WO2003073399A1 - Method and system for verifying data originality - Google Patents

Method and system for verifying data originality Download PDF

Info

Publication number
WO2003073399A1
WO2003073399A1 PCT/JP2002/001743 JP0201743W WO03073399A1 WO 2003073399 A1 WO2003073399 A1 WO 2003073399A1 JP 0201743 W JP0201743 W JP 0201743W WO 03073399 A1 WO03073399 A1 WO 03073399A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
data
computer
hash value
rsp
Prior art date
Application number
PCT/JP2002/001743
Other languages
French (fr)
Japanese (ja)
Inventor
Ikuo Makita
Toshihisa Ishikawa
Original Assignee
Fujitsu Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Limited filed Critical Fujitsu Limited
Priority to PCT/JP2002/001743 priority Critical patent/WO2003073399A1/en
Publication of WO2003073399A1 publication Critical patent/WO2003073399A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the present invention relates to data communication technology, and more particularly, to data originality verification technology.
  • a predetermined hash algorithm is applied to the document data so as to prevent falsification of the document data, such as a contract with which the transaction is made, and the generated hash value is encrypted to generate an electronic signature. Then, the electronic signature is transmitted to the trading partner together with the encrypted document data. The trading partner decrypts the document data and applies a predetermined hash algorithm to generate a hash value. In addition, by decrypting the electronic signature, restoring the hash value, and comparing it with the generated hash value, it can be confirmed that the electronic signature has not been tampered with. If such technology is used, transactions between two companies can be processed without problems.
  • an information processing method according to the first aspect of the present invention and implemented by, for example, an RSP server of a domestic RSP (Repository Service Provider) center includes a first computer (for example, a computer of an export company) Performing a format conversion corresponding to a destination of the first data (for example, an importing company) on the first data (for example, data of an invoice) received from the first data to generate second data And the hash value of the second data is calculated, and the hash value is associated with the information on the electronic certificate related to the first computer and stored in a storage device (for example, a hash, an electronic certificate issue number index table).
  • a storage device for example, a hash, an electronic certificate issue number index table
  • the first data in the domestic RSP server is genuine data.
  • the digital certificate corresponding to the first data is a digital certificate related to the first computer of the export company.
  • the relationship between the first data and the second data that is format-converted from the first data is unique.
  • the correspondence between the second data and the hash value generated by using a predetermined hash function from the second data is also unique.
  • the digital certificate corresponding to the hash value is also the digital certificate associated with the export company's first computer.
  • the RSP server at the domestic RSP center will respond to the hash value.
  • the information on the digital certificate obtained is considered to be an export company that is held in advance by the import company, etc. It should be the same as the information about the person's digital certificate. If it is the same, there is no problem if the importing company etc. processes the data using the second data as the data from the specified exporting company. If they are not the same, the exporter corresponding to the second data cannot be properly identified, and it can be recognized that tampering or other problems have occurred.
  • the configuration when information about the digital certificate corresponding to the received hash value cannot be obtained from the storage device, the configuration further includes a step of generating information for warning. There may be. This is because some problem has occurred and it is necessary to notify the operator or the first or second or first and second computers.
  • the information on the digital certificate described above may be identification information (for example, a serial number) of the digital certificate. With this information, there is no duplication if there is only one digital certificate issuer.
  • an information processing method implemented by a computer of an importing company or the like calculates a hash value for data received from another computer (for example, an RSP server of an overseas RSP center). Transmitting the hash value to another computer; and receiving information about the digital certificate corresponding to the hash value from the other computer, when the information is received from the other computer. Storing information about the received digital certificate in a storage device, and comparing the received information about the digital certificate with the information about the digital certificate of the data generator (eg, an export company).
  • the received data is not the same as the data generated by the source of the data, as well as the fact that the computer has not been tampered with another computer. In both cases, it is possible to verify that the data is generated by the source of the received data.
  • the step of generating information for warning is performed. In some cases, it further includes. This is because data received from another computer cannot be used as it is.
  • information on the electronic certificate of the generator of the data is obtained by using information of the generator identified from the data and information on the electronic certificate prepared in advance. It may be configured to include a step of searching and acquiring a correspondence table with the certificate owner.
  • the information on the digital certificate described above may be identification information (for example, a serial number) of the digital certificate.
  • the program may be, for example, a floppy disk, CD-ROM, optical disk, or the like. It is stored in a storage medium or storage device such as a magnetic disk, a semiconductor memory, and a hard disk. It may also be distributed via networks such as the Internet. The data being processed is temporarily stored in the computer memory.
  • FIG. 1 is a diagram showing an outline of a system according to an embodiment of the present invention.
  • FIG. 2 is a diagram showing an example of data stored in a format conversion program storage unit.
  • FIG. 3 is a diagram showing an example of a hash / electronic certificate issue number index table.
  • FIG. 4 is a diagram showing an example of a digital certificate list table.
  • FIG. 5 is a diagram showing an electronic signature and an encryption method.
  • FIG. 6 is a diagram showing a first part of a processing flow according to one embodiment of the present invention.
  • Fig. 7 (A) is a schematic diagram of the main data transmitted from the exporting company A server to the RSP server of the domestic RSP center B, and (B) is a schematic diagram of the main data transmitted from the RSP server of the domestic RSP center B to the overseas. It is a schematic diagram of the main data transmitted to the RSP server of the RSP center C, and (C) is a schematic diagram of the main data transmitted from the RSP server of the overseas RSP center C to the importing company D server.
  • D is a schematic diagram of the main data transmitted from the importing company D server to the RSP server 9 of the overseas RSP center C,
  • (E) is a schematic diagram of the main data sent from the RSP server of the overseas RSP center C to the RSP server of the domestic RSP center B
  • (F) is the R diagram of the domestic RSP center B.
  • It is a schematic diagram of the main data transmitted from the SP server to the RSP server of the overseas RSP center C
  • (G) is a schematic diagram of the main data transmitted from the RSP server of the overseas RSP center C to the importing company D server. It is.
  • FIG. 8 is a diagram showing a second part of the processing port according to one embodiment of the present invention.
  • FIG. 9 is a diagram showing a third part of the processing flow according to one embodiment of the present invention.
  • FIG. 10 is a diagram showing a fourth part of the processing flow according to the embodiment of the present invention.
  • FIG. 1 shows a schematic diagram of a system according to an embodiment of the present invention.
  • This embodiment is an example in which the present invention is applied to a trade EDI (Electric Data Interchange) system.
  • EDI Electronic Data Interchange
  • the document data according to the laws and regulations of the country to which Company A belongs is converted into the document data according to the laws and regulations of the country to which Company D belongs.
  • RSP server 7 at RSP center B in Japan to provide services for, and provide, for example, document data format conversion and document data storage services, and services to companies in the same country as importing company D.
  • RSP server 9 at an overseas RSP center C for implementing the application and providing, for example, document data storage services, and an import company D server 5 managed and operated by, for example, the import company D to which the document data is sent. And are connected.
  • Many corporate servers are connected to the Internet1 instead of two.
  • export company A is also the destination of document data for import
  • import company B is also the source of document data for export.
  • the RSP server 9 of the overseas RSP center C performs the format conversion of the document data and the storage service of the document data
  • the RSP server 7 of the domestic RSP center B does not perform the format conversion of the document data.
  • Document data storage services include, for example, Includes services for recording the transfer of rights.
  • the importing company D server 5 may be managed and operated not only by the importing company but also by, for example, overseas customs.
  • the export company A server 3 is connected to one or more user terminals 3b via, for example, a LAN (Local Area Network) 3a. It should be noted that the configuration may be such that the communication is performed via another network such as the Internet instead of the LAN. The employee of the exporting company A operates the user terminal 3b to instruct the exporting company A server 3 to transmit document data and the like. Similarly, the importing company D server 5 is connected to one or more user terminals 5b via, for example, a LAN 5a. It should be noted that the configuration may be such that the communication is performed via another network such as the Internet instead of the LAN. The employee of the importing company D operates the user terminal 5b to instruct the importing company D server 5 to receive document data and the like. Note that the export company A server 3 or the import company D server 5 and the user terminal may be encrypted using SSL (Secure Socket Layer Protocol). In the present embodiment, the description of the processing by the user terminal is omitted.
  • SSL Secure Socket Layer Protocol
  • the RSP server 7 of the domestic RSP center B stores a format conversion program storage unit 71 that stores a format conversion program for converting the format of document data according to the destination based on the request from the source.
  • a format conversion program storage unit 71 that stores a format conversion program for converting the format of document data according to the destination based on the request from the source.
  • the digital certificate issue number index table storage unit 73 is managed.
  • the information of the electronic certificates of the related companies and organizations is stored in the storage device.
  • the RSP server 9 of the overseas RSP center C receives a format conversion program storage unit 91 that stores a format conversion program for converting the format of document data and the like according to the destination based on a request from the source.
  • a format conversion program storage unit 91 that stores a format conversion program for converting the format of document data and the like according to the destination based on a request from the source.
  • the digital certificate issuance number index table storage unit 93 is managed. However, in the following description, only the case where the RSP server 9 of the overseas RSP center C does not perform format conversion will be described.
  • the program storage section 91 and the hash ⁇ digital certificate issue number index table storage section 93 are not used.
  • the export company A server 3 manages an electronic certificate data storage unit 31 for storing electronic certificate data of each company or the RSP center.
  • the importing company D server 5 also manages an electronic certificate data storage unit 51 that stores the electronic certificate data of each company or the RSP center.
  • FIG. 2 shows an example of data stored in the format conversion program storage section 71 or 91 of the RSP server 7 of the domestic RSP center B or the RSP server 9 of the overseas RSP center C.
  • a column 201 of the destination country name and a column 203 of the name of the format conversion program are provided. For example, if the destination country is American, use a format conversion program named USA.eXe. If the destination country is a book, use a format conversion program called JPN.eXe. If the destination country is the United Kingdom, use a format conversion program called U K. eX e.
  • Fig. 3 shows an example of a table stored in the hash table of the RSP server 7 of the domestic RSP center B or the RSP server 9 of the overseas RSP center C .
  • a column 211 of a hash value calculated from the document data after format conversion and a column 211 of a corresponding digital certificate issue number are included.
  • the hash of the specific document data after format conversion corresponding to the destination and the digital certificate used by the export company ⁇ server 3 The issue number of the certificate is recorded correspondingly.
  • FIG. 4 shows an example of a digital certificate list table stored in the digital certificate data storage unit 31 or 51 of the export company A server 3 or the import company D server 5.
  • a column 222 of the digital certificate issue number and a column 222 of the owner information of the digital certificate are included.
  • the exporting company A server 3 or the importing company D server 5 obtains the digital certificate of each related company or institution in advance or immediately before processing, and stores it in the digital certificate data storage unit 31 or 51.
  • the process flow of the system shown in FIG. 1 will be described below. Before that, the process of transmitting data after encryption between two computers will be described with reference to FIG.
  • the source computer 301 When transmitting the original plaintext data 311 from the source computer 301 to the destination computer 303 after encrypting it, the source computer 301 sends one-time data to the original plaintext data 3111.
  • the data encryption process 3 2 3 is performed using the common key 3 2 5 to generate encrypted data 3 4 5.
  • triple DES Data Encryption Standard
  • a hash algorithm 313 using a hash function SHA-1 is applied to the original plaintext data 311 to generate an original hash value 319.
  • an RSA encryption process 3 21 is performed on the original hash value 3 19 using the source secret 3 11 to generate a digital signature 3 41.
  • RSA encryption processing 3 27 is performed on the one-time common key 3 2 5 using the transmission destination public key 3 31 obtained from the transmission destination public key certificate 3 29, Generate an encrypted one-time common key 347.
  • the digital signature 3 4 1 thus generated, the encrypted data 3 4 5 and the encrypted one-time common key 3 4 7 together with the sender's public key certificate 3 15 together with the HTTP (Hyper Text Transfer Protocol) ) And send it to the destination computer 303.
  • the destination computer 303 Upon receiving the electronic signature 3 41 and the sender's public key certificate 3 15, the destination computer 303 extracts the sender's public key 3 55 from the sender's public key certificate 3 15.
  • the RSA decryption processing 35 1 is performed on the electronic signature 3 41 to generate a hash value 3 53 of the original signature. Also, upon receiving the encrypted data 345 and the encrypted one-time common key 347, the private key 363 of the transmission destination is transmitted to the one-time common key 347, which has been encrypted.
  • the RSA decryption process 359 is performed by using this, and the one-time common key 361 is restored.
  • the data decryption processing 357 is performed on the ⁇ -code highlighter 345 to generate the received plaintext data 366.
  • the destination computer 303 holds the public key certificate 329 of the destination, which is transmitted to the source as needed.
  • the received plaintext data 36 7 contains the same hash algorithm 36 6 Applying 9 produces a hash value of 3 7 1
  • the original hash value 353 With the hash value 371, it is possible to confirm whether or not the received plaintext data has been altered from the original plaintext 311. That is, if the original hash value 3 5 3 and the hash value 3 7 1 match, the data is data transmitted from the owner of the public key certificate 3 29, and the data has not been tampered with.
  • the export company A server 3 or its user terminal 3b generates document data to be transmitted to the import company D (step S1).
  • the document data is transmitted from the user terminal 3b to the export company A server 3.
  • Exporting company A server 3 encrypts the generated document data with a one-time common key, calculates a hash value from the document data using a predetermined hash function (for example, MD5), and calculates the hash value.
  • a predetermined hash function for example, MD5
  • the digital signature of the export company A is generated by performing the ⁇ sign with the secret key of the export company A and stored in the storage device (step S3).
  • the one-time common key is also encrypted with the public key of the domestic RSP center B and stored in the storage device.
  • the export company A server 3 designates the import company D as a destination, and sends the encrypted document data and the electronic signature of the export company A to the RSP server 7 of the domestic RSP center B (step S). Five ) .
  • the encrypted one-time common key and the export company A's digital certificate are also sent. Note that electronic certificates may not have been sent at this stage, but may have been sent before this stage.
  • the data transmitted from the exporting company A server 3 to the RSP server 7 at the domestic RSP center B mainly consists of encrypted document data 401 and export, as shown in Fig. 7 (A).
  • the electronic signature of Company A is 402.
  • the RSP server 7 of the domestic RSP center B sends the information of the importing company D as the designation of the destination from the exporting company A server 3,
  • the signature, the encrypted one-time common key, and the digital certificate of the export company A are received and temporarily stored in the storage device (step S7).
  • the encrypted one-time common key is decrypted with the secret key of RSP Center B in Japan, and the decrypted document data is decrypted using the decrypted one-time common key, and the document data is stored.
  • Store in part 75
  • the electronic signature of the export company A is verified (step S9). That is, a hash value is calculated from the decrypted document data using a predetermined hash function and stored in the storage device. On the other hand, the hash value is extracted by decrypting the digital signature of the export company A with the export company A's public key, and stored in the storage device. Then, it is determined whether these hash values match. If there is a discrepancy, there is a possibility that the export company A server 3 has been tampered with in the course of communication with the RSP server ⁇ of the domestic RSP center B, so warning information about tampering is generated. Then, the warning information is output to, for example, the administrator of the RSP server 7 (step S11).
  • the RSP server 7 reads the format conversion program adapted to the importing company D as the transmission destination from the format conversion program storage unit 71, and performs the format conversion process on the document data decrypted by the format conversion program. Then, the result is stored in the storage device or the document data storage unit 75 (step S13). In addition, a hash value is calculated by a predetermined hash function from the format-converted document data and stored in the storage device (step S15).
  • the RSP server 7 generates a digital signature of the domestic RSP center B by converting the hash of the converted document data with the secret key of the domestic RSP center B to generate the digital signature of the domestic RSP center B.
  • the one-time common key is also encrypted with the public key of the overseas RSP center C for the importing company D as the transmission destination.
  • the import company D is specified as the destination, and the encrypted document data after the format conversion and the electronic signature of the domestic RSP center B are sent to the overseas RSP center C for the import company D as the destination.
  • the data is transmitted to the P server 9 (step S21).
  • the encrypted one-time common key and the digital certificate of the domestic RSP center B are also transmitted. Note that digital certificates may not have been sent at this stage but may have been sent before this stage.
  • the data transmitted from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C is mainly composed of encrypted document data 411 after format conversion. This is the electronic signature 412 of RSP Center B in Japan.
  • the processing shifts from FIG. 6 to FIG.
  • the RSP server 9 of the overseas RSP center C sends the information of the importing company D as the destination designation, the encrypted document data after format conversion, and the RSP server B of the domestic RSP center B from the RSP server 7 of the domestic RSP center B.
  • the digital signature, the encrypted one-time common key, and the digital certificate of the domestic RSP center B are received and temporarily stored in the storage device (step S23).
  • the encrypted one-time common key is decrypted with the secret key of the overseas RSP center C, and the encrypted one-time common key is used to decrypt the encrypted document data after the format conversion.
  • verification processing of the electronic signature of the domestic RSP center B is performed (step S25). That is, a hash value is calculated by a predetermined hash function from the document data after the format conversion and stored in the storage device.
  • the hash value is extracted by decrypting the digital signature of the domestic RSP center B with the public key of the domestic RSP center B, and stored in the storage device. Then, it is determined whether or not these hash values match.
  • step S27 If they do not match, there is a possibility that tampering has been performed in the course of communication from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C, and the warning information Is generated, and the warning information is output to, for example, the administrator of the RSP server 9 (step S27).
  • No format conversion is required for the RSP server 9 of the overseas RSP center C.
  • only relay is performed, but processing such as storing the document data after format conversion in the document data storage unit 95 is performed.
  • the document data after the format conversion is encrypted with the one-time common key and stored in the storage device.
  • a hash value of the document data after format conversion is generated using a predetermined hash function, and the hash value is encrypted with a secret key, thereby generating an electronic signature of the overseas RSP center C and storing it in the storage device.
  • the one-time encryption key is also encrypted with the public key of importing company D, which is the destination.
  • the RSP server 9 transmits the encrypted document data after the format conversion and the electronic signature of the overseas RSP center C to the server 5 of the import company D, which is the transmission destination (step S31).
  • the encrypted one-time common key and the digital certificate of the overseas RSP center C are also transmitted. Note that electronic certificates may not have been sent at this stage but may have been sent before this stage.
  • the data transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 mainly includes encrypted document data 421 after format conversion, as shown in Fig. 7 (C).
  • the electronic signature of the overseas RSP center C is 422.
  • the importing company D server 5 sends the encrypted document data after format conversion, the electronic signature of the overseas RSP center C, the encrypted one-time common key, and the overseas RSP center C from the server 9 of the overseas RSP center C.
  • the electronic certificate is received and temporarily stored in the storage device (step S33).
  • the decrypted one-time common key is decrypted with the secret key of the importing company D, and the format-converted encrypted document data is decrypted and decrypted using the decrypted one-time common key. It is stored in the device (step S35). Also, a hash value is calculated from the format-converted document data using a predetermined hash function and stored in a storage device (step S37). On the other hand, the hash value is extracted by decrypting the digital signature of the overseas RSP center C with the public key of the overseas RSP center C and stored in the storage device. Then, the digital signature is verified by judging the power that these hash values match (step S39).
  • the RSP server 9 of the overseas RSP center C and the importing company D server 5 Since there is a possibility that tampering has been performed in the course of communication, warning information is generated, and the warning information is output to, for example, the administrator of the importing company D server 5 (step S41).
  • the two hash values match, it means that the authentic document data after format conversion has been received from the overseas RSP center C.
  • importing company D does not know whether or not the converted document data is actually generated from the document data generated by exporting company A. This is because format conversion is performed by the RSP server 7 of the domestic RSP center B.
  • the importing company D server 5 encrypts the hash value generated in step S37 with the one-time common key and stores it in the storage device (step S43).
  • the one-time common key is also encrypted using the public key of the overseas RSP center C.
  • another hash value is calculated from the hash value generated in step S37 with a predetermined hash function, and the digital signature of the import company D is generated by encrypting the hash value with the secret key of the import company D, and is stored in the storage device. It is stored (step S45).
  • the RSP server 7 of the domestic RSP center B serving the export company A is designated as the destination, and the identification code of this processing, the encrypted hash value, and the electronic signature of the import company D are obtained.
  • the data is transmitted to the RSP server 9 of the overseas RSP center C (step S47).
  • the one-time common key and the digital certificate of importing company D are also sent. Note that electronic certificates may not have been sent at this stage but may have been sent before this stage.
  • it does not specify the RSP server 7 of the domestic RSP center B as the destination, but outputs a verification request including information on the exporting company A or the company of the country of the exporting company A.
  • the configuration may be such that the RSP server 7 of the domestic RSP center B is specified.
  • the data transmitted from the importing company D server 5 to the RSP server 9 of the overseas RSP center C mainly consists of the encrypted hash value of the document data after format conversion, as shown in Fig. 7 (D).
  • the digital signature of importing company D is 432.
  • the RSP server 9 of the overseas RSP center C receives the information of the RSP server 7 of the domestic RSP center B, which is the transmission destination, the identification code of this processing, the encrypted hash value, The digital signature of the importing company D, the encrypted one-time common key, and the electronic certificate of the importing company D are received and temporarily stored in a storage device. Step S49). Here, the pair of the importing company D server 5 and the identification code is recorded. When the information of the export company A or the company of the country of the export company A is received as the verification request instead of the information of the RSP server 7 of the domestic RSP center B, the RSP server 7 of the domestic RSP center B is specified. Perform processing. Subsequent processing is shown in FIG. Shifting to Fig.
  • the RSP server 9 decrypts the encrypted one-time common key with the secret key of the overseas RS ⁇ center C, and encrypts using the decrypted one-time common key.
  • the hash value is decrypted and stored in the storage device.
  • the digital signature of the importing company D is verified (step S51). That is, another hash value is calculated from the decrypted hash value by a predetermined hash function and stored in the storage device.
  • the electronic signature of the importing company D is decrypted with the public key of the importing company D to extract the novache value and store it in the storage device. Then, it is determined whether these hash values match.
  • the warning information is output to the administrator of the RSP server 9 or the like (step S53).
  • the warning information may be transmitted to the importing company D server 5 together with the identification code to notify the manager of the importing company D of the warning information.
  • the RS @ server 9 performs a decryption on the decrypted hash value with the one-time common key, and stores the hash value in the storage device. Also, another hash value is generated from the decrypted hash value using a predetermined hash function, and the other hash value is encrypted with the secret key of the overseas RS ⁇ center C, thereby obtaining the overseas RS ⁇ center. A digital signature of C is generated and stored in the storage device (step S55). In addition, the one-time encryption key is also encrypted with the public key of the destination RS ⁇ Center ⁇ in Japan.
  • the RSP server 9 sends the identification code of this process, the hash value of the document data after format conversion, and the digital signature of the overseas RS center C to the domestic RS center that is the transmission destination. It is sent to RS @ server 7 (step S57). At this time, the encrypted one-time common key and the digital certificate of the overseas RS @ Center C are also sent. Note that electronic certificates may not have been sent at this stage, but may have been sent before this stage.
  • the data transmitted from the RSP server 9 of the overseas RSP center C to the RSP server 7 of the domestic RSP center B mainly encrypts the document data after format conversion as shown in Fig. 7 (E). a hash value 4 41, an electronic signature 44 2 overseas RSP center C.
  • the RSP server 7 of the domestic RSP center B is converted into the RSP server 9 of the overseas RSP center C, the hash value with the identification code, the digital signature of the overseas RSP center C, and the identification code.
  • the one-time common key and the electronic certificate of the overseas RSP center C are received and temporarily stored in the It device (step S59).
  • the RSP server 7 decrypts the encrypted one-time common key with the secret key of the domestic RSP center B, decrypts the encrypted hash value using the decrypted one-time common key, and stores it in the storage device. Store.
  • the digital signature of the overseas RSP center C is verified (step S61).
  • another hash value is calculated from the decrypted hash value using a predetermined hash function, and stored in the storage device.
  • the hash value is extracted by decrypting the electronic signature of the overseas RSP center C with the public key of the overseas RSP center C and stored in the storage device. Then, it is determined whether these hash values match. If they do not match, it is possible that tampering has been performed in the course of communication from the RSP server 9 at the overseas RSP center C to the RSP server 7 at the domestic RSP center B. Then, the information of the warning is output to, for example, the administrator of the RSP server 7 (step S63).
  • the warning information may be sent together with the identification code to the RSP server 9 of the overseas RSP center C to notify the administrator of the overseas RSP center C or the like. Further, the configuration may be such that the information is transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 together with the identification code, and the manager of the importing company D is notified. .
  • the RSP server 7 searches the hash / electronic certificate issue number index table with the decrypted hash value, and confirms that the electronic certificate issue number has been obtained (step S65). If the digital certificate issue number cannot be obtained from the hash 'electronic certificate issue number index table, there is a possibility that tampering has been performed or an inappropriate format conversion has been performed on any of the existing routes. Generates warning information and outputs the warning information to, for example, the administrator of the RSP server 7. Yes (step S67).
  • the warning information may be transmitted to the RSP server 9 of the overseas RSP center C together with the identification code to notify the administrator of the overseas RSP center C or the like. Further, the configuration may be such that the information is transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 together with the identification code, and the manager of the importing company D is notified.
  • the issue number of the digital certificate is encrypted with a one-time common key and stored in the storage device.
  • a hash value is generated from the issue number of the digital certificate using a predetermined hash function, and the hash value is encrypted with the secret key of the domestic RSP center B to generate an electronic signature of the domestic RSP center B. Then, it is stored in the storage device (step S69).
  • the one-time password is also encrypted with the public key of the overseas RSP center C that is the destination.
  • the RSP server 7 sends the identification code of this processing, the encrypted digital certificate issue number, and the electronic signature of the domestic RSP center B to the RSP server 9 of the overseas RSP center C of the transmission source. (Step S71). At this time, the encrypted one-time common key and the digital certificate of RSP center B in Japan are also sent. Note that digital certificates may not have been sent at this stage but may have been sent before this stage.
  • the data transmitted from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C mainly consists of the encrypted electronic certificate issue number 45 as shown in Fig. 7 (F). 1 and digital signature 452 of RSP center B in Japan.
  • the RSP server 9 of the overseas RSP center C receives the identification code, the encrypted digital certificate issue number, the electronic signature of the domestic RSP center B, and the ⁇ number from the RSP server 7 of the domestic RSP center B.
  • the one-time common key and the digital certificate of the domestic RSP center B are received and stored in the storage device (step S73).
  • Subsequent processing continues to Figure 10.
  • the RSP server 9 decrypts the decrypted one-time common key with the secret key of the overseas RSP center C, and encrypts using the decrypted one-time common key. Decrypts the digital certificate issue number and stores it in the storage device.
  • domestic RSP The verification processing of the digital signature of the center B is performed (step S75).
  • a hash value is calculated from the decrypted digital certificate issue number using a predetermined hash function, and stored in the storage device.
  • the hash value is extracted by decrypting the digital signature of domestic RSP center B with the public key of domestic RSP center B, and stored in the storage device. Then, it is determined whether these hash values match. If they do not match, there is a possibility that tampering has been performed in the course of communication from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C. Is generated, and the warning information is output to, for example, the administrator of the RSP server 9 (step S77).
  • the warning information may be transmitted to the importing company D server 5 together with the identification code to notify the manager of the importing company D of the warning information. Further, the identification code and the warning information may be transmitted to the RSP server 7 of the domestic RSP center B.
  • the RSP server 9 then encrypts the digital certificate and the line number with the one-time common key, and stores it in the storage device.
  • a hash value is generated from the digital certificate issue number using a predetermined hash function, and the hash value is encrypted with the secret key of the overseas RSP center C to generate an electronic signature of the overseas RSP center C. And stores it in the storage device (step S79).
  • the one-time encryption key is also encrypted with the public key of importing company D, which is the destination.
  • the RSP server 9 transmits the identification code of this processing, the encryption digital certificate issue number, and the electronic signature of the overseas RSP center C to the importing company D server 5 stored corresponding to the identification code. (Step S81).
  • the encrypted one-time common key and the electronic certificate of the overseas RSP center C are also transmitted. Note that electronic certificates may not have been sent at this stage but may have been sent before this stage.
  • the data transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 mainly consists of the encrypted digital certificate issue number 461 and the overseas RSP server as shown in Fig. 7 (G).
  • the electronic signature 462 of the center C is shown in Fig. 7 (G).
  • the importing company D server 5 sends the identification code, the encryption digital certificate issue number, the electronic signature of the overseas RSP center C, and the encrypted one-time common key from the RSP server 9 of the overseas RSP center C. Then, the digital certificate of the overseas RSP center C is received and temporarily stored in the storage device (step S83). And the encrypted one-time common key Is decrypted with the private key of the importing company D, the decrypted one-time common key is used, the decrypted digital certificate issue number is decrypted, and stored in the storage device. In addition, the digital signature of the overseas RSP center C is verified (step S85).
  • a hash value is calculated by a predetermined hash function from the decrypted digital certificate issue number, and stored in the storage device.
  • the hash value is extracted by decrypting the digital signature of the overseas RSP center C with the public key of the overseas RSP center C and stored in the storage device. Then, these hash values are judged to have the same power. If there is a discrepancy, there is a possibility that tampering has been performed during the communication process of the importing company D server 5 from the RSP server 9 of the overseas RSP center C, and warning information is generated. The warning information is output to the administrator of the D server 5 (step S87).
  • the import company D server 5 specifies the document data to be processed from the received identification code, and further specifies the identification information of the export company from the document data. Then, the electronic certificate list table is searched using the identification information of the export company, and the corresponding electronic certificate issue number is obtained. The importing company D server 5 compares the received and decrypted electronic certificate issue number with the electronic certificate issue number obtained from the electronic certificate list table (step S89).
  • step S35 (Fig. 8) is not based on the data generated by export company A. Is determined. Therefore, since the document data cannot be used as genuine data, for example, warning information indicating that the document data cannot be verified as data based on the export company A is generated, and the administrator of the import company A, etc. The warning information is output to the user (step S93). Warning information may be notified to overseas RSP center C or domestic RSP center B.
  • step S91 Processing using the converted document data stored in the storage device can be continued (step S91).
  • the converted document data acquired by the importing company D is obtained.
  • the encrypted document data 411 after the format conversion of (B) and the encrypted document data 4 21 after the format conversion of (C) are the same in FIG.
  • the encryption noise value 431 of the document data after the format conversion in (D) and the encryption noise value 441 of the document data after the format conversion in (E), and the encrypted digital certificate of (F) are also different data because the one-time common key is different.
  • the digital signature 412 of B in (B) and the digital signature 452 of B in (F) are also different data because the underlying hash value is different.
  • the digital signature 422 of C in (C), the digital signature 442 of C in (E), and the digital signature 462 of C in (G) are also different data because the underlying hash values are different.
  • the present invention is not limited to the above-described embodiment, and various modifications are possible. That is, in the above explanation, the verification of the exporting company A is performed using the digital certificate issue number, but the digital certificate itself may be used instead of the digital certificate issue number, Any information that can maintain uniqueness other than in the book can be used. Also, in the processing after step S47, the processing through the RSP server 9 of the overseas RSP center C has been described. May be configured to communicate directly with the RSP server 7 at the domestic RSP center B without going through the RSP server 9 at the overseas RSP center C.
  • the import company D server 5 implements if it is necessary to confirm that the converted document data is indeed data based on the export company A. What is necessary is just to perform the processing as described above.
  • the process for stopping or discarding the use of document data or document data after format conversion can be performed.
  • the method of this notification should be transmitted to the sender in order.
  • a configuration in which the importing company D or the like notifies the related servers all at once may be used.
  • the pair of the hash value and the digital certificate issue number is stored in the hash and digital certificate issue number index table has been described
  • the data generated by any function similar to the hash value may also be used in the present embodiment. Can be handled in the same way as hash values.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

In order to verify the originality of document data even when the format is converted to enable confidential communication between areas where different code formats are used, a second Hash value is calculated from second data which is generated by performing format conversion to first data, relates the Hash value to an electronic certificate issuance number, and stores them in a table. Only the second data is transmitted to a reception side and verified.

Description

明細書 データのオリジナリティ検証方法及びシステム [技術分野]  Description Original data verification method and system [Technical field]
本発明は、 データ通信技術に関し、 より詳しくはデータのオリジナリティ検証 技術に関する。  The present invention relates to data communication technology, and more particularly, to data originality verification technology.
[背景技術] [Background technology]
電子商取引においては、 取引を行う契約書等の書類データが改竄されないよう に、 書類データに対して所定のハッシュアルゴリズムが適用され、 生成されたハ ッシュ値は暗号化され電子署名が生成される。 そして、 暗号化された書類データ と共に電子署名を取引相手に送信する。 取引相手は、 書類データを複号化し、 さ らに所定のハッシュアルゴリズムを適用してハッシュ値を生成する。 また、 電子 署名も復号化してハッシュ値を復元し、 生成されたハッシュ値と比較することに より、 改竄等が行われていないことを確認することができる。 このような技術を 用いれば二社間の取引であれば問題なく処理できる。  In electronic commerce, a predetermined hash algorithm is applied to the document data so as to prevent falsification of the document data, such as a contract with which the transaction is made, and the generated hash value is encrypted to generate an electronic signature. Then, the electronic signature is transmitted to the trading partner together with the encrypted document data. The trading partner decrypts the document data and applies a predetermined hash algorithm to generate a hash value. In addition, by decrypting the electronic signature, restoring the hash value, and comparing it with the generated hash value, it can be confirmed that the electronic signature has not been tampered with. If such technology is used, transactions between two companies can be processed without problems.
しカゝし、 国際貿易業務においては、 多数の会社や各種行政機関等が関連してい る。 このような会社や行政機関同士の二社間の通信においては上で述べたような 技術を適用すればよいが、 三社以上の会社や行政機関等が関わる書類データが通 信される場合には必ずしも上で述べたような技術では十分ではない。 例えば Aか ら Bを経由して Cに書類データを送信する場合に、 Aにおいて生成された書類デ ータが、 Cのシステムゃ法制上そのままの形式では処理できな 、場合が生ずる。 この際 Bが書類データに Cのシステムゃ法制等に合わせてフォーマット変換を施 す場合があるが、 このようなフォーマット変換を施すと送信元たる Aの確証は得 られなくなってしまう。  However, in the international trade business, many companies and various administrative organizations are involved. The technology described above may be applied to such communication between two companies or administrative organizations.However, when document data involving three or more companies or administrative organizations is communicated, Is not always enough with the techniques described above. For example, when document data is transmitted from A to C via B, there is a case where the document data generated in A cannot be processed in the format as it is due to the system and legal system of C. In this case, B may perform format conversion on the document data in accordance with the system and legal system of C. However, if such a format conversion is performed, confirmation of A as the transmission source cannot be obtained.
[発明の開示] よって本発明の目的は、 書類データが途中で変更される場合であっても送信元 の確証を得られるようにするための技術を提供することである。 上記目的を達成するために、 本発明の第 1の態様に係り且つ例えば国内 R S P (Repository Service Provider) センタの R S Pサーバにより実施される情報 処理方法は、 第 1のコンピュータ (例えば輸出企業のコンピュータ) から受信さ れた第 1のデータ (例えばインボイスのデータ) に対して当該第 1のデータの送 信先 (例えば輸入企業) に対応するフォーマット変換を実施し、 第 2のデータを 生成するステップと、 第 2のデータのハッシュ値を計算し、 当該ハッシュ値と第 1のコンピュータに関連する電子証明書に関する情報とを対応付けて記憶装置 (例えばハッシュ,電子証明書発行番号索引テーブル) に格納するステップと、 第 2のデータを送信先に関連する第 2のコンピュータ (例えば海外 R S Pセンタ の R S Pサーバ) に送信する第 1送信ステップと、 第 2のコンピュータからハツ シュ値を受信した場合、 記憶装置から当該受信したハッシュ値に対応する電子証 明書に関する情報を読み出すステップと、 読み出された電子証明書に関する情報 を第 2のコンピュータに送信する第 2送信ステップとを含む。 [Disclosure of the Invention] Accordingly, it is an object of the present invention to provide a technique for obtaining confirmation of a transmission source even when document data is changed halfway. In order to achieve the above object, an information processing method according to the first aspect of the present invention and implemented by, for example, an RSP server of a domestic RSP (Repository Service Provider) center includes a first computer (for example, a computer of an export company) Performing a format conversion corresponding to a destination of the first data (for example, an importing company) on the first data (for example, data of an invoice) received from the first data to generate second data And the hash value of the second data is calculated, and the hash value is associated with the information on the electronic certificate related to the first computer and stored in a storage device (for example, a hash, an electronic certificate issue number index table). And transmitting the second data to a second computer associated with the destination (for example, an RSP server at an overseas RSP center). Reading the information about the digital certificate corresponding to the received hash value from the storage device when the hash value is received from the second computer; and reading the information about the read digital certificate from the second computer. Transmitting to a computer.
上記情報処理方法を実施する国内 R S Pセンタの R S Pサーバと輸出企業の第 1のコンピュータとの通信において、 当該輸出企業の第 1のコンピュータに関連 する電子証明書を用いて改竄等が発生していないことが確認できれば、 国内 R S Pサーバにおいて第 1のデータは真正なデータである。 ここで第 1のデータに対 応する電子証明書は、 当該輸出企業の第 1のコンピュータに関連する電子証明書 である。 また、 この第 1のデータと当該第 1のデータからフォーマット変換され る第 2のデータとの関係は一意である。 さらに、 第 2のデータと第 2のデータか ら所定のハッシュ関数を用レ、て生成されるハツシュ値との対応関係も一意である。 すなわち、 ハッシュ値に対応する電子証明書も、 輸出企業の第 1のコンピュータ に関連する電子証明書になる。 従って、 輸入企業等のコンピュータが第 2のデ一 タを受信し、 同じハッシュ関数を用いて第 2のデータからハッシュ値を生成した 場合、 国内 R S Pセンタの R S Pサーバから当該ハッシュ値に対応して得られる 電子証明書に関する情報は、 予め輸入企業等が保持している、 輸出企業と考えら れる者の電子証明書に関する情報と同じになるはずである。 同じであれば輸入企 業等は、 特定された輸出企業からのデータとして第 2のデータを用いて処理を行 つても問題はない。 もし、 同じでなければ、 第 2のデータに対応する輸出企業を 適正に特定できず、 改竄その他の問題が発生したことを認識することができる。 なお、 本発明の第 1の態様においては、 受信したハッシュ値に対応する電子証 明書に関する情報を記憶装置から取得できない場合、 警告のための情報を生成す るステップをさらに含むような構成であってもよい。 何らかの問題が発生してお り、 オペレータや第 1又は第 2若しくは第 1及び第 2のコンピュータ等に通知す る必要があるためである。 In the communication between the RSP server of the domestic RSP center that implements the above information processing method and the first computer of the exporting company, no tampering has occurred using the digital certificate related to the first computer of the exporting company If this is confirmed, the first data in the domestic RSP server is genuine data. Here, the digital certificate corresponding to the first data is a digital certificate related to the first computer of the export company. Also, the relationship between the first data and the second data that is format-converted from the first data is unique. Furthermore, the correspondence between the second data and the hash value generated by using a predetermined hash function from the second data is also unique. In other words, the digital certificate corresponding to the hash value is also the digital certificate associated with the export company's first computer. Therefore, if the computer of the importing company receives the second data and generates a hash value from the second data using the same hash function, the RSP server at the domestic RSP center will respond to the hash value. The information on the digital certificate obtained is considered to be an export company that is held in advance by the import company, etc. It should be the same as the information about the person's digital certificate. If it is the same, there is no problem if the importing company etc. processes the data using the second data as the data from the specified exporting company. If they are not the same, the exporter corresponding to the second data cannot be properly identified, and it can be recognized that tampering or other problems have occurred. Note that, in the first aspect of the present invention, when information about the digital certificate corresponding to the received hash value cannot be obtained from the storage device, the configuration further includes a step of generating information for warning. There may be. This is because some problem has occurred and it is necessary to notify the operator or the first or second or first and second computers.
なお、 上で述べた電子証明書に関する情報は、 電子証明書の識別情報 (例えば シリアル番号) である場合もある。 この情報であれば電子証明書発行元が 1つで あれば重複することはない。 本発明の第 2の態様に係り、 例えば輸入企業等のコンピュータにより実施され る情報処理方法は、 他のコンピュータ (例えば海外 R S Pセンタの R S Pサー バ) 力 ら受信したデータに対してハッシュ値を計算し、 記憶装置に格納するステ ップと、 上記ハッシュ値を他のコンピュータに送信する送信ステップと、 他のコ ンピュータからハッシュ値に対応する電子証明書に関する情報を受信した場合、 当該電子証明書に関する情報を記憶装置に格納するステップと、 受信した電子証 明書に関する情報とデータの生成元 (例えば輸出企業) の電子証明書に関する情 報と比較する比較ステツプとを含む。  The information on the digital certificate described above may be identification information (for example, a serial number) of the digital certificate. With this information, there is no duplication if there is only one digital certificate issuer. According to the second aspect of the present invention, for example, an information processing method implemented by a computer of an importing company or the like calculates a hash value for data received from another computer (for example, an RSP server of an overseas RSP center). Transmitting the hash value to another computer; and receiving information about the digital certificate corresponding to the hash value from the other computer, when the information is received from the other computer. Storing information about the received digital certificate in a storage device, and comparing the received information about the digital certificate with the information about the digital certificate of the data generator (eg, an export company).
このようにすれば例えば輸入企業等のコンピュータでは、 他のコンピュータと の間で改竄等が行われていないかといつた事項だけでなく、 受信されたデータが その生成元が生成したデータそのものでなくとも、 当該受信されたデータの生成 元によるデータであることを検証することができるようになる。  In this way, for example, in a computer of an importing company or the like, the received data is not the same as the data generated by the source of the data, as well as the fact that the computer has not been tampered with another computer. In both cases, it is possible to verify that the data is generated by the source of the received data.
なお、 本発明の第 2の態様においては、 受信した電子証明書に関する情報とデ ータの生成元の電子証明書に関する情報とが不一致である場合、 警告のための情 報を生成するステップをさらに含むような場合もある。 他のコンピュータから受 信したデータをそのまま使用することができないためである。 また、 上で述べた比較ステップにおいて、 上記データの生成元の電子証明書に 関する情報を、 上記データから特定される生成元の情報を用いて、 予め用意され た電子証明書に関する情報と当該電子証明書の所有者との対応テーブルを検索し て、 取得するステップを含むような構成であってもよい。 Note that, in the second aspect of the present invention, when the information on the received electronic certificate and the information on the electronic certificate from which the data is generated do not match, the step of generating information for warning is performed. In some cases, it further includes. This is because data received from another computer cannot be used as it is. Further, in the comparison step described above, information on the electronic certificate of the generator of the data is obtained by using information of the generator identified from the data and information on the electronic certificate prepared in advance. It may be configured to include a step of searching and acquiring a correspondence table with the certificate owner.
なお、 上で述べた電子証明書に関する情報が、 電子証明書の識別情報 (例えば シリアル番号) である場合もある。  Note that the information on the digital certificate described above may be identification information (for example, a serial number) of the digital certificate.
なお、 本発明の第 1及び 2の態様に係る情報処理方法をコンピュータに実行さ せるためのプログラムを作成することも可能であって、 当該プログラムは、 例え ばフロッピー 'ディスク、 CD— ROM、 光磁気ディスク、 半導体メモリ、 ハー ドディスク等の記憶媒体又は記憶装置に格納される。 また、 インターネットなど のネットワークを介して配布される場合もある。 なお、 処理途中のデータについ ては、 コンピュータのメモリに一時保管される。  Note that it is also possible to create a program for causing a computer to execute the information processing methods according to the first and second aspects of the present invention. The program may be, for example, a floppy disk, CD-ROM, optical disk, or the like. It is stored in a storage medium or storage device such as a magnetic disk, a semiconductor memory, and a hard disk. It may also be distributed via networks such as the Internet. The data being processed is temporarily stored in the computer memory.
[図面の簡単な説明] [Brief description of drawings]
第 1図は、 本発明の一実施例に係るシステム概要を示す図である。  FIG. 1 is a diagram showing an outline of a system according to an embodiment of the present invention.
第 2図は、 フォーマツト変換プログラム格納部に格納されるデータの一例を示 す図である。  FIG. 2 is a diagram showing an example of data stored in a format conversion program storage unit.
第 3図は、 ハッシュ ·電子証明書発行番号索引テーブルの一例を示す図である。 第 4図は、 電子証明書一覧テーブルの一例を示す図である。  FIG. 3 is a diagram showing an example of a hash / electronic certificate issue number index table. FIG. 4 is a diagram showing an example of a digital certificate list table.
第 5図は、 電子署名及び暗号化方式を示す図である。  FIG. 5 is a diagram showing an electronic signature and an encryption method.
第 6図は、 本発明の一実施例に係る処理フローの第 1の部分を示す図である。 第 7図において、 (A) は輸出企業 Aサーバから国内 RS Pセンタ Bの RS P サーバへ送信される主なデータの模式図であり、 (B) は国内 RSPセンタ Bの RS Pサーバから海外 RS Pセンタ Cの RS Pサーバへ送信される主なデータの 模式図であり、 (C) は海外 RSPセンタ Cの RSPサーバから輸入企業 Dサー バへ送信される主なデータの模式図であり、 (D) は輸入企業 Dサーバから海外 R S Pセンタ Cの R S Pサーバ 9へ送信される主なデータの模式図であり、 FIG. 6 is a diagram showing a first part of a processing flow according to one embodiment of the present invention. In Fig. 7, (A) is a schematic diagram of the main data transmitted from the exporting company A server to the RSP server of the domestic RSP center B, and (B) is a schematic diagram of the main data transmitted from the RSP server of the domestic RSP center B to the overseas. It is a schematic diagram of the main data transmitted to the RSP server of the RSP center C, and (C) is a schematic diagram of the main data transmitted from the RSP server of the overseas RSP center C to the importing company D server. (D) is a schematic diagram of the main data transmitted from the importing company D server to the RSP server 9 of the overseas RSP center C,
(E) は海外 R SPセンタ Cの RS Pサーバから国内 R S Pセンタ Bの R S Pサ ーバへ送信される主なデータの模式図であり、 (F) は国内 RSPセンタ Bの R S Pサーバから海外 R S Pセンタ Cの R S Pサーバへ送信される主なデータの模 式図であり、 (G) は海外 R S Pセンタ Cの R S Pサーバから輸入企業 Dサーバ へ送信される主なデータの模式図である。 (E) is a schematic diagram of the main data sent from the RSP server of the overseas RSP center C to the RSP server of the domestic RSP center B, and (F) is the R diagram of the domestic RSP center B. It is a schematic diagram of the main data transmitted from the SP server to the RSP server of the overseas RSP center C. (G) is a schematic diagram of the main data transmitted from the RSP server of the overseas RSP center C to the importing company D server. It is.
第 8図は、 本発明の一実施例に係る処理フ口一の第 2の部分を示す図である。 第 9図は、 本発明の一実施例に係る処理フローの第 3の部分を示す図である。 第 1 0図は、 本発明の一実施例に係る処理フローの第 4の部分を示す図である。  FIG. 8 is a diagram showing a second part of the processing port according to one embodiment of the present invention. FIG. 9 is a diagram showing a third part of the processing flow according to one embodiment of the present invention. FIG. 10 is a diagram showing a fourth part of the processing flow according to the embodiment of the present invention.
[本発明を実施するための最良の形態] [Best mode for carrying out the present invention]
本発明の実施例に係るシステム概要図を第 1図に示す。 本実施例は、 本発明を 貿易 E D I (Electric Data Interchange) システムに適用した場合の例である。 ここでは、 企業 Aから企業 Dに書類データを送信する必要があるが、 例えば企業 Aの属する国の法制等に従った書類データを企業 Dの属する国の法制等に従った 書類データに変換しなければならない場合を想定する。  FIG. 1 shows a schematic diagram of a system according to an embodiment of the present invention. This embodiment is an example in which the present invention is applied to a trade EDI (Electric Data Interchange) system. Here, it is necessary to transmit the document data from Company A to Company D.For example, the document data according to the laws and regulations of the country to which Company A belongs is converted into the document data according to the laws and regulations of the country to which Company D belongs. Suppose you have to.
コンピュータ ·ネッ トワークであるインターネット 1には、 例えばインボイス 等の書類データの送信元である輸出企業 Aが管理■運用している輸出企業 Aサー ノく 3と、 輸出企業 Aと同じ国の企業に対してサービスを実施し且つ例えば書類デ ータのフォーマット変換や書類データの蓄積サービスなどを提供するための国内 R S Pセンタ Bの R S Pサーバ 7と、 輸入企業 Dと同じ国の企業に対してサービ スを実施し且つ例えば書類データの蓄積サービスなどを提供するための海外 R S Pセンタ Cの R S Pサーバ 9と、 例えば書類データの送信先である輸入企業 Dが 管理'運営している輸入企業 Dサーバ 5とが接続されている。 なお、 企業のサー バは 2つだけでなく多数インターネット 1に接続されている。 また、 R S Pサー バも各国 1つだけでなく複数存在している場合もある。  For example, on the Internet 1 that is a computer network, there are two export companies A and 3 that are managed and operated by the export company A, which is the source of document data such as invoices, and companies in the same country as the export company A. RSP server 7 at RSP center B in Japan to provide services for, and provide, for example, document data format conversion and document data storage services, and services to companies in the same country as importing company D. RSP server 9 at an overseas RSP center C for implementing the application and providing, for example, document data storage services, and an import company D server 5 managed and operated by, for example, the import company D to which the document data is sent. And are connected. Many corporate servers are connected to the Internet1 instead of two. In addition, there may be more than one RSP server, not just one in each country.
なお、 輸出と輸入の関係は逆転する場合もあり、 輸出企業 Aも輸入の場合には 書類データの送信先であり、 輸入企業 Bも輸出の場合には書類データの送信元と なる。 またその場合には、 海外 R S Pセンタ Cの R S Pサーバ 9は書類データの フォーマツト変換や書類データの蓄積サービスなどを実施し、 国内 R S Pセンタ Bの R S Pサーバ 7は書類データのフォーマツト変換を行わず、 書類データの蓄 積サービスなどを実施する。 書類データの蓄積サービスは、 例えば輸出入貨物の 権利の移転を記録するサービス等を含む。 また、 輸入企業 Dサーバ 5は、 輸入企 業だけでなく、 例えば海外税関等により管理 ·運営されている場合もある。 In some cases, the relationship between export and import is reversed. Export company A is also the destination of document data for import, and import company B is also the source of document data for export. In that case, the RSP server 9 of the overseas RSP center C performs the format conversion of the document data and the storage service of the document data, and the RSP server 7 of the domestic RSP center B does not perform the format conversion of the document data. Implement data storage services. Document data storage services include, for example, Includes services for recording the transfer of rights. The importing company D server 5 may be managed and operated not only by the importing company but also by, for example, overseas customs.
輸出企業 Aサーバ 3は、 例えば L A N (Local Area Network) 3 aを介して 1 又は複数のユーザ端末 3 bに接続している。 なお、 L ANではなく、 インターネ ット等の他のネットワークを経由するような構成であってもよい。 輸出企業 Aの 社員はユーザ端末 3 bを操作して、 書類データの送信などを輸出企業 Aサーバ 3 に指示する。 同様に、 輸入企業 Dサーバ 5は、 例えば L AN 5 aを介して 1又は 複数のユーザ端末 5 bに接続している。 なお、 L ANではなく、 インターネット 等の他のネットワークを経由するような構成であってもよい。 輸入企業 Dの社員 はユーザ端末 5 bを操作して、 書類データの受信などを輸入企業 Dサーバ 5に指 示する。 なお、 輸出企業 Aサーバ 3又は輸入企業 Dサーバ 5とユーザ端末間は S S L (Secure Socket Layer Protocol) 方式で暗号化している場合もある。 また、 本実施例では、 ユーザ端末による処理については説明を省略する。  The export company A server 3 is connected to one or more user terminals 3b via, for example, a LAN (Local Area Network) 3a. It should be noted that the configuration may be such that the communication is performed via another network such as the Internet instead of the LAN. The employee of the exporting company A operates the user terminal 3b to instruct the exporting company A server 3 to transmit document data and the like. Similarly, the importing company D server 5 is connected to one or more user terminals 5b via, for example, a LAN 5a. It should be noted that the configuration may be such that the communication is performed via another network such as the Internet instead of the LAN. The employee of the importing company D operates the user terminal 5b to instruct the importing company D server 5 to receive document data and the like. Note that the export company A server 3 or the import company D server 5 and the user terminal may be encrypted using SSL (Secure Socket Layer Protocol). In the present embodiment, the description of the processing by the user terminal is omitted.
国内 R S Pセンタ Bの R S Pサーバ 7は、 送信元からの要求に基づき送信先に 合わせて書類データのフォーマツトなどを変換するためのフォーマツト変換プロ グラムを格納するフォーマツト変換プログラム格納部 7 1と、 受信した書類デー タ等を蓄積するための書類データ格納部 7 5と、 フォーマツト変換後の書類デー タのハッシュ値と送信元の電子証明書の識別情報 (例えば発行番号 (シリアル番 号) ) の対応関係を格納するハッシュ ·電子証明書発行番号索引テーブル格納部 7 3を管理している。 なお、 図示していないが、 関係各社及び各機関の電子証明 書の情報を記憶装置に保持している。  The RSP server 7 of the domestic RSP center B stores a format conversion program storage unit 71 that stores a format conversion program for converting the format of document data according to the destination based on the request from the source. Correspondence between the document data storage unit 75 for storing document data, etc., and the hash value of the format-converted document data and the identification information (eg, issue number (serial number)) of the sender's digital certificate The digital certificate issue number index table storage unit 73 is managed. Although not shown, the information of the electronic certificates of the related companies and organizations is stored in the storage device.
海外 R S Pセンタ Cの R S Pサーバ 9は、 送信元からの要求に基づき送信先に 合わせて書類データのフォーマツトなどを変換するためのフォーマツト変換プロ グラムを格納するフォーマツト変換プログラム格納部 9 1と、 受信した書類デー タ等を蓄積するための書類データ格納部 9 5と、 フォーマツト変換後の書類デー タのハッシュ値と送信元の電子証明書の識別情報 (例えば発行番号 (シリアノレ番 号) ) の対応関係を格納するハッシュ ·電子証明書発行番号索引テーブル格納部 9 3を管理している。 但し、 以下の説明では、 海外 R S Pセンタ Cの R S Pサー バ 9がフォーマツト変換を実施しない場合のみ説明するので、 フォーマツト変換 プログラム格納部 9 1とハッシュ ·電子証明書発行番号索引テーブル格納部 9 3 とは用いられない。 The RSP server 9 of the overseas RSP center C receives a format conversion program storage unit 91 that stores a format conversion program for converting the format of document data and the like according to the destination based on a request from the source. Correspondence relationship between the document data storage unit 95 for storing document data, etc., and the hash value of the format-converted document data and the identification information (eg, issue number (serial number)) of the sender's digital certificate The digital certificate issuance number index table storage unit 93 is managed. However, in the following description, only the case where the RSP server 9 of the overseas RSP center C does not perform format conversion will be described. The program storage section 91 and the hash · digital certificate issue number index table storage section 93 are not used.
また、 輸出企業 Aサーバ 3は、 各企業又は R S Pセンタの電子証明書のデータ を格納する電子証明書デ'ータ格納部 3 1を管理している。 輸入企業 Dサーバ 5も、 各企業又は R S Pセンタの電子証明書データを格納する電子証明書データ格納部 5 1を管理している。 次に、 国内 R S Pセンタ Bの R S Pサーバ 7又は海外 R S Pセンタ Cの R S P サーバ 9のフォーマツト変換プログラム格納部 7 1又は 9 1に格納されるデータ の一例を第 2図に示す。 第 2図の例では、 送信先国名の欄 2 0 1と、 フォーマツ ト変換プログラムの名称の欄 2 0 3とが設けられている。 例えば送信先の国がァ メリ力であれば、 U S A. e X eという名称のフォーマット変換プログラムを使 用する。 また、 送信先の国が 本であれば J P N. e X eというフォーマット変 換プログラムを使用する。 さらに、 送信先の国が英国であれば U K. e X eとい うフォーマット変換プログラムを使用する。  The export company A server 3 manages an electronic certificate data storage unit 31 for storing electronic certificate data of each company or the RSP center. The importing company D server 5 also manages an electronic certificate data storage unit 51 that stores the electronic certificate data of each company or the RSP center. Next, FIG. 2 shows an example of data stored in the format conversion program storage section 71 or 91 of the RSP server 7 of the domestic RSP center B or the RSP server 9 of the overseas RSP center C. In the example of FIG. 2, a column 201 of the destination country name and a column 203 of the name of the format conversion program are provided. For example, if the destination country is American, use a format conversion program named USA.eXe. If the destination country is a book, use a format conversion program called JPN.eXe. If the destination country is the United Kingdom, use a format conversion program called U K. eX e.
また、 国内 R S Pセンタ Bの R S Pサーバ 7又は海外 R S Pセンタ Cの R S P サーバ 9のハッシュ ·電子証明書発行番号索引テーブル格納部 7 3又は 9 3に格 納されるテーブルの一例を第 3図に示す。 第 3図の例では、 フォーマット変換後 の書類データから算出したハッシュ値の欄 2 1 1と、 対応する電子証明書発行番 号の欄 2 1 2とが含まれる。 例えば、 特定の書類データが輸出企業 Aサーバ 3か ら送信された場合には、 送信先に対応するフォーマツト変換後の特定の書類デー タのハッシュ直と、 輸出企業 Αサーバ 3が使用した電子証明書の発行番号とが対 応して記録される。  Fig. 3 shows an example of a table stored in the hash table of the RSP server 7 of the domestic RSP center B or the RSP server 9 of the overseas RSP center C . In the example of FIG. 3, a column 211 of a hash value calculated from the document data after format conversion and a column 211 of a corresponding digital certificate issue number are included. For example, when specific document data is sent from the export company A server 3, the hash of the specific document data after format conversion corresponding to the destination and the digital certificate used by the export company Α server 3 The issue number of the certificate is recorded correspondingly.
さらに、 輸出企業 Aサーバ 3又は輸入企業 Dサーバ 5の電子証明書データ格納 部 3 1又は 5 1に格納される電子証明書一覧テーブルの一例を第 4図に示す。 第 4図では、 電子証明書発行番号の欄 2 2 1と、 電子証明書の所有者情報の欄 2 2 2とが含まれる。 輸出企業 Aサーバ 3又は輸入企業 Dサーバ 5は、 予め又は処理 の直前に関係各社又は各機関の電子証明書を取得し、 電子証明書データ格納部 3 1又は 5 1に格納する。 以下第 1図に示したシステムの処理フローを説明するが、 その前に 2つのコン ピュータ間で暗号化してデータを送信する際の処理について第 5図を用いて説明 しておく。 送信元コンピュータ 3 0 1から送信先コンピュータ 3 0 3にオリジナ ル平文データ 3 1 1を暗号化して送信する場合には、 送信元コンピュータ 3 0 1 は、 オリジナル平文データ 3 1 1に対してワンタイム共通鍵 3 2 5を用いてデー タ暗号化処理 3 2 3を実施し、 暗号化データ 3 4 5を生成する。 データ暗号化処 理 3 2 3には、 例えばトリプル D E S (Data Encryption Standard) を用いる。 また、 オリジナル平文データ 3 1 1に対して例えばハッシュ関数 S HA— 1を用 いたハッシュアルゴリズム 3 1 3を適用し、 オリジナルのハッシュ値 3 1 9を生 成する。 そしてオリジナルのハッシュ値 3 1 9を、 送信元の秘密键 3 1 7を用い て例えば R S A暗号化処理 3 2 1を実施し、 電子署名 3 4 1を生成する。 また、 ワンタイム共通鍵 3 2 5に対して、 送信先の公開鍵証明書 3 2 9から得られる送 信先の公開鍵 3 3 1を用いて例えば R S A暗号化処理 3 2 7を実施し、 暗号化さ れたワンタイム共通鍵 3 4 7を生成する。 このように生成した電子署名 3 4 1と 暗号化データ 3 4 5と暗号化されたワンタイム共通鍵 3 4 7を送信元の公開鍵証 明書 3 1 5と共に、 例えば H T T P (Hyper Text Transfer Protocol) に従って 送信先コンピュータ 3 0 3に送信する。 FIG. 4 shows an example of a digital certificate list table stored in the digital certificate data storage unit 31 or 51 of the export company A server 3 or the import company D server 5. In FIG. 4, a column 222 of the digital certificate issue number and a column 222 of the owner information of the digital certificate are included. The exporting company A server 3 or the importing company D server 5 obtains the digital certificate of each related company or institution in advance or immediately before processing, and stores it in the digital certificate data storage unit 31 or 51. The process flow of the system shown in FIG. 1 will be described below. Before that, the process of transmitting data after encryption between two computers will be described with reference to FIG. When transmitting the original plaintext data 311 from the source computer 301 to the destination computer 303 after encrypting it, the source computer 301 sends one-time data to the original plaintext data 3111. The data encryption process 3 2 3 is performed using the common key 3 2 5 to generate encrypted data 3 4 5. For example, triple DES (Data Encryption Standard) is used for the data encryption process 232. Also, for example, a hash algorithm 313 using a hash function SHA-1 is applied to the original plaintext data 311 to generate an original hash value 319. Then, for example, an RSA encryption process 3 21 is performed on the original hash value 3 19 using the source secret 3 11 to generate a digital signature 3 41. Also, for example, RSA encryption processing 3 27 is performed on the one-time common key 3 2 5 using the transmission destination public key 3 31 obtained from the transmission destination public key certificate 3 29, Generate an encrypted one-time common key 347. The digital signature 3 4 1 thus generated, the encrypted data 3 4 5 and the encrypted one-time common key 3 4 7 together with the sender's public key certificate 3 15 together with the HTTP (Hyper Text Transfer Protocol) ) And send it to the destination computer 303.
送信先コンピュータ 3 0 3は、 電子署名 3 4 1及び送信元の公開鍵証明書 3 1 5を受信すると、 当該送信元の公開鍵証明書 3 1 5から送信元の公開鍵 3 5 5を 取り出し、 電子署名 3 4 1に対して R S A復号処理 3 5 1を実施し、 オリジナノレ のハッシュ値 3 5 3を生成する。 また、 暗号化データ 3 4 5及び暗号化されたヮ ンタイム共通鍵 3 4 7を受信すると、 当該喑号ィ匕されたワンタイム共通鍵 3 4 7 に対して送信先の秘密鍵 3 6 3を用いて R S A復号処理 3 5 9を実施し、 ワンタ ィム共通鍵 3 6 1を復元する。 このワンタイム共通鍵 3 6 1を用いて喑号ィヒデ一 タ 3 4 5に対してデータ複号化処理 3 5 7を実施し、 受信した平文データ 3 6 7 を生成する。 なお、 送信先コンピュータ 3 0 3には送信先の公開鍵証明書 3 2 9 が保持されており、 必要に応じて送信元に送信されるようになっている。 受信し た平文データ 3 6 7には、 送信元で実施したのと同じハッシュアルゴリズム 3 6 9を適用するとハッシュ値 3 7 1が生成される。 そして、 オリジナルのハッシュ 値 3 5 3とハッシュ値 3 7 1とに対する比較処理 3 7 3により、 受信した平文デ ータがオリジナル平文 3 1 1から改竄等が行われていないかが確認できる。 すな わち、 オリジナルのハッシュ値 3 5 3とハッシュ値 3 7 1がー致していれば当該 データは公開鍵証明書 3 2 9の所有者から送信されたデータであり、 改竄は行わ れていないと判断することができ、 また一致しなければ改竄等が行われた可能性 がある。 もし改竄等が行われていなければ、 受信した平文データを後の処理に利 用することができる。 以上の処理を前提として、 本実施例の処理を第 6図を用いて説明する。 輸出企 業 Aサーバ 3又はそのユーザ端末 3 bは、 輸入企業 Dへ送信すべき書類データを 生成する (ステップ S 1 ) 。 ユーザ端末 3 bが書類データを生成した場合には、 当該書類データはユーザ端末 3 bから輸出企業 Aサーバ 3に送信される。 輸出企 業 Aサーバ 3は、 生成された書類データをワンタイム共通鍵にて暗号化すると共 に、 書類データから所定のハッシュ関数 (例えば MD 5など) によりハッシュ値 を計算し、 当該ハッシュ値を輸出企業 Aの秘密鍵で喑号ィ匕することにより輸出企 業 Aの電子署名を生成し、 記憶装置に格納する (ステップ S 3 ) 。 なお、 ワンタ ィム共通鍵も国内 R S Pセンタ Bの公開鍵で喑号ィ匕し、 記憶装置に格納する。 そ して、 輸出企業 Aサーバ 3は、 輸入企業 Dを送信先として指定し、 暗号化された 書類データ及び輸出企業 Aの電子署名を、 国内 R S Pセンタ Bの R S Pサーバ 7 に送信する (ステップ S 5 ) 。 この際、 暗号化されたワンタイム共通鍵及び輸出 企業 Aの電子証明書も送信される。 なお、 電子証明書についてはこの段階ではな く、 この段階より前に送信されている場合もある。 Upon receiving the electronic signature 3 41 and the sender's public key certificate 3 15, the destination computer 303 extracts the sender's public key 3 55 from the sender's public key certificate 3 15. The RSA decryption processing 35 1 is performed on the electronic signature 3 41 to generate a hash value 3 53 of the original signature. Also, upon receiving the encrypted data 345 and the encrypted one-time common key 347, the private key 363 of the transmission destination is transmitted to the one-time common key 347, which has been encrypted. The RSA decryption process 359 is performed by using this, and the one-time common key 361 is restored. Using this one-time common key 361, the data decryption processing 357 is performed on the 喑 -code highlighter 345 to generate the received plaintext data 366. The destination computer 303 holds the public key certificate 329 of the destination, which is transmitted to the source as needed. The received plaintext data 36 7 contains the same hash algorithm 36 6 Applying 9 produces a hash value of 3 7 1 By comparing the original hash value 353 with the hash value 371, it is possible to confirm whether or not the received plaintext data has been altered from the original plaintext 311. That is, if the original hash value 3 5 3 and the hash value 3 7 1 match, the data is data transmitted from the owner of the public key certificate 3 29, and the data has not been tampered with. It can be determined that there is no such information. If tampering has not been performed, the received plaintext data can be used for subsequent processing. Assuming the above processing, the processing of this embodiment will be described with reference to FIG. The export company A server 3 or its user terminal 3b generates document data to be transmitted to the import company D (step S1). When the user terminal 3b generates the document data, the document data is transmitted from the user terminal 3b to the export company A server 3. Exporting company A server 3 encrypts the generated document data with a one-time common key, calculates a hash value from the document data using a predetermined hash function (for example, MD5), and calculates the hash value. The digital signature of the export company A is generated by performing the 喑 sign with the secret key of the export company A and stored in the storage device (step S3). In addition, the one-time common key is also encrypted with the public key of the domestic RSP center B and stored in the storage device. Then, the export company A server 3 designates the import company D as a destination, and sends the encrypted document data and the electronic signature of the export company A to the RSP server 7 of the domestic RSP center B (step S). Five ) . At this time, the encrypted one-time common key and the export company A's digital certificate are also sent. Note that electronic certificates may not have been sent at this stage, but may have been sent before this stage.
輸出企業 Aサーバ 3から国内 R S Pセンタ Bの R S Pサーバ 7に送信されるデ ータは、 主に第 7図 (A) に示すように、 暗号ィヒされた書類データ 4 0 1と、 輸 出企業 Aの電子署名 4 0 2である。 国内 R S Pセンタ Bの R S Pサーバ 7は、 輸出企業 Aサーバ 3から、 送信先の 指定として輸入企業 Dの情報と、 喑号ィ匕された書類データと、 輸出企業 Aの電子 署名と、 暗号化されたワンタイム共通鍵と、 輸出企業 Aの電子証明書とを受信し、 一旦記憶装置に格納する (ステップ S 7) 。 そして、 暗号化されたワンタイム共 通鍵を国内 RSPセンタ Bの秘密鍵で復号し、 当該復号化されたワンタイム共通 鍵を用いて喑号ィ匕された書類データを復号し、 書類データ格納部 75に格納する。 また、 輸出企業 Aの電子署名の検証処理を実施する (ステップ S 9) 。 すなわち、 復号ィヒされた書類データから所定のハッシュ関数でハッシュ値を計算し、 記憶装 置に格納する。 一方、 輸出企業 Aの電子署名を輸出企業 Aの公開鍵で復号するこ とによりハッシュ値を抽出し、 記憶装置に格納する。 そして、 これらのハッシュ 値が一致するか判断する。 もし、 不一致である場合には、 輸出企業 Aサーバ 3か ら国内 RSPセンタ Bの RSPサーバ Ίの通信の過程で改竄等が行われた可能性 があるので、 改竄等についての警告の情報を生成し、 例えば RSPサーバ 7の管 理者等に当該警告の情報を出力する (ステップ S 1 1) 。 The data transmitted from the exporting company A server 3 to the RSP server 7 at the domestic RSP center B mainly consists of encrypted document data 401 and export, as shown in Fig. 7 (A). The electronic signature of Company A is 402. The RSP server 7 of the domestic RSP center B sends the information of the importing company D as the designation of the destination from the exporting company A server 3, The signature, the encrypted one-time common key, and the digital certificate of the export company A are received and temporarily stored in the storage device (step S7). Then, the encrypted one-time common key is decrypted with the secret key of RSP Center B in Japan, and the decrypted document data is decrypted using the decrypted one-time common key, and the document data is stored. Store in part 75. In addition, the electronic signature of the export company A is verified (step S9). That is, a hash value is calculated from the decrypted document data using a predetermined hash function and stored in the storage device. On the other hand, the hash value is extracted by decrypting the digital signature of the export company A with the export company A's public key, and stored in the storage device. Then, it is determined whether these hash values match. If there is a discrepancy, there is a possibility that the export company A server 3 has been tampered with in the course of communication with the RSP server の of the domestic RSP center B, so warning information about tampering is generated. Then, the warning information is output to, for example, the administrator of the RSP server 7 (step S11).
一方、 両ハッシュ値が一致する場合には、 真正な書類データを輸出企業 Aサー バ 3から受け取ることができたことになり、 以下の処理を実施することができる。 すなわち、 RSPサーバ 7は、 送信先である輸入企業 Dに合わせたフォーマット 変換プログラムをフォーマツト変換プログラム格納部 71から読み出し、 当該フ ォーマツト変換プログラムにより復号ィ匕した書類データに対してフォーマツト変 換処理を施し、 その結果を記憶装置又は書類データ格納部 75に格納する (ステ ップ S 1 3) 。 また、 フォーマット変換後の書類データから所定のハッシュ関数 でハッシュ値を計算し、 記憶装置に格納する (ステップ S 15) 。 そして、 フォ 一マット変換後の書類データのハッシュ値と輸出企業 Aの電子証明書の発行番号 (シリアル番号) の対をハッシュ■電子証明書発行番号索引テーブル格納部 73 のハッシュ ·電子証明書発行番号索引テーブルに登録する (ステップ S 17) 。 このハッシュ '電子証明書発行番号索引テーブルへの登録にて、 後に輸入企業 D が本当に輸出企業 Aからの書類データを受信したかを確認することができるよう になる。  On the other hand, if the hash values match, it means that the authentic document data has been received from the exporting company A server 3, and the following processing can be performed. That is, the RSP server 7 reads the format conversion program adapted to the importing company D as the transmission destination from the format conversion program storage unit 71, and performs the format conversion process on the document data decrypted by the format conversion program. Then, the result is stored in the storage device or the document data storage unit 75 (step S13). In addition, a hash value is calculated by a predetermined hash function from the format-converted document data and stored in the storage device (step S15). Then, a pair of the hash value of the document data after the format conversion and the issue number (serial number) of the digital certificate of the export company A is hashed. ■ Hash of the digital certificate issue number index table storage unit 73. Register in the number index table (step S17). By registering in the hash 'digital certificate issue number index table, it will be possible to confirm later that importing company D really received the document data from exporting company A.
また、 RSPサーバ 7は、 フォーマット変換後の書類データのハッシュ を国 内 RS Pセンタ Bの秘密鍵により喑号ィ匕して国内 RSPセンタ Bの電子署名を生 成し、 フォーマット変換後の書類データをワンタイム共通鍵で暗号ィ匕し、 記憶装 置に格納する (ステップ S I 9) 。 なお、 ワンタイム共通鍵も、 送信先である輸 入企業 Dのための海外 RS Pセンタ Cの公開鍵で暗号ィ匕される。 そして、 送信先 として輸入企業 Dを指定し、 フォーマット変換後の暗号化書類データと、 国内 R S Pセンタ Bの電子署名とを、 送信先である輸入企業 Dのための海外 RS Pセン タ Cの RS Pサーバ 9に送信する (ステップ S 21) 。 この際、 暗号化されたヮ ンタイム共通鍵及び国内 R S Pセンタ Bの電子証明書も送信される。 なお、 電子 証明書についてはこの段階ではなく、 この段階より前に送信されている場合もあ る。 The RSP server 7 generates a digital signature of the domestic RSP center B by converting the hash of the converted document data with the secret key of the domestic RSP center B to generate the digital signature of the domestic RSP center B. With a one-time common key (Step SI 9). The one-time common key is also encrypted with the public key of the overseas RSP center C for the importing company D as the transmission destination. Then, the import company D is specified as the destination, and the encrypted document data after the format conversion and the electronic signature of the domestic RSP center B are sent to the overseas RSP center C for the import company D as the destination. The data is transmitted to the P server 9 (step S21). At this time, the encrypted one-time common key and the digital certificate of the domestic RSP center B are also transmitted. Note that digital certificates may not have been sent at this stage but may have been sent before this stage.
国内 R S Pセンタ Bの R S Pサーバ 7から海外 R SPセンタ Cの RS Pサーバ 9に送信されるデータは、 主に第 7図 (B) に示すように、 フォーマット変換後 の暗号化書類データ 41 1と、 国内 RSPセンタ Bの電子署名 412である。 処理は第 6図から第 8図へと移行する。 海外 RS Pセンタ Cの RS Pサーバ 9 は、 国内 RSPセンタ Bの RSPサーバ 7から、 送信先の指定として輸入企業 D の情報と、 フォーマッ ト変換後の暗号化書類データと、 国内 RSPセンタ Bの電 子署名と、 暗号化されたワンタイム共通鍵と、 国内 RS Pセンタ Bの電子証明書 とを受信し、 一旦記憶装置に格納する (ステップ S 23) 。 そして、 暗号化され たワンタイム共通鍵を海外 R S Pセンタ Cの秘密鍵で復号し、 当該複号化された ワンタイム共通鍵を用いてフォーマツト変換後の暗号化書類データを復号し、 書 類データ格納部 95に格納する。 また、 国内 RS Pセンタ Bの電子署名の検証処 理を実施する (ステップ S 25) 。 すなわち、 フォーマット変換後の書類データ 力 ら所定のハッシュ関数でハッシュ値を計算し、 記憶装置に格納する。 一方、 国 内 RS Pセンタ Bの電子署名を国内 RS Pセンタ Bの公開鍵で復号することによ りハッシュ値を抽出し、 記憶装置に格納する。 そして、 これらのハッシュ値が一 致するか判断する。 もし、 不一致である場合には、 国内 RS Pセンタ Bの RS P サーバ 7から海外 R SPセンタ Cの RS Pサーバ 9の通信の過程で改竄等が行わ れた可能性があるので、 警告の情報を生成し、 例えば RSPサーバ 9の管理者等 に当該警告の情報を出力する (ステップ S 27) 。 海外 R S Pセンタ Cの R S Pサーバ 9では、 フォーマット変換は必要ない。 本 実施の形態では単なる中継を行うだけであるが、 フォーマツト変換後の書類デー タを書類データ格納部 9 5に蓄積するなどの処理を実施する。 ここでは、 フォー マツト変換後の書類データをワンタイム共通鍵で暗号化し、 記憶装置に格納する。 また、 フォーマット変換後の書類データのハッシュ値を所定のハッシュ関数を用 いて生成し、 当該ハッシュ値を秘密鍵で暗号化することにより海外 R S Pセンタ Cの電子署名を生成し、 記憶装置に格納する (ステップ S 2 9 ) 。 また、 ワンタ ィム暗号鍵も送信先である輸入企業 Dの公開鍵で暗号ィヒする。 そして、 R S Pサ ーバ 9は、 フォーマツト変換後の暗号化書類データ及び海外 R S Pセンタ Cの電 子署名を、 送信先である輸入企業 Dのサーバ 5に送信する (ステップ S 3 1 ) 。 この際、 暗号化されたワンタイム共通鍵及び海外 R S Pセンタ Cの電子証明書も 送信される。 なお、 電子証明書についてはこの段階ではなく、 この段階より前に 送信されている場合もある。 As shown in Fig. 7 (B), the data transmitted from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C is mainly composed of encrypted document data 411 after format conversion. This is the electronic signature 412 of RSP Center B in Japan. The processing shifts from FIG. 6 to FIG. The RSP server 9 of the overseas RSP center C sends the information of the importing company D as the destination designation, the encrypted document data after format conversion, and the RSP server B of the domestic RSP center B from the RSP server 7 of the domestic RSP center B. The digital signature, the encrypted one-time common key, and the digital certificate of the domestic RSP center B are received and temporarily stored in the storage device (step S23). Then, the encrypted one-time common key is decrypted with the secret key of the overseas RSP center C, and the encrypted one-time common key is used to decrypt the encrypted document data after the format conversion. Store in storage unit 95. In addition, verification processing of the electronic signature of the domestic RSP center B is performed (step S25). That is, a hash value is calculated by a predetermined hash function from the document data after the format conversion and stored in the storage device. On the other hand, the hash value is extracted by decrypting the digital signature of the domestic RSP center B with the public key of the domestic RSP center B, and stored in the storage device. Then, it is determined whether or not these hash values match. If they do not match, there is a possibility that tampering has been performed in the course of communication from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C, and the warning information Is generated, and the warning information is output to, for example, the administrator of the RSP server 9 (step S27). No format conversion is required for the RSP server 9 of the overseas RSP center C. In the present embodiment, only relay is performed, but processing such as storing the document data after format conversion in the document data storage unit 95 is performed. Here, the document data after the format conversion is encrypted with the one-time common key and stored in the storage device. In addition, a hash value of the document data after format conversion is generated using a predetermined hash function, and the hash value is encrypted with a secret key, thereby generating an electronic signature of the overseas RSP center C and storing it in the storage device. (Step S29). The one-time encryption key is also encrypted with the public key of importing company D, which is the destination. Then, the RSP server 9 transmits the encrypted document data after the format conversion and the electronic signature of the overseas RSP center C to the server 5 of the import company D, which is the transmission destination (step S31). At this time, the encrypted one-time common key and the digital certificate of the overseas RSP center C are also transmitted. Note that electronic certificates may not have been sent at this stage but may have been sent before this stage.
海外 R S Pセンタ Cの R S Pサーバ 9から輸入企業 Dサーバ 5に送信されるデ ータは、 主に第 7図 (C ) に示すように、 フォーマット変換後の暗号化書類デー タ 4 2 1と、 海外 R S Pセンタ Cの電子署名 4 2 2である。 輸入企業 Dサーバ 5は、 海外 R S Pセンタ Cのサーバ 9から、 フォーマット変 換後の暗号化書類データと、 海外 R S Pセンタ Cの電子署名と、 暗号化されたヮ ンタイム共通鍵と、 海外 R S Pセンタ Cの電子証明書とを受信し、 一旦記憶装置 に格納する (ステップ S 3 3 ) 。 そして、 喑号ィ匕されたワンタイム共通鍵を輸入 企業 Dの秘密鍵で復号し、 当該復号化されたワンタイム共通鍵を用いてフォーマ ット変換後の暗号化書類データを復号し、 記憶装置に格納する (ステップ S 3 5 ) 。 また、 フォーマット変換後の書類データから所定のハッシュ関数でハツシ ュ値を計算し、 記憶装置に格納する (ステップ S 3 7 ) 。 一方、 海外 R S Pセン タ Cの電子署名を海外 R S Pセンタ Cの公開鍵で復号することによりハッシュ値 を抽出し、 記憶装置に格納する。 そして、 これらのハッシュ値が一致する力判断 することにより、 電子署名の検証を実施する (ステップ S 3 9 ) 。 もし、 不一致 である場合には、 海外 R S Pセンタ Cの R S Pサーバ 9と輸入企業 Dサーバ 5の 通信の過程で改竄等が行われた可能性があるので、 警告の情報を生成し、 例えば 輸入企業 Dサーバ 5の管理者等に当該警告の情報を出力する (ステップ S41) 。 一方、 両ハッシュ値が一致する場合には、 フォーマット変換後の真正な書類デ ータを海外 R S Pセンタ Cから受け取ることができたことになる。 し力 し、 本当 にフォーマツト変換後の書類データが、 輸出企業 Aが生成した書類データから生 成されているのかということは輸入企業 Dには分からない。 これは国内 RS Pセ ンタ Bの R S Pサーバ 7によりフォーマツト変換が実施されているからである。 そこで、 輸入企業 Dサーバ 5は、 ステップ S 37で生成したハッシュ値をワン タイム共通鍵で暗号化し、 記憶装置に格納する (ステップ S 43) 。 なお、 ワン タイム共通鍵も、 海外 R S Pセンタ Cの公開鍵で暗号ィヒする。 また、 ステップ S 37で生成したハッシュ値から所定のハッシュ関数で別のハッシュ値を計算し、 輸入企業 Dの秘密鍵で暗号化することにより輸入企業 Dの電子署名を生成し、 記 憶装置に格納する (ステップ S45) 。 そして、 輸出企業 Aに対してサービスす る国内 RSPセンタ Bの RS Pサーバ 7を宛先に指定し、 本処理の識別コードと、 暗号化されたハッシュ値と、 輸入企業 Dの電子署名とを、 海外 RSPセンタ Cの RSPサーバ 9に送信する (ステップ S47) 。 なお、 喑号ィ匕されたワンタイム 共通鍵及び輸入企業 Dの電子証明書も送信される。 なお、 電子証明書については この段階ではなく、 この段階より前に送信されている場合もある。 また、 国内 R SPセンタ Bの RSPサーバ 7を宛先に指定せず、 輸出企業 A又は輸出企業 Aの 国の企業などの情報を含む検証の要求を出力し、 海外 RSPセンタ Cの RSPセ ンタ 9に、 国内 R S Pセンタ Bの R S Pサーバ 7を特定させるような構成であつ てもよい。 As shown in Fig. 7 (C), the data transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 mainly includes encrypted document data 421 after format conversion, as shown in Fig. 7 (C). The electronic signature of the overseas RSP center C is 422. The importing company D server 5 sends the encrypted document data after format conversion, the electronic signature of the overseas RSP center C, the encrypted one-time common key, and the overseas RSP center C from the server 9 of the overseas RSP center C. The electronic certificate is received and temporarily stored in the storage device (step S33). Then, the decrypted one-time common key is decrypted with the secret key of the importing company D, and the format-converted encrypted document data is decrypted and decrypted using the decrypted one-time common key. It is stored in the device (step S35). Also, a hash value is calculated from the format-converted document data using a predetermined hash function and stored in a storage device (step S37). On the other hand, the hash value is extracted by decrypting the digital signature of the overseas RSP center C with the public key of the overseas RSP center C and stored in the storage device. Then, the digital signature is verified by judging the power that these hash values match (step S39). If they do not match, the RSP server 9 of the overseas RSP center C and the importing company D server 5 Since there is a possibility that tampering has been performed in the course of communication, warning information is generated, and the warning information is output to, for example, the administrator of the importing company D server 5 (step S41). On the other hand, if the two hash values match, it means that the authentic document data after format conversion has been received from the overseas RSP center C. However, importing company D does not know whether or not the converted document data is actually generated from the document data generated by exporting company A. This is because format conversion is performed by the RSP server 7 of the domestic RSP center B. Therefore, the importing company D server 5 encrypts the hash value generated in step S37 with the one-time common key and stores it in the storage device (step S43). The one-time common key is also encrypted using the public key of the overseas RSP center C. Further, another hash value is calculated from the hash value generated in step S37 with a predetermined hash function, and the digital signature of the import company D is generated by encrypting the hash value with the secret key of the import company D, and is stored in the storage device. It is stored (step S45). Then, the RSP server 7 of the domestic RSP center B serving the export company A is designated as the destination, and the identification code of this processing, the encrypted hash value, and the electronic signature of the import company D are obtained. The data is transmitted to the RSP server 9 of the overseas RSP center C (step S47). The one-time common key and the digital certificate of importing company D are also sent. Note that electronic certificates may not have been sent at this stage but may have been sent before this stage. In addition, it does not specify the RSP server 7 of the domestic RSP center B as the destination, but outputs a verification request including information on the exporting company A or the company of the country of the exporting company A. Alternatively, the configuration may be such that the RSP server 7 of the domestic RSP center B is specified.
輸入企業 Dサーバ 5から海外 R SPセンタ Cの RSPサーバ 9に送信されるデ ータは、 主に第 7図 (D) に示すように、 フォーマット変換後の書類データの喑 号化ハッシュ値 431と、 輸入企業 Dの電子署名 432である。  The data transmitted from the importing company D server 5 to the RSP server 9 of the overseas RSP center C mainly consists of the encrypted hash value of the document data after format conversion, as shown in Fig. 7 (D). The digital signature of importing company D is 432.
海外 RS Pセンタ Cの R S Pサーバ 9は、 輸入企業 Dサーバ 5から、 送信先で ある国内 RSPセンタ Bの RSPサーバ 7の情報と、 本処理の識別コードと、 喑 号化されたハッシュ値と、 輸入企業 Dの電子署名と、 暗号ィヒされたワンタイム共 通鍵と、 輸入企業 Dの電子証明書とを受信し、 記憶装置に一旦格納する (ステツ プ S 4 9 ) 。 ここで送信元の輸入企業 Dサーバ 5と識別コードの対を記録してお く。 また、 国内 R S Pセンタ Bの R S Pサーバ 7の情報ではなく、 輸出企業 A又 は輸出企業 Aの国の企業の情報を検証要求として受信した場合には、 国内 R S P センタ Bの R S Pサーバ 7を特定する処理を実施する。 この後の処理は第 9図に ¾π:、。 第 9図に移行して、 R S Pサーバ 9は、 暗号ィヒされたワンタイム共通鍵を海外 R S Ρセンタ Cの秘密鍵で復号し、 当該複号化されたワンタイム共通鍵を用いて 暗号化ハッシュ値を復号し、 記憶装置に格納する。 また、 輸入企業 Dの電子署名 の検証処理を実施する (ステップ S 5 1 ) 。 すなわち、 復号ィ匕されたハッシュ値 力 ら所定のハッシュ関数で別のハッシュ値を計算し、 記憶装置に格納する。 一方、 輸入企業 Dの電子署名を輸入企業 Dの公開鍵で復号することによりノヽッシュ値を 抽出し、 記憶装置に格納する。 そして、 これらのハッシュ値が一致するか判断す る。 もし、 不一致である場合には、 輸入企業 Dサーバ 5から海外 R S Pセンタ C の R S Ρサーバ 9の通信の過程で改竄等が行われた可能性があるので、 警告の情 報を生成し、 例えば R S Pサーバ 9の管理者等に当該警告の情報を出力する (ス テツプ S 5 3 ) 。 なお、 識別コードと共に警告情報を輸入企業 Dサーバ 5に送信 して、 輸入企業 Dの管理者等に通知するような構成であってもよい。 The RSP server 9 of the overseas RSP center C receives the information of the RSP server 7 of the domestic RSP center B, which is the transmission destination, the identification code of this processing, the encrypted hash value, The digital signature of the importing company D, the encrypted one-time common key, and the electronic certificate of the importing company D are received and temporarily stored in a storage device. Step S49). Here, the pair of the importing company D server 5 and the identification code is recorded. When the information of the export company A or the company of the country of the export company A is received as the verification request instead of the information of the RSP server 7 of the domestic RSP center B, the RSP server 7 of the domestic RSP center B is specified. Perform processing. Subsequent processing is shown in FIG. Shifting to Fig. 9, the RSP server 9 decrypts the encrypted one-time common key with the secret key of the overseas RS Ρ center C, and encrypts using the decrypted one-time common key. The hash value is decrypted and stored in the storage device. In addition, the digital signature of the importing company D is verified (step S51). That is, another hash value is calculated from the decrypted hash value by a predetermined hash function and stored in the storage device. On the other hand, the electronic signature of the importing company D is decrypted with the public key of the importing company D to extract the novache value and store it in the storage device. Then, it is determined whether these hash values match. If they do not match, there is a possibility that the import company D server 5 has been tampered with in the course of communication between the overseas RSP center C and the RS 9 server 9, so that warning information is generated. The warning information is output to the administrator of the RSP server 9 or the like (step S53). The warning information may be transmitted to the importing company D server 5 together with the identification code to notify the manager of the importing company D of the warning information.
次に R S Ρサーバ 9は、 復号化されたハッシュ値をワンタイム共通鍵で喑号ィ匕 し、 記憶装置に格納する。 また、 複号化されたハッシュ値から所定のハッシュ関 数を用いて別のハッシュ値を生成し、 当該別のハッシュ値を海外 R S Ρセンタ C の秘密鍵で暗号化することにより海外 R S Ρセンタ Cの電子署名を生成し、 記憶 装置に格納する (ステップ S 5 5 ) 。 また、 ワンタイム暗号鍵も送信先である国 内 R S Ρセンタ Βの公開鍵で暗号化する。 そして、 R S Pサーバ 9は、 本処理の 識別コードと、 フォーマット変換後の書類データの喑号ィ匕ハッシュ値と、 海外 R S Ρセンタ Cの電子署名とを、 送信先である国内 R S Ρセンタ Βの R S Ρサーバ 7に送信する (ステップ S 5 7 ) 。 この際、 暗号ィヒされたワンタイム共通鍵及び 海外 R S Ρセンタ Cの電子証明書も送信される。 なお、 電子証明書についてはこ の段階ではなく、 この段階より前に送信されている場合もある。 海外 R SPセンタ Cの RS Pサーバ 9から国内 R SPセンタ Bの RS Pサーバ 7に送信されるデータは、 主に第 7図 (E) に示すように、 フォーマット変換後 の書類データの暗号化ハッシュ値 441と、 海外 RSPセンタ Cの電子署名 44 2である。 Next, the RS @ server 9 performs a decryption on the decrypted hash value with the one-time common key, and stores the hash value in the storage device. Also, another hash value is generated from the decrypted hash value using a predetermined hash function, and the other hash value is encrypted with the secret key of the overseas RS Ρ center C, thereby obtaining the overseas RS Ρ center. A digital signature of C is generated and stored in the storage device (step S55). In addition, the one-time encryption key is also encrypted with the public key of the destination RS {Center} in Japan. Then, the RSP server 9 sends the identification code of this process, the hash value of the document data after format conversion, and the digital signature of the overseas RS center C to the domestic RS center that is the transmission destination. It is sent to RS @ server 7 (step S57). At this time, the encrypted one-time common key and the digital certificate of the overseas RS @ Center C are also sent. Note that electronic certificates may not have been sent at this stage, but may have been sent before this stage. The data transmitted from the RSP server 9 of the overseas RSP center C to the RSP server 7 of the domestic RSP center B mainly encrypts the document data after format conversion as shown in Fig. 7 (E). a hash value 4 41, an electronic signature 44 2 overseas RSP center C.
国内 R S Pセンタ Bの R S Pサーバ 7は、 海外 R S Pセンタ Cの R S Pサーバ 9力、ら、 識別コードと共に、 喑号ィ匕されたハッシュ値と、 海外 RSPセンタ Cの 電子署名と、 喑号化されたワンタイム共通鍵と、 海外 RS Pセンタ Cの電子証明 書とを受信し、 一旦記 It装置に格納する (ステップ S 59) 。 RSPサーバ 7は、 暗号ィヒされたワンタイム共通鍵を国内 RSPセンタ Bの秘密鍵で復号し、 当該復 号化されたワンタイム共通鍵を用いて暗号化ハッシュ値を復号し、 記憶装置に格 納する。 また、 海外 RS Pセンタ Cの電子署名の検証処理を実施する (ステップ S 61) 。 すなわち、 復号化されたハッシュ値から所定のハッシュ関数で別のハ ッシュ値を計算し、 記憶装置に格納する。 一方、 海外 RSPセンタ Cの電子署名 を海外 R S Pセンタ Cの公開鍵で復号することによりハツシュ値を抽出し、 記憶 装置に格納する。 そして、 これらのハッシュ値が一致するか判断する。 もし、 不 一致である場合には、 海外 R S Pセンタ Cの R S Pサーバ 9から国内 R S Pセン タ Bの R S Pサーバ 7までの通信の過程で改竄等が行われた可能性があるので、 警告の情報を生成し、 例えば R S Pサーバ 7の管理者等に当該警告の情報を出力 する (ステップ S 63) 。 なお、 識別コードと共に警告情報を海外 RSPセンタ Cの RSPサーバ 9に送信して、 海外 RSPセンタ Cの管理者等に通知するよう な構成であってもよい。 さらに、 識別コードと共に海外 RSPセンタ Cの RSP サーバ 9から輸入企業 Dサーバ 5に送信して、 輸入企業 Dの管理者等に通知する ような構成であってもよい。.  The RSP server 7 of the domestic RSP center B is converted into the RSP server 9 of the overseas RSP center C, the hash value with the identification code, the digital signature of the overseas RSP center C, and the identification code. The one-time common key and the electronic certificate of the overseas RSP center C are received and temporarily stored in the It device (step S59). The RSP server 7 decrypts the encrypted one-time common key with the secret key of the domestic RSP center B, decrypts the encrypted hash value using the decrypted one-time common key, and stores it in the storage device. Store. In addition, the digital signature of the overseas RSP center C is verified (step S61). That is, another hash value is calculated from the decrypted hash value using a predetermined hash function, and stored in the storage device. On the other hand, the hash value is extracted by decrypting the electronic signature of the overseas RSP center C with the public key of the overseas RSP center C and stored in the storage device. Then, it is determined whether these hash values match. If they do not match, it is possible that tampering has been performed in the course of communication from the RSP server 9 at the overseas RSP center C to the RSP server 7 at the domestic RSP center B. Then, the information of the warning is output to, for example, the administrator of the RSP server 7 (step S63). The warning information may be sent together with the identification code to the RSP server 9 of the overseas RSP center C to notify the administrator of the overseas RSP center C or the like. Further, the configuration may be such that the information is transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 together with the identification code, and the manager of the importing company D is notified. .
次に R S Pサーバ 7は、 復号化されたハッシュ値でハッシュ ·電子証明書発行 番号索引テーブルを検索し、 電子証明書発行番号が取得できた力確認する (ステ ップ S 65) 。 もし、 ハッシュ '電子証明書発行番号索引テーブルから電子証明 書発行番号が取得できない場合には、 これまでの経路のいずれかにおいて改竄が 行われたか又は不適切なフォーマット変換が実施されている可能性があるので、 警告の情報を生成し、 例えば R S Pサーバ 7の管理者等に当該警告の情報を出力 する (ステップ S 67) 。 なお、 識別コードと共に警告情報を海外 RSPセンタ Cの R S Pサーバ 9に送信して、 海外 R S Pセンタ Cの管理者等に通知するよう な構成であってもよい。 さらに、 識別コードと共に海外 RS Pセンタ Cの RS P サーバ 9から輸入企業 Dサーバ 5に送信して、 輸入企業 Dの管理者等に通知する ような構成であってもよい。 Next, the RSP server 7 searches the hash / electronic certificate issue number index table with the decrypted hash value, and confirms that the electronic certificate issue number has been obtained (step S65). If the digital certificate issue number cannot be obtained from the hash 'electronic certificate issue number index table, there is a possibility that tampering has been performed or an inappropriate format conversion has been performed on any of the existing routes. Generates warning information and outputs the warning information to, for example, the administrator of the RSP server 7. Yes (step S67). The warning information may be transmitted to the RSP server 9 of the overseas RSP center C together with the identification code to notify the administrator of the overseas RSP center C or the like. Further, the configuration may be such that the information is transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 together with the identification code, and the manager of the importing company D is notified.
もし、 何らかの電子証明書発行番号をハッシュ '電子証明書発行番号索引テー ブルから取得できた場合には、 当該電子証明書の発行番号を、 ワンタイム共通鍵 で暗号化し、 記憶装置に格納する。 また、 電子証明書の発行番号から所定のハツ シュ関数を用いてハッシュ値を生成し、 当該ハッシュ値を国内 RS Pセンタ Bの 秘密鍵で暗号化することにより国内 RSPセンタ Bの電子署名を生成し、 記憶装 置に格納する (ステップ S 69) 。 また、 ワンタイム暗^ ¾も送信先である海外 RSPセンタ Cの公開鍵で暗号化する。 そして、 RSPサーバ 7は、 本処理の識 別コードと、 暗号化された電子証明書発行番号と、 国内 RSPセンタ Bの電子署 名とを、 送信元の海外 RS Pセンタ Cの RS Pサーバ 9に送信する (ステップ S 71) 。 この際、 喑号化されたワンタイム共通鍵及び国内 RS Pセンタ Bの電子 証明書も送信される。 なお、 電子証明書についてはこの段階ではなく、 この段階 より前に送信されている場合もある。  If any digital certificate issue number can be obtained from the hash 'electronic certificate issue number index table, the issue number of the digital certificate is encrypted with a one-time common key and stored in the storage device. In addition, a hash value is generated from the issue number of the digital certificate using a predetermined hash function, and the hash value is encrypted with the secret key of the domestic RSP center B to generate an electronic signature of the domestic RSP center B. Then, it is stored in the storage device (step S69). The one-time password is also encrypted with the public key of the overseas RSP center C that is the destination. Then, the RSP server 7 sends the identification code of this processing, the encrypted digital certificate issue number, and the electronic signature of the domestic RSP center B to the RSP server 9 of the overseas RSP center C of the transmission source. (Step S71). At this time, the encrypted one-time common key and the digital certificate of RSP center B in Japan are also sent. Note that digital certificates may not have been sent at this stage but may have been sent before this stage.
国内 RSPセンタ Bの R S Pサーバ 7から海外 R SPセンタ Cの RS Pサーバ 9に送信されるデータは、 主に第 7図 (F) に示すように、 暗号化された電子証 明書発行番号 45 1と、 国内 RS Pセンタ Bの電子署名 452である。  The data transmitted from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C mainly consists of the encrypted electronic certificate issue number 45 as shown in Fig. 7 (F). 1 and digital signature 452 of RSP center B in Japan.
海外 R SPセンタ Cの RS Pサーバ 9は、 国内 R SPセンタ Bの RS Pサーバ 7から、 識別コードと、 暗号化された電子証明書発行番号と、 国内 RSPセンタ Bの電子署名と、 喑号化されたワンタイム共通鍵と、 国内 RSPセンタ B の電子証明書とを受信し、 記憶装置に格納する (ステップ S 73) 。 この後の処 理は第 10図に続く。 第 10図に移行して、 RSPサーバ 9は、 喑号化されたワンタイム共通鍵を海 外 RS Pセンタ Cの秘密鍵で復号し、 当該復号ィヒされたワンタイム共通鍵を用い て暗号化電子証明書発行番号を復号し、 記憶装置に格納する。 また、 国内 RSP センタ Bの電子署名の検証処理を実施する (ステップ S 75) 。 すなわち、 復号 化された電子証明書発行番号から所定のハッシュ関数でハッシュ値を計算し、 記 憶装置に格納する。 一方、 国内 RSPセンタ Bの電子署名を国内 RSPセンタ B の公開鍵で復号することによりハッシュ値を抽出し、 記憶装置に格納する。 そし て、 これらのハッシュ値が一致するか判断する。 もし、 不一致である場合には、 国内 R SPセンタ Bの RS Pサーバ 7から海外 R SPセンタ Cの RS Pサーバ 9 の通信の過程で改竄等が行われた可能性があるので、 警告の情報を生成し、 例え ば RS Pサーバ 9の管理者等に当該警告の情報を出力する (ステップ S 77) 。 なお、 識別コードと共に警告情報を輸入企業 Dサーバ 5に送信して、 輸入企業 D の管理者等に通知するような構成であってもよい。 また、 国内 RSPセンタ Bの RSPサーバ 7に、 識別コードと警告情報を送信するようにしても良い。 The RSP server 9 of the overseas RSP center C receives the identification code, the encrypted digital certificate issue number, the electronic signature of the domestic RSP center B, and the 喑 number from the RSP server 7 of the domestic RSP center B. The one-time common key and the digital certificate of the domestic RSP center B are received and stored in the storage device (step S73). Subsequent processing continues to Figure 10. Moving to Fig. 10, the RSP server 9 decrypts the decrypted one-time common key with the secret key of the overseas RSP center C, and encrypts using the decrypted one-time common key. Decrypts the digital certificate issue number and stores it in the storage device. Also, domestic RSP The verification processing of the digital signature of the center B is performed (step S75). That is, a hash value is calculated from the decrypted digital certificate issue number using a predetermined hash function, and stored in the storage device. On the other hand, the hash value is extracted by decrypting the digital signature of domestic RSP center B with the public key of domestic RSP center B, and stored in the storage device. Then, it is determined whether these hash values match. If they do not match, there is a possibility that tampering has been performed in the course of communication from the RSP server 7 of the domestic RSP center B to the RSP server 9 of the overseas RSP center C. Is generated, and the warning information is output to, for example, the administrator of the RSP server 9 (step S77). The warning information may be transmitted to the importing company D server 5 together with the identification code to notify the manager of the importing company D of the warning information. Further, the identification code and the warning information may be transmitted to the RSP server 7 of the domestic RSP center B.
もし改竄等が無ければ、 次に RSPサーバ 9は、 電子証明書宪行番号をワンタ ィム共通鍵で暗号化し、 記憶装置に格納する。 また、 電子証明書発行番号から所 定のハッシュ関数を用いてハッシュ値を生成し、 当該ハッシュ値を海外 R S Pセ ンタ Cの秘密鍵で暗号ィヒすることにより海外 R S Pセンタ Cの電子署名を生成し、 記憶装置に格納する (ステップ S 79) 。 また、 ワンタイム暗号鍵も送信先であ る輸入企業 Dの公開鍵で暗号化する。 そして、 RSPサーバ 9は、 本処理の識別 コードと、 暗号化電子証明書発行番号と、 海外 RSPセンタ Cの電子署名とを、 識別コードに対応して記憶された輸入企業 Dサーバ 5に送信する (ステップ S 8 1) 。 この際、 喑号化されたワンタイム共通鍵及び海外 RSPセンタ Cの電子証 明書も送信される。 なお、 電子証明書についてはこの段階ではなく、 この段階よ り前に送信されている場合もある。  If there is no tampering, the RSP server 9 then encrypts the digital certificate and the line number with the one-time common key, and stores it in the storage device. In addition, a hash value is generated from the digital certificate issue number using a predetermined hash function, and the hash value is encrypted with the secret key of the overseas RSP center C to generate an electronic signature of the overseas RSP center C. And stores it in the storage device (step S79). The one-time encryption key is also encrypted with the public key of importing company D, which is the destination. Then, the RSP server 9 transmits the identification code of this processing, the encryption digital certificate issue number, and the electronic signature of the overseas RSP center C to the importing company D server 5 stored corresponding to the identification code. (Step S81). At this time, the encrypted one-time common key and the electronic certificate of the overseas RSP center C are also transmitted. Note that electronic certificates may not have been sent at this stage but may have been sent before this stage.
海外 RS Pセンタ Cの R S Pサーバ 9から輸入企業 Dサーバ 5に送信されるデ ータは、 主に第 7図 (G) に示すように、 暗号化電子証明書発行番号 461と、 海外 RS Pセンタ Cの電子署名 462である。  The data transmitted from the RSP server 9 of the overseas RSP center C to the importing company D server 5 mainly consists of the encrypted digital certificate issue number 461 and the overseas RSP server as shown in Fig. 7 (G). The electronic signature 462 of the center C.
輸入企業 Dサーバ 5は、 海外 RSPセンタ Cの RSPサーバ 9から、 識別コー ドと、 暗号化電子証明書発行番号と、 海外 RSPセンタ Cの電子署名と、 暗号ィ匕 されたワンタイム共通鍵と、 海外 RSPセンタ Cの電子証明書を受信し、 一旦記 憶装置に格納する (ステップ S 83) 。 そして、 暗号ィ匕されたワンタイム共通鍵 を輸入企業 Dの秘密鍵で復号し、 当該復号ィ匕されたワンタイム共通鍵を用レ、て喑 号化電子証明書発行番号を復号し、 記憶装置に格納する。 また、 海外 R S Pセン タ Cの電子署名の検証処理を実施する (ステップ S 8 5 ) 。 すなわち、 復号化さ れた電子証明書発行番号から所定のハッシュ関数でハッシュ値を計算し、 記憶装 置に格納する。 一方、 海外 R S Pセンタ Cの電子署名を海外 R S Pセンタ Cの公 開鍵で復号することによりハッシュ値を抽出し、 記憶装置に格納する。 そして、 これらのハッシュ値が一致する力判断する。 もし、 不一致である場合には、 海外 R S Pセンタ Cの R S Pサーバ 9から輸入企業 Dサーバ 5の通信の過程で改竄等 が行われた可能性があるので、 警告の情報を生成し、 例えば輸入企業 Dサーバ 5 の管理者等に当該警告の情報を出力する (ステップ S 8 7 ) 。 The importing company D server 5 sends the identification code, the encryption digital certificate issue number, the electronic signature of the overseas RSP center C, and the encrypted one-time common key from the RSP server 9 of the overseas RSP center C. Then, the digital certificate of the overseas RSP center C is received and temporarily stored in the storage device (step S83). And the encrypted one-time common key Is decrypted with the private key of the importing company D, the decrypted one-time common key is used, the decrypted digital certificate issue number is decrypted, and stored in the storage device. In addition, the digital signature of the overseas RSP center C is verified (step S85). That is, a hash value is calculated by a predetermined hash function from the decrypted digital certificate issue number, and stored in the storage device. On the other hand, the hash value is extracted by decrypting the digital signature of the overseas RSP center C with the public key of the overseas RSP center C and stored in the storage device. Then, these hash values are judged to have the same power. If there is a discrepancy, there is a possibility that tampering has been performed during the communication process of the importing company D server 5 from the RSP server 9 of the overseas RSP center C, and warning information is generated. The warning information is output to the administrator of the D server 5 (step S87).
もし両ハッシュ値が一致するようであれば、 海外 R S Pセンタ Cの R S Pサー バ 9と輸入企業 Dサーバ 5との間の通信には特に問題が無かったことになり、 次 の処理を実施する。 輸入企業 Dサーバ 5は、 受信した識別コードから処理対象の 書類データを特定し、 さらに当該書類データから輸出企業の識別情報を特定する。 そして、 当該輸出企業の識別情報を用いて電子証明書一覧テーブルを検索し、 対 応する電子証明書発行番号を取得する。 輸入企業 Dサーバ 5は、 受信及び復号ィ匕 された電子証明書発行番号と、 電子証明書一覧テーブルから取得された電子証明 書発行番号を比較する (ステップ S 8 9 ) 。  If the hash values match, there is no particular problem in the communication between the RSP server 9 of the overseas RSP center C and the importing company D server 5, and the following processing is performed. The import company D server 5 specifies the document data to be processed from the received identification code, and further specifies the identification information of the export company from the document data. Then, the electronic certificate list table is searched using the identification information of the export company, and the corresponding electronic certificate issue number is obtained. The importing company D server 5 compares the received and decrypted electronic certificate issue number with the electronic certificate issue number obtained from the electronic certificate list table (step S89).
もし両電子証明書発行番号が不一致であれば、 通信経路において改竄等が発生 したか、 輸出企業 Aの電子署名が使用されていないか、 又は国内 R S Pセンタ B の R S Pサーバ 7におけるフォーマット変換が不適切であつたといつた問題が生 じており、 ステップ S 3 5 (第 8図) において復号化されたフォーマット変換後 の書類データは輸出企業 Aにより生成されたデ一タに基づくものではなレヽと判断 される。 従って、 当該書類データを真正なデータとして用いることができないの で、 例えば書類データが輸出企業 Aに基づくデータであることを検証できなかつ た旨の警告情報を生成し、 輸入企業 Aの管理者等に警告の情報を出力する (ステ ップ S 9 3 ) 。 警告の情報については、 海外 R S Pセンタ Cや国内 R S Pセンタ Bなどに通知するようにしても良い。 一方、 両電子証明書発行番号が一致していれば、 ステップ S 3 5において復号 化されたフォーマツト変換後の書類データは、 輸出企業 Aに基づくデータである ことが確認できたことになるので、 記憶装置に格納されたフォーマット変換後の 書類データを用いた処理を続行することができる (ステップ S 9 1 ) 。 このような処理を実施することにより、 例えば国内 R S Pセンタ Bの R S Pサ ーバ 7により所定のフォーマツト変換が実施された場合であっても、 輸入企業 D において取得されたフォーマツト変換後の書類データが、 確かに輸出企業 Aに基 づくデータである確証を得ることができ、 適正なデータ交換が実施されるように なる。 なお、 第 6図において、 (B ) のフォーマット変換後の暗号化書類データ 4 1 1と (C ) のフォーマット変換後の暗号化書類データ 4 2 1とは、 第 6図におい ては同じように見えるが、 実際は用いられるワンタイム共通鍵が異なるので、 異 なるデータである。 同様に (D ) のフォーマット変換後の書類データの暗号化ノヽ ッシュ値 4 3 1と (E ) のフォーマツト変換後の書類データの暗号化ノヽッシュ値 4 4 1 、 ( F ) の暗号化電子証明書発行番号 4 5 1と (G) の暗号化電子証明書 発行番号 4 6 1も、 ワンタイム共通鍵が異なるので異なるデータである。 (B ) の Bの電子署名 4 1 2と (F ) の Bの電子署名 4 5 2も、 基となるハッシュ値が 異なるので異なるデータである。 同様に、 (C) の Cの電子署名 4 2 2と (E) の Cの電子署名 4 4 2と (G) の Cの電子署名 4 6 2も、 基となるハッシュ値が 異なるので異なるデータである。 なお、 本発明は上で述べた実施例に限定されるものではなく、 様々な変形が可 能である。 すなわち、 上の説明では電子証明書発行番号を用いて輸出企業 Aの検 証を実施しているが、 電子証明書発行番号ではなく電子証明書そのものを用いる ようにレても良いし、 電子証明書の中の他に一意性が保てる情報であればそれを 用いることができる。 また、 ステップ S 4 7以降の処理において、 海外 R S Pセ ンタ Cの R S Pサーバ 9を経由するような処理を説明したが、 この処理において は、 海外 R S Pセンタ Cの R S Pサーバ 9を経由せず、 直接国内 R S Pセンタ B の R S Pサーバ 7と通信するような構成であってもよレ、。 また、 海外 R S Pセン タ Cの R S Pサーバ 9についても輸入企業 Dと同様にフォーマツト変換後の書類 データが確かに輸出企業 Aに基づくデータであることを確認したい場合には輸入 企業 Dサーバ 5が実施したような処理を実施すればよい。 If the digital certificate issuance numbers do not match, tampering has occurred in the communication path, the electronic signature of the exporting company A is not used, or the format conversion in the RSP server 7 of the domestic RSP center B has failed. Since the problem was found to be appropriate, the format-converted document data decrypted in step S35 (Fig. 8) is not based on the data generated by export company A. Is determined. Therefore, since the document data cannot be used as genuine data, for example, warning information indicating that the document data cannot be verified as data based on the export company A is generated, and the administrator of the import company A, etc. The warning information is output to the user (step S93). Warning information may be notified to overseas RSP center C or domestic RSP center B. On the other hand, if the two digital certificate issue numbers match, it means that the document data after the format conversion decrypted in step S35 can be confirmed to be data based on the export company A. Processing using the converted document data stored in the storage device can be continued (step S91). By performing such a process, for example, even if the predetermined format conversion is performed by the RSP server 7 of the domestic RSP center B, the converted document data acquired by the importing company D is obtained. However, it is certainly possible to obtain confirmation that the data is based on the export company A, and appropriate data exchange will be carried out. In FIG. 6, the encrypted document data 411 after the format conversion of (B) and the encrypted document data 4 21 after the format conversion of (C) are the same in FIG. As you can see, it is actually different data because the one-time secret key used is different. Similarly, the encryption noise value 431 of the document data after the format conversion in (D) and the encryption noise value 441 of the document data after the format conversion in (E), and the encrypted digital certificate of (F) The issue number 4 51 and the encrypted digital certificate (G) issue number 4 61 are also different data because the one-time common key is different. The digital signature 412 of B in (B) and the digital signature 452 of B in (F) are also different data because the underlying hash value is different. Similarly, the digital signature 422 of C in (C), the digital signature 442 of C in (E), and the digital signature 462 of C in (G) are also different data because the underlying hash values are different. It is. Note that the present invention is not limited to the above-described embodiment, and various modifications are possible. That is, in the above explanation, the verification of the exporting company A is performed using the digital certificate issue number, but the digital certificate itself may be used instead of the digital certificate issue number, Any information that can maintain uniqueness other than in the book can be used. Also, in the processing after step S47, the processing through the RSP server 9 of the overseas RSP center C has been described. May be configured to communicate directly with the RSP server 7 at the domestic RSP center B without going through the RSP server 9 at the overseas RSP center C. For the RSP server 9 of the overseas RSP center C as well as the import company D, the import company D server 5 implements if it is necessary to confirm that the converted document data is indeed data based on the export company A. What is necessary is just to perform the processing as described above.
上の説明でも少し述べたが、 改竄等で電子署名の検証に失敗したり、 ステップ S 6 5において電子証明書発行番号がハッシュ ·電子証明書宪行番号索引テープ ルから取得できなかった場合等には、 関係するサーバに警告を通知することによ り、 書類データ又はフォーマット変換後の書類データの使用を中止したり、 破棄 したりするための処理を可能とする。 この通知の仕方は、 基本的には送信元に順 番に伝えてゆけばよい。 ただし、 輸入企業 D等から一斉に関係するサーバに通知 するような構成であってもよい。 ハッシュ値と電子証明書発行番号の対をハッシュ ·電子証明書発行番号索引テ 一ブルに格納する例を示したが、 ハッシュ値と同様な何らかの関数等により生成 されたデータも、 本実施の形態ではハッシュ値と同様に取り扱うことができる。  As described in the above explanation, the verification of the digital signature failed due to falsification, etc., or the digital certificate issue number could not be obtained from the hash / digital certificate / line number index table in step S65, etc. By notifying the relevant server of a warning, the process for stopping or discarding the use of document data or document data after format conversion can be performed. Basically, the method of this notification should be transmitted to the sender in order. However, a configuration in which the importing company D or the like notifies the related servers all at once may be used. Although the example in which the pair of the hash value and the digital certificate issue number is stored in the hash and digital certificate issue number index table has been described, the data generated by any function similar to the hash value may also be used in the present embodiment. Can be handled in the same way as hash values.

Claims

請求の範囲 The scope of the claims
1 . 第 1のコンピュータから受信された第 1のデータに対して当該第 1のデータ の送信先に対応するフォーマツト変換を実施し、 第 2のデータを生成するステツ プと、 1. performing a format conversion corresponding to a destination of the first data on the first data received from the first computer to generate second data;
前記第 2のデータのハッシュ値を計算し、 当該ハッシュ値と前記第 1のコンビ タに関連する電子証明書に関する情報とを対応付けて記憶装置に格納するス テツプと、  A step of calculating a hash value of the second data, storing the hash value and information related to the electronic certificate related to the first combination in a storage device,
前記第 2のデータを前記送信先に関連する第 2のコンピュータに送信する第 1 送信ステップと、  A first transmission step of transmitting the second data to a second computer associated with the destination;
前記第 2のコンピュータからハツシュ値を受信した場合、 前記記憶装置から当 該受信したハッシュ値に対応する電子証明書に関する情報を読み出すステップと、 読み出された前記電子証明書に関する情報を前記第 2のコンピュータに送信す る第 2送信ステップと、  When receiving the hash value from the second computer, reading information about the digital certificate corresponding to the received hash value from the storage device; and reading the information about the read digital certificate into the second computer. A second sending step to send to the other computer;
を含む情報処理方法。  An information processing method including:
2 . 前記受信したハッシュ値に対応する電子証明書に関する情報を前記記憶装置 から取得できない場合、 警告のための情報を生成するステップ 2. A step of generating information for a warning when information about the digital certificate corresponding to the received hash value cannot be obtained from the storage device.
をさらに含む請求項 1記載の情報処理方法。  The information processing method according to claim 1, further comprising:
3 . 前記電子証明書に関する情報が、 電子証明書の識別情報であることを特徴と する請求項 1又は 2記載の情報処理方法。 3. The information processing method according to claim 1, wherein the information on the electronic certificate is identification information of the electronic certificate.
4 . 前記第 2のデータのハッシュ値を用いて電子署名を生成し、 記憶装置に格納 するステップをさらに含み、 4. generating a digital signature using the hash value of the second data, and storing the digital signature in a storage device;
前記第 1送信ステップにおいて、 前記電子署名を前記第 2のコンピュータに送 信する  In the first transmitting step, transmitting the electronic signature to the second computer
ことを特徴とする請求項 1乃至 3のいずれか 1つ記載の情報処理方法。 The information processing method according to claim 1, wherein:
5 . 読み出された前記電子証明書に関する情報のハッシュ値を用いて第 2の電子 署名を生成し、 記憶装置に格納するステップをさらに含み、 5. generating a second digital signature using a hash value of the read information on the digital certificate, and storing the second digital signature in a storage device;
前記第 2送信ステツプにおいて、 前記第 2の電子署名を前記第 2のコンビユー タに送信する  In the second transmitting step, transmitting the second electronic signature to the second computer
ことを特徴とする請求項 1乃至 4のいずれか 1つ記載の情報処理方法。  The information processing method according to any one of claims 1 to 4, wherein:
6 . 他のコンピュータから受信したデータに対してハッシュ値を計算し、 記憶装 置に格納するステップと、 6. calculating a hash value for the data received from the other computer and storing it in a storage device;
前記ハッシュ値を前記他のコンピュータに送信する送信ステップと、 前記他のコンピュータから前記ハッシュ値に対応する電子証明書に関する情報 を受信した場合、 当該電子証明書に関する情報を記憶装置に格納するステップと、 受信した前記電子証明書に関する情報と前記データの生成元の電子証明書に関 する情報と比較する比較ステップと、  A transmitting step of transmitting the hash value to the other computer; and a step of storing information on the digital certificate in a storage device when receiving information on the digital certificate corresponding to the hash value from the other computer. Comparing the received information about the digital certificate with information about the digital certificate from which the data was generated; and
を含む情報処理方法。  An information processing method including:
7 . 受信した前記電子証明書に関する情報と前記データの生成元の電子証明書に 関する情報とが不一致である場合、 警告のための情報を生成するステップ をさらに含む請求項 6記載の情報処理方法。 7. The information processing method according to claim 6, further comprising a step of generating information for a warning when the received information on the digital certificate and the information on the digital certificate from which the data is generated do not match. .
8 . 前記電子証明書に関する情報が、 電子証明書の識別情報であることを特徴と する請求項 6又は 7記載の情報処理方法。 8. The information processing method according to claim 6, wherein the information on the digital certificate is identification information of the digital certificate.
9 . 前記ハッシュ値のハッシュ値を用いて電子署名を生成し、 記憶装置に格納す るステップをさらに含み、 9. generating a digital signature using the hash value of the hash value and storing the digital signature in a storage device,
前記送信ステップにおいて、 前記電子署名を前記他のコンピュータに送信する ことを特徴とする請求項 6乃至 8のいずれか 1つ記載の情報処理方法。  9. The information processing method according to claim 6, wherein in the transmitting step, the electronic signature is transmitted to the another computer.
1 0 . 前記比較ステップにおいて、 前記データの生成元の電子証明書に関する情 報を、 前記データから特定される生成元の情報を用いて、 予め用意された電子証 明書に関する情報と当該電子証明書の所有者との対応テープノレを検索して、 取得 するステップを含む請求項 6乃至 9のいずれか 1つ記載の情報処理方法。 10. In the comparing step, information about the digital certificate of the data generator is prepared by using the information of the generator specified from the data. The information processing method according to any one of claims 6 to 9, further comprising a step of searching for and obtaining information corresponding to a certificate and a corresponding tape holder with an owner of the digital certificate.
1 1 . 第 1のコンピュータから受信された第 1のデータに対して当該第 1のデー タの送信先に対応するフォーマツト変換を実施し、 第 2のデータを生成するステ ップと、 1 1. performing a format conversion corresponding to a destination of the first data on the first data received from the first computer, and generating second data;
前記第 2のデータのハッシユイ直を計算し、 当該ハッシュ値と前記第 1のコンビ ュ一タに関連する電子証明書に関する情報とを対応付けて記憶装置に格納するス テツプと、  A step of calculating a hash value of the second data, storing the hash value in association with information related to the electronic certificate related to the first computer in a storage device,
前記第 2のデータを前記送信先に関連する第 2のコンピュータに送信する第 1 送信ステップと、  A first transmission step of transmitting the second data to a second computer associated with the destination;
前記第 2のコンピュータからハツシュ値を受信した場合、 前記記憶装置から当 該受信したハッシュ値に対応する電子証明書に関する情報を読み出すステップと、 読み出された前記電子証明書に関する情報を前記第 2のコンピュータに送信す る第 2送信ステップと、  When receiving the hash value from the second computer, reading information about the digital certificate corresponding to the received hash value from the storage device; and reading the information about the read digital certificate into the second computer. A second sending step to send to the other computer;
をコンピュータに実行させるためのプログラム。  A program for causing a computer to execute.
1 2 . 他のコンピュータから受信したデータに対してハッシュ値を計算し、 記憶 装置に格納するステップと、 12. Calculating a hash value for data received from another computer and storing it in a storage device;
前記ハッシュ値を前記他のコンピュータに送信する送信ステツプと、 前記他のコンピュータから前記ハッシュ値に対応する電子証明書に関する情報 を受信した場合、 当該電子証明書に関する情報を記憶装置に格納するステップと、 受信した前記電子証明書に関する情報情報と前記データの生成元の電子証明書 に関する情報と比較するステップと、  A transmitting step of transmitting the hash value to the other computer; and a step of storing information on the electronic certificate in a storage device when information on the electronic certificate corresponding to the hash value is received from the other computer. Comparing the received information information on the digital certificate with information on the electronic certificate from which the data was generated,
をコンピュータに実行させるためのプログラム。  A program for causing a computer to execute.
1 3 . 第 1のコンピュータから受信された第 1のデータに対して当該第 1のデー タの送信先に対応するフォーマツト変換を実施し、 第 2のデータを生成する手段 と、 前記第 2のデータのハッシュ値を計算し、 当該ハッシュ値と前記第 1のコンビ ユータに関連する電子証明書に関する情報とを対応付けて記憶装置に格納する手 段と、 13. A means for performing a format conversion corresponding to a destination of the first data on the first data received from the first computer to generate second data, Means for calculating a hash value of the second data, storing the hash value and information relating to the electronic certificate associated with the first computer in a storage device in association with each other,
前記第 2のデータを前記送信先に関連する第 2のコンピュータに送信する第 1 送信手段と、  First transmission means for transmitting the second data to a second computer associated with the destination,
前記第 2のコンピュータからハツシュ値を受信した場合、 前記記憶装置から当 該受信したハッシュ値に対応する電子証明書に関する情報を読み出す手段と、 読み出された前記電子証明書に関する情報を前記第 2のコンピュータに送信す る第 2送信手段と、  Means for reading, from the storage device, information relating to the digital certificate corresponding to the received hash value; and receiving the read information relating to the electronic certificate from the second computer. A second transmission means for transmitting to the computer of
を有するコンピュータ · システム。  Computer system with
1 4 . 他のコンピュータから受信したデータに対してハッシュ値を計算し、 記憶 装置に格納する手段と、 14. A means for calculating a hash value for data received from another computer and storing it in a storage device;
前記ハッシュ値を前記他のコンピュータに送信する送信手段と、  Transmitting means for transmitting the hash value to the other computer;
前記他のコンピュータから前記ハッシュ値に対応する電子証明書に関する情報 を受信した場合、 当該電子証明書に関する情報を記憶装置に格納する手段と、 受信した前記電子証明書に関する情報と前記データの生成元の電子証明書に関 する情報と比較する手段と、  Means for storing the information about the digital certificate in the storage device when the information about the digital certificate corresponding to the hash value is received from the other computer; and a source of the information about the received digital certificate and the source of the data. Means for comparing the information with the digital certificate of
を有するコンピュータ ' システム。  Computer with a 'system.
1 5 . 請求項 1 0又は 1 1記載のプログラムを格納した記憶媒体。 15. A storage medium storing the program according to claim 10 or 11.
PCT/JP2002/001743 2002-02-26 2002-02-26 Method and system for verifying data originality WO2003073399A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2002/001743 WO2003073399A1 (en) 2002-02-26 2002-02-26 Method and system for verifying data originality

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2002/001743 WO2003073399A1 (en) 2002-02-26 2002-02-26 Method and system for verifying data originality

Publications (1)

Publication Number Publication Date
WO2003073399A1 true WO2003073399A1 (en) 2003-09-04

Family

ID=27764172

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2002/001743 WO2003073399A1 (en) 2002-02-26 2002-02-26 Method and system for verifying data originality

Country Status (1)

Country Link
WO (1) WO2003073399A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108431842A (en) * 2015-12-29 2018-08-21 科因普拉格株式会社 Method for being authenticated and verifying to file and server

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07244459A (en) * 1994-03-03 1995-09-19 Nippon Telegr & Teleph Corp <Ntt> Digital autograph system
JPH0969830A (en) * 1995-08-30 1997-03-11 Hitachi Ltd Cipher communication system
JPH10247949A (en) * 1997-03-05 1998-09-14 Nippon Telegr & Teleph Corp <Ntt> Caller authentication method
JP2000338868A (en) * 1999-05-26 2000-12-08 Ntt Data Corp Method for issuing public key certificate, method for verifying, system and recording medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07244459A (en) * 1994-03-03 1995-09-19 Nippon Telegr & Teleph Corp <Ntt> Digital autograph system
JPH0969830A (en) * 1995-08-30 1997-03-11 Hitachi Ltd Cipher communication system
JPH10247949A (en) * 1997-03-05 1998-09-14 Nippon Telegr & Teleph Corp <Ntt> Caller authentication method
JP2000338868A (en) * 1999-05-26 2000-12-08 Ntt Data Corp Method for issuing public key certificate, method for verifying, system and recording medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108431842A (en) * 2015-12-29 2018-08-21 科因普拉格株式会社 Method for being authenticated and verifying to file and server
CN108431842B (en) * 2015-12-29 2022-08-09 科因普拉格株式会社 Method and server for authenticating and verifying file

Similar Documents

Publication Publication Date Title
JP3946192B2 (en) Data originality verification method and system
KR100734737B1 (en) Methods, apparatus and computer programs for generating and/or using conditional electronic signatures for reporting status changes
US5872848A (en) Method and apparatus for witnessed authentication of electronic documents
JP4788212B2 (en) Digital signature program and digital signature system
US7499551B1 (en) Public key infrastructure utilizing master key encryption
US20060206433A1 (en) Secure and authenticated delivery of data from an automated meter reading system
US20020044662A1 (en) Service message management system and method
US20070136599A1 (en) Information processing apparatus and control method thereof
JP2002259605A (en) Device and method for information processing and storage medium
JP2004537822A (en) Authentication electronic document management system and method
KR20060080174A (en) Method for transmitting protected information to several receivers
JP2004005643A (en) Anonymous payment method verifiable by defined party
JP3980145B2 (en) Cryptographic key authentication method and certificate for chip card
CN114666060B (en) Hyperledger Fabric-based electronic data security method and system
JP2005502269A (en) Method and apparatus for creating a digital certificate
US20020143987A1 (en) Message management systems and method
JPH10135943A (en) Portable information storage medium, verification method and verification system
EP1473868B1 (en) Method and apparatus for passing data securely between parties
JP2002297540A (en) Log collection system, server for use in log collection system and medium recorded with server control program
JP4105583B2 (en) Wireless tag security expansion method, ID management computer device, proxy server device, program thereof, and recording medium of the program
CN103916237A (en) Method and system for managing user encrypted-key retrieval
WO2003073399A1 (en) Method and system for verifying data originality
TWI669672B (en) Electronic trading method and system
JPH10290224A (en) Authentication system for authenticating electronic information and its method
CA2237441C (en) A mechanism for secure tendering in an open electronic network

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): CN JP KR US

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
NENP Non-entry into the national phase

Ref country code: JP