the case of C-1 described above, the attacker device 21 who illegally obtained the partial secret key possessed by the third party organization device 3 uses some method in the distributed signature generation procedure. It is possible to impersonate the third party institution device 3 and generate a distributed signature by passing the third party institution authentication. When the authenticity of the signed message generated in this way is determined, as in the case C-1, the signed message is determined to be an invalid signature, and a non-generated certificate is established (◯).
[0220]
In this case, when the signer device 1 transmits a request for the distributed signature to the third party organization device 3, the third party organization device 3 responds to the request, despite the partial leakage of the private key. A signed message may be generated by a valid distributed signature procedure. When the signed message generated in this way is brought into the authenticity determination device 7, it is determined that the signed message is valid, and prevention of denial is realized.
[0221]
Finally, Case D will be described.
In this case, when the authenticity determination process of the digital signature is performed on the illegally generated signed message, it is determined No in step S803 in FIG. 12, and the digital signature is determined to be invalid (step S804). Corresponding to the determination of). Therefore, the non-generated proof of the digital signature is realized (corresponding to 201 in FIG. 20, ○).
[0222]
To summarize the above, it is possible that the non-generation proof of the digital signature may not be realized in the case A-3, the case A-4, the case B-2, and the case B-3. This is a time when the attacker device 21 that has obtained the secret key passes the personal authentication in the third party organization device 3.
[0223]
Among these, in order to make it impossible to realize the non-generated digital signature in the cases A-3 and A-4, the partial secret key possessed by the third party organization apparatus 3 leaks without being detected by itself, In addition, the attacker device 21 who obtained the partial secret key of the signer device 1 illegally without the signer device 1 notifying the partial secret key of the signer device 1 leaked is a third party organization device. It is necessary to pass the authentication in step 3.
[0224]
In cases B-2 and B-3, in order to make it impossible to realize the non-generational proof of the digital signature, the partial secret key of the signer apparatus 1 is leaked, but the corresponding secret key revocation notification is sent to a third party. The attacker device 21 that has not been made to the device 3 and obtained the partial secret key of the signer device 1 illegally needs to pass the authentication in the third-party organization device 3.
[0225]
Here, as an example of a case where a dispute occurs regarding the authenticity of the digital signature, it is determined that the digital signature has been illegally forged by the determination by the authenticity determination device 7, and as a result, there is a non-generated proof of the owner of the private key. The case where it is determined will be specifically described.
[0226]
FIG. 13 is a process flow diagram showing the generation history of a signed message when a signed message whose authenticity is a problem is forged by the attacker device 21.
[0227]
In the figure, time t_bThe partial secret key SK held by the signer apparatus 1_ATAssume that (A) has leaked (step S902).
[0228]
The signer apparatus 1 detects this leakage and detects the secret key SK._AT3 is immediately notified to the third party organization apparatus 3 (step S903).
[0229]
Then t_c> T_bTime t_cThe attacker device 21 is t_a <T_bA time value t such that_aSigned message with SigMsg (SK ’_AT, h (M) ‖t_a) Is forged (step S904).
[0230]
Note that “?” Is added to step S901 in FIG._aSigned message (SigMsg (SK_AT, h (M) ‖t_a)) Is genuine, meaning that it is a problem.
[0231]
The attacker device 21 sends the signed message SigMsg (SK ′) created through the generation history described above._AT, h (M) ‖t_a) Is transmitted to the authenticity determination device 7.
Subsequent processing will be described again with reference to the flowchart of FIG.
[0232]
In step S801, a signed message SigMsg (SK ′) is received from the digital signature holder (actually the attacker device 21)._AT, h (M) ‖t_a) Receives the secret key SK included in the received signed message in step S802._ATPublic key PK corresponding to_ATTo extract.
[0233]
Thereafter, the authenticity determination device 7 sends the signed message SigMsg (SK ′_AT, h (M) ‖t_a) And the signed message SigMsg (SK ’_AT, h (M) ‖t_a) Public key PK extracted from_ATAnd the signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, h (M) ‖t_a)) Is executed, and the next step is selected depending on whether the result is authentic (Yes) or incorrect (No) (step S803).
[0234]
In order for the result of the signature verification in step S803 to be Yes, a device that performs a plurality of partial signatures on the message M, including the signer device 1 and the third-party organization device 3, has a partial secret key SK._AT(A) and SK_ATIt is necessary to perform distributed signature using a plurality of partial secret keys including (T). However, the signed message SigMsg (SK ′ having the generation history shown in FIG._AT, h (M) ‖t_aIn the case of (3), since the third party institution apparatus 3 does not execute the distributed signature that it is in charge of, the result of the signature verification in step S803 cannot be Yes. Therefore, the signed message SigMsg (SK ’_AT, h (M) ‖t_a) Is determined to be illegal, and a signature non-generation certificate for the signer apparatus 1 is established.
[0235]
According to the first embodiment of the present invention described above, in order to generate a digital signature using a certain secret key, a signer (device) who is the original owner of the secret key and a third party (device) ) Can generate a digital signature generation method that cannot be generated without cooperation.
[0236]
Further, according to the present embodiment, when a digital signature using a private key held by the signer device is generated without the signer device signing, the signature stored in the third party organization device By providing a digital signature generation system that makes the facts clear from log information, when a dispute arises later and the authenticity of the digital signature becomes a problem, non-signature (device) Generation proof can be realized.
[0237]
In this sense, the above-described prior art means that as long as the third party institution apparatus 3 operates normally and a partial secret key is leaked, the leak is detected and the signature of the corresponding secret key is notified. It is notable that the situation where the true / false of this is a problem is impossible, and that the non-generation proof of the signer who is the original owner of the private key can be easily realized.
[0238]
(Second Embodiment)
FIG. 14 is an explanatory diagram showing the overall configuration of a system according to the second embodiment of the present invention. As shown in the figure, the system assumed in the present embodiment includes a time authentication provided in a time-stamp authority (TSA) as an upper organization in addition to the same device as in the first embodiment. Engine devices 9 are connected to each other via a communication network 41. The time certification authority device 9 is composed of an electronic device, as is the case with other devices.
[0239]
Note that the secret key is distributed and generated in the same manner as in the first embodiment. That is, the signer apparatus 1 has a partial secret key SK._AT(A) the third party engine device 3₁, 3₂, ..., 3_k(K is a positive integer) is a partial secret key SK_AT(T₁) ... SK_AT(T_k) Respectively. The whole secret key is SK_AT= SK_AT(A) + SK_AT(T₁ ) + ... + SK_AT(T_k ) Is the same as in the first embodiment.
[0240]
Also in the present embodiment, the result of signing the message M to be digitally signed using the secret key SK is represented by using the same symbol “Sig” as in the first embodiment, Sig (SK, h (M)). Here, h represents a hash function. Furthermore, a signed message obtained by concatenating M and Sig (SK, h (M)) is also described as SigMsg (SK, h (M)) using the symbol “SigMsg”.
[0241]
<Distributed signature>
FIG. 15 is a processing flowchart showing the processing contents of the distributed signature generation method according to the second embodiment of the present invention. Here, the case where the system is composed of one third party institution apparatus 3 will be described first.
[0242]
The signer device 1 and the third-party organization device 3 have (SK) as a set of (partial secret key, public key)_AT(A), PK_AT) And (SK_AT(T), PK_AT) Are held respectively (steps S1001 and S1002).
[0243]
The signer apparatus 1 uses the hash value h (M) of the message to be signed using the partial signature Sig (SK_AT(A), h (M)) are generated (step S1003).
[0244]
Next, the signer device 1 and the third party organization device 3 perform entity authentication with each other (step S1004). That is, identity authentication by the third party organization device 3 for the signer device 1 and third party organization authentication by the signer device 1 for the third party organization device 3 are performed.
[0245]
After that, the signer apparatus 1 performs the partial signature Sig (SK_AT(A), h (M)) and the hash value h (M) of the message to be signed are sent to the third party organization apparatus 3 (step S1005).
[0246]
On the other hand, the third party institution apparatus 3 uses the partial secret key SK held by itself for the received hash value h (M)._AT(T) is applied and the partial signature Sig (SK_AT(T), h (M)) are generated (step S1006), and the partial signature Sig (SK of the signer device 1 sent from the signer device 1 is sent._AT(A), h (M)) and the partial signature Sig (SK_AT(T), h (M)) are combined to create the overall signature Sig (SK_AT, H (M)) is generated (step S1007).
[0247]
In subsequent step S1008, the third party institution apparatus 3 generates the generated overall signature Sig (SK_AT, H (M)) is the hash value of h (Sig (SK_AT, H (M))) time certificate request TSTReq (h (Sig (SK_AT, h (M)))) is transmitted to the time certification authority apparatus 9 (step S1008).
[0248]
Request time certificate TSTReq (h (Sig (SK_AT, H (M)))), the time certification authority apparatus 9 receives the time certificate TST (h (Sig (SK_AT, M)), t) are returned to the third party institution apparatus 3 (step S1009).
[0249]
This time certificate TST (h (Sig (SK_AT, M)), t), the third party organization apparatus 3 receives the whole signature Sig (SK_AT, H (M)) and time certificate TST (h (Sig (SK_AT, M)), t) are transmitted to the signer apparatus 1 (step S1010).
[0250]
The signer apparatus 1 receives the received overall signature Sig (SK for later use._AT, H (M)) is stored in the storage unit 15 or used by another method such as issuing it to another third party (step S1011).
[0251]
On the other hand, the third-party organization device 3 uses the signature log (h (M), t, Sig (SK_AT(T), h (M)) and time certificate TST (h (Sig (SK_AT, M)), t) are stored in the storage unit 35 (step S1012).
[0252]
In the digital signature distributed generation process in the first embodiment described above, the time t is concatenated to the hash value h (M) of the message to be digitally signed, and the result h (M) ｈt is obtained. Thus, the signature time and the digital signature are associated by executing the digital signature. On the other hand, in this embodiment, since a time certificate can be obtained for a digital signature, a digital signature is executed for h (M) ‖t in order to associate the signature time with the digital signature. It is not necessary to perform digital signature on the hash value h (M).
[0253]
In addition, when there are two or more third-party engine devices, the third-party engine device 3₁, 3₂, ..., 3_kA representative third party institution apparatus is selected from among the above, and the selected third party institution apparatus executes the same processing as described above. In that case, the following modifications are made.
[0254]
First, in step S1005, the signer apparatus 1 receives the third party institution apparatus 3.₁ , ..., 3_k Entity authentication with each other.
[0255]
Subsequently, in step S1005, Sig (SK_AT(A), h (M)) and h (M) are transmitted to the representative third-party organization device, and then only h (M) is transmitted to the other third-party organization devices. The third-party organization device other than the representative third-party organization device that received h (M) receives the partial signature Sig (SK_AT(T), h (M)) is generated and transmitted to the representative third-party organization device.
[0256]
In step S1007, the representative third-party organization device sends the partial signature Sig (SK_AT(A), h (M)) and partial signature Sig (SK_AT(T_i), h (M))_AT, h (M)). Here, i = 1,..., K.
[0257]
Steps S1008 and S1009 are performed by each third-party organization apparatus.
[0258]
After that, the representative third-party organization device makes the overall signature Sig (SK_AT, h (M)) and time certificate TST (h (Sig (SK_AT, M)), t) are transmitted to the signer apparatus 1 and other third party institution apparatuses.
[0259]
This overall signature Sig (SK_AT, h (M)) and time certificate TST (h (Sig (SK_AT, M)), t) receive the signature log (h (M), t, Sig (SK_AT(T_i), h (M)) and time certificate TST (h (Sig (SK_AT, M)), t) are stored (corresponding to step S1012).
[0260]
The distributed signature generation method according to the present embodiment has the same effects as those of the first embodiment, and in addition to requesting certification from a specialized time certification authority, the time In addition, it is possible to avoid a situation in which a digital signature cannot be generated because clocks used by a plurality of entities that perform distributed signatures have errors.
[0261]
<Revocation of private key>
Next, the signer apparatus 1 and the third party institution apparatus 3 each have a partial secret key SK._AT(A) and SK_ATA secret key revocation process executed when either the signer apparatus 1 or the third party institution apparatus 3 detects the leakage of the secret key after (T) is held in a distributed manner will be described.
[0262]
FIG. 16 is a process flow diagram for explaining the flow of the revocation process when the signer apparatus 1 detects the leakage of the private key.
[0263]
The processing in steps S1101 and S1102 represents a step in which each device generates and holds a partial secret key and a public key by a predetermined key generation method.
[0264]
Thereafter, the signer device 1 has a partial secret key SK._ATAssume that the leakage of (A) is detected (step S1103).
[0265]
At this time, the signer apparatus 1 immediately uses the secret key SK._ATIs notified to the third party organization apparatus 3 (step S1104).
[0266]
The third party institution apparatus 3 that has received this notification receives the secret key SK._ATPublic key PK paired with_ATIs requested to the certification authority apparatus 5 that has issued the public key certificate (step S1105).
[0267]
The certification authority device 5 that has received the revocation request from the third party organization device 3 receives the time t when the revocation request is received.₁With public key PK_ATIs recorded (step S1106), and the response to the revocation request (PK_ATAs the certificate revocation response) at time t₁PK with_ATThe certificate of receipt of the revocation notification is sent to the third-party organization apparatus 3 (step S1107).
[0268]
Thereafter, the third party institution apparatus 3 receives the received PK_ATThe certificate of receipt of the revocation notification is transferred to the signer apparatus 1 (step S1108), and the PK_ATIs stored in the storage unit 35 (step S1109).
[0269]
PK_ATThe signer device 1 to which the certificate of receipt of the revocation notice is transferred from the third-party organization device 3 is also received by the signer device 1_ATIs stored in the storage unit 15 (step S1110).
[0270]
The format of the request for revocation of public key certificate and the certificate revocation response to the request shall comply with the standard defined in R. Housley et al., RFC2459 “Internet X.509 Public key Infrastructure Certificate and CRL Profile”. It may be.
[0271]
When there are a plurality of third-party organization devices, each of them executes the processing of the third-party organization device 3 in FIG.
[0272]
FIG. 17 is a process flow diagram for explaining the flow of the revocation process when the third party institution apparatus 3 detects the leakage of the secret key.
[0273]
Steps S1201 and S1202 are the same processes as steps S1101 and S1102 in FIG.
[0274]
Thereafter, the third party organization apparatus 3 has its own partial secret key SK._ATAssume that the leakage of (T) is detected (step S1203).
[0275]
Partial secret key SK_ATThe third party organization apparatus 3 that has detected the leakage of (T) immediately sends the secret key SK._ATPublic key PK paired with_ATIs requested to the certification authority apparatus 5 (step S1204).
[0276]
Subsequent steps S1205, S1206,..., S1209 are the same as the case described above with reference to FIG.
[0277]
Also in this case, when there are a plurality of third party institution apparatuses, each of them executes the processing of the third party institution apparatus 3 in FIG.
[0278]
<Authentication of signature>
Next, processing of the authenticity determination device 7 that determines the authenticity of a digital signature when the digital signature is generated by any one of the distributed signature methods described above will be described.
[0279]
FIG. 18 is a flowchart for explaining the flow of the digital signature authenticity determination process performed by the authenticity determination apparatus 7.
[0280]
The authenticity determination device 7 sends a signed message SigMsg (SK ′) from the digital signature holder._AT, H (M)) and public key certificate Cert (PK_AT) Is received (step S1301).
[0281]
After that, the received public key certificate Cert (PK_AT) To public key PK_ATIs extracted by the key extraction unit 71 (step S1302).
[0282]
In the next step S1303, the public key PK extracted in step S1302_ATAnd the signed message SigMsg (SK ′ received in step S1301_AT, H (M)) as an input and signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, H (M))) are executed in the authenticity determination unit 72.
[0283]
Signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, H (M))) is substantially the same as the signature verification operation in the first embodiment. In this step, if the output of the signature verification operation is invalid (NO), the process proceeds to step S1304 and the signed message SigMsg (SK ′_AT, H (M)) is determined to be invalid. On the other hand, if the output result is authentic (YES), the process proceeds to step S1305.
[0284]
In step S1305, the signature verification operation Veri (PK_AT, SigMsg (SK ’_AT, H (M))), the third party apparatus 3 is inquired about the presence or absence of the signature log and time certificate of the digital signature, and when both the signature log and the time certificate exist (NO) When signed message SigMsg (SK '_AT, H (M)) is determined to be invalid (step S1306).
[0285]
If both the signature log and the time certificate exist in the third party organization apparatus 3 in step S1305 (YES), the process proceeds to step S1307, and whether or not the information of the time certificate and the signature log match without contradiction. Judgment is made.
[0286]
In this case, the signature log is represented by (h (M), t, Sig (SK_AT(T), h (M))) and the time certificate as TST (h (Sig (SK_AT, M), t), the public key corresponding to the private key used for issuing the time certificate of the time certification authority device 9 is PK_TSAThe time certificate TST (h (Sig (SK_AT, M), t) for the digital signature_TSAThe hash value of the signature target restored by operating is h (Sig (SK_AT(T), h (M))) and time t are concatenated to determine whether or not they are equal to the hash value. If the result of this determination is No, the signed message SigMsg (SK ’_AT, H (M)) is determined to be invalid (step S1308).
[0287]
On the other hand, if Yes, the signature log (h (M), t, Sig (SK_AT(T), h (M))) is extracted (step S1309), and the public key certificate Cert (PK_AT) To the certification authority device 5 that issued the public key PK at time t_ATIt is inquired whether or not is valid (step S1310).
[0288]
In response to this inquiry, if the response from the certification authority device 5 is “Yes”, the signed message SigMsg (SK ′_ATIt is determined that there is a high possibility that the signature of (T), h (M)) is authentic (steps S1311 (YES) and S1313). On the other hand, if the answer is No, the signed message SigMsg (SK ’_ATIt is determined that the signature of (T), h (M)) is invalid (steps S1311 (NO) and S1312).
[0289]
If the authenticity determination method described above is used, as in the first embodiment, the authenticity of the signature is estimated, and in the case of mediation at the time of dispute, the mediation proceeds by collecting related information. Can be.
[0290]
If there are a plurality of third-party organization devices, in step S1305, each third-party organization device 3₁ , ..., 3_kEach of these shall check the existence of the signature log and time certificate.
[0291]
In step S1306, the third party institution apparatus 3₁ , ..., 3_kFor each of these, it is checked whether the recorded signature log and time certificate information are consistent with each other.
[0292]
When the third-party organization apparatus 3 that provides services for digital signatures uses the time certification authority apparatus 9, the signer apparatus 1 as a general entity including an individual uses the time certification authority apparatus 9. Unlike the case where it is used (the case described with reference to FIG. 19), the acquisition of the time certificate issued by the time certification authority apparatus 9 is included in the service contract etc., so that it is obliged to acquire the time certificate for the digital signature. The same effect as that obtained can be obtained.
[0293]
In this case, when it is necessary to determine the authenticity of an illegal digital signature generated by means other than legitimate means (for example, when a dispute occurs), the conditions described in the first embodiment ( It is possible to provide a non-generated certificate of a digital signature to the signer apparatus 1 under the assumptions 1, 2, and 3 of TTP non-fraud and the realization conditions 1, 2) of the non-generated certificate.
[0294]
Further, when the partial secret key is leaked, the certificate authority apparatus 5 is notified of the revocation request for the public key that makes a pair with the entire secret key including the partial secret key, by the procedure shown in FIG. 16 or FIG. Thus, it is possible to realize a non-generated proof of a digital signature even if a part of the above-mentioned assumptions 1, 2, and 3 for TTP non-fraud are omitted. More specifically, by adopting the authenticity determination process shown in FIG. 18, among the contents described in the assumptions 1 and 2 of TTP non-illegal, “when the partial secret key revocation is recorded” ”Shall not respond to the signature request with the partial secret key” and the assumption 3 that TTP is not illegal. This is because, when a digital signature using the private key is made after the private key for digital signature has expired, a time certificate related to the digital signature and a public key recorded / stored in the certification authority device 5 This is because it is possible to determine whether or not the digital signature has been made after the private key has been revoked by checking against the certificate revocation record.
[0295]
According to the second embodiment of the present invention described above, the same effects as those of the first embodiment described above can be obtained.
[0296]
In addition, according to the present embodiment, since the certification of a specialized time certification authority can be used for the time information, the reliability and accuracy of the time information can be improved. As a result, it is possible to avoid a situation in which a digital signature cannot be generated due to an error in a clock used by a plurality of entities that perform distributed signatures.
[0297]
In this embodiment, it is assumed that the RSA public key cryptosystem is used as in the first embodiment, but the same effect can be obtained when various other public key cryptosystems are adopted. It goes without saying that it can be obtained.
[0298]
【The invention's effect】
As is clear from the above description, according to the present invention, when generating a digital signature using a secret key, the digital signature is generated from the secret key without being signed by the signer who is the original owner of the secret key. If it is generated, the digital data in the signer device that can make the fraudulent fact clear from the signature log information of the third party organization and can realize the non-signature proof of signature for the original owner of the private key Signature method, digital signature method in third party organization device, digital signature authenticity judgment method, signer device, third party organization device, digital signature authenticity judgment device, digital signature program for signer device, third party A digital signature program for an engine device, a digital signature authenticity determination program, and a program recording medium can be provided.
[0299]
This allows not only a proof that the original owner of the private key did not sign a counterfeited digital signature, that is, a non-signature proof of signature, but also a genuine digital signature. Can also have the effect of disapproving the private key by the original owner.
[Brief description of the drawings]
FIG. 1 is an explanatory diagram showing a configuration of an entire system according to a first embodiment of the present invention.
FIG. 2 is a functional block diagram illustrating an outline of functions of a signer apparatus.
FIG. 3 is a functional block diagram showing an outline of functions possessed by a third party organization apparatus.
FIG. 4 is a functional block diagram showing an outline of functions of the authenticity determination device.
FIG. 5 is a processing flowchart showing a first method of secret key distributed generation;
FIG. 6 is a processing flowchart showing a second method of secret key distributed generation;
FIG. 7 is a processing flowchart showing the processing contents of a distributed signature generation method (first method) according to the first embodiment of the present invention;
FIG. 8 is a processing flowchart showing the processing contents of a distributed signature generation method (second method) according to the first embodiment of the present invention;
FIG. 9 is a processing flowchart showing the processing contents of a distributed signature generation method (third method) according to the first embodiment of the present invention;
FIG. 10 is a processing flowchart for explaining the flow of revocation processing when the signer apparatus detects leakage of a secret key in the first embodiment of the present invention.
FIG. 11 is a processing flowchart for explaining the flow of revocation processing when a third-party organization apparatus detects leakage of a secret key in the first embodiment of the present invention.
FIG. 12 is a flowchart illustrating a flow of digital signature authenticity determination processing performed by the authenticity determination apparatus in the first embodiment of the present invention.
FIG. 13 is a process flow diagram showing a generation history when a signed message whose authenticity is a problem is forged by an attacker device in the first embodiment of the present invention.
FIG. 14 is an explanatory diagram showing a configuration of the entire system according to a second embodiment of the present invention.
FIG. 15 is a processing flowchart showing the processing contents of the distributed signature generation method according to the second embodiment of the present invention.
FIG. 16 is a processing flowchart for explaining the flow of revocation processing when the signer apparatus detects leakage of a secret key in the second embodiment of the present invention.
FIG. 17 is a process flow diagram illustrating the flow of revocation processing when a third-party organization apparatus detects leakage of a secret key in the second embodiment of the present invention.
FIG. 18 is a flowchart illustrating the flow of a digital signature authenticity determination process performed by an authenticity determination apparatus in the second embodiment of the present invention.
FIG. 19 is a process flow diagram illustrating an example of a scenario in which a non-generated proof of a digital signature is realized.
FIG. 20 is an explanatory diagram showing a relationship between non-repudiation in a digital signature and a non-generated certificate of a digital signature.
[Explanation of symbols]
1 Signer device
3, 3₁ , 3₂ , ..., 3_k  Third party organization equipment
5 Certification authority equipment
7 authenticity judgment device
9 Time certification authority equipment
11, 31 Key generator
12, 32 Signature generator
13, 33 Authentication section
14 Message creation department
15, 35, 73 Storage unit
16, 36, 74 Transceiver
17, 37, 75 Input / output section
21 Attacker device
34 Certificate Request Creation Department
41 Communication network
71 Key Extractor
72 Authenticity Judgment Unit

Claims (10)

In order to perform a digital signature using a public key cryptosystem, a signer device that possesses a secret key and performs a digital signature based on the public key cryptosystem, and a third party independent of the public key certification authority In a system in which a third party institution apparatus provided is connected via a communication network, the signer apparatus and the third party institution apparatus cooperate to generate the secret key and divide from the secret key A digital signature method in a signer apparatus executed by the signer apparatus having a storage unit for storing the partial private key possessed when each apparatus possesses any of the partial secret keys formed Because
Creating a partial signature, which is a partial digital signature, using the signature target data composed of the hash value of the message to be signed and the current time, and the partial secret key read from the storage unit;
Transmitting the partial signature created in this step and the signature target data to the third party organization device;
By combining the partial signature transmitted in this step with the partial signature generated by using the partial private key possessed by the third party organization apparatus, an overall signature which is a digital signature generated by the third party organization apparatus is obtained. Receiving and storing in the storage unit. A digital signature method in a signer apparatus. In order to perform a digital signature using a public key cryptosystem, a signer device that possesses a secret key and performs a digital signature based on the public key cryptosystem, and a third party independent of the public key certification authority In a system in which a third party institution apparatus provided is connected via a communication network, the signer apparatus and the third party institution apparatus cooperate to generate the secret key and divide from the secret key A digital signature method in a signer apparatus executed by the signer apparatus having a storage unit for storing the partial private key possessed when each apparatus possesses any of the partial secret keys formed Because
Creating a partial signature, which is a partial digital signature, using the signature target data composed of the hash value of the message to be signed and the current time, and the partial secret key read from the storage unit;
A signer comprising the step of: generating a whole signature which is a digital signature formed by combining the partial signature created in this step and the partial signature created from the partial private key held by the third party organization device A digital signature method in a device.   3. The signature according to claim 1, wherein the partial signature is configured by applying the partial secret key to a value obtained by concatenating a hash value of the message to be signed and a value representing the current time. Method of digital signature in a user device. The step of notifying the third party device of the expiration of the secret key corresponding to the partial secret key when the leakage of the partial secret key is detected is further executed. 2. A digital signature method in a signer apparatus according to item 1. 4. The method according to claim 1, further comprising the step of detecting and recording the revocation of the private key when the revocation of the private key corresponding to the partial private key is notified from the third party organization device. A digital signature method in a signer apparatus according to any one of the above. In order to perform a digital signature using a public key cryptosystem, a signer device that possesses a secret key and performs a digital signature based on the public key cryptosystem, and a third party independent of the public key certification authority In a system in which a third party institution apparatus provided is connected via a communication network, the signer apparatus and the third party institution apparatus cooperate to generate the secret key and divide from the secret key When each device possesses any of the partial private keys formed, the signer device comprising a storage unit for storing the possessed partial private key,
Creating a partial signature, which is a partial digital signature, using the signature target data composed of the hash value of the message to be signed and the current time, and the partial secret key read from the storage unit;
Transmitting the partial signature created in this step and the signature target data to the third party organization device;
By combining the partial signature transmitted in this step with the partial signature generated by using the partial private key possessed by the third party organization apparatus, an overall signature which is a digital signature generated by the third party organization apparatus is obtained. A digital signature program for a signer apparatus, wherein the digital signature program receives the information and stores it in the storage unit. In order to perform a digital signature using a public key cryptosystem, a signer device that possesses a secret key and performs a digital signature based on the public key cryptosystem, and a third party independent of the public key certification authority In a system in which a third party institution apparatus provided is connected via a communication network, the signer apparatus and the third party institution apparatus cooperate to generate the secret key and divide from the secret key When each device possesses any of the partial private keys formed, the signer device comprising a storage unit for storing the possessed partial private key,
Creating a partial signature, which is a partial digital signature, using the signature target data composed of the hash value of the message to be signed and the current time, and the partial secret key read from the storage unit;
Generating a whole signature which is a digital signature formed by combining the partial signature created in this step and the partial signature created from the partial private key held by the third-party organization device. Digital signature program for a user device. The partial signature, signature according to claim 6 or 7, characterized in that it is configured to act the part secret key to a value obtained by concatenating the value representing the current time and the hash value of the message to be the signature target Digital signature program for a user device. When detecting the leakage of the partial secret key, any one of claims 6 to 8, characterized in that to further execute the step of notifying the revocation of the private key to said third party device corresponding to the portion secret key A digital signature program for a signer apparatus according to item 1. The third party when it is notified revoked private key from the engine unit corresponding to the partial secret key, according to claim 6 to 8, characterized in that to perform the step of recording by detecting the expiration of the secret key further A digital signature program for a signer device according to any one of the above.

Images