JP2003348077A - Method and device for verifying attribute certificate - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To perform a verification processing of an attribute certificate on the basis of a public key encryption base at high speed even in a device the resources of which are restricted. <P>SOLUTION: When the attribute certificate is transmitted from an owner of the attribute certificate to a verifier of the attribute certificate, an attribute certificate verifier device on which no function of constructing complicated authentication pass and performing verification is mounted transmits a verification request to an attribute certificate verification agency that performs verification of the attribute certificate by proxy, the attribute certificate verification agency performs construction, verification of the authentication pass and confirmation of validity regarding the attribute certificate and returns a verification result to the verifier of the attribute certificate. In this case, when the verification of the attribute certificate in the attribute certificate verification agency is performed, construction, verification of the authentication pass and a validity confirmation processing regarding the attribute certificate are reduced by using a cache use function. <P>COPYRIGHT: (C)2004,JPO

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a technique suitable for confirming the validity of an attribute certificate received by an electronic procedure by a terminal in a public key cryptography infrastructure (PKI) system using an attribute certificate. .

[0002]

2. Description of the Related Art The format of an attribute certificate and a method of verifying the attribute certificate are described in, for example, the IETF (Internet Engineering Task For
ce) 's pkix (Public-Key Infrastructure (X.509)) working group posted “An Internet Attrib
ute Certificate Profile for Authorization ”. FIG. 2 shows an example of a public key cryptographic infrastructure model including an attribute certificate.

Each certificate authority that issues and manages public key certificates forms a group having a hierarchical structure with the root certificate authority at the top. This group is called a domain. For example, in the domain ₁ 291, the certificate authority ₁₁ 211 which is the root certificate authority issues a public key certificate ₁₂ 252 to a subordinate certificate authority. Certificate Authority ₁₁ 21
One of the certificate authorities under the control of “1” is referred to as a certificate authority ₁₂ 212. The certificate authority _{12 212} issues public key certificates to further the subordinate certification authority. The issuance of such a public key certificate is repeated up to the lowest-order certificate authority _1n 213. The CA located at the lowest level is for users who need to prove their existence to trading partners over the network in electronic transactions, etc., or to prove that they have agreed to the contents of electronic documents by their own will. Issue a public key certificate. The user at the bottom of such a domain is called an end entity. Certificate Authority _1n 2
13 issues a public key certificate _ee1 254 against _EE 1 214 is an end entity.

[0004] A public key certificate is used by a third party to certify a public key corresponding to a private key owned by each subject. Each subject securely manages its own private key, When signing, only the owner himself can use the private key. Therefore, when verifying a digital signature performed by the owner of a private key, if the verification is successful with the public key included in the public key certificate, the digital signature is described in the public key certificate. Is guaranteed by a third party to have been done under the name of the owner in question. If this third party is a certificate authority and the certificate authority is trusted, the authenticity of the verified digital signature is also proved. For this reason, the verifier of the electronic signature has a trusted certificate authority, and it is common to assign a root certificate authority to such a certificate authority. A public key certificate of a trusted certificate authority is called a trust point.

[0005] In order to prove the validity of a digital signature performed by a certain end entity, it is necessary to verify whether the public key certificate of the end entity is certified by a trusted certificate authority. For example,
A public key certificate that is a self-signed certificate of the certificate authority ₁₁ 211
₁₁ 251 electronic signature verifier to the trust point is, _EE 1 2
When verifying the electronic signature on the electronic document performed by the electronic document 14, first, the electronic signature attached to the electronic document is converted to the public key certificate _{ee 1} 254 of the end entity.
Verify with.

Next, the end entity certificate_ee12
54 is the end entity certificate _ee1Issue 254
Certificate Authority_1n213 public key certificate_1nBy 253
Is verified. This is the end entity certificate
_ee1254 is the certificate authority_1n213 secret key
Since the data is signed with a child signature,
Public key certificate containing the corresponding public key_1nUse 253
It can be verified by having Likewise
Verification of the public key certificate and the public key certificate of a higher-level certificate authority.
By repeating the verification using the written certificate,
Public key certificate₁₂Public key certificate whose trust point is 252 verification
Memorandum₁₁251 makes verification possible. Such an d
Digital signature from the public key certificate to the trusted entity
Certificates that are linked in a chain by name
By verifying the certification path, the end
You can trust the contents of the public key certificate
Swell.

[0007] The verification methods described so far are the same domain.
Publish a root certificate authority in another domain
Verification is also required for digital signature verifiers who trust key certificates.
To be able to verify each other,
Publishing using a mutual authentication model that issues public key certificates
A key cryptographic infrastructure may be formed. For example, domain
₀Certificate Authority at 290₀₀200 and the domain₁291
A certificate authority₁₁211 performs mutual authentication, the certificate authority
₀₀200 is a certificate authority₁₁Public key certificate for 211
Is a mutual authentication certificate₀₁241 and the certificate authority₁₁
211 is a certificate authority ₀₀200 public key certificate
Mutual authentication certificate₁₀Issue 246.

When the mutual authentication model is adopted, the upper public
The form of the hierarchical structure, which had only one key certificate, collapsed,
Since there are multiple public key certificates, the certification path
The construction and verification of is complicated. For example, a certificate authority₁₂212
Public key certificate for₁₂252 higher-level certificates
Certificate authority₁₁Public key certificate that is a self-signed certificate of 211
₁₁251 and the certificate authority₀₀Certificate authority from 200₁₁211
Certificate, which is a public key certificate issued to
₀₁241 exist. In this way, there are multiple certification paths.
The program that builds the certification path
From the public key certificate to be verified to the trust point set by the verifier
You need to select a certification path that can be followed.

[0009] Further, since the public key certificate may be revoked due to the compromise of the private key or the like, each certificate authority publishes revocation information on its issued public key certificate. The verifier who verifies the public key certificate needs to obtain the revocation information and check whether the certificate on the certification path from the public key certificate to be verified to the trust point has been revoked. This operation is called a certificate validity check. Verification of a public key certificate requires construction of a certification path, verification, and validation.

The method of verifying a public key certificate as described above is described in X.509, which is an ITU-T recommendation, and RFC2459, which is proposed by the IETF. In addition, it is assumed that the public key certificate is verified at the terminal of the end entity described above, but since the processing requires high processing capability and many program functions, the public key certificate verification is performed. The IETF has also proposed a method of installing a server on a network and outsourcing verification processing to the server to reduce the processing at end entity terminals.

The public key certificate is mainly used for the purpose of linking the owner of the public key certificate with the public key, and its validity period is from several years to ten years from an operational viewpoint. In many cases, for example, it is not very suitable to include attribute information with a relatively high update frequency, such as a telephone number, an e-mail address, and a job organization. In addition, since the certificate authority that issues the public key certificate does not always manage the attribute information necessary for electronic transactions, it may not be possible to issue the attribute information included in the public key certificate. .

As a method for solving these problems, there is a method of using an attribute certificate in which a pointer of a public key certificate and attribute information are linked. The organization that issues the attribute certificate is called the attribute certificate authority, and the issuer of the attribute certificate is called the attribute certificate holder. The attribute certificate contains a pointer to the attribute certificate holder's public key certificate, the name of the attribute certificate authority, the validity period of the attribute certificate, attribute information, and information for identifying the attribute certificate authority's public key (hereinafter, referred to as the attribute key). Such information is referred to as a public key identifier), and the content is prevented from being falsified by digitally signing the information with a private key of the attribute certificate authority.

To verify an attribute certificate, it is necessary to first verify the validity of the digital signature of the attribute certificate authority attached to the attribute certificate. For that purpose, it is necessary to verify the electronic signature of the attribute certificate with the public key certificate of the attribute certificate authority, and to verify the certification path from the trust point to the public key certificate of the attribute certificate authority. Also, when it is necessary to verify the validity of the attribute information included in the attribute certificate in the electronic signature of the electronic document performed by the holder of the attribute certificate, the electronic signature of the electronic document is described in the attribute certificate. It is necessary to verify with the public key certificate linked to the pointer of the public key certificate of the holder of the attribute certificate, and to verify the certification path from the trust point to the public key certificate.

[0014] In some cases, the attribute certificate authority publishes revocation information on the attribute certificate in case the attribute information described in the attribute certificate is changed or revoked. In this case, the verifier of the attribute certificate:
It is necessary to confirm the validity of the attribute certificate. To summarize the above, attribute certificate verification includes verification of the digital signature of the attribute certificate, verification of the validity of the public key certificate of the attribute certificate authority (ie, verification of the certification path and validity verification), and verification of the attribute certificate. It is necessary to confirm the validity of the certificate holder's public key certificate.

[0015]

The conventional method has the following problems.

That is, when verifying an attribute certificate,
It is necessary to verify and validate the two certification paths, the public key certificate of the attribute certificate authority and the public key certificate of the holder of the attribute certificate. To perform the verification process, the conventional method may require an enormous amount of time for the process or may be difficult to implement. In addition, attribute certificates and public key certificates have areas in which the content can be defined independently. If such areas are used, a program for interpreting the relevant parts must be distributed to all verifiers. And the introduction cost increases.

If a certain organization defines a policy regarding the verification of an attribute certificate (such as a trust point as an organization, interpretation of items described in an attribute certificate or a public key certificate, and handling of revocation information, etc.) It is also difficult for the policy manager to enforce that the user complies with the policy when each of the users uses the own terminal to verify the attribute certificate.

[0018]

According to the present invention, in the verification of an attribute certificate, it is possible to perform high-speed verification even with a terminal having limited resources, and to change the format of an attribute certificate or a public key certificate. Provide a technology that can respond to the case at low cost and strictly enforce the organization's verification policy.

According to the present invention, an attribute certificate verification authority connected to a plurality of terminals (end entities) and a certificate authority via a network responds to an attribute certificate verification request from a certain terminal. Verify. Specifically, it verifies the digital signature of the attribute certificate, constructs and verifies the certification path from the trust point set for the device by the terminal or organization policy to the public key certificate of the attribute certificate authority, and Check the validity of the public key certificate existing on the certification path, and check the certification path from the public key certificate indicated by the attribute certificate holder's public key certificate pointer indicated in the attribute certificate to the trust point. Construction and verification are performed, and the validity of the public key certificate existing on the certification path is checked. At this time, the construction and verification of the certification path can be performed at high speed by using the public key certificate and the revocation information stored in the device of the attribute certificate verification authority. After performing the above processing, the device of the attribute certificate verification authority returns the verification result to the terminal, and the terminal verifies the attribute certificate only by verifying the verification result of the attribute certificate verification authority. Complete.

According to the present invention, it is possible to reduce the function of the terminal for verifying the attribute certificate, and to shorten the time required for the processing. Further, when an attribute certificate is verified as a certain organization, it is easy to manage a policy related to the verification and to change a program for interpreting an attribute certificate in which unique attribute information is incorporated.

[0021]

Embodiments of the present invention will be described below with reference to the drawings. In the drawings described below,
The same numbers represent similar parts / elements. In addition, the present invention is not limited by the embodiments.

FIG. 1 is a diagram showing a schematic configuration of an environment for using an attribute certificate and an attribute certificate verification authority.
Certificate authority devices 101-101 of each certificate authority that issues public key certificates
109, a certificate authority device 110 of an attribute certificate authority that issues an attribute certificate, an attribute certificate holder device 120 that is a terminal of an attribute certificate holder to which an attribute certificate is to be issued, and an attribute certificate holder , An attribute certificate verifier device 130 that is a terminal of an attribute certificate verifier who attempts to verify the attribute certificate attached thereto and verify the validity of the attribute information. And an attribute certificate verification authority device 140, which is a server of the attribute certificate verification authority that collectively performs the verification of the attribute certificate, is connected to each other via a network 150. The number of certificate authority devices depends on the configuration of the public key cryptographic infrastructure employed in the system for conducting electronic transactions and the like, and may be one or N in some cases.

FIG. 2 shows a public key cryptographic infrastructure including an attribute certificate.
FIG. 3 is a diagram showing an example of the structure of FIG. Examples described below
Is a form when the model of FIG. 2 is applied. Domain
N₁In 291, the certificate authority that is the root certificate authority₁₁211
Certifies the public key corresponding to the private key owned by the certificate authority
Public key certificate, which is a self-signed certificate for₁₁25
Issue 1. In addition, the certificate authority that is a lower-level certificate authority₁₂2
12 to certify the public key corresponding to the private key
And a certificate authority₁₁211 is a public key certificate₁₂Depart 252
Run. Similarly, the certificate authority₁₂212 is a lower-level certificate authority
Issue a public key certificate to the lowest certificate authority_1n2
This is repeated up to 13. Lowest Certificate Authority_{1 n}213 is
Public key certificate that certifies the public key corresponding to the private key
To the public key certificate_1n253. Certificate Authority_1n213
Is the end entity EE ₁Owned by 214
Public key certificate for public key corresponding to private key_ee12
Issue 54.

In this embodiment, EE₁Attribute authentication for 214
Station. domain₂In 292, the domain₁291 and
Similarly, the certificate authority that is the root certificate authority₂₁221 is self-signed
A public key certificate that is a certificate₂₁261 is issued. Ma
Certificate authority that is a lower-level certificate authority ₂₂Published to 222
Key certificate₂₂262 is issued. Similarly, the certificate authority_2
2222 issues a public key certificate to a lower-level certificate authority,
Is the lowest certificate authority_2nThis is repeated up to 223. Lowest
Certificate Authority_2nPublic key certificate issued for 213
To the public key certificate_2n263. Certificate Authority_2n223
Is the end entity EE₂Public for 224
Key release certificate_ee2Issue H.264. In this embodiment,
EE₂224 is the attribute certificate holder. domain₃2
In 93, the certificate authority that is the root certificate authority₃₁231 is self
Public key certificate, which is the signing certificate₃₁271 is issued.
Certificate Authority₃₁231 is an end entity
EE₃Public key certificate for 232_ee3Issue 272
I do.

In this embodiment, EE₃232 attribute proof
The document verification office. Certificate Authority₃₁231
RP233 is a certificate authority₃₁Public key certificate of 231₃₁
271 is a trust point. In this embodiment, RP233
Electronic transaction with the attribute certificate holder
Attribute certificate for attribute certificate holder attached in
Attribute certificate verifier who wants to verify the attribute information of the certificate
You. Also, the domain₀Certificate Authority in 290₀₀200
Performs mutual authentication to enable cooperation with other domains.
Certificate authority₁₁Mutual authentication certificate for 211₀₁24
Issue 1 and the certificate authority ₂₁221 mutual authentication certificate
₀₂Issued 242 and issued a certificate authority₃₁Mutual recognition for 231
Certificate₀₃243 is issued. The reverse is also true for each domain.
The main root certificate authority is the certificate authority₀₀Phase for 200
Issue a mutual authentication certificate. Specifically, the certificate authority₁₁21
1 is a certificate authority₀₀Mutual authentication certificate for 200₁₀24
6 and the Certificate Authority₂₁221 is a certificate authority₀₀Against 200
Then mutual authentication certificate₂₀Issued 247 and the Certificate Authority₃₁2
31 is a certificate authority₀₀Mutual authentication certificate for 200₁₀2
Issue 48.

FIG. 3 shows the certificate authority device 10 listed in FIG.
1 is a diagram showing a hardware configuration of an attribute certificate authority device 110, an attribute certificate holder device 120, an attribute certificate verifier device 130, and an attribute certificate verifier device 140. FIG.

Each of the devices 101 to 140 has an input device 310.
, A display device 320, a CPU 330, and a memory 340.
, A storage device 350, and a communication device 360 for connecting and communicating with the network 150 are connected by a bus 300. The input device 310 is used by a person who uses each of the devices 101 to 140 to input data, commands, and the like, and includes a keyboard, a mouse, and the like. Further, the display device 320 is a
It is used for displaying a message or the like to a person using 01 to 140, and is constituted by a CRT, a liquid crystal display, or the like.

The CPU 330 is provided for each of the devices 101 to 1.
It comprehensively controls the 40 components and performs various arithmetic processing. The memory 340 temporarily stores programs as shown in FIGS. 4 to 8 and data necessary for processing. In addition, the storage device 350 stores each device 101.
It is used to permanently store programs and data used in the programs 140 to 140, and is constituted by a hard disk or the like. The communication device 360 is an interface for exchanging data between the devices 101 to 140 via the network 150.

4 to 8 show the software configuration of each of the devices 101 to 140. Each software is CPU
The above devices are realized by being executed by 330. Further, each software may be installed in the storage device 350 in advance, or may be installed in the storage device 350 via a communication medium or a recording medium.

FIG. 4 is a diagram showing a software configuration of the certificate authority apparatuses 101 to 109. Certificate authority devices 101 to 10
9, the operating system 40 is stored in the memory 340.
0, a public key certificate issuing program 410, a public key certificate managing program 420, a public key certificate opening program 430, a revocation information issuing program 440, a revocation information management program 450, and a revocation information opening program 460. , And a secret key information management program 470 are temporarily stored.

The operating system 400 is a program for implementing functions such as file management, process management, and device management in order to control the entire certificate authority apparatuses 101 to 109. The public key certificate issuing program 410 is a program for receiving a public key certificate issuing request from a lower entity and generating a public key certificate. The public key certificate can be received by a method of receiving information required for issuing a public key certificate via the network 150 or a method of directly inputting information required for issuing a public key certificate from the input device 310. In the present invention, either method is applicable.

The public key certificate management program 420
Is a program for managing the list and status of public key certificates issued by the public key certificate issuing program 410. In addition, the public key certificate public program 43
0 indicates a request for the public key certificate issued by the public key certificate issuing program 410 when the user via the network 150 requests the public key certificate to be obtained by the public key certificate obtaining program. This is a program for transmitting the obtained public key certificate.

Also, the revocation information issuing program 440
This is a program for issuing a list of revoked certificates (hereinafter referred to as a certificate revocation list) based on the status of the public key certificate managed by the public key certificate management program 420. Further, the revocation information management program 450 is a program for managing a list of certificate revocation lists issued by the revocation information issuance program 440 and periodically activating the revocation information issuance program.
The revocation information disclosure program 460 requests the revocation information issued by the revocation information issuance program 440 when the user via the network 150 requests revocation information acquisition by the revocation information acquisition program. This is a program for transmitting revocation information. Also, the secret key information management program 470 manages the secret key securely by encrypting or controlling access to the secret key used for issuing the public key certificate and issuing the revocation information, and requests a signature request from another program. This is a program for performing an electronic signature on a signature target when there is an error.

FIG. 5 is a diagram showing a software configuration of the attribute certificate authority apparatus 110. The operating system 500, the public key certificate acquisition program 510, the public key certificate management program 520, and the attribute certificate issuing program 530 are stored in the memory 340 of the attribute certificate authority device 110.
Attribute certificate management program 540, attribute certificate disclosure program 550, and revocation information issue program 560
And a program such as a revocation information management program 570, a revocation information disclosure program 580, and a secret key information management program 590 are temporarily stored.

The operating system 500 is a program for implementing functions such as file management, process management, and device management in order to control the attribute certificate authority apparatus 110 as a whole. Further, the public key certificate acquisition program 510 transmits a request for acquiring a specific public key certificate to the certification authority device connected to the network 150, and the public key certificate disclosure program 4 of the certification authority device.
30 is a program for receiving a public key certificate from the server 30. The public key certificate management program 520 is a program for managing a list of public key certificates acquired by the public key certificate acquisition program 510.

The attribute certificate issuing program 530
Is a program for receiving an attribute certificate issuance request from an entity requesting certification of attribute information (that is, a later holder of an attribute certificate) and generating an attribute certificate. The attribute certificate is accepted by the network 150
There is a method of receiving information required for issuance of an attribute certificate via an input device, and a method of directly inputting information required for issuance of an attribute certificate from an input device 310. In the present invention, either method is applicable.

The attribute certificate management program 540
Is a program for managing a list and status of attribute certificates issued by the attribute certificate issuing program 530. In addition, the attribute certificate disclosure program 550
The attribute certificate issued by the attribute certificate issuing program 530 is a program for transmitting the requested attribute certificate when there is a request for acquiring the attribute certificate from the user via the network 150. Further, the revocation information issuing program 560 includes the attribute certificate management program 54.
0 is a program for issuing a certificate revocation list based on the status of the attribute certificate managed at 0. The revocation information management program 570 is a program for managing a list of certificate revocation lists issued by the revocation information issuance program 560, and for periodically starting the revocation information issuance program.

Further, the revocation information disclosure program 580
The revocation information issuance program issued by the revocation information issuance program 560, and is a program for transmitting the requested revocation information when there is a request for revocation information from a user via the network 150. Also, the secret key information management program 590 manages the secret key securely by encrypting or controlling access to the secret key used for issuance of the attribute certificate and the issuance of the revocation information. This is a program for performing an electronic signature on the signature target when there is a signature.

FIG. 6 is a diagram showing a software configuration of the attribute certificate holder device 120. The operating system 600, the public key certificate acquisition program 610, the public key certificate management program 620, the attribute certificate acquisition program 630, and the attribute certificate management program 640 are stored in the memory 340 of the attribute certificate holder device 120. When,
Programs such as a signed electronic document generation program 650, a signed electronic document transmission program 660, and a secret key information management program 670 are temporarily stored.

The operating system 600 is a program for implementing functions such as file management, process management, and device management in order to control the attribute certificate holder device 120 as a whole. Further, the public key certificate acquisition program 610 transmits a request for acquiring a specific public key certificate to the certificate authority apparatuses 101 to 109 connected to the network, and the public key certificate of the certificate authority apparatuses 101 to 109 is transmitted. This is a program for receiving a public key certificate from the public program 430.

The public key certificate management program 620
Is a program for managing a list of public key certificates acquired by the public key certificate acquisition program 610.
Further, the attribute certificate acquisition program 630 transmits a request for acquiring a specific attribute certificate to the attribute certificate authority device 110 connected to the network 150, and the attribute certificate public program 550 of the attribute certificate authority device 110 transmits the request. This is a program for receiving attribute certificates.

The attribute certificate management program 640
Is a program for managing a list of attribute certificates acquired by the attribute certificate acquisition program 630. The signature-added electronic document generation program 650 generates an application form, a contract, and the like used in the electronic transaction, makes a signature request to the private key management program 670, and generates its own public key certificate 264 and attribute certificate. 280 is a program for generating a signed electronic document including 280.

The electronic document transmission program with signature 66
Numeral 0 is a program for transmitting the signed electronic document generated by the signed electronic document generation program 650 to the attribute certificate verifier device 130 which is the terminal of the attribute certificate verifier which is the business partner. Further, the secret key information management program 670 manages the secret key securely by encrypting or controlling access to the secret key used for generating the signed electronic document. , A program for performing an electronic signature on a signature target.

FIG. 7 is a diagram showing a software configuration of the attribute certificate verifier apparatus 130. In the memory 340 of the attribute certificate verifier apparatus 130, an operating system 700, a trust point information acquisition program 710, a trust point information management program 720, a signed electronic document reception program 730, and a signed electronic document verification program 740
A program such as an attribute certificate verification request generation program 750, an attribute certificate verification request transmission program 760, an attribute certificate verification response reception program 770, and an attribute certificate verification response verification program 780 are temporarily stored. .

The operating system 700 is a program for implementing functions such as file management, process management, and device management in order to control the attribute certificate verifier apparatus 130 as a whole. Further, the trust point information acquisition program 710 transmits a request for acquiring a public key certificate of a reliable certificate authority to the certificate authority connected to the network 150, and issues the public key certificate disclosure program 430 of the certificate authority. This is a program for receiving a reliable public key certificate (that is, a trust point) from the Internet.
The trust point information management program 720 is a program for managing a list of trust points acquired by the trust point information acquisition program 710.

The electronic document receiving program with signature 73
0 is a program for receiving a signed electronic document from the signed electronic document transmission program 660 of the attribute certificate holder device 120 via the network 150. The signature-attached electronic document verification program 740 is a program for verifying the electronic signature of the signature-attached electronic document received by the signature-attached electronic document reception program 730 using the attribute certificate holder's public key certificate 264. .

The attribute certificate verification request generation program 750 is used to generate the attribute certificate 28 attached to the signed electronic document acquired by the signed electronic document reception program 730.
This is a program for generating an attribute certificate verification request for requesting the attribute certificate verification authority apparatus 140 to verify “0”. Also, the attribute certificate verification request generation program 750
Is used to generate an attribute certificate verification request for requesting the attribute certificate verification authority device 140 to verify the attribute certificate 280 attached to the signed electronic document acquired by the signed electronic document reception program 730. Program. Further, the attribute certificate verification request transmission program 760 transmits the attribute certificate verification request generated by the attribute certificate verification request generation program 750 to the attribute certificate verification authority 140 connected via the network 150. , A program for requesting verification of an attribute certificate.

The attribute certificate verification response receiving program 770 connects the attribute certificate verification response, which is a response to the attribute certificate verification request transmitted by the attribute certificate verification request transmission program 760, via the network 150. This is a program for receiving from the attribute certificate verification authority 140 that has been set up. Also, the attribute certificate verification response verification program 780 analyzes the attribute certificate verification response received by the attribute certificate verification response reception program 770, and analyzes the attribute certificate verification authority 232 attached to the attribute certificate verification response. This is a program for verifying the signature with the public key certificate _ee3 272 and determining the validity of the attribute information on the attribute certificate holder.

FIG. 8 is a diagram showing a software configuration of the attribute certificate verification authority device 140. The operating system 800, the certificate acquisition program 810, the certificate management program 811, and the revocation information acquisition program 820 are stored in the memory 340 of the attribute certificate verification authority device 140.
Revocation information management program 821, certification path construction program 830, certification path verification program 840,
Validity check program 850, attribute certificate verification request reception program 860, attribute certificate verification request analysis program 861, and attribute certificate verification response generation program 87
0, an attribute certificate verification response transmission program 871, and a program such as a secret key information management program 880 are temporarily stored.

The operating system 800 is a program for implementing functions such as file management, process management, and device management in order to control the entire attribute certificate verification authority apparatus 140. Further, the certificate acquisition program 810 transmits a request for acquiring a specific public key certificate or an attribute certificate to the certificate authority apparatuses 101 to 109 or the attribute certificate authority apparatus 110 connected to the network 150, and This is a program for receiving a designated certificate from the public key certificate disclosure program 430 of the devices 101 to 109 or the attribute certificate disclosure program 550 of the attribute certificate authority device 110. Further, the certificate management program 811 includes a certificate acquisition program 81.
0 is a program for managing the list of public key certificates and attribute certificates acquired at 0. It determines whether a specific certificate has already been acquired when constructing or verifying a certification path, If the certificate has been obtained, the certificate is also passed to the requested program.

Also, the revocation information acquisition program 820
Certificate authority device 101 connected to network 150
Or a request for acquiring specific revocation information to the attribute certificate authority device 110, and
9 is a program for receiving specified revocation information from the revocation information disclosure program 460 or the revocation information disclosure program 580 of the attribute certificate authority apparatus 110. Also,
The revocation information management program 821 is a program for managing a list of revocation information acquired by the revocation information acquisition program 820. Whether a specific revocation information has already been acquired at the time of establishing or verifying the certification path. It also has a function to determine whether the revocation information has been obtained and to pass the revocation information to the requested program.

The certification path construction program 830 includes:
In cooperation with the public key certificate acquisition program 810 and the public key certificate management program 811, the public key certificate _{ee 125} of the attribute certificate authority 214 described in the attribute certificate 280.
4 to the public key certificate of the certificate authority _{3 1} 231 which is a trust point
Construction of certification path up to ₃₁ 271 and attribute certificate 280
Attribute certificate holder 22 described as a pointer in
From the public key certificate _ee2 264 of _No. 4
_31, which is a 231 program for the construction of a certification path to the public key certificate ₃₁ 271. Further, the certification path verification program 840 includes a certification path construction program 830.
This is a program for confirming that the signatures in all public key certificates existing on the certification path can be verified by using the higher-order public key certificate with respect to the certification path constructed in.

The validity check program 850 cooperates with the revocation information acquisition program 820 and the revocation information management program 821 to confirm that the public key certificate existing on the certification path has not been revoked. It is. Also, the attribute certificate verification request receiving program 860
Is a program for receiving an attribute certificate verification request from the attribute certificate verification request transmission program 760 of the attribute certificate verifier device 130 via the network 150. The attribute certificate verification request analysis program 861
Is a program for analyzing the attribute certificate verification request received by the attribute certificate verification request receiving program 860 and acquiring information on the attribute certificate to be verified.

The attribute certificate verification response generation program 870 includes a certification path construction program 830, a certification path verification program 840, and a validity confirmation program 85.
0 is a program for requesting a signature from the private key information management program 880 to add a signature of the attribute certificate verification authority to the verification result of the attribute certificate verified by 0 and generating an attribute certificate verification response. . The attribute certificate verification response transmission program 871 transmits the attribute certificate verification request generated by the attribute certificate verification response generation program 870 to the attribute certificate verifier terminal 130 connected via the network 150. It is a program for returning the verification result of the attribute certificate.

Next, with reference to FIG. 9, an operation for verifying the use of the attribute certificate and the verification of the attribute certificate using the attribute certificate verification authority will be described.

First, before the attribute certificate holder 224 uses the attribute certificate, the public key certificate _ee2 264 is acquired by the public key certificate acquisition program 610 and the attribute certificate is acquired by the attribute certificate acquisition program 630. Book 280 has been acquired. Before the attribute certificate verifier 233 verifies the attribute certificate, the public key certificate by the trust point acquisition program 710 is required.
It is assumed that ₃₁ 271 has been acquired. _Before the attribute certificate verification authority 232 verifies the attribute certificate, it is _{assumed that the} public key certificate _ee3 272 has been acquired by the certificate acquisition program 810 in advance.

In FIG. 9, the attribute certificate holder 224
The electronic document generation program 650 and the secret key information management program 670 generate an electronic document used for electronic transactions and the like and perform an electronic signature on the document. The public key certificate _ee2 264 and the attribute certificate An electronic document with a signature incorporating the 280 is generated (step 901).

After the electronic document with signature is generated, the electronic document is transmitted to the terminal of the attribute certificate verifier 233, which is the business partner, by the electronic document with signature transmission program 660 (step 902).

At the attribute certificate verifier terminal 130, the electronic document receiving program 730 with signature is used to execute step 90.
The electronic document with the signature transmitted in step 2 is received from the attribute certificate holder terminal 120 (step 903).

When the signed electronic document is received, the electronic document of the attribute certificate holder 224 attached to the signed electronic document is changed by the signed electronic document verification program 740.
Verification is performed using the public key certificate _ee2 264 attached to the document (step 904).

If the verification of the signed electronic document succeeds, the data is for requesting the attribute certificate verification authority to use the attribute certificate verification request generation program 750 to verify the attribute certificate. An attribute certificate verification request is generated (Step 905). An example of the format of the attribute certificate verification request will be described with reference to FIG.

When the generation of the attribute certificate generation request is completed,
The attribute certificate verification request transmission program 760 transmits the attribute certificate verification request to the terminal of the attribute certificate verification authority 233 (step 906).

In the attribute certificate verification authority device 140, the attribute certificate verification request receiving program 860 receives the attribute certificate verification request transmitted from the attribute certificate verifier terminal 130 in step 906 (step 907). .

Upon receiving the attribute certificate verification request, the attribute certificate verification request analysis program 861 checks the attribute certificate information to be verified and, in some cases, the trust point of the attribute certificate verifier, and verifies the attribute certificate verifier. Retrieve from the request (step 908).

When the information necessary for verifying the attribute certificate is extracted from the attribute certificate verification request, the certificate obtaining program 8
10, certificate management program 820, revocation information acquisition program 830, revocation information management program 821, certification path construction program 830, certification path verification program 84
0 and the validity check program 850 verifies the validity of the attribute certificate (step 909). The detailed verification method of the attribute certificate will be described with reference to FIG.

After the verification of the attribute certificate is completed, the verification result of the attribute certificate is digitally signed by the attribute certificate verification response generation program 870 and the private key information management program 880, and the attribute certificate verification response is generated ( Step 9
10). For an example of the format of the attribute certificate verification response, see
When the generation of the attribute certificate verification response is completed, the attribute certificate verification response transmission program 871 transmits the attribute certificate verification response to the terminal of the attribute certificate verifier 233 that is the verification requester (step 911). .

In the attribute certificate verifier terminal 130, the attribute certificate verification response received program 730 receives the attribute certificate verification response transmitted in step 911 from the attribute certificate verification authority terminal 140 (step 912).

Upon receiving the attribute certificate verification response, the attribute certificate verification response verification program 780 applies the signature of the attribute certificate verification authority attached to the attribute certificate verification response to the public information attached to the verification response. Key certificate _ee3
Verification is performed using 272 (step 913).

If the signature verification is successful, the verification result of the attribute certificate described in the attribute certificate verification response can be trusted, and the verification of the attribute certificate by the attribute certificate verifier is also completed.

FIG. 10 illustrates an example of the attribute certificate verification method in step 909 in FIG. First,
When the attribute certificate verification authority 232 verifies the attribute certificate, a trust point is included in the attribute certificate verification response in step 908 of FIG. 9, and the attribute certificate verifier verifies using the trust point. Is set as the trust point, if not, or if the verification policy of the attribute certificate verification authority is specified, the attribute certificate verification authority device 140 is set in advance. Assume that a trust point has been set.

In FIG. 10, the attribute certificate verification authority device 1
40 acquires the attribute certificate 280 using the certificate acquisition program 810 based on the information on the attribute certificate to be verified acquired from step 908 in FIG. 9 (step 1001). If the attribute certificate to be verified is attached to the attribute certificate verification request itself, this step can be omitted.

After obtaining the attribute certificate, the certificate management program 811 analyzes the attribute certificate, and
For example, information identifying the attribute certificate authority's public key certificate, such as the attribute certificate authority name and the attribute key's public key identifier, and the attribute certificate holder's public key, such as a pointer to the attribute certificate holder's public key certificate Extract information that identifies the certificate. Also, the validity period of the attribute certificate is checked. If there is any other matter to process the attribute certificate as a verification policy of the organization (step 1002).

When the analysis of the attribute certificate is completed, the certification path construction program 830 executes the above step 1002
Construct a certification path from the public key certificate of the attribute certificate authority extracted in step 2 to the trust point. First, a public key certificate of an attribute certificate authority is set as an initial value of a processing variable X for constructing a certification path (step 1003).

When the setting of the processing variable X is completed, the certificate set in the processing variable X (hereinafter referred to as certificate X) is obtained. First, the certificate management program 811 determines whether or not the certificate has already been obtained, and if so, obtains the certificate from the storage device 350 in the attribute certificate verification authority device 140 (this is used by the cache use function). ). If the certificate has not yet been acquired, the certificate is acquired from the certificate authorities 101 to 109 or the attribute certificate authority 110 via the network 150 by the certificate acquisition program 810. By employing this cache use function, a certificate may be obtained without communicating with the device via the network 150, and the verification time can be reduced (step 1011).

When the certificate is obtained, the certificate is analyzed by the certificate management program 811, and the identification of the upper public key certificate and the information such as the owner name and the validity period from the certificate issuer name are performed. Acquisition is performed. If there is any other matter to process the public key certificate as a verification policy of the organization, the process is performed (step 1012).

When the analysis of the certificate is completed, the verification time becomes
The certification path verification program 840 determines whether or not the certificate obtained in step 1012 is within the validity period. If it is during the valid period, the process proceeds to step 1014, and if it is outside the valid period, the process proceeds to step 1041 (step 1013).

After checking the validity period of certificate X,
In the certification path construction process, a certificate located below certificate X (a certificate previously assigned to processing variable X (however, a public key certificate of an attribute certificate authority certificate is assigned to X) If the certificate has been assigned, the lower order of the certificate X is set as the attribute certificate, and if the public key certificate of the holder of the attribute certificate is assigned to the certificate X, the step is omitted and the process proceeds to the step 1015)) , The signature attached to the lower certificate is verified using the certificate X. If the signature verification is successful, the process proceeds to step 1015. If the signature verification fails, the process proceeds to step 1041.

When the signature is successfully verified, revocation information on the lower certificate of the certificate X is obtained. First, it is determined by the revocation information management program 821 whether or not the revocation information has already been obtained. If the revocation information has been obtained, the revocation information is obtained from the storage device 350 in the attribute certificate verification authority device 140. If it has not been acquired yet, it is acquired from the certificate authorities 101 to 109 or the attribute certificate authority 110 via the network 150 by the revocation information acquisition program 820 (step 1015).

When the acquisition of the revocation information on the lower certificate of the certificate X is completed, the signature of the acquired revocation information is verified by the certificate X by the validity check program 850.
If the verification is successful, the process proceeds to step 1016. If the verification fails, the process proceeds to step 1041 (step 101).
6). If the signature verification of the revocation information succeeds, it is determined in step 101 that the lower certificate of the certificate X has not been revoked.
The validity check program 850 checks based on the revocation information acquired in step 5. If the lower certificate of the certificate X has not been revoked, the process proceeds to step 1018, and if it has been revoked, the process proceeds to step 1041 (step 101).
7).

When the validity check of the lower certificate of the certificate X is completed, it is determined whether or not the certificate X is a self-signed certificate.
Confirm with the certification path construction program 830. If the certificate is a self-signed certificate, the process proceeds to step 1018; otherwise, the process proceeds to step 1021 (step 1018).

If the certificate X is a self-signed certificate,
The certification path construction program 830 checks whether the certificate X is a trust point. If it is a confidence point, the process proceeds to step 1020;
It proceeds to 41 (step 1019).

If the certificate X is a trust point, it means that the certification path has been successfully constructed and verified. However, in order to verify the attribute certificate, the certificate from the public key certificate of the attribute certificate authority to the trust point is verified. It is necessary to verify two types of authentication paths: the authentication path of the attribute certificate holder and the authentication path from the public key certificate of the attribute certificate holder to the trust point. Therefore, the certification path verification program 84
0 checks whether two types of certification paths related to the attribute certificate have been verified. If the two authentication paths have been verified, the attribute certificate is successfully verified and the process is completed. If only one authentication pass has been verified, the process proceeds to step 1031 (step 1020).

In step 1018, the certificate X
If is not a self-signed certificate, the certification path construction program 830 sets the upper certificate of the certificate X in the processing variable X based on the information of the upper certificate obtained in step 1012, and Proceed to (Step 102
1).

If only one certification path has been constructed and verified in step 1020, the certification path construction program 830 stores information such as the pointer of the public key certificate of the attribute certificate holder acquired in step 1002. Based on this, the public key certificate of the holder of the attribute certificate is set in the processing variable X, and the process proceeds to step 1011 (step 103).
1).

If the verification time is out of the validity period of the certificate X in step 1013,
If the signature verification of the subordinate certificate fails in 14,
If the signature verification of the revocation information fails in step 1016, if the lower certificate of the certificate X in step 1017 is revoked, if the certificate X is not a trust point in step 1019, Step 10
If there is no unexamined upper-level certificate of the certificate X in 43, the certification path construction program 830 checks whether a certificate located below the certificate X exists in the certification path construction process. Check. When constructing a certification path from the public key certificate of the attribute certificate authority to the trust point, if the certificate X is the public key certificate of the attribute certificate authority, it is assumed that the certificate X has reached the bottom. If a certificate exists below certificate X, step 104
Proceeding to step 2, if there is no lower-level certificate, the verification of the attribute certificate fails, and the process ends (step 104).
1).

If a lower-level certificate exists in step 1041, the certification path construction program 830 assigns the certificate existing under the certificate X to the processing variable X,
Proceed to step 1043 (step 1042).

In step 1042, if a certificate existing under certificate X is assigned to processing variable X,
The certification path construction program 830 checks whether there is a certificate which is higher than the certificate X and which has not been searched in the certification path construction process. If there is an unsearched certificate, the process proceeds to step 1044. If there is no unsearched certificate, the process proceeds to step 1041 (step 1043).

If there is an unretrieved superior certificate in step 1043, the certification path construction program 830 assigns the unretrieved superior certificate to the processing variable X, and proceeds to step 1011 (step 1044).

The above is the method of verifying the attribute certificate in the attribute certificate verification authority device 140.

FIG. 11 shows an example of an attribute certificate verification request format. In the attribute certificate verification request 1100, a serial number and an attribute certificate authority name described in the attribute certificate 280 to be verified are described as verification target information. In some cases, the attribute certificate 280 itself may be described, or the public key certificate 33 as a trust point may be attached.

FIG. 12 shows an example of a format of the attribute certificate verification response. The attribute certificate verification response 1200 includes verification date and time, verification target information such as a serial number and an attribute certificate authority name described in the attribute certificate 280 to be verified, and the verification result of the attribute certificate 280 to be verified. , The public key certificate _ee3 272 of the attribute certificate verification authority is attached to the information signed with the secret key of the attribute certificate verification authority 232. Upon receiving the attribute certificate verification response, the attribute certificate verifier verifies the signature applied to the attribute certificate verification response using the public key certificate _ee3 272 attached to the response, and verifies the signature. Can be verified with the trust point managed by the trust point management program 720 of the attribute certificate verifier, that is, the public key certificate ₃₁ 271, the certificate authority name of the public key certificate _{e e3} 272 and the public key certificate ₃₁ 2
Confirm that the owner names of 71 match.

Then, the public key certificate of the attribute certificate verification authority
_Confirm that _ee3 272 has not been revoked by a physically secure method, or install a revocation information acquisition program in the attribute certificate verifier apparatus 130, and set the certificate authority ₃₁ 23
The revocation information is obtained from 1 and is verified. If it can be confirmed that the certificate has not been revoked, the contents of the attribute certificate verification response 1200 become reliable, and the verification result of the attribute certificate 280 to be verified described in the attribute certificate verification response 1200 is obtained. Can be obtained legitimately. Therefore, the attribute certificate verifier can verify the attribute certificate without having a function for constructing and verifying a complicated certification path and a function for acquiring a public key certificate.

The present invention is not limited to the above-described embodiment. In particular, a method of constructing and verifying a certification path of a public key certificate can be variously modified within the scope of the invention.

[0094]

According to the present invention, in performing the verification of the attribute certificate, the verification can be performed at high speed even if the attribute certificate verifier having limited resources is used. In addition, it is possible to standardize the use of the trust point for all verifiers, and to easily perform a response on the verification side due to a change in the format of the attribute certificate or the public key certificate.

[0095]

[Brief description of the drawings]

FIG. 1 is a diagram showing a schematic configuration of an environment for using an attribute certificate and an attribute certificate verification authority.

FIG. 2 is a diagram illustrating an example of a structure of a public key cryptographic infrastructure including an attribute certificate.

FIG. 3 is a diagram illustrating a hardware configuration of each device illustrated in FIG. 1;

FIG. 4 is a diagram illustrating a software configuration of the certificate authority device illustrated in FIG. 1;

FIG. 5 is a diagram showing a software configuration of the attribute certificate authority device shown in FIG. 1;

FIG. 6 is a diagram showing a software configuration of the attribute certificate holder device shown in FIG. 1;

FIG. 7 is a diagram showing a software configuration of the attribute certificate verifier apparatus shown in FIG. 1;

FIG. 8 is a diagram showing a software configuration of the attribute certificate verification authority device shown in FIG. 1;

FIG. 9 is a diagram for explaining an operation for using an attribute certificate and verifying the attribute certificate using an attribute certificate verification authority device.

FIG. 10 is a flowchart illustrating an example of a method of verifying an attribute certificate.

FIG. 11 is a diagram showing an example of a format of an attribute certificate verification request.

FIG. 12 is a diagram illustrating an example of a format of an attribute certificate verification response.

[Explanation of symbols]

CA: certificate authority, CPU: central processing unit, EE: en
Entity, RP: Certificate Relying Party, 101: Certificate Authority
Apparatus 1, 102: Certificate authority apparatus 2, 109: Certificate authority apparatus
N, 110: Attribute certificate authority device, 120: Attribute certificate possession
Device, 130 ... attribute certificate verifier device, 140 ... attribute
Certificate verification authority device, 150 network, 200 certificate
Certificate authority₀₀, 211 ... Certificate authority₁₁, 212 ... Certificate Authority₁₂,
213: Certificate Authority_1n, 214 ... EE₁/ Attribute Certificate Authority, 2
21 ... Certification authority₂₁, 222 ... Certificate Authority ₂₂, 223 ... Authentication
Station_2n, 224 ... EE₂/ Attribute certificate holder, 231 ...
Certificate Authority₃₁, 232 ... EE₃/ Attribute Certificate Verification Bureau, 23
3: RP / attribute certificate verifier, 241: Mutual authentication certificate
₀₁, 242 ... Mutual authentication certificate₀₂, 243 ... Mutual authentication
Certificate₀₃, 246 ... Mutual authentication certificate₁₀, 247 ... phase
Mutual authentication certificate₂₀, 248… Mutual authentication certificate₃₀, 25
1 ... Public key certificate₁₁, 252 ... Public key certificate ₁₂, 2
53 ... Public key certificate_1n254 public key certification
book_ee1, 261… Public key certificate₂₁, 262 ... public key
Certificate₂₂, 263… Public key certificate₂₃, 264 ... Public
Key certificate_ee2, 271… Public key certificate₃₁, 272 ...
Public key certificate_{ee 3}, 280... Attribute certificate, 290.
Maine₀, 291… Domain₁, 292… Domain₂,
293… Domain₃, 300 bus, 310 input device
, 320 ... display device, 330 ... CPU, 340 ... memo
Re, 350: storage device, 360: communication device, 400: e
Operating system, 410: Public key certificate issuance program
Program, 420 ... public key certificate management program, 43
0: Public key certificate public program, 440: Revocation information issued
Line program, 450 ... revocation information management program, 46
0: revocation information disclosure program, 470: secret key information management
Program, 500 ... Operating system, 51
0: Public key certificate acquisition program, 520: Public key certificate
Certificate management program, 530: Attribute certificate issuing program
, 540... Attribute certificate management program, 550.
Certificate disclosure program, 560 ... Revocation information issuance program
570 ... Revocation information management program, 580 ... Revocation information
Information disclosure program, 590 ... Private key information management program
System, 600 ... operating system, 610 ... public
Key certificate acquisition program, 620 ... Public key certificate management program
Program, 630 ... Attribute certificate acquisition program, 640
... Attribute certificate management program, 650 ... Signed electronic document
Generating program, 660: Electronic document transmission program with signature
Program, 670: secret key information management program, 700: operation
Rating system, 710: Program for acquiring trust points
720, trust point management program, 730
Child document receiving program, 740 ... Signed electronic document verification program
Program, 750: Attribute certificate verification request generation program
760, an attribute certificate verification request transmission program, 77
0: attribute certificate verification response receiving program, 780: attribute
Certificate Verification Response Verification Program, 800… Operity
810 ... Certificate acquisition program, 811
... Certificate management program, 820 ... Revocation information acquisition program
RAM, 821: revocation information management program, 830: authentication
Path construction program, 840 ... certification path verification program
850: Validation program, 860: Attribute certification
Document verification request receiving program, 861 ... Attribute certificate verification required
Request analysis program, 870 ... attribute certificate verification response generation program
Program, 871… attribute certificate verification response transmission program
, 880... Secret key information management program, 1100.
Certificate verification request, 1200 ... Attribute certificate verification response

Continuation of front page    (72) Inventor Hiroshi Nakakoji             1099 Ozenji Temple, Aso-ku, Kawasaki City, Kanagawa Prefecture             Hitachi, Ltd. System Development Laboratory (72) Inventor Yutaka Miyazaki             1-6-27 Shinsuna, Koto-ku, Tokyo Stock Association             Public Systems Division, Hitachi, Ltd. F-term (reference) 5B085 AE00 BA06 BG02                 5J104 AA08 LA03 LA05 MA01 PA07

Claims (7)

[Claims] A public key is issued in response to a request for verification of an attribute certificate including information capable of identifying the attribute certificate, which is requested from a device of a person who intends to verify the attribute certificate via a network. This method verifies the validity of the attribute certificate based on encryption, and returns the verification result. The attribute certificate authority's public key certificate is obtained from the attribute certificate authority name described in the attribute certificate to be verified. From the issuer name of the public key certificate, obtain a public key certificate that is higher in the rank of the public key certificate, and repeat until the public key certificate of a trusted certificate authority is finally reached An attribute certificate certification path construction step for constructing a certification path from the attribute certificate to the public key certificate of a trusted certificate authority;
For all certificates except the self-signed certificate on the certification path, an attribute certificate that verifies the signature of the certificate with the public key certificate positioned higher than the certificate and confirms that the signature is valid. Certificate certification path verification step and acquire revocation information for all certificates on the certification path,
An attribute certificate validity check step for confirming that all certificates on the certification path have not been revoked; an attribute certificate verification step comprising: an attribute certificate holder described in the attribute certificate; The public key certificate of the holder of the attribute certificate is obtained from the information, and the public key certificate located above the public key certificate is obtained from the issuer name of the public key certificate. Attribute certificate holder public key that builds a certification path from the attribute certificate holder's public key certificate to a trusted certificate authority's public key certificate by repeating until the certificate authority's public key certificate is reached In the certificate certification path construction step and in all the certificates except the self-signed certificate on the certification path, the signature of the certificate is verified by the public key certificate located above the certificate, and the signature is correct. Attribute certificate holder public key certificate certification path verification step to confirm that the certificate is valid, and revocation information on all certificates on the certification path is acquired, and all certificates on the certification path are revoked. A method for verifying an attribute certificate, comprising: an attribute certificate holder public key certificate validity check step for confirming that there is no attribute certificate holder; and an attribute certificate holder public key certificate verification step. 2. An attribute certificate verification method according to claim 1, wherein: an attribute certificate certification path construction step; an attribute certificate validity confirmation step; an attribute certificate holder public key certificate certification path construction step; In the attribute certificate holder public key certificate validity check step,
A certificate-related information recording step for recording public key certificate and revocation information; and an attribute certificate authentication path construction step, an attribute certificate validity check step, and an attribute certificate holder public key certificate authentication after the recording step. When performing the path construction step and the attribute certificate holder public key certificate validity confirmation step, refer to the recorded attribute certificate, public key certificate or revocation information, and construct the certification path. If there is an attribute certificate, public key certificate, or revocation information necessary for verifying the revocation information, the verification of the attribute certificate is characterized by having a function of referring to the certificate-related information using the information. Method. 3. The method for verifying an attribute certificate according to claim 1, wherein a verification result of each certification path or a verification result of the attribute certificate, and an attribute certificate, a public key certificate, and a revocation related to the verification result. A verification result recording step of recording a validity period that satisfies all the validity periods of the information, and receiving another verification request, verifying the attribute certificate, the attribute certificate verifying step, or the attribute certificate holder public key When performing the verification step, refer to the verification result recorded above, and if there is a verification result of the attribute certificate to be verified or a verification result of the validity of the certification path, and the verification date and time of the verification request Is within the validity period of the verification result,
A method of verifying an attribute certificate, comprising: a verification result reference function that uses the verification result. 4. A method for verifying an attribute certificate according to claim 1, wherein a person who attempts to verify the attribute certificate attaches a public key certificate of a certificate authority trusted by the person. A method of verifying an attribute certificate, comprising transmitting a verification request by using the certificate as a trust point when constructing a certification path. 5. The method for verifying an attribute certificate according to claim 1, wherein said apparatus for receiving a request for verification of an attribute certificate is authenticated based on a policy of a person who manages said apparatus. A method of verifying an attribute certificate, characterized in that a public key certificate of a station is registered and used, and the certificate is used as a trust point when constructing a certification path. 6. A public key in response to a request for verification of an attribute certificate including information capable of identifying the attribute certificate, which is requested from a device of a person who intends to verify the attribute certificate via a network. A device that verifies the validity of the attribute certificate based on cryptography and returns a result of the verification. The public key certificate of the attribute certificate authority is obtained from the attribute certificate authority name described in the attribute certificate to be verified. From the issuer name of the public key certificate, obtain a public key certificate that is higher in the rank of the public key certificate, and repeat until the public key certificate of a trusted certificate authority is finally reached Therefore, the attribute certificate certification path construction means for constructing the certification path from the attribute certificate to the public key certificate of the trusted certificate authority, and in all the certificates except the self-signed certificate on the certification path, Of the certificate Verify the signature of the certificate with the public key certificate located at the top, and obtain the attribute certificate certification path verification means to confirm that the signature is valid, and obtain revocation information for all certificates on the certification path Attribute certificate validating means that combines three means of verifying that all certificates on the certification path have not been revoked; attribute certificate validating means; Obtains the public key certificate of the attribute certificate holder from the information about the attribute certificate holder and obtains the public key certificate that is higher in the hierarchy than the issuer name of the public key certificate It builds a certification path from the attribute certificate holder's public key certificate to the trusted certificate authority's public key certificate by iterating until the public key certificate of the trusted certificate authority is finally reached. Attribute certificate Certificate holder public key certificate certification path construction means and, for all certificates except the self-signed certificate on the certification path, verify the signature of the certificate with the public key certificate located above the certificate. Attribute certificate holder public key certificate certification path verification means for confirming that the signature is valid, and revocation information on all certificates on the certification path are acquired, and all certificates on the certification path are obtained. Attribute certificate holder public key certificate validity checking means for confirming that the certificate has not been revoked; and attribute certificate holder public key certificate verification means combining three means. Attribute certificate verification device to do. 7. A public key in response to a request for verification of an attribute certificate including information capable of specifying the attribute certificate, which is requested from a device of a person who intends to verify the attribute certificate via a network. A storage medium storing a program for verifying the validity of the attribute certificate based on encryption and returning a result of the verification, wherein the program is read and executed by a computer to perform verification. The public key certificate of the attribute certificate authority is obtained from the attribute certificate authority name described in the target attribute certificate, and the public key located further above the public key certificate from the issuer name of the public key certificate An attribute certificate that constructs a certification path from an attribute certificate to a public key certificate of a trusted certificate authority by obtaining a key certificate and repeating until it finally reaches the public key certificate of a trusted certificate authority. For all certificates except the certification path construction means and the self-signed certificate on the certification path, the signature of the certificate is verified by the public key certificate located above the certificate, and the signature is valid. Attribute certificate certification path verification means for confirming that the certificate has been revoked, and attribute certificate for acquiring revocation information on all certificates on the certification path and confirming that all certificates on the certification path have not been revoked Attribute certificate verification means combining the three means of validity check means and attribute certificate holder public key certificate from information on the attribute certificate holder described in the attribute certificate; By obtaining the public key certificate that is higher in the rank of the public key certificate from the issuer name of the public key certificate and repeating until the public key certificate of the trusted certificate authority is finally reached, the attribute is obtained. Attribute certificate holder public key certificate certification path construction means for constructing a certification path from the public key certificate of the certificate holder to the public key certificate of a trusted certificate authority, and a self-signed certificate on the certification path Attribute certificate holder public key certificate authentication that verifies the signature of all certificates other than the certificate by verifying the signature of the certificate with the public key certificate located above the certificate and confirming that the signature is valid Path verification means and attribute certificate holder public key certificate validity to acquire revocation information for all certificates on the certification path and confirm that all certificates on the certification path have not been revoked A storage medium characterized in that an attribute certificate holder public key certificate verifying means, which is a combination of three means, is constructed on the computer.