JP5248057B2 - COMMUNICATION METHOD, SERVER DEVICE, AND TERMINAL DEVICE - Google Patents

Description

  The present invention relates to an authentication method for determining the legitimacy of a communication partner, and a relay device and a communication device for realizing the authentication method.

  Authentication technologies for ensuring security have been developed for a long time in information systems using networks. In recent years, many authentication techniques suitable for a communication system using an open network open to an unspecified number of users such as the Internet have been developed. As one of such authentication technologies, a digital signature scheme using a public key cryptosystem is widely known. In the digital signature method, a sender encrypts plain text with a secret key known only by the sender, and the receiver that receives the encrypted data decrypts it using the sender's public key. If the decryption is successful, the receiver can determine that the obtained plaintext is definitely transmitted by the sender.

  However, even if the private key and the public key correspond correctly and are successfully decrypted, it is necessary to ensure that the public key belongs to the true sender in order to ensure sufficiently high security. This guarantee is realized by using a public key certificate encrypted with a secret key known only by a certificate authority (CA) which is a fair third party organization. That is, in a situation where the receiver holds the public key of the certificate authority, when the sender transmits the encrypted data and his / her public key certificate acquired from the certificate authority, the receiver who has received these is: The validity of the public key certificate is verified using the public key of the certificate authority in the same manner as described above, and encryption is performed using the sender's public key included in the public key certificate judged to be valid. Decrypt the data. Since the sender's public key used here is guaranteed by the certificate authority, the fact that the encrypted data has been successfully decrypted means that the sender of the encrypted data is the true sender. This is nothing but the certification authority has guaranteed.

  The public key certificate includes its own expiration date, and the receiver determines that the public key certificate whose expiration date has passed is an invalid public key certificate. The determination as to whether or not the expiration date has passed is made based on the real-time clock in the receiving apparatus that is the receiver. Therefore, not only the certificate authority but also the real time clock of the receiving device does not accurately measure the current time, an accurate determination cannot be made, which can be an obstacle to ensuring sufficiently high security. Such a problem is not limited to the public key cryptosystem, but is common to all authentication schemes in which an expiration date is set for information necessary for authentication, but has not yet been recognized as a serious problem.

  The present invention has been made in view of the above-described circumstances, and provides an authentication method capable of reliably ensuring sufficiently high security, and a relay device and a communication device for realizing the authentication method. It is an object.

In order to solve the above-described problem, the present invention includes a step in which a first node transmits a request for establishing a communication connection between the first node and a second node to a server device; A device performing control processing of communication connection between the first node and the second node in response to the request; and the server device including a notification indicating establishment of the communication connection together with a current time Transmitting information to the first node; starting encrypted communication using the communication connection between the first node and the second node; and A node receiving a certificate with an expiration date for authenticating the second node; and the first node verifies that the certificate is valid based on the current time information. Step and said If the result of the certificate is valid in testimony can not be obtained, it provides a communication method and a step of terminating the encrypted communication (first embodiment).

In the communication method according to the first aspect, the server device may include a step of tunneling the encrypted communication performed between the first node and the second node (second operation). Embodiment).

The present invention also provides a receiving means for receiving a request for establishing a communication connection between the first node and the second node from a first node, and the first node in response to the request. A server device comprising: control means for controlling communication connection between the first node and the second node; and transmission means for transmitting current time information to the first node together with a notification indicating establishment of the communication connection Is provided (third aspect).

The server device according to the third aspect may include a relay unit that relays encrypted communication performed using the communication connection between the first node and the second node by tunneling ( Fourth aspect).

In addition, the present invention includes a transmission means for transmitting a request for establishing a communication connection with another node different from the own device to the server device, and a notification indicating establishment of the communication connection from the server device. The present time information receiving means for receiving the time information and the other node, the encrypted communication means for performing encrypted communication using the communication connection, and authenticating the other node from the other node Certificate receiving means for receiving a certificate having an expiration date for verifying, and verification means for verifying that the certificate is valid based on current time information received by the current time information receiving means The encrypted communication means provides a terminal device that terminates the encrypted communication when a result that the certificate is valid is not obtained in the verification by the verification means (fifth aspect).

  According to the present invention, in a communication device that determines the legitimacy of a communication partner using the current time, the time based on the time information transmitted from the relay device that is measuring the accurate current time is the current time. Is set. That is, the legitimacy of the communication partner is determined based on the accurate current time. Therefore, according to the present invention, sufficiently high security can be reliably ensured. In particular, for a communication device that communicates via a mobile communication network, there is an effect that it is possible to provide a new mechanism for keeping the current time being accurately measured.

Embodiments of the present invention will be described below with reference to the drawings.
[Embodiment]
(1) Overall Configuration FIG. 1 is a diagram showing a configuration of an authentication system using an authentication method according to an embodiment of the present invention. This authentication system uses a WWW (World Wide Web) from a mobile phone equipped with a browser. ) It is built on a communication system that can use the service. Since such a communication system has already been realized and its mechanism is well known, only the part directly related to the present invention will be described for the communication system.

  In the figure, a mobile phone MS is a mobile phone that receives a packet communication service of a mobile packet communication network MPN, and is accommodated in the mobile packet communication network MPN and a mobile phone network (not shown). The mobile telephone network is a network that provides a general mobile telephone call service, and the mobile phone MS can receive the call service. The mobile phone MS supports SSL (Secure Sockets Layer). SSL is composed of two layers, the lower layer has functions for data distribution and compression, and the upper layer has functions for authentication and various negotiations. In SSL communication, encrypted communication using a common key is performed after a communication partner is authenticated by a public key cryptosystem.

  The mobile packet communication network MPN is composed of a plurality of base stations BS, a plurality of packet subscriber processing devices PS, a gateway server GWS, and a communication line connecting them. The base stations BS are arranged at predetermined intervals obtained by dividing the ground within a range of a radius of 500 m, for example, and perform radio communication with the mobile phone MS located in the radio zone formed by each. The packet subscriber processing device PS is a computer system provided in a packet subscriber switching center that accommodates a plurality of base stations BS, and receives a packet switching request from the mobile phone MS, and between the mobile phone MS and the gateway server GWS. To relay the packet.

  The gateway server GWS is a computer system provided in a mobile packet gateway relay switching center for interconnecting the mobile packet communication network MPN and other networks such as the Internet INET, and is managed by a provider of the mobile packet communication network MPN. Has been. This provider is a fair third party in SSL communication between the mobile phone MS and the IP server W. The gateway server GWS has a function of a so-called proxy server, and performs communication protocol conversion, communication relay, and the like that differ between networks. Specifically, the conversion of the communication protocol here means a transmission protocol for the mobile packet communication network that the mobile packet communication network MPN follows and a transmission protocol (TCP / IP (Transmission Control Protocol / Internet Protocol)) that the Internet INET follows. And HTTP (Hyper Text Transfer Protocol). Further, the gateway server GWS has a function (tunneling function) that allows encrypted communication such as SSL communication to pass. During this passage, the gateway server GWS cannot grasp the contents of the encrypted communication and functions as a simple router.

  The IP server W is a server connected to the Internet INET, and provides a WWW service to clients using the WWW. The IP server W supports SSL and has a function of performing SSL communication with a client. That is, the IP server W stores its own private key and public key, and a public key certificate issued by the certificate authority C, and receives a client hello message in SSL communication via the Internet INET. A server hello (ServerHello) message and a server certificate request (ServerCertificateRequest) message with its own public key certificate attached are returned.

  The certificate authority C is a fair third-party organization and is realized as a server connected to the Internet INET. The certificate authority C issues and manages an electronic certificate such as a public key certificate, and issues and returns an electronic certificate in response to a request from the client, or returns its own public key. To do. When the certificate authority C issues an electronic certificate with an expiration date, it determines the expiration date based on an internal real-time clock that is guaranteed to be fair and accurate.

(2) Configuration of Mobile Phone MS FIG. 2 is a block diagram showing a hardware configuration of the mobile phone MS.
As shown in this figure, a mobile phone MS includes a transmission / reception unit (for example, having an antenna, a radio unit, a transmitter, a receiver, etc.) 21 that performs radio communication with a base station BS, and a sound collection unit for inputting sound. (For example, a microphone) 22, a sound generation unit (for example, having an amplifier or a speaker) 23 for sound generation, an input unit 24 having a keypad or the like for performing input operations such as numeric input and character input, display of a predetermined size A liquid crystal display 25 having a region, a real-time clock 27 for measuring the current time, and a control unit 26 for controlling these units are provided.

  The control unit 26 includes a CPU (Central Processing Unit) 261 that performs various controls, software such as a browser and an SSL communication processing program executed by the CPU 261, and a ROM 262 that stores information necessary for connection with the gateway server GWS, A RAM 263 used as a work area for the CPU 261 and a non-volatile memory 264 for storing various information such as the public key of the certificate authority C are built in. When a power supply (not shown) is turned on, the CPU 261 is stored in the ROM 262. The stored software is read out and executed, and the ROM 262, RAM 263, nonvolatile memory 264, and the units 21 to 25 and 27 are controlled.

  When the user instruction input from the input unit 24 is a predetermined instruction, the CPU 261 executes an SSL communication processing program stored in the ROM 262. In a state where the SSL communication processing program is executed, when the CPU 261 receives a specific message including time information representing the time from the transmission / reception unit 21, the CPU 261 has a function of setting the time as the current time in the real time clock 27. As will be described in detail later, the specific message is a message transmitted from the gateway server GWS in response to a message requesting the gateway server GWS to start SSL communication.

  Further, the CPU 261 in the above state can use at least one kind of encryption algorithm and compression algorithm, generates a client hello message that notifies the communication partner of these encryption algorithm and compression algorithm, and transmits this message. And a function of controlling the transmission / reception unit 21 and a function of performing communication processing using the encryption algorithm and the compression algorithm specified in the server hello message received by the transmission / reception unit 21. Further, the CPU 261 in the above state communicates based on the public key certificate included in the server authentication request message received by the transmitting / receiving unit 21, the public key of the certificate authority C, and the current time measured by the real-time clock 27. It has a function of determining the legitimacy of the other party and continuing the SSL communication only with the communication party judged to be legitimate.

(3) Configuration of Gateway Server GWS FIG. 3 is a block diagram showing a hardware configuration of the gateway server GWS.
As shown in this figure, the gateway server GWS includes a wireless communication device 31 for performing wireless communication with a mobile phone MS via a base station BS and a packet subscriber processing device PS, and an IP via the Internet INET. Internet connection interface 32 for communicating with the server W, etc., software such as basic programs and storage devices (for example, semiconductor disks, hard disks, etc.) 33 that store various data in a rewritable manner, and real time for measuring the current time A clock 35 and a control unit 34 for controlling each unit are provided.

  The control unit 34 includes a CPU 341 that performs various controls, a ROM 342 that stores a control program executed by the CPU 341, and a RAM 343 that is used as a work area of the CPU 341, and the CPU 341 stores the control stored in the ROM 342. By reading and executing the program, the ROM 342, the RAM 343, and the units 31 to 33 and 35 are controlled, and the basic program stored in the storage device 33 is read and executed to realize the above-described function.

  In a state where the basic program is executed, the CPU 341 sets an expiration date based on the internal real-time clock 35 that is guaranteed to be accurate. As a method for accurately maintaining the time of the real-time clock 35, a method using a widely used NTP (Network Time Protocol) is also conceivable, but in this embodiment, the real-time clock (CPU 341) is guaranteed to be accurate ( For example, time information is acquired from a real-time clock of the certificate authority C via a dedicated line (not shown), and the time of the real-time clock 35 is accurately maintained using this.

  Further, the CPU 341 in the above state has a function of measuring the propagation delay time of the mobile packet communication network MPN and storing it in the RAM 343. Furthermore, when the CPU 341 in the above state receives a message requesting the start of SSL communication with the communication destination via the wireless communication device 31, the CPU 341 between the message transmission source and the communication destination IP server receives the message. In addition to setting a TCP connection in between, a message including time information indicating the time obtained by adding the propagation delay time of the mobile packet communication network MPN to the current time of the real-time clock 35 is generated, and this message is transmitted to the SSL communication. It has a function of controlling the wireless communication device 31 so as to return a response to a message requesting start.

(4) Configuration of IP Server W FIG. 4 is a block diagram showing a hardware configuration of the IP server W.
As shown in this figure, the IP server W has an Internet connection interface 41 for communicating with the gateway server GWS via the Internet INET, various contents, the secret key and public key of the IP server W, and SSL communication processing. A storage device (for example, a semiconductor disk or a hard disk) 42 that stores a program or the like in a rewritable manner, a real-time clock 44 that measures the current time, and a control unit 43 that controls them are provided.

  The control unit 43 includes a CPU 431 that performs various controls, a ROM 432 that stores a control program executed by the CPU 431, and a RAM 433 that is used as a work area of the CPU 431, and the CPU 431 has a control stored in the ROM 432. By reading and executing the program, the ROM 432, the RAM 433, and the units 41 to 42, 44 are controlled.

  When receiving the client hello message via the Internet connection interface 41, the CPU 431 that has executed the control program generates an SSL communication process corresponding to the transmission source of the message using the SSL communication processing program. In this SSL communication process, the CPU 431 extracts the encryption and compression algorithm included in the client hello message from a plurality of encryption and compression algorithms that can be used by the IP server W, and finally selects any one of them. A server that selects an encryption and compression algorithm, returns a server hello message notifying the selected encryption and compression algorithm to the transmission source, and includes the public key certificate of the IP server W stored in the storage device 42 A function of transmitting an authentication request message to the transmission source;

(5) Operation The operation until the mobile phone MS starts SSL communication with the authenticated IP server W will be described mainly with reference to FIGS. 5 is a flowchart showing a flow of processing performed in the mobile phone MS when SSL communication is started, FIG. 6 is a flowchart showing a flow of processing performed in the gateway server GWS when SSL communication is started, and FIG. 7 is an IP server W when SSL communication is started. FIG. 8 is a sequence diagram showing a flow of messages until the mobile phone MS starts SSL communication with the IP server W.

  However, as a premise, the CPU 261 of the mobile phone MS has already executed the browser, the CPU 341 of the gateway server GWS has already executed the basic program, and the CPU 431 of the IP server W has already executed the control program. To do. In addition, it is assumed that the storage device 42 of the IP server W stores the private key of the IP server W and the public key certificate issued by the certificate authority C for the public key corresponding to the private key. Further, it is assumed that the public key of the certificate authority C is stored in the nonvolatile memory 264 of the mobile phone MS.

  When the user of the mobile phone MS inputs an instruction to communicate with the IP server W from the input unit 24, the CPU 261 of the mobile phone MS executes the SSL communication program stored in the ROM 262 and performs the processing shown in FIG. . That is, the CPU 261 first generates a message (for example, “Connect https: // ...”) requesting SSL communication with the IP server W designated by the IP user, and transmits this to the gateway server GWS. The transmitter / receiver 21 is controlled (step SA1). As a result, as shown in FIG. 8, the message m1 is transmitted from the mobile phone MS to the gateway server GWS.

  In the gateway server GWS, when the CPU 341 receives the message m1 via the wireless communication device 31, first, a TCP connection is established between the mobile phone MS and the IP server W as shown in step SB1 in FIG. (Message m2 in FIG. 8). Next, the CPU 341 acquires time information representing the current time from the real-time clock 35 (step SB2), and generates time information representing the time after the propagation delay time has elapsed from the current time (step SB3). Further, the CPU 341 generates the message m3 including the time information thus generated, and controls the wireless communication device 31 so as to transmit it to the mobile phone MS (step SB4). As a result, as shown in FIG. 8, a message m3 indicating that a TCP connection has been established is transmitted from the gateway server GWS to the mobile phone MS as a response message to the message m1. Thereafter, the gateway server GWS performs a tunneling process for the communication of the TCP connection.

  In the mobile phone MS, when the CPU 261 receives the message m3 via the transmission / reception unit 21 (step SA2 in FIG. 5), the time represented by the time information included in the message m3 is set as the current time in the real-time clock 27. Set. As a result, the current time measured by the real-time clock 27 substantially coincides with the current time measured by the real-time clock 35 of the gateway server GWS.

  Next, the CPU 261 determines an encryption and compression algorithm used in SSL communication (step SA4). Specifically, the CPU 261 first generates the client hello message m4 that informs the IP server W of the encryption and compression algorithms that can be used in the mobile phone MS, and sends the transmission / reception unit 21 to the IP server W so as to transmit it. Control. As a result, as shown in FIG. 8, the client hello message m4 is transmitted from the mobile phone MS to the IP server W via the TCP connection.

  In the IP server W, when the CPU 431 receives the message m4 through the TCP connection and the Internet connection interface 41, first, as shown in step SC1 of FIG. Based on the encryption algorithm and the compression algorithm, the encryption and compression algorithm used in the SSL communication in the TCP connection is selected. Next, the CPU 431 generates a message m5 for notifying the selected encryption and compression algorithm to the mobile phone MS, and controls the Internet connection interface 41 so as to transmit it to the mobile phone MS (step SC2). As a result, as shown in FIG. 8, a message m5 is returned from the IP server W to the mobile phone MS via the TCP connection.

  In the mobile phone MS, when the CPU 261 receives the message m5 via the transmission / reception unit 21, the CPU 261 determines to use the encryption and compression algorithm indicated by the message m5 in the communication using the TCP connection.

  On the other hand, in the IP server W, after the message m5 is transmitted to the mobile phone MS, the CPU 431 reads out the public key certificate of the IP server W from the storage device 42, generates a message m6 including this public key certificate, The Internet connection interface 41 is controlled so as to transmit this to the mobile phone MS (step SC3). As a result, as shown in FIG. 8, the message m6 is transmitted from the IP server W to the mobile phone MS via the TCP connection.

  In the mobile phone MS, when the CPU 261 receives the message m6 via the transmission / reception unit 21 (step SA5), the public key certificate contained in the message m6 is stored in the non-volatile memory 264 (the certificate authority C). Of the public key) (step SA6). If this decryption is successful (step SA7), the CPU 261 acquires the current time from the real-time clock 27 (step SA8), and determines whether the current time is a time before the expiration date (step SA9). If the current time is a time before the expiration date, the certificate is a public key certificate within the expiration date guaranteed by the certificate authority C (that is, a valid public key certificate). A process for continuing the communication is performed (step SA10). Therefore, thereafter, encrypted communication is continuously performed between the mobile phone MS and the IP server W.

  On the contrary, if the decryption in step SA6 is not successful, or if the expiration date has passed even if the decryption is successful, the CPU 261 cannot authenticate the IP connection W. The transmitter / receiver 21 is controlled to disconnect, and the liquid crystal display 25 and the sound generator 23 are controlled to notify the user that the authentication of the IP server W has not been successful (step SA11). As a result, the TCP connection between the mobile phone MS and the IP server W is disconnected, and the user is notified that the authentication of the IP server W was not successful.

  As described above, according to the present embodiment, immediately before the authentication process of the IP server W, the time measured by the real-time clock 27 of the mobile phone MS is the real-time clock 35 of the gateway server GWS (a very accurate time is counted). The mobile phone MS can accurately check the expiration date of the public key certificate of the IP server W. Therefore, the authentication of the IP server W can be performed more accurately. As a natural result, there is also an advantage that the real-time clock 27 of the mobile phone MS can be accurately maintained.

[Modification]
In the above-described embodiment, the mobile phone MS is exemplified as the SSL communication client. However, a mobile communication terminal such as a PDA (Personal Digital (Data) Assistants) having a wireless communication function may be used as the client, or the PHS ( (Personal Handyphone System) A terminal system combining a terminal or a mobile phone and a PDA or a portable computer may be used as a client, or a terminal system combining a wireless communication terminal or a wired communication terminal and a stationary computer may be used as a client. Of course, when performing wired communication, the wired communication section and the Internet are connected by the gateway server.

  Furthermore, in the embodiment described above, the current time by the real-time clock 27 of the mobile phone MS is abbreviated to the current time by the real-time clock 35 of the gateway server GWS in order to more accurately check the expiration date of the public key certificate of the IP server W. Although they are matched, the purpose of matching them is not limited to checking the expiration date of the public key certificate. For example, in an authentication system in which an expiration date is set for an electronic key, password, or the like, the purpose may be to check the expiration date of an electronic key, ID, password, or the like. Further, the server real-time clock may be made to follow the gateway server real-time clock for the purpose of checking the expiration date of the public key certificate, electronic key, ID, password, etc. of the client instead of the server.

  In the above-described embodiment, an example is given in which the real-time clock of the client follows the real-time clock of the gateway server. However, when authenticating the communication partner in the server, the real-time clock of the server is used as the real-time clock of the gateway server. In the case where the server and the client mutually authenticate the communication partner, the real time clocks of both may be made to follow the real time clock of the gateway server.

  In addition, the client (or server) is provided with a function for measuring the propagation delay time, the current time in the gateway server is notified to the client (or server) as it is, and the client (or server) transmits the propagation delay time from the notified current time. Only the time that has elapsed may be set as the current time. This method is particularly effective when communication is performed via a network in which the propagation delay time of a network via the Internet or a satellite can vary greatly depending on the communication path.

  Furthermore, in the above-described embodiment, the example in which the response message for the message requesting the connection from the connection source (client) includes the time information is shown, but the time information transmission method is not limited to this example. . For example, the time information may be transmitted to the connection destination (server or client) upon reception of a message requesting connection from the connection source (client or server).

  In the above-described embodiment, an example is given in which the client acquires the current time from its own real-time clock and uses it for checking the expiration date. However, the present invention is not limited to this. For example, the current time supplied from the gateway server may be used as it is for checking the expiration date. In this case, even a client (or server) that does not have a real-time clock can check the expiration date.

  Furthermore, as described above, in this embodiment, when the time information is included in the response message to the message from the client to the gateway server, the new current time is set in the client. For this reason, the new current time is set based only on the time information transmitted from the gateway server, and higher security is ensured. However, in order to ensure higher security, the mechanism exemplified in this embodiment is not necessarily adopted. That is, it is only necessary for the client to be able to determine whether or not the source of time information is a gateway server. For example, it is determined whether or not the source of time information is a gateway server by examining the source address of a packet at the client. You may make it do.

  In the embodiment described above, SSL communication is exemplified as communication using information (public key certificate) necessary for authentication of the communication partner. However, the present invention is applicable to communication of various proposed public key cryptosystems. It is. Furthermore, if the information required for authentication is not based on encrypted communication such as an ID or password, the present invention can be applied to unencrypted communication.

  Further, if the communication device is configured so that the current time is set only when the transmission source of the time information is a relay device, the other devices other than the relay device cannot change the current time in the communication device. Therefore, higher security can be ensured. This effect can also be obtained by including time information in the response message and passing it from the relay apparatus to the communication apparatus. In the latter case, the number of messages exchanged between the communication device and the relay device can be reduced.

Further, if encrypted communication is performed for the first time after it is determined that the communication partner is valid in the communication device, the security of the encrypted communication can be sufficiently increased.
Further, if time information representing a time advanced from the current time in the relay device is transmitted to the communication device, an error due to the propagation delay time can be eliminated.

It is a figure which shows the structure of the authentication system using the authentication method which concerns on embodiment of this invention. It is a block diagram which shows the hardware constitutions of the mobile telephone MS which comprises the authentication system. It is a block diagram which shows the hardware constitutions of the gateway server GWS which comprises the authentication system. It is a block diagram which shows the hardware constitutions of IP server W which comprises the authentication system. It is a flowchart which shows the flow of the process performed in the mobile telephone MS at the time of SSL communication start. It is a flowchart which shows the flow of the process performed in the gateway server GWS at the time of SSL communication start. It is a flowchart which shows the flow of the process performed in the IP server W at the time of SSL communication start. FIG. 11 is a sequence diagram showing a message flow until the mobile phone MS starts SSL communication with the IP server W.

Explanation of symbols

  BS ... Base station, GWS ... Gateway server, INET ... Internet, MPN ... Mobile packet communication network, MS ... Mobile phone, PS ... Packet subscriber processing device, W ... IP server, 21 ... Transmission / reception unit, 22 ... Sound collection unit, 23 ... Sound generating unit, 24 ... Input unit, 25 ... Liquid crystal display, 26, 34, 43 ... Control unit, 27, 35, 44 ... Real time clock, 31 ... Wireless communication device, 32, 41 ... Internet connection interface, 33, 42 ... Storage device, 261, 341, 431 ... CPU, 262, 342, 432 ... ROM, 263, 343, 433 ... RAM, 264 ... Non-volatile memory.

Claims (5)

A first node sending a request for establishing a communication connection between the first node and the second node to a server device;
The server device performing a communication connection control process between the first node and the second node in response to the request;
The server device transmitting current time information to the first node together with a notification indicating establishment of the communication connection;
Starting encrypted communication between the first node and the second node using the communication connection;
The first node receiving an expiring certificate for authenticating the second node;
The first node verifying that the certificate is valid based on the current time information;
Ending the encrypted communication if a result that the certificate is valid is not obtained in the verification; and
A communication method comprising: The server device tunnels the encrypted communication performed between the first node and the second node.
The communication method according to claim 1, further comprising: Receiving means for receiving a request for establishing a communication connection between the first node and the second node from a first node;
Control means for performing control processing of communication connection between the first node and the second node in response to the request;
Transmitting means for transmitting current time information to the first node together with a notification indicating establishment of the communication connection;
A server device comprising: Relay means for relaying encrypted communication performed using the communication connection between the first node and the second node by tunneling
The server device according to claim 3 provided with. Transmission means for transmitting a request for establishing a communication connection with another node different from the own device to the server device;
Current time information receiving means for receiving current time information together with a notification indicating establishment of the communication connection from the server device;
Encrypted communication means for performing encrypted communication with the other nodes using the communication connection;
Certificate receiving means for receiving a certificate having an expiration date for authenticating the other node from the other node;
Verification means for verifying that the certificate is valid based on current time information received by the current time information receiving means;
With
The encrypted communication unit terminates the encrypted communication when a result that the certificate is valid is not obtained in the verification by the verification unit.
Terminal device.

Images