Recently, in order to securely conduct data communications through the Internet or the like, generally, a key estimation is prevented by applying a temporary key to secret data. Alternatively, data are encrypted by using a public key.
In a secure communication method using a public key encryption, a public key certificate for verifying an electronic signature of a request originator to be added to send data is first transmitted from a data request originator to a data request destination. A validity of the public key certificate is checked at a request destination. After that, a signature of data received from the data request originator is checked by using the public key in the public key certificate. It is checked whether the received data are created by a valid request originator.
However, the same public key certificate for verifying the signature of data has been always used unless a specific key pair (the public key and a private key) for the data request originator. If the third party spends a certain length of time, it becomes highly possible to estimate the private key corresponding to the public key. In a case of estimating the private key, an identity theft of a client terminal of the data request originator may be allowed. Hence, the data may be illegally used or may be altered.
In order to update a key pair (the public key and the private key), a technology is provided. When a communication session is opened between a client terminal and a server, after the public key certificate is mutually authenticated at both parties, a validity of a temporary public key is mutually confirmed with respect to the temporary public key mutually created at the both parties by verifying the signature by the public key in the public key certificate received from another party. A temporary key pair of the temporary public key received from another party and a temporary private key is shared by both parties. Communication data are encrypted and decrypted by using the shared temporary key pair.