WO2009118847A1 - Signature management method - Google Patents

Signature management method Download PDF

Info

Publication number
WO2009118847A1
WO2009118847A1 PCT/JP2008/055761 JP2008055761W WO2009118847A1 WO 2009118847 A1 WO2009118847 A1 WO 2009118847A1 JP 2008055761 W JP2008055761 W JP 2008055761W WO 2009118847 A1 WO2009118847 A1 WO 2009118847A1
Authority
WO
WIPO (PCT)
Prior art keywords
signature
electronic
data
electronic data
management
Prior art date
Application number
PCT/JP2008/055761
Other languages
French (fr)
Japanese (ja)
Inventor
泰次 岡本
Original Assignee
富士通株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 富士通株式会社 filed Critical 富士通株式会社
Priority to PCT/JP2008/055761 priority Critical patent/WO2009118847A1/en
Publication of WO2009118847A1 publication Critical patent/WO2009118847A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • the present invention relates to a signature management method, and more particularly to a signature management method capable of appropriately verifying the validity of an electronic signature even in transmission of electronic data other than electronic mail.
  • a third party is not impersonating a legitimate sender by adding an electronic signature to an e-mail, and the contents of the e-mail are not altered by the third party.
  • a mechanism is used that allows the recipient to confirm this.
  • Patent Document 1 A technique described in Patent Document 1 has been proposed as a technique for using the same correctness confirmation function also in transmission of electronic data other than electronic mail.
  • a message digest and electronic signature of electronic data to be transmitted are registered in the document verification information storage device, and the electronic data receiver sends a digital signature corresponding to the message digest calculated from the electronic data to the document.
  • a request is made to the verification information storage device, and the validity of the electronic data is confirmed using the transmitted electronic signature.
  • Patent Document 1 has a problem that although the sender of electronic data can be confirmed, theft of electronic data cannot be prevented. That is, when a person who does not have a legitimate right about electronic data creates an electronic signature of the electronic data and registers it in the document verification information storage device, the recipient of the electronic data is obtained from the document verification information storage device When the validity of the electronic data is confirmed using the electronic signature, the electronic data is normally verified, and the receiver cannot know that the electronic data is transmitted from a person who does not have a valid right.
  • the present invention has been made to solve the above-described problems caused by the prior art, and provides a signature management method capable of properly verifying the validity of an electronic signature even in transmission of electronic data other than electronic mail.
  • the purpose is to provide.
  • a signature management method disclosed in the present application is, in one aspect, a signature management method for holding an electronic signature of electronic data in a signature management apparatus, the first terminal Transmitting the first electronic data and signature verification key to the signature management device, the signature management device generating processing data, and the signature management device using the processing data.
  • the signature management device stores the management number, the signature verification key, the electronic signature, and the processing data in association with each other, and the signature management device includes the management Transmitting a number to the first terminal; a second terminal transmitting third electronic data and a management number corresponding to the data to the signature management apparatus; and the signature management apparatus comprising: A step of acquiring an electronic signature and processing data stored in association with a management number corresponding to the third electronic data from the storage means; and the processing data acquired by the signature management apparatus from the storage means Processing the third electronic data by using the method to generate fourth electronic data, and the signature management apparatus converts the electronic signature and the fourth electronic data acquired from the storage means to the first electronic data. 2 terminals Transmitting, and the second terminal confirms the validity
  • one of the application methods is auxiliary confirmation data indicating the disclosure fact of the electronic data disclosure location, publisher name, etc. Is stored and managed in association with electronic data and electronic signatures, so that the facts relating to the disclosure of electronic data are registered in the signature management apparatus, and the user of the electronic data confirms the fact of disclosure The usage method of using is considered.
  • a person who obtains a set of publicly available electronic data, an electronic signature, and a signature verification key creates a copy of the set and publishes it to another new public location without permission. Demonstrates a deterrent effect in two aspects.
  • the first deterrent effect is that, according to the present invention, every time it is registered in the signature management apparatus, it is necessary to create an electronic signature with a different value every time even if the original electronic data is the same. There is an effect that the obtained electronic signature cannot be used as it is when attempting to register the fact of disclosure to a place.
  • the second deterrent effect is that the user must always ask the signature verification device when verifying the validity of the electronic signature for the published electronic data. There is an effect that the data showing the fact can be presented and the user can confirm that there is no difference between the actual public location and the public fact.
  • FIG. 1 is a diagram illustrating an example of a signature management system including a signature management apparatus according to the present embodiment.
  • FIG. 2 is a diagram showing a procedure for publishing electronic data.
  • FIG. 3 is a diagram illustrating a procedure of a validity confirmation process for public data.
  • FIG. 4 is a diagram showing another procedure of the validity confirmation process for the public data.
  • FIG. 5 is a functional block diagram showing the configuration of the signature management apparatus.
  • FIG. 6 is a functional block diagram illustrating a computer that executes a signature management program.
  • FIG. 1 is a diagram illustrating an example of a signature management system including a signature management apparatus 30 according to the present embodiment.
  • the signature management system 1 shown in FIG. 1 is configured by connecting user terminals 10a to 10n, service providing devices 20a to 20m, and a signature management device 30 via a network 2 such as the Internet.
  • User terminals 10a to 10n are devices for creating various electronic data and using electronic data created by other terminals, and correspond to, for example, a personal computer or a mobile terminal.
  • the service providing devices 20a to 20m are devices that provide services that hold and publish electronic data transmitted from the user terminals 10a to 10n.
  • the service providing apparatus 20a is an apparatus that provides an electronic bulletin board service or a blog service
  • the user terminals 10a to 10n create articles as document data and post them to the service providing apparatus 20a.
  • the service providing apparatus 20a The posted document data is posted and released to other terminals.
  • the service providing apparatus 20b is an apparatus that provides a photo sharing service
  • the user terminals 10a to 10n edit the image data and post it to the service providing apparatus 20b.
  • the service providing apparatus 20b Publish to other devices.
  • the signature management apparatus 30 is an apparatus that manages an electronic signature for verifying the identity of a provider of electronic data disclosed in the service providing apparatuses 20a to 20m.
  • the signature management apparatus 30 processes the electronic data by a predetermined method to generate signature data, and the requester receives the signature data.
  • the electronic signature obtained by signing with the signature creation key is stored in association with a management number for identifying the electronic data.
  • the signature management apparatus 30 verifies the validity of the electronic signature using the signature verification key corresponding to the signature creation key before storing the electronic signature in association with the management number.
  • unknown data that is automatically generated, such as signature data it is very difficult to forge a combination of a correct electronic signature and a signature verification key. Therefore, by verifying the validity of the electronic signature for the signature data using the signature verification key, the requester of the electronic signature management can obtain the right owner of the signature creation key and signature verification key pair. It can be confirmed.
  • FIG. 2 is a diagram showing a procedure for publishing electronic data.
  • the user of the user terminal 10a intends to send electronic data to the service providing apparatus 20a and make it public, and to request the signature management apparatus 30 to manage the electronic signature in order to prevent falsification of the electronic data. It shall be.
  • the user terminal 10a After generating the electronic data (step S101), the user terminal 10a acquires auxiliary confirmation information such as a public location and a publisher name (step S102).
  • the auxiliary confirmation information may be any information as long as it indicates a fact regarding the disclosure of electronic data.
  • the user terminal 10a transmits electronic data, auxiliary confirmation information, and a signature verification key to the signature management apparatus 30 and requests management of the electronic signature (step S103).
  • the signature verification key may be transmitted by the user, or may be transmitted in advance.
  • the signature management apparatus 30 Upon receiving the request, the signature management apparatus 30 generates processing data (step S104).
  • the processing data may be anything as long as the contents are different each time the management of the electronic signature is requested.
  • the signature management apparatus 30 processes the electronic data using the processing data to generate signature data (step S105).
  • any processing method may be used.
  • the processing data may be added to a predetermined position of the electronic data, or the electronic data may be encrypted using the processing data as an encryption key.
  • the electronic data may be divided into blocks having a predetermined length, and each block and the processing data may be XORed.
  • the signature management apparatus 30 transmits the signature data to the user terminal 10a, and instructs to sign it with the signature creation key corresponding to the signature verification key (step S106).
  • the user terminal 10a creates an electronic signature from the signature data using the signature creation key corresponding to the signature verification key (step S107), and transmits it to the signature management apparatus 30 (step S108).
  • the signature management apparatus 30 confirms the validity of the electronic signature using the signature verification key transmitted in step S103 (step S109).
  • the signature management apparatus 30 suspends the process after executing a predetermined error process.
  • the signature management apparatus 30 issues a management number for identifying the electronic signature (step S110), and associates the management number, the processing data, the electronic signature, and the auxiliary confirmation information with the management DB. (Step S111).
  • the management DB is a database in which information related to electronic data requested to manage electronic signatures is stored. Then, the signature management apparatus 30 transmits the management number to the user terminal 10a (step S112).
  • the user terminal 10a transmits the electronic data, the signature verification key, the management number, and the auxiliary confirmation information to the service providing apparatus 20a and discloses them (step S113).
  • FIG. 3 is a diagram showing a procedure for a validity confirmation process for public data.
  • the user of the user terminal 10b is trying to acquire public data published in the service providing apparatus 20a and check the validity of the public data.
  • the user terminal 10b After the user terminal 10b acquires the electronic data, signature verification key, management number, and auxiliary confirmation information from the service providing apparatus 20a (step S201), the user terminal 10b receives the electronic data, the management number, The auxiliary confirmation information is transmitted to the signature management apparatus 30 to request confirmation of validity (step S202).
  • the signature management apparatus 30 searches the management DB using the transmitted management number as a key and acquires registered information (step S203).
  • the signature management apparatus 30 checks whether the auxiliary confirmation information obtained by searching the management DB matches the transmitted auxiliary confirmation information (step S204). For example, when the name of the provider of electronic data is disclosed as auxiliary confirmation information, the name of the provider acquired in step S201 is compared with the name of the provider stored in the management DB. .
  • step S205 if the information does not match (No in step S205), it means that some alteration has been made to the published data, so the signature management apparatus 30 indicates that the public data is not valid.
  • the signature management apparatus 30 uses the processed data obtained by searching the management DB in the same manner as step S105.
  • the electronic data is processed to create signature data (step S207), and the electronic signature and signature data are transmitted to the user terminal 10b (step S208).
  • the user terminal 10b verifies the validity of the electronic signature for the signature data using the signature verification key (step S209).
  • the signature data is verified in the user terminal 10 b, but the signature data can also be verified in the signature management apparatus 30.
  • the processing procedure in this case is shown in FIG. Steps S301 to S306 in FIG. 4 are the same as Steps S201 to S206 in FIG. 3 except that the signature verification key is further transmitted to the signature management apparatus 30 in Step S302, and thus description thereof is omitted.
  • the signature management apparatus 30 uses the processing data obtained by searching the management DB, The electronic data is processed by the same method as in step S105 to create signature data (step S307).
  • the signature management apparatus 30 verifies the validity of the electronic signature for the signature data using the signature verification key (step S308).
  • a response that the electronic signature is not valid is returned to the user terminal 10b (Step S306), and when the validity is confirmed (Yes at Step S309), A response is sent to the user terminal 10b that the electronic signature is valid (step S310).
  • public in the present application does not only mean that electronic data is posted on a server device or the like on the network as in the above example, but the electronic data is available to a third party. Means to.
  • the third party here may be a specific one or an unspecified number.
  • “public” in the present application includes transmission of electronic data via a recording medium such as a CD-ROM, in addition to transmission by electronic mail and transmission by a P2P system.
  • FIG. 5 is a functional block diagram showing the configuration of the signature management apparatus 30.
  • the signature management apparatus 30 includes a control unit 31, a storage unit 32, and a network interface unit 33.
  • the control unit 31 is a control unit that totally controls the signature management apparatus 30, and includes a management request reception unit 31a, a processing data generation unit 31b, a signature data generation unit 31c, a signature request unit 31d, and a signature verification unit. 31e, a management number generation unit 31f, an information storage unit 31g, a management number transmission unit 31h, a confirmation request reception unit 31i, an information search unit 31j, an information comparison unit 31k, and a verification result response unit 31l .
  • the management request receiving unit 31a is a processing unit that receives a management request for an electronic signature. Specifically, the management request receiving unit 31a receives electronic data, auxiliary confirmation information, and signature verification key transmitted from the user terminal 10a or the like in step S103 of FIG.
  • the processing data generation unit 31b is a processing unit that generates processing data for creating signature data.
  • the processing data generation unit 31b uses, for example, random numbers to generate processing data having different values each time a new request is received by the management request reception unit 31a. Specifically, the processing data generation unit 31b generates processing data in step S104 of FIG.
  • the signature data generation unit 31c is a processing unit that processes the electronic data using the processing data to generate the signature data. Specifically, the signature data generation unit 31c generates signature data by adding processing data to the electronic data in step S105 of FIG. 2, step S207 of FIG. 3, and step S307 of FIG. .
  • the signature request unit 31d is a processing unit that transmits the signature data generated by the signature data generation unit 31c to the transmission source of the electronic data and requests the creation of the electronic signature. Specifically, the signature request unit 31d transmits signature data to the user terminal 10a and the like in step S106 of FIG. 2 and requests creation of an electronic signature.
  • the signature verification unit 31e is a processing unit that verifies the validity of the electronic signature for the signature data using the signature verification key. Specifically, the signature verification unit 31e verifies the electronic signature in step S109 in FIG. 2 and step S308 in FIG. As in the example illustrated in FIG. 4, when the signature management apparatus 30 executes up to the verification of the electronic signature, the signature verification unit 31e causes the verification result response unit 31l to respond with the verification result.
  • the management number generation unit 31f is a processing unit that issues a management number for identifying an electronic signature. Specifically, the management number generation unit 31f issues a different management number for each electronic signature in step S110 of FIG.
  • the information storage unit 31g is a processing unit that stores a management number, processing data, an electronic signature, and auxiliary confirmation information in association with each other in the management DB 32a. Specifically, the information storage unit 31g executes the information storage process in step S111 in FIG.
  • the management number transmitting unit 31h is a processing unit that transmits the issued management number to the transmission source of the electronic data. Specifically, the management number transmission unit 31h transmits the management number in step S112 in FIG.
  • the confirmation request accepting unit 31i is a processing unit that accepts an electronic data validity confirmation request. Specifically, the confirmation request receiving unit 31i receives electronic data, management number, auxiliary confirmation information, and signature verification key transmitted from the user terminal 10b or the like in step S202 of FIG. 3 and step S302 of FIG.
  • the information search unit 31j is a processing unit that searches the management DB 32a using the management number received by the confirmation request receiving unit 31i as a key, and acquires the registered processing data, electronic signature, and auxiliary confirmation information. Specifically, the information search unit 31j searches the management DB 32a in step S203 in FIG. 3 and step S303 in FIG.
  • the information comparison unit 31k compares the information received by the confirmation request reception unit 31i with the information acquired from the management DB 32a by the information search unit 31j, thereby determining whether the public data has been tampered with. It is. Specifically, the information comparison unit 31k compares information in step S204 in FIG. 3 and step S304 in FIG. If the information does not match, the information comparison unit 31k causes the verification result response unit 31l to respond that it is not valid.
  • the verification result response unit 31l is a processing unit that responds to the requester of the confirmation request with the confirmation result of validity. Specifically, the verification result response unit 31l responds in steps S206 and S208 in FIG. 3 and steps S306 and S310 in FIG.
  • the storage unit 32 is a storage unit that stores various types of information, and includes a management DB 32a.
  • the management DB 32a is a database that stores information related to electronic data requested to manage an electronic signature, and holds processing data, an electronic signature, and auxiliary confirmation information in association with a management number.
  • the configuration of the signature management apparatus 30 according to the present embodiment shown in FIG. 5 can be variously changed without departing from the gist of the present invention.
  • a function equivalent to that of the signature management apparatus 30 can be realized by mounting the function of the control unit 31 of the signature management apparatus 30 as software and executing the function by a computer.
  • An example of a computer that executes the signature management program 1071 in which the function of the control unit 31 is implemented as software is shown below.
  • FIG. 6 is a functional block diagram showing the computer 1000 that executes the signature management program 1071.
  • the computer 1000 includes a CPU (Central Processing Unit) 1010 that executes various arithmetic processes, an input device 1020 that receives input of data from a user, a monitor 1030 that displays various information, and a medium that reads a program from a recording medium.
  • a bus 1080 includes a reading device 1040, a network interface device 1050 that exchanges data with other computers via a network, a RAM (Random Access Memory) 1060 that temporarily stores various information, and a hard disk device 1070. Connected and configured.
  • the hard disk device 1070 includes a signature management program 1071 having the same function as the control unit 31 shown in FIG. 5 and signature management data 1072 corresponding to various data stored in the storage unit 32 shown in FIG. Is memorized.
  • the signature management data 1072 can be appropriately distributed and stored in another computer connected via a network.
  • the signature management program 1071 functions as the signature management process 1061.
  • the signature management process 1061 expands information read from the signature management data 1072 and the like in an area allocated to itself on the RAM 1060 as appropriate, and executes various data processing based on the expanded data.
  • the signature management program 1071 is not necessarily stored in the hard disk device 1070, and the computer 1000 may read and execute the program stored in a storage medium such as a CD-ROM. .
  • the computer 1000 stores the program in another computer (or server) connected to the computer 1000 via a public line, the Internet, a LAN (Local Area Network), a WAN (Wide Area Network), or the like. You may make it read and run a program from these.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

Verification of validity by an electronic signature is properly performed even in transmission of electronic data other than electronic mails. To solve the problem, this signature management method includes a step in which a user terminal transmits first electronic data to a signature management apparatus, a step in which the signature management apparatus processes the first electronic data to generate second electronic data, a step in which the user terminal creates an electronic signature of the second electronic data, and a step in which the signature management apparatus stores a management number and the electronic signature of the second electronic data in a corresponding relation in a storage means. The signature management apparatus verifies validity by means of the electronic signature or the like stored in the storage means in response to a request from the user terminal.

Description

署名管理方法Signature management method
 この発明は、署名管理方法に関し、特に、電子メール以外の電子データの伝送においても電子署名による正当性の検証を適正に行うことができる署名管理方法に関する。 The present invention relates to a signature management method, and more particularly to a signature management method capable of appropriately verifying the validity of an electronic signature even in transmission of electronic data other than electronic mail.
 従来、電子メールに電子署名を付加して送信することにより、第3者が正当な送信者になりすましているのではなく、また、電子メールの内容が第3者によって改竄されているのでもないことを受信者が確認することを可能にする仕組みが利用されている。 Conventionally, a third party is not impersonating a legitimate sender by adding an electronic signature to an e-mail, and the contents of the e-mail are not altered by the third party. A mechanism is used that allows the recipient to confirm this.
 同様の正当性確認機能を電子メール以外の電子データの伝達においても利用するための技術として、特許文献1に記載された技術が提案されている。この技術は、送信する電子データのメッセージダイジェストと電子署名とを文書検証情報格納装置へ登録しておき、電子データの受信者が、電子データから算出したメッセージダイジェストに対応する電子署名の送信を文書検証情報格納装置に要求し、送信された電子署名を用いて電子データの正当性を確認するというものである。 A technique described in Patent Document 1 has been proposed as a technique for using the same correctness confirmation function also in transmission of electronic data other than electronic mail. In this technology, a message digest and electronic signature of electronic data to be transmitted are registered in the document verification information storage device, and the electronic data receiver sends a digital signature corresponding to the message digest calculated from the electronic data to the document. A request is made to the verification information storage device, and the validity of the electronic data is confirmed using the transmitted electronic signature.
特開平9-311854号公報JP-A-9-31854
 しかしながら、上記の特許文献1において開示されている技術には、電子データの送信者を確認することはできるものの、電子データの盗用を防止することができないという問題があった。すなわち、電子データに関する正当な権利をもたない者が、その電子データの電子署名を作成して文書検証情報格納装置へ登録した場合、その電子データの受信者が文書検証情報格納装置から取得した電子署名を用いて電子データの正当性を確認すると、正常に検証されてしまい、正当な権利をもたない者から送信された電子データであることを受信者が知ることができなかった。 However, the technique disclosed in Patent Document 1 described above has a problem that although the sender of electronic data can be confirmed, theft of electronic data cannot be prevented. That is, when a person who does not have a legitimate right about electronic data creates an electronic signature of the electronic data and registers it in the document verification information storage device, the recipient of the electronic data is obtained from the document verification information storage device When the validity of the electronic data is confirmed using the electronic signature, the electronic data is normally verified, and the receiver cannot know that the electronic data is transmitted from a person who does not have a valid right.
 この発明は、上述した従来技術による問題点を解消するためになされたものであり、電子メール以外の電子データの伝送においても電子署名による正当性の検証を適正に行うことができる署名管理方法を提供することを目的とする。 The present invention has been made to solve the above-described problems caused by the prior art, and provides a signature management method capable of properly verifying the validity of an electronic signature even in transmission of electronic data other than electronic mail. The purpose is to provide.
 上述した課題を解決し、目的を達成するため、本願の開示する署名管理方法は、一つの態様において、電子データの電子署名を署名管理装置に保持させる署名管理方法であって、第1の端末が、第1の電子データと署名検証用鍵を前記署名管理装置へ送信する工程と、前記署名管理装置が、加工用データを生成する工程と、前記署名管理装置が、前記加工用データを用いて前記第1の電子データを加工して、第2の電子データを生成する工程と、前記署名管理装置が、前記第2の電子データを前記第1の端末へ送信する工程と、前記第1の端末が、前記第2の電子データの電子署名を作成する工程と、前記第1の端末が、前記電子署名を前記署名管理装置へ送信する工程と、前記署名管理装置が、前記電子署名の検索に用いるための管理番号を生成する工程と、前記署名管理装置が、前記管理番号と前記署名検証用鍵と前記電子署名と前記加工用データを対応付けて記憶手段に記憶させる工程と、前記署名管理装置が、前記管理番号を前記第1の端末に送信する工程と、第2の端末が、第3の電子データと該データに対応する管理番号を前記署名管理装置へ送信する工程と、前記署名管理装置が、前記第3の電子データに対応する管理番号と対応付けて記憶されている電子署名と加工用データを前記記憶手段から取得する工程と、前記署名管理装置が、前記記憶手段から取得された加工用データを用いて前記第3の電子データを加工して、第4の電子データを生成する工程と、前記署名管理装置が、前記記憶手段から取得された電子署名と前記第4の電子データを前記第2の端末へ送信する工程と、前記第2の端末が、前記第4の電子データに対して、前記記憶手段から取得された電子署名の正当性を、前記第3の電子データに対応する署名検証用鍵を用いて検証する工程とを含む。 In order to solve the above-described problems and achieve the object, a signature management method disclosed in the present application is, in one aspect, a signature management method for holding an electronic signature of electronic data in a signature management apparatus, the first terminal Transmitting the first electronic data and signature verification key to the signature management device, the signature management device generating processing data, and the signature management device using the processing data. Processing the first electronic data to generate second electronic data, transmitting the second electronic data to the first terminal by the signature management apparatus, and the first The terminal of generating the electronic signature of the second electronic data, the step of the first terminal transmitting the electronic signature to the signature management apparatus, and the signature management apparatus of the electronic signature Management number for search The signature management device stores the management number, the signature verification key, the electronic signature, and the processing data in association with each other, and the signature management device includes the management Transmitting a number to the first terminal; a second terminal transmitting third electronic data and a management number corresponding to the data to the signature management apparatus; and the signature management apparatus comprising: A step of acquiring an electronic signature and processing data stored in association with a management number corresponding to the third electronic data from the storage means; and the processing data acquired by the signature management apparatus from the storage means Processing the third electronic data by using the method to generate fourth electronic data, and the signature management apparatus converts the electronic signature and the fourth electronic data acquired from the storage means to the first electronic data. 2 terminals Transmitting, and the second terminal confirms the validity of the electronic signature acquired from the storage means for the fourth electronic data, and uses a signature verification key corresponding to the third electronic data. Using and verifying.
 署名管理装置を用いて電子データに対応する電子署名と署名検証用鍵を管理する場合、その応用方法の一つとして、電子データの公開場所や公開者名などの公開の事実を示す補助確認データを、電子データや電子署名と対応付けて記憶管理することにより、署名管理装置に電子データの公開に関する事実を登録しておき、電子データの利用者が公開の事実を確認する手段として署名管理装置を用いるという、利用方法が考えられる。 When managing a digital signature and signature verification key corresponding to electronic data using a signature management device, one of the application methods is auxiliary confirmation data indicating the disclosure fact of the electronic data disclosure location, publisher name, etc. Is stored and managed in association with electronic data and electronic signatures, so that the facts relating to the disclosure of electronic data are registered in the signature management apparatus, and the user of the electronic data confirms the fact of disclosure The usage method of using is considered.
 本発明によれば、公開されていた電子データと電子署名と署名検証用鍵のセットを入手した人が、セットのコピーを作成して、無断で別の新規公開場所に公開してしまうという盗用行為に対して、2つの面で抑止効果を発揮する。1番目の抑止効果は、本発明によれば、署名管理装置に登録する都度、元の電子データが同一であっても毎回異なる値の電子署名を作る必要があるので、署名管理装置に新規公開場所への公開の事実を登録しようとしたとき、入手した電子署名をそのまま用いることができない、という効果がある。2番目の抑止効果は、利用者が、公開された電子データに対する電子署名の正当性を検証するときに、必ず署名検証装置に依頼する必要があるため、署名管理装置から利用者に、公開に関する事実を示すデータを提示し、実際の公開場所と公開の事実とに相違がないことを、利用者に確認してもらうことができる、という効果がある。 According to the present invention, a person who obtains a set of publicly available electronic data, an electronic signature, and a signature verification key creates a copy of the set and publishes it to another new public location without permission. Demonstrates a deterrent effect in two aspects. The first deterrent effect is that, according to the present invention, every time it is registered in the signature management apparatus, it is necessary to create an electronic signature with a different value every time even if the original electronic data is the same. There is an effect that the obtained electronic signature cannot be used as it is when attempting to register the fact of disclosure to a place. The second deterrent effect is that the user must always ask the signature verification device when verifying the validity of the electronic signature for the published electronic data. There is an effect that the data showing the fact can be presented and the user can confirm that there is no difference between the actual public location and the public fact.
図1は、本実施例に係る署名管理装置を含む署名管理システムの一例を示す図である。FIG. 1 is a diagram illustrating an example of a signature management system including a signature management apparatus according to the present embodiment. 図2は、電子データの公開手順を示す図である。FIG. 2 is a diagram showing a procedure for publishing electronic data. 図3は、公開用データの正当性確認処理の手順を示す図である。FIG. 3 is a diagram illustrating a procedure of a validity confirmation process for public data. 図4は、公開用データの正当性確認処理の他の手順を示す図である。FIG. 4 is a diagram showing another procedure of the validity confirmation process for the public data. 図5は、署名管理装置の構成を示す機能ブロック図である。FIG. 5 is a functional block diagram showing the configuration of the signature management apparatus. 図6は、署名管理プログラムを実行するコンピュータを示す機能ブロック図である。FIG. 6 is a functional block diagram illustrating a computer that executes a signature management program.
符号の説明Explanation of symbols
    1  署名管理システム
    2  ネットワーク
   10a~10n ユーザ端末
   20a~20m サービス提供装置
   30  署名管理装置
   31  制御部
   31a 管理依頼受付部
   31b 加工用データ生成部
   31c 署名用データ生成部
   31d 署名要求部
   31e 署名検証部
   31f 管理番号生成部
   31g 情報格納部
   31h 管理番号送信部
   31i 確認依頼受付部
   31j 情報検索部
   31k 情報比較部
   31l 検証結果応答部
   32  記憶部
   32a 管理DB
   33  ネットワークインターフェース部
 1000  コンピュータ
 1010  CPU
 1020  入力装置
 1030  モニタ
 1040  媒体読取り装置
 1050  ネットワークインターフェース装置
 1060  RAM
 1061  署名管理プロセス
 1070  ハードディスク装置
 1071  署名管理プログラム
 1072  署名管理用データ
 1080  バス DESCRIPTION OF SYMBOLS 1 Signature management system 2 Network 10a-10n User terminal 20a-20m Service provision apparatus 30 Signature management apparatus 31 Control part 31a Management request reception part 31b Processing data generation part 31c Signature data generation part 31d Signature request part 31e Signature verification part 31f Management number generation unit 31g Information storage unit 31h Management number transmission unit 31i Confirmation request reception unit 31j Information search unit 31k Information comparison unit 31l Verification result response unit 32 Storage unit 32a Management DB
33 Network Interface Unit 1000 Computer 1010 CPU
1020 Input device 1030 Monitor 1040 Media reader 1050 Network interface device 1060 RAM
1061 Signature management process 1070 Hard disk device 1071 Signature management program 1072 Signature management data 1080 Bus
 以下に添付図面を参照して、本発明に係る署名管理方法の好適な実施の形態を詳細に説明する。 Hereinafter, a preferred embodiment of a signature management method according to the present invention will be described in detail with reference to the accompanying drawings.
 まず、本実施例に係る署名管理システムについて説明する。図1は、本実施例に係る署名管理装置30を含む署名管理システムの一例を示す図である。同図に示す署名管理システム1は、ユーザ端末10a~10nと、サービス提供装置20a~20mと、署名管理装置30とをインターネット等のネットワーク2で接続して構成されている。 First, the signature management system according to this embodiment will be described. FIG. 1 is a diagram illustrating an example of a signature management system including a signature management apparatus 30 according to the present embodiment. The signature management system 1 shown in FIG. 1 is configured by connecting user terminals 10a to 10n, service providing devices 20a to 20m, and a signature management device 30 via a network 2 such as the Internet.
 ユーザ端末10a~10nは、各種電子データの作成や、他の端末で作成された電子データの利用などを行うための装置であり、例えば、パソコンや携帯端末等に相当する。サービス提供装置20a~20mは、ユーザ端末10a~10nから送信された電子データを保持し、公開するサービスを提供する装置である。 User terminals 10a to 10n are devices for creating various electronic data and using electronic data created by other terminals, and correspond to, for example, a personal computer or a mobile terminal. The service providing devices 20a to 20m are devices that provide services that hold and publish electronic data transmitted from the user terminals 10a to 10n.
 ユーザ端末10a~10nにおいて作成され、サービス提供装置20a~20mにおいて公開される電子データには、文書データ、音声データ、画像データ、動画データ、各種アプリケーション用のデータファイル等のように様々な種類がある。例えば、サービス提供装置20aが電子掲示板サービスやブログサービスを提供する装置であれば、ユーザ端末10a~10nは、文書データである記事を作成してサービス提供装置20aへ投稿し、サービス提供装置20aは、投稿された文書データを掲示して他の端末へ公開する。また、サービス提供装置20bが写真共有サービスを提供する装置であれば、ユーザ端末10a~10nは、画像データを編集してサービス提供装置20bへ投稿し、サービス提供装置20bは、投稿された画像データを他の端末へ公開する。 There are various types of electronic data created in the user terminals 10a to 10n and made public in the service providing apparatuses 20a to 20m, such as document data, audio data, image data, moving image data, and data files for various applications. is there. For example, if the service providing apparatus 20a is an apparatus that provides an electronic bulletin board service or a blog service, the user terminals 10a to 10n create articles as document data and post them to the service providing apparatus 20a. The service providing apparatus 20a The posted document data is posted and released to other terminals. If the service providing apparatus 20b is an apparatus that provides a photo sharing service, the user terminals 10a to 10n edit the image data and post it to the service providing apparatus 20b. The service providing apparatus 20b Publish to other devices.
 署名管理装置30は、サービス提供装置20a~20mにおいて公開される電子データの提供者の本人確認のための電子署名を管理する装置である。署名管理装置30は、ユーザ端末10a~10nから電子データの電子署名の管理を依頼されると、電子データを所定の方式で加工して署名用データを生成し、この署名用データを依頼者がもつ署名作成用鍵で署名して得られた電子署名を、その電子データを識別するための管理番号と対応付けて記憶する。 The signature management apparatus 30 is an apparatus that manages an electronic signature for verifying the identity of a provider of electronic data disclosed in the service providing apparatuses 20a to 20m. When requested to manage the electronic signature of the electronic data from the user terminals 10a to 10n, the signature management apparatus 30 processes the electronic data by a predetermined method to generate signature data, and the requester receives the signature data. The electronic signature obtained by signing with the signature creation key is stored in association with a management number for identifying the electronic data.
 署名管理装置30は、電子署名を管理番号と対応付けて記憶する前に、署名作成用鍵に対応する署名検証用鍵を用いて、電子署名の正当性を検証する。署名用データのように自動生成される未知のデータの場合、正しい電子署名と署名検証用鍵の組合せを偽造することは非常に困難である。したがって、署名用データに対する電子署名の正当性を、署名検証用鍵を用いて検証することにより、電子署名の管理の依頼者が、署名作成用鍵と署名検証用鍵の対の正当な所有者であることを確認することができる。 The signature management apparatus 30 verifies the validity of the electronic signature using the signature verification key corresponding to the signature creation key before storing the electronic signature in association with the management number. In the case of unknown data that is automatically generated, such as signature data, it is very difficult to forge a combination of a correct electronic signature and a signature verification key. Therefore, by verifying the validity of the electronic signature for the signature data using the signature verification key, the requester of the electronic signature management can obtain the right owner of the signature creation key and signature verification key pair. It can be confirmed.
 次に、図1に示した署名管理システムにおいて実行される処理の手順について説明する。図2は、電子データの公開手順を示す図である。ここでは、ユーザ端末10aの利用者が、サービス提供装置20aに電子データを送信して公開しようとしており、その電子データの改竄防止等のために署名管理装置30に電子署名の管理を依頼しようとしているものとする。 Next, the procedure of processing executed in the signature management system shown in FIG. 1 will be described. FIG. 2 is a diagram showing a procedure for publishing electronic data. Here, the user of the user terminal 10a intends to send electronic data to the service providing apparatus 20a and make it public, and to request the signature management apparatus 30 to manage the electronic signature in order to prevent falsification of the electronic data. It shall be.
 ユーザ端末10aは、電子データを生成した後に(ステップS101)、公開場所や公開者名等の補助確認情報を取得する(ステップS102)。補助確認情報は、電子データの公開に関する事実を示すものであればどのような情報であってもよい。 After generating the electronic data (step S101), the user terminal 10a acquires auxiliary confirmation information such as a public location and a publisher name (step S102). The auxiliary confirmation information may be any information as long as it indicates a fact regarding the disclosure of electronic data.
 続いて、ユーザ端末10aは、電子データと、補助確認情報と、署名検証用鍵とを署名管理装置30へ送信して電子署名の管理を依頼する(ステップS103)。署名検証用鍵は、利用者に入力させたものを送信することとしてもよいし、予め記憶しているものを送信することとしてもよい。依頼を受けた署名管理装置30は、加工用データを生成する(ステップS104)。加工用データは、電子署名の管理を依頼される度に内容がことなっていればどのようなものであってもよい。 Subsequently, the user terminal 10a transmits electronic data, auxiliary confirmation information, and a signature verification key to the signature management apparatus 30 and requests management of the electronic signature (step S103). The signature verification key may be transmitted by the user, or may be transmitted in advance. Upon receiving the request, the signature management apparatus 30 generates processing data (step S104). The processing data may be anything as long as the contents are different each time the management of the electronic signature is requested.
 そして、署名管理装置30は、加工用データを用いて電子データを加工して署名用データを生成する(ステップS105)。加工の方式は、加工用データの内容によって、署名用データの内容が異なるものであれば、どのような方式であってもよい。例えば、電子データの所定の位置に加工用データを付加することとしてもよいし、加工用データを暗号鍵として電子データを暗号化してもよい。また、電子データを所定長のブロックに区切り、各ブロックと加工用データをXOR演算することとしてもよい。 Then, the signature management apparatus 30 processes the electronic data using the processing data to generate signature data (step S105). As long as the content of the signature data differs depending on the content of the processing data, any processing method may be used. For example, the processing data may be added to a predetermined position of the electronic data, or the electronic data may be encrypted using the processing data as an encryption key. Further, the electronic data may be divided into blocks having a predetermined length, and each block and the processing data may be XORed.
 そして、署名管理装置30は、署名用データをユーザ端末10aへ送信して、それを署名検証用鍵に対応する署名作成用鍵で署名するように指示する(ステップS106)。ユーザ端末10aは、署名検証用鍵に対応する署名作成用鍵を用いて署名用データから電子署名を作成し(ステップS107)、署名管理装置30へ送信する(ステップS108)。署名管理装置30は、ステップS103で送信された署名検証用鍵を用いて電子署名の正当性を確認する(ステップS109)。ここで、電子署名の正当性を確認できなかった場合は、署名管理装置30は、所定のエラー処理を実行した後、処理を中断させる。 Then, the signature management apparatus 30 transmits the signature data to the user terminal 10a, and instructs to sign it with the signature creation key corresponding to the signature verification key (step S106). The user terminal 10a creates an electronic signature from the signature data using the signature creation key corresponding to the signature verification key (step S107), and transmits it to the signature management apparatus 30 (step S108). The signature management apparatus 30 confirms the validity of the electronic signature using the signature verification key transmitted in step S103 (step S109). Here, when the validity of the electronic signature cannot be confirmed, the signature management apparatus 30 suspends the process after executing a predetermined error process.
 続いて、署名管理装置30は、電子署名を識別するための管理番号を発番し(ステップS110)、管理番号と、加工用データと、電子署名と、補助確認情報とを対応付けて管理DBへ格納する(ステップS111)。管理DBは、電子署名の管理を依頼された電子データに関する情報が格納されるデータベースである。そして、署名管理装置30は、管理番号をユーザ端末10aへ送信する(ステップS112)。 Subsequently, the signature management apparatus 30 issues a management number for identifying the electronic signature (step S110), and associates the management number, the processing data, the electronic signature, and the auxiliary confirmation information with the management DB. (Step S111). The management DB is a database in which information related to electronic data requested to manage electronic signatures is stored. Then, the signature management apparatus 30 transmits the management number to the user terminal 10a (step S112).
 そして、ユーザ端末10aは、電子データと、署名検証用鍵と、管理番号と、補助確認情報とをサービス提供装置20aへ送信して公開する(ステップS113)。 Then, the user terminal 10a transmits the electronic data, the signature verification key, the management number, and the auxiliary confirmation information to the service providing apparatus 20a and discloses them (step S113).
 図3は、公開用データの正当性確認処理の手順を示す図である。ここでは、ユーザ端末10bの利用者が、サービス提供装置20aにおいて公開されている公開用データを取得し、その公開用データの正当性の確認を行おうとしているものとする。 FIG. 3 is a diagram showing a procedure for a validity confirmation process for public data. Here, it is assumed that the user of the user terminal 10b is trying to acquire public data published in the service providing apparatus 20a and check the validity of the public data.
 ユーザ端末10bが、サービス提供装置20aから電子データと、署名検証用鍵と、管理番号と、補助確認情報とを取得した後(ステップS201)、ユーザ端末10bは、電子データと、管理番号と、補助確認情報とを署名管理装置30へ送信して正当性の確認を依頼する(ステップS202)。署名管理装置30は、送信された管理番号をキーとして管理DBを検索して登録されている情報を取得する(ステップS203)。 After the user terminal 10b acquires the electronic data, signature verification key, management number, and auxiliary confirmation information from the service providing apparatus 20a (step S201), the user terminal 10b receives the electronic data, the management number, The auxiliary confirmation information is transmitted to the signature management apparatus 30 to request confirmation of validity (step S202). The signature management apparatus 30 searches the management DB using the transmitted management number as a key and acquires registered information (step S203).
 そして、署名管理装置30は、管理DBを検索して得られた補助確認情報と、送信された補助確認情報が一致するか否かをチェックする(ステップS204)。例えば、補助確認情報として電子データの提供者の名前が公開されている場合には、ステップS201で取得された提供者の名前と、管理DBに格納されていた提供者の名前とが比較される。 The signature management apparatus 30 checks whether the auxiliary confirmation information obtained by searching the management DB matches the transmitted auxiliary confirmation information (step S204). For example, when the name of the provider of electronic data is disclosed as auxiliary confirmation information, the name of the provider acquired in step S201 is compared with the name of the provider stored in the management DB. .
 ここで、情報が一致しなかった場合(ステップS205否定)、公開されているデータに何らかの改竄が加えられていることを意味するので、署名管理装置30は、公開用データが正当でない旨をユーザ端末10bへ応答する(ステップS206)一方、情報が一致した場合(ステップS205肯定)、署名管理装置30は、管理DBを検索して得られた加工データを用いて、ステップS105と同一の方式で電子データを加工して署名用データを作成し(ステップS207)、電子署名と署名用データとをユーザ端末10bへ送信する(ステップS208)。 Here, if the information does not match (No in step S205), it means that some alteration has been made to the published data, so the signature management apparatus 30 indicates that the public data is not valid. In response to the terminal 10b (step S206), if the information matches (Yes in step S205), the signature management apparatus 30 uses the processed data obtained by searching the management DB in the same manner as step S105. The electronic data is processed to create signature data (step S207), and the electronic signature and signature data are transmitted to the user terminal 10b (step S208).
 そして、ユーザ端末10bは、署名管理装置30から電子署名と署名用データとを受信すると、署名用データに対する電子署名の正当性を、署名検証用鍵を用いて検証する(ステップS209)。 Then, when receiving the electronic signature and the signature data from the signature management apparatus 30, the user terminal 10b verifies the validity of the electronic signature for the signature data using the signature verification key (step S209).
 なお、図3に示した例では、ユーザ端末10bにおいて署名用データの検証を行うこととなっているが、署名用データの検証を署名管理装置30において行うこともできる。この場合の処理手順を図4に示す。図4におけるステップS301~S306は、ステップS302において、署名検証用鍵をさらに署名管理装置30へ送信する点を除いて、図3におけるステップS201~S206と同様であるので、説明を省略する。 In the example shown in FIG. 3, the signature data is verified in the user terminal 10 b, but the signature data can also be verified in the signature management apparatus 30. The processing procedure in this case is shown in FIG. Steps S301 to S306 in FIG. 4 are the same as Steps S201 to S206 in FIG. 3 except that the signature verification key is further transmitted to the signature management apparatus 30 in Step S302, and thus description thereof is omitted.
 管理DBを検索して得られた補助確認情報と送信された補助確認情報が一致した場合(ステップS305肯定)、署名管理装置30は、管理DBを検索して得られた加工データを用いて、ステップS105と同一の方式で電子データを加工して署名用データを作成する(ステップS307)。そして、署名管理装置30は、署名用データに対する電子署名の正当性を、署名検証用鍵を用いて検証する(ステップS308)。ここで、正当性が確認できなかった場合は(ステップS309否定)、電子署名が正当でない旨をユーザ端末10bへ応答し(ステップS306)、正当性が確認できた場合は(ステップS309肯定)、電子署名が正当である旨をユーザ端末10bへ応答する(ステップS310)。 When the auxiliary confirmation information obtained by searching the management DB matches the transmitted auxiliary confirmation information (Yes at step S305), the signature management apparatus 30 uses the processing data obtained by searching the management DB, The electronic data is processed by the same method as in step S105 to create signature data (step S307). The signature management apparatus 30 verifies the validity of the electronic signature for the signature data using the signature verification key (step S308). Here, when the validity cannot be confirmed (No at Step S309), a response that the electronic signature is not valid is returned to the user terminal 10b (Step S306), and when the validity is confirmed (Yes at Step S309), A response is sent to the user terminal 10b that the electronic signature is valid (step S310).
 なお、本願における「公開」という語は、上記の例のように、電子データをネットワーク上のサーバ装置等に掲載することだけを意味するものではなく、電子データを第3者が利用可能な状態にすることを意味する。ここでいう第3者は、特定のものであってもよいし、不特定多数のものであってもよい。例えば、本願における「公開」には、電子メールによる伝送やP2Pシステムによる伝送のほか、CD-ROM等の記録媒体を介した電子データの受け渡しも含まれる。 In addition, the word “public” in the present application does not only mean that electronic data is posted on a server device or the like on the network as in the above example, but the electronic data is available to a third party. Means to. The third party here may be a specific one or an unspecified number. For example, “public” in the present application includes transmission of electronic data via a recording medium such as a CD-ROM, in addition to transmission by electronic mail and transmission by a P2P system.
 次に、署名管理装置30の構成について説明する。図5は、署名管理装置30の構成を示す機能ブロック図である。同図に示すように、署名管理装置30は、制御部31と、記憶部32と、ネットワークインターフェース部33とを有する。制御部31は、署名管理装置30を全体制御する制御部であり、管理依頼受付部31aと、加工用データ生成部31bと、署名用データ生成部31cと、署名要求部31dと、署名検証部31eと、管理番号生成部31fと、情報格納部31gと、管理番号送信部31hと、確認依頼受付部31iと、情報検索部31jと、情報比較部31kと、検証結果応答部31lとを有する。 Next, the configuration of the signature management apparatus 30 will be described. FIG. 5 is a functional block diagram showing the configuration of the signature management apparatus 30. As shown in FIG. As shown in the figure, the signature management apparatus 30 includes a control unit 31, a storage unit 32, and a network interface unit 33. The control unit 31 is a control unit that totally controls the signature management apparatus 30, and includes a management request reception unit 31a, a processing data generation unit 31b, a signature data generation unit 31c, a signature request unit 31d, and a signature verification unit. 31e, a management number generation unit 31f, an information storage unit 31g, a management number transmission unit 31h, a confirmation request reception unit 31i, an information search unit 31j, an information comparison unit 31k, and a verification result response unit 31l .
 管理依頼受付部31aは、電子署名の管理依頼を受け付ける処理部である。具体的には、管理依頼受付部31aは、図2のステップS103においてユーザ端末10a等から送信される電子データ、補助確認情報、署名検証用鍵を受信する。 The management request receiving unit 31a is a processing unit that receives a management request for an electronic signature. Specifically, the management request receiving unit 31a receives electronic data, auxiliary confirmation information, and signature verification key transmitted from the user terminal 10a or the like in step S103 of FIG.
 加工用データ生成部31bは、署名用データを作成するための加工用データを生成する処理部である。加工用データ生成部31bは、例えば、乱数を用いて、管理依頼受付部31aにおいて新たな依頼が受け付けられる度に、値の異なる加工用データを生成する。具体的には、加工用データ生成部31bは、図2のステップS104において、加工用データを生成する。 The processing data generation unit 31b is a processing unit that generates processing data for creating signature data. The processing data generation unit 31b uses, for example, random numbers to generate processing data having different values each time a new request is received by the management request reception unit 31a. Specifically, the processing data generation unit 31b generates processing data in step S104 of FIG.
 署名用データ生成部31cは、加工用データを用いて電子データを加工して署名用データを生成する処理部である。具体的には、署名用データ生成部31cは、図2のステップS105、図3のステップS207および図4のステップS307において、電子データに加工用データを付加する等して署名用データを生成する。 The signature data generation unit 31c is a processing unit that processes the electronic data using the processing data to generate the signature data. Specifically, the signature data generation unit 31c generates signature data by adding processing data to the electronic data in step S105 of FIG. 2, step S207 of FIG. 3, and step S307 of FIG. .
 署名要求部31dは、署名用データ生成部31cにおいて生成された署名用データを電子データの送信元へ送信して、電子署名の作成を依頼する処理部である。具体的には、署名要求部31dは、図2のステップS106において、署名用データをユーザ端末10a等に送信して、電子署名の作成を依頼する。 The signature request unit 31d is a processing unit that transmits the signature data generated by the signature data generation unit 31c to the transmission source of the electronic data and requests the creation of the electronic signature. Specifically, the signature request unit 31d transmits signature data to the user terminal 10a and the like in step S106 of FIG. 2 and requests creation of an electronic signature.
 署名検証部31eは、署名用データに対する電子署名の正当性を、署名検証用鍵を用いて検証する処理部である。具体的には、署名検証部31eは、図2のステップS109および図4のステップS308において、電子署名の検証を行う。図4に示した例のように、署名管理装置30が電子署名の検証までを実行する場合は、署名検証部31eは、検証結果を検証結果応答部31lに応答させる。 The signature verification unit 31e is a processing unit that verifies the validity of the electronic signature for the signature data using the signature verification key. Specifically, the signature verification unit 31e verifies the electronic signature in step S109 in FIG. 2 and step S308 in FIG. As in the example illustrated in FIG. 4, when the signature management apparatus 30 executes up to the verification of the electronic signature, the signature verification unit 31e causes the verification result response unit 31l to respond with the verification result.
 管理番号生成部31fは、電子署名を識別するための管理番号を発番する処理部である。具体的には、管理番号生成部31fは、図2のステップS110において、電子署名毎に異なる管理番号を発番する。 The management number generation unit 31f is a processing unit that issues a management number for identifying an electronic signature. Specifically, the management number generation unit 31f issues a different management number for each electronic signature in step S110 of FIG.
 情報格納部31gは、管理番号と、加工用データと、電子署名と、補助確認情報とを対応付けて管理DB32aに格納する処理部である。具体的には、情報格納部31gは、図2のステップS111における情報格納処理を実行する。 The information storage unit 31g is a processing unit that stores a management number, processing data, an electronic signature, and auxiliary confirmation information in association with each other in the management DB 32a. Specifically, the information storage unit 31g executes the information storage process in step S111 in FIG.
 管理番号送信部31hは、発番された管理番号を、電子データの送信元へ送信する処理部である。具体的には、管理番号送信部31hは、図2のステップS112において管理番号の送信を行う。 The management number transmitting unit 31h is a processing unit that transmits the issued management number to the transmission source of the electronic data. Specifically, the management number transmission unit 31h transmits the management number in step S112 in FIG.
 確認依頼受付部31iは、電子データの正当性の確認依頼を受け付ける処理部である。具体的には、確認依頼受付部31iは、図3のステップS202および図4のステップS302においてユーザ端末10b等から送信される電子データ、管理番号、補助確認情報および署名検証用鍵を受信する。 The confirmation request accepting unit 31i is a processing unit that accepts an electronic data validity confirmation request. Specifically, the confirmation request receiving unit 31i receives electronic data, management number, auxiliary confirmation information, and signature verification key transmitted from the user terminal 10b or the like in step S202 of FIG. 3 and step S302 of FIG.
 情報検索部31jは、確認依頼受付部31iにおいて受信された管理番号をキーにして管理DB32aを検索し、登録されている加工用データ、電子署名および補助確認情報を取得する処理部である。具体的には、情報検索部31jは、図3のステップS203および図4のステップS303において管理DB32aを検索する。 The information search unit 31j is a processing unit that searches the management DB 32a using the management number received by the confirmation request receiving unit 31i as a key, and acquires the registered processing data, electronic signature, and auxiliary confirmation information. Specifically, the information search unit 31j searches the management DB 32a in step S203 in FIG. 3 and step S303 in FIG.
 情報比較部31kは、確認依頼受付部31iにおいて受信された情報と、情報検索部31jによって管理DB32aから取得された情報を比較することにより、公開データが改竄されているか否かを判断する処理部である。具体的には、情報比較部31kは、図3のステップS204および図4のステップS304において情報の比較を行う。情報が一致しなかった場合、情報比較部31kは、正当でない旨を検証結果応答部31lに応答させる。 The information comparison unit 31k compares the information received by the confirmation request reception unit 31i with the information acquired from the management DB 32a by the information search unit 31j, thereby determining whether the public data has been tampered with. It is. Specifically, the information comparison unit 31k compares information in step S204 in FIG. 3 and step S304 in FIG. If the information does not match, the information comparison unit 31k causes the verification result response unit 31l to respond that it is not valid.
 検証結果応答部31lは、確認依頼の依頼元へ正当性の確認結果を応答する処理部である。具体的には、検証結果応答部31lは、図3のステップS206およびS208、図4のステップS306およびS310において応答を行う。 The verification result response unit 31l is a processing unit that responds to the requester of the confirmation request with the confirmation result of validity. Specifically, the verification result response unit 31l responds in steps S206 and S208 in FIG. 3 and steps S306 and S310 in FIG.
 記憶部32は、各種情報を記憶する記憶部であり、管理DB32aを有する。管理DB32aは、電子署名の管理を依頼された電子データに関連する情報を格納するデータベースであり、加工用データ、電子署名および補助確認情報を管理番号と対応付けて保持する。 The storage unit 32 is a storage unit that stores various types of information, and includes a management DB 32a. The management DB 32a is a database that stores information related to electronic data requested to manage an electronic signature, and holds processing data, an electronic signature, and auxiliary confirmation information in association with a management number.
 なお、図5に示した本実施例に係る署名管理装置30の構成は、本発明の要旨を逸脱しない範囲で種々に変更することができる。例えば、署名管理装置30の制御部31の機能をソフトウェアとして実装し、これをコンピュータで実行することにより、署名管理装置30と同等の機能を実現することもできる。以下に、制御部31の機能をソフトウェアとして実装した署名管理プログラム1071を実行するコンピュータの一例を示す。 The configuration of the signature management apparatus 30 according to the present embodiment shown in FIG. 5 can be variously changed without departing from the gist of the present invention. For example, a function equivalent to that of the signature management apparatus 30 can be realized by mounting the function of the control unit 31 of the signature management apparatus 30 as software and executing the function by a computer. An example of a computer that executes the signature management program 1071 in which the function of the control unit 31 is implemented as software is shown below.
 図6は、署名管理プログラム1071を実行するコンピュータ1000を示す機能ブロック図である。このコンピュータ1000は、各種演算処理を実行するCPU(Central Processing Unit)1010と、ユーザからのデータの入力を受け付ける入力装置1020と、各種情報を表示するモニタ1030と、記録媒体からプログラム等を読み取る媒体読取り装置1040と、ネットワークを介して他のコンピュータとの間でデータの授受を行うネットワークインターフェース装置1050と、各種情報を一時記憶するRAM(Random Access Memory)1060と、ハードディスク装置1070とをバス1080で接続して構成される。 FIG. 6 is a functional block diagram showing the computer 1000 that executes the signature management program 1071. The computer 1000 includes a CPU (Central Processing Unit) 1010 that executes various arithmetic processes, an input device 1020 that receives input of data from a user, a monitor 1030 that displays various information, and a medium that reads a program from a recording medium. A bus 1080 includes a reading device 1040, a network interface device 1050 that exchanges data with other computers via a network, a RAM (Random Access Memory) 1060 that temporarily stores various information, and a hard disk device 1070. Connected and configured.
 そして、ハードディスク装置1070には、図5に示した制御部31と同様の機能を有する署名管理プログラム1071と、図5に示した記憶部32に記憶される各種データに対応する署名管理用データ1072とが記憶される。なお、署名管理用データ1072を、適宜分散させ、ネットワークを介して接続された他のコンピュータに記憶させておくこともできる。 The hard disk device 1070 includes a signature management program 1071 having the same function as the control unit 31 shown in FIG. 5 and signature management data 1072 corresponding to various data stored in the storage unit 32 shown in FIG. Is memorized. The signature management data 1072 can be appropriately distributed and stored in another computer connected via a network.
 そして、CPU1010が署名管理プログラム1071をハードディスク装置1070から読み出してRAM1060に展開することにより、署名管理プログラム1071は、署名管理プロセス1061として機能するようになる。そして、署名管理プロセス1061は、署名管理用データ1072から読み出した情報等を適宜RAM1060上の自身に割り当てられた領域に展開し、この展開したデータ等に基づいて各種データ処理を実行する。 Then, when the CPU 1010 reads the signature management program 1071 from the hard disk device 1070 and develops it in the RAM 1060, the signature management program 1071 functions as the signature management process 1061. Then, the signature management process 1061 expands information read from the signature management data 1072 and the like in an area allocated to itself on the RAM 1060 as appropriate, and executes various data processing based on the expanded data.
 なお、上記の署名管理プログラム1071は、必ずしもハードディスク装置1070に格納されている必要はなく、CD-ROM等の記憶媒体に記憶されたこのプログラムを、コンピュータ1000が読み出して実行するようにしてもよい。また、公衆回線、インターネット、LAN(Local Area Network)、WAN(Wide Area Network)等を介してコンピュータ1000に接続される他のコンピュータ(またはサーバ)等にこのプログラムを記憶させておき、コンピュータ1000がこれらからプログラムを読み出して実行するようにしてもよい。 Note that the signature management program 1071 is not necessarily stored in the hard disk device 1070, and the computer 1000 may read and execute the program stored in a storage medium such as a CD-ROM. . In addition, the computer 1000 stores the program in another computer (or server) connected to the computer 1000 via a public line, the Internet, a LAN (Local Area Network), a WAN (Wide Area Network), or the like. You may make it read and run a program from these.

Claims (2)

  1.  電子データの電子署名を署名管理装置に保持させる署名管理方法であって、
     第1の端末が、第1の電子データと署名検証用鍵を前記署名管理装置へ送信する工程と、
     前記署名管理装置が、加工用データを生成する工程と、
     前記署名管理装置が、前記加工用データを用いて前記第1の電子データを加工して、第2の電子データを生成する工程と、
     前記署名管理装置が、前記第2の電子データを前記第1の端末へ送信する工程と、
     前記第1の端末が、前記第2の電子データの電子署名を作成する工程と、
     前記第1の端末が、前記電子署名を前記署名管理装置へ送信する工程と、
     前記署名管理装置が、前記電子署名の検索に用いるための管理番号を生成する工程と、
     前記署名管理装置が、前記管理番号と前記署名検証用鍵と前記電子署名と前記加工用データを対応付けて記憶手段に記憶させる工程と、
     前記署名管理装置が、前記管理番号を前記第1の端末に送信する工程と、
     第2の端末が、第3の電子データと該データに対応する管理番号を前記署名管理装置へ送信する工程と、
     前記署名管理装置が、前記第3の電子データに対応する管理番号と対応付けて記憶されている電子署名と加工用データを前記記憶手段から取得する工程と、
     前記署名管理装置が、前記記憶手段から取得された加工用データを用いて前記第3の電子データを加工して、第4の電子データを生成する工程と、
     前記署名管理装置が、前記記憶手段から取得された電子署名と前記第4の電子データを前記第2の端末へ送信する工程と、
     前記第2の端末が、前記第4の電子データに対して、前記記憶手段から取得された電子署名の正当性を、前記第3の電子データに対応する署名検証用鍵を用いて検証する工程と
     を含んだことを特徴とする署名管理方法。     A signature management method for holding a digital signature of electronic data in a signature management device,
    A first terminal transmitting first electronic data and a signature verification key to the signature management device;
    The signature management device generating processing data;
    The signature management device processing the first electronic data using the processing data to generate second electronic data; and
    The signature management device transmitting the second electronic data to the first terminal;
    The first terminal creating an electronic signature of the second electronic data;
    The first terminal transmitting the electronic signature to the signature management device;
    The signature management device generating a management number for use in searching for the electronic signature;
    The signature management apparatus storing the management number, the signature verification key, the electronic signature, and the processing data in a storage unit in association with each other;
    The signature management device transmitting the management number to the first terminal;
    A step in which the second terminal transmits third electronic data and a management number corresponding to the data to the signature management device;
    The signature management apparatus obtaining from the storage means an electronic signature and processing data stored in association with a management number corresponding to the third electronic data;
    The signature management device processing the third electronic data using the processing data acquired from the storage means to generate fourth electronic data;
    The signature management device transmitting the electronic signature acquired from the storage means and the fourth electronic data to the second terminal;
    The second terminal verifies the validity of the electronic signature acquired from the storage unit with respect to the fourth electronic data by using a signature verification key corresponding to the third electronic data. Signature management method characterized by including and.
  2.  電子データの電子署名を署名管理装置に保持させる署名管理方法であって、
     第1の端末が、第1の電子データと署名検証用鍵を前記署名管理装置へ送信する工程と、
     前記署名管理装置が、加工用データを生成する工程と、
     前記署名管理装置が、前記加工用データを用いて前記第1の電子データを加工して、第2の電子データを生成する工程と、
     前記署名管理装置が、前記第2の電子データを前記第1の端末へ送信する工程と、
     前記第1の端末が、前記第2の電子データの電子署名を作成する工程と、
     前記第1の端末が、前記電子署名を前記署名管理装置へ送信する工程と、
     前記署名管理装置が、前記電子署名の検索に用いるための管理番号を生成する工程と、
     前記署名管理装置が、前記管理番号と前記署名検証用鍵と前記電子署名と前記加工用データを対応付けて記憶手段に記憶させる工程と、
     前記署名管理装置が、前記管理番号を前記第1の端末に送信する工程と、
     第2の端末が、第3の電子データと該データに対応する管理番号および署名検証用鍵を前記署名管理装置へ送信する工程と、
     前記署名管理装置が、前記第3の電子データに対応する管理番号と対応付けて記憶されている電子署名と加工用データを前記記憶手段から取得する工程と、
     前記署名管理装置が、前記記憶手段から取得された加工用データを用いて前記第3の電子データを加工して、第4の電子データを生成する工程と、
     前記署名管理装置が、前記第4の電子データに対して、前記記憶手段から取得された電子署名の正当性を、前記第3の電子データに対応する署名検証用鍵を用いて検証する工程と、
     前記署名管理装置が、検証結果を前記第2の端末へ送信する工程と
     を含んだことを特徴とする署名管理方法。     A signature management method for holding a digital signature of electronic data in a signature management device,
    A first terminal transmitting first electronic data and a signature verification key to the signature management device;
    The signature management device generating processing data;
    The signature management device processing the first electronic data using the processing data to generate second electronic data; and
    The signature management device transmitting the second electronic data to the first terminal;
    The first terminal creating an electronic signature of the second electronic data;
    The first terminal transmitting the electronic signature to the signature management device;
    The signature management device generating a management number for use in searching for the electronic signature;
    The signature management apparatus storing the management number, the signature verification key, the electronic signature, and the processing data in a storage unit in association with each other;
    The signature management device transmitting the management number to the first terminal;
    A second terminal transmitting third electronic data, a management number corresponding to the data, and a signature verification key to the signature management device;
    The signature management apparatus obtaining from the storage means an electronic signature and processing data stored in association with a management number corresponding to the third electronic data;
    The signature management device processing the third electronic data using the processing data acquired from the storage means to generate fourth electronic data;
    The signature management device verifies the validity of the electronic signature acquired from the storage unit with respect to the fourth electronic data using a signature verification key corresponding to the third electronic data; ,
    The signature management apparatus includes a step of transmitting a verification result to the second terminal.
PCT/JP2008/055761 2008-03-26 2008-03-26 Signature management method WO2009118847A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2008/055761 WO2009118847A1 (en) 2008-03-26 2008-03-26 Signature management method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2008/055761 WO2009118847A1 (en) 2008-03-26 2008-03-26 Signature management method

Publications (1)

Publication Number Publication Date
WO2009118847A1 true WO2009118847A1 (en) 2009-10-01

Family

ID=41113088

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2008/055761 WO2009118847A1 (en) 2008-03-26 2008-03-26 Signature management method

Country Status (1)

Country Link
WO (1) WO2009118847A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383555A (en) * 2020-11-17 2021-02-19 宏图智能物流股份有限公司 Network request validity verification method in logistics network

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09311854A (en) * 1996-05-22 1997-12-02 Mitsubishi Electric Corp Signatured document communication device
JPH1020781A (en) * 1996-06-28 1998-01-23 Nippon Telegr & Teleph Corp <Ntt> Electronic signing method and certification method and device for the same
JP2003169052A (en) * 2001-11-30 2003-06-13 Hitachi Ltd Digital signature system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09311854A (en) * 1996-05-22 1997-12-02 Mitsubishi Electric Corp Signatured document communication device
JPH1020781A (en) * 1996-06-28 1998-01-23 Nippon Telegr & Teleph Corp <Ntt> Electronic signing method and certification method and device for the same
JP2003169052A (en) * 2001-11-30 2003-06-13 Hitachi Ltd Digital signature system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383555A (en) * 2020-11-17 2021-02-19 宏图智能物流股份有限公司 Network request validity verification method in logistics network
CN112383555B (en) * 2020-11-17 2022-06-03 宏图智能物流股份有限公司 Network request validity verification method in logistics network

Similar Documents

Publication Publication Date Title
CN107979590B (en) Data sharing method, client, server, computing device and storage medium
CN111164594B (en) System and method for mapping a de-centralized identity to a real entity
CN108111314B (en) Method and equipment for generating and verifying digital certificate
JP6877448B2 (en) Methods and systems for guaranteeing computer software using distributed hash tables and blockchain
US10958436B2 (en) Methods contract generator and validation server for access control of contract data in a distributed system with distributed consensus
CN108551437B (en) Method and apparatus for authenticating information
US9736146B2 (en) Embedded extrinsic source for digital certificate validation
US8707404B2 (en) System and method for transparently authenticating a user to a digital rights management entity
CN110879903A (en) Evidence storage method, evidence verification method, evidence storage device, evidence verification device, evidence storage equipment and evidence verification medium
US11223482B2 (en) Secure data exchange
JP4818664B2 (en) Device information transmission method, device information transmission device, device information transmission program
US8359473B1 (en) System and method for digital rights management using digital signatures
JP2003283491A (en) Digital signature system, digital signature processor, program and recording medium
CN113056741A (en) Profile verification based on distributed ledger
US20080109651A1 (en) System and methods for digital file management and authentication
JP4558099B1 (en) Digital data content certification system, data certification device, user terminal, computer program and method
US20100275030A1 (en) Method for ensuring the validity of recovered electronic documents from remote storage
JP2019153181A (en) Management program
KR101890584B1 (en) Method for providing certificate service based on m of n multiple signatures and server using the same
US20230206219A1 (en) Identification token, systems and methods for identification and identity verification.
US20230403154A1 (en) Verifier credential determination by a registrant
JPH1125045A (en) Access control method, its device, attribute certificate issuing device, and machine-readable recording medium
WO2020130864A1 (en) System for automatic management and depositing of documents (images) hash in block-chain technology
WO2009118847A1 (en) Signature management method
JP2008509591A (en) Transaction authentication method and transaction authentication system for protecting privacy regarding electronic transaction details

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08738949

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08738949

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP