WO2021124454A1 - Équipement de communication, dispositif d'émission de certificat, système d'émission de certificat, procédé de demande de signature de certificat, programme de demande de signature de certificat, procédé d'émission de certificat et programme d'émission de certificat - Google Patents

Équipement de communication, dispositif d'émission de certificat, système d'émission de certificat, procédé de demande de signature de certificat, programme de demande de signature de certificat, procédé d'émission de certificat et programme d'émission de certificat Download PDF

Info

Publication number
WO2021124454A1
WO2021124454A1 PCT/JP2019/049448 JP2019049448W WO2021124454A1 WO 2021124454 A1 WO2021124454 A1 WO 2021124454A1 JP 2019049448 W JP2019049448 W JP 2019049448W WO 2021124454 A1 WO2021124454 A1 WO 2021124454A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
certificate
authentication
verification
certificate issuing
Prior art date
Application number
PCT/JP2019/049448
Other languages
English (en)
Japanese (ja)
Inventor
晃由 山口
Original Assignee
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機株式会社 filed Critical 三菱電機株式会社
Priority to PCT/JP2019/049448 priority Critical patent/WO2021124454A1/fr
Publication of WO2021124454A1 publication Critical patent/WO2021124454A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • This disclosure relates to the technology for issuing certificates for communication devices.
  • the number of communication devices having a communication function such as IoT (Internet of Things) devices is increasing.
  • IoT Internet of Things
  • TLS Transport Layer Security
  • the communication device needs to obtain a certificate from the certificate issuing device.
  • the certificate issuing device needs to prevent issuing a certificate to an unauthorized communication device.
  • Patent Document 1 describes that the certificate signing request is authenticated by using the hash of the certificate signing request by the secret code of the electronic device.
  • the electronic device calculates the hash of the certificate signing request using the secret code, and transmits the certificate signing request and the hash to the rule controller.
  • the rule controller calculates the hash of the certificate signing request using the secret code of the source electronic device obtained in advance, and whether the calculated hash matches the hash sent from the electronic device. Check if.
  • An object of the present disclosure is to enable appropriate certificate issuance control while suppressing the amount of information managed by a certificate issuing device.
  • the communication equipment related to this disclosure is It is a communication device to which a device ID (Identifier) is assigned.
  • An authentication key acquisition unit that acquires an authentication key generated from the verification key held by the certificate issuing device and the device ID, and the authentication key acquisition unit. It includes a certificate signing request to which the authentication information by the authentication key acquired by the authentication key acquisition unit is attached, and a request transmission unit that transmits the device ID to the certificate issuing device.
  • the authentication information for the certificate signing request is generated by the authentication key generated from the verification key held by the certificate issuing device and the device ID. Therefore, if the certificate issuing device acquires the device ID together with the certificate signing request, the communication device can be authenticated only by managing the verification key. As a result, appropriate certificate issuance control becomes possible while suppressing the amount of information managed by the certificate issuing device.
  • FIG. 1 The block diagram of the certificate issuing system 1 which concerns on Embodiment 1.
  • FIG. The block diagram of the key management apparatus 10 which concerns on Embodiment 1.
  • FIG. The block diagram of the communication apparatus 20 which concerns on Embodiment 1.
  • FIG. The block diagram of the certificate issuing apparatus 30 which concerns on Embodiment 1.
  • FIG. The flowchart which shows the operation of the certificate issuing system 1 which concerns on Embodiment 1.
  • the explanatory view of the operation of the certificate issuing system 1 which concerns on Embodiment 1.
  • FIG. The flowchart which shows the operation of the certificate issuing system 1 which concerns on Embodiment 2.
  • the explanatory view of the operation of the certificate issuing system 1 which concerns on Embodiment 2.
  • FIG. The flowchart which shows the operation of the certificate issuing system 1 which concerns on Embodiment 3.
  • the explanatory view of the operation of the certificate issuing system 1 which concerns on Embodiment 3.
  • the certificate issuing system 1 includes a key management device 10, a communication device 20, and a certificate issuing device 30.
  • the key management device 10 is connected to the certificate issuing device 30 via a communication path 91.
  • the communication device 20 is connected to the certificate issuing device 30 via a communication path 92.
  • FIG. 1 only one communication device 20 is shown. However, there may be a plurality of communication devices 20.
  • the configuration of the key management device 10 according to the first embodiment will be described with reference to FIG.
  • the key management device 10 is a computer.
  • the key management device 10 includes hardware for a processor 11, a memory 12, a storage 13, and a communication interface 14.
  • the processor 11 is connected to other hardware via a signal line and controls these other hardware.
  • the key management device 10 includes an information acquisition unit 111, a key generation unit 112, and a key output unit 113 as functional components.
  • the functions of each functional component of the key management device 10 are realized by software.
  • the storage 13 stores a program that realizes the functions of each functional component of the key management device 10. This program is read into the memory 12 by the processor 11 and executed by the processor 11. As a result, the functions of each functional component of the key management device 10 are realized.
  • the configuration of the communication device 20 according to the first embodiment will be described with reference to FIG.
  • the communication device 20 is a computer.
  • the communication device 20 includes hardware of a processor 21, a memory 22, a storage 23, and a communication interface 24.
  • the processor 21 is connected to other hardware via a signal line and controls these other hardware.
  • the communication device 20 includes an authentication key acquisition unit 211, an authentication information generation unit 212, a request transmission unit 213, a certificate acquisition unit 214, and a communication unit 215 as functional components.
  • the functions of each functional component of the communication device 20 are realized by software.
  • the storage 23 stores a program that realizes the functions of each functional component of the communication device 20. This program is read into the memory 22 by the processor 21 and executed by the processor 21. As a result, the functions of each functional component of the communication device 20 are realized.
  • the configuration of the certificate issuing device 30 according to the first embodiment will be described with reference to FIG.
  • the certificate issuing device 30 is a computer.
  • the certificate issuing device 30 includes hardware for a processor 31, a memory 32, a storage 33, and a communication interface 34.
  • the processor 31 is connected to other hardware via a signal line and controls these other hardware.
  • the certificate issuing device 30 includes a verification key acquisition unit 311, a request acquisition unit 312, an authentication key generation unit 313, a verification unit 314, and a certificate issuing unit 315 as functional components.
  • the functions of each functional component of the certificate issuing device 30 are realized by software.
  • the storage 33 stores a program that realizes the functions of each functional component of the certificate issuing device 30. This program is read into the memory 32 by the processor 31 and executed by the processor 31. As a result, the functions of each functional component of the certificate issuing device 30 are realized.
  • Processors 11, 21, and 31 are ICs (Integrated Circuits) that perform processing. Specific examples of the processors 11, 21, 31 are a CPU (Central Processing Unit), a DSP (Digital Signal Processor), and a GPU (Graphics Processing Unit).
  • CPU Central Processing Unit
  • DSP Digital Signal Processor
  • GPU Graphics Processing Unit
  • the memories 12, 22, and 32 are storage devices that temporarily store data. Specific examples of the memories 12, 22, and 32 are SRAM (Static Random Access Memory) and DRAM (Dynamic Random Access Memory).
  • Storages 13, 23, 33 are storage devices for storing data. Specific examples of the storages 13, 23, and 33 are HDDs (Hard Disk Drives).
  • the storages 13, 23, and 33 are SD (registered trademark, Secure Digital) memory card, CF (CompactFlash, registered trademark), NAND flash, flexible disk, optical disk, compact disk, Blu-ray (registered trademark) disk, and DVD (Digital). It may be a portable recording medium such as Versail Disc).
  • Communication interfaces 14, 24, and 34 are interfaces for communicating with an external device. Specific examples of the communication interfaces 14, 24, and 34 are Ethernet (registered trademark), USB (Universal Serial Bus), and HDMI (registered trademark, High-Definition Multimedia Interface) ports.
  • the operation of the certificate issuing system 1 according to the first embodiment will be described with reference to FIGS. 5 and 6.
  • the operating procedure of the communication device 20 corresponds to the certificate signing request method according to the first embodiment.
  • the program that realizes the operation of the communication device 20 corresponds to the certificate signing request program according to the first embodiment.
  • the operating procedure of the certificate issuing device 30 corresponds to the certificate issuing method according to the first embodiment.
  • the program that realizes the operation of the certificate issuing device 30 corresponds to the certificate issuing program according to the first embodiment.
  • Step S101 of FIG. 5 Verification key generation process
  • the key generation unit 112 of the key management device 10 generates random numbers.
  • the key generation unit 112 generates a verification key from the generated random numbers.
  • the key generation unit 112 sets a random number as it is as a verification key.
  • the key output unit 113 transmits the verification key to the certificate issuing device 30 via the communication path 91.
  • the verification key acquisition unit 311 of the certificate issuing device 30 acquires the transmitted verification key.
  • the verification key acquisition unit 311 writes the verification key to the storage 33.
  • Step S102 in FIG. 5 Information acquisition process
  • the information acquisition unit 111 of the key management device 10 acquires the device ID (Identifier) assigned to the communication device 20.
  • the key registration terminal 41 is operated by a manufacturing person in a factory that manufactures the communication device 20, and the device ID is input to the key management device 10.
  • the information acquisition unit 111 acquires the input device ID.
  • Step S103 of FIG. 5 Authentication key generation process
  • the key generation unit 112 of the key management device 10 generates an authentication key from the verification key generated in step S101 and the device ID acquired in step S102.
  • the key generation unit 112 generates an authentication key by calculating a hash function with a key using the verification key as a key and the device ID as a message.
  • the key output unit 113 outputs an authentication key. In the first embodiment, the key output unit 113 transmits the authentication key to the key registration terminal 41.
  • Step S104 in FIG. 5 Authentication key acquisition process
  • the authentication key acquisition unit 211 of the communication device 20 acquires the device ID acquired in step S102 and the authentication key generated in step S103.
  • the key registration terminal 41 is operated by a manufacturing person in a factory that manufactures the communication device 20, and the device ID and the authentication key are input to the communication device 20.
  • the authentication key acquisition unit 211 acquires the input device ID and authentication key.
  • the authentication key acquisition unit 211 writes the device ID and the authentication key in the storage 23.
  • step S104 After the device ID and the authentication key are written in the storage 23 in step S104, the communication device 20 is installed at the installation location. After that, the processes after step S105 are executed.
  • Step S105 of FIG. 5 Authentication information generation process
  • the authentication information generation unit 212 of the communication device 20 generates a certificate signing request.
  • the authentication information generation unit 212 generates authentication information for the certificate signing request by using the authentication key acquired in step S104.
  • the authentication information generation unit 212 generates authentication information by calculating a hash function with a key using an authentication key as a key and a certificate signing request as a message.
  • Step S106 of FIG. 5 Request transmission process
  • the request transmission unit 213 of the communication device 20 sends the certificate signing request with the authentication information generated in step S105 and the device ID acquired in step S104 to the certificate issuing device 30 via the communication path 92. Send to.
  • Step S107 in FIG. 5 Authentication key generation process
  • the request acquisition unit 312 of the certificate issuing device 30 acquires the certificate signing request with the authentication information transmitted in step S106 and the device ID.
  • the authentication key generation unit 313 of the certificate issuing device 30 generates an authentication key from the verification key acquired in step S101 and the device ID.
  • the authentication key generation unit 313 generates the authentication key by the same method as in step S103.
  • Step S108 of FIG. 5 Verification process
  • the verification unit 314 determines whether or not the authentication information attached to the certificate signing request is valid based on the authentication key generated in step S107.
  • the verification unit 314 generates authentication information by the same method as in step S105. Then, the verification unit 314 determines whether or not the generated authentication information and the authentication information attached to the certificate signing request match, so that the authentication information attached to the certificate signing request is valid. Determine if it exists. If the authentication information is valid, the verification unit 314 proceeds to step S109. On the other hand, if the authentication information is not valid, the verification unit 314 ends the process.
  • Step S109 in FIG. 5 Certificate issuance process
  • the certificate issuing unit 315 of the certificate issuing device 30 issues a certificate.
  • the certificate issuing unit 315 transmits the issued certificate to the communication device 20 via the communication path 92.
  • the certificate acquisition unit 214 of the communication device 20 acquires the certificate and writes it in the storage 23.
  • the certificate issuing unit 315 issues a CA certificate to the application server 42 that communicates with the communication device 20.
  • Step S110 in FIG. 5 Communication processing
  • the communication unit 215 of the communication device 20 establishes a communication path with the application server 42 by using the certificate issued in step S109.
  • the communication unit 215 establishes a communication path for TLS communication.
  • the communication unit 215 communicates with the application server 42 using the established communication path.
  • the certificate issuing device 30 holds the verification key.
  • the communication device 20 holds an authentication key generated from the verification key and the device ID.
  • the communication device 20 generates authentication information for the certificate signing request by using the authentication key.
  • the communication device 20 transmits the certificate signing request with the authentication information and the device ID to the certificate issuing device 30.
  • the certificate issuing device 30 generates an authentication key from the verification key and the device ID.
  • the certificate issuing device 30 determines whether or not the authentication information is valid based on the authentication key.
  • the certificate issuing device 30 does not need to hold the key for each communication device 20, and can authenticate any communication device 20 only by holding the verification key.
  • appropriate certificate issuance control becomes possible while suppressing the amount of information managed by the certificate issuing device 30.
  • each functional component is realized by software.
  • each functional component may be realized by hardware. The difference between the first modification and the first embodiment will be described.
  • the key management device 10 includes an electronic circuit instead of the processor 11, the memory 12, and the storage 13.
  • the electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 12, and the storage 13.
  • the communication device 20 includes an electronic circuit instead of the processor 21, the memory 22, and the storage 23.
  • the electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 22, and the storage 23.
  • the certificate issuing device 30 includes an electronic circuit instead of the processor 31, the memory 32, and the storage 33.
  • the electronic circuit is a dedicated circuit that realizes the functions of each functional component, the memory 32, and the storage 33.
  • each functional component may be realized by one electronic circuit, or each functional component may be distributed and realized by a plurality of electronic circuits.
  • Modification 2> As a modification 2, some functional components may be realized by hardware, and other functional components may be realized by software.
  • Processors 11,21,31, memories 12,22,32, storages 13,23,33, and electronic circuits are called processing circuits. That is, the function of each functional component is realized by the processing circuit.
  • Embodiment 2 is different from the first embodiment in that the certificate issuing device 30 can manage a plurality of verification keys. In the second embodiment, these different points will be described, and the same points will be omitted.
  • a verification key is generated for each key ID.
  • the key ID is set for each group of the communication devices 20.
  • the group of the communication equipment 20 is set by a method in which the communication equipment 20 installed on the same floor is divided into the same group, or the communication equipment 20 of the same type is divided into the same group.
  • the key ID may be appropriately set according to the verification key, the management method of the communication device 20, and the like.
  • Step S201 of FIG. 7 Verification key generation process
  • the key generation unit 112 of the key management device 10 Similar to step S101 of FIG. 5, the key generation unit 112 of the key management device 10 generates a random number. The key generation unit 112 generates a verification key from the generated random numbers. At this time, the key generation unit 112 assigns a key ID to the verification key.
  • the key registration terminal 41 is operated by a manufacturing person in a factory that manufactures the communication device 20, and the key ID is input to the key management device 10.
  • the key generation unit 112 acquires the input key ID and assigns it to the verification key.
  • the key output unit 113 transmits the verification key and the key ID to the certificate issuing device 30 via the communication path 91.
  • the verification key acquisition unit 311 of the certificate issuing device 30 acquires the transmitted verification key and key ID.
  • the verification key acquisition unit 311 writes the verification key in association with the key ID in the storage 33.
  • Step S202 in FIG. 7 Information acquisition process
  • the information acquisition unit 111 of the key management device 10 acquires the device ID assigned to the communication device 20 and the key ID assigned to the target verification key.
  • the key registration terminal 41 is operated by a manufacturing person in a factory that manufactures the communication device 20, and the device ID and the key ID are input to the key management device 10.
  • the information acquisition unit 111 acquires the input device ID and key ID.
  • Step S203 of FIG. 7 Authentication key generation process
  • the key generation unit 112 of the key management device 10 generates an authentication key from the verification key corresponding to the key ID acquired in step S202 and the device ID acquired in step S202.
  • the key output unit 113 outputs an authentication key.
  • the key output unit 113 transmits the authentication key to the key registration terminal 41.
  • Step S204 of FIG. 7 Authentication key acquisition process
  • the authentication key acquisition unit 211 of the communication device 20 acquires the device ID and key ID acquired in step S202 and the authentication key generated in step S203.
  • the key registration terminal 41 is operated by a manufacturing person in a factory that manufactures the communication device 20, and the device ID, the key ID, and the authentication key are input to the communication device 20.
  • the authentication key acquisition unit 211 acquires the input device ID, key ID, and authentication key.
  • the authentication key acquisition unit 211 writes the device ID, the key ID, and the authentication key in the storage 23.
  • step S204 After the device ID, key ID, and authentication key are written in the storage 23 in step S204, the communication device 20 is installed at the installation location. After that, the processes after step S205 are executed.
  • step S205 of FIG. 7 is the same as the process of step S105 of FIG.
  • Step S206 of FIG. 7 Request transmission process
  • the request transmission unit 213 of the communication device 20 certificates the certificate signing request with the authentication information generated in step S205 and the device ID and key ID acquired in step S204 via the communication path 92. It is transmitted to the issuing device 30.
  • Step S207 of FIG. 7 Authentication key generation process
  • the request acquisition unit 312 of the certificate issuing device 30 acquires the certificate signing request with the authentication information transmitted in step S206, and the device ID and key ID.
  • the authentication key generation unit 313 of the certificate issuing device 30 reads out the verification key corresponding to the acquired key ID among the verification keys written in the storage 33 in step S201.
  • the authentication key generation unit 313 generates an authentication key from the read verification key and the device ID.
  • the authentication key generation unit 313 generates the authentication key by the same method as in step S203.
  • steps S208 to S210 of FIG. 7 is the same as the processing of steps S108 to S110 of FIG.
  • Embodiment 3 the process of updating the verification key will be described.
  • the points different from the second embodiment will be described, and the same points will be omitted.
  • a case where a process for updating the verification key is added to the second embodiment will be described.
  • Step S301 in FIG. 9 Designated reception process
  • the information acquisition unit 111 of the key management device 10 acquires the key ID assigned to the verification key to be updated.
  • the key registration terminal 41 is operated by a manufacturing person in a factory that manufactures the communication device 20, and the key ID is input to the key management device 10.
  • the information acquisition unit 111 acquires the input key ID.
  • Step S302 in FIG. 9 Verification key update process
  • the key generation unit 112 of the key management device 10 Similar to step S201 of FIG. 7, the key generation unit 112 of the key management device 10 generates a random number.
  • the key generation unit 112 generates a verification key from the generated random numbers.
  • the key generation unit 112 updates the verification key by replacing the verification key corresponding to the key ID acquired in step S301 with the newly generated verification key.
  • the key output unit 113 transmits the newly generated verification key and key ID to the certificate issuing device 30 via the communication path 91.
  • the verification key acquisition unit 311 of the certificate issuing device 30 acquires the transmitted verification key and key ID.
  • the verification key acquisition unit 311 updates the verification key corresponding to the key ID with the acquired verification key.
  • Step S303 in FIG. 9 Information acquisition process
  • the information acquisition unit 111 of the key management device 10 acquires the device ID of the communication device 20 in which the authentication key generated by the verification key updated in step S302 is set.
  • the key registration terminal 41 is operated by a manufacturing person in a factory that manufactures the communication device 20, and the device ID is input to the key management device 10.
  • the information acquisition unit 111 acquires the input device ID.
  • Step S304 of FIG. 9 Authentication key update process
  • the key generation unit 112 of the key management device 10 is the verification key updated in step S302, and includes the verification key corresponding to the key ID and the device ID acquired in step S303. Generate an authentication key from.
  • the key output unit 113 of the key management device 10 transmits the newly generated authentication key, device ID, and key ID to the application server 42.
  • the application server 42 has a communication path using the certificate established with the communication device 20.
  • the application server 42 acquires the authentication key, the device ID, and the key ID
  • the application server 42 transmits the authentication key and the key ID to the communication device 20 specified from the device ID via the communication path using the certificate.
  • the authentication key acquisition unit 211 of the communication device 20 acquires the transmitted authentication key and key ID.
  • the authentication key acquisition unit 211 writes the authentication key and the key ID in the storage 23.
  • the communication device 20 acquires a new authentication key from the application server 42 by communication using the certificate signed by the certificate issuing device 30. To do. As a result, when the verification key is updated after the communication device 20 is installed at the installation location, the authentication key generated by the updated verification key can be safely set in the communication device 20.
  • Certificate issuance system 10 Key management device, 11 Processor, 12 Memory, 13 Storage, 14 Communication interface, 111 Information acquisition unit, 112 Key generation unit, 113 Key output unit, 20 Communication equipment, 21 Processor, 22 Memory, 23 Storage, 24 communication interface, 211 authentication key acquisition unit, 212 authentication information generation unit, 213 request transmission unit, 214 certificate acquisition unit, 215 communication unit, 30 certificate issuing device, 31 processor, 32 memory, 33 storage, 34 communication Interface, 311 verification key acquisition unit, 312 request acquisition unit, 313 authentication key generation unit, 314 verification unit, 315 certificate issuance unit, 41 key registration terminal, 42 application server, 91 communication path, 92 communication path.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Un dispositif de gestion de clé (10) génère une clé de vérification et, dans le même temps, génère une clé d'authentification à partir de la clé de vérification, ainsi qu'un identifiant d'équipement (ID) attribué à un équipement de communication (20). La clé de vérification est transférée à un dispositif d'émission de certificat (30), tandis que la clé d'authentification est transférée à l'équipement de communication (20). L'équipement de communication (20) transmet, au dispositif d'émission de certificat (30), à la fois l'identifiant d'équipement et une demande de signature de certificat à laquelle sont rattachées les informations d'authentification fournies par la clé d'authentification. Le dispositif d'émission de certificat (30) génère une clé d'authentification à partir de la clé de vérification et de l'ID d'équipement qui a été transmis conjointement avec la demande de signature de certificat, puis détermine, à l'aide de la clé d'authentification, si les informations d'authentification sont valides ou non. Lorsqu'il est déterminé que les informations d'authentification sont valides, le dispositif d'émission de certificat (30) émet un certificat.
PCT/JP2019/049448 2019-12-17 2019-12-17 Équipement de communication, dispositif d'émission de certificat, système d'émission de certificat, procédé de demande de signature de certificat, programme de demande de signature de certificat, procédé d'émission de certificat et programme d'émission de certificat WO2021124454A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/049448 WO2021124454A1 (fr) 2019-12-17 2019-12-17 Équipement de communication, dispositif d'émission de certificat, système d'émission de certificat, procédé de demande de signature de certificat, programme de demande de signature de certificat, procédé d'émission de certificat et programme d'émission de certificat

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/049448 WO2021124454A1 (fr) 2019-12-17 2019-12-17 Équipement de communication, dispositif d'émission de certificat, système d'émission de certificat, procédé de demande de signature de certificat, programme de demande de signature de certificat, procédé d'émission de certificat et programme d'émission de certificat

Publications (1)

Publication Number Publication Date
WO2021124454A1 true WO2021124454A1 (fr) 2021-06-24

Family

ID=76477324

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/049448 WO2021124454A1 (fr) 2019-12-17 2019-12-17 Équipement de communication, dispositif d'émission de certificat, système d'émission de certificat, procédé de demande de signature de certificat, programme de demande de signature de certificat, procédé d'émission de certificat et programme d'émission de certificat

Country Status (1)

Country Link
WO (1) WO2021124454A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014053675A (ja) * 2012-09-05 2014-03-20 Sony Corp セキュリティチップ、プログラム、情報処理装置及び情報処理システム
JP2016531516A (ja) * 2013-08-19 2016-10-06 スマートガード エルエルシーSmartguard,Llc 電子装置上への暗号化イネーブルソフトウェアの安全なインストール
WO2017022821A1 (fr) * 2015-08-05 2017-02-09 Kddi株式会社 Dispositif de gestion, système de gestion, dispositif de génération de clé, système de génération de clé, système de gestion de clé, véhicule, procédé de gestion, procédé de génération de clé et programme informatique
JP2018014629A (ja) * 2016-07-21 2018-01-25 Kddi株式会社 通信システム、通信装置、通信方法、及びプログラム

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014053675A (ja) * 2012-09-05 2014-03-20 Sony Corp セキュリティチップ、プログラム、情報処理装置及び情報処理システム
JP2016531516A (ja) * 2013-08-19 2016-10-06 スマートガード エルエルシーSmartguard,Llc 電子装置上への暗号化イネーブルソフトウェアの安全なインストール
WO2017022821A1 (fr) * 2015-08-05 2017-02-09 Kddi株式会社 Dispositif de gestion, système de gestion, dispositif de génération de clé, système de génération de clé, système de gestion de clé, véhicule, procédé de gestion, procédé de génération de clé et programme informatique
JP2018014629A (ja) * 2016-07-21 2018-01-25 Kddi株式会社 通信システム、通信装置、通信方法、及びプログラム

Similar Documents

Publication Publication Date Title
US11115418B2 (en) Registration and authorization method device and system
US9054880B2 (en) Information processing device, controller, key issuing authority, method for judging revocation list validity, and key issuing method
US20210083856A1 (en) Improved hardware security module management
CN102904927B (zh) 具有时间相关证书的分布式计算机系统
US11082214B2 (en) Key generation apparatus and key update method
US20070044160A1 (en) Program, computer, and data processing method
US11533184B2 (en) Method and apparatus for online and offline generation of unique digital certificates
US20150222632A1 (en) Unauthorized device detection method, unauthorized device detection server, and unauthorized device detection system
US20170180338A1 (en) Management apparatus, computer program product, system, device, method, information processing apparatus, and server
US20120239937A1 (en) Information processing device, computer program product, and access control system
JP5848685B2 (ja) ストレージシステム
WO2021124454A1 (fr) Équipement de communication, dispositif d'émission de certificat, système d'émission de certificat, procédé de demande de signature de certificat, programme de demande de signature de certificat, procédé d'émission de certificat et programme d'émission de certificat
CN116578997A (zh) 用于在固件更新之后保留装置身份标识的系统和方法
JP2014041583A (ja) ストレージシステム
JP2012033000A (ja) メモリ装置、ホスト装置、サーバ装置、認証システム、および認証方法
JP2014041582A (ja) ストレージシステム
US20210194705A1 (en) Certificate generation method
JP2024507531A (ja) デジタルデバイスのためのトラステッドコンピューティング
WO2020012677A1 (fr) Système d'émission de certificat, dispositif demandeur, procédé d'émission de certificat, et programme d'émission de certificat
JP4860648B2 (ja) 債権管理システム、債権管理方法および債権管理プログラム
US10498722B2 (en) Methods and apparatus to issue digital certificates
CN114024678A (zh) 一种信息处理方法及系统、相关装置
CN112861108B (zh) 一种联盟链数据处理方法及系统
US11539532B2 (en) Compiling a signature
WO2024202621A1 (fr) Procédé de détermination de révocation, procédé de création de liste de révocation de certificats, programme, système de détermination de révocation et système de création de liste de révocation de certificats

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19956982

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19956982

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP