JP2000059353A - Data storage system, data storage method and its program recording medium - Google Patents
Data storage system, data storage method and its program recording mediumInfo
- Publication number
- JP2000059353A JP2000059353A JP10225959A JP22595998A JP2000059353A JP 2000059353 A JP2000059353 A JP 2000059353A JP 10225959 A JP10225959 A JP 10225959A JP 22595998 A JP22595998 A JP 22595998A JP 2000059353 A JP2000059353 A JP 2000059353A
- Authority
- JP
- Japan
- Prior art keywords
- storage
- data
- electronic signature
- key
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
Description
【0001】[0001]
【発明の属する技術分野】この発明は保管利用者が保管
システムにデータを保管し、参照利用者がそのデータを
参照するデータ保管システム、保管方法及びそのプログ
ラム記録媒体に関するものである。BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a data storage system in which a storage user stores data in a storage system, and a reference user refers to the data, a storage method, and a program recording medium.
【0002】[0002]
【従来の技術】一般に蓄積したデータに対する不正(盗
聴/改竄(かいざん)など)の脅威を防御する方法とし
て、秘匿のために暗号化して保管したり原本とデジタル
署名を対応付けて保管し改竄を検知できるようにして保
管する方法が広く知られている。そこで用いられる秘匿
暗号としては米国のDESやRSA暗号や日本のFEA
LやMISTY暗号が製品として知られており電子署名
を実現する暗号技術としては米国ではDSAやRSA、
日本ではESIGNなどが知られるところとなってい
る。2. Description of the Related Art Generally, as a method of protecting against the threat of fraud (eavesdropping / falsification, etc.) on stored data, encryption and storage for confidentiality or storage by associating an original with a digital signature to prevent tampering. Methods of storing in a detectable manner are widely known. As the secret encryption used there, DES and RSA encryption in the United States and FEA in Japan
L and MISTY encryption are known as products, and as encryption technology for realizing an electronic signature, DSA, RSA,
In Japan, ESIGN etc. are known.
【0003】また、改竄・なりすまし検知の方式では公
開暗号方式を用い、電子署名作成鍵として秘密鍵が、電
子署名検証鍵として公開鍵が用いられる。そして正しい
公開鍵を保管あるいは配布するために認証システム(C
Aと呼ばれる)という第3者機関が用いられ、その発行
する公開鍵証明証を用いる通信方式が広く知られてい
る。一方でCAに格納された公開鍵(電子署名検証鍵)
は一般に公開されているため第3者から公開鍵(電子署
名検証鍵)をもとに秘密鍵(電子署名作成鍵)が解読さ
れる脅威にさらされており有効期限が設定されているの
が一般である。また秘密鍵を失ったり公開鍵が解読され
たりした場合にCAが保持している公開鍵を無効化する
という手続きがなされる。公開暗号方式を利用する場
合、有効期限が過ぎたり無効化された公開鍵は電子署名
の検証という処理はできてもその検証結果は信頼できな
いものとみなされる。また電子署名を作成するための秘
密鍵は秘匿する必要があり、外部から内部の情報が検索
できないような秘密鍵格納用のICカードなどの専用装
置が用いられている。[0003] In the tampering / spoofing detection method, a public encryption method is used, and a secret key is used as a digital signature creation key, and a public key is used as a digital signature verification key. Then, in order to store or distribute the correct public key, the authentication system (C
A) is used, and a communication method using a public key certificate issued by the third party is widely known. On the other hand, the public key (digital signature verification key) stored in the CA
Is open to the public, it is exposed to the threat of a private key (digital signature creation key) being decrypted based on the public key (digital signature verification key) by a third party, and the expiration date is set. General. Further, when the private key is lost or the public key is decrypted, a procedure for invalidating the public key held by the CA is performed. When a public encryption method is used, a public key whose expiration date has expired or has been revoked can be verified as a digital signature, but the verification result is regarded as unreliable. In addition, a secret key for creating an electronic signature needs to be kept secret, and a dedicated device such as an IC card for storing a secret key is used, so that internal information cannot be retrieved from the outside.
【0004】図7は利用者がデータ保管システムにデー
タの保管を行うときおよびデータを参照するときの従来
の装置構成を示しており、図8は利用者端末と保管サー
バでのデータ保管時の処理フローを示しており、図9は
利用者端末と保管サーバでのデータ参照時の処理フロー
を示している。従来技術では、まず利用者がデータを保
管するとき、保管利用者端末16上で少なくとも利用者
の電子署名作成鍵19と保管したいデータ2を元に電子
署名作成手段18を用いて電子署名3を作成し(STE
P1)、それらデータ2と電子署名3を含む受信データ
1を作成し通信手段17によってデータ保管システム4
へ送信する(STEP2)。FIG. 7 shows a conventional apparatus configuration when a user stores data in a data storage system and refers to the data. FIG. 8 shows a state in which data is stored in a user terminal and a storage server. FIG. 9 shows a processing flow when the user terminal and the storage server refer to data. In the prior art, when a user first saves data, the electronic signature 3 is created on the storage user terminal 16 using the electronic signature creation means 18 based on at least the user's electronic signature creation key 19 and the data 2 to be saved. Create (STE
P1), the received data 1 including the data 2 and the electronic signature 3 is created, and the data storage system 4 is
(STEP 2).
【0005】データ保管システム4がその保管利用者の
データ2を保管するとき、少なくとも保管しようとする
データ2と保管利用者により付与された電子署名3を含
む受信データ1を通信手段6によって受信したデータ保
管サーバ5は(STEP3)、受信したデータ2および
3と公開鍵取得手段7を用いて、認証システム25から
取得した正しい保管利用者の公開鍵8をもとに電子署名
検証手段9によりデータが改竄されていないことを確認
する(STEP4)。改竄されていないことを確認した
後、データ蓄積装置アクセス手段10を用いてデータ蓄
積装置11に保管データ2と電子署名3との関連が判る
ようにデータ対12として保管する(STEP5)。When the data storage system 4 stores the data 2 of the storage user, the communication means 6 receives at least the received data 1 including the data 2 to be stored and the electronic signature 3 given by the storage user. The data archiving server 5 (STEP 3) uses the received data 2 and 3 and the public key acquisition means 7 to authenticate the data by the electronic signature verification means 9 based on the public key 8 of the correct storage user acquired from the authentication system 25. Is not altered (STEP 4). After confirming that the data has not been tampered with, the data storage device 11 uses the data storage device access means 10 to store the data in the data storage device 11 as a data pair 12 so that the relationship between the storage data 2 and the electronic signature 3 can be recognized (STEP 5).
【0006】一方保管したデータを参照利用者が参照す
るときには、データ保管システム4は、通信手段6によ
りデータ参照要求を受け付け(STEP6)、データ蓄
積装置アクセス手段10を用いて保管データ対12をデ
ータ蓄積装置11から読み出す(STEP7)。そして
データ対12の保管データと電子署名および公開鍵取得
手段7を用いて認証システム25から取得した正しい保
管利用者の公開鍵8をもとに電子署名検証手段9により
保管期間中にデータが改竄されていないことを確認する
(STEP8)。確認後、参照利用者端末20に少なく
とも保管データ13と保管していた電子署名14を含ん
だ送信データ15として参照利用者端末20へ送信する
(STEP9)。そして参照利用者端末20は保管利用
者の電子署名14を含んだ電子データ15を保管システ
ム4から受信し(STEP10)、電子署名取得手段2
4によりその時の保管利用者の正しい電子署名検証鍵2
3を取得して(STEP11)、電子署名検証手段22
により受信したデータ対13と14に改竄がないことを
検証する(STEP12)。この検証で合格になれば正
しいデータが参照できたことになる。On the other hand, when the reference user refers to the stored data, the data storage system 4 accepts a data reference request by the communication means 6 (STEP 6), and stores the stored data pair 12 by using the data storage device access means 10. The data is read from the storage device 11 (STEP 7). Then, based on the stored data of the data pair 12, the electronic signature and the public key 8 of the correct storage user obtained from the authentication system 25 using the public key obtaining means 7, the data is altered during the storage period by the electronic signature verification means 9 based on the correct storage user's public key 8. Confirm that it has not been performed (STEP 8). After the confirmation, the data is transmitted to the reference user terminal 20 as transmission data 15 including at least the storage data 13 and the electronic signature 14 stored in the reference user terminal 20 (STEP 9). Then, the reference user terminal 20 receives the electronic data 15 including the digital signature 14 of the storage user from the storage system 4 (STEP 10), and obtains the electronic signature acquisition means 2.
4, the correct digital signature verification key 2 of the storage user at that time
3 (STEP 11), and the digital signature verification unit 22
Verify that the data pairs 13 and 14 received are not falsified (STEP 12). If this verification passes, the correct data can be referred to.
【0007】[0007]
【発明が解決しようとする課題】今、データを保管する
利用者Aとデータを参照する利用者Bを考える。従来の
データ保管システムでは、利用者Aが予め付与した電子
署名を保管データと共に保管しておき利用者Bが参照し
たときにはその保管データと電子署名を利用者Bが検証
する必要がある。このとき利用者Bは、異なる複数の利
用者が保管したデータを参照する時、保管した人数分の
公開鍵を取得しなければならない。そのため保管した利
用者が多いほど取得しなければならない公開鍵の数が多
くなるという問題がある。Now, consider a user A who stores data and a user B who refers to the data. In the conventional data storage system, it is necessary for the user B to store the electronic signature given by the user A in advance together with the storage data and to verify the stored data and the electronic signature when the user B refers to the electronic signature. At this time, when referring to data stored by a plurality of different users, the user B must obtain the public keys for the number of stored users. Therefore, there is a problem that the number of public keys that must be acquired increases as the number of stored users increases.
【0008】また、長期にわたり保管システムに保管し
てある場合には電子署名を検証するために必要な公開鍵
の有効期限が切れていたり、利用者から無効化されてい
たりして検証結果が信用できなくなるという問題があっ
た。以上のように、電子署名を用いたデータ保管を行う
ためにはデータを保管した利用者とは無関係なそして有
効期限の影響を受けないデータの改竄検知方法を要す
る。[0008] Further, when the digital signature is stored in the storage system for a long period of time, the public key required to verify the electronic signature has expired or has been revoked by the user, and the verification result is not reliable. There was a problem that it became impossible. As described above, in order to perform data storage using an electronic signature, a data tampering detection method that is irrelevant to the user who stored the data and that is not affected by the expiration date is required.
【0009】この発明は、上記に鑑みてなされたもの
で、その目的とするところは、参照する利用者に多数の
公開鍵を必要とさせず、公開鍵の有効期限切れや無効化
による検証結果の信頼性の低下を防ぐデータの保管方法
を提供することにある。[0009] The present invention has been made in view of the above, and an object of the present invention is to prevent a user to refer to from requiring a large number of public keys, and to provide a verification result by expiration or invalidation of a public key. An object of the present invention is to provide a method for storing data that prevents a decrease in reliability.
【0010】[0010]
【課題を解決するための手段】上記目的を達成するた
め、この発明のデータ保管システムは鍵対の格納手段と
して電子署名作成鍵と検証鍵の両方を生成する手段と、
電子署名作成手段と電子署名検証手段を有し、生成した
鍵対(電子署名作成鍵と電子署名検証鍵)を内部に保持
する。そして署名作成鍵で入力データの電子署名を生成
出力する。また内部に保持したままの電子署名検証鍵は
入力されたデータとそれに対応する電子署名を検証し検
証結果を装置外部に出力する。In order to achieve the above object, a data storage system according to the present invention comprises: means for generating both a digital signature creation key and a verification key as a key pair storage means;
It has an electronic signature creating means and an electronic signature verifying means, and holds therein a generated key pair (an electronic signature creating key and an electronic signature verification key). Then, an electronic signature of the input data is generated and output using the signature creation key. The digital signature verification key retained inside verifies the input data and the corresponding digital signature and outputs the verification result to the outside of the device.
【0011】また、この発明のデータ保管システムは、
従来のデータ保管システムに加えて、データ保管サーバ
に通信用の電子署名作成鍵と保管用の電子署名作成鍵を
別に有し、少なくとも保管用の電子署名鍵対は外部に公
開しない鍵対の格納手段を有する。さらに、この発明の
データ保管方法はこの発明のデータ保管システムにおい
て、保管データに対して保管利用者端末が付与した電子
署名に加えて、保管サーバの保管用電子署名(これは保
管データと利用者端末が作成付与した電子署名を合わせ
たものに対して作成される)を付与して保管し、保管デ
ータ参照時には保管用の電子署名を上記の鍵対格納手段
内で検証し、保管データに改竄がないことを確認後、保
管用の電子署名のかわりに保管サーバで特定された通信
用電子署名を上記の鍵対格納手段内で作成して付与し参
照利用者端末に送信する。[0011] Further, the data storage system of the present invention comprises:
In addition to the conventional data storage system, the data storage server has a communication digital signature generation key and a storage digital signature generation key separately, and at least the storage digital signature key pair is not stored to the outside. Having means. Further, in the data storage method of the present invention, in the data storage system of the present invention, in addition to the electronic signature given by the storage user terminal to the storage data, a storage electronic signature of the storage server (this is the storage data and the user A digital signature created by the terminal is added to the combined digital signature) and stored. When referring to the stored data, the digital signature for storage is verified in the above key pair storage means, and the stored data is altered. After confirming that there is no electronic signature for storage, an electronic signature for communication specified by the storage server is created and given in the key pair storage means instead of the electronic signature for storage, and transmitted to the reference user terminal.
【0012】またさらに、この発明のデータ保管方法で
は参照利用者端末はデータ保管システムから受信したメ
ッセージをデータ保管システムで定められた通信用検証
鍵(公開鍵)を認証システムから取得してデータ保管シ
ステムの通信用電子署名を検証する。 (作用)以上のようにこの発明のデータ保管方法では利
用者端末がデータを保管する時に自分の電子署名を付与
してデータ保管システムに送信する。Further, in the data storage method of the present invention, the reference user terminal obtains a message received from the data storage system, obtains a communication verification key (public key) determined by the data storage system from the authentication system, and stores the data. Verifies the electronic signature for communication of the system. (Operation) As described above, in the data storage method of the present invention, when a user terminal stores data, the user terminal adds his / her own electronic signature and transmits the data to the data storage system.
【0013】データ保管サーバは、受け取ったデータに
改竄がないことを保管利用者の電子署名検証鍵により検
証し、予め外部に出力されないように作成された電子署
名作成鍵により作成された電子署名を付与して蓄積装置
に保管する。利用者端末が保管データを参照する時に保
管サーバは、予め外部に出力されないように鍵対格納手
段内に作成された電子署名検証鍵によりその保管用の電
子署名を検証し、保管データに改竄がないことを確認
後、保管サーバで定められた通信用電子署名を保管デー
タと保管利用者の電子署名の全体に対し付与して送信す
る。The data storage server verifies that the received data has not been tampered with the storage user's electronic signature verification key, and stores the electronic signature generated with the electronic signature generation key generated in advance so as not to be output to the outside. And store it in the storage device. When the user terminal refers to the storage data, the storage server verifies the storage electronic signature with the electronic signature verification key created in the key pair storage means so that the storage data is not output to the outside in advance. After confirming that there is no digital signature for communication, the digital signature for communication determined by the storage server is added to the entire storage data and the digital signature of the storage user and transmitted.
【0014】参照した利用者端末は、データ保管システ
ムからの通信途中の改竄を検出するためにデータ保管サ
ーバの通信用電子署名のみを検証することで通信途中の
改竄の有無を確認する。The referenced user terminal verifies only the communication electronic signature of the data storage server to detect tampering during communication by detecting tampering during communication from the data storage system.
【0015】[0015]
【発明の実施の形態】以下、図面を用いてこの発明の実
施例を説明する。図1はこの発明の実施例を示す。デー
タを保管しようとする利用者の端末31は電子署名を作
成するための関数演算を行う署名作成手段32、電子署
名を作成するための秘密鍵33、データ保管サーバとの
通信手段34を備えている。データ保管システム38が
受信するデータ35は保管しようとするデータの実態で
ある保管データ36と、通信時の改竄を検知するために
保管利用者端末31がデータ36に対して作成した電子
署名37からなる。データ保管システム38は、データ
保管サーバ39、電子署名装置47、データ蓄積装置5
4を備え、データ保管サーバ39はデータ保管サーバ3
9が外部と通信するための通信手段40、公開鍵取得手
段41、保管利用者の公開鍵42、電子署名検証手段4
3、電子署名付与手段44、この署名付与手段44が電
子署名を作成するときに利用される電子署名装置47へ
のアクセス手段45、データ蓄積装置アクセス手段46
を備えている。保管用鍵対の格納手段としての電子署名
装置47は、この電子署名装置47内に予め格納された
電子署名検証手段48、電子署名装置47の中で保持す
る電子署名作成鍵を用いた電子署名作成手段49、鍵対
(電子署名作成鍵と電子署名検証鍵)の生成手段50を
備え、データ保管サーバの通信用電子署名の作成鍵5
1、データ保管サーバの保管用電子署名の作成鍵52、
データ保管サーバの保管用電子署名の検証鍵53を有す
る。データ蓄積装置54はデータ蓄積装置54に蓄積さ
れたデータ群(少なくとも保管データと保管利用者電子
署名と保管サーバ電子署名からなる)55を有し、デー
タ群55は保管データ36に対応する保管データ56、
データ56の保管要求者の電子署名57、保管サーバ3
9が電子署名装置47を用いて作成した保管用電子署名
58よりなる。データ保管システム38が送信するデー
タ59は利用者端末が保管依頼したデータ60、保管利
用者がデータ60に付与した電子署名61、通信時の改
竄を検知するためにデータ保管サーバ39がデータ60
と61を含んだ送信データ全体に対して作成した電子署
名62よりなる。参照利用者の端末63は電子署名検証
手段64、公開鍵取得手段65、データ保管サーバが付
与した通信用電子署名62を検証するための電子署名検
証鍵66、通信手段67を備える。保管利用者および参
照利用者およびデータ保管サーバの公開鍵証明証は認証
システム68に保管されている。Embodiments of the present invention will be described below with reference to the drawings. FIG. 1 shows an embodiment of the present invention. The terminal 31 of a user who wants to store data includes a signature creating unit 32 for performing a function operation for creating an electronic signature, a secret key 33 for creating an electronic signature, and a communication unit 34 for communicating with a data storage server. I have. The data 35 received by the data storage system 38 is composed of stored data 36, which is the actual state of the data to be stored, and an electronic signature 37 created by the storage user terminal 31 for the data 36 in order to detect falsification during communication. Become. The data storage system 38 includes a data storage server 39, an electronic signature device 47, and a data storage device 5.
4 and the data storage server 39 is the data storage server 3
9 is a communication means 40 for communicating with the outside, a public key obtaining means 41, a public key 42 of a storage user, and a digital signature verifying means 4.
3. Electronic signature attaching means 44, access means 45 to an electronic signature device 47 used when the signature applying means 44 creates an electronic signature, and data storage device access means 46
It has. An electronic signature device 47 as a storage unit of the storage key pair includes an electronic signature verification unit 48 stored in advance in the electronic signature device 47, and an electronic signature using an electronic signature creation key held in the electronic signature device 47. A generating unit 49, a generating unit 50 for generating a key pair (an electronic signature generating key and an electronic signature verification key);
1. a key 52 for creating a digital signature for storage of a data storage server;
It has a verification key 53 for a storage electronic signature of the data storage server. The data storage device 54 has a data group (at least consisting of storage data, a storage user's digital signature, and a storage server digital signature) 55 stored in the data storage device 54, and the data group 55 is storage data corresponding to the storage data 36. 56,
Electronic signature 57 of the storage requester of data 56, storage server 3
Reference numeral 9 denotes a storage electronic signature 58 created using the electronic signature device 47. The data 59 transmitted by the data storage system 38 is the data 60 requested by the user terminal for storage, the electronic signature 61 given to the data 60 by the storage user, and the data storage server 39 for detecting tampering during communication.
, And an electronic signature 62 created for the entire transmission data including the data 61. The reference user terminal 63 includes an electronic signature verification unit 64, a public key acquisition unit 65, an electronic signature verification key 66 for verifying the communication electronic signature 62 given by the data storage server, and a communication unit 67. The public key certificates of the storage user, the reference user and the data storage server are stored in the authentication system 68.
【0016】次に図2を参照してデータ保管時の処理手
順を説明する。今、利用者がデータを保管する場合を考
える。その利用者の保管利用者端末31は、保管データ
36と電子署名作成鍵33を用いて電子署名作成手段3
2により電子署名37を作成する(STEP21)。そ
して少なくとも保管データ36と電子署名37を組み合
わせてデータ保管システム38で解釈できる形式のデー
タ35として通信手段34を用いてデータ保管システム
38に送信する。データ保管サーバ39は通信手段40
を通してデータ35を受信し(STEP23)、通信中
のデータの完全性を確認するために、公開鍵取得手段4
1により取得した保管利用者端末31の公開鍵42と受
信したデータ36および37を入力として電子署名検証
手段43により検証する(STEP24)。この検証は
問題がないことを確認した後、少なくとも保管データ3
6と保管利用者の電子署名37を入力として電子署名付
与手段44により保管用電子署名を作成指示し、電子署
名付与手段44は電子署名装置アクセス手段45により
電子署名装置47に保管用の電子署名を作成指示する
(STEP25)。Next, a processing procedure at the time of data storage will be described with reference to FIG. Now, consider a case where a user stores data. The storage user terminal 31 of the user uses the storage data 36 and the digital signature generation key 33 to store the digital signature.
Then, an electronic signature 37 is created according to Step 2 (STEP 21). Then, at least the storage data 36 and the electronic signature 37 are combined and transmitted to the data storage system 38 using the communication means 34 as data 35 in a format that can be interpreted by the data storage system 38. The data storage server 39 is a communication unit 40
To receive the data 35 (STEP 23), and to confirm the integrity of the data being communicated,
Using the public key 42 of the storage user terminal 31 obtained in step 1 and the received data 36 and 37 as input, the electronic signature verification unit 43 verifies the public key 42 (STEP 24). This verification confirms that there is no problem, and at least stores data 3
6 and the electronic signature 37 of the storage user as input, an instruction to create an electronic signature for storage is issued by the electronic signature applying means 44, and the electronic signature applying means 44 sends the electronic signature for storage to the electronic signature device 47 by the electronic signature device access means 45. (STEP 25).
【0017】電子署名装置47は、入力された指示に従
い保管用電子署名作成鍵52を選択する(STEP2
6)。入力されたデータに対して電子署名作成手段49
は、鍵対生成手段50により予め作成された保管用電子
署名作成鍵52を用いて保管用電子署名を作成する(S
TEP27)。作成した電子署名を呼出元の電子署名装
置アクセス手段45に返却する(STEP28)。The electronic signature device 47 selects the storage electronic signature creation key 52 according to the input instruction (STEP 2).
6). Electronic signature creation means 49 for input data
Creates a storage electronic signature using the storage electronic signature creation key 52 created in advance by the key pair generation means 50 (S
TEP27). The created electronic signature is returned to the electronic signature device access means 45 of the caller (STEP 28).
【0018】データ保管サーバ39は、電子署名装置4
7から返却された保管用電子署名58を保管データ56
と保管利用者署名57と対応付けてデータ群55として
データ蓄積装置アクセス手段46によりデータ蓄積装置
54に格納する(STEP29)。次に図3乃至図6を
参照してデータ参照時の処理手順を説明する。The data storage server 39 includes the electronic signature device 4
7 is stored in the storage data 56.
The data group 55 is stored in the data storage device 54 by the data storage device access means 46 in association with the storage user signature 57 (STEP 29). Next, a processing procedure at the time of data reference will be described with reference to FIGS.
【0019】今、利用者がすでに保管されているデータ
56を参照する場合を考える。図3に示すようにデータ
保管サーバ39は、参照利用者端末63から参照要求を
受け取る(STEP30)。それから蓄積装置アクセス
手段46を用い参照要求に指定されたデータ56を含む
データ群55を読み込む(STEP31)。読み込んだ
データ群55に改竄がないことを検証するため電子署名
装置アクセス手段45により電子署名装置47に検証依
頼する(STEP32)。Now, consider a case where the user refers to data 56 already stored. As shown in FIG. 3, the data storage server 39 receives a reference request from the reference user terminal 63 (STEP 30). Then, the data group 55 including the data 56 specified in the reference request is read using the storage device access means 46 (STEP 31). In order to verify that the read data group 55 has not been tampered with, the digital signature device access unit 45 requests the digital signature device 47 to perform verification (STEP 32).
【0020】電子署名装置47は、図4に示すように入
力指示に従って鍵対生成手段50により予め作成された
保管用電子署名検証鍵53を選択する(STEP3
3)。入力されたデータ55と保管用電子署名の検証鍵
53と電子署名検証手段48を用いて検証する(STE
P34)。その検証結果(OKまたはNG)を電子署名
装置アクセス手段45に返却する(STEP35)。The electronic signature device 47 selects the storage electronic signature verification key 53 created in advance by the key pair generation means 50 according to the input instruction as shown in FIG. 4 (STEP 3).
3). The verification is performed using the input data 55, the verification key 53 of the storage digital signature, and the digital signature verification unit 48 (STE
P34). The verification result (OK or NG) is returned to the electronic signature device access means 45 (STEP 35).
【0021】データ保管サーバ39は、電子署名装置4
7からの返却値がOKであることを確認した後、図3に
示すように保管データ56と保管利用者の電子署名57
を電子署名付与手段44により電子署名装置47に対し
通信用電子署名の作成要求をする(STEP36)。電
子署名装置47は、入力指示に従って鍵対生成手段50
により予め作成された通信用電子署名作成鍵51を選択
する(図4STEP37)。入力されたデータに対して
通信用電子署名作成鍵51を用いて電子署名作成手段4
9で通信用電子署名62を作成しそれを電子署名装置ア
クセス手段45に返却する(STEP38)。The data storage server 39 includes the electronic signature device 4
After confirming that the return value from the storage 7 is OK, the storage data 56 and the electronic signature 57 of the storage user are displayed as shown in FIG.
Is requested by the electronic signature providing means 44 to the electronic signature device 47 (STEP 36). The electronic signature device 47 performs the key pair generation means 50 according to the input instruction.
(Step 37 in FIG. 4). An electronic signature creating means 4 using the communication electronic signature creation key 51 for the input data.
In step 9, a communication digital signature 62 is created and returned to the electronic signature device access means 45 (STEP 38).
【0022】データ保管サーバ39は、図3に示すよう
に保管用電子署名58の代わりにSTEP38で返却さ
れた保管サーバの通信用電子署名62を付与し、データ
群59として通信手段40によりデータ参照利用者端末
63に送信する(STEP39)。データ参照利用者端
末63は、図5に示すように通信手段67によりデータ
群59を受信し(STEP40)、その後データ保管サ
ーバの正しい電子署名検証鍵66を公開鍵取得手段65
により認証システム68から取得し(STEP41)、
受信したデータ群59に改竄がないことを電子署名検証
手段64を用いて通信用電子署名62を検証する(ST
EP42)。このとき、受信したデータ59は図6に示
すような関係を保持しており、通信用電子署名62は保
管データ60と保管利用者の電子署名61の正しい関係
を保持したまま作成されているためSTEP42の検証
結果がOKであることは保管利用者の電子署名61の検
証結果がOKであることも意味しており、取得したデー
タ60が保管利用者端末が保管したデータと同一である
ことも同時に検証したことを意味する。The data storage server 39 adds the electronic signature 62 for communication of the storage server returned in STEP 38 instead of the electronic signature 58 for storage as shown in FIG. The data is transmitted to the user terminal 63 (STEP 39). The data reference user terminal 63 receives the data group 59 by the communication means 67 as shown in FIG. 5 (STEP 40), and then sends the correct electronic signature verification key 66 of the data storage server to the public key acquisition means 65.
Is obtained from the authentication system 68 (STEP 41).
The electronic signature for communication 62 is verified using the electronic signature verification means 64 to verify that the received data group 59 is not falsified (ST).
EP42). At this time, the received data 59 holds the relationship shown in FIG. 6, and the communication digital signature 62 is created while maintaining the correct relationship between the storage data 60 and the storage user's digital signature 61. The fact that the verification result of STEP 42 is OK also means that the verification result of the electronic signature 61 of the storage user is OK, and that the acquired data 60 is the same as the data stored by the storage user terminal. It means that they were verified at the same time.
【0023】この実施例では、保管用の電子署名作成手
段および検証手段として公開鍵暗号方式の鍵対を用いて
説明したが、保管用電子署名の作成および検証手段とし
ては共通鍵暗号方式による鍵を利用しても同様の効果を
得ることができる。またデータ保管システムでの各処理
はコンピュータがプログラムを解読実行することにより
行わせることもできる。In this embodiment, the description has been made using the key pair of the public key cryptosystem as the storage electronic signature creating means and the verification means. The same effect can be obtained by using Further, each processing in the data storage system can be performed by a computer decoding and executing a program.
【0024】[0024]
【発明の効果】以上説明したように、この発明によれば
保管した利用者の数が多数になっても参照する利用者が
必要とする公開鍵はデータ保管サーバの公開鍵のみであ
り、その通信データの改竄検証を行うだけで同時に参照
したデータとそれが保管されたときのデータとの同一性
を確認できる。同時に、必要とする公開鍵数が少なくな
ることから認証システムへのアクセス回数を削減する効
果がある。As described above, according to the present invention, even if the number of stored users is large, the public key required by the referring user is only the public key of the data storage server. Just by verifying the falsification of the communication data, it is possible to confirm the identity of the data that was simultaneously referenced and the data when it was stored. At the same time, the number of access to the authentication system is reduced because the number of required public keys is reduced.
【0025】また、データ保管サーバが電子署名装置内
に電子署名の作成鍵と検証鍵の両方を格納し、外部には
公開しないことで一般の電子署名用鍵対を用いた改竄検
知手段よりも有効期限を長くすることができ、かつ認証
システムにより公開されないため公開鍵の有効期限切れ
や利用者による鍵の無効化に伴う検証結果の信頼性の低
下を防ぐデータの保管方法を提供することができる。Further, the data storage server stores both the creation key and the verification key of the electronic signature in the electronic signature device, and does not disclose them to the outside. It is possible to provide a data storage method that can lengthen the expiration date and prevent the public key from being expired and the reliability of the verification result from being lowered due to the invalidation of the key by the user because it is not disclosed by the authentication system. .
【図1】この発明のデータ保管システムの機能構成の実
施例を示す図。FIG. 1 is a diagram showing an embodiment of a functional configuration of a data storage system of the present invention.
【図2】この発明の利用者端末と保管サーバでのデータ
保管時の処理フローを示す図。FIG. 2 is a diagram showing a processing flow when data is stored in a user terminal and a storage server according to the present invention.
【図3】この発明の利用者端末と保管サーバでのデータ
参照時の保管サーバ側の処理フローを示す図。FIG. 3 is a diagram showing a processing flow on the storage server side when data is referenced between the user terminal and the storage server according to the present invention.
【図4】データ参照時の電子署名装置側の処理フローを
示す図。FIG. 4 is a view showing a processing flow on the electronic signature device side when referring to data.
【図5】データ参照時の参照利用者端末側の処理フロー
を示す図。FIG. 5 is a diagram showing a processing flow on the reference user terminal side when referring to data.
【図6】この発明の実施例でのデータと電子署名の対応
を示す図。FIG. 6 is a diagram showing correspondence between data and an electronic signature according to the embodiment of the present invention.
【図7】データ保管のための従来装置の機能構成を示す
図。FIG. 7 is a diagram showing a functional configuration of a conventional device for data storage.
【図8】従来の利用者端末と保管サーバでのデータ保管
時の処理フローを示す図。FIG. 8 is a diagram showing a processing flow when data is stored in a conventional user terminal and a storage server.
【図9】従来の利用者端末と保管サーバでのデータ参照
時の処理フローを示す図。FIG. 9 is a diagram showing a processing flow when data is referenced between a conventional user terminal and a storage server.
Claims (8)
データ蓄積装置とよりなり、 上記データ保管サーバは外部との通信手段と、 上記データ蓄積装置に対するアクセス手段と、上記電子
署名装置に対するアクセス手段とを備え、 上記電子署名装置は保管用電子署名作成鍵と保管用電子
署名検証鍵を外部からアクセスできないように格納する
鍵格納手段と、上記電子署名装置アクセス手段によりア
クセスされ、入力されたデータに対し、上記鍵格納手段
の電子署名作成鍵で電子署名を作成して戻す電子署名作
成手段と、上記電子署名装置アクセス手段によりアクセ
スされ、入力されたデータに対し上記鍵格納手段の電子
署名検証鍵で電子署名の検証を行う電子署名検証手段と
を備え、 上記データ蓄積装置は上記データ蓄積装置アクセス手段
によりアクセスされ、保管データ及びその電子署名が書
込まれ又は読出されるものであることを特徴とするデー
タ保管システム。1. A data storage server, an electronic signature device,
A data storage device, wherein the data storage server comprises external communication means; access means for the data storage device; and access means for the electronic signature device. The electronic signature device has a storage electronic signature creation key. Key storage means for storing the electronic signature verification key for storage so that it cannot be accessed from outside, and an electronic signature created by the electronic signature creation key of the key storage means for the data accessed by the electronic signature device access means. And a digital signature verifying means for verifying a digital signature accessed by the digital signature device access means with the digital signature verification key of the key storage means. The data storage device is accessed by the data storage device access means, and the stored data and its electronic signature are written. A data storage system, which is loaded or read.
通信用電子署名作成鍵をも格納していることを特徴とす
る請求項1記載のデータ保管システム。2. The data storage system according to claim 1, wherein said electronic signature device also stores a communication electronic signature creation key in its key storage means.
作成鍵及び上記保管用電子署名検証鍵を生成する手段を
備えることを特徴とする請求項1又は2記載のデータ保
管システム。3. The data storage system according to claim 1, wherein the electronic signature device includes means for generating the storage electronic signature creation key and the storage electronic signature verification key.
外部からアクセスできないように格納しておき、 保管要求された保管データに対し、上記保管用電子署名
作成鍵により保管用電子署名を作成し、 上記保管データと上記保管用電子署名をデータ蓄積装置
に蓄積し、 参照要求された保管データとその保管用電子署名を、上
記データ蓄積装置から読出し、 上記読出された保管データとその保管用電子署名に対
し、上記保管用電子署名検証鍵により検証することを特
徴とするデータ保管方法。4. A storage electronic signature creation key and its verification key are stored so that they cannot be accessed from the outside, and a storage electronic signature is created for the storage data requested to be stored by using the storage electronic signature creation key. The storage data and the storage digital signature are stored in a data storage device, and the storage data requested for reference and the storage electronic signature are read from the data storage device, and the read storage data and the storage digital signature are read out. A data storage method, wherein an electronic signature is verified using the storage electronic signature verification key.
データに対し、上記通信用電子署名作成用鍵で通信用電
子署名を作成し、 上記保管データと上記通信用電子署名を上記参照要求を
行った利用者端末へ送信することを特徴とする請求項4
記載のデータ保管方法。5. A communication electronic signature creation key is stored, and a communication electronic signature is created with the communication electronic signature creation key for the storage data whose verification result by the storage electronic signature verification key passes. And transmitting the stored data and the electronic signature for communication to the user terminal that has issued the reference request.
Data storage method described.
タ及び上記通信用電子署名に対し、電子署名検証用公開
鍵で検証することを特徴とする請求項5記載のデータ保
管方法。6. The data storage method according to claim 5, wherein the user terminal verifies the received storage data and the communication digital signature with a digital signature verification public key.
置に蓄積し、参照要求に応じてデータをデータ蓄積装置
から読出して出力し、保管用電子署名作成鍵及び保管用
電子署名検証鍵を外部からアクセスできないように格納
してあるデータ保管システムにおいて、 上記保管要求があると、その保管データに対し、上記保
管用電子署名作成鍵により保管用電子署名を作成する処
理と、 上記保管データと上記保管用電子署名を上記データ蓄積
装置に蓄積する処理と、 上記参照要求があると、その保管データとその保管用電
子署名を上記データ蓄積装置から読出す処理と、 上記読出された保管データとその保管用電子署名に対
し、上記保管用電子署名検証鍵で検証する処理とをコン
ピュータにより実行するプログラムを記録した記録媒
体。7. A data storage device stores data in response to a storage request, reads and outputs data from the data storage device in response to a reference request, and stores a storage electronic signature creation key and a storage electronic signature verification key in an external device. In the data storage system that is stored so that it cannot be accessed from the storage device, when there is the storage request, a process of creating an electronic signature for storage with the storage electronic signature creation key for the stored data; A process of storing a storage digital signature in the data storage device; a process of reading the storage data and the storage digital signature from the data storage device when the reference request is received; A recording medium recording a program for executing, by a computer, a process of verifying a storage electronic signature with the storage electronic signature verification key.
署名作成鍵も格納されており、 上記保管用電子署名の検証が合格したか否かを判定する
処理と、 その判定に合格すると、上記保管データに対し、上記通
信用電子署名作成鍵で通信用電子署名を作成する処理
と、 上記保管データ、上記通信用電子署名を上記参照要求を
した端末へ送出する処理とを上記コンピュータにより実
行するプログラムを含むことを特徴とする請求項7記載
の記録媒体。8. The data storage system also stores a communication electronic signature creation key, and determines whether or not the verification of the storage electronic signature has passed. A program for executing, by the computer, a process of creating a communication electronic signature with respect to data using the communication electronic signature creation key, and a process of sending the storage data and the communication electronic signature to the terminal that has made the reference request. 8. The recording medium according to claim 7, comprising:
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP22595998A JP3507341B2 (en) | 1998-08-10 | 1998-08-10 | Data storage system and its program recording medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP22595998A JP3507341B2 (en) | 1998-08-10 | 1998-08-10 | Data storage system and its program recording medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| JP2000059353A true JP2000059353A (en) | 2000-02-25 |
| JP3507341B2 JP3507341B2 (en) | 2004-03-15 |
Family
ID=16837577
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP22595998A Expired - Lifetime JP3507341B2 (en) | 1998-08-10 | 1998-08-10 | Data storage system and its program recording medium |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JP3507341B2 (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002056140A (en) * | 2000-05-30 | 2002-02-20 | Nippon Telegr & Teleph Corp <Ntt> | Ticket and method and device for ticket distribution |
| JP2002101093A (en) * | 2000-07-27 | 2002-04-05 | Internatl Business Mach Corp <Ibm> | Method for certifying expiration date of public key and secret key for certifying authority and system for the same |
| JP2002101099A (en) * | 2000-09-21 | 2002-04-05 | Hitachi Ltd | Access-tracing device |
| JP2002164884A (en) * | 2000-11-02 | 2002-06-07 | Internatl Business Mach Corp <Ibm> | Proxy server, electronic signature system, electronic signature verification system, network system, electronic signature method, electronic signature verification method, recording medium and program transmission device |
| JP2003016266A (en) * | 2000-05-17 | 2003-01-17 | Dainippon Printing Co Ltd | Procedure system and storage medium therefor |
| JP2004112698A (en) * | 2002-09-20 | 2004-04-08 | Canon Inc | Imaging device |
| JP2004222056A (en) * | 2003-01-16 | 2004-08-05 | Fuji Photo Film Co Ltd | Method, device, and program for preserving image |
| JP2004236254A (en) * | 2003-02-03 | 2004-08-19 | Fujitsu Ltd | Electronic data storage system and its method |
| US6892064B2 (en) | 2000-09-07 | 2005-05-10 | International Business Machines Corporation | Method and system for presentation of content from one cellular phone to another through a computer network |
| JP2005297223A (en) * | 2004-04-06 | 2005-10-27 | Seiko Epson Corp | Recorder, ink cartridge, recording system, controlling method, and program |
| JP2009027543A (en) * | 2007-07-20 | 2009-02-05 | Toshiba Corp | Facing service system, facing control server apparatus, and program |
| JP2009194640A (en) * | 2008-02-14 | 2009-08-27 | Toshiba Corp | Method for transferring content |
| JP2010182070A (en) * | 2009-02-05 | 2010-08-19 | Mitsubishi Electric Corp | Apparatus, method and program for processing information |
| WO2012114604A1 (en) * | 2011-02-23 | 2012-08-30 | セイコーインスツル株式会社 | Information-processing device and information-processing program |
| JP2017169183A (en) * | 2016-03-14 | 2017-09-21 | 株式会社リコー | Data generation device, data record system, and program |
| JP2018054841A (en) * | 2016-09-28 | 2018-04-05 | 株式会社リコー | Data generation device, data generation method, program and data recording system |
-
1998
- 1998-08-10 JP JP22595998A patent/JP3507341B2/en not_active Expired - Lifetime
Cited By (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4668457B2 (en) * | 2000-05-17 | 2011-04-13 | 大日本印刷株式会社 | Terminal device, procedure system, and storage medium therefor |
| JP2003016266A (en) * | 2000-05-17 | 2003-01-17 | Dainippon Printing Co Ltd | Procedure system and storage medium therefor |
| JP2002056140A (en) * | 2000-05-30 | 2002-02-20 | Nippon Telegr & Teleph Corp <Ntt> | Ticket and method and device for ticket distribution |
| JP2002101093A (en) * | 2000-07-27 | 2002-04-05 | Internatl Business Mach Corp <Ibm> | Method for certifying expiration date of public key and secret key for certifying authority and system for the same |
| US7930415B2 (en) | 2000-07-27 | 2011-04-19 | International Business Machines Corporation | Method and system for authentication when certification authority public and private keys expire |
| US7412524B1 (en) | 2000-07-27 | 2008-08-12 | International Business Machines Corporation | Method and system for authentication when certification authority public and private keys expire |
| US6892064B2 (en) | 2000-09-07 | 2005-05-10 | International Business Machines Corporation | Method and system for presentation of content from one cellular phone to another through a computer network |
| US7058388B2 (en) | 2000-09-07 | 2006-06-06 | International Business Machines Corporation | Method and system for presentation of content from one cellular phone to another through a computer network |
| JP2002101099A (en) * | 2000-09-21 | 2002-04-05 | Hitachi Ltd | Access-tracing device |
| JP2002164884A (en) * | 2000-11-02 | 2002-06-07 | Internatl Business Mach Corp <Ibm> | Proxy server, electronic signature system, electronic signature verification system, network system, electronic signature method, electronic signature verification method, recording medium and program transmission device |
| JP2004112698A (en) * | 2002-09-20 | 2004-04-08 | Canon Inc | Imaging device |
| US8031239B2 (en) | 2002-09-20 | 2011-10-04 | Canon Kabushiki Kaisha | Image sensing apparatus for generating image data authentication data of the image data |
| JP2004222056A (en) * | 2003-01-16 | 2004-08-05 | Fuji Photo Film Co Ltd | Method, device, and program for preserving image |
| US7660992B2 (en) | 2003-02-03 | 2010-02-09 | Fujitsu Limited | Electronic data storage system and method thereof |
| JP4628648B2 (en) * | 2003-02-03 | 2011-02-09 | 富士通株式会社 | Electronic data storage system and method |
| JP2004236254A (en) * | 2003-02-03 | 2004-08-19 | Fujitsu Ltd | Electronic data storage system and its method |
| JP2005297223A (en) * | 2004-04-06 | 2005-10-27 | Seiko Epson Corp | Recorder, ink cartridge, recording system, controlling method, and program |
| JP2009027543A (en) * | 2007-07-20 | 2009-02-05 | Toshiba Corp | Facing service system, facing control server apparatus, and program |
| JP2009194640A (en) * | 2008-02-14 | 2009-08-27 | Toshiba Corp | Method for transferring content |
| JP4703668B2 (en) * | 2008-02-14 | 2011-06-15 | 株式会社東芝 | Content transfer method |
| JP2010182070A (en) * | 2009-02-05 | 2010-08-19 | Mitsubishi Electric Corp | Apparatus, method and program for processing information |
| WO2012114604A1 (en) * | 2011-02-23 | 2012-08-30 | セイコーインスツル株式会社 | Information-processing device and information-processing program |
| JP2012175555A (en) * | 2011-02-23 | 2012-09-10 | Seiko Instruments Inc | Information processing device and information processing program |
| JP2017169183A (en) * | 2016-03-14 | 2017-09-21 | 株式会社リコー | Data generation device, data record system, and program |
| JP2018054841A (en) * | 2016-09-28 | 2018-04-05 | 株式会社リコー | Data generation device, data generation method, program and data recording system |
Also Published As
| Publication number | Publication date |
|---|---|
| JP3507341B2 (en) | 2004-03-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2004288540B2 (en) | Portable security transaction protocol | |
| US7689832B2 (en) | Biometric-based system and method for enabling authentication of electronic messages sent over a network | |
| EP1374473B1 (en) | Method and apparatus for secure cryptographic key generation, certification and use | |
| US6430688B1 (en) | Architecture for web-based on-line-off-line digital certificate authority | |
| US6148404A (en) | Authentication system using authentication information valid one-time | |
| KR101863953B1 (en) | System and method for providing electronic signature service | |
| US6085320A (en) | Client/server protocol for proving authenticity | |
| US8555069B2 (en) | Fast-reconnection of negotiable authentication network clients | |
| US9401059B2 (en) | System and method for secure voting | |
| US20050132201A1 (en) | Server-based digital signature | |
| US20080098232A1 (en) | Digital signing method | |
| EP1349034A2 (en) | Service providing system in which services are provided from service provider apparatus to service user apparatus via network | |
| US20100042848A1 (en) | Personalized I/O Device as Trusted Data Source | |
| JPH11231775A (en) | Device and method for conditional authentication | |
| JP2000059353A (en) | Data storage system, data storage method and its program recording medium | |
| JP2002281019A (en) | Portable information storage medium and method for authenticating the same | |
| US11522849B2 (en) | Authentication system and computer readable medium | |
| JP2006340178A (en) | Attribute certificate verifying method and device | |
| JP2000215280A (en) | Identity certification system | |
| JP3646055B2 (en) | Time signature apparatus, signing method thereof, and time signature system | |
| JP5431804B2 (en) | Authentication system and authentication method | |
| JP2000078128A (en) | Communication system, ic card and recording medium | |
| JPH1165443A (en) | Management element system for individual authentication information | |
| JP3791169B2 (en) | Authentication apparatus and method | |
| JP2000115160A (en) | Public key certificate issuance system and method and recording medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20031216 |
|
| A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20031218 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20071226 Year of fee payment: 4 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20081226 Year of fee payment: 5 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20091226 Year of fee payment: 6 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20101226 Year of fee payment: 7 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20101226 Year of fee payment: 7 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20111226 Year of fee payment: 8 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20111226 Year of fee payment: 8 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20121226 Year of fee payment: 9 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20121226 Year of fee payment: 9 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20131226 Year of fee payment: 10 |
|
| S531 | Written request for registration of change of domicile |
Free format text: JAPANESE INTERMEDIATE CODE: R313531 |
|
| R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
| EXPY | Cancellation because of completion of term |