KR102467558B1 - Data communication method and apparatus based on data encryption applying did - Google Patents

Abstract

For secure data communication between the server and the user terminal, an encryption method based on DID may be used. The user terminal sends a proof request to the server, the server generates a proof for the proof request, and the user terminal generates a master key based on the initial master key in the proof if the received proof is valid. and data communication may be performed based on the master key.

Description

Data communication method and apparatus using DID-based encryption scheme

The following embodiments relate to data communication technology, and specifically to data encryption technology.

i) Decentralized Identifiers (DID)

DID is an electronic identity verification technology that stores personal information in the user's terminal and selects and submits only the information necessary for personal information authentication, and is generally known as an identity verification technology built on the basis of block chain technology. DID can also be described as an ID that indicates the location of a DID document stored in the blockchain.

ii) Hyperledger Fabric

Hyperledger Fabric is a consortium blockchain platform that is widely used in recent years. Provider).

iii) SSL (Secure Socket Layer)

SSL represents a set of protocols used to encrypt and communicate network data, and uses an asymmetric key method using a key pair.

One embodiment may provide a method and apparatus for generating a credential based on a DID.

An embodiment may provide a data communication method and apparatus using a DID-based encryption method.

According to an aspect, a method for generating a credential of a target server, performed by a certificate issuing server, includes receiving a request for issuing a credential for a target server from the target server, based on the request for issuing the credential. Inquiring the schema of the credential through the ledger of the block chain, and transmitting a request for confirmation of the schema of the credential to the target server - the target server retrieves the credential through the ledger of the block chain. Inquiring a schema of -, receiving a credential issuance request including a target item to be issued as the credential schema from the target server, and the target server based on the schema of the credential and the target item It includes generating credentials for.

Generating the credential may include generating the credential to include private decentralized identifiers (DIDs), a private DID document, and a verifiable proof.

The credential generation method may further include transmitting the credential to the target server, and the credential may be stored in White Box Cryptography (WBC) of the target server.

The certificate issuing server and the blockchain are linked through a web application server, and the web application server may be a blockchain-based identity verification system based on Hyperledger Fabric and Hyperledger INDY related to DID.

The credential generation method may further include generating a pair between the certificate issuing server and the target server, and when the pair is generated, a credential issuance request for the target server is received from the target server. can

The credential may include an initial master key for generating a master key to be used by the target server for encrypted communication.

According to another aspect, a certificate issuing server that performs a method of issuing a credential of a target server includes a memory in which a program for issuing a credential is recorded, and a processor that executes the program, the program comprising: Receiving a credential issuance request for a target server from the target server, based on the credential issuance request, inquiring the schema of the credential through the ledger of the block chain, the credential schema searched Transmitting a verification request of to the target server - the target server searches the schema of the credential through the ledger of the blockchain - issuing a credential including a target item to be issued as the schema of the credential Receiving a request from the target server, and generating a credential for the target server based on the schema of the credential and the target item.

According to another aspect, a method for performing data communication with a target server, performed by a user terminal, includes generating a pair between a user terminal and a target server, an intent for a proof request from the target server Receiving a (purpose), inquiring a target credential schema for the proof request through a blockchain, generating a proof request based on the target credential schema and a target item that the target server wants to prove Step, transmitting the proof request to the target server, receiving a proof for the proof request from the target server, the proof including an initial master key, verifying the validity of the proof generating a master key used for encrypting packets based on the initial master key when the validity of the proof is verified, and performing data communication with the target server based on the master key. do.

Credentials for the target server are stored in White Box Cryptography (WBC) of the target server, and the credentials may include the target item and the initial master key.

The user terminal and the blockchain are linked through a web application server, and the web application server may be a blockchain-based identity verification system based on Hyperledger Fabric and Hyperledger INDY related to DID (Decentralized Identifiers). have.

Generating a pair between the user terminal and the target server may include generating a challenge value for the pair with the target server, transmitting the challenge value to the target server, and the challenge value and the Receiving a return value generated based on the private key of the target server, verifying the return value, and generating a pair between the user terminal and the target server when the return value is verified. have.

The data communication method includes generating a key pair including a private key and a public key of the user terminal for DID use, generating a credential schema of the user terminal, and storing the user terminal in the ledger of the block chain. The method may further include storing the public key of the terminal and the credential schema.

The credential schema may be verifiable.

According to another aspect, a user terminal performing a method of data communication with a target server includes a memory in which a program for data communication with the target server is recorded, and a processor that executes the program, wherein the program includes a user Generating a pair between a terminal and a target server, receiving a purpose for a proof request from the target server, querying a target credential schema for the proof request through a blockchain, Generating a proof request based on the target credential schema and a target item that the target server wants to prove, transmitting the proof request to the target server, and proof of the proof request from the target server. ), wherein the proof includes an initial master key, verifying the validity of the proof, and if the validity of the proof is verified, a master key used to encrypt a packet based on the initial master key. Generating and performing data communication with the target server based on the master key.

According to another aspect, a method of generating a credential of an electronic device, performed by an electronic device, includes transmitting a credential issuance request of the electronic device to a certificate issuing server, the issuing request from the certificate issuing server. Receiving a request for confirmation of the target credential schema as a response to, inquiring the target credential schema through the blockchain ledger, generating a target item to be issued with the target credential schema, the target credential schema Transmitting an item to the certificate issuing server, receiving a credential of the electronic device generated based on the target credential schema and the target item from the certificate issuing server, and transmitting the credential to the electronic device. and storing in White Box Cryptography (WBC).

According to another aspect, an electronic device performing a method for generating credentials of an electronic device includes a memory in which a program for generating credentials is recorded, and a processor executing the program, the program comprising: Transmitting a credential issuance request of an electronic device to a certificate issuing server, receiving a target credential schema confirmation request as a response to the issuing request from the certificate issuing server, and converting the target credential schema to a blockchain. Inquiring through the ledger, generating a target item to be issued with the target credential schema, transmitting the target item to the certificate issuing server, generating a target item based on the target credential schema and the target item The steps of receiving the credentials of the electronic device from the certificate issuing server and storing the credentials in White Box Cryptography (WBC) of the electronic device are performed.

A method and apparatus for generating a credential based on a DID may be provided.

A data communication method and apparatus using a DID-based encryption method may be provided.

1 is a configuration diagram of a data communication system using a DID-based encryption method according to an example.
2 is a configuration diagram of a certificate issuing server according to an embodiment.
3 is a configuration diagram of a target server according to an embodiment.
4 is a configuration diagram of a user terminal according to an embodiment.
5 is a flowchart of a method for authenticating the qualification of a target server for data communication according to an exemplary embodiment.
6 is a flowchart of a method of generating a key pair and credential schema of each of a certificate issuing server, a target server, and a user terminal for DID use according to an example.
7 is a flowchart of a method of generating a first pair between a certificate issuing server and a target server according to an example.
8 is a flowchart of a method for generating credentials according to an example.
9 is a flowchart of a method of generating a second pair between a target server and a user terminal according to an example.
10 is a flowchart of a method of authenticating qualification of a target server according to an example.

Hereinafter, embodiments will be described in detail with reference to the accompanying drawings. However, since various changes can be made to the embodiments, the scope of the patent application is not limited or limited by these embodiments. It should be understood that all changes, equivalents or substitutes to the embodiments are included within the scope of rights.

Terms used in the examples are used only for descriptive purposes and should not be construed as limiting. Singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, terms such as "include" or "have" are intended to designate that there is a feature, number, step, operation, component, part, or combination thereof described in the specification, but one or more other features It should be understood that the presence or addition of numbers, steps, operations, components, parts, or combinations thereof is not precluded.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by a person of ordinary skill in the art to which the embodiment belongs. Terms such as those defined in commonly used dictionaries should be interpreted as having a meaning consistent with the meaning in the context of the related art, and unless explicitly defined in the present application, they should not be interpreted in an ideal or excessively formal meaning. don't

In addition, in the description with reference to the accompanying drawings, the same reference numerals are given to the same components regardless of reference numerals, and overlapping descriptions thereof will be omitted. In describing the embodiment, if it is determined that a detailed description of a related known technology may unnecessarily obscure the gist of the embodiment, the detailed description will be omitted.

In addition, in describing the components of the embodiment, terms such as first, second, A, B, (a), and (b) may be used. These terms are only used to distinguish the component from other components, and the nature, order, or order of the corresponding component is not limited by the term. When an element is described as being “connected,” “coupled to,” or “connected” to another element, that element may be directly connected or connected to the other element, but there may be another element between the elements. It should be understood that may be "connected", "coupled" or "connected".

Components included in one embodiment and components having common functions will be described using the same names in other embodiments. Unless stated to the contrary, descriptions described in one embodiment may be applied to other embodiments, and detailed descriptions will be omitted to the extent of overlap.

The existing SSL 3.0, which uses CBC (Chiper Block Chaining), an encryption method that encrypts data of variable length using a block encryption algorithm, has security vulnerabilities. For example, existing SSL 3.0 can be vulnerable to padding oracle attacks on CBC mode block ciphertext.

In addition, current clients and users have no choice but to trust the certificate and public key provided by the server, but a crime of extracting personal information based on a fake site may occur using this structure.

On the other hand, blockchain is a form of distributed data storage technology. Continuously changing data to all participating nodes

As a recorded change list, it is designed to prevent arbitrary manipulation by the operator of the distributed node. In other words, the data to be managed is stored in a distributed data storage environment based on 'blocks' (a link in the form of a chain created based on the P2P method of small-scale data), so that anyone cannot arbitrarily modify it and anyone can view the results of the change. It is a ledger management technology based on computing technology.

Since the blockchain technology was presented, the development of related technologies has accelerated, and the implementation of the current blockchain technology is being generalized at a high level throughout the industry. have.

Referring to FIGS. 1 to 10 below, a method of performing data communication using an identity verification technology built on the basis of blockchain technology will be described in detail.

1 is a configuration diagram of a data communication system using a DID-based encryption method according to an example.

According to one aspect, the data communication system may include a certificate issuing server 110, a target server 120, a user terminal 130, a web application server 140, and a blockchain 150.

The certificate issuing server 110 may be a server of a mobile communication company that issues credentials. A credential can be a certificate. Information for identifying subscribers may be stored in the mobile communication company server. For example, the stored identification information may include international mobile equipment identity (IMEI), international mobile user identity (IMUI), UUCID, and the like, and is not limited to the described embodiments. Identification information can only be accessed by mobile communication company servers. The certificate issuing server 110 may generate a credential by using an identifier of a subscriber terminal that wants to issue a credential.

The target server 120 may be a server that the user terminal 130 wants to access. For example, the target server 120 may be a server of an internet portal site. The target server 120 may receive a credential of the target server 120 through the certificate issuing server 110 .

The user terminal 130 may include a mobile communication terminal, a personal computer (PC), and the like, and is not limited to the described embodiment. The user terminal 130 verifies the target server 120 based on the credential of the target server 120, and when the target server 120 is verified, the target server 120 and Data communication can be performed.

The web application server 140 may interoperate the certificate issuing server 110, the target server 120, the user terminal 130, and the blockchain 150. For example, the web application server 140 may be a blockchain-based identification system based on Hyperledger Fabric and Hyperledger INDY specialized for Decentralized Identifiers (DID).

The blockchain 150 may be a consortium-oriented Hyperledger Fabric blockchain that stores public DIDs, DID documents, credential definitions, schema definitions, and the like.

According to one aspect, a relationship of a first pair 160 may be created between the certificate issuing server 110 and the target server 120 through DID, and a second pair relationship between the target server 120 and the user terminal 130 A relationship of (170) can be created. Through the first pair 160 and the second pair 170 , the user terminal 130 can verify the qualification of the target server 120 . When the qualification of the target server 120 is verified, a special encryption method between the target server 120 and the user terminal 130 may be determined. Data communication between the target server 120 and the user terminal 130 may be performed through the determined encryption method.

Below, a data communication method between the target server 120 and the user terminal 130 will be described in detail with reference to FIGS. 2 to 10 .

2 is a configuration diagram of a certificate issuing server according to an embodiment.

The certificate issuing server 200 includes a communication unit 210, a processor 220 and a memory 230. For example, the certificate issuing server 200 may be the certificate issuing server 110 described above with reference to FIG. 1 .

The communication unit 210 is connected to the processor 220 and the memory 230 to transmit and receive data. The communication unit 210 may transmit/receive data by being connected to another external device. Hereinafter, the expression “transmitting and receiving “A” may indicate transmitting and receiving “information or data indicating A”.

The communication unit 210 may be implemented as a circuitry within the certificate issuing server 200 . For example, the communication unit 210 may include an internal bus and an external bus. As another example, the communication unit 210 may be an element that connects the certificate issuing server 200 and an external device. The communication unit 210 may be an interface. The communication unit 210 may receive data from an external device and transmit the data to the processor 220 and the memory 230 .

The processor 220 processes data received by the communication unit 210 and data stored in the memory 230 . A “processor” may be a data processing device implemented in hardware having circuitry having a physical structure for executing desired operations. For example, desired operations may include codes or instructions included in a program. For example, a data processing unit implemented in hardware includes a microprocessor, a central processing unit, a processor core, a multi-core processor, and a multiprocessor. , Application-Specific Integrated Circuit (ASIC), and Field Programmable Gate Array (FPGA).

Processor 220 executes computer readable code (eg, software) stored in memory (eg, memory 230 ) and instructions invoked by processor 220 .

The memory 230 stores data received by the communication unit 210 and data processed by the processor 220 . For example, the memory 230 may store a program (or application or software). The stored program may be a set of syntaxes coded to issue credentials and executed by the processor 220 .

According to one aspect, the memory 230 may include one or more of volatile memory, non-volatile memory and random access memory (RAM), flash memory, a hard disk drive, and an optical disk drive.

The memory 230 stores a command set (eg, software) for operating the certificate issuing server 200 . A set of instructions for operating the certificate issuing server 200 is executed by the processor 220.

The communication unit 210, the processor 220, and the memory 230 will be described in detail with reference to FIGS. 5 to 8 below.

3 is a configuration diagram of a target server according to an embodiment.

The target server 300 includes a communication unit 310 , a processor 320 and a memory 330 . For example, the target server 300 may be the target server 120 with reference to FIG. 1 . As another example, the target server 300 may not be a server, but may be an electronic device such as a user terminal.

The communication unit 310 is connected to the processor 320 and the memory 330 to transmit and receive data. The communication unit 310 may transmit/receive data by being connected to another external device.

The communication unit 310 may be implemented as a circuitry within the target server 300 . For example, the communication unit 310 may include an internal bus and an external bus. As another example, the communication unit 310 may be an element that connects the target server 300 and an external device. The communication unit 310 may be an interface. The communication unit 310 may receive data from an external device and transmit the data to the processor 320 and the memory 330 .

The processor 320 processes data received by the communication unit 310 and data stored in the memory 330 . Processor 320 executes computer readable code (eg, software) stored in memory (eg, memory 330 ) and instructions invoked by processor 320 .

The memory 330 stores data received by the communication unit 310 and data processed by the processor 320 . For example, the memory 330 may store a program (or application or software). The stored program may be a set of syntaxes coded to perform data communication and executed by the processor 320 .

According to one aspect, memory 330 may include one or more of volatile memory, non-volatile memory and RAM, flash memory, hard disk drive and optical disk drive.

The memory 330 stores a command set (eg, software) for operating the target server 300 . A set of instructions for operating the target server 300 is executed by the processor 320 .

The communication unit 310, the processor 320, and the memory 330 will be described in detail with reference to FIGS. 5 to 10 below.

4 is a configuration diagram of a user terminal according to an embodiment.

The user terminal 400 includes a communication unit 410 , a processor 420 and a memory 430 . For example, the user terminal 400 may be the user terminal 130 described above with reference to FIG. 1 .

The communication unit 410 is connected to the processor 420 and the memory 430 to transmit and receive data. The communication unit 410 may transmit/receive data by being connected to another external device.

The communication unit 410 may be implemented as a circuitry within the user terminal 400 . For example, the communication unit 410 may include an internal bus and an external bus. As another example, the communication unit 410 may be an element that connects the user terminal 400 and an external device. The communication unit 410 may be an interface. The communication unit 410 may receive data from an external device and transmit the data to the processor 420 and the memory 430 .

The processor 420 processes data received by the communication unit 410 and data stored in the memory 430 .

Processor 420 executes computer readable code (eg, software) stored in memory (eg, memory 430 ) and instructions invoked by processor 420 .

The memory 430 stores data received by the communication unit 410 and data processed by the processor 420 . For example, the memory 430 may store a program (or application or software). The stored program may be a set of syntax coded to perform data communication and executed by the processor 420 .

According to one aspect, memory 430 may include one or more of volatile memory, non-volatile memory and RAM, flash memory, hard disk drive and optical disk drive.

The memory 430 stores a command set (eg, software) for operating the user terminal 400 . A set of instructions for operating the user terminal 400 is executed by the processor 420 .

The communication unit 410, the processor 420, and the memory 430 will be described in detail with reference to FIGS. 5, 6, 9, and 10 below.

5 is a flowchart of a method for authenticating the qualification of a target server for data communication according to an exemplary embodiment.

According to one aspect, the following steps 510 to 570 may be performed to perform data communication between the target server 200 and the user terminal 300 .

In step 510, a key pair (private key/public key) and credential schema for each of the certificate issuing server 200, target server 300, and user terminal 400 for DID use are generated. do. The generated credential schema may be verifiable. Step 510 is described in detail with reference to FIG. 6 below.

In step 520, a first pair between the certificate issuing server 200 and the target server 300 is created. Creation of the first pair means creation of a secure connection between the certificate issuing server 200 and the target server 300 . A method of generating the first pair will be described in detail below with reference to FIG. 7 .

In step 530, credentials of the target server 300 are generated by the certificate issuing server 200. For example, a credential may be generated to include a private DID, a private DID document, and a verifiable proof. A method of generating credentials of the target server 300 will be described in detail with reference to FIG. 8 below.

For example, the format of the DID may be as shown in [Table 1] below. 'did' may be a schema specifying that the corresponding format is DID, 'example' may be the name of a DID method, and '123456789abcderfghijk' may be a unique identifier of DID.

did:example:123456789abcderfghijk

For example, the format of the DID document may be as shown in [Table 2] below. The DID document may include a public key list related to an identifier (id) of the corresponding DID document and an authentication list for proving ownership of the identifier.

{
"id" : "did:example:123456789abcdefghi",
"publickey" : [{
"id" : "did:example:123456789abcdefghi#key-1"
"type" : "RsaVerificationKey2018"
"publickeyPem" : "---BEGIN PUBLIC KEY ...END PUBLIC
KEY ----\r\n"},
{
"id" : "did:example:123456789abcdefghi",
"publickey" : [{
"id":"did:example:123456789abcdefghi#key-3"
"type" : "RsaVerificationKey2018"
"publickeyPem" : "---BEGIN PUBLIC KEY ...END PUBLIC
KEY ----\r\n"
}]
}
}],
"authentication" : [{
"did:example:123456789abcdefghi#key-1"
}],
"service" : [{...}]
}

At step 540, the target server 300 receives and stores the credentials. For example, the target server 300 may store credentials in White Box Cryptography (WBC) for the target server 300 . WBC can distribute and store credentials using an encrypted key and WBC algorithm. For example, a credential's private DID, private DID document, and verifiable proof may be distributed and stored in the WBC.

Even in the case of decrypting a credential, since decryption is possible without the memory set of WBC, key theft can be prevented at the source.

In step 550, a second pair between the target server 300 and the user terminal 400 is created. Creation of the second pair means creation of a secure connection between the target server 300 and the user terminal 400 . A method of generating the second pair will be described in detail below with reference to FIG. 9 .

According to one aspect, step 550 may be performed when the user terminal 400 accesses the target server 300 to perform data communication.

In step 560, the qualification of the target server 300 is authenticated or verified by the user terminal 400. When the qualification of the target server 300 is authenticated, a master value for data communication between the user terminal 400 and the target server 300 may be generated.

A method of authenticating the qualification of the target server 300 will be described in detail with reference to FIG. 10 below.

In step 570, data communication may be performed between the target server 300 and the user terminal 400 based on the master value. For example, a master value can be used to encrypt data packets.

An initial master key (pre_master_key) of a credential is shared between the target server 300 and the user terminal 400, and an encrypted communication is performed based on the pre_master_key, thereby preventing an attack of stealing a key used for encryption. That is, by grafting the DID technology to the existing SSL handshake method, the initial master key (pre_master_key) is safely exchanged between the target server 300 and the user terminal 400, and based on this, encrypted communication is performed, thereby providing secure data communication. this is possible

A seed value of the initial master key (pre_master_key) may be identification information of the target server 300 and the user terminal 400, which are information accessible only to the certificate issuing server 200. Accordingly, the master key used for packet encryption of the target server 300 and the user terminal 400 cannot be stolen by the outside.

6 is a flowchart of a method of generating a key pair and credential schema of each of a certificate issuing server, a target server, and a user terminal for DID use according to an example.

According to one aspect, step 510 described above with reference to FIG. 5 may include steps 605 to 645 below.

In step 605 , the certificate issuing server 200 generates a first key pair including a first private key/first public key of the certificate issuing server 200 .

In step 610 , the certificate issuing server 200 generates a first credential schema of the certificate issuing server 200 . The first credential schema may be verifiable.

At step 615 , the certificate issuing server 200 stores the first public key and the first credential schema in the ledger of the blockchain 600 . A first public key and a first credential schema may be used for DID usage.

In step 620, the target server 300 generates a second key pair including the second private key/second public key of the target server 300.

At step 625 , the target server 300 generates a second credential schema of the target server 300 . The second credential schema may be verifiable.

At step 630 , the target server 300 stores the second public key and the second credential schema in the ledger of the blockchain 600 . A second public key and a second credential schema may be used for DID usage.

In step 635 , the user terminal 400 generates a third key pair including a third private key/third public key of the user terminal 400 .

In step 640 , the user terminal 400 generates a third credential schema of the user terminal 400 . The third credential schema may be verifiable.

In step 645 , the user terminal 400 stores the third public key and the third credential schema in the ledger of the blockchain 600 . A third public key and a third credential schema may be used for DID usage.

Steps 605, 610, 615, steps 620, 625, 630, and steps 635, 640, 645 may each be performed independently and in parallel.

7 is a flowchart of a method of generating a first pair between a certificate issuing server and a target server according to an example.

According to one aspect, step 520 described above with reference to FIG. 5 may include steps 705 to 730 below.

In step 705 , the certificate issuing server 200 generates a first challenge value for pairing with the target server 300 .

In step 710, the certificate issuing server 200 transmits the first challenge value to the target server 300.

In step 715, the target server 300 performs digital signature with the private key of the target server 300. A first return value is generated as a response to the first challenge value by digitally signing the first challenge value with the private key.

In step 720, the target server 300 transmits the first return value to the certificate issuing server 200.

In step 725, the certificate issuing server 200 verifies the first return value. For example, the certificate issuing server 200 may verify the first return value based on the public key of the target server 300 .

In step 730, when the first return value is verified, a first pair between the certificate issuing server 200 and the target server 300 is generated.

When the first pair is generated, step 530 described above with reference to FIG. 5 may be performed. Step 530 is described in more detail with reference to FIG. 8 below.

8 is a flowchart of a method for generating credentials according to an example.

According to one aspect, step 530 described above with reference to FIG. 5 may include steps 805 to 845 below.

In step 805 , the target server 300 transmits a credential issuance request for the target server 300 to the certificate issuing server 200 .

In step 810, the certificate issuing server 200 queries the credential schema through the ledger of the blockchain 600 based on the credential issuance request.

In step 815, the blockchain 600 returns the credential schema that has been checked to the certificate issuing server 200. The returned credential schema is named the target schema.

In step 820, the certificate issuing server 200 transmits a target schema verification request to the target server 300 as a response to the issuance request. The confirmation request of the target schema may be a credential offer.

In step 825, the target server 300 queries the target schema through the ledger of the blockchain 600.

In step 830, the block chain 600 transmits the search result for the target schema to the target server 300.

In step 835, the target server 300 creates a target item to be published as a target schema. For example, the target item may include an identifier of the target server 300 stored in the certificate issuing server 200 .

In step 840, the target server 300 transmits a credential issuance request including the generated target item to the certificate issuing server 200.

In step 845, the certificate issuing server 200 generates (or issues) a credential for the target server 300 based on the target schema and target item. Credentials may include a signature value for proof. For example, a signature value for verification may be generated by inserting a value for a target item in a target schema.

According to one aspect, the credential is an identifier of the target server 300, an identifier of the certificate issuing server 200, a unique identification value of the certificate issuing server 200, a credential issuance date, a credential expiration date, and a master key ( master_key) may include an initial master key (pre_master_key) as a seed value for generation.

In step 850, the certificate issuing server 200 transmits the generated credential to the target server 300.

At step 855, the target server 300 stores the credentials in the WBC of the target server 300.

9 is a flowchart of a method of generating a second pair between a target server and a user terminal according to an example.

According to one aspect, step 550 described above with reference to FIG. 5 may include steps 905 to 930 below.

In step 905 , the user terminal 400 generates a second challenge value for pairing with the target server 300 .

In step 910, the user terminal 400 transmits the second challenge value to the target server 300.

In step 915, the target server 300 performs digital signature with the private key of the target server 300. A second return value is generated as a response to the second challenge value by digitally signing the second challenge value with the private key.

In step 920, the target server 300 transmits the second return value to the user terminal 400.

In step 925, the user terminal 400 verifies the second return value. For example, the user terminal 400 may verify the second return value based on the public key of the target server 300 .

In step 930, when the second return value is verified, a second pair between the user terminal 400 and the target server 300 is generated.

When the second pair is generated, step 560 described above with reference to FIG. 5 may be performed. Step 560 is described in more detail with reference to FIG. 10 below.

10 is a flowchart of a method of authenticating qualification of a target server according to an example.

According to one aspect, step 560 described above with reference to FIG. 5 may include steps 1005 to 1060 below.

In step 1005 , the target server 300 transmits a purpose for a proof request to the user terminal 400 .

In step 1010, the user terminal 400 queries the credential schema for the proof request through the blockchain 600.

In step 1015, the block chain 600 transmits the inquiry result to the user terminal 400. A search result may indicate a target credential schema.

In step 1020, the user terminal 400 generates a proof request based on the target credential schema and the second target item. The second target item may be information that the target server 300 wants to authenticate or prove.

In step 1025, the user terminal 400 transmits a verification request to the target server 300.

In step 1030, the target server 300 searches for a second target item through the WBC. Information received from the WBC may further include an initial master key (pre_master_key) included in credentials stored in the WBC as well as the second target item.

In step 1035, the target server 300 generates a proof to include the second target items inquired through the WBC and an initial master key (pre_master_key). For example, the target server 300 may generate a certificate by performing digital signature using a private key of the target server 300 .

In step 1040, the target server 300 transmits the proof to the user terminal 400.

In step 1045, the user terminal 400 verifies the validity of the received proof. For example, the signature value of the proof and the validity of the second target items may be verified.

In step 1050, the user terminal 400 transmits a response to the validity of the proof to the target server 300. When the proof is validated, data communication between the user terminal 400 and the target server 300 may be performed in a subsequent step.

In step 1055, the target server 300 generates a master key or master value based on the initial master key (pre_master_key). The target server 300 may encrypt a packet to be transmitted to the user terminal 400 using the master key, and may decrypt the encrypted packet received from the user terminal 400 .

In step 1060, the user terminal 400 generates a master key or a master value based on the initial master key (pre_master_key). The user terminal 400 may encrypt a packet to be transmitted to the target server 300 using the master key, and may decrypt the encrypted packet received from the target server 300 .

The method according to the embodiment may be implemented in the form of program instructions that can be executed through various computer means and recorded on a computer readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. Program commands recorded on the medium may be specially designed and configured for the embodiment or may be known and usable to those skilled in computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks. - includes hardware devices specially configured to store and execute program instructions, such as magneto-optical media, and ROM, RAM, flash memory, and the like. Examples of program instructions include high-level language codes that can be executed by a computer using an interpreter, as well as machine language codes such as those produced by a compiler. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

Software may include a computer program, code, instructions, or a combination of one or more of the foregoing, which configures a processing device to operate as desired or processes independently or collectively. The device can be commanded. Software and/or data may be any tangible machine, component, physical device, virtual equipment, computer storage medium or device, intended to be interpreted by or provide instructions or data to a processing device. , or may be permanently or temporarily embodied in a transmitted signal wave. The software may be distributed on networked computer systems and stored or executed in a distributed manner. Software and data may be stored on one or more computer readable media.

As described above, although the embodiments have been described with limited drawings, those skilled in the art can apply various technical modifications and variations based on the above. For example, the described techniques may be performed in an order different from the method described, and/or components of the described system, structure, device, circuit, etc. may be combined or combined in a different form than the method described, or other components may be used. Or even if it is replaced or substituted by equivalents, appropriate results can be achieved.

Therefore, other implementations, other embodiments, and equivalents of the claims are within the scope of the following claims.

200: certificate issuance server
300: target server
400: user terminal

Claims (18)

The method for generating the credential of the target server, performed by the certificate issuing server,
Receiving a credential issuance request for a target server from the target server;
Inquiring a schema of the credential through a ledger of the blockchain based on the issuance request of the credential;
Transmitting a verification request of the searched credential schema to the target server, wherein the target server searches the credential schema through the ledger of the blockchain;
receiving, from the target server, a credential issuance request including a target item to be issued as the credential schema;
generating a credential for the target server based on the schema of the credential and the target item; and
sending the credentials to the target server;
including,
The credentials are stored in White Box Cryptography (WBC) of the target server,
The credential includes an initial master key, and when the qualification of the target server is authenticated by the user terminal based on the credential, a master key to be used for encrypted communication between the target server and the user terminal is the initial master key. Generated in each of the target server and the user terminal based on the key,
How to create a credential.
According to claim 1,
The step of generating the credential is,
Generating the credentials to include private decentralized identifiers (DIDs), private DID documents, and verifiable proofs.
including,
How to create a credential.
delete According to claim 1,
The certificate issuing server and the blockchain are linked through a web application server,
The web application server is a blockchain-based identity verification system based on Hyperledger Fabric and Hyperledger INDY related to DID,
How to create a credential.
According to claim 1,
generating a pair between the certificate issuing server and the target server;
Including more,
When the pair is created, a credential issuance request for the target server is received from the target server.
How to create a credential.
delete Claims 1, 2, 4, and 5 of any one of the method of the recording program for performing a computer-readable recording medium recorded.
The certificate issuing server, which performs the method of issuing the credential of the target server,
a memory in which a program for issuing credentials is recorded; and
Processor that runs the above program
including,
said program,
Receiving a credential issuance request for a target server from the target server;
Inquiring a schema of the credential through a ledger of the blockchain based on the issuance request of the credential;
Transmitting a verification request of the searched credential schema to the target server, wherein the target server searches the credential schema through the ledger of the blockchain;
receiving, from the target server, a credential issuance request including a target item to be issued as the credential schema;
generating a credential for the target server based on the schema of the credential and the target item; and
sending the credentials to the target server;
and
The credentials are stored in White Box Cryptography (WBC) of the target server,
The credential includes an initial master key, and when the qualification of the target server is authenticated by the user terminal based on the credential, a master key to be used for encrypted communication between the target server and the user terminal is the initial master key. Based on, generated in each of the target server and the user terminal,
Certificate issuance server.
A method of performing data communication with a target server, performed by a user terminal,
generating a pair between a user terminal and a target server;
Receiving a purpose for a proof request from the target server;
Inquiring a target credential schema for the proof request through a blockchain;
generating a proof request based on the target credential schema and a target item that the target server wants to prove;
transmitting the authentication request to the target server;
receiving a proof of the proof request from the target server, the proof including an initial master key;
verifying the validity of the proof;
generating a master key used to encrypt packets based on the initial master key if the validity of the proof is verified; and
performing encrypted data communication with the target server based on the master key;
including,
The target server receives the credential including the target item and the initial master key from a certificate issuing server that issues credentials for the target server,
The credentials for the target server are stored in White Box Cryptography (WBC) of the target server.
data communication method.
delete According to claim 9,
The user terminal and the blockchain are linked through a web application server,
The web application server is a blockchain-based identity verification system based on Hyperledger Fabric and Hyperledger INDY related to DID (Decentralized Identifiers),
data communication method.
According to claim 9,
Generating a pair between the user terminal and the target server,
generating a challenge value for a pair with the target server;
Transmitting the challenge value to the target server;
receiving a return value generated based on the challenge value and the private key of the target server from the target server;
verifying the return value; and
generating a pair between the user terminal and the target server when the return value is verified;
including,
data communication method.
According to claim 9,
generating a key pair including a private key and a public key of the user terminal for DID use;
generating a credential schema of the user terminal; and
Storing the public key and the credential schema of the user terminal in the ledger of the blockchain
Including more,
data communication method.
According to claim 13,
The credential schema is verifiable,
data communication method.
Claims 9, 11, 12, 13, and 14, a computer readable recording medium containing a program for performing the method of any one of claims.
The user terminal, which performs the method of data communication with the target server,
a memory in which a program for data communication with the target server is recorded; and
Processor that executes the above program
including,
said program,
generating a pair between a user terminal and a target server;
Receiving a purpose for a proof request from the target server;
Inquiring a target credential schema for the proof request through a blockchain;
generating a proof request based on the target credential schema and a target item that the target server wants to prove;
transmitting the authentication request to the target server;
receiving a proof of the proof request from the target server, the proof including an initial master key;
verifying the validity of the proof;
generating a master key used to encrypt packets based on the initial master key if the validity of the proof is verified; and
performing encrypted data communication with the target server based on the master key;
and
The target server receives the credential including the target item and the initial master key from a certificate issuing server that issues credentials for the target server,
The credentials for the target server are stored in White Box Cryptography (WBC) of the target server.
user terminal.
The method of generating a credential of the electronic device, performed by the electronic device,
Transmitting a credential issuance request of an electronic device to a certificate issuing server;
receiving a confirmation request of a target credential schema as a response to the issuance request from the certificate issuing server;
Inquiring the target credential schema through a blockchain ledger;
generating a target item to be issued with the target credential schema;
transmitting the target item to the certificate issuing server;
receiving a credential of the electronic device generated based on the target credential schema and the target item from the certificate issuing server; and
Storing the credentials in White Box Cryptography (WBC) of the electronic device
including,
The credential includes an initial master key, and a master key to be used for encrypted communication between the electronic device and the user terminal when the qualification of the electronic device is authenticated by the user terminal based on the credential is the initial master key. Generated in each of the electronic device and the user terminal based on the key,
How to create a credential.
The electronic device, which performs the method of generating a credential of the electronic device,
a memory in which a program for generating credentials is recorded; and
Processor that runs the above program
including,
said program,
Transmitting a credential issuance request of an electronic device to a certificate issuing server;
receiving a confirmation request of a target credential schema as a response to the issuance request from the certificate issuing server;
Inquiring the target credential schema through a blockchain ledger;
generating a target item to be issued with the target credential schema;
transmitting the target item to the certificate issuing server;
receiving a credential of the electronic device generated based on the target credential schema and the target item from the certificate issuing server; and
Storing the credentials in White Box Cryptography (WBC) of the electronic device
and
The credential includes an initial master key, and a master key to be used for encrypted communication between the electronic device and the user terminal when the qualification of the electronic device is authenticated by the user terminal based on the credential is the initial master key. Generated in each of the electronic device and the user terminal based on the key,
electronic device.

Images