JPH10124597A - Method and device for electronic check with utilization permit - Google Patents

Abstract

PROBLEM TO BE SOLVED: To simplify transfer and reception processing and to prevent illegal actions. SOLUTION: A user U gets a signed utilized permit L from a registration institute T based on personal reference and the U sends the permit L to a bank B. The B verifies the L and sends a check C signed by an issue number Rc, a public key PkU of the U and 2 secret key of the B corresponding to an issue request amount W and the U sends the C to a receiver V. The V verifies the C and returns that utilization permit to the U and the U verifies this permit and sends it to the V after signing its public key PkU, the C and the transfer amount Wp with the secret key of the U. The V verifies the transfer signature and sends the C and the transfer signature to the B in the case of demand and the B verifies them and executes a demand means.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to a method for issuing an electronic check using a telecommunications system, an IC card or the like, a method for verifying the method, a method for managing the method, and an apparatus therefor.

[0002]

2. Description of the Related Art In a conventional check settlement process,
Processing such as check book issuance, check issuance, collection request, collection procedure is involved. Since these processes are performed via a physical medium called a check, automation and efficiency are limited, and the handling thereof requires considerable time and cost.

Various attempts have been made to digitize checks and the like in order to solve the above-mentioned problems.
Net Cash (in the Proceedings of the First ACM Conf
ernce on Computer and Communications Security, Nov
ember 1993) as a conventional technique, and in particular, a description will be given of the swing processing. Withdrawal (payment) processing in Net Cash is performed among three parties: a user, a recipient, and a check issuing management organization.

The outline of the processing is as follows. -The user sends his / her own electronic check, the recipient's public key, and the amount of the withdrawal to the check issuing authority.・ The check issuing authority verifies the received electronic check,
If it is correct, the bank generates an electronic check in which the public key and the withdrawal amount are electronically signed by the bank, and returns the electronic check to the user. -The user sends the received electronic check to the recipient.・ The recipient receives the electronic check, verifies it,
If so, it is assumed that a valid payment has been made and the electronic check is saved.

[0005]

SUMMARY OF THE INVENTION The present invention provides a method for realizing a more efficient and real-time payment processing by digitizing a check, while having the same security as the payment processing by a check. It is to provide a device. As can be seen from the above prior art, without facing
In order to carry out payments safely and securely, it is essential to involve a third party other than the person at the time.

Further, in such a case, as can be seen from the above-mentioned prior art, the burden on the third party for processing on-line, the amount of data to be held, and the like become extremely large. If the processing by a third party, for example, the credit processing for the user, particularly the recipient, is not performed, it is difficult to properly perform the transfer processing and the like. Taking the conventional technology as an example, the recipient can only be specified as a person who has a certain public key and the corresponding private key, so if the recipient is impersonated or fraudulent, etc. It is difficult to clarify the location and take appropriate measures.

An object of the present invention is to provide an electronic settlement method so that a user can execute a transaction both online and offline. Another object of the present invention is to provide an electronic settlement method so that a check issuing organization system can be operated at low cost. Still another object of the present invention is to provide an electronic payment method without risk of reuse, duplication and forgery.

[0008] Still another object of the present invention is to provide an electronic settlement method capable of securely and reliably performing a dispatch / reception process without a third party's intervention. Still another object of the present invention is to provide a swing-out device without a third party's intervention.
An object of the present invention is to provide an electronic settlement method capable of smoothly performing a withdrawal / reception process by realizing a reception process.

[0009] Still another object of the present invention is to provide an electronic settlement method which reduces the load on the check issuing organization system and reduces the system cost by realizing the issuing / receiving process without the intervention of a third party. That is.

[0010]

SUMMARY OF THE INVENTION According to the present invention, checks, issuance, deposit, and the like are performed by using information issued by a credit institution which guarantees the identity of the issuer and its signature key. Features. According to the electronic check method of the present invention, a user uses a license issued by a user registration institution, receives an electronic check from a check issuance management institution using the license, An electronic check processing method comprising the following elements in an electronic check processing for issuing an electronic check using respective licenses between the first and second elements, wherein the first element is a user registration institution apparatus. A license issuing device for issuing a user-specific license, and a storage device for storing the issued license.

[0011] The second element is a check issuing management institution device, which verifies the validity of the user's license.
It includes a check issuing device that issues an electronic check, a storage device that stores the issued check, and a check management device that manages the issued check. The third element is a user terminal (recipient terminal), which is a use license issued from a user registration institution device, a storage device for storing an electronic check issued from a check issuance management institution device, a use license, A verification device for verifying the validity of the electronic check, a issuing device for issuing a check to another user terminal, and a receiving device for receiving an electronic check from the other user terminal are provided.

In the case of the receiver terminal, an electronic check issued by the user terminal is received, and the processing of the electronic check method is performed in the following steps. Step 1: Issue a user-specific license to the user whose identity is guaranteed and send it to the user terminal. Step 2: The user terminal verifies and stores the issued license. Step 3, the check issuance management institution verifies the license, issues an electronic check in response to a request from the user terminal, and transmits the electronic check to the user terminal. Step 4, the user terminal verifies and stores the issued electronic check. Step 5, the user terminal sends an electronic check to the recipient terminal and performs a dispatch process. Step 6, the receiver terminal receives the issued electronic check and performs a receiving process. Step 4, the recipient terminal sends the issued electronic check, and performs a collection request process with the check issuing management institution apparatus. Step 5, the check issuing management institution apparatus performs a collection process for the electronic check requested to be collected.

[0013]

FIG. 1 shows an example of the configuration of a system to which the method of the present invention is applied. A terminal 100 for the user to be issued an electronic check, a user registration institution 200 for issuing a usage certificate upon registration of the user information, a check issued by the user, and a recipient Check issuance management device 3 that collects electronic checks upon request from
00 and a recipient terminal 40 for receiving an electronic check from the user
0, which can be mutually connected by a communication line or an IC card.

First Embodiment (Issuance of a License) First, the terminal 100 of the user U applies a digital signature to a part of the information of the user U by exchanging with the device 200 of the user information management organization T. A license including the signed license L is obtained. User information management organization T
The device manages user information including the license.

(Electronic Check Issuance) The user U terminal transmits the issuance request amount W and the usage permit to the check issuance management institution B apparatus 300 as shown in FIG. The check issuance management institution B apparatus 300 verifies the license, and if correct, generates an issue amount Wi (= W) and generates a check signature C in which a part of the license is electronically signed, and Reply to U terminal 100. The user U terminal 100 checks the received check signature C
Is verified, and if it is correct, it is stored in an electronic check (check signature C, issue amount Wi) storage device.

(Check Delivery / Payment) (See FIG. 3) In the process of the delivery / payment, the user U terminal 100 transmits an electronic check (check signature C, issue amount Wi) to the recipient V terminal 400. The recipient V terminal 400 verifies the received check signature C, and if correct, sends the usage permit of the recipient V to the user U terminal 100. User U terminal 10
0 verifies the received license of the recipient V, and if it is correct, generates a signed signature S in which the withdrawal / payment amount Wp and a part of the license of the recipient V and a part of the electronic check are digitally signed. Then, the registration information (signature signature S, withdrawal / payment amount Wp) is transmitted to the recipient V terminal 400. The recipient V terminal 400 verifies the received signature S, and if correct,
The received electronic check and signature information are stored in the storage device.

(Request for Collection) (See FIG. 4) The recipient V terminal 400 transmits the electronic check and the signature information issued from the user U terminal 100 to the check issuance management institution B apparatus 3.
Send to 00. The check issuing management institution B apparatus 300 verifies the check signature C and the signature signature S, respectively, and if they are correct, it is assumed that the electronic check has been surely issued to the recipient V.

(Collection Procedure) The check issuance management institution B apparatus 300 performs this processing when the above (request for collection) processing is properly completed. The content of this processing depends on whether or not the user U has received funding in advance at the time of issuing the electronic check. In the former case, a process of transferring the corresponding amount Wp to the recipient V is performed. In the latter case, in addition to the process of transferring the corresponding amount Wp to the recipient V, a process of debiting the corresponding amount Wp from the user U is performed. You.

Embodiment 2 It is assumed that a public key and a secret key in this embodiment are both based on public key cryptography. (Issuance of license) The user registration institution T device 200 generates a user public key PkU and a secret key SkU corresponding to the user U, and sends the generated public key PkU to the electronic device using the secret key SkT of the user registration institution T. A signed license signature L is generated.

The user registration institution T apparatus 200 uses a user license (a license signature L, a user public key Pk) as user information.
U) and information that can identify the user U are stored in the storage device. The user registration institution T apparatus 200 transmits the use certificate and the user secret key SkU to the user U terminal 100. The user U terminal 100 verifies the received license signature L with the public key PkT of the user registration organization T, and if it is correct, determines that the license is valid, and the user U's public key, secret key, and license Is stored in the storage device.

(Electronic Check Issuance) The user U terminal 100 sends the issuance request amount W and the usage certificate (permit signature L, user public key PkU) to the check issuance management institution B apparatus 300. The check issuing management organization B apparatus 300 verifies the received license (license signature L, user public key PkU) with the public key PkT of the user registration organization T. If the verification is correct, an issue number Rc is generated, and the user public key PkU,
A check signature C is generated by electronically signing the issue amount Wi (= W) and the issue number Rc with the secret key SkB of the check issuance management organization B. The check issuance management institution B apparatus 300 sends the check management apparatus an issue number Rc, a user public key PkU,
The issue amount Wi and the usable amount Wa (= Wi) are stored in the storage device, and the electronic check (check signature C, issue number Rc, issue amount Wi, user public key PkU) is stored in the user U terminal 10.
0 and the check management information (issue number Rc, check balance Wa, registered signature history S1,... S1) in the check management device.
n). The available amount Wa is an amount managed by the check issuance management institution B apparatus 300 for each issue number Rc.

The user U terminal 100 transmits the received electronic check (check signature C, issue number Rc, issue amount Wi, user public key PkU) to the public key PkB of the check issuing management organization B.
If the verification is correct, the electronic check (check signature C, issue number Rc, issue amount Wi, user public key PkU) is stored in the storage device. In addition, when the check issuance management institution B apparatus 300 performs the process for the first time using the above-mentioned license (received from the user U terminal 100 during the process), the user information management device transmits the license to the user information management device. Is stored.

(Check Delivery / Payment) User U Terminal 1
00 is an electronic check (check signature C, user public key Pk
U, issue amount Wi, issue number Rc)
Send to 0. The recipient V terminal 400 verifies the received check signature C, and if it is correct, obtains the current time T, generates a random number R, and uses the recipient V's license, time T, and random number R
Is transmitted to the user U terminal 100. User U terminal 100
Verifies the validity of the received license signature L and time T of the recipient V. If these verifications are correct, the user U terminal 10
0 is the withdrawal / payment amount Wp and the public key PkV of the recipient V,
A signature Sp is generated by applying a digital signature to the check signature C, the time T, and the random number R, and the signature information (signature signature Sp, withdrawal / payment amount Wp) is transmitted to the recipient V terminal 400. The recipient V terminal 400 verifies the received signature Sp, and if it is correct, determines that a valid withdrawal / payment has been made, and checks the electronic check (check signature C, user public key Pk
U, issuance amount Wi, issuance number Rc) and signature information (signature signature Sp, withdrawal / payment amount Wp, time T, random number R) are stored in the storage device.

(Request for Collection) The recipient V terminal 400 sends an electronic check (check signature C, user public key PkU, issue amount Wi, issue number R) issued from the user U terminal 100.
c) and the signature information (signature signature Sp, withdrawal amount Wp, recipient public key PkV, time T, random number R) are transmitted to the check issuing management organization B apparatus 300. Check issuance management organization B device 3
00 verifies the check signature C and the signature signature Sp, respectively.
If the check is correct, the check management information (issue number Rc, check balance Wa, signature signature history S1... S) for the check
n) is acquired from the check management device, and the presence / absence of an issuance history, the magnitude relationship between the withdrawal amount Wp and the check balance Wa (Wp ≦ W
a), the signature Sp is added to the signature history (S1... Sn).
Verify whether there is. If there is Sp, it is regarded as illegal.

If the results of the above verifications are all correct, it is assumed that the check Wp has been issued to the recipient V, the electronic check and the registered information are stored in the storage device, and the check management information is updated. (Collection procedure) The same processing as in the first embodiment is performed.

(Transfer procedure) First, the user U terminal 100
Transmits the electronic check and the transfer destination name U 'to the check issuance management institution B apparatus 300, and the check issuance management institution B apparatus 300 verifies the received electronic check. If the verification is correct, the license of the transfer destination U 'is read from the user information management device, a random number R is generated, the T of the current time is obtained, and the user U
The license, the random number R, and the time T are returned to the terminal 100.

The user U terminal 100 receives the transfer destination U '
Of the user U and the time T, and if correct, the public key PkU 'of the transfer destination U', the transmitted electronic check, the transfer amount Wt, the received random number R, and the secret of the user U with respect to the time T. A transfer signature St signed with the key SkU is generated, and the transfer information (the transfer amount Wt, the transfer signature St) is transmitted to the check issuing management institution B apparatus 300.

The check issuing management institution B apparatus 300 verifies the received transfer signature St, and if correct, stores the electronic check and the transfer information (transfer signature St, transfer amount Wt, random number R, time T) in the storage device. Although the (transfer procedure) processing is completed in the processing so far, it cannot be determined that this transfer is really legitimate. Therefore, after this processing, the check issuance management institution B apparatus 300 is replaced with the transfer destination U 'offline (also possible online) (collection request).
Perform processing.

(Deposit) First, the user U terminal 100 obtains the current time T and generates a random number R. It generates a deposit signature Sd in which the public key PkU of the user U, the corresponding check signature C, the deposit amount Wd, the time T and the random number R are signed with the secret key SkU of the user U, and deposit information (deposit amount Wd). , The deposited signature Sd, the time T, the random number R) and the electronic check to the check issuing management institution B apparatus 300.

The check issuing management institution B apparatus 300 verifies the received deposit signature Sd and the received time T. If the verification is correct, the check information and the deposit information (deposit amount Wd,
The deposited signature Sd, time T, and random number R) are stored in the storage device. In the processing so far, the (deposit) processing is completed, but it cannot be determined that the deposit is really valid. Therefore, after this processing, the check issuing management institution B apparatus 300 performs the processing performed by the apparatus 300 in the collection request.

Embodiment 3 Here, a case will be described in which all public key encryption methods use RSA. Note that the form A = g (B) in the mathematical expression indicates that the result of hashing B is A, and the form A‖B indicates that the form A is a combination of A and B. (Use license issuance) (Refer to FIG. 5 and FIG. 28) The user registration institution T apparatus 200 confirms the identity of the user U (S1), and when it is determined that the identity is correct, the user U
Then, an identifier IdU for identifying the ID is generated (S2). Next, the secret key SkU (SkUp, SkU
q, SkUd), public key PkU (PkUn, PkUe)
Is generated (S3). Next, an expiration date EL of the issued license is generated (S4). Next, for the public key PkU of the user U, the user identifier IdU, the expiration date EL from the storage device 201, the user registration organization T identifier IdT, and the user registration organization T public key identifier IdPkT, The hash operation in 210 (FIG. 16)
2, the secret key SkT (SkTp, SkTq, SkT) of the user registration organization T from the storage device 201.
According to d), a permit signature L obtained by applying an electronic signature by the signature generator 203 is generated (S5). That is, the signature L is performed by the following operation.

L = g (PkU {IdU} EL {IdT}
IdPkT) ^SkTd mod PkTn The user registration institution T device 200 uses the user certificate (permit signature L, user identifier IdU, user public key PkU, expiration date EL, user registration institution T identifier Id) as user information.
T, a user registration institution T public key identifier IdPkT) is generated (S6), and this and the secret key SkU are stored in the storage device 201 (S7).

The user registration institution T apparatus 200 transmits the use certificate and the user secret key SkU to the user U terminal 100 (S7). The user U terminal 100 verifies the received permit signature L with the permit signature verifier 110 using the public key PkT of the user registration organization T to satisfy the following relationship.

G (PkU‖IdU‖EL‖IdT‖Id
PkT) = L ^PkTe mod PkTn If the verification is correct, it is determined that a valid license has been issued, and its own public key, secret key, and license are stored in the storage device. The license signature verifier 110 performs as shown in FIG. The received time limit EL is compared with the time T of the timer 104 by the comparator 105. If EL> T, it is determined as OK,
The received PkU, IdU, EL, IdT, IdPk
T is input to a hash calculator 102, and a signature generator 1 is applied to the received license signature L using a public key TkT.
03, the signature operation L ^PkTe mod PkTn is performed, and the result is compared with the hash operation result by the comparator 106. If they match, the result is OK. If both the comparators 105 and 106 are OK, the verification result is OK. Becomes FIG. 22 shows how signals are exchanged between the user U terminal 100 and the user information registration institution T device 200 in this license issuance processing.
FIG. 28 shows a functional configuration required by the user U terminal 100 and the user information registration organization T apparatus 200 at this time. Certificate signature verifier 110 in user U terminal 100
Is shown in FIG. 19, and the user registration institution T device 2
The permit signature generator 210 in 00 is shown in FIG.

(Electronic check issuance) (FIGS. 6, 7, 29)
Here, a description will be given of a case where the electronic check issuance process can be executed, and a case where the electronic check is also updated in the user's storage device. User U terminal 100
Determines whether there is a valid electronic check issued by the check issuing management organization B in the storage device (S1), and if so, acquires the current time T (S2) and generates a random number R (S3). ), Check signature C, renewal request amount Wc, check balance Wr, own public key PkU and identifier IdU, and update signature Sc obtained by electronically signing the above time T and random number R with own secret key SkU. It is generated by the update signature generator 170 (S4). The check balance Wr is the balance that the user U manages for his / her own check.

Sc = g (C‖Wc‖Wr‖PkU‖Id
U‖T‖R) ^SkUd mod PkUn Note that the renewal request amount Wc and the check balance Wr are the same here, and the case where the renewal signature Sc is generated will be described below. The user U device 100 receives the issuance request amount W, the usage certificate (permit signature L, the user identifier Id).
U, user public key PkU, expiration date EL, user registration organization T identifier IdT, user registration organization T public key identifier Id
PkT), the above electronic check (check signature C, issue amount W)
i, issue number Rc, expiration date EC, check issuing management institution identifier IdB, check issuing management institution public key identifier IdP
kB) and update information (update signature Sc, update request amount Wc, check balance Wr, time T, random number R) are transmitted to the check issuance management institution B apparatus 300 (S5).

As shown in FIG. 7, the check issuing management organization B apparatus 300 converts the received license into a license signature verifier 33.
Verify with 0 (S1). The verification contents include verification of the permit signature L using the public key PkT of the user registration organization T, verification of the expiration date EL, and verification of consistency with the user information stored in the user management device (S2). , S3). Also,
The received electronic check is verified by the check signature verifier 310 (S4). The verification contents include verification of the check signature C using the own public key PkB and verification of the expiration date EC.

Next, the received update information is updated by the update signature verifier 3.
The verification is performed at 20 (S5). The verification contents include a user identifier IdU and a user public key PkU in the license, a check signature C in the electronic check, and an update signature S using the update information.
It is verified that c has the following relationship. g (C‖Wc‖Wr‖PkU‖IdU‖T‖R) = Sc
^{If the SkUe} mod PkUn verification is correct, in addition, the usable amount Wa corresponding to the issue number Rc is read from the check management device, and it is verified whether the following relationship is satisfied.

Wa ≧ Wc (= Wr) If all the verifications so far are correct, the usable amount Wa corresponding to the issue number Rc in the check management device is subtracted by Wc. Next, a new check issuance amount W is calculated by the following operation.
i ′ is determined (S6). Wi '= W + Wc Next, the issue number Rc' is determined (S7). Here, it is assumed that a serial number is used so that the issue number Rc 'is a unique number. Next, check expiration date EC '
Is determined (S8). Here, the expiration date EC 'is the date and time of issue, the check issuance management organization B public key identifier IdPkB,
It is uniquely determined from the validity period EL of the license.

Next, a new check signature C 'is generated by the check signature generator 340 by the following operation (S9). C '= g (PkU‖Wi'‖Rc'‖EC'‖IdB ‖IdPkB) ^SkBd mo
d PkBn Next, the check issuance management organization B apparatus 300 sends the electronic check (check signature C ', check issuance amount Wi', issue number R
c ', expiration date EC') to the user U terminal 100 (S10), and save the electronic check in a storage device (S11). As shown in FIG. 17, the check signature generator 340 reads the IdB, IdPkB,
EC, Rc and the received Wi, PkU are hashed by a hash calculator 3
02, g (Wi‖Rc‖PkU‖IdP‖Id
PkB‖EC), and the result is used as the secret key Sk
At B, a signature operation is performed by the electronic signature generator 303 to obtain a check signature C.

The user U terminal 100 receives the electronic check as shown in FIG. 6 (S6), and verifies the electronic check with the check signature verifier 120. The contents of the verification include the issue amount Wi '
Verify that the relationship of Wi ′ = W + Wc is satisfied (S
7) Using the public key PkU in the license for use, the IdB, IdPkB, PkB read from the storage device, and the received electronic check, it is verified whether the following relationship is satisfied (S8).

G (PkU‖Wi'‖Rc'‖EC'‖IdB‖IdPkB)
= ^C'PkBe mod PkBn If all the verifications above are correct, the electronic check is stored in the storage device (S9). Check signature verifier 120 is shown in FIG.
0, the expiration date EC in the received electronic check
Is compared with the time T of the timer 104 by the comparator 103,
It is verified that T has not exceeded the expiration date EC, and all of the information of the received electronic check except C is input to the hash calculator 102 to obtain a hash calculation, and the check issuance management from the storage device 101 is performed. The public key PkB of the institution B is extracted, and the received check signature C is converted into the electronic signature generator 103 by this.
And performs a signature operation C ^PkBe mod PkBn, and compares the result with the hash operation result in the comparator 10.
6, and if they match, it is determined as OK, and both comparators 105, 1
06 are both OK and this verification passes.

The check issuance management organization B apparatus 300
When this process is performed for the first time using this license (received from the user U terminal 100 during this process), this is detected in step S2 in FIG. The license is stored and step S
Move to 3 (S12). If the user U terminal 100 does not hold the electronic check at step S1 in FIG. 6,
The usage permit and the requested amount are transferred to the check issuing management organization B apparatus 30
0 and the process moves to step S6 (S10). User U terminal 1 in the above check issuance (including update) processing
FIG. 23 shows how signals are transmitted to and from the check issuance management institution B apparatus 300, and the functional configuration of the user U terminal 100 and the check issuance management institution B apparatus 300 required for this processing is shown in FIG. Show. The check signature verifier 120 in the user U terminal 100 is as shown in FIG. 20, and the check signature verifier 31 in the check issuance management institution B apparatus 300.
0 is the same as that shown in FIG. 20, the update signature verifier 320 is the same as that shown in FIG. 21, and the permit signature verifier 330 is the same as that shown in FIG. The check signature generator 340 is as shown in FIG.

In the following description, the notation related to the electronic check held by the user U terminal 100 is represented by excluding “′” from all the above symbols. (Check Delivery / Payment) (Refer to FIG. 8, FIG. 9, FIG. 30) First, the user U terminal 100 determines the withdrawal amount Wp (S
1), electronic check (check signature C, user public key Pk)
U, issue amount Wi, issue number Rc, expiration date EC, check issuance management institution B identifier IdB, check issuance management institution B
The public key identifier IdPkB) is transmitted to the recipient V terminal 400 (S2). The recipient V terminal 400 verifies the received electronic check with the check signature verifier 420 as shown in FIG. 9 (S1, S2). The content of the verification is the verification of the user U terminal 100 during (electronic check issuance) processing (S7, S8).
Is the same as If the verification is correct, the current time T is acquired (S3), a random number R is generated (S4), and the license of the recipient V, the time T, and the random number R are transmitted to the user U terminal 100 (S5). ). The user U terminal 100 verifies the validity of the received license of the recipient V and the time T (S4).
If these verifications are correct, the withdrawal / payment amount Wp, the check balance Wr, the public key PkV of the recipient V, the identifier IdV
The signature signature Sp, which is obtained by performing a hash operation on the check signature C, the time T, and the random number R with the secret key SkU of the user U by the following operation, is used as the signature signature generator 130. Sp = g (C‖Wp‖Wr‖PkV‖IdV‖T‖R)
^SkUd mod PkUn Further, the signature information (signature signature Sp, withdrawal / payment amount Wp,
A check balance Wr) is generated (S5), and the recipient V terminal 4
00 (S6). As shown in FIG. 18, the generation of the name information is performed by receiving the received Wp, Wr, IdV, PkV, T,
R and the check signature C in the storage device 101 are input to the hash calculator 102, g (C‖Wp‖Wr‖PkV‖IdV‖T‖R) is calculated, and the calculation result is sent to the electronic signature generator 103. And performs a signature operation with the secret key SkV to obtain a signature Sp.
This and Wp and Wr are output.

Recipient V terminal 40 that has received this registered information
0 indicates that the signature C of the electronic check received earlier, the user public key PkU, the own public key PkV, the identifier IdV, the transmission time T, and the random number R are used to satisfy the following relationship. Is verified by the signature verification unit 430 (S6, S7). g (C‖Wp‖Wr‖PkV‖IdV‖T‖R) = Sp
^{If PkUe} mod PkUn is correct, it is determined that a valid withdrawal / payment has been made, and the electronic check (check signature C, user public key PkU,
Issue amount Wi, issue number Rc, expiration date EC, check issuance management institution B identifier IdB, check issuance management institution B public key identifier IdPkB) and signature information (signature signature Sp, withdrawal / payment amount Wp, check balance Wr, time T) , Random number R)
Is stored in the storage device (S8). Figure 2 shows the verification of the signature
As shown in FIG. 1, all of the received signing information except for the signature Sp is supplied to the hash calculator 402 to perform a hash operation, and the received signature Sp is converted to the signature generator 4.
03, the signature calculation Sp ^PkUe mod PkUn is performed using the user public key PkU in the storage device 401, and the signature calculation result and the hash calculation result are compared by the comparator 404. And

FIG. 24 shows how signals are sent and received between the user U terminal 100 and the recipient V terminal 400 in the above-mentioned withdrawal / payment process, and the functional configuration of the terminals 100 and 400 required for this process. Is shown in FIG. The permit signature verifier 110 in the user U terminal 100 is as shown in FIG. 19, the registered information generator 130 is as shown in FIG. 18, and the check signature verifier 4 in the recipient V terminal 400
Reference numeral 20 is the same as that shown in FIG. 24, and the registered signature verifier 430 is that shown in FIG.

(Request for Collection) (Refer to FIGS. 10, 11, and 31) The recipient V terminal 400 is the electronic check (check signature C, user public key PkU) issued (paid) from the user U terminal 100. , Issue amount Wi, issue number Rc, expiration date E
C) and signature information (signature signature Sp, withdrawal / payment amount W)
p, the check balance Wr, the public key PkV of the recipient V, the identifier IdV, the time T, and the random number R) are transmitted to the check issuance management institution B apparatus 300 (FIG. 10). The check issuing management institution B apparatus 300 verifies the received electronic check as shown in FIG. 11 (S1, S2). The contents are the same as the corresponding ones in the processing described in (electronic check issuance). If the verification is correct, the received registered information is verified (S
3). Its contents are the same as the corresponding ones in the processing described in (Check issue / payment).

If this verification is also correct, the check management device 3
Reference is made to the available amount Wa and the collection history (signature signature S1... Sn) of the electronic check with the issue number Rc in 70, and the presence / absence of the issuance history, and the magnitude relationship between the withdrawal amount Wp and the usable amount Wa (Wp ≦ Wa). Satisfaction), signed signature history (S
1... Sn) to verify the presence or absence of the signature Sp.
4, S5). If there is Sp, it is regarded as illegal. If all the verification results are correct, the check issuing management organization B apparatus 300
It is assumed that Wp has been issued for the check in question to the recipient V, the electronic check and the registered information are stored in the storage device, and the usable amount Wa of the electronic check of the issue number Rc in the check management device 370 is used. Is subtracted by Wp (S
6), Sp is added to the signature history (S7). FIG. 25 shows how signals are exchanged between the recipient V terminal 400 and the check issuance management institution B apparatus 300 in the above-described collection request processing. The recipient V terminal 400 and the check issuance management institution B apparatus required for this processing are shown in FIG. FIG. 31 shows the functional configuration of 300. The signature verification device 350 in the check issuing management organization B apparatus 300 is the same as that shown in FIG.

(Collection Procedure) As described in the first embodiment, the content of the collection procedure depends on whether or not the user has previously provided funds at the time of issuing the check. In the former case, a process of transferring the pertinent amount to the recipient V is performed, and in the latter case, a process of withdrawing the pertinent amount from the user U is also performed. Further, in this description, the case where only one check issuance management organization B appears, but if the transaction issuance management organization of the user and the recipient is different, the processing between the issuance management organizations in this collection procedure is performed. Is required.

(Transfer procedure) (FIG. 12, FIG. 13, FIG. 32)
First, the user U terminal 100 sends an electronic check (check signature C, user public key PkU, issue amount Wi, issue number R).
c, expiration date EC, check issuing management organization B identifier Id
B, check issuing authority B public key identifier IdPkB),
The transfer destination identifier IdV is changed to the check issuing management organization B apparatus 300
(S1). Check issuance management organization B apparatus 300
Verifies the received electronic check as shown in FIG. 13 (S1, S2). The contents of the verification are the same as those during the processing (electronic check issuance). If the verification is correct, the current time T is obtained (S3), and a random number R is generated (S5).
Further, the usage permit of the received transfer destination identifier IdV is read from the user information management device 380 (S5). Next, the check issuing management institution B apparatus 300 transmits the usage permit of the transfer destination identifier IdV, the time T, and the random number R to the user U terminal 100 (S6). The user U terminal 100 verifies the validity of the received license and the time T of the transfer destination identifier IdV as shown in FIG. 12 (S2, S3). If these verifications are correct, the transfer amount Wt, the check balance Wr, the transfer destination public key PkV, the identifier IdV, the check signature C, the above time T, and the hash calculation performed on the random number R,
A transfer signature St in which an electronic signature is given by the following operation using the secret key SkU of the user U is generated, and St = g (C‖Wt‖Wr‖PkV‖IdV‖T‖R)
^SkUd mod PkUn Further, transfer information (transfer signature St, transfer amount Wt, check balance Wr) is generated (S4), and the transfer information is transmitted to the check issuing management institution B apparatus 300 (S5). The check issuing institution B apparatus 300 verifies the received transfer information (S7, S8). Verification details (Check / Payment)
This is the same as the corresponding one in the processing described above. If the verification is correct, the electronic check (check signature C, user public key P
kU, issue amount Wi, issue number Rc, expiration date EC, check issuance management organization B identifier IdB, check issuance management organization B public key identifier IdPkB), and transfer information (transfer signature S
t, transfer amount Wt, check balance Wr, transfer destination public key Pk
V, the identifier IdV, the time T, and the random number R) are stored in the storage device (S9).

Although the (transfer procedure) processing has been completed in the processing so far, it cannot be determined that the transfer is really legitimate. Therefore, after this process, the check issuance management institution B apparatus 300 performs the transfer request (identifier IdV) (collection request) process online or offline. FIG. 26 shows the state of communication between the user U terminal 100 and the check issuance management institution B apparatus 300 in the above-described transfer processing, and the user U terminal 10 required for this processing is shown in FIG.
FIG. 3 shows the functional configuration of the check issuing management organization B apparatus 300.
It is shown in FIG. Transfer signature generator 15 in user U terminal 100
0 can be the same as the signature information generator of FIG. 18, and the same as the signature signature verifier 360 shown in FIG. Can be.

(Deposit) (Refer to FIG. 14, FIG. 15, and FIG. 33) First, the user U terminal 100 determines the deposit amount Wd (S
1) obtains the current time T (S2) and generates a random number R (S3). Next, the public key PkU of the user U, the identifier I
dU, check signature C, deposit amount Wd, check balance Wr, time T, and random number R
A deposit signature Sd signed with kU is generated, and an electronic check (check signature C, user public key PkU, issue amount W
i, issue number Rc, expiration date EC, check issuing management institution B identifier IdB, check issuing management institution B public key identifier I
dPkB), deposit information (deposit signature Sd, deposit amount Wd, check balance Wr, identifier Ud of user U)
U, time T, random number R)
0 (S5).

The check issuance management institution B apparatus 300 is shown in FIG.
The verification of the electronic check received is performed as shown in (S1,
S2). The contents are the same as those during (electronic check issuance) processing. If the verification is correct, the received deposit information is verified (S3). Its contents are the same as the corresponding ones in the processing described in (Check issue / payment).

If the verification is also correct, the check management device 3
Reference is made to the usable amount Wa and the signature history (signature signature S1... Sn) of the electronic check with the issue number Rc in 70, and if there is an issue history, the withdrawal amount Wd and the usable amount Wa
It is verified whether or not the magnitude relation satisfies Wd ≦ Wa, and whether the deposited signature Sd already exists in the collection history (S1... Sn) (S4, S5). This verification may be performed off-line or on-line as described in the second embodiment. If all the verification results are correct, the check issuing management institution B apparatus 300
Determines that the transfer processing has been properly performed, stores the electronic check and deposit information in the storage device, and uses the available amount Wa for the electronic check of the issue number Rc in the check management device.
Is subtracted by Wd (S6), and Sd is added to the collection history (S6).
7). User U terminal 100 in the above deposit processing
FIG. 27 shows how signals are transmitted and received between the check issuance management institution B apparatus 300 and the functional configuration of the user U terminal 100 and the check issuance management institution B apparatus 300 required for this process in FIG. Show. As the deposited signature generator 160 in the user U terminal 100, the same signature generator as the registered information generator in FIG. 18 can be used. The same as the registered signature verifier shown in FIG. 21 can be used as the deposited signature verifier 370 in the check issuing management organization B apparatus 300.

The user terminal according to the third embodiment corresponds to the functions of the user U terminal 100 shown in FIG.
Each function of the user U terminal 100 in FIG. 29, each function of the user U terminal 100 in FIG. 30, each function of the recipient V terminal 400, and each function of the recipient V terminal 400 in FIG. Each function of the user U terminal 100 in FIG. 32 and each function of the user U terminal 100 in FIG. However, as a user terminal used for the electronic check method, at a minimum, it is only necessary to have the functions necessary for obtaining a license, issuing and obtaining an electronic check, and issuing an electronic check,
Further, these functions can be simply configured as described in the methods of the first and second embodiments. Embodiment 4 In the above description, in order to verify an electronic check with the balance Wr of the electronic check, it is only after Wr becomes negative that the check is an illegal check, and a check with a large issue amount Wi is used multiple times. In this case, even if the check has a fraud such as a change in the balance Wr, the detection of the fraud is delayed. From this point, in the following embodiment, for each electronic check, a set of the balance Wri and the update request amount Wci is stored in the check management device 370, and these are compared with Wr and Wc at the time of the update request. Help detect fraud early.

In a state where the balance Wr is immediately known to anyone, the holder of the electronic check knows the amount of the possession, for example, the recipient, and privacy cannot be maintained. Therefore, in the following embodiment, the balance disturbance information CI obtained by encrypting Wr with a secret key (secret key in secret key encryption) shared only by the user and the check issuing management organization without using the balance Wr used in the third embodiment as it is. Is used.

Therefore, the registered information generating apparatus 130 used in the following description has a functional configuration as shown in FIG. 34, unlike FIG. That is, the check balance Wr is input to the balance disturbance information generator 131, and only the user U and the check issuance management organization B use the balance encryption key SkC which is kept secret by the balance encryption key SkC.
r is encrypted to be the balance disturbance information CI. This CI
And electronic check signature C, withdrawal amount Wp, recipient identifier I
dV, the recipient public key PkV, the time T, and the random number R are concatenated, and a hash operation is performed by the hash calculator 102. The calculation result is used for the electronic signature generator 1 using the user secret key SkU.
03, a signature operation is performed to obtain a signed signature Sp.
Let i and CI be registered information.

This name information uses the balance stirring information CI instead of the balance Wr in the name information obtained in FIG. Therefore, the signed signature verification device 430 may use exactly the same functional configuration as that shown in FIG. Example 3 below
In the same manner as described above, a case will be described in which all public key encryption methods use RSA. Note that the form A = g (B) in the mathematical expression indicates that the result of hashing B is A, and the form A‖B indicates the combination of A and B. (Issuance of license) This is the same as the processing in the third embodiment. (Electronic Check Issuance) A description will be given of a case where the electronic check issuance processing is executable and an update of the electronic check in the storage device of the user U terminal is also performed. In other words, the issuance request amount W to be newly issued and the desired amount (renewal request amount) Wc from the existing electronic check
This is the case where a check is issued with the sum of cash as cash. The communication in this issue is almost the same as FIG. 23, and the functional configuration is almost the same as FIG. 29, but is shown in FIG. User U
The terminal 100 determines whether or not there is a valid electronic check issued by the check issuance management organization B in the storage device 101,
If there is, the check balance Wr is transferred to the user U terminal 100.
And the balance is disturbed by the balance encryption key SkC (secret key in the secret key cryptography) shared only by the check issuing management organization B apparatus 300 to generate balance disturbance information CI. Subsequent processing uses the balance disturbance information CI as the check balance Wr in the third embodiment. Next, obtain the current time T, generate a random number R,
Applicable check signature C, renewal request amount Wc, balance disturbance information C
I, own public key PkU and identifier IdU, time T
And an update signature Sc in which an electronic signature is given to the random number R with its own secret key SkU.

Sc = g (C‖Wc‖CI‖PkU‖IdU
(‖T‖R) ^SkUd mod PkUn The renewal request amount Wc and the check balance Wr are assumed to be the same here, and the case where the renewal signature Sc is generated will be described below. User U terminal issuance request amount W,
License (License signature L, user identifier IdU, user U public key PkU, expiration date EL, user registration organization T identifier IdT, user registration organization T public key identifier IdPk
T), the electronic check (check signature C, issue amount Wi,
Issue number Rc, expiration date EC, check issuing management institution identifier IdB, check issuing management institution public key identifier IdPk
B), and transmits the update information (update signature Sc, update request amount Wc, balance disturbance information CI, time T, random number R) to the check issuing management institution B apparatus 300.

The check issuing management organization B apparatus 300 verifies the received license. The verification contents include verification of the permit signature L using the public key PkT of the user registration organization T, verification of the expiration date EL, and verification of consistency with the user information stored in the user management device 380. Next, at time T
After verifying the validity of the electronic check, the received electronic check is verified. The verification contents include verification of the check signature C using the own public key PkB and verification of the expiration date EC.

Next, the received update information is verified. As the verification contents, it is verified whether the user identifier IdU in the license, the user U public key PkU, the check signature C in the electronic check, and the update signature Sc using the update information have the following relationships. g (C‖Wc‖CI‖PkU‖IdU‖T‖R) = Sc
^SkUe mod PkUn If the verification is correct, balance disturbance information CI is transferred to balance encryption key Sk.
Decrypt with C to generate balance Wr.

Next, the signature signature history (S1,..., Sn) corresponding to the issue number Rc is read from the check management device 370, and it is verified whether or not the update signature Sc exists in the signature signature history. If the updated signature Sc is present in the registered signature history, the verification result becomes invalid. If this verification is correct, Sc is added to the signature history as Sn + 1. In addition, in this example, the check management apparatus 370 uses the used area ({Wr1, X1}... {Wrn, X) corresponding to the issue number Rc.
n}) and verify whether {Wr, Wc} overlaps the used area. X1, ..., X
n is the amount to be deducted from the balance Wr of the electronic check, that is, not only the renewal request amount Wc, but also the withdrawal amount Wp and the remittance amount W
t or the deposit amount Wd. If all of the verifications so far are correct, {Wr, Wc} is added to the used area corresponding to the issue number Rc in the check management device 370 (Wrn +
1, Xn + 1).

FIG. 30 shows a processing procedure of the electronic check verification using the storage of the check management device 370. First, the balance Wr of the electronic check to be verified, the used amount X, the issued amount Wi,
The signature S is read (S1), and the check management device 370 is read.
.., Sn are read from (S2)
It is set that k = 1 (S3), it is checked whether S is not equal to Sk (S4), and if it is not, k is incremented by 1 and the process returns to step S4, and it is checked whether k exceeds n (S3).
5). When k> n, a set (Wr1, X1) of the balance and the usage amount (renewal request amount) so far for the issue number Rc stored in the check management device 370, ..., (Wrn, X
n) is read (S6), and it is checked whether Wr is equal to or larger than X1,..., Xn and equal to or smaller than Wi (S7). k
= 1 (S8), and if Wr is equal to or smaller than Wrk-Xk or Wrk is equal to or smaller than Wr-X, k is incremented by 1, and k is incremented by n. It is checked whether or not it has exceeded, and if it does not exceed, the process returns to step S9 is repeated (S10). For example, Wr ≦ Wrk−Xk is not satisfied, and Wr
If Wrk ≦ Wr−X is satisfied, it is determined that this Wr, X has been issued earlier than Wrn, Xn. However, if neither of these conditions is satisfied, the check is an unauthorized check. If k exceeds n, Sc, Wr, X
Are stored in the check management device 370 as Sn + 1, Wrn + 1, and Xn + 1, respectively (S11).

Returning to the description of FIG. 35, if all the verifications so far are correct, the new check issuance amount W is calculated by the following operation.
Determine i '. Wi '= W + Wc Next, the issue number Rc' is determined. Here, issue number R
c 'is selected to be a unique number. Next, the validity period EC 'of the check is determined. Here, it is assumed that the expiration date EC 'is uniquely determined from the issue date and time, the check issuing management organization B public key identifier IdPkB, and the expiration date EL of the license. A new check signature C 'is generated by the following operation.

C '= g (PkU‖Wi'‖Rc'‖EC'‖IdB
{IdPkB) ^SkBd mod PkBn The check issuance management institution B apparatus 300 transmits an electronic check (check signature C ', check issuance amount Wi', issue number Rc ', expiration date EC') to the user U terminal 100. The user U terminal 100 receives the electronic check and verifies it. As the contents of the verification, the issue amount Wi ′ is Wi ′ = W
+ Wc, public key PkU in own license and IdB, I read from storage device
It is verification that the following relationship is satisfied using dPkB and PkB and the received electronic check.

G (PkU‖Wi'‖Rc'‖EC'‖IdB‖IdPk
B) = C ′ ^PkBe mod PkBn If all the verifications above are correct, the electronic check is stored in the storage device 101. Also, when the check issuance management institution B apparatus 300 performs the process for the first time with this use certificate (the one received during this process from the user U terminal 100), the check issuance management institution B apparatus 300 sends the use permission to the user information management device 380. Store testimony. Up to the maximum balance Wr can be used as the update request amount Wc, and Wr may be always used as the update request amount without particularly providing Wc. In the following description, the notation related to the electronic check held by the user U terminal 100 is represented by excluding “′” from all the above symbols. (Check Delivery / Payment) First, the user U terminal 100 sends an electronic check (check signature C, user U, public key PkU,
The issue amount Wi, the issue number Rc, the expiration date EC, the check issuance management institution B identifier IdB, and the check issuance management institution B public key identifier IdPkB) are transmitted to the recipient V terminal 400. The recipient V terminal 400 verifies the received electronic check. The contents of the verification are the same as the corresponding ones in the processing described in (Electronic check issuance). If the verification is correct, the current time T is obtained, a random number R is generated, and the recipient V
Is transmitted to the user U terminal 100. The user U terminal 100 verifies the validity of the received license of the recipient V and the time T. If these verifications are correct, the check balance Wr is disturbed by the balance encryption key SkC (secret key in the secret key cryptography) shared only by the user U and the check issuing and managing organization B to generate the balance disturbance information CI. Next, the withdrawal / payment amount Wp and the balance disturbance information C
A hash operation is performed on I, the public key PkV of the recipient V, the identifier IdV, the check signature C, the time T, and the random number R, and an electronic signature is obtained by the following operation using the secret key SkU of the user U. Is generated.

Sp = g (C‖Wp‖CI‖PkV‖IdV
‖T‖R) ^SkUd mod PkUn Next, the receiver V terminal 400 stores the signature information (signature signature Sp,
Send out / payout amount Wp and balance disturbance information CI). The recipient V terminal 400 checks the signature C, the user U public key PkU, and the own public key P in the electronic check received earlier.
Using the kV, the identifier IdV, the transmission time T, and the random number R, it is verified whether or not the signed signature Sp satisfies the following relationship.

G (C‖Wp‖CI‖PkV‖IdV‖T
‖R) = Sp ^PkUe mod PkUn If correct, it is determined that a valid withdrawal / payment has been made, and an electronic check (check signature C, user U public key Pk)
U, issue amount Wi, issue number Rc, expiration date EC, check issuance management institution B identifier IdB, check issuance management institution B
Public key identifier IdPkB) and signed information (signed signature Sp,
The withdrawal / payout amount Wp, balance disturbance information CI, time T, and random number R) are stored in the storage device. In other words, in the description of (check issuing / payment) in the third embodiment, instead of Wr, C
The only difference is that CI is generated using I or from Wr. (Request for collection) The recipient V terminal 400 is the user U terminal 100
Electronic check issued (paid) (check signature C, user U public key PkU, issue amount Wi, issue number R
c, expiration date EC) and signature information (signature signature Sp, withdrawal / payment amount Wp, balance disturbance information CI, public key PkV of recipient V, identifier IdV, time T, random number R). Send to The check issuing management institution B apparatus 300 verifies the received electronic check. The content is the same as the corresponding one in the processing described in (Electronic Check Issuance) above. If the verification is correct, the received name information is verified. The contents are the same as the corresponding ones in the processing described in (Check issue / payment) above.

If the verification is also correct, the verification is performed using the information on the electronic check of the issue number Rc in the check management device. The content of this processing is the same as the corresponding processing in the processing described in (Electronic Check Issuance) above. That is, it is the same as the case where Wr in the third embodiment is set to CI. (Collection procedure) The same processing as in the third embodiment is performed. (Transfer procedure) First, the user U terminal 100 sends an electronic check (check signature C, user U public key PkU, issue amount W
i, issue number Rc, expiration date EC, check issuing management institution B identifier IdB, check issuing management institution B public key identifier I
dPkB), and transmits the transfer destination identifier IdV to the check issuing institution B apparatus 300. Check issuance management organization B device 3
00 verifies the received electronic check. The contents of the verification are the same as the corresponding ones in the processing described in (Electronic Check Issuance) above. If the verification is correct, the current time T is obtained, and a random number R is generated. Next received transfer destination identifier I
The dV license is read from the user information management device.
Next, the check issuing management institution B apparatus 300 transmits the usage permit of the transfer destination identifier IdV, the time T, and the random number R to the user U terminal 100. The user U terminal 100 verifies the validity of the use permit of the received transfer destination identifier IdV and the time T. If these verifications are correct, the balance encryption key SkC
(A secret key in the secret key cryptography) to generate balance disturbance information CI.

Next, the user performs a hash operation on the transfer amount Wt, the balance disturbance information CI, the public key PkV of the transfer destination, the identifier IdV, the check signature C, the time T, and the random number R. A transfer signature St to which an electronic signature has been applied is generated by the following operation using the secret key SkU of U. St = g (C‖Wt‖CI‖PkV‖IdV‖T‖R)
^SkUd mod PkUn Next, the transfer information (the transfer signature St, the transfer amount Wt, and the balance disturbance information CI) is transmitted to the check issuing management institution B apparatus 300. The check issuing management institution B apparatus 300 verifies the previously received transfer information. The verification content is the same as the corresponding one in the processing described in (Check issue / payment) above. If the verification is correct, the electronic check (check signature C, user U
Public key PkU, issue amount Wi, issue number Rc, expiration date EC, check issuance management organization B identifier IdB, check issuance management organization B public key identifier IdPkB, and transfer information (transfer signature St, transfer amount Wt, balance disturbance information CI) , The transfer destination public key PkV, the identifier IdV, the time T, and the random number R) are stored in the storage device.

Although the (transfer procedure) process has been completed in the processing so far, it cannot be determined that the transfer is really legitimate. Therefore, after this processing, the check issuance management institution B apparatus 300 performs verification offline or online using the information on the electronic check of the issue number Rc in the check management apparatus 370. The content of this process is the same as the corresponding process in the process described in (Electronic Check Issuance), and is equivalent to the (collection request) process in meaning.
Also in this case, Wr is changed to CI during (transfer procedure) in the third embodiment.
The only difference is that CI is generated from Wr. (Deposit) First, the user U terminal 100 disturbs the balance Wr with the balance encryption key SkC (secret key in secret key cryptography) to generate balance disturbance information CI. Next, the current time T is obtained, and a random number R is generated. Next, a deposited signature obtained by signing the public key PkU of the user U, the identifier IdU, the corresponding check signature C, the deposit amount Wd, the balance disturbance information CI, the time T, and the random number R with the secret key SkU of the user U. S
d, and generates an electronic check (check signature C, user U public key PkU, issue amount Wi, issue number Rc, expiration date E
C, check issuance management organization B identifier IdB, check issuance management organization B public key identifier IdPkB, and deposit information (deposit signature Sd, deposit amount Wd, balance disturbance information CI,
The identifier Ud of the user U, the time T, and the random number R) are transmitted to the check issuing management institution B apparatus 300.

The check issuing management organization B apparatus 300 verifies the received electronic check. The contents are the same as the corresponding ones in the processing described in (electronic check issuance). If the verification is correct, the received deposit information is verified. Its contents are the same as the corresponding ones in the processing described in (Check issue / payment). If the verification is also correct, the verification is performed using the information on the electronic check of the issue number Rc in the check management device 370. The content of this processing is the same as the corresponding processing in the processing described in (electronic check issuance). This verification may be performed off-line or on-line as described in the second embodiment. If all the verification results are correct, the check issuance management institution B apparatus determines that this transfer processing has been properly performed, and stores the electronic check and deposit information in the storage device. This depositing process also differs from the third embodiment in that Wr during the depositing process is used as CI, and CI is generated from Wr and used.

The (Wr, Wc) history verification described in the fourth embodiment may be applied to the third embodiment.

[0074]

As described above, according to the present invention, the issuing / receiving process through a communication line or an IC card is realized by devising the check issuing management organization, the user, and the storage information and protocol of the recipient. Furthermore, since the issuing process can be performed between the issuing party and the recipient, the processing load is small, and the system cost of the check issuing management organization is also small.

The check issuance management institution, the user, and the recipient receive their respective secret information (secret key in public key encryption).
By using the signature, impersonation, forgery such as forgery can be prevented, and the responsibility can be clarified. According to the fourth embodiment, by managing the electronic check not in the usable amount but in the used area, it is possible to detect fraud at the time of illegal use.・ Since the electronic check balance is encrypted with the secret key (secret key in secret key encryption) shared only by the check issuing management organization and the user, the user can protect his / her privacy from the recipient. (The amount of possession is unknown.)-The user uses a combination of public key cryptography and private key cryptography at the time of withdrawal / payment, which increases security against forgery.

[Brief description of the drawings]

FIG. 1 is a block diagram showing an outline of a basic process of the present invention.

FIG. 2 is a block diagram showing basic processing for issuing an electronic check.

FIG. 3 is a block diagram showing a basic process of issuing an electronic check.

FIG. 4 is a block diagram showing basic processing of an electronic check collection request.

FIG. 5 is a flowchart showing processing of a user registration institution in issuing a license.

FIG. 6 is a flowchart showing processing of the user terminal in issuing an electronic check.

FIG. 7 is a flowchart showing processing of a check issuing registrar in electronic check issuance.

FIG. 8 is a flowchart showing processing of the user terminal in issuing a check.

FIG. 9 is a flowchart showing processing of the recipient terminal in issuing a check.

FIG. 10 is a flowchart showing processing of a recipient terminal in a collection request.

FIG. 11 is a flowchart showing the processing of a check issuance registration agency in a collection request.

FIG. 12 is a flowchart showing processing of the user terminal in the transfer.

FIG. 13 is a flowchart showing processing of a check issuing and registering organization in a transfer.

FIG. 14 is a flowchart showing processing of the user terminal in depositing.

FIG. 15 is a flowchart showing the processing of a check issuing registrar in depositing.

FIG. 16 is a block diagram showing an embodiment of a permit signature generation device.

FIG. 17 is a block diagram illustrating an embodiment of a check signature generation device.

FIG. 18 is a block diagram showing an embodiment of a signature generation apparatus.

FIG. 19 is a block diagram showing an embodiment of a usage certificate verification device.

FIG. 20 is a block diagram showing an embodiment of the electronic check verification device.

FIG. 21 is a block diagram showing an embodiment of a signature verification apparatus;

FIG. 22 is a protocol diagram of a usage certificate issuing process according to the third embodiment.

FIG. 23 is a protocol diagram of a check issuance (including update process) process in the third embodiment.

FIG. 24 is a protocol diagram of a withdrawal / payment process in the third embodiment.

FIG. 25 is a protocol diagram of a collection request process in the third embodiment.

FIG. 26 is a protocol diagram of a transfer process in the third embodiment.

FIG. 27 is a protocol diagram of a deposit processing in the third embodiment.

FIG. 28 is a functional configuration diagram of a license issuance process according to the third embodiment.

FIG. 29 is a functional configuration diagram of a check issuance (including an update process) process according to the third embodiment.

FIG. 30 is a functional configuration diagram of a withdrawal / payment process according to a third embodiment.

FIG. 31 is a functional configuration diagram of a collection request process according to the third embodiment.

FIG. 32 is a functional configuration diagram of a transfer process according to a third embodiment.

FIG. 33 is a functional configuration diagram of a deposit processing in the third embodiment.

FIG. 34 is a functional configuration diagram of a registered signature generator used in a registered information generator 130 according to the fourth embodiment.

FIG. 35 is a block diagram showing a functional configuration used for a user terminal and a check issuance management institution in an electronic check issuance process according to the fourth embodiment.

FIG. 36 is a flowchart showing an electronic check verification procedure in the check issuance management institution apparatus according to the fourth embodiment.

 ────────────────────────────────────────────────── ─── Continued on the front page (72) Inventor Hiroyuki Hirose 3-19-2 Nishi-Shinjuku, Shinjuku-ku, Tokyo Nippon Telegraph and Telephone Corporation

Claims (16)

[Claims] 1. A. First Embodiment The user terminal registers information for certifying the identity of the user in the user registration institution, the user registration institution verifies the user's identity, and if verification is successful, generates user information. Generates a permission signature in which the user information is signed with the private key (in public key cryptography) of the user registration institution, the user registration institution transmits the permission signature to the user terminal, and the user terminal B. verify the received permission signature, and if the verification is correct, store the permission signature as a usage certificate in a storage device; When issuing an electronic check, the user terminal sends the user's license to the check issuance management institution, and the check issuance management institution verifies the received license, and if the verification is correct, a part of the license. Check issuing authority's private key (in public key cryptography)
Generates the electronic check signed in step 2, returns the electronic check to the user terminal, and the user terminal verifies the received electronic check. If the verification is correct, the electronic check is stored in the storage device with a license. Electronic check method. 2. C. The user terminal sends the electronic check of the user to the recipient terminal at the time of issuing the check, the recipient terminal verifies the received electronic check, and if the verification is correct, returns a license for use of the recipient terminal, and the user terminal Verifies the received license and, if the verification is correct, signs a part of the recipient's license, the sent electronic check, and the withdrawal amount with the user's private key (in public key cryptography). Generating the issued withdrawal signature, transmitting the withdrawal signature to a recipient terminal, and verifying the received withdrawal signature, and if the verification is correct, storing the check information and the withdrawal signature in a storage device. The electronic check method with a license according to claim 1. 3. D. The user terminal sends the electronic check and the withdrawal signature received at the time of the collection request to the check issuance management institution, and the institution above verifies the received electronic check and the withdrawal signature, and performs the collection procedure according to the verification result. The electronic check method with a license according to claim 1 or 2, wherein 4. E. The user terminal sends its electronic check and the name of the transfer destination to the check issuance management institution at the time of transfer to another person, and the check issuance management institution verifies the received electronic check, and if the verification is correct, the transfer destination The license is read from the storage device, and the license is returned to the user terminal. The user terminal verifies the received license of the transfer destination, and if the verification is correct, a part of the license of the transfer destination. Generates a transfer signature in which the transmitted electronic check and the transfer amount are signed with a user's private key (in public key cryptography), and transmits the transfer signature to a check issuance management institution; 4. The electronic check method with a license according to claim 1, wherein the apparatus verifies the received transfer signature and, if the verification is correct, stores the check information and the transfer signature in a storage device. 5. F. The user terminal signed a part of the license, the relevant electronic check, and the deposit amount with the user's private key (in public key cryptography) when depositing the electronic check on hand into the user's account A deposit signature is generated, and the deposit signature is transmitted to the check issuance management institution, and the check issuance management institution verifies the received deposit signature. If the verification is correct, the check information and the deposit signature are stored in a storage device. The electronic check method with a license according to any one of claims 1 to 4, characterized in that: 6. B. At the time of electronic check issuance, the check issuance management institution generates check management information included in the check information; At the time of updating the user's electronic check, the user terminal signs a part of the user's license, the amount of the electronic check renewal request, with the user's private key (in public key cryptography). And sends the electronic check and the renewal signature to the check issuance management institution, and the check issuance management institution verifies the received renewal signature, and if the verification is correct, updates the check management information and makes the user public. A key, an issuance amount equal to the renewal request amount, an electronic check signed with the check issuance management institution's secret key for the check management information, and an electronic check is returned to the user terminal. The electronic check method with a license according to any one of claims 1 to 5, wherein the received electronic check is verified, and if the verification is correct, the electronic check is stored in a storage device. 7. A. The user registration institution generates a public key (in public key cryptosystem) corresponding to the user and user management information as the user information, and, in addition to the permission signature, a public key / private key of the user. Is also transmitted to the user terminal. B. When the electronic check is issued, the check issuance management institution generates check information if the verification is correct, and uses the public key of the user included in the license as part of the license. When issuing the electronic check, the user terminal adds the random number and the current time to the reply of the license, the recipient terminal uses the recipient's public key as part of the license, and 7. The electronic check method with a license according to claim 2, wherein the received random number and time are added. 8. E. The user terminal adds the random number and the current time to the license when returning it to the above user terminal when transferring to another person, and uses the public key of the transfer destination as part of the transfer license. 8. The electronic check method with a license according to claim 4, wherein a random number and a time received as an object of the transfer signature are added. 9. A. The user registration institution device generates a user identifier as the above-mentioned user management information and a validity period when the use certificate is issued, and generates the validity period, user registration institution identifier, user In addition to the registration institution public key identifier, the above-mentioned permission signature is transmitted to the user terminal, and the identifier, the expiration date of the license, the user registration institution identifier, and the user registration institution signature key identifier are also transmitted. B. add the identifier, the expiration date of the license, the user registration institution identifier, and the user registration institution signature key identifier to the certificate; At the time of electronic check issuance, a new issuance request amount is determined, the presence / absence of electronic checks held in the storage device and the check balance are obtained, and if there are available electronic checks, the current time is obtained and a random number is generated. Generating a renewal signature in which the check signature, the renewal request amount, the check balance, the user's public key, the user identifier, the time, and the random number are signed with the user's private key (in the public key cryptosystem). The new issuance request amount, the user's license, the relevant electronic check, and the update information (update signature, update request amount, check balance, the above time, the above random number) are transmitted to the check issuance management institution, and the check issuance management is performed. The institution device verifies the received license and, if the verification is correct, verifies the received electronic check; if the verification is correct, verifies the received update information; Calculate the issue amount by adding the renewal request amount of the electronic check, generate an issue number, generate an expiration date, and issue the user's public key, issue amount, the issue number, and the expiration date included in the license. , Check issuing authority identifier,
A check signature is generated by signing the check issuance management institution public key identifier with the secret key (in public key cryptography) of the check issuance management institution, and the electronic check (check signature, issuance amount, issuance number, expiration date, A check issuing management institution identifier, a check issuing management institution public key identifier) is returned to the user terminal, and the user terminal verifies the received electronic check, and if the verification is correct, stores the electronic check in the storage device. An electronic check method with a license according to any one of claims 6 to 8, wherein: 10. C. At the time of issuing the electronic check, the user terminal also verifies the receiving time, adds the recipient's identifier and the check balance to the target of the above-mentioned signature, and issues it when transmitting the above-mentioned signature to the recipient terminal. amount,
The check balance is also sent, and the recipient terminal also verifies the received withdrawal information, and issues the withdrawal information (withdrawal signature, recipient's public key, recipient's identifier,
The electronic check method with a license according to any one of claims 6 to 9, wherein the withdrawal amount, check balance, random number, and time are also stored in the storage device. 11. E. When transferring money to another user,
The transfer destination identifier and the check balance are added to the target of the transfer signature. When the transfer signature is sent to the check issuing management institution, the transfer amount and the check balance are also transmitted. If the verification is correct, the transfer information (the transfer signature, the transfer Amount, check balance, transfer destination public key, transfer destination identifier, random number, time)
3. The storage device according to claim 7, wherein
0. The electronic check method with a license according to any one of 0. 12. F. When depositing an electronic check into a user's account, the user's public key is used as part of the license, and the check signature is added to the balance of the check, the user's identifier, a random number, and the current time. Is sent to the check issuance management institution as the deposit information by adding the relevant electronic check, deposit amount, check balance, user's public key, user identifier, the above random number and time, and also send the electronic check. 7. The issuing management institution apparatus verifies the received electronic check, verifies the deposit information if the verification is correct, and stores the check information and the deposit information in a storage device if the verification is correct. 10. The electronic check method with a license according to any one of 10 above. 13. G. When renewing the user's electronic check, the user terminal obtains the current time and generates a random number.The user's public key, user identifier, applicable signature, renewal request amount, check balance, the above time, and random number Generates an updated signature signed with the user's private key (in public key cryptography) for the electronic check, the update information (the relevant check signature, the user's public key, the user's identifier, the update request amount, Check balance, the above time, and random number) are sent to the check issuance management institution, and the check issuance management institution verifies the received electronic check, verifies the update information if the verification is correct, and checks the management information if the verification is correct Update the issuance number, generate the expiration date, generate the user's public key, the issue amount equal to the renewal request amount, the issue number, the expiration date, the check issuance management institution identifier, the check issuance management institution A check signature is generated by signing the open key identifier with the secret key of the check issuing management organization, and the electronic check (check signature, user's public key, issuance amount equal to the renewal request amount, the issuance number, Time limit, check issuing management institution identifier, check issuing management institution public key identifier) to the user terminal, and the user terminal verifies the received electronic check, and if the verification is correct, stores the electronic check in the storage device. An electronic check method with a license according to any one of claims 8 to 12, characterized in that: 14. D. The recipient terminal sends the electronic check and the withdrawal information received at the time of the collection request to the check issuing management organization device, and the above-mentioned organization device verifies the received electronic check, and if the verification is correct, verifies the withdrawal information and the verification is correct. 14. The electronic device with a license according to claim 6, wherein the withdrawal amount is verified, and if the verification is correct, the check management information is updated, and a collection procedure is performed according to the verification result. Check method. 15. The user terminal device compares the check balance with the user terminal at the time of processing such as an electronic check issuing process, an electronic check issuing process, a transfer process to another person, a deposit process, an electronic check update process, and the like. 10. The balance disturbing information encrypted by a balance disturbing secret key (in the secret key encryption method) shared only by the issuing management institution device is generated, and thereafter, the balance disturbing information is used as a check balance. 13. The electronic check method with a license according to any one of 13. 16. The verification of the electronic check in the check issuing management institution apparatus uses a check balance Wr, a set of the amount X to be withdrawn from the check, and a set of Wr and X for the issue number of the electronic check. The determination is made based on the presence or absence of an overlapping portion with the completed area history. If there is no overlapping portion, the Wr and X
16. The electronic check method with a license according to claim 6, wherein is stored in the used area. 17. A first verification means for verifying, using a public key of a user registration institution, a use license comprising a license signature and a user public key received from a user registration institution device, and a user who has passed the verification. Means for storing the permit in a storage device; second verification means for verifying an electronic check comprising the signature, amount and issue number of the check received from the check issuance management institution with the public key of the check issuance management institution; Means for storing in the storage device an electronic check that has passed the pass, third verification means for verifying the use license received from the recipient terminal using the public key of the user registration institution, and from the check issuing / payment user terminal Fourth verification means for verifying the received electronic check with the public key of the check issuing management organization, and a signature comprising the signature and the amount of money received from the check issuing / paying user terminal. Verification means for verifying the information using the user public key, means for storing the corresponding electronic check and registered information in the storage device if both pass the fourth and fifth verification means, The storage device that stores the public key of the user registration organization, the public key of the issuing management organization, the user identifier, the license, the electronic check, and the registered information Transmitting means for transmitting the electronic check to the check issuing management institution apparatus, second transmitting means for transmitting the electronic check to the recipient terminal, and signing the electronic check transmitted by the second transmitting means and the amount to be issued with the user private key. A third transmitting means for generating a signature by generating a signature and transmitting the registered information including the signature to the receiving terminal transmitted by the second transmitting means; The fourth sender who sends the certificate If, electronic check user terminal comprising a fifth transmitting means for transmitting the register information received electronic check to check writing management engine system, the.