摘要:
Upon issuance of an attribute certificate, an attribute authority apparatus makes a determination policy available. The determination policy includes information designating at least one item to be checked by a service provider apparatus for determination to be made to verify the attribute certificate, and a criterion for the determination. The determination policy may be recorded in the attribute certificate, or released to public, or made available by issuing a determination policy certificate released to public. Information for obtaining the determination policy certificate may be recorded in or outside the attribute certificate and furnished to the service provider apparatus. In order to verify an attribute certificate transmitted from a user terminal, a service provider apparatus obtains the determination policy, and determines whether data in the at least one item designated in the determination policy fulfill the criterion recorded in the determination policy.
摘要:
A portion of a digital signature value for authenticating the validity of ID information is also used as an ID so as to reduce the amount of data. This is achieved by using a digital signature scheme with a short signature length obtained by transforming a Schnorr signature, which is a typical example of a digital signature scheme.
摘要:
The signer obtains the validity check information on the electronic certificate from the certification authority when it puts the digital signature on data and delivers the signed data, electronic certificate, and validity check information to the verifier. At this time, the certification authority creates validity check information on the electronic certificate in response to a validity check request from the signer and sends it to the signer. The term of validity of the validity check information is defined as necessary. The verifier verifies the signature and, using the validity check information sent from the signer, checks the validity of the electronic certificate.