JPH09138643A - Key storage system for data secrecy and data signature and security module provided with key storage function - Google Patents

Abstract

PROBLEM TO BE SOLVED: To mitigate the congestion state of a line by providing the key managing table needed for secrecy, authentication and signature in the security module (the card) of a user side. SOLUTION: At the time of pulling out data from a data file 2, a verification request is transmitted to a card 4 and also a data delivering request is transmitted to the data file 2 from a work station 3. In the case an objective key is not stored in a key managing table, the card 4 receives the key from a key managing means 1 to store it in the vacant area of the key managing table (in the case the vacant area is not present in the table, the area of a low priority order is eliminated). When the data file 2 receives the data delivering request, the file 2 transmits the request data added with identifier to the card 4. When the card 4 receives the request data, the card 4 performs a signature verification processing by the key stored in the key managing table and generates a Y/N message to return it to the file 2. Moreover, in the case of performing a secrecy communication processing, the card 4 uses the key stored in the key managing table similarly in the case mentioned above.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a data security and data signature key storage system and a security module having a data security and data signature key storage function. Data security and data signature that can maintain the security of various data including voice data, and can reduce the congestion state of the line by reducing the key distribution protocol required for data confidentiality, authentication, and signature. The present invention relates to a security key storage system and a security module having a data security and data signature key storage function.

[0002]

2. Description of the Related Art FIG. 11 is a diagram showing a configuration of a data encryption and signature key storage system which is a premise of the present invention. In the figure, reference numeral 11 denotes a key management server that performs encryption processing and signature processing. The key management server 11 includes a user profile 11a in which user IDs and card IDs of users who have joined the system are registered, and a user security module. A log file 11b for storing a record when the system is accessed using a (card) and an encryption processing unit 11c are provided. The encryption processing unit 11c performs encryption conversion of the card ID or the user ID using the master key, and generates a user-specific key or a card-specific key.

Reference numeral 12 is a data generation device, and the data generation device 12 generates various data such as image data, audio data, and general data to be concealed. A data file device 13 stores various data DATA1, DATA2, ... Such as image data, audio data, general data, etc. generated by the data generating device, and a file ID attached to each data. Reference numeral 14 denotes the key management server 11 and the data generation device 1 via a communication path such as a LAN.
2. A workstation (hereinafter referred to as a host) connected to the data file device 13, the host 14 is installed in the vicinity of each user, and the user (data file device 1
The user who has the authority to access the data stored in 3) can access the data stored in the data file device 13 from the host 14 using the card 15. Further, the card 15 has a function of verifying that the data in the data file device is correct, and further performing a data encryption process. Reference numeral 16 is a connector device for inserting a card, and the connector device 16 includes a display device 17
Can be connected.

FIG. 12 is a diagram showing a data extraction processing procedure in the prior art, and a conventional processing procedure for extracting data from the data file device will be described with reference to FIGS. 11 and 12. In order to retrieve the data stored in the data file device 13, the user inserts the card 15 into the connector device 16 of the host 14 and inputs the file ID of the data stored in the data file device 13. A signature verification request is sent with a file ID, and the key management server 11
To the key management server ID (IDK) and card ID (I
DC) is added and the signature key distribution request is transmitted. Upon receiving the above request, the key management server 11 sends the host 14 an authentication request and a random number r1 with the card ID (IDC) and the key management server ID (IDK).

When the host 14 receives the authentication request or the like, it sends an authentication command with a card ID (IDC) to the card 15 and the random number r1. Card 15
Has a function of encrypting data as described above, and when the authentication command is received, the received random number r1
Data E encrypted with the key K1 of the card 15
Generate K1 (r1) and add the card ID to EK1 (r1)
It is sent to the host 14 with (IDC) attached (authentication procedure). Upon receiving the data EK1 (r1) and the card ID, the host 14 attaches the key management server ID (IDK) and the card ID (IDC) to the encrypted data E.
K1 (r1) is sent to the key management server 11.

When the key management server 11 receives the EK1 (r1), the key management server 11 decrypts the EK1 (r1) with its own key K1 and checks whether the sent random number r1 and the received random number r1 match. If it is confirmed that the card inserted in the connector device 16 is a valid card, the individual key KF1 on the data file side (key KFn for each file ID)
Is set) to generate an encrypted signature key EK1 (KF1), and the card ID (IDC) is generated.
And the key management server ID (IDK), and sends it to the host 14.

Upon receiving the above data, the host 14 receives the signature key setting command and the above encrypted signature key EK1 (KF1).
And the key storage command are sent to the card, and the card 15 decrypts the encrypted signature key EK1 (KF1) with the key K1.
The decrypted data file side individual key KF1 is stored in a register or the like provided in the card 15. Then card 15
Sends the confirmation signal ACK via the host 14 to the key management server 1
1 and ends the signature key distribution procedure.

As described above, the random number r1 is assigned to the key management server 1
1 to the card 15, and the key K1 in the card 15
The key management server 11 generates the encrypted data EK1 (r1) and returns it to the key management server 11.
Can confirm that the card 15 is a valid card with the correct key K1. In addition, the encrypted data EK1 (r1) is sent from the card 15 and
By encrypting and transmitting the data file side individual key KF1 by the key management server 11, it is possible to prevent the host 14 from performing fraudulent acts such as falsification of data.

When the signature key delivery procedure is completed as described above, a data delivery request is sent from the host 14 to the key management server 11 and the data file device 13. The notification to the key management server 11 is necessary for the key management server 11 to receive the communication record data to be performed later. When the data file device 13 receives the data delivery request, the request data is provided with a card ID (IDC), a data file device ID (IDD), and a digital signature authenticator CS (signature sentence) at the end. And the random number r2 to the host 14 and the card 15. Here, considering that the random number r2 falsifies the processing result of the card in the host 14, the message of the card 15 is sent to the card 1
5, encrypted by using the key KF1 between the data file device 13 and the random number r2 so as to ensure encrypted communication.

When the card 15 receives the request data, the authenticator CS, the random number r2, etc., it confirms whether or not the data received by the authenticator CS is request data, and generates a Yes or No message. . And this Y
The message of / N is encrypted by the individual key KF1 and the random number r2 described above, the card ID (IDC) and the data file device ID (IDD) are attached, and the message is returned to the data file device 13. The Y / N message is the individual key KF1 and the random number r
As a method of encrypting with Y2, for example, the exclusive OR of the Y / N message and the random number r2 is encrypted with the individual key KF1, or the Y / N message is encrypted with the individual key KF1.
And the random number r2 can be encrypted by exclusive OR.

When the data file device 13 receives the encrypted Y / N message or the like, the encrypted Y / N message is transmitted.
N message is decrypted with key KF1 and random number r2, and Y /
The contents of the N message are confirmed, and the communication record data is delivered to the key management server 11. The key management server 11 logs the communication record data together with the access time and the like in the log file 11b.
To record.

[0012]

As described above, in the prior art, there is a protocol overhead in the distribution of the key required for the confidentiality, the authentication and the signature. For this reason, when a very large number of transaction processes are carried out for a large number of users, the line may become congested.
The present invention has been made in consideration of the above-mentioned problems of the prior art, and an object of the present invention is to provide a key management table necessary for concealment, authentication, signature, etc. in a security module (card) on the user side. By providing a (storage medium) and linking this table with the key distribution protocol, the key distribution protocol is reduced and the congestion state of the line is alleviated.

[0013]

FIG. 1 is a diagram showing the principle of the present invention. In FIG. 1, 1 is a key management means for managing keys, and 2 is a key management means for performing encryption processing and signature processing. The data file 3 is a workstation connected to the key management means 1, the data file 2 and the like by a line, and 4 is a security module (eg card) having a signature generation / signature verification function and an encryption processing function.

In FIG. 1, the present invention solves the above problems as follows. (1) The security module 4 is provided with a key management table for storing IDs for identifying a plurality of users, files, etc. and a key corresponding to the IDs, and signature processing is performed using the keys stored in the key management table. . (2) The security module 4 is provided with a key management table that stores an ID for identifying a plurality of users, files, etc. and a key corresponding to the ID, and secret communication is performed using the key stored in the key management table. Perform processing. (3) In the signature process and the secret communication process, when the target key is not stored in the key management table, the target key is supplemented from the outside and accumulated and supplemented in the key management table. (4) When storing a key in the key management table, check whether there is a free area in the key management table. If there is no free area,
A key with a low priority is erased to create a free area, and a new key is stored in the created free area.

According to the first to fourth aspects of the present invention,
As described above, the security module 4 is provided with a key management table that stores an ID for identifying a plurality of users, files, etc. and a key corresponding to the ID, and a signature process and a secret communication process using the key. As described above, when the target key is stored in the key management table, the key distribution procedure becomes unnecessary, and it is possible to reduce the congestion of the line. When the target key is not stored in the key management table as in the fifth and sixth aspects of the present invention, the target key is replenished from the outside, and when the key is replenished, the key is When there is no free area in the management table, the key with a low priority is deleted and a new key is stored, so that the key with a high priority can be stored in the key management table of the card at all times.

[0016]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the system shown in FIG. FIG. 2 is a diagram showing the configuration of a security module (hereinafter referred to as a card) according to the embodiment of the present invention. In the figure, 15a
Is a processor that controls a signature processing unit, an encryption processing unit, and the like, which will be described later, 15b is a bus, and 15c is an IO port connected to the host 14, and a user / file ID and various commands from the host 14 via the IO port 15c. , The encrypted key data, and the signed data (data to which the authenticator CS is attached) are received, and the verification result (Y / N described above) is sent to the host 14.
Message, etc.), and sends encrypted data.

Reference numeral 15d is a first key management table in which a card ID, a user ID, a key, and the frequency of use thereof are recorded.
Reference numeral 5e is a second key management table in which the file ID, the individual key of each file, and the frequency of use thereof are recorded. Each of the first and second key management tables 15d and 15e is composed of a rewritable memory having an area for storing a plurality of user IDs, file IDs, keys, etc.
5a counts the usage frequency of each data, and the usage frequency m1
.. Mn, n1 to nn are written in each key management table. Then, as will be described later, when a new ID, key, etc. are sent from the host 14, they are stored, and when there is no free space, the above-mentioned usage frequencies m1 to mn, n1 to nn are referred to, for example, The less frequently used one is deleted and new data is written.

Reference numeral 15f is a signature processing unit for performing signature generation and signature verification. The signature processing unit 15f includes an exclusive OR circuit 151, a key 152, and an encryption circuit 15 for performing encryption processing.
3, a selector 154, and a comparator 155. The selector 154 receives the SEL control signal from the encryption circuit 153.
Is selectively connected to the exclusive OR circuit 151, the comparator 155, or the encryption processing unit 15g. The signature processing unit 15f causes the authenticator CS to be described later.
Is generated, and the generated authenticator CS and the authenticator CS ′ attached to the end of the request data transmitted from the host are compared by the comparator 155 to generate a Y / N message. further,
The encryption processing unit 15g uses the key 152 of the signature processing unit 15f and the encryption circuit 153 to encrypt the data as described later. The encryption circuit 153 is a one-way function algorithm, a cryptographic processing function, or the like, and is a DES or FEA that repeats and mixes by transposing / substituting input data.
L or the like can be used. Reference numeral 15g is an encryption processing unit, and the encryption processing unit 15g is composed of a delay circuit 156 and an exclusive OR circuit 157, and encrypts data with the key 152 as described above.

FIG. 3 is a diagram showing an example of signature generation and signature verification processing in this embodiment. The signature generation and signature verification processing in this embodiment will be described with reference to FIG. In the figure, reference numeral 12 is a data generation device, and the data generation device 12 is provided with an exclusive OR circuit 121, an encryption circuit 122, and a key 123 as in the card 15 described above, and the generated data DATA1, DATA2, .. are generated from the authenticators CS1, CS2 ,. A data file device 13 includes a file ID (F01, ...) Generated by the data generation device 12, data (DATA1,
DATA2, ...), Authenticators (CS1, CS2, ...), etc. are stored. Reference numeral 15 'is a signature verification function on the card side shown in FIG.

Generation of the above authenticator (signature sentence) and signature verification are performed as follows. When DATA1 having a file ID of F01 is generated by the data generation device 12, the DAT
A1 is cut out in a certain block unit (64 bits in the case of DES), and encryption processing is performed in this unit. First, the cut-out data block is input to the encryption circuit 122, encrypted by the key 123, and the result is returned to the input of the encryption circuit 122 via the exclusive OR circuit 121. Then, this process is repeated until all the input data strings are completed, and when the last input data is processed,
The left 32 bits of the output is output in the form of the authenticator CS1.
Then, the generated authenticator CS1 is combined with the data DATA1 and stored in the file device 13 together with the file ID. Similarly, for the generated data DATA2, ..., Authenticators CS2, ... Are also created, and the data DATA2 ,. Then, as described above, the host 1
When there is a data delivery request from 4, the file ID (for example, F01), data (for example, DATA1), and the generated authenticator CS ′ are sent to the card side via a network such as a LAN.

On the card 15 side, in FIG. 2, the selector 154 connects the output of the encryption circuit 153 to the exclusive OR circuit 151 side, and the same processing as that for generating the above-mentioned authenticator CS 'is performed to perform the authenticator CS. To generate. That is, D
The ATA1 is cut out in a certain block unit, and as shown in FIG. 3, the cut out data block is input to the encryption circuit 153, and encryption processing is performed by the key 152 (the same key as the key that the data generation device 12 has). , A process of returning the result to the input of the encryption circuit 153 via the exclusive OR circuit 151 is repeated until the entire input data string is completed,
Generate a certifier CS. Then, the authenticator CS generated on the card side and the authenticator C delivered via the network
S'is compared by the comparator 155 to confirm whether the requested data has been delivered without being tampered with in the middle. If the authenticators match, Yes, and if they do not match, No.
Message is generated.

FIG. 4 is a diagram showing an example of the data concealment process in this embodiment. In the figure, 111 is a key K on the data delivery side, 112 is an encryption circuit, and 113 is an exclusive OR circuit. Also, 14 'is a concealment function on the card side. The data concealment process and its decryption process are performed as follows. On the data delivery side, when the data sequence data is given, a pseudo random number sequence is generated by the feedback circuit of the encryption circuit 112 by the key 111, and the given data sequence data and the generated pseudo random number sequence are sent to the exclusive OR circuit 113. Giving,
Exclusive-OR processing is performed bit by bit to convert into encrypted data Ek (data), which is then delivered to the card 15 side via the network.

On the card 15 side, in FIG. 2, the selector 154 connects the output of the encryption circuit 153 to the exclusive logical sum circuit 157 side, and the encrypted data Ek (dat
The encrypted data Ek is processed by performing the same processing as that of generating a).
Decrypt (data). That is, as shown in FIG. 4, a pseudo random number sequence is generated by the feedback circuit of the encryption circuit 153 using the key 152 (the same key as the data delivery side), and the generated pseudo data Ek (data) is generated. The random number sequence is given to the exclusive OR circuit 157, and the exclusive OR process is performed bit by bit to decode the data sequence data.

FIG. 5 is a diagram showing a processing procedure for extracting data from the data file device in this embodiment.
In this embodiment, as shown in FIG. 2, on the card side,
Since the first key management table 15d in which the card ID, the user ID, the key and the like are recorded and the second key management table 15e in which the file ID, the individual key of each file and the like are recorded are provided, it is necessary on the card side. When the signature key to be stored is stored, the signature key distribution procedure as shown in FIG. 12 is unnecessary, the key distribution protocol can be reduced, and the line congestion can be alleviated.

In the present embodiment, the process of extracting data from the data file device is performed as follows. In order to retrieve the data stored in the data file device 13, the user inserts the card 15 into the connector device 1 of the host 14.
6 and inputs the file ID of the data stored in the data file device 13, the host 14 issues a verification request to the card 15 with the file ID, and the key management server 11 and the data file device 13 A data delivery request is made to. It should be noted that the notification to the key management server 11 is necessary for the key management server 11 to receive the communication record data to be performed later, as described above.

When the above verification request is made, it is confirmed whether or not the keys corresponding to the user ID and the file ID are stored in the first and second key management tables 15d and 15e in the card 15. In the case of FIG.
Do not output the signing key distribution request shown in. If the key is not stored, the signature key delivery procedure shown in FIG. 12 is performed to receive the key, and the key management table 15d, 1
5e is stored in the free area (if there is no free area,
As will be described later, for example, an infrequently used one is deleted to create a free area). On the other hand, when the data file device 13 receives the data delivery request, as described above, the card ID
(IDC), the data file device ID (IDD), and the request data with the digital signature certifier CS (signature) at the end and the random number r2 are sent to the host 14 and the card 15. Here, the random number r2 is added in consideration of the fact that the processing result of the card is false in the host 14 as described above.

When the card 15 receives the request data, the authenticator CS, the random number r2, etc., it confirms whether or not the data received by the authenticator CS is request data, and generates a Yes or No message. . And this Y
The message of / N is encrypted by the individual key KF1 and the random number r2 described above, the card ID (IDC) and the data file device ID (IDD) are attached, and the message is returned to the data file device 13. When the data file device 13 receives the encrypted Y / N message, etc., the encrypted Y / N
Y / N after decrypting message with key KF1 and random number r2
The contents of the message are confirmed and the communication record data is delivered to the key management server 11. The key management server 11 records the communication record data in the log file 11c together with the access time and the like.

6 to 10 are diagrams showing the processing procedure on the card side in the present embodiment, FIGS. 6 and 7 show the card side key management flow for signature verification processing, and FIG. 8 is for secret communication. FIG. 9 shows an authentication control flow associated with key distribution, and FIG. 10 shows a key storage area control flow. Next, the processing procedure in this embodiment will be described in detail with reference to FIGS.

(1) Card-side key management control processing for signature verification processing In FIGS. 6 and 7, the card 15 determines whether or not there is an interrupt from the host 14 (step S1). If there is, the interrupt command is analyzed (step S2). If the interrupt command is not the signature request process, the process proceeds from step S3 to the card-side management control process for confidential communication in FIG. 8 described later. If the interrupt command is signature request processing, the transferred file ID and the table file ID stored in the key management table 15e are checked (step S4). Then, since there is no transferred file ID in the key management table 15e, if the transferred file ID and the table file ID do not match, the process goes from step S5 to the authentication control process associated with the key distribution in FIG. If the file IDs match, the process goes from step S5 to step S6 to perform the key storage process control process shown in FIG. That is, in step S6, as will be described later, it is determined whether or not there is a free area for storing a key in the key management table,
When there is no free area, a key that is rarely used is automatically deleted or manually deleted from the terminal according to an instruction from the host.

On the other hand, as described above, the host 14 issues a data delivery request to the data file device 13, and the data delivered from the data file device 13 is sent to the card 15 via the host 14. Therefore, in step S7 of FIG. 7, the signature verification process of the data from the data file device 13 is performed. That is, in step S8, it is determined whether or not the data transfer sent from the data file device 13 is completed, and if the transfer is not completed, it is determined in step S12 whether the timer time exceeds the regulation. If the timer time does not exceed the regulation, the process returns to step S8, waits until the transfer ends, and if the timer time exceeds the regulation, step S8.
13, send an alarm to the host 14, send a forced stop command, and return to the procedure following the start in FIG.

When the data transfer ends without exceeding the specified value of the timer time, it is determined in step S9 whether the authenticator CS 'attached to the transferred data and the authenticator CS which is the signature processing result on the card side match. It is determined (see FIG. 3). Then, if the certifiers CS and CS 'do not match, the signature invalid message is encrypted in step S10 and sent to the data file device 13, and if the certifiers CS and CS' match, the step is performed. S
At 11, the signature valid message is encrypted and sent to the data file device 13, and the procedure returns to the next step after the start in FIG. As described above, the message is encrypted by using the random number r2 and the key sent from the data file device 13.

(2) Card-side key management control processing for confidential communication In step S3 of FIG. 6, if it is determined that the signature processing request is not made, card-side key management control processing for confidential communication is performed. Go to step T1 in FIG. In step T1 of FIG. 8, it is determined whether the request is a secret communication,
If it is not the confidential communication request, the host 1 is executed in step T6.
4 is notified of an error, and the procedure returns to the procedure following the start in FIG. If the request is for confidential communication, the process goes to step T2 to enter the value of the input user ID and the user ID stored in the key management table 15d.
And check.

If both IDs match, step T
4, the key storage control process shown in FIG. 10 is performed, and in step T7, the secret communication process is performed using the key corresponding to the user ID stored in the key management table 15d (see FIG. 4). . If the two IDs do not match, the process goes to step T5 to perform the key storage area control process shown in FIG. 10, and then goes to step T8 to perform the communication process with the key management server 11 and proceed to the secret communication process. . That is, as described above, the delivery of the signature key from the key management server 11 is received, and the confidential communication process is performed using the signature key. In step T9, the process waits until the communication is completed. When the communication is completed, the process returns to the step next to the start in FIG.

(3) Authentication control process associated with key distribution File ID transferred in step S5 of FIG.
And the table file ID do not match, the process goes to step R1 in FIG. 9 to perform the authentication control process associated with key distribution. In step R1 of FIG. 9, the host 14 is requested to access the key management server 11, and the host 14
Wait for an interrupt from (step R2). When there is an interrupt from the host 14, the interrupt command from the host side is analyzed in step R3, and it is determined in step R4 whether it is an authentication request. If it is not the authentication request, the process goes to step R6, an error command is sent to the host 14, and the process returns to step R1. When the interrupt command is an authentication request, in step R5, the random number r1 sent from the key management server 11 is encrypted by the individual card key K1 as described with reference to FIG. .

The host 14 sends the random number r1 to the key management server 11 and the random number r delivered by the key management server 11
After confirming that 1 has been returned, the key management server 1
As described above, 1 delivers the individual key KF1 to the card side via the host 11. On the card side, step R7
At, the host 14 waits for an interrupt, and if there is an interrupt from the host, the interrupt command is analyzed in step R8. If the interrupt command is not the key storage request, the process returns to step R7 and waits for an interrupt from the host. If the interrupt command is a key storage request, the process goes from step R9 to step R10 to perform the key storage going control process shown in FIG. Then
In step R11, the encrypted signature key sent from the key management server 11 is decrypted, and the key is stored in the key management table 1
5d / 15e and confirm signal ACK to host 14
Is sent back to go to step S8 in FIG.

(4) Key storage area control process Step S6 of FIG. 6, steps T4 and T5 of FIG. 8, and FIG.
In step R10, the key storage area control process shown in FIG. 10 is performed. In step Q1 of FIG. 10, it is determined whether or not there is a free area for storing the key in the key management tables 15d and 15e, and if there is an area for storing the key, the processing is ended. If there is no free space,
In step Q2, the host 14 is instructed that the key management table is full. In addition, automatic update,
Whether to update the manual is displayed on the host 11.

If the instruction from the host is automatic update, the process goes from step Q3 to step Q6, and the frequency of use of each key in the key management tables 15d and 15e is referred to.
One set or a number designated by the user of the key having a low frequency of use and the corresponding ID are deleted from the key management table. If the instruction from the host is not automatic update, the process goes from step Q3 to step Q4, and the host 14
Alternatively, the contents of the key management table are displayed on the dedicated terminal. At that time, all the key data is encrypted with the key of the card, and the operator cannot know the key. Then
At step Q5, the contents of the key management table are deleted by using the keyboard of the host or the dedicated terminal, and the process ends.

[0038]

As described above, according to the present invention, the security module on the user side is provided with the key management table necessary for confidentiality, authentication, signature, etc., and this table and the key distribution protocol are linked. Therefore, it is possible to reduce the key distribution protocol and alleviate the line congestion. Also, when there is no free space in the key management table when replenishing the target key from the outside, the key with the lower priority is erased and a new key is stored, so the key with the higher priority is always used. It can be stored in the key management table of.

[Brief description of the drawings]

FIG. 1 is a principle diagram of the present invention.

FIG. 2 is a diagram showing a configuration of a security module according to an embodiment of the present invention.

FIG. 3 is a diagram illustrating signature generation and signature verification processing according to the embodiment of this invention.

FIG. 4 is a diagram illustrating a data concealment process according to the embodiment of this invention.

FIG. 5 is a diagram showing a procedure for extracting data and performing signature verification in the present invention.

FIG. 6 is a diagram showing a card-side key management flow for signature verification processing.

FIG. 7 is a diagram (continuation) showing a card-side key management flow for signature verification processing.

FIG. 8 is a diagram showing a card-side key management control flow for secret communication.

FIG. 9 is a diagram showing an authentication control flow associated with key distribution.

FIG. 10 is a diagram showing a key storage area control flow.

FIG. 11 is a diagram showing a configuration of a data encryption and signature key storage system.

FIG. 12 is a diagram showing a procedure of extracting data and performing signature verification in the conventional technique.

[Explanation of symbols]

 1 key management means 2 data file 3 workstation 4 card 11 key management server 11a user profile 11b log file 11c encryption processing unit 12 data generator 13 data file device 14 workstation (host) 15 security module (card) 15a processor 15b bus 15c IO port 15d first key management table 15e second key management table 15f signature processing unit 15g encryption processing unit 16 connector device 17 display device 113, 121, 151, 157 exclusive OR circuit 111, 123, 152 keys 112, 122, 153 encryption circuit 154 selector 155 comparator 156 delay circuit

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁶ Identification number Office reference number FI technical display location H04L 9/32 H04L 9/00 601E 675A

Claims (6)

[Claims] 1. A key management unit that performs encryption processing and signature processing and also manages a key, a data file that stores data, the key management unit, and a work connected to the data file via a line. A system comprising a station and a security module that is connected to a key management means and a data file via the workstation and has a signature generation / signature verification function and an encryption processing function. Has a key management table that stores IDs for identifying a plurality of users, files, etc. and keys corresponding to the IDs. The security module performs signature processing using the keys stored in the key management table, The key delivered from the key management means when the key is not stored in the key management table Data confidentiality and data signature key storage system characterized by supplementing accumulated in the key management table. 2. A key management unit that performs encryption processing and signature processing and also manages a key, a data file that stores data, the key management unit, and a work connected to the data file via a line. A system comprising a station and a security module that is connected to a key management means and a data file via the workstation and has a signature generation / signature verification function and an encryption processing function. Is provided with a key management table that stores IDs for identifying a plurality of users, files, etc. and keys corresponding to the IDs. The security module is stored in the key management table when a confidential communication request is made. When the confidential communication process is performed using the key that has been stored and the key is not stored in the key management table above. Data confidentiality and data signature key storage system characterized by supplementing accumulating key is delivered from the key management means to the key management table. 3. A security module having a signature generation / signature verification function and an encryption processing function, wherein the security module is an ID for identifying a plurality of users, files, etc. and a key corresponding to the ID. A security module having a data concealment and data signing key storage function, characterized in that a key management table for storing data is stored, and signature processing is performed using the key stored in the key management table. 4. A security module having a signature generation / signature verification function and an encryption processing function, wherein the security module is an ID for identifying a plurality of users, files, etc. and a key corresponding to the ID. A security module having a key storage function for storing data, and a key storage function for data security and data signature, which performs a secure communication process using the key stored in the key management table. 5. It is confirmed whether or not a target key is stored in the key management table, and when the target key is not stored in the key management table, the target key is supplemented from the outside. 5. A security module having a data storage and data signature key storage function according to claim 3 or 4, further comprising means for storing in the key management table. 6. When accumulating a key in the key management table, it is confirmed whether or not there is a free area in the key management table. If there is no free area, the key with lower priority is erased to generate a free area,
6. A security module having a data concealment and data signature key storage function according to claim 5, wherein a new key is stored in the generated free area.