JP4214404B2 - Communication device - Google Patents

Description

  The present invention relates to a communication device capable of encrypted communication.

  With recent development of LAN and Internet technologies, communication such as e-mail using a data exchange network is actively performed. However, leakage of information on the communication path is a problem, and particularly a serious problem on the Internet.

  As a technique for ensuring the safety of information in a communication path, there is encryption communication. For example, the information is encrypted on the transmission side, the information is transmitted in an encrypted state on the communication path, and the encrypted information is decrypted on the reception side. Since the information is encrypted on the communication path, the information can be safely sent from the transmission side to the reception side.

  However, just because the transmission side has the function of encrypted communication, it does not necessarily mean that encrypted communication is possible. For example, if the encryption method used on the transmission side is different from that on the reception side, decryption cannot be performed on the reception side. For example, as described in Patent Document 1, there is a technique in which an encryption method on the receiving side is registered in advance, information is encrypted using an encryption method according to a destination, and communication is performed. As a result, communication failure due to a difference in encryption method can be avoided.

  There are other reasons why encryption communication cannot be performed. For example, when the receiving side does not have the function of encryption communication, encryption communication cannot be performed. For this reason, there has been a situation in which the receiving side that has received the encrypted information cannot decrypt and cannot understand the contents.

  In addition, although the receiving side has a function of encrypted communication, there is a case where key information for encryption corresponding to the receiving side cannot be acquired on the transmitting side. In such a case, there is a problem in that information is sent without being encrypted and exposed to danger such as leakage.

  Further, even when encryption communication can be performed between the transmission side and the reception side, the security of encryption communication may be low. When the importance of information is high, it may be better not to communicate, no matter how much encrypted communication is possible. However, conventionally, the security of such cryptographic communication has not been considered.

Japanese Patent Laid-Open No. 2001-237872

  The present invention has been made in view of the above-described circumstances, and an object of the present invention is to provide a communication apparatus capable of reliably sending information by encrypted communication.

  The present invention relates to a destination information storage unit for storing destination information including information on a key certificate used for encryption and information on a certificate authority of the certificate as information on a communication destination in a communication apparatus, and certificate authentication. A reliability storage unit that pre-registers the reliability of the station, a reliability setting value storage unit that stores the reliability when performing cryptographic communication set according to the importance of the information to be transmitted, as a reliability setting value; An instruction means for the user to instruct a destination; and a control means for encrypting and transmitting the information with the key information for encryption corresponding to the destination instructed by the instruction means, the control means comprising the destination information The certificate authority corresponding to the destination instructed by the instruction means is identified, the reliability of the certificate authority is obtained by referring to the reliability storage means, and the obtained reliability and the reliability Setting value memory By comparing the reliability setting values stored in, when the reliability of the authentication station is lower than the reliability setting value is characterized in that a warning.

  At this time, the destination information storage means includes information indicating whether or not encryption communication is possible as the destination information, and the control means is capable of encryption communication according to the destination information when encryption communication is instructed from the instruction means. A list of destinations may be presented for selection of destinations.

  According to the present invention, when performing encrypted communication, by presenting only a list of destinations that can perform encrypted communication, it is possible to prevent encrypted communication to destinations that cannot perform encrypted communication, and The destination can be selected easily and reliably.

  If key information for encryption corresponding to the specified destination cannot be obtained, a warning is output to prevent inadvertent information transfer and reduce the risk of information leakage can do.

  Furthermore, the importance of the information is checked by checking the reliability of the certificate authority of the key information for encryption corresponding to the designated destination and outputting a warning if the reliability of the certificate authority is lower than the predetermined reliability. Therefore, it is possible to prevent cryptographic communication with low reliability and reduce the risk of information leakage.

  FIG. 1 is a block diagram showing a first embodiment of the present invention. In the figure, 1 is a transmission side communication device, 2 is a reception side communication device, 3 is a network, 11 is a communication unit, 12 is a control unit, 13 is a storage unit, 14 is destination information, 15 is a presentation unit, and 16 is an instruction unit. It is. The network 3 is a data exchange network such as the Internet or a LAN. The transmission side communication device 1 and the reception side communication device 2 are both network devices that can communicate through the network 3. Here, the transmission side communication device 1 will be described on the assumption that an electronic mail is transmitted from the transmission side communication device 1 to the user of the reception side communication device 2. Of course, it goes without saying that the transmitting apparatus 1 may have an electronic mail receiving function and other various functions.

  The transmission side communication apparatus 1 has a function of transmitting an encrypted electronic mail. The communication-side communication device 1 includes a communication unit 11, a control unit 12, a storage unit 13, destination information 14, a presentation unit 15, an instruction unit 16, and the like. The communication unit 11 performs communication through the network 3.

  The control unit 12 performs control for transmitting an e-mail from the communication unit 11. When the user is instructed to perform encryption communication to the instruction unit 16 during the transmission of the e-mail, the list of destinations capable of encryption communication is displayed in the presentation unit 15 according to the destination information 14 stored in the storage unit 13. Presented and used for user selection of destination. When the user instructs the instruction unit 16 to select a destination, the user creates an e-mail to the instructed destination, encrypts it using an encryption key corresponding to the destination, and encrypts it from the communication unit 11. Send email

  The storage unit 13 stores information that needs to be stored in the apparatus. Here, destination information 14 is stored. The destination information 14 is information relating to a communication destination, and particularly includes information indicating whether encryption communication is possible. FIG. 2 is an explanatory diagram of an example of destination information. In the example shown in FIG. 2, the destination information 14 includes a serial number, an e-mail address, a display name, and information on whether or not encryption communication is possible. In this example, encryption communication is possible for the destinations having the serial numbers 001 and 003, but encryption communication cannot be performed for the destinations 002 and 004.

  The presentation unit 15 and the instruction unit 16 are user interfaces. The presentation unit 15 includes, for example, a display unit and displays various information and presents it to the user. In particular, here, it is possible to display a destination list according to the control of the control unit 12. The instruction unit 16 includes various input means and receives various instructions given by the user. In particular, here, an instruction for encryption communication, an instruction for selecting a destination as a transmission destination from among the addresses displayed in a list on the presentation unit 15, and the like can be performed.

  FIG. 3 is a flowchart illustrating an example of the operation according to the first exemplary embodiment of the present invention, and FIG. 4 is an explanatory diagram illustrating an example of a destination list that is also presented to the presentation unit. For example, when a request for sending an e-mail is instructed from the instructing unit 16 or the like, in S21, it is determined whether or not an instruction to perform encrypted communication has been issued. If encryption communication is not instructed, in S22, the control unit 12 reads the destination information 14 stored in the storage unit 13 and causes the presentation unit 15 to display a list regardless of whether encryption communication is possible. FIG. 4A shows an example of a list display when encryption communication is not performed. In this example, a display example when the destination information 14 illustrated in FIG. 2 is stored in the storage unit 13 is illustrated. When encryption communication is not performed, a destination where encryption communication is possible and a destination where encryption communication is not possible are displayed. The user can select and instruct the destination to be the transmission destination from the displayed destinations by using the instruction unit 16. In S23, after waiting until the user gives an instruction for selecting a destination to the instruction unit 16, an e-mail to the destination instructed for selection is transmitted from the communication unit 11 in S27.

  If it is determined in S21 that encryption communication is instructed, in S24, the control unit 12 reads the destination information 14 stored in the storage unit 13, and extracts a destination capable of encryption communication from the destination information 14. The presentation unit 15 displays a list. FIG. 4B shows an example of a list display when encryption communication is instructed. In the example of the destination information 14 shown in FIG. 2, because the destinations having the serial numbers 001 and 003 can be encrypted, the two destinations are displayed in a list in FIG. 4B. When the encryption communication is instructed, the user instructs the instruction unit 16 to select a destination as a transmission destination from among the destinations capable of encryption communication. In S25, after waiting until the user gives an instruction to select a destination to the instruction unit 16, in S26, the e-mail to be transmitted to the destination is encrypted using the encryption key corresponding to the destination instructed to select, and S27. Then, the encrypted electronic mail is transmitted from the communication unit 11. The encryption key can be acquired in advance, or can be used by acquiring a public key from a key server as described in a second embodiment to be described later.

  In this way, when encrypted communication is instructed, only destinations that can perform encrypted communication are displayed in a list, so that it is possible to prevent erroneous transmission of encrypted electronic mail to destinations that cannot perform encrypted communication.

  Note that e-mail may be sent directly to a destination, but generally, after sending to a mail server, the mail server sends it to the destination or one or more other mail servers. Will be delivered via.

  FIG. 5 is a block diagram showing a second embodiment of the present invention. In the figure, the same parts as those in FIG. 4 is a key server. The key server 4 manages a public key that is key information for encryption, and has a function of returning a public key in response to a request.

  When transmitting the encrypted electronic mail, the control unit 12 of the transmission side communication apparatus 1 inquires the key server 4 through the communication unit 11 about the public key for encryption corresponding to the destination. When the public key is acquired, the electronic mail is encrypted using the public key and transmitted through the communication unit 11. If the public key cannot be acquired, a warning is output to the presentation unit 15 or the like to inform the user that the encrypted electronic mail cannot be transmitted.

  FIG. 6 is a flowchart showing an example of operation in the second exemplary embodiment of the present invention. In S31, an instruction for the destination of the encrypted electronic mail is received. This destination instruction can be selected from a list of destinations as shown in FIG. 4A in the first embodiment, for example. Of course, by the process described in the first embodiment described above, a list of only the destinations that can perform encrypted communication as shown in FIG. 4B may be presented and selected from the list. Of course, it is also possible to directly specify the destination from the instruction unit 16.

  If the destination is designated, in S32, the public key corresponding to the designated destination is inquired to the key server 4 through the communication unit 11. In S33, it is determined whether or not the public key has been acquired from the key server 4. If the public key is registered in the key server 4, the public key is returned from the key server 4 in response to the inquiry, so that it can be acquired. If the public key can be acquired, the electronic mail is encrypted using the acquired public key and transmitted from the communication unit 11 in S34.

  If the public key corresponding to the destination is not obtained even after making an inquiry to the key server 4, a warning that the key information for encryption has not been obtained is output in S35. For example, it can be displayed on the presentation unit 15 or a warning sound or voice output can be performed by an acoustic means (not shown).

  As described above, when the transmission of the electronic mail by the encryption communication is instructed, if the public key corresponding to the destination is not obtained from the key server, a warning is output and the electronic mail is not transmitted. Therefore, it is possible to prevent a situation in which an electronic mail is transmitted without being encrypted even though the encrypted communication is designated. In addition, when the public key can be obtained, it can be seen that the destination is compatible with encrypted communication, so an encrypted electronic mail can be sent only to a destination capable of encrypted communication. it can.

  FIG. 7 is a block diagram showing a third embodiment of the present invention. In the figure, the same parts as those in FIG. 5 is a certificate authority, 17 is a reliability table, and 18 is a reliability setting value. When the registered public key is used, the certificate authority 5 is an organization that certifies that the used public key belongs to the principal, and issues a public key certificate. The public key used in the transmission side communication apparatus 1 is encrypted using the public key described in the certificate issued by the certificate authority 5.

  Some of the plurality of certificate authorities 5 existing on the network 3 include those with low reliability. For example, there may be a certificate authority that issues a strict certificate for a fee, and a certificate authority that randomly issues certificates for sales promotion. For important information, it is desirable to use a public key that has been authenticated by a highly reliable certificate authority. In particular, when information that needs to be encrypted is transmitted by e-mail, the information is expected to be highly important. Therefore, even if encryption communication is possible, it is considered that confidentiality cannot be maintained by encryption with a public key authenticated by the low-reliability certificate authority 5.

  However, although the degree of reliability varies greatly depending on the certificate authority as described above, since the receiving side determines which certificate authority is used, the certificate and the certificate authority are specified for each destination, A certificate authority with high reliability cannot be selected on the transmission side. Therefore, in this third embodiment, when the reliability is set in advance, and the e-mail is transmitted by encrypted communication, the certificate authority 5 having a reliability higher than the set reliability is issued. Encryption is performed using a public key authenticated by a certificate. It is assumed that the public key authenticated by the certificate issued by the certificate authority 5 having a reliability lower than the set reliability cannot be encrypted without using the public key.

  A reliability table 17 and a reliability setting value 18 are stored together with the destination information 14 in the storage unit 13 of the transmission side communication device 1. FIG. 8 is an explanatory diagram illustrating an example of destination information, a reliability table, and a reliability setting value according to the third embodiment of this invention. In the third embodiment, as the destination information 14, for example, as shown in FIG. 8A, information specifying the certificate and the certificate authority 5 of the certificate is included. For example, the use of the certificate “Certification A” authenticated by the certificate authority “XXX” is registered for the destination having the serial number 001. The same applies to other destinations.

  The reliability table 17 is a table associating the certificate authority with its reliability as shown in FIG. 8B, for example. For example, the certificate authority “XXX” indicates that the reliability is high. The reliability setting value 18 is set in advance for the reliability at the time of performing the encrypted communication, and here, the encrypted communication is set to be performed when the reliability is “medium” or higher. In the example shown in FIG. 8, the reliability is shown in three stages of “high”, “medium”, and “low”. Of course, this is an example, and the reliability may be further divided into two stages. It may be a category.

  The control unit 12 uses the destination information 14, the reliability table 17, and the reliability setting value 18 stored in the storage unit 13 to send an e-mail by encrypted communication to the e-mail destination. If the reliability of the certificate authority 5 of the corresponding certificate is equal to or higher than the reliability setting value 18, the electronic mail is encrypted using the public key of the certificate and transmitted. If it is lower than the reliability setting value 18, an e-mail is not transmitted and a warning that the reliability is low is presented to the user.

  FIG. 9 is a flowchart showing an example of the operation in the third embodiment of the present invention. In S41, an instruction for the destination of the encrypted electronic mail is received. This destination instruction is selected from, for example, a destination list as shown in FIG. 4A in the first embodiment described above, or a destination capable of encrypted communication as shown in FIG. 4B. It is also possible to present only a list and select from the list. Of course, it is also possible to directly specify the destination from the instruction unit 16.

  When the destination is designated, in S42, the certificate corresponding to the designated destination and the certificate authority 5 that issued the certificate are specified from the destination information 14. Further, the reliability of the specified certificate authority 5 is obtained by referring to the reliability table 17. Then, the reliability of the obtained certificate authority 5 is compared with the reliability setting value 18. If the reliability of the certificate authority 5 is greater than or equal to the reliability setting value 18, the e-mail is encrypted using the public key of the certificate corresponding to the destination and transmitted from the communication unit 11 in S43.

  If the reliability of the certificate authority 5 is lower than the reliability setting value 18, a warning that the reliability is low is output in S44. For example, it can be displayed on the presentation unit 15 or a warning sound or voice output can be performed by an acoustic means (not shown).

  As described above, even when the transmission of the e-mail by the encryption communication is instructed, if the reliability of the certificate authority 5 that issued the certificate corresponding to the destination is lower than the reliability setting value 18, a warning is output. Do not send email. Therefore, it is possible to prevent a situation in which important information is transmitted by cryptographic communication with low reliability and is exposed to the risk of leakage.

  For example, the reliability setting value 18 can be changed according to the importance of the information transmitted by e-mail. For example, if it is not so important but encryption is desired to be performed, the reliability setting value 18 may be set to “low”. If very important information is transmitted, the reliability setting value 18 is set. Should be set to “high”.

  In the configuration of each of the above-described embodiments, an example in which the presentation unit 15 and the instruction unit 16 are provided as a user interface is shown. The present invention is not limited to this. For example, the communication unit 11 or another interface is used to exchange information with other devices so as to present information to the user and accept instructions from the user. Also good.

It is a block diagram which shows the 1st Embodiment of this invention. It is explanatory drawing of an example of destination information. It is a flowchart which shows an example of the operation | movement in the 1st Embodiment of this invention. It is explanatory drawing of an example of the list | wrist of the destination shown to a presentation part in the 1st Embodiment of this invention. It is a block diagram which shows the 2nd Embodiment of this invention. It is a flowchart which shows an example of the operation | movement in the 2nd Embodiment of this invention. It is a block diagram which shows the 3rd Embodiment of this invention. It is explanatory drawing of an example of the destination information in the 3rd Embodiment of this invention, a reliability table, and a reliability setting value. It is a flowchart which shows an example of the operation | movement in the 3rd Embodiment of this invention.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... Transmission side communication apparatus, 2 ... Reception side communication apparatus, 3 ... Network, 4 ... Key server, 5 ... Authentication station, 11 ... Communication part, 12 ... Control part, 13 ... Memory | storage part, 14 ... Destination information, 15 ... Presentation unit, 16 ... instruction unit, 17 ... reliability table, 18 ... reliability setting value.

Claims (2)

  Address information storage means for storing destination information including information on the certificate of the key used for encryption and information on the certificate authority of the certificate as information on the communication destination, and the reliability of the certificate authority of the certificate are registered in advance Reliability storage means, reliability setting value storage means for storing reliability when performing encrypted communication set according to the importance of information to be transmitted as reliability setting values, and instruction means for a user to specify a destination And control means for encrypting and transmitting the information with the key information for encryption corresponding to the destination instructed by the instruction means, and the control means refers to the destination information by the instruction means. The certificate authority corresponding to the designated destination is specified, the reliability of the certificate authority is obtained by referring to the reliability storage means, and the obtained reliability and the reliability setting value storage means are stored. Reliability setting Compared bets, communication device reliability of the authentication station and outputs a warning if it is lower than the reliability setting value.   The destination information storage means includes information indicating whether or not encryption communication is possible as the destination information, and the control means is a destination capable of encryption communication according to the destination information when the instruction means instructs encryption communication. The communication apparatus according to claim 1, wherein the list is provided for selection of a destination.

Images