JP4905821B2 - Authentication system, authentication program, authentication method, computer and IC card - Google Patents

Description

  The present invention relates to an IC card issuance system and method, and more particularly to IC card issuance management, IC card information processing method, and issuance thereof for preventing personal information of IC card users from leaking in the IC card issuance system. It is related to the IC card by format.

  IC cards are beginning to be used as cards with higher security than magnetic cards. Normally, when an IC card is issued, a pair of a public key and a secret key is generated, and these keys are embedded in the memory of the IC card. The key generation generally includes an encryption algorithm for connecting a smart card issuing device having means for writing key information to the smart card to a personal computer (PC) and creating a key by the CPU in the PC. The program is executed by executing the same program, or the same program is executed by the CPU provided in the IC card. Regarding the latter, as a technique that enables a secure public key encryption key to be generated in an IC card within a practical time, there is one disclosed in, for example, Japanese Patent Laid-Open No. 2000-56680 (Patent Document 1).

JP 2000-56680 A

  Normally, when an IC card issuing organization issues an IC card to a member of an organization, a public key certificate corresponding to the private key embedded in the IC card is generated under the IC card issuing organization. Issue. In this case, since the issuing institution can associate the IC card user's public key certificate with the real name of the user, the internal member of the issuing institution intentionally uses the IC card user's real name and its usage history, etc. Personal information may be obtained, and personal information may be leaked.

An object of the present invention is to provide an IC card issuance system, an information processing method, and an IC card that prevent leakage of personal information of the IC card user.
Another object of the present invention is to provide an IC card issuance system, an information processing method, and an IC card in which the user can set the password of the IC card.

The present invention provides an IC card issuing system for issuing an IC card by giving key information generated based on unique information unique to the card to the IC card. Providing a first key generating means for generating first key information, a recording means for recording the first key information and unique information generated by the key generating means in a specific area of the IC card, and an IC card A first DB that stores the actual information related to the user who identifies the user to be associated with the unique information of the IC card, and
The system on the user side of the IC card receives the second key information based on the input means for inputting the password of the user, the password input from the input means, and the unique information recorded in the specific area of the IC card. Second key generation means for generating, certificate generation means for generating a public key certificate unique to the user based on the second key information generated by the second key generation means, and certificate generation means Is an IC card issuing system having a public key certificate generated by the above and a writing means for writing a password into the memory of the IC card.
In a preferred example, the second key generation unit and the certificate generation unit are realized by executing a specific program in a CPU provided in the IC card.
Preferably, the issuing institution has a second DB for registering and managing information related to a public key certificate unique to the user in association with information specifying an expired IC card.

The IC card information processing method according to the present invention is an IC card information processing method for creating an IC card by recording key information on the IC card,
A first key generation step of generating first key information based on an ID unique to the IC card in an issuing organization that issues the IC card, and specifying the generated first key information and unique ID for the IC card Recording in the area of
In the IC card user system, second key generation for generating second key information based on the password unique to the user input from the input means and the unique ID recorded in the specific area of the IC card A certificate generating step for generating a public key certificate unique to the user based on the generated second key information, and writing for writing the generated public key certificate and password in the memory of the IC card Steps.
In a preferred example, the first key information includes secret key information, the secret key information is recorded in a tamper-resistant area of the IC card, the second key information includes public key information, and the public key information is IC At least temporarily stored in the RAM area of the memory of the card, the public key certificate is stored in the RAM area of the memory of the IC card, and is read when the IC card is used.
In one example, in the second key generation step, second key information is generated in consideration of information relating to the validity period of the IC card determined by the issuing organization and the contents of the service.

The invention related to the IC card according to the present invention is grasped as an IC card in which information generated as a result of the steps performed by the issuing organization is recorded, for example, in the above method.
The IC card according to the present invention is an IC card having a CPU connected to an internal bus, a memory, and a tamper-resistant area. The tamper-resistant area is unique to the IC card and a program for generating key information. The information and the first key information generated by the IC card issuing organization are recorded, and the CPU executes the program in association with the password unique to the user and the unique information recorded in the tamper resistant area. A process for generating information and a certificate generation process for generating a public key certificate unique to the user based on the generated key information are performed. The RAM area of the memory stores the generated public key certificate. To do.

  According to the present invention, the processing in the IC card issuing organization having the actual information of the user himself and the processing for generating the public key certificate required when using the IC card are performed separately. Therefore, since no one can access the user's actual information from the public key certificate used when using the IC card, it is possible to prevent leakage of the user's personal information such as the IC card usage history.

Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings.
FIG. 1 is a diagram for explaining an outline of an IC card issuing system according to an embodiment of the present invention.
This example, company or organization, is an example of a system in which organizations such as the provider of goods and services to issue the IC card that records information as a membership card to the user, such as the organization employees and members.
The IC card issuing system includes a membership card issuing institution system (hereinafter simply referred to as an issuing institution) 11 and a member system 12. The issuing institution 11 and the member system 12 may be connected via a network, but may be offline systems independent of each other.
The details of the issuing agency 11 and member 12 systems are shown in FIGS. 2 and 4 and will be described later.

If you wish to issue a membership card, the applicant goes to the issuing organization, fills in the required information on the membership application, that is, discloses his / her personal information and applies. At the same time, a certificate of identity such as a driver's license is presented and the IC card 10 as a membership card provided by the issuing institution 11 is received.
When issuing the IC card 10 at the issuing organization, a unique ID and a key pair PX, SX of a public key cryptography for proving membership are recorded on the IC card. In addition, in order to manage the IC card 10 to be issued, the member's real name, card validity period, qualification content, etc. are registered in the management DB 3 of the issuing institution 11 in association with the unique ID of the IC card. . Further, the issuing institution 11 has a revocation DB 5 for managing revoked member cards, and responds to inquiries from the outside such as card use stores.

  When the member obtains the IC card 10 issued from the issuing institution 11, the member performs a predetermined operation to set the IC card in an effective state using his / her system such as a PC. In the member system 12, the user himself / herself registers a password in the IC card. In the IC card 10, key pair information is generated based on this password, and the public key, the validity period, and the qualification content in the generated key pair information are signed with the secret key SX of the issuing organization. A public key certificate (hereinafter referred to as a member ID) is generated. These key pair information and member ID are written in the memory of the IC card 10. By such an operation, the IC card is set in a useful state.

  As described above, in this embodiment, the IC card issuing organization obtains the actual information of the user himself and performs the minimum processing for issuing the IC card, while the user system uses the IC card when using the IC card. Processing related to the initial setting of the IC card for generating the necessary public key certificate is performed. That is, the processing for initial setting of the IC card is separately performed in both systems, thereby preventing anyone from accessing the actual information of the user from the member ID used when using the IC card. Yes.

Next, the system 11 of the membership card issuing organization will be described with reference to FIG.
The issuing institution system 11 includes a server 20, and necessary information is recorded on the IC card 10 in accordance with a command from the server 20. The server 20 may be a known PC and includes a CPU 201, an input device 202 such as a keyboard and a mouse, a display device 203, a memory 204, and a hard disk 205.
The memory 204 stores a program for generating a public key / private key pair, and the CPU 201 executes the program to generate key pair information SX and PX.

  The IC card 10 is given a unique ID such as a number at the time of manufacture. This unique ID and the key pair information SX, PX generated by executing the above program are imprinted and fixed in the tamper area 104 of the IC card 10.

  The IC card 10 includes a CPU 101, a ROM 102, a RAM 103, and a tamper resistant area 104. The ROM 102 stores a program for generating key pair information PA and SA and a member ID, and this program is executed by the CPU 101 to generate key pair information PA and SA. Also, a member ID (public key certificate) for the public key information PA is generated. In this embodiment, the key pair information PA and SA and the member ID are generated in the member system 12.

Signature and decryption are performed using the generated key pair information PA and SA and the member ID. The RAM 103 also stores information such as the generated public key PA, the generated member ID, the validity period of this membership card, and qualification contents. In the tamper resistant area 104, the unique ID of the IC card and the secret key SX of the issuing agency are imprinted and fixed, and such information cannot be taken out from the card.
The issuing institution 11 has a management DB 3 for managing information related to the IC card 10 to be issued. This DB3 is formed in the bird disk 205 of the server 20, for example.

  FIG. 3 shows an example of the DB format. In the management DB 3, information such as a member's real name 32, an effective date 33, an expiration date 34, and qualification content 35 of the card is registered in correspondence with the unique ID (card ID) 31 of the card.

Although the member's real name 32 is managed in the management DB 3, the member ID and password of the membership card of the IC card generated after issuance are not registered in the management DB 3. There will be no chance of leaking personal information. Even when an anonymous name is recorded on the membership card later and the membership card is used, there is no problem in managing DB3.
Here, the expiration date 34 is the expiration date of the membership card, such as “December 2005”. The qualification content 35 is a ranking of members in the case of a rental video store member, such as “Video Rental Premium Member”.

The issuing institution 11 also has a revocation DB 5 and manages information on revoked membership cards.
FIG. 5 shows an example of the revocation DB 5.
The revocation of a membership card is a loss of membership as a member when, for example, the member has committed fraud within the validity period. At that time, the following information is registered in the revocation DB 5 by contacting the issuing organization 11 with the member ID and applying for revocation.

  That is, information such as a revocation application date 52 is registered in the revocation DB 5 using the member ID 51 as a key. Here, since the member ID 51 is information generated by using the member's PC after the IC card is issued from the issuing institution 11, the information originally registered in the DB 3 of the issuing institution 11 and the member ID 51 are used. The relationship with the information is not attached.

On the other hand, in response to an inquiry about the expiration of a membership card from the outside such as a rental video store where the membership card is used, the revocation DB 5 is searched for the inquired member ID, and whether or not there is a matching member ID. We respond by inquiring .
In addition, the inquiry to the issuing institution 11 from the outside or the access to the revocation DB 5 may be automatically performed via a network, or may be an inquiry using a telephone.
In this way, the registration information in the revocation DB 5 is independent of the registration information in the management DB 3, so it is not possible to contact the user's actual information because the member has been revoked. Personal information is protected.

Next, processing of related information for the IC card 10 in the member system 12 will be described with reference to FIG.
The member system 12 has a PC 40, and necessary information is written into the IC card 10 in accordance with an operation from the PC 40. As is well known, the PC 40 includes a CPU 401, an input device 402 such as a keyboard and a mouse, a display 403, a memory 404, and a hard disk 405. The IC card 10 is connected to the PC 40 via an adapter such as a PCI bus slot.

  The IC card 10 to be processed is issued from the issuing institution 11, and as described above, the unique ID and the secret key SX are fixed in the tamper resistant area. The ROM 102 stores a public key / private key pair and a program for generating a member ID. When the CPU 101 executes this program, key pair information PA and SA and a member ID are generated.

Next, the key pair information generation operation of the public key cryptosystem in the member side system 12 will be described.
First, the member installs a program for guiding the initial setting operation of the IC card 10 in the PC 40 in advance. This program is initially stored on a CD (compact disc), and is distributed from an issuing organization at the same time that a user acquires an IC card as a member. Alternatively, when an initial setting of the IC card 10 is performed by a member, it can be obtained by accessing the website of the issuing institution via the Internet.

  When the installation of the above program on the PC 40 is completed, this program is executed by the CPU 401, and a confirmation message as to whether the IC card 10 is connected to the PC 40 is displayed on the display 403 of the member PC 40 according to the execution. Is done. When the IC card 10 is inserted into the slot of the PC 40, a guidance screen for password entry appears on the display 403 of the PC 40. The member inputs the password from the input device 402 while viewing the guidance screen.

  At this time, a program for generating a public key cryptosystem key pair stored in the ROM 102 is executed by the CPU 101 in parallel. The password input from the input device 402 is transferred to the IC card 10. In the IC card 10, the unique ID fixed to the tamper resistant area 104 is read out. Then, based on the password and the unique ID, a public key / private key pair PA, SA is generated. The generated public key PA is temporarily stored in the RAM 103. On the other hand, the password and secret key SA are recorded in the tamper resistant area 104.

Next, the expiration date and qualification contents stored in the RAM 103 are read out, and the public key PA generated earlier and the expiration date and qualification contents are used to obtain the secret key SX of the issuing organization recorded in the tamper resistant area. The member ID (public key certificate) is generated by signing. The generated member ID is stored in the RAM 103. The member ID includes a public key PA, a validity period, and qualification contents. The generated member ID can be read from the IC card 10 via the IC card issuing device 41, and the member can use it by a program operating on the PC 40.
The public key cryptosystem key pair can be generated by using a well-known method such as Diffie-Hellman algorithm.

Next, a signature process when using an IC card will be described.
It should be noted that, for the operation at the time of use of the IC card, but not directly related to the spirit of the present invention, ani-up, once described the client and the authentication of when to use the Web site, the signature of the member as an example I want to keep it.

  When a member electronically trades with a Web site via the Internet, login processing may be performed. After performing the IC card owner authentication by inputting the password into the IC card and collating it with the password recorded in the tamper-resistant area 104, the IC card uses the IC card to obtain the member ID stored in the RAM 103. Send to website. The Web site generates a random number and returns information encrypted with the public key PA in the received member ID to the IC card. The IC card is decrypted by SA and the result is transmitted to the website. The Web site confirms the valid member ID of the IC card by comparing the original random number and the random number returned after being decrypted by the SA.

  The signature of the member is processed using the secret key SA recorded in the tamper resistant area 104. A signature is like an electronic seal and serves as an approval stamp for a document. Can be used anonymously. For example, it is used when an audit committee of a third-party organization is operated anonymously and electronically presses an approval mark on audit documents. If you are a member of a rental video store, an electronic seal on the video borrowing will be your signature.

As mentioned above, although one Example of this invention was described, this invention is not limited to the said Example, It can implement in various deformation | transformation.
For example, the definition and terminology of the terms in the above embodiment are merely examples and are not limited thereto. For example, the configuration and name related to the management DB 3 or the revocation DB 5 are examples, and the present invention is not limited to this. For example, you may comprise as a management table and a revocation table.

Further, for information registered in these DBs or tables, information further related to that shown in FIG. 3 or 5 may be added. For example, the name of the member may be registered in the revocation DB 5 shown in FIG. The name may be a name designated by the member himself / herself, avoiding the use of the real name in order to prevent leakage of personal information of the member.
Further, the server 20 and the member PC 40 in the embodiments of FIGS. 2 and 4 are not limited to these, and may be information processing apparatuses that are generally used.

The figure which shows the outline | summary of the card issuing system by one Example of this invention. The figure which shows the structure of the system of the membership card issuing organization 11 in one Example. The figure which shows the format of DB3 in the issuing organization system in one Example. The figure which shows the structure of the member side system 12 in one Example. The figure which shows the format of revocation DB5 in the issuing organization in one Example.

Explanation of symbols

10: IC card 11: Member issuing organization 12: Member system 20: Server 3: Management DB 5: Revocation DB
101: CPU 102: ROM 103: RAM
104: Tamper resistant area.

Claims (7)

A first device for holding the secret key corresponding to the first public key, a certification system including a second device, and
The first device includes:
Said first device is unique information, based on the previously granted identification information to the first device, generating means for generating a second public key,
An encryption means for encrypting the second public key using the stored secret key;
Transmitting means for transmitting the encrypted second public key to the second device,
The second device includes:
Wherein as the information identifying the first device, the encrypted second receiving means for receiving a public key, the including,
An authentication system characterized by that. The first device comprises:
A receiving means for receiving the entered password,
The generating means includes
Authentication system according to claim 1, characterized in that to generate the second public key based on the received password and the identification information. The authentication system according to claim 1 or 2, wherein the first device is a card-type device including an integrated circuit. A program executed in a system including a first apparatus for holding a secret key, and a second device, a corresponding to the first public key,
In the first device,
The first device is unique information, based on the previously granted identification information to the first device, generating a second public key,
Encrypting the second public key using the stored private key,
Sending the encrypted second public key to the second device;
In the second device,
Wherein as the information identifying the first device, Rukoto to receive the second public key encrypted,
An authentication program characterized by causing A first device for holding the secret key corresponding to the first public key, a method performed in a system including a second device, and
The first device comprises:
The first device is unique information, based on the previously granted identification information to the first device, generating a second public key,
Encrypting the second public key using the stored private key,
Sending the encrypted second public key to the second device;
The second device comprises:
As the information identifying the first device, that will receive the second public key encrypted,
An authentication method. A computer capable of communicating with another information processing apparatus and holding a secret key corresponding to the first public key,
Generating means for generating a second public key based on identification information given in advance to the computer;
An encryption means for encrypting the second public key using the stored secret key;
An output means for outputting the encrypted second public key as information for identifying the computer in response to a request from the information processing apparatus;
Including a computer. An IC card that communicates with a terminal device capable of communicating with another information processing device and holds a secret key corresponding to the first public key,
Based on a previously granted identification information in the IC card, generating means for generating a second public key,
An encryption means for encrypting the second public key using the stored secret key;
Transmitting means for transmitting the encrypted second public key to the terminal device as information for identifying the IC card ;
IC card characterized by including.

Images