摘要 |
<p>In a system where a communication device performs secure communication by using a digital certificate, to enable a device of a communication party to verify that a self certificate is certainly generated by a device indicated on the self certificate even if the self certificate is not delivered offline in advance. Based on a master key and a public parameter 293a, a communication device 200 generates an ID-based encryption private key 293b for which a device unique ID 291b is used as a public key. Then, the communication device 200 generates the digital signature of an RSA public key 292b as a ID-based encryption signature 294b by using the ID-based encryption private key 293b. Then, the communication device 200 generates an RSA self signature 294a for the RSA public key 292b, an expiration date, a host name 291c, the device unique ID 291b, and the ID-based encryption signature 294b as the target. Then, the communication device 200 generates a self-signed certificate 294 to include the ID-based encryption signature 294b and the RSA self signature 294a.</p> |