Search

JP-7854812-B2 - Computer system and key exchange method

JP7854812B2JP 7854812 B2JP7854812 B2JP 7854812B2JP-7854812-B2

Inventors

  • 内藤 成美
  • 高 秀幸
  • 佐藤 恵一
  • 小野寺 悠

Assignees

  • 株式会社日立製作所

Dates

Publication Date
20260507
Application Date
20220117

Claims (6)

  1. A computer system comprising a data management server and client terminals, The aforementioned data management server has a computing unit and a storage device, Manage a database that stores confidential data encrypted using a probabilistic encryption method with a master secret key. The arithmetic unit has a function to generate a secure and logically isolated trusted area in the memory device. The trust area stores the master private key, as well as the public information and first private information used in the Diffie-Hellman key exchange scheme. The client terminal holds the public information and the second secret information used in the Diffie-Hellman key exchange scheme. The aforementioned data management server is When the data management server receives a request from the client terminal to generate a user secret key used to access the confidential data managed by the data management server, it generates a first public key using the public information and the first secret information. The first public key is sent to the client terminal. The aforementioned client terminal is The user's private key is generated using the public information, the second secret information, and the first public key. A second public key is generated using the aforementioned public information and the aforementioned second secret information. The second public key is sent to the data management server. The aforementioned data management server is The second public key is stored in the trust area, In the aforementioned trust domain, the user's private key is generated using the public information, the first secret information, and the second public key. Within the aforementioned trust area, key management data for managing the user's private key is generated. The key management data is recorded as information used for a verification process to determine whether the user's private key is valid or not . Furthermore, the data management server is characterized in that, after the key management data has been recorded, it deletes the user's private key from the trust area .
  2. A computer system according to claim 1, A computer system characterized in that the user's private key is a key that is valid only once.
  3. A computer system according to claim 1, The aforementioned client terminal is The system accepts input of registered user management data from the user operating the client terminal to verify the user's legitimacy. The registered user management data is encrypted, and the encrypted registered user management data is registered on the data management server. The aforementioned data management server is When the aforementioned user private key generation request is received, the user management data input is accepted. A computer system characterized by determining whether a user who requested the generation of the user secret key is a legitimate user, based on the encrypted user verification data and the encrypted registered user management data.
  4. A key exchange method in a computer system including a data management server and client terminals, The aforementioned data management server has a computing unit and a storage device, Manage a database that stores confidential data encrypted using a probabilistic encryption method with a master secret key. The arithmetic unit has a function to generate a secure and logically isolated trusted area in the memory device. The trust area stores the master private key, as well as the public information and first private information used in the Diffie-Hellman key exchange scheme. The client terminal holds the public information and the second secret information used in the Diffie-Hellman key exchange scheme. The aforementioned key exchange method is: When the data management server receives a request from the client terminal to generate a user secret key used to access the confidential data managed by the data management server, the first step is to generate a first public key using the public information and the first secret information. The second step is that the data management server transmits the first public key to the client terminal, A third step in which the client terminal generates the user private key using the public information, the second secret information, and the first public key, The fourth step involves the client terminal generating a second public key using the public information and the second secret information, A fifth step in which the client terminal transmits the second public key to the data management server, A sixth step in which the data management server stores the second public key in the trust area, A seventh step in which the data management server generates the user private key in the trusted area using the public information, the first secret information, and the second public key, The eighth step is for the data management server to generate key management data for managing the user private key in the trusted area, A ninth step in which the data management server records the key management data as information to be used for a verification process to determine whether the user secret key is valid, Includes, The seventh step of the key exchange method is characterized in that the data management server deletes the user private key from the trust area after the key management data has been recorded.
  5. A key exchange method according to claim 4, A key exchange method characterized in that the user's private key is a key that is valid only once.
  6. A key exchange method according to claim 4, The client terminal receives input of registered user management data from a user operating the client terminal to verify the user's legitimacy; The client terminal includes the step of encrypting the registered user management data and registering the encrypted registered user management data with the data management server, The first step described above is, The data management server accepts the input of user management data for verification, A key exchange method characterized in that the data management server determines whether the user who requested the generation of the user secret key is a legitimate user, based on the encrypted verified user management data and the encrypted registered user management data.

Description

This invention relates to a method for exchanging private keys. Cloud services have been increasingly used in recent years to reduce system development costs and operational management costs. However, with cloud services, the organization managing the cloud service provider and the organization using the system are different. Therefore, preventing information leaks and other incidents, as well as investigating the causes of any incidents and preventing recurrence, become challenges . One possible preventative measure against data leakage is to utilize encryption technology to ensure data confidentiality in advance. For example, when using a symmetric-key encryption scheme where multiple clients share the same key (shared key) to encrypt and decrypt data, the risk of information leakage increases as the number of clients (users) sharing the shared key increases. Therefore, if the shared key used for encrypted data held by a database is leaked, there is a possibility that a malicious third party could decrypt the encrypted data. If the shared key is leaked, prompt action is necessary to address the aforementioned risks, such as generating a new shared key and redistributing it to all clients. As a technology to solve the aforementioned problems, the technology described in Patent Document 1 is known. Patent Document 1 describes that "a data management server manages a database storing encrypted confidential management data using a master secret key, a search client holds a common secret key and a user secret key assigned to each user, and when it receives a search instruction containing a search keyword, it sends a search request containing an output confidential search keyword generated using the common secret key and the user secret key, and if the user secret key is valid, the data management server generates a confidential management search keyword for searching the confidential management data by converting the output confidential search keyword into ciphertext using the master secret key, searches for confidential management data that matches the confidential management search keyword, and generates output confidential data using the confidential management data and the user secret key." According to the invention described in Patent Document 1, if a user's private key is leaked, it is sufficient to take measures such as updating or revoking the leaked user's private key; there is no need to update other user private keys or data stored in the database. Therefore, rapid countermeasures against private key leaks become possible. Japanese Patent Publication No. 2018-97034Japanese Patent Publication No. 2012-123614 This is a diagram showing an example configuration of the computer system in Example 1.This figure shows an example of the hardware configuration of the client terminal in Example 1.This figure shows an example of the hardware configuration of the data management server in Example 1.This figure shows an example of the functional configuration of the client terminal (U) in Embodiment 1.This figure shows an example of the functional configuration of the client terminal (KM) in Example 1.This figure shows an example of the functional configuration of the data management server in Example 1.This is a sequence showing the procedure for registering the master private key in the computer system of Example 1.This sequence shows an example of the procedure for issuing a user private key in the TEE trust area processing unit of the computer system of Example 1.This sequence shows an example of the procedure for issuing a user private key for a client terminal (KM) in the computer system of Example 1.This is a sequence diagram showing an example of the procedure for issuing a user private key for a client terminal (U) in the computer system of Embodiment 1.This is a sequence diagram showing an example of the procedure for issuing a user private key for a client terminal (U) in the computer system of Embodiment 1.This is a sequence diagram showing an example of the procedure for issuing a user private key for a client terminal (U) in the computer system of Embodiment 1.This is a sequence diagram showing an example of the procedure for issuing a user private key for a client terminal (U) in the computer system of Embodiment 1.This figure shows an example of login control for general users in the computer system of Example 1.This figure shows an example of login control for general users in the computer system of Example 1.This figure shows an example of login control for general users in the computer system of Example 2.This figure shows an example of login control for general users in the computer system of Example 2.This is a sequence diagram showing an example of the procedure for issuing a user private key for a client terminal (U) in the computer system of Embodiment 2.This figure shows an example of user login control in the computer system of Example 3.This figure shows an example of user login contro