Communication apparatus, digital signature issuance method and apparatus, and digital signature transmission method
First Claim
Patent Images
1. A digital signature issuance method for issuing, in a digital signature issuance apparatus, a digital signature to a second apparatus which communicates with a first apparatus, comprising the steps of:
- receiving a parameter from the first apparatus;
computing data, based on the parameter received from the first apparatus, for use by the second apparatus to share secret data for encryption with the first apparatus;
issuing a result of the computation to the second apparatus;
receiving, from the second apparatus, data which is calculated by the second apparatus based on the shared secret data;
generating a digital signature, using a private key, for both an address of the second apparatus and the data which is calculated by the second apparatus based on the shared secret data, wherein the digital signature is generated using the private key so as to be usable by the first apparatus for authentication based on the shared secret data and the address of the second apparatus used to share the secret data; and
issuing to the second apparatus, the digital signature generated in the generating step and a public key certificate, wherein the public key certificate includes an address of the digital signature issuance apparatus, a public-key corresponding to the private key used for generating the digital signature, and information defining that the digital signature issuance apparatus generates a digital signature.
1 Assignment
0 Petitions
Accused Products
Abstract
An initiator shares y_ir with a responder, calculates HASH_I on the basis of y_ir, and sends HASH_I to an IKE proxy server. The initiator receives a digital signature SIG_S generated for HASH_I and the address of the initiator from the IKE proxy server and sends the digital signature SIG_S to the responder.
22 Citations
14 Claims
-
1. A digital signature issuance method for issuing, in a digital signature issuance apparatus, a digital signature to a second apparatus which communicates with a first apparatus, comprising the steps of:
-
receiving a parameter from the first apparatus; computing data, based on the parameter received from the first apparatus, for use by the second apparatus to share secret data for encryption with the first apparatus; issuing a result of the computation to the second apparatus; receiving, from the second apparatus, data which is calculated by the second apparatus based on the shared secret data; generating a digital signature, using a private key, for both an address of the second apparatus and the data which is calculated by the second apparatus based on the shared secret data, wherein the digital signature is generated using the private key so as to be usable by the first apparatus for authentication based on the shared secret data and the address of the second apparatus used to share the secret data; and issuing to the second apparatus, the digital signature generated in the generating step and a public key certificate, wherein the public key certificate includes an address of the digital signature issuance apparatus, a public-key corresponding to the private key used for generating the digital signature, and information defining that the digital signature issuance apparatus generates a digital signature. - View Dependent Claims (2, 3, 4, 12)
-
-
5. A non-transitory computer-readable storage medium storing a digital signature issuance program for causing a digital signature issuance apparatus to issue a digital signature to a second apparatus which communicates with a first apparatus, the program comprising code for performing the steps of:
-
receiving a parameter from the first apparatus; computing data, based on the parameter received from the first apparatus, for use by the second apparatus to share secret data for encryption with the first apparatus; issuing a result of the computation to the second apparatus; receiving, from the second apparatus, data which is calculated by the second apparatus based on the shared secret data generating a digital signature, using a private key, for both an address of the second apparatus and the data which is calculated by the second apparatus based on the shared secret data, wherein the digital signature is generated using the private key so as to be usable by the first apparatus to perform authentication based on the shared secret data and the address of the second apparatus used to share the secret data; and issuing, to the second apparatus, the digital signature generated in the generating step and a public key certificate, wherein the public key certificate includes an address of the digital signature issuance apparatus, a public-key used for generating the digital signature, corresponding to the private key, and information defining that the digital signature issuance apparatus generates a digital signature. - View Dependent Claims (6, 7, 13)
-
-
8. A digital signature issuance apparatus for issuing a digital signature to a second apparatus which communicates with a first apparatus, comprising:
-
a receiving unit configured to receive a parameter from the first apparatus; a computing unit configured to compute data, based on the parameter received from the first apparatus, for use by the second apparatus to share secret data for encryption with the first apparatus; an issuing unit configured to issue a result of the computation to the second apparatus; a receiving unit configured to receiving, from the second apparatus, data which is calculated by the second apparatus based on the shared secret data and a generating unit configured to generate a digital signature, using a private key, for both an address of the second apparatus and the data which is calculated by the second apparatus based on the shared secret data, wherein the digital signature is generated using the private key so as to be usable by the first apparatus to perform authentication based on the shared secret data and the address of the second apparatus used to share the secret data, wherein the issuing unit issues, to the second apparatus, the digital signature generated by the generating unit and a public key certificate, the public key certificate including an address of the digital signature issuance apparatus, a public-key corresponding to the private key used for generating the digital signature, and information defining that the digital signature issuance apparatus generates a digital signature, and wherein said digital signature issuance apparatus comprises a processor configured to function as the computing unit, the generating unit, and the issuing unit. - View Dependent Claims (9, 10, 11, 14)
-
Specification