m of n METHOD FOR PROVIDING CERTIFICATE SERVICE BASED ON M OF N MULTIPLE SIGNATURES IN USE OF MERKLE TREE STRUCTURE AND SERVER USING THE SAME

摘要

According to the present invention, there is provided a method of providing a certificate registration, approval, and destruction service by using multiple signatures, and an authentication support server using the method. The method according to the present invention is characterized in that in a state in which a public key corresponding to each of n ( 1) user terminals U _i (i = 1, ..., n) A server stores a public key corresponding to the user terminal U _i , a user ID corresponding to the remaining n-1 user terminals, a value of m, a value of n, and m: n Directly or indirectly, a multi-signature certificate generation request message, which is a message requesting the generation of a certificate by the multi-signature, and if the public key, the user ID, the m and n values, and the multi- Wherein the authentication support server supports to determine or determine the validity of the public keys PubKey _i corresponding to the n user terminals, and if it is determined that the public keys PubKey _i are valid, Key _i , the m and the n, and generates or generates a multiple signature location identifier PrivTxidABC corresponding to the certificate execution condition data, and the authentication support server records the generated multiple signature by sending a location identifier PrivTxidABC to the n user terminals, which causes the user terminal U _i each result value by signing the multi-signature location identifier PrivTxidABC as the PrivKey _i private key (private key) corresponding to the PubKey _i Multisignature location identifier signature value s and supported so as to create a SigPrivKey _i (PrivTxidABC), when the generated the multi-signature location identifier signature value SigPrivKey _i (PrivTxidABC) is obtained, the authentication support server, the multi-signature location identifier signature value (PrivTxidABC) to determine or determine whether or not the signature SigPrivKey _i Group Multisignature location identifier signature value s SigPrivKey _i (PrivTxidABC) is when it is determined that the normal signature, the authentication support server, the certificate execution condition data, the multi-signature location identifier signature value and a private block to the multi-signature location identifier Wherein the authentication support server is configured to determine whether the hash value calculated from the certificate execution condition data, the multi-signature location identifier signature values, and the multi- (I) a hash value of a public key PubKey _k of the specific user terminal U _k or a value obtained by processing the specific user terminal U _k , (ii) a hash value of the specific certificate Certificate execution condition data for the specific certificate, multiple signature location identifier signature values for the particular certificate, A hash value calculated from the multi-signature location identifier for the certificate, (iii) the approval target information or destruction request information of each of at least m user terminals U _i, or a value obtained by machining it, an approval target information signature value, Value and a hash value of the certificate approval or destroyed record data indicating that the approval or destruction of the certificate has been completed as the certificate approval or destruction completed record data including the multiple signature location identifier A method of acquiring a representative hash value or a value obtained by processing the representative hash value, and registering or registering the obtained value in a public block chain database, and an authentication support server using the method.