KR101849920B1 - Method for providing certificate service based on m of n multiple signatures in use of merkle tree structure and server using the same - Google Patents

Abstract

The present invention a method to provide a service to register, approve, and discard a certificate by multiple signatures and an authentication support server using the same. According to the present invention, the method comprises: a step of acquiring a multi-signature certificate generation request message, which is a message to request generation of a certificate by a public key corresponding to a user terminal (Ui, i = 1 to n, and n > 1), a user ID corresponding to the remaining n-1 user terminals, a value of m, a value of n, and m:n multi-signatures, while a public key or processing data thereof corresponding to each of n user terminal (Ui) is registered; a step of records certificate execution condition data at least including the public key (PubKeyi), the m, and the n, and generating a multi-signature location ID (PrivTxidABC) corresponding to the certificate execution condition data when the public keys (PubKeyi) is determined as valid; a step of allowing each user terminal (Ui) to put a signature on the multi-signature location ID (PrivTxidABC) with the PrivKeyi, which is a private key corresponding to the PubKeyi, to generate multi-signature location ID signature values (SigPrivKeyi(PrivTxidABC)), which is a result value, as the generated multi-signature location ID (PrivTxidABC) is transmitted to the n user terminals; and a step of determining whether or not the multi-signature location ID signature values (SigPrivKeyi(PrivTxidABC)) are normally signed.

Description

[0001] METHOD FOR PROVIDING CERTIFICATE SERVICE BASED ON MULTIPLE SIGNATURES IN USE OF MERKLE TREE STRUCTURE AND SERVER USING THE SAME [0002]

The present invention relates to a method of providing a multi-signature-based certificate service and a server using the same, and more particularly, to a method of providing a registration, approval, and destruction service of a multi-signature based certificate and an authentication support server .

With the advancement of IT technology, it became possible to use various services based on the Internet regardless of place regardless of age and sex.

In other words, by accessing a server operated by a bank or a securities company, it can be used for financial services such as account transfer and stock trading, access to servers operated by government agencies, and sales of civil service and goods such as issuance of various proofs Such as e-commerce services, such as purchasing goods from a server connected to a server, can be provided in real time through the Internet.

On the other hand, when using services in various industrial fields, the user who is a customer must perform certification proving himself / herself.

Here, an authorized certificate is electronic information issued by an accredited certification authority (CA) for the purpose of confirming the identity of a user, preventing forgery and alteration of documents, Represents a seal certificate for cyber transactions. Such authorized certificates include the certificate version, the certificate serial number, the validity period of the certificate, the personalization agent, the digital signature verification information of the user, the user name, the identification information, and the digital signature method.

These certificates are used in public key infrastructure (PKI), which is a security standard method.

The public key infrastructure is a user authentication system that encrypts transmission and reception data using a public key composed of encryption and decryption keys, and verifies the identity of a trader using a password possessed by an Internet user.

However, in the public key infrastructure, since the user's private key exists in a file format in the standardized storage location due to the soft token based storage method, file copying and automation collection of the private key is easy, There is also a risk that information theft occurs.

Therefore, a public certificate authority (CA) should establish a public certificate issuing system in which a high security system is interlocked so as to block the hacking as much as possible, and operate and maintain the established public certificate issuing system There is a problem that a large amount of issuance and use is caused when issuing a conventional authorized certificate.

In addition, the authorized certificate is a security module (for example, composed of ActiveX (ActiveX) under a Microsoft Windows Operating System) for the purpose of performing a user authentication process through a web browser Must be installed.

As such, Active X, which occupies most of the security modules that are almost forcibly installed during the user authentication process, is a technology used by Microsoft to develop reusable object-oriented software components. It includes a component object model and object connection insertion ) Is used to use contents downloaded from the World Wide Web (WWW). Most ActiveX is used to create plug-ins for Internet Explorer (IE).

However, since ActiveX can be installed only by lowering the security level of the PC so as to access resources such as a file and a registry of a personal computer (hereinafter referred to as "PC"), The security level of the user's PC is lowered due to ActiveX, which is installed inevitably for security, thereby making it vulnerable to a dangerous environment such as hacking, and complicated and cumbersome process of performing authentication.

For this reason, in the Republic of Korea, the head of state is promoting the policy of abolishing Active X at the government level, such as pointing out Active X as a typical old financial regulation at the press conference of the New Year and the New Year in 2015.

In addition, the public certificate, which is required to install ActiveX in order to ensure security during the authentication process, is available only from Internet Explorer (IE) provided by Microsoft among various kinds of web browsers, Safari, Firefox, etc.) is often impossible to use itself.

In other words, a user connects to a server operated by a bank or a securities company through an Internet-based web browser, and obtains various kinds of proof documents such as financial services such as account transfer and stock trading, a server operated by a government agency, (Internet Explorer) to use a public certificate for user authentication while using services in various industrial fields such as e-commerce services such as purchase of goods by accessing a server that sells goods, etc. In the Internet Explorer (IE) Service is available, but other web browsers do not support ActiveX, so it is not possible to use the service, so it is often limited by usage.

In addition, the currently used public certificate has a problem in that it is vulnerable to security when the certificate and the password are hijacked because the authentication procedure is performed only by checking whether the certificate exists or not.

As described above, the currently used public certificate is not only a security problem, but also a high-cost issuance cost, and there are restrictions on the use of the public certificate. Is requested.

Currently, the authorized certificate distinguishes only the conditions under which a specific user can use the authorized certificate, such as bank / insurance use, securities use, universal use, etc., and only a part Has not restricted the use of the certificate under certain multiple-signature conditions that allow the use of that certificate.

Accordingly, the present inventors propose a multi-signature-based certificate that can overcome the security problems, high cost of issuance, restrictions on use, and the deficiency of the specific condition by replacing the existing certificate.

Patent Document 1: Korean Patent Application Publication No. 10-0411448 (Dec. 03, 2003), an issuing method and a system for issuing an optical recording medium storing a private key and a certificate of a public key infrastructure.

 Non-Patent Document 1: Active X related contents in Wikipedia (https://en.wikipedia.org/wiki/%EC%95%A1%ED%8B%B0%EB%B8%8CX)  Non-Patent Document 2: Media It (internet newspaper) related to the policy of abolishing Active X (http://www.it.co.kr/news/article.html?no=2793878&sec_no=)

An object of the present invention is to solve the problems of the conventional public certificates described above, and it is an object of the present invention to provide a public key certificate that can replace an existing public key certificate with high security and usability at low cost, And to provide a technical solution of a multi-signature based certificate in which conditions are reflected.

The present invention also provides a transaction fee (transaction fee) for recording the certificate related information in the private / public block chain of the virtual currency, To provide a way to save money.

In addition, in recording the certificate-related information-information corresponding to the certificate and the use approval / revocation information of the certificate in the database, instead of putting all the certificate-related information on the block chain, Another object of the present invention is to increase the service speed and reduce the transaction cost by registering only the root value of the configured merge tree in the block chain.

It is another object of the present invention to guarantee the integrity of a database by performing verification using the generated merge tree.

In order to accomplish the objects of the present invention as described above and achieve the characteristic effects of the present invention described below, the characteristic structure of the present invention is as follows.

According to an aspect of the present invention, there is provided a method of providing a registration service of a certificate by m: n (m-of-n) multiple signatures, the method comprising: (a) _{U i (i = 1, ...} , n) in the state in which the public key (public key) or a processed data this register corresponding to an individual, the authentication support server, the public corresponding to the user terminal U _i key (public key, a user ID corresponding to the remaining n-1 user terminals, a value of m, a value of n, and a multi-signature certificate, which is a message requesting generation of a certificate based on m: n multiple signatures Directly or indirectly obtaining a generation request message; (b) when the public key, the user ID, the m and n values, and the multi-signature certificate generation request message are obtained, the authentication support server determines validity of the public keys PubKey _i corresponding to the n user terminals ≪ / RTI > (c) if the public keys PubKey _i are determined to be valid, the authentication support server records certificate execution condition data including at least the PubKey _i , the m and the n, and generates a multiple signature Supporting to generate or generate a location identifier PrivTxidABC; (d) The authentication support server transmits the generated multi-signature location identifier PrivTxidABC to the n user terminals, thereby allowing each of the user terminals U _i to transmit a private key corresponding to the PubKey _i , PrivKey _i Signing the multi-signature location identifier PrivTxidABC to generate multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) as a result thereof; (e) If the generated multiple signature location identifier signature values SigPrivKey _i (PrivTxidABC) are obtained, the authentication support server determines whether or not the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) is normally signed Supporting step; (f) if it is determined that the multiple signature location identifier signature values SigPrivKey _i (PrivTxidABC) is normally signed, the authentication support server sends the certificate execution condition data, the multiple signature location identifier signature values, To a private block chain database; And (g) if the predetermined condition is satisfied, the authentication support server transmits the certificate hash value that is a hash value computed from the certificate execution condition data, the multiple signature location identifier signature values, and the multiple signature location identifier, (I) a hash value of the public key PubKey _k of the particular user terminal U _k or a value obtained by processing the public key _{K k} of the specific user terminal U _k , (ii) the certificate execution condition data (Iii) at least m approval target information or destruction request information of each of m user terminals U _i , or (iii) hash value calculated from the multiple signature location identifier values for the specific certificate, A value obtained by processing it, an approval object information signature value or a revocation request information signature value, and the certificate < RTI ID = 0.0 > Or hash value of the certificate approval or destroyed record data indicating that the approval or destruction of the certificate has been completed as the destroyed record data, or a value obtained by processing the representative hash value And registering or registering the obtained value in a public block chain database.

According to a further aspect of the present invention there is provided a method of providing an approval service for a certificate for use by a m: n (m-of-n) multiple signature, the method comprising: 1) user terminals U _i (i = 1, ..., n), a user ID corresponding to the remaining n-1 user terminals, a value of m, and a multi-signature certificate generation request message, which is a message for requesting generation of a certificate based on the m: n multiple signatures, is directly or indirectly obtained by the authentication support server, The certificate execution condition data including the keys PubKey _i , m and n are recorded and a multi-signature location identifier PrivTxidABC corresponding to the certificate execution condition data is generated, and each of the user terminals U _i corresponding to the PubKey _i The private key (privat As the PrivKey _i e key) the multiple signature location identifier after PrivTxidABC is to create the signed result is a multi-signature location identifier signature value SigPrivKey _i (PrivTxidABC), running the certificate condition data, the multi-signature location identifier signature value And a step of, when the multi-signature location identifier is registered in the private block chain database, causing the authentication support server to directly or indirectly transmit the multi-signature certificate approval request message, which is a message requesting approval of the certificate by the m: ; (b) when the multi-signature certificate approval request message is obtained, the authentication support server transmits the multi-signature location identifier PrivTxidABC corresponding to the certificate by the m: n multiple signatures and the approval object information TI to the n user terminals so that each of at least m user terminals U _i of the n user terminals sign the approval object information TI or the processed value TI 'as the PrivKey _i To generate an approval target information signature value SigPrivKey _i (TI or TI ') which is a result thereof; And (c) if the authorization target information signature value SigPrivKey _i (TI or TI ') of each of the at least m user terminals U _i is obtained, the authentication support server transmits (i) the at least m user terminals U _i The validity of the certificate with reference to the approval target information signature value SigPrivKey _i (TI or TI ') of the approval target information TI or the approval target information TI or the processed value TI' thereof and (iii) the multiple signature location identifier PrivTxidABC, And determining, by determining, supporting the use of the certificate.

According to a further aspect of the present invention there is provided a method for destroying a certificate in the provision and use of a certificate by m: n (m-of-n) multiple signatures, (> 1) of the user terminal U _i (i = 1, ..., n), public key (public key), the remaining n-1 of the user iD (user id), the value of the m corresponding to the user terminal corresponding to, And a multi-signature certificate generation request message, which is a message for requesting generation of a certificate based on the m: n multiple signatures, is directly or indirectly obtained by the authentication support server, The certificate execution condition data including the public keys PubKey _i , m and n are recorded and a multiple signature location identifier PrivTxidABC corresponding to the certificate execution condition data is generated, and each of the user terminals U _i corresponds to the PubKey _i The private key (p signature position identifier signature values SigPrivKey _i (PrivTxidABC), which is a result obtained by signing the multi-signature location identifier PrivTxidABC as a private key PrivKey _i , is generated, and then the certificate execution condition data, the multiple signature location identifier signature values And in a state where the multiple signature location identifier is registered in the private block chain database, the authentication support server directly or indirectly transmits a multi-signature certificate revocation request message, which is a message requesting destruction of the certificate by the m: n multiple signatures ; (b) if the multi-signature certificate revocation request message is obtained, the authentication support server transmits the multi-signature location identifier PrivTxidABC corresponding to the certificate by the m: n multiple signatures and the destruction request information RR to the n user terminals so that each of at least m user terminals U _i of the n user terminals sign the destruction request information RR or the processed value RR 'using the PrivKey _i To generate a result value SigPrivKey _i (RR or RR ') of the destroy request information information; (c) the at least m of the user terminal U _i each of the destroy request information sign value SigPrivKey _i If (RR or RR ') is obtained, which the authentication support server, (i) the at least m of the user terminal U _i each The validity of the certificate is determined with reference to the destruction request information signature value SigPrivKey _i (RR or RR '), (ii) the destruction request information RR or the value RR' processed therefrom and (iii) the multiple signature location identifier PrivTxidABC ; (d) if the certificate is valid, the authentication support server sends (i) the destruction request information signature value SigPrivKey _i (RR or RR ') of each of the at least m user terminals U _i , (ii) RR or a processed value RR 'thereof; and (iii) supporting to hold or hold the multi-signature location identifier PrivTxidABC in the private block chain database as certificate revocation completion record data indicating that the certificate has been approved; And (e) if the predetermined condition is satisfied, the authentication support server generates a hash value of the certificate revocation history data and at least one neighbor hash value matching the specific hash value, (i) a hash value of the public key PubKey _k or its processed value of a particular user terminal U _k , (ii) a hash value computed from the certificate execution condition data, the multiple signature location identifier signature values, (Iii) a value obtained by processing specific approval object information or specific destruction request information, specific approval object information or specific destruction request information of each of the at least m user terminals U _i , a signature value of the specific approval object information, The signature value of the specific destruction request information, and the specific certificate approval history data including the specific multiple signature location identifier or the specific certificate destruction A representative hash value generated by performing a hash calculation together with the specific certificate approval completion data indicating that the approval or destruction of the specific certificate has been completed or the hash value of the specific certificate revocation record data has been completed as the completion record data, Obtaining a processed value of the value, and registering or registering the obtained value in a public block chain database.

According to an aspect of the present invention, there is provided an authentication support server for providing a registration service of a certificate by m: n (m-of-n) multiple signatures, of the user terminal _{U i (i = 1, ...} , n) in the state in which the public key (public key) or a processed data this register corresponding to an individual, the public key (public key) corresponding to the user terminal U _i , A user ID corresponding to the remaining n-1 user terminals, a value of m, a value of n, and a request for generating a certificate based on the m: n multiple signatures A communication unit for directly or indirectly acquiring a message; And a processor to assist in determining or determining the validity of the public keys PubKey _i corresponding to the n user terminals when the public key, the user ID, the m and n values, and the multi-signature certificate generation request message are obtained Wherein the processor records certificate execution condition data including at least the PubKey _i , the m, and the n, if the public keys PubKey _i are valid, and generates a multi-signature location identifier PrivTxidABC corresponding to the certificate execution condition data create or support to generate and cause the by transmitting the multi-signature location identifier PrivTxidABC generated in the n user terminals, the user terminal U _i, respectively by the PrivKey _i private key (private key) corresponding to the PubKey _i Sign the multi-signature location identifier PrivTxidABC and generate a multi-signature Normal value identifier signature value s SigPrivKey _i If (PrivTxidABC) support to produce, and the generated the multi-signature location identifier signature value SigPrivKey _i (PrivTxidABC) is obtained, the multi-signature location identifier signature value s SigPrivKey _i (PrivTxidABC) And if it is determined that the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) are normally signed, the certificate execution condition data, the multi-signature location identifier signature values, and the multi- Wherein the method further comprises the steps of: storing the certificate execution condition data, the multiple signature location identifier signature values, and the hash value calculated from the multiple signature location identifier in a private block chain database; And at least one neighboring hash value matching the specific hash value, Group adjacent hash values, (i) a hash value for a particular user terminal public key PubKey _k or processed this value of U _k, (ii) a certificate executed for a particular certificate, the condition data, the multi-signature location identifier signature for the particular certificate Values and hash values computed from the multiple signature location identifiers for the particular certificate, (iii) the authorization target information or destruction request information of each of at least m user terminals U _i , A hash value of the certificate approval or destroyed record data indicating that the approval or the cancellation of the certificate has been completed as the certificate approval or destroyed record data including the revocation request information signature value and the multiple signature location identifier A representative hash value generated by performing a hash operation together or a value obtained by processing the representative hash value is obtained And support to register or subscribe to the obtained value in the public database block chain.

According to another aspect of the present invention there is provided an authentication support server for providing an authentication service of a certificate for use of a certificate by m: n (m-of-n) multiple signatures, (> 1) of the user terminal U _i (i = 1, ..., n), public key (public key), the remaining n-1 of the user iD (user id), the value of the m corresponding to the user terminal corresponding to, A multi-signature certificate generation request message, which is a message requesting the generation of a certificate by the m: n multiple signatures, is directly or indirectly obtained, and the public keys PubKey _i , private key certificate execution conditions data is to be recorded, including the m and the n is the multi-signature location identifier PrivTxidABC corresponding to the certificate, the execution condition data is generated, corresponding to the user terminal U _i the PubKey _i by each of (private key ) P After as rivKey _i the multi-signature location identifier PrivTxidABC is to create the signed result is a multi-signature location identifier signature value SigPrivKey _i (PrivTxidABC), the certificate execution condition data, the multi-signature location identifier signature value and the multi-signature A communication unit for directly or indirectly acquiring a multi-signature certificate approval request message, which is a message requesting approval of the certificate by the m: n multiple signatures, while the location identifier is registered in the private block chain database; And when the multi-signature certificate approval request message is obtained, the multi-signature location identifier PrivTxidABC corresponding to the certificate by the m: n multiple signatures and the approval object information TI generated for the approval request are transmitted to the n user terminals And transmits each of the at least m user terminals U _i of the n user terminals with the PrivKey _i to sign the approval target information TI or the processed value TI ' A value SigPrivKey _i (TI or TI '), wherein the processor is configured to determine whether the approval target information signature value SigPrivKey _i (TI or TI') of each of the at least m user terminals U _i is obtained , (i) the at least m of the user terminal U _i each of said authorized destination information sign value _{SigPrivKey i (TI or TI ')} , (ii) subject the grant Beam TI or by processing this value TI ', and (iii) by determining the validity of the certificate to the multi-signature location identifier PrivTxidABC by reference, supports the use of the certificate.

According to another aspect of the present invention, there is provided an authentication support server for destroying a certificate in a service for providing and using a certificate by m: n (m-of-n) multiple signatures, a public key corresponding to n (> 1) user terminals U _i (i = 1, ..., n), a user ID corresponding to the remaining n-1 user terminals, , A value of n, and a request for generating a certificate based on the m: n multiple signatures are directly or indirectly obtained, and the public keys PubKey _i , wherein m and a private key (private wherein n certificate execution condition data including a is recorded multiple signature location identifier PrivTxidABC corresponding to the certificate, the execution condition data is generated, by the user terminal U _i respectively corresponding to the PubKey _i key) The PrivKey _i the multi-signature location identifier after PrivTxidABC is to create the signed result is a multi-signature location identifier signature value SigPrivKey _i (PrivTxidABC), running the certificate condition data, the multi-signature location identifier signature value and the multi-as A communication unit for directly or indirectly acquiring a multi-signature certificate revocation request message, which is a message for requesting destruction of a certificate by the m: n multiple signatures, while the signature location identifier is registered in the private block chain database; And when the multi-signature certificate revocation request message is obtained, the multi-signature location identifier PrivTxidABC corresponding to the certificate by the m: n multiple signatures and the destroy request information RR generated for the request of the revocation are transmitted to the n user terminals So that each of at least m user terminals U _i of the n user terminals can sign the destroy request information RR or the processed value RR 'using the PrivKey _i, and outputs the destroy request information signature A value SigPrivKey _i (RR or RR '), wherein the processor is configured to determine whether the destroy request information signature value SigPrivKey _i (RR or RR') of each of the at least m user terminals U _i is obtained , (i) the at least m of the user terminal U _i each of the destroy request information sign value _{SigPrivKey i (RR or RR ')} , (ii) the destruction request Beam to the RR or processed this value RR ', and (iii) the multi-signature location identifier PrivTxidABC by reference determine the validity of the certificate, and if the certificate is valid, (i) the at least m of the user terminal U _i each certificate indicating that the discarded information requested signature value _{SigPrivKey i (RR or RR ')} , (ii) the destroyed information requested RR or processed this value RR' and (iii) a successful authorization of the certificate to the multi-signature location identifier PrivTxidABC As the destruction completed record data, to be held or held in the private block chain database, and when the predetermined condition is satisfied, a specific hash value which is a hash value of the certificate revocation record data and at least one neighbor hash value, said neighboring hash value, (i) the hash value of the public key PubKey _k or a value of the processing this particular user terminal U _k, (ii) the (Iii) the specific approval object information or specific destruction request information of each of the at least m user terminals U _i, or the specific destruction request information of the at least m user terminals U _i , the certificate execution condition data, the multiple signature location identifier signature values and the hash value calculated from the multiple signature location identifier, The signature value of the specific approval target information or the signature value of the specific destruction request information, and the specific certificate approval record data including the specific multiple signature location identifier or the specific certificate approval record data containing the specific multiple signature location identifier, A representative hash value generated by performing a hash calculation together with the specific certificate approval completion data indicating that the approval or the cancellation of the specific certificate is completed or the hash value of the specific certificate revocation record data as the destroyed record data, The value obtained by processing the hash value Deukhago and support to register or subscribe to the obtained value in the public database block chain.

According to the method of the present invention, it is possible to provide a service of a certificate in which a multi-signature condition, which is capable of replacing an existing public certificate with a high degree of security and usability, can be used at low cost, .

Further, according to the method of the present invention, a high level of security is provided through high-level encryption.

In addition, according to the method of the present invention, reliability of the certificate related information is fundamentally prevented.

BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and, together with the description, serve to explain the principles of the invention to those skilled in the art Other drawings can be obtained based on these figures without an inventive task being performed.
1 is a conceptual diagram schematically showing an exemplary configuration of an authentication support server for performing a method of providing a certificate service by multiple signatures according to the present invention.
FIG. 2 is a sequence diagram exemplarily showing a method of providing a registration service for registering a certificate by multiple signatures according to the present invention.
FIG. 3 is a sequence diagram exemplarily illustrating a method for providing an approval service of a certificate for use by a multiple-signature certificate according to the present invention.
FIG. 4 is a sequence diagram exemplarily showing a method of discarding a certificate in a service for providing and using a certificate by multiple signatures according to the present invention.
5 and 6 are views showing an example of a merge tree generated for a certificate service by multiple signatures according to the present invention.

The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of example, specific embodiments in which the invention may be practiced in order to clarify the objects, technical solutions and advantages of the invention. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention.

As used herein, the term " public block chain database " refers to utilization of all the computing devices on a virtual money system, which manages a public block chain, which is a block chain widely used in the public domain as a block chain of virtual money, as a database , The authentication support server according to the present invention is accessible thereto.

In the present specification, the term " private block chain database " refers to a database that uses a block chain of virtual money, and which is not a public block chain used for the public domain but is directly managed by an authentication support server according to the present invention Refers to a database using block chains.

Also, throughout the description and claims of this invention, the word 'comprise' and variations thereof are not intended to exclude other technical features, additions, elements or steps. Other objects, advantages and features of the present invention will become apparent to those skilled in the art from this description, and in part from the practice of the invention. The following examples and figures are provided by way of illustration and are not intended to limit the invention.

Moreover, the present invention encompasses all possible combinations of embodiments shown herein. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which such claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.

Unless otherwise indicated herein or clearly contradicted by context, items referred to in the singular are intended to encompass a plurality unless otherwise specified in the context. Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the present invention.

1 is a conceptual diagram schematically showing an exemplary configuration of an authentication support server for performing a method of providing a certificate service by multiple signatures according to the present invention.

Referring to FIG. 1, an authentication support server 100 according to an embodiment of the present invention includes a communication unit 110 and a processor 120, and may indirectly or directly communicate with a user terminal and an authentication request server.

Specifically, the authentication support server, user terminal, and authentication request server typically include a computing device (e.g., a computer processor, a memory, a storage, an input device and an output device, (Electronic information storage systems such as network attached storage (NAS) and storage area network (SAN)) and computer software (i.e., instructions that make the computing device function in a particular manner) Lt; / RTI > to achieve desired system performance.

The communication unit 110 of such a computing device can send and receive requests and responses to and from other interworking computing devices. As an example, such requests and responses can be made by the same TCP session, For example, as a UDP datagram.

In addition, the processor 120 of the computing device may include a hardware configuration such as a micro processing unit (MPU) or a central processing unit (CPU), a cache memory, and a data bus. It may further include a software configuration of an operating system and an application that performs a specific purpose.

A method for providing a certificate service by multiple signatures according to the present invention will now be described.

FIG. 2 is a sequence diagram exemplarily showing a method of providing a registration service for registering a certificate by multiple signatures according to the present invention.

Referring to FIG. 2, a method of providing a certificate registration service according to the present invention includes a public key corresponding to each of n (> 1) user terminals U _i (i = 1, ..., n) When the processed data is registered, the authentication support server transmits a public key corresponding to the user terminal U _i , a user ID corresponding to the remaining n-1 user terminals, (S205-1 to S205-3 and S210) directly or indirectly obtaining a multi-signature certificate generation request message, which is a message for requesting generation of a certificate based on the m: n multi-signature, .

2, n and m are assumed to be 3 and 2, respectively, it will be appreciated by those of ordinary skill in the art that the method according to the present invention may be extended for any number n and m.

In step S210, if at least one of the user IDs m and n received from each of the user terminals is inconsistent according to the user terminal, the authentication support server transmits a message indicating the inconsistency, that is, a certificate registration error message Or transferring data. This corresponds to the step of confirming whether the agreement of the conditions of the multiple signatures among the users is derived.

Next, a method of providing the registration service includes: when the public key, the user ID, the m and n values, and the multi-signature certificate generation request message are acquired, (Sb) (not shown) to determine or determine the validity of the public keys PubKey _i .

Specifically, in one embodiment, the public keys wherein said step (Sb) for determining the validity of PubKey _i, by the authentication support server, the registration of the public key RegPubKey _i or processed data them corresponding to the user terminal U _i (Sb1; not shown), and if the authentication result indicates that the registered RegPubKey _i and the PubKey _i match with each other or the RegPubKey It may comprise; a _i process the data and the processed data is the _i PubKey step (not shown Sb2) supported so as to determine or determining whether or not to agree with each other. In this embodiment, in the step Sb, if the authentication result is not registered, the authentication support server transmits a message indicating that the public key PubKey _i received from the user terminal is not registered, that is, (S280 and S285-1 to S285-3) to send or transmit an error message. The steps in this embodiment (Sb2), the RegPubKey _i and the PubKey _i does not match, or the RegPubKey _i a if not processed the processed data and the PubKey _i data coincide with each other, the authentication support server, (S280 and S285-1 to S285-3) to transmit or transmit a message indicating that the public key PubKey _i received from the user terminal is invalid, that is, a certificate registration error message, When the RegPubKey _i and the _i PubKey the match, or the RegPubKey _i the processed data and the _i PubKey the processed data to each other coincide with each other, and may be determined to be the valid public keys PubKey _i.

Next, a method of providing the registration service is characterized in that if it is determined that the public keys PubKey _i are valid, the authentication support server records certificate execution condition data including at least the PubKey _i , the m and the n, (S215) to generate or generate a multiple signature location identifier PrivTxidABC corresponding to the certificate execution condition data.

Here, the multi-signature location identifier may be generated from the certificate execution condition data through a predetermined hash function. The predetermined hash function includes MD4 function, MD5 function, SHA-0 function, SHA-1 function, SHA-224 function, SHA-256 function, SHA-384 function, SHA-512 function and HAS-160 function But is not limited thereto. For example, Triple SHA256 would be possible.

Also, the certificate execution condition data may be data obtained by sequentially concatenating m, PubKey _i, and n with a delimiter. For example, the data may be "2: PubKey1: PubKey2: Pubkey3: 3".

Next, a method of providing the registration service is characterized in that the authentication support server transmits the generated multiple signature location identifier PrivTxidABC to the n user terminals (S220 and S225-1 to S225-3) allow the terminal U _i, respectively to generate a private key, the multi-signature location identifier to sign the PrivTxidABC the result is a multi-signature location identifier signature value s SigPrivKey _i (PrivTxidABC) as a PrivKey _i (private key) corresponding to the PubKey _i (S230-1 to S230-3).

Referring again to FIG. 2, a method of providing the registration service is described below. When the generated multiple signature location identifier signature values SigPrivKey _i (PrivTxidABC) are acquired (S235-1 to S235-3) (Not shown) for the server to determine or determine whether the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) has been successfully signed.

In the step of determining whether or not the signature is normal, whether or not the signature of the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) can be determined with reference to the PubKey _i and the PrivTxidABC. For example, if the normal signature by whether SigPrivKey _i hash (fingerprint) included in the hash value of PrivTxidABC with the multiple signature location identifier signature value SigPrivKey _i (PrivTxidABC) calculated from (PrivTxidABC) coincide with each other using a PubKey _i Can be determined.

Next, a method of providing the registration service includes: if it is determined that the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) is normally signed, the authentication support server transmits the certificate execution condition data, Signature values and the multi-signature location identifier to the private block chain database (S240).

After the step (S240), the registration service providing method includes a step of, when a predetermined condition is satisfied, the authentication support server performing a calculation from the certificate execution condition data, the multiple signature location identifier signature values, (S245) a value obtained by processing a representative hash value or the representative hash value generated by performing a hash calculation of a specific hash value, which is a hash value, and at least one neighbor hash value matching the specific hash value, (S250) to register or register the value in the public block chain database. Here, the neighboring hash value, (i) a hash value for a particular user terminal public key PubKey _k or a value processed it in U _k, (ii) a certificate executed for a particular certificate, the condition data, the multi-signature location for the particular certificate (Iii) a value of the approval object information or destruction request information of each of at least m user terminals U _i or a value obtained by processing the approval object information or the digest signature value, Value or destruction request information signature value and the hash value of the certificate approval or destruction completed record data indicating that the approval or destruction of the certificate has been completed as the certificate approval or destruction completed record data including the multiple signature location identifier Lt; / RTI >

The operation of a particular hash value and at least one neighbor hash value can be performed by various functions. A particular hash value is denoted as input, and at least one neighboring hash value is denoted by x1, x2, ... , xn, the representative hash value t can be expressed by the following equation.

At this time, the authentication support server can store the specific hash value and the at least one neighbor hash value in a predetermined data structure and manage it. Here, the data structure may vary, for example, it may be a merkle tree structure. In this case, the calculation of the specific hash value and the at least one neighbor hash value can be performed through the muckle tree.

That is, the authentication support server may support the generation or generation of a merkle tree assigned to the leaf node by the specific hash value, and if the predetermined condition is satisfied, at least one The representative hash value or the representative hash value generated by performing a hash operation on the hash value assigned to the other leaf node of the leaf node, and to register or register the obtained value in the public block chain database have.

The authentication support server may support registering or registering the hash value finally assigned to the root node of the merge tree as a representative hash value in the public block chain database. At this time, a value obtained by processing the representative hash value may be registered. For example, the result of performing the hex operation on the representative hash value can be registered.

Meanwhile, when the authentication support server stores the specific hash value and the at least one neighbor hash value in a predetermined first data structure and then stores and manages a second data structure of the same type as the first data structure , The first data structure and the second data structure may be concatenated in a chain form.

In particular, when the first data structure and the second data structure are merc trees, as in the above example, the root value of the first data structure or the hash value of the root value is the first leaf of the second data structure Lt; / RTI >

In addition, when the second data structure is generated, verification of the first data structure is performed, so that the integrity of the data can be more assured.

In addition, if the merge tree is the first merge tree among at least one merge tree connected in a chain form, the first leaf node of the merge tree may be provided with a hash value of predetermined message data consisting of text, numbers, One value can be assigned. For example, a hash value of an input message initially assigned by an authentication support server may be assigned when generating a merge tree.

5 and 6 are diagrams showing examples of a muck tree generated according to an embodiment of the present invention.

FIG. 5 shows a merge tree having 4 (22) leaf nodes. Since the illustrated merge tree is the first merge tree (tree_id = 0), it can be seen that the hash value SHA 256 (PrivBCM_unique_message) of the predetermined message data PrivBCM_unique_message is allocated to the first leaf node h1. When the certificate is registered, the authentication support server generates a next leaf node of the last leaf node of the currently configured merge tree, and assigns or assigns a processed value of a specific hash value or a specific hash value. For example, if the merge tree of FIG. 5 has already been assigned to the second leaf node h1 in the previous step, the next leaf node h2 is created and a specific hash value or SHA256 ( input2)). In addition, the authentication support server may support (i) calculating or calculating a hash value assigned to a h3 node, which is a sibling node of the h2 node that is the third leaf node to which the specific hash value is assigned, . The hash value of the operation value resulting from the operation is assigned to the h2 node and the parent node (h23 node) of the h3 node. Since the parent node (h23 node) is not the root node of the merge tree, the authentication support server can repeat the above process with the hash value assigned to the h23 node as the specific hash value. That is, the hash value assigned to the h23 node is set as a specific hash value, and the hash value assigned to the h23 node and the hash value assigned to the h01 node can be calculated and assigned to the h23 node and the parent node (h0123) have. At this time, since the h0123 node is the root node of the merge tree, the authentication support server supports to register or register the hash value assigned to the h0123 node or the value (hex (h {node_index})) processed in the h0123 node in the public block chain database .

Recursively, when the predetermined condition is satisfied, (x1) the authentication support server sends (i) the specific hash value and (ii) the sibling node of the node to which the specific hash value is assigned (X2) to support a hash operation or a hash operation together with a hash value assigned to the node, and to support a hash value of an operation value resulting from the operation to a parent node of the node, (X3) if the parent node is not a root node of the muckle tree, and if the root node of the tree is a root node of the tree, the hash value assigned to the parent node is registered as the representative hash value in the public block chain database (X1) to (x3) using the hash value assigned to the parent node as the specific hash value.

(I) a condition in which a predetermined number of the hash values and neighboring hash values are acquired or generated, (ii) a condition that a predetermined time elapses, (iii) a condition in which the private block chain database A condition in which a block is generated in the service characteristic, and (iv) a condition for a service characteristic.

For example, the registration of the plurality of certificates is made or authorized or destruction made hash value of the data, that is (i) a hash value of the public key PubKey _k or a value processing it for a particular user terminal U _k, (ii) specific (Iii) an authorization of at least m user terminals U _{i, i.} E. A certificate validation condition data for the certificate, multiple signature location identifier signature values for the particular certificate and a hash value computed from the multiple signature location identifier for the particular certificate, Wherein the approval or destruction of the certificate is a certificate approval or revocation complete record data including a target information or revocation request information or a value obtained by processing the revocation request information or the revocation request information, an approval object information signature value or a revocation request information signature value, Any one of the hash values of the certificate acknowledgment or destroyed record data indicating completion As long as there can be a respective input value of the hash value of the data described above meokeul tree (the value assigned to the leaf node) when the pickup.

Further, the authentication support server can generate the root value of the aforementioned mu tree at predetermined time intervals (condition (ii) above). In this case, the authentication support server may generate a merge tree by using the input values until a predetermined time elapses, and may support registering or registering the root value of the merge tree in the public block chain database.

In this case, although a predetermined time has elapsed, a value may not be assigned to a sibling node of a node to which a particular hash value of the merge tree is assigned. If the hash value is not allocated to the sibling node of the node to which the specific hash value is allocated, even though the predetermined condition is satisfied, the authentication support server assists the sibling node to allocate or assign a predetermined hash value, The route value of the merge tree can be calculated in one way. For example, the authentication support server may support copying and assigning or assigning the specific hash value to the sibling node.

The service characteristic includes at least a part of cost information paid by a user who has registered a certificate, time zone information in which the certificate is registered, local information in which registration is performed, and company type information as a management subject of a predetermined server involved in the registration . However, the present invention is not limited to what is described herein, and may include various condition information that can be provided by a generally accepted differential service.

On the other hand, if generation of a new merge tree is started and the predetermined condition is satisfied in the absence of registration, approval, or destruction-related data acquisition of a certificate, the authentication support server transmits predetermined message data to the first leaf node A merge tree assigned to a second leaf node is generated or generated, and the root value of the merge tree or a value obtained by processing the merge tree can be registered or registered in the public block chain database. For example, in this case, a merge tree of two leaf nodes may be created.

Meanwhile, as described above, the authentication support server stores the specific hash value and the at least one neighbor hash value in a predetermined first data structure, stores the second data structure in the same form as the first data structure, The first data structure and the second data structure may be connected in a chain form. In particular, if the first data structure and the second data structure are merc trees, a root value of the first data structure or a hash value of the root value may be assigned to a first leaf node of the second data structure .

6 is a diagram illustrating a merge tree generated as the second data structure according to an embodiment of the present invention.

Referring to FIG. 6, it can be seen that the root value (hex (h0123)) of the merge tree (tree_id = 0) of FIG. 5 is allocated to the first leaf node (h4 node) of the new merge tree. The present invention has an advantage of improving data integrity by enabling easy tracking even when data is modulated in the middle by connecting a plurality of data structures generated at the time of transaction occurrence.

Referring again to FIG. 2, a method of providing a certificate registration service according to the present invention includes: when the certificate execution condition data, the multiple signature location identifier signature values, and the multiple signature location identifier are registered, (S260 and S265-1 to S265-3) to transfer or transmit a certificate registration completion message indicating that the registration of the certificate is completed to the n user terminals. At this time, the certificate registration completion message may include the multi-signature location identifier PrivTxidABC to allow the user to obtain the multi-signature location identifier PrivTxidABC.

Next, a method of providing the approval service of the certificate for use of the registered certificate using the above-described data structure will be described.

FIG. 3 is a sequence diagram exemplarily illustrating a method for providing an approval service of a certificate for use by a multiple-signature certificate according to the present invention.

Referring to FIG. 3, a method of providing an approval service of the certificate includes a public key corresponding to n (> 1) user terminals U _i (i = 1, ..., n) A multi-signature certificate generation request message, which is a message requesting generation of a user ID (user id) corresponding to one user terminal, a value of m, a value of n, and a certificate based on the m: n multiple signatures, And indirectly acquiring, by the authentication support server, certificate execution condition data including public keys PubKey _i , m and n corresponding to the n user terminals are recorded and a multiple signature PrivTxidABC location identifier is generated, the user terminal U _i to the _i PubKey the private key (private key) of the result to which the multi-signature signed with a location identifier PrivTxidABC PrivKey _i values corresponding to a multi-stand by each When the position identifier signature value s SigPrivKey _i (PrivTxidABC) is generated, in a state in which the certificate execution condition data, the multi-signature location identifier signature value and the multi-signature location identifier is registered with the private block chain database, the authentication support The server directly or indirectly obtaining (S305) a multi-signature certificate approval request message, which is a message requesting approval of the certificate by the m: n multiple signatures.

In one embodiment for verifying the integrity of the contents of a certificate registered in the private block chain database, a method of providing the approval service comprises: receiving the certificate execution condition data, the multiple signature location identifier signature values, A first representative hash value generated by calculating at least one neighboring hash value matched with a hash value calculated from an identifier, or a value obtained by processing the first representative hash value is registered in a public block chain database, When the certificate approval request message is obtained, the authentication support server transmits the certificate execution condition data registered in the private block chain database, the multiple signature location identifier signature values, and the hash value At least one neighboring < RTI ID = 0.0 > A second representative hash value generated by calculating a hash value or a value obtained by processing the second representative hash value is a value obtained by processing the first representative hash value or the first representative hash value registered in the public block chain database (Sb0; not shown) to determine or determine whether or not to respond; And if the value obtained by processing the second representative hash value or the second representative hash value does not correspond to the value obtained by processing the first representative hash value or the first representative hash value as a result of the determination, (Sb1) (not shown) for judging or determining that the integrity of the certificate is damaged.

In this embodiment, the step (Sb0) may be such that the authentication support server extracts the certificate execution condition data from the private block chain database using the multi-signature location identifier PrivTxidABC corresponding to the certificate by the m: Performing a process (Sb0-1; refer to a process for referring to a transaction ID associated with the multi-signature location identifier PrivTxidABC, a process for obtaining or obtaining the multi-signature location identifier signature values and the multi-signature location identifier; Not shown); And a step (Sb0-2; not shown) of the authentication support server obtaining an OP_RETURN message from the public block chain database using the transaction ID. In this case, the step (Sb1) A value obtained by processing the second representative hash value or the second representative hash value generated using the certificate execution condition data, the multiple signature location identifier signature values, and the multiple signature location identifier obtained from the private block chain database The authentication support server determines whether the integrity of the certificate is judged to be defective or not if the first representative hash value or the first representative hash value included in the OP_RETURN message does not correspond to the processed value, can do.

More specifically, in step Sb0-1, the authentication support server identifies the merge tree information and leaf node information associated with the multi-signature location identifier PrivTxidABC to refer to a predetermined transaction ID associated with PrivTxidABC, The predetermined transaction ID corresponding to the identified mu tree tree information can be referred to.

Here, the second representative hash value may be a hash value of the certificate execution condition data, the multiple signature location identifier signature values, and the multiple signature location identifier registered in the private block chain database with respect to the multiple signature location identifier PrivTxidABC The at least one neighboring hash value may be generated by calculating at least one neighboring hash value matching the second specific hash value, and the description of the first specific hash value described above may be applied to the second specific hash value. That is, the operation of the second specific hash value and the at least one neighbor hash value can be performed by various functions. Since this has been described above, the explanation is omitted.

In this case, the calculation of the second specific hash value and the at least one neighbor hash value may be performed through the muckle tree. When the multi-signature certificate approval request message is obtained, the authentication support server can identify the merge tree information and the leaf node information associated with the multi-signature location identifier PrivTxidABC included in the multi-signature certificate approval request message.

The second representative hash value may be at least one other hash value that matches the second specific hash value and the second specific hash value in a merge tree assigned to a particular leaf node. Can be generated by computing a hash value assigned to a leaf node.

Specifically, (x1) the authentication support server supports to calculate or calculate a hash value assigned to (i) the second specific hash value and (ii) the sibling node of the node to which the second specific hash value is assigned (X2) if the parent node is a root node of the merge tree, a hash value assigned to the parent node is assigned to the second representative (X3) if the parent node is not the root node of the merge tree, comparing the hash value assigned to the parent node with the value contained in the OP_RETURN message as the hash value (X1) to (x3) may be repeatedly performed.

In the next step, the method for providing the approval service may include receiving the multi-signature certificate approval request message, acquiring the multi-signature certificate approval request message, , The authentication support server transmits the multi-signature location identifier PrivTxidABC corresponding to the certificate by the m: n multiple signatures and the approval object information TI generated (S310) to the approval request to the n user terminals (S315, S320-1 to S320-3), thereby allowing each of at least m user terminals U _i of the n user terminals to receive the approval object information TI or the processed value TI 'as the PrivKey _i (Steps S325-1 to S325-3) to generate an approval target information signature value SigPrivKey _i (TI or TI '), which is a result of the signature, .

Here, the approval object information TI may include at least one of the approval request time and the randomly generated nonce, but it should be understood by those skilled in the art. The nonce value may be a random value intended to be used once or a value obtained by processing it.

Specifically, in the steps S310 to S325-3, the authentication support server determines whether the PrivTxidABC obtained directly or indirectly from the user terminal or data processed by the PrivTxidABC is registered, and if the result of the determination And if the certificate is not registered, the authentication support server transmits or transmits a certificate approval error message indicating that the approval of the certificate has failed to the user terminal.

Next, a method of providing an approval service of the certificate includes: when the approval target information signature value SigPrivKey _i (TI or TI ') of each of the at least m user terminals U _i is acquired (S330) (i) the approval object information signature value SigPrivKey _i (TI or TI ') of each of the at least m user terminals U _i , (ii) the approval object information TI or the processed value TI' (S335) of using the certificate by determining the validity of the certificate with reference to the signature location identifier PrivTxidABC (S335).

In one embodiment, the step (S330: S335) comprises the step of supporting the authentication support server to determine or determine whether the certificate revocation history data indicating that the certificate has been revoked is already registered, , The authentication support server can support the user terminal including at least m user terminals to forward or deliver a certificate approval error message indicating that the approval of the certificate has failed. Although the certificate may be used several times, if it is used only once, it is necessary to check whether the certificate has already been approved. In this case, it is preferable that the authentication support server further supports determination or determination as to whether or not the certificate approval completion record data is already registered, and as a result of the determination, if the authentication support server has already registered, It may be possible to transmit or transmit a certificate approval error message indicating that the approval of the certificate has failed to the user terminal including the user terminals.

In another embodiment, which may be combined with the above-described embodiment, the step (S330: S335) may be such that the authentication support server includes a RegPubKey _i corresponding to each of the user terminals including the at least m user terminals, Supporting to confirm or confirm whether or not one data is registered; The check results, which is a registered state, the authentication support server, processing, or whether the RegPubKey _i that the above-the obtained RegPubKey _i and to the at least m of the user directly or indirectly from the terminal registration PubKey _i coincide with each other data And determining whether or not the data processed by the PubKey _i are in agreement with each other; The RegPubKey _i and the PubKey _i coincide with each other, or the RegPubKey _i the processed data and the PubKey _i the processed if the data coincide with each other, the authentication support server, the approved destination information TI or processing this value TI whether normal sign of ", and the at least m of the user terminal U _i, respectively by the PubKey _i with reference to the at least m of the user terminal U _i each of the said authorized destination information sign value corresponding to SigPrivKey _i (TI or TI ') ; And if the approval target information signature value SigPrivKey _i (TI or TI ') is normally signed, the authentication support server judges that the certificate is valid, and if the approval target information signature value SigPrivKey _i (TI or TI') is If not, the authentication support server can determine the validity of the certificate by including the step of determining that the certificate is invalid.

After the step (S330; S335), if the certificate is valid, the authentication support server sends (i) the approval target information signature value SigPrivKey of each of the at least m user terminals U _{i i (TI or TI '),} (ii) the authorization object information TI or by processing this value TI', and (iii) the multi-signature location identifier the private the PrivTxidABC a certificate authorization complete record data indicating that authorization is completed in the certificate (S340) of registering or registering in the block chain database.

In addition, after the step (S340), if the predetermined condition is satisfied, the authentication support server transmits a certificate hash value of the certificate approval completion record data, a specific hash value, (S345) a value obtained by processing a representative hash value or the representative hash value generated by performing a hash operation on at least one neighboring hash value to be matched, and registering or registering the obtained value in the public block chain database S350 (S355). Here, the neighboring hash value, (i) a particular user terminal U _k of the public key PubKey _k or the hash value of the value processing it, (ii) said certificate execution condition data, the multi-signature location identifier signature value and the multi- A hash value calculated from the signature location identifier, (iii) a value obtained by processing specific approval object information or specific destruction request information of each of the at least m user terminals U _i, the specific approval object information or the specific destruction request information, A signature value of the approval target information or a signature value of the specific destruction request information, and specific certificate approval completion record data or specific certificate revocation completion record data including the specific multiple signature location identifier, indicating that the approval or destruction of the specific certificate is completed The hash of the specific certificate approval completion data or the specific certificate revocation record data Value. ≪ / RTI >

Herein, the process of generating a representative hash value from a specific hash value and registering it in the public block chain database is as described above, and thus a duplicate description will be omitted.

The method of providing the approval service of the certificate may include transmitting a certificate approval completion message indicating that the approval of the certificate is completed to the user terminal including the at least m user terminals under the condition that the certificate is valid (S360 and S365-1 to S365-3) to support the transmission and the delivery of the data. In this case, the certificate approval completion message may include the PrivTxidABC. At this stage, a condition that the certificate approval completion record data is registered may be applied instead of the condition that the certificate is valid. This is in accordance with the difference between when the certificate approval completion message is notified to the user.

Finally, a method of discarding the registered certificate will be described. FIG. 4 is a sequence diagram exemplarily showing a method of discarding a certificate in a service for providing and using a certificate by multiple signatures according to the present invention. 4, the certificate revocation method includes a public key corresponding to n (> 1) user terminals U _i (i = 1, ..., n) A multi-signature certificate generation request message, which is a message requesting the generation of a certificate based on the user ID (user id), the value of m, the value of n, and the m: n multiple signature, is directly or indirectly acquired The support server records certificate execution condition data including public keys PubKey _i , m and n corresponding to the n user terminals, generates a multiple signature location identifier PrivTxidABC corresponding to the certificate execution condition data, Which is a result obtained by signing the multi-signature location identifier PrivTxidABC as PrivKey _i , which is a private key corresponding to the PubKey _i , by each of the user terminals U _i , SigPri After the vKey _i (PrivTxidABC) is generated, in a state where the certificate execution condition data, the multiple signature location identifier signature values, and the multiple signature location identifier are registered in the private block chain database, : directly or indirectly obtaining (S405-1 to S405-3) a multi-signature certificate revocation request message, which is a message requesting destruction of a certificate by a multi-signature; When the multi-signature certificate revocation request message is obtained, the authentication support server generates the multi-signature location identifier PrivTxidABC corresponding to the certificate by the m: n multiple signatures and the destroy request information (S410) generated It supports to transfer the RR to the n user terminals, transmitted (S420-1 to S420-3) by causing the at least one user terminal m of the n user terminals U _i each of the discarded information requested by the RR or PrivKey _i (S425-1 to S425-3) signing the processed value RR 'to generate a destroy request information signature value SigPrivKey _i (RR or RR') which is a result thereof; At least m of the user terminal U _i each of the destroy request information sign value SigPrivKey _i (RR or RR ') when received, the authentication support server, (i) the at least m of the user terminal U _i each of the destroy request Determining whether the certificate is valid by referring to the information signature value SigPrivKey _i (RR or RR '), (ii) the destroy request information RR or the value RR' processed therefrom, and (iii) the multiple signature location identifier PrivTxidABC S435); If the certificate is valid, the authentication support server sends (i) the destruction request information signature value SigPrivKey _i (RR or RR ') of each of the at least m user terminals U _i , (ii) And (iii) retaining or holding the multiple signature location identifier PrivTxidABC in the private block chain database as certificate revocation completion record data indicating that the certificate has been approved (S440); And if the predetermined condition is satisfied, the authentication support server calculates a hash value of the certificate revocation history data and at least one neighbor hash value matching the specific hash value, ) A hash value of the public key PubKey _k or its value of a particular user terminal U _k , (ii) the hash value computed from the certificate execution condition data, the multiple signature location identifier signature values and the multiple signature location identifier, iii) a value obtained by processing specific approval object information, specific erasure request information, specific approval object information or specific erasure request information of each of the at least m user terminals U _i , a signature value of the specific approval object information, The signature value of the request information, and the specific certificate approval history data including the specific multiple signature location identifier or the specific certificate revocation A representative hash value generated by performing a hash calculation together with the specific certificate approval completion data indicating that the approval or the cancellation of the specific certificate has been completed or the hash value of the specific certificate revocation history record data as the record data, (S445 to S455) of obtaining the processed value and registering or registering the obtained value in the public block chain database.

Therefore, the process of discarding is substantially the same as the process of the approval, and only the configuration and effect when the certificate revocation completion record data and the certificate approval completion record data are pre-registered are different as described below.

More specifically, in one embodiment, the step (S435) is configured to support the authentication support server to determine or determine whether or not the certificate revocation history record data is already registered, and, as a result of the determination, The authentication support server may support or forward a certificate revocation error message indicating that the revocation of the certificate is unnecessary to the user terminal including the at least m user terminals.

In another embodiment, which may be combined with the above embodiment, the step (S435) supports the authentication support server to determine or determine whether the certificate approval completion record data indicating that the certificate has been approved is already registered , And if the certificate is already registered as a result of the determination, the authentication support server supports to forward or transmit a certificate revocation error message indicating that the revocation of the certificate is unnecessary to the user terminal including the at least m user terminals .

Throughout all of the embodiments of the present invention described above, it is possible to replace an existing public certificate with a high degree of security and usability, at low cost, and a configuration relating to a multi-signature condition, It is effective.

The advantage of the technique described here as the above embodiments is that the authentication of the authentication-related information such as the public key and the hash value is virtually impossible, and thus the authenticity of the certificate is guaranteed, The reliability of the use of the certificate is also guaranteed. In recording the information corresponding to the certificate-related information and the certificate and the use approval / revocation information of the corresponding certificate in the database, instead of putting all the certificate-related information on the block chain, Tree, and registering only the root value of the configured merge tree in the block chain, it is possible to improve the speed of the transaction and reduce the transaction cost.

Based on the description of the above embodiments, one of ordinary skill in the art can clearly understand that the present invention can be accomplished through a combination of software and hardware, or achieved by hardware alone. Objects of the technical solution of the present invention or portions contributing to the prior art can be implemented in the form of program instructions that can be executed through various computer components and recorded on a computer-readable recording medium. The computer-readable recording medium may include program commands, data files, data structures, etc., alone or in combination. The program instructions recorded on the computer-readable recording medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floptical disks, media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those generated by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules for performing the processing according to the present invention, and vice versa. The hardware device may include a processor, such as a CPU or a GPU, coupled to a memory, such as ROM / RAM, for storing program instructions, and configured to execute instructions stored in the memory, And a communication unit. In addition, the hardware device may include a keyboard, a mouse, and other external input devices for receiving commands generated by the developers.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.

Therefore, the spirit of the present invention should not be construed as being limited to the above-described embodiments, and all of the equivalents or equivalents of the claims, as well as the following claims, I will say.

Claims (19)

A method of providing a registration service of a certificate by m: n (m-of-n) multiple signatures using m user terminals among n user terminals,
(a) In a state where a public key corresponding to each of n (> 1) user terminals U _i (i = 1, ..., n) or data processed by the public key is registered, A public key corresponding to the user terminal U _i , a user ID corresponding to the remaining n-1 user terminals, a value of m, a value of n, Obtaining a multi-signature certificate generation request message, which is a message requesting generation of a certificate;
(b) when the public key, the user ID, the m and n values, and the multi-signature certificate generation request message are obtained, the authentication support server determines validity of the public keys PubKey _i corresponding to the n user terminals Or to allow other devices associated with the authentication support server to make a determination;
(c) if the public keys PubKey _i are determined to be valid, the authentication support server records certificate execution condition data including at least the PubKey _i , the m and the n, and generates a multiple signature Generating a location identifier PrivTxidABC or enabling another device associated with the authentication support server to generate the location identifier PrivTxidABC;
(d) The authentication support server transmits the generated multi-signature location identifier PrivTxidABC to the n user terminals, thereby allowing each of the user terminals U _i to transmit a private key corresponding to the PubKey _i , PrivKey _i Signing the multi-signature location identifier PrivTxidABC to generate multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) as a result thereof;
(e) If the generated multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) are obtained, the authentication support server determines whether the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) Supporting other devices associated with the support server to determine;
(f) if it is determined that the multiple signature location identifier signature values SigPrivKey _i (PrivTxidABC) is normally signed, the authentication support server sends the certificate execution condition data, the multiple signature location identifier signature values, To a private block chain database or to have another device interlocked with the authentication support server hold it; And
(g) if the predetermined condition is satisfied, the authentication support server transmits a predetermined hash value, which is a hash value calculated from the certificate execution condition data, the multiple signature location identifier signature values, and the multi- (I) a hash value of the public key PubKey _k of the particular user terminal U _k or a value obtained by manipulating the public key of the specific user terminal U _k , (ii) the certificate execution condition data for the specific certificate, (Iii) hash information calculated from the multiple signature location identifier signature values for the particular certificate and the multiple signature location identifier for the particular certificate, (iii) approval object information or destruction request information for each of at least m user terminals U _i, The processed value, the approved subject information signature value or the revocation requested information signature value, and the certificate approval Is the destroyed record data, which is either a certificate acknowledgment indicating that the certificate has been approved or discarded, or a hash value of destroyed record data - a representative hash value generated by hash calculation together with the hash value or a value obtained by processing the representative hash value And registering the obtained value in a public block chain database or registering with another device interlocked with the authentication support server;
, ≪ / RTI &
The step (b)
(b1) the step of supporting the authentication support server, the user terminal U _i determine whether the registration of the public key RegPubKey _i or processed data corresponding to it or to determine other causes the device to be indexed to the authentication support server in; And
(b2) if said checking results, registered, the authentication support server, the registration of the RegPubKey _i and the PubKey _i are processed data whether or the RegPubKey _i a and the PubKey _i by processing data match each other, Determining whether or not they match with each other or assisting another device associated with the authentication support server to determine;
≪ / RTI > The method according to claim 1,
In the step (a)
If at least one of the user IDs m and n received from each of the user terminals is inconsistent with respect to the user terminal, the authentication support server transmits a message indicating the mismatch or instructs another device coupled to the authentication support server Wherein the method further comprises: The method according to claim 1,
The step (b)
(b3) As a result of the checking, if the authentication support server is not registered, the authentication support server transmits a message indicating that the public key PubKey _i received from the user terminal is not registered, To transmit the message;
≪ / RTI > The method according to claim 1,
The step (b2)
Said RegPubKey _i and the PubKey _i do not match each other, or the RegPubKey _i a if not processed the processed data and the PubKey _i data match each other, the authentication support server, is received from the user terminal, the public key And transmits a message indicating that PubKey _i is invalid or to allow another device associated with the authentication support server to transmit the message.
Characterized in that the said RegPubKey PubKey _i and the _i coincide with each other, or when the _i RegPubKey the processed data and the processed data to the PubKey _i coincide with each other, it is determined that the public keys PubKey _i valid. The method according to claim 1,
The step (c)
Wherein the multiple signature location identifier is generated from the certificate execution condition data through a predetermined hash function. 6. The method of claim 5,
Wherein the certificate execution condition data is data obtained by sequentially concatenating the m, the PubKey _i, and the n with a predetermined delimiter. The method according to claim 1,
In the step (e)
Whether or not the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) is normally signed is determined by referring to the PubKey _i and the PrivTxidABC. The method according to claim 1,
In the step (g)
The predetermined condition is that,
(i) a condition that a predetermined number of the hash values and the neighbor hash values are acquired or generated; And a condition for the characteristic. The method according to claim 1,
In the step (g)
The authentication support server supports the generation or generation of a merkle tree in which the specific hash value is assigned to a leaf node,
Obtaining a value obtained by processing the representative hash value or the representative hash value generated by performing a hash calculation of a hash value assigned to at least one other leaf node matched with the specific hash value, if the predetermined condition is satisfied, And registering the obtained value in the public block chain database or registering the other device interlocked with the authentication support server. 10. The method of claim 9,
If the merge tree is the first merge tree among the at least one merge tree connected in a chain form, the first leaf node of the merge tree may have a hash value of predetermined message data composed of text, numbers, or symbols, Is assigned. 10. The method of claim 9,
If the predetermined condition is satisfied,
(x1) The authentication support server performs a hash operation on (i) the specific hash value and (ii) the hash value assigned to the sibling node of the node to which the specific hash value is assigned, A hash value of the operation value that is a result of the operation is assigned to a parent node of the node or to another device associated with the authentication support server,
(x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is registered in the public block chain database as the representative hash value or the other device linked to the authentication support server Support,
(x3) If the parent node is not the root node of the merge tree, the step (x1) to (x3) are repeatedly performed using the hash value assigned to the parent node as the specific hash value. 12. The method of claim 11,
In (x1) above,
If a hash value is not assigned to a sibling node of the node to which the specific hash value is allocated even though the predetermined condition is satisfied, the authentication support server assigns a predetermined hash value to the sibling node, (X1) to (x3) by supporting other devices to be interlocked. The method according to claim 1,
When the authentication support server stores the specific hash value and the at least one neighbor hash value in a predetermined first data structure and then stores and manages a second data structure of the same type as the first data structure, Wherein the first data structure and the second data structure are connected in a chain form. 14. The method of claim 13,
Wherein a root value of the first data structure or a hash value of the root value is assigned to a first leaf node of the second data structure if the first data structure and the second data structure are merc trees. . The method according to claim 1,
In the above steps (a) to (f), there is no reception from the n user terminals U _i ,
In the step (g), if the predetermined condition is satisfied, the authentication support server supports to generate or generate a merge tree in which predetermined message data is allocated to a first leaf node and a second leaf node, Tree root value or a value obtained by processing the tree root value in the public block chain database or registering with other devices interlocked with the authentication support server. The method according to claim 1,
(h) When the certificate execution condition data, the multi-signature location identifier signature values, and the multi-signature location identifier are registered, the authentication support server transmits to the n user terminals a certificate registration completion indicating that the registration of the certificate is completed Forwarding a message or allowing another device associated with the authentication support server to deliver the message;
Further comprising:
Wherein the certificate registration completion message includes the multi-signature location identifier PrivTxidABC. The method according to claim 1,
Wherein the private block chain database is a private block chain managed by the authentication support server,
Wherein the public block chain database is a public block chain accessible to the authentication support server. An authentication support server for providing a registration service of a certificate by m: n (m-of-n) multiple signatures using m user terminals among n user terminals,
n (> 1) of the user terminal _{U i (i = 1, ...} , n) released in the presence of the public key (public key) or a processed data them corresponding to each of the registered, corresponding to the user terminal U _i A public key, a user ID corresponding to the remaining n-1 user terminals, a value of m, a value of n, and a message requesting generation of a certificate based on the m: n multiple signature A communication unit for acquiring a multi-signature certificate generation request message; And
When the public key, the user ID, the m and n values, and the multi-signature certificate generation request message are obtained, the validity of the public keys PubKey _i corresponding to the n user terminals is determined, A processor to assist the device to determine;
, ≪ / RTI &
The processor comprising:
If the public keys PubKey _i are determined to be valid, record the certificate execution condition data including at least the PubKey _i , the m and the n, and generate or generate a multiple signature location identifier PrivTxidABC corresponding to the certificate execution condition data and,
By transmitting the generated multi-signature location identifier PrivTxidABC to the n user terminals, each of the user terminals U _i can sign the multi-signature location identifier PrivTxidABC as PrivKey _i , which is a private key corresponding to the PubKey _i To generate the resulting multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC)
When the generated multiple signature location identifier signature values SigPrivKey _i (PrivTxidABC) are obtained, it is determined whether the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) is normally signed or another device linked to the authentication support server And,
If it is determined that the multi-signature location identifier signature values SigPrivKey _i (PrivTxidABC) are normally signed, holds the certificate execution condition data, the multi-signature location identifier signature values and the multi-signature location identifier in the private block chain database, Support to keep other devices interlocked with the authentication support server,
Wherein the predetermined hash value is a hash value computed from the certificate execution condition data, the multiple signature location identifier signature values, and the multi-signature location identifier, and at least one neighbor hash value matching the specific hash value - the neighbor hash value is determined by: (i) a hash value of the public key PubKey _k or its value of a particular user terminal U _k , (ii) certificate execution condition data for the particular certificate, a multiple signature location identifier Signature values and hash values computed from the multiple signature location identifiers for the particular certificate, (iii) authorization target information or destruction request information for each of at least m user terminals U _i , Or destroy request information signature value including the multi-signature location identifier, and the certificate approval or destroyed record data Obtaining a value obtained by processing a representative hash value or the representative hash value generated by performing a hash calculation together with a hash value of the certificate approval or destruction completed record data indicating that the approval or destruction of the certificate has been completed, Registering the obtained value in the public block chain database or registering the other device linked to the authentication support server,
In determining the validity of the public keys PubKey _i corresponding to the n user terminals,
Confirms whether the public key RegPubKey _i corresponding to the user terminal U _i or data processed by the public key RegPubKey _i is registered or confirms that another device linked to the authentication support server confirms it,
The check result, if the registration status, the registration of the RegPubKey _i and the PubKey _i is determined whether they match or whether the RegPubKey _i the processed data and the processed data to the PubKey _i coincide with each other that, or the authentication To assist other devices interlocked with the support server to determine
The authentication support server comprising: 19. The method of claim 18,
The processor comprising:
When the certificate execution condition data, the multiple signature location identifier signature values, and the multi-signature location identifier are registered, a certificate registration completion message indicating that registration of the certificate is completed is transmitted to the n user terminals, Supports the delivery of other interworking devices,
And the certificate registration completion message includes the multi-signature location identifier PrivTxidABC.

Images