Detection method for fraudulent mail, detection program therefor, and detection device therefor

摘要

Preliminarily sharing internal-transmission-secret-key-information used in e-mail addressed to an internal-network, between transmitting and receiving-terminals, and generating external-transmission-secret-key information used in an e-mail addressed to an external-network and external-transmission-public-key-information corresponding to the external-transmission-secret-key-information, in transmitting a mail, generating verification-information by encrypting first characteristic-amount-target-information including a characteristic-amount-target-item included in an outgoing-mail and adding, to the outgoing-mail header, the verification-information and characteristic-amount-target-item-information corresponding to the characteristic-amount-target-item, and, in receiving a mail, generating second characteristic-amount-target-information including a characteristic-amount-target-item indicated by the characteristic-amount-target-item-information added to the incoming-mail, decrypting the verification-information, generating third characteristic-amount-target-information, and verifying whether the second and the third coincide.

主权项

1. A fraudulent mail detection method, executed by a computer in an electronic mail terminal device, the fraudulent mail detection method comprising:
preliminarily sharing internal transmission secret key information used in an electronic mail addressed to an internal network, between a transmitting terminal and a receiving terminal, and preliminarily generating external transmission secret key information used in an electronic mail addressed to an external network and external transmission public key information corresponding to the external transmission secret key information; at a time of transmitting a mail, generating verification information by encrypting, using the internal transmission secret key information, first characteristic amount target information including a characteristic amount target item from among a header item, a body text, and attached information, included in an outgoing mail, or first characteristic amount information generated from the first characteristic amount target information on a basis of a predetermined function when a transmission destination of the outgoing mail is the internal network, and generating the verification information by encrypting, using the external transmission secret key information, the first characteristic amount target information or the first characteristic amount information when the transmission destination of the outgoing mail is the external network; and adding, to a header of the outgoing mail, the verification information and characteristic amount target item information corresponding to the characteristic amount target item; and at a time of receiving a mail, generating second characteristic amount target information including a characteristic amount target item indicated by the characteristic amount target item information added to the incoming mail, from among a header item, a body text, and attached information, included in the incoming mail, or generating second characteristic amount information from the second characteristic amount target information on the basis of the predetermined function; decrypting, using the internal transmission secret key information, the verification information added to the incoming mail when a transmission source of the incoming mail is the internal network, decrypting, using the external transmission public key information, the verification information added to the incoming mail when the transmission source of the incoming mail is the external network, and generating third characteristic amount target information or third characteristic amount information; and comparing the second characteristic amount target information or the second characteristic amount information with the third characteristic amount target information or the third characteristic amount information, and verifying whether or not the second characteristic amount target information or the second characteristic amount information and the third characteristic amount target information or the third characteristic amount information coincide with each other; preliminarily storing, in the transmitting terminal and the receiving terminal, wherein the internal transmission secret key information used in an electronic mail addressed to the internal network and verification information generation algorithm version information, and preliminarily generating the external transmission secret key information used in an electronic mail addressed to the external network and the external transmission public key information corresponding to the external transmission secret key information; at the time of transmitting a mail, wherein generating, on the basis of an encryption algorithm, first verification information by encrypting, using the internal transmission secret key information, first characteristic amount target information including a characteristic amount target item from among a header item, a body text, and attached information, included in and outgoing mail, or first characteristic amount information generated from the first characteristic amount target information on the basis of a characteristic amount generation algorithm when a transmission destination of the outgoing mail is the internal network, and generating, on the basis of an encryption algorithm, the first verification information by encrypting, using the external transmission secret key information, the first characteristic amount target information or the first characteristic amount information when the transmission destination of the outgoing mail is the external network; generating second verification information by encrypting, using the internal transmission secret key information or the external transmission secret key information, fourth characteristic amount information generated from first verification information generation algorithm version information stored on a transmitting side, on the basis of the characteristic amount generation algorithm, or the first verification information generation algorithm version information; and adding the first and second pieces of verification information to a header of the outgoing mail; and at the time of receiving a mail, wherein acquiring second verification information generation algorithm version information stored on a receiving side or generating fifth characteristic amount information from the second verification information generation algorithm version information on the basis of the characteristic amount generation algorithm; generating third verification information generation algorithm version information or sixth characteristic amount information by decrypting, using the internal transmission secret key information or the external transmission public key information, the second verification information added to the incoming mail; comparing the second verification information or the fifth characteristic amount information with the decrypted first verification information generation algorithm version information or the sixth characteristic amount information, and verifying whether or not the second version information or the fifth characteristic amount information and the decrypted first verification information generation algorithm version information or the sixth characteristic amount information coincide with each other; generating second characteristic amount target information including the characteristic amount target item from among a header item, a body text, and attached information, included in the incoming mail, or generating second characteristic amount information from the second characteristic amount target information on the basis of the characteristic amount generation algorithm; decrypting, using the internal transmission secret key information or the external transmission public key information, the first verification information added to the incoming mail, and generating third characteristic amount target information or third characteristic amount information; and comparing the second characteristic amount target information or the second characteristic amount information with the third characteristic amount target information or the third characteristic amount information, and verifying whether or not the second characteristic amount target information or the second characteristic amount information and the third characteristic amount target information or the third characteristic amount information coincide with each other.