摘要 |
PROBLEM TO BE SOLVED: To enable a client terminal to perform its arithmetic processings rapidly during attribute authentication, even if it does not have arithmetic capability. SOLUTION: A user generates a secret key and generate an open key therefrom. A CA signs for the open key that the user generates with a signature key that the CA has, and issues an attribute certificate. In addition, the CA generates previously calculated attribute information using a random number. The user sends a request to provide service to an SP server, which generates its secret key and open key. Further, the SP server transmits a challenge calculated based upon the generated random number (r) to the user. The user generates a random number (f) and uses it to modify the attribute certificate. Further, the attribute information is used to calculate a signature value for the challenge from the SP server. Furthermore, the modified attribute certificate and calculated signature value are transmitted to the SP server. The SP server verifies the attribute certificate and signature value received from the user. Then when it is confirmed that the attribute certificate and signature value are valid, the service based on the attribute information is provided to the user. COPYRIGHT: (C)2009,JPO&INPIT
|