JP2002217900A - Method, and equipment, program and recording medium thereof for time authentication - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a time authentication method, by which whether the generating time of data is after certain time point, before certain time or in a time period from certain time to certain time point can be specified. SOLUTION: A time management device opens to the public only Sn-i of values S0=S, S1=f(S), S2=f(S1)=f(f(S))=f2(S),..., Sn-i=f(Sn-i-1)=fn-i(S), obtained by applying a publicized one-directional function f(n-i) times to secret information S as time management information at a time T+iT' (0<=i<=n) every T' of time T to time T+nT'. A data generator obtains the newest time management information Sn-i in the case of generating data, sends data including Sn-i to a confirming person. When the are received, the data confirming person obtains the newest time management information Sn-j(i<j), applies f repeatedly to Sn-j and confirms that the data have been generated after T+iT' from the number of the applying times of f to Sn-j, until matching with fn-i and Sn-j obtaining time.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method for specifying the generation time of data such as an electronic signature as one of methods for confirming the validity of data such as an electronic document, an apparatus thereof, a program thereof and a recording medium thereof. About.

[0002]

2. Description of the Related Art Currently, common key cryptosystems and public key cryptosystems are often used in cryptosystems. In the public key cryptosystem, a user previously holds a secret key and a public key as his / her own key. The public key is widely disclosed, and the private key is kept secret by the user himself and must not be leaked to others. When creating an electronic signature (hereinafter referred to as a signature), a secret key is used. At the time of signature verification, the public key included in the public key certificate is used. Thus, it is possible to confirm whether the signature to be verified has been created with the corresponding private key and whether there has been any tampering thereafter.

[0003] However, if the secret key is leaked or broken and the secret key is passed to another person, the signature is generated and abused by impersonating the user. As a countermeasure for such a case where a signature that the user does not know is presented,
An important method is to prove that the signature was generated between a certain time t _s and a certain time t _e . A method of including time information in a signature has been proposed in the past. One of the methods is to use a hysteresis signature to spell a past data generation history into the signature ("Electronic Signature Alibi Implementation Mechanism for Cryptographic Breaks", Matsumoto et al., IPSJ Computer Security Study Group, March 2000. reference). In this method, the order of the signatures generated by the user can be known by using the signature generation history, but the time cannot be specified accurately. In addition, this method requires a large amount of information that must be managed by the signature creator (it is necessary to save all signatures generated in the past), and the signature time verifier performs verification processing using all of the information. Therefore, if the signature creator loses such information, the signature creator cannot perform a confirmation process, which is not practical.

[0004] It has also been proposed to use a time stamp service, which is a reliable third-party organization (see "Current Status and Issues of Digital Time Stamp Technology", Une et al., Bank of Japan Financial Research Institute, 1999). I have. However, this method only guarantees that the signature was generated before a certain time t _e, but does not guarantee that the signature was generated after a certain time t _s . On the other hand, the time stamp service uses a method of specifying the time using a character string such as “January 1, 2001”, and a method such as “weather information, stock price information” There is a method of specifying the time using information that anyone can know (hereinafter referred to as time management information). Reliability is greater in the latter than in the former, which depends on strings. However, it is not easy for a user to check past weather information, stock price information, and the like. If all past information is managed, the amount of information becomes enormous.

[0005]

SUMMARY OF THE INVENTION The present invention reduces the amount of information that must be managed by a data creator and reduces the amount of information (time management information) that a data time confirmer needs to obtain for confirmation processing. It is another object of the present invention to provide a time notarization method capable of specifying data generation timing after a certain time, before a certain time, or from a certain time to a certain time.

[0006]

According to the present invention, a time is specified by using time management information sequentially disclosed by a time management organization. Instead of using weather information, stock price information, and the like as time management information, the present invention uses a value calculated using the following one-way function. For example, as shown in FIG. 1, at time T + iT ′ (0 < i < n) between time T and time T + nT ′, the published one-way function f is applied to the secret information S ni times. S ₀ = S, S ₁ = f (S), S ₂ = f (S ₁ ) = f (f
(S)),..., S _ni = f (S _ni ) S _ni is obtained, and only the last calculated value S _ni = f ⁿⁱ (S) is disclosed as the latest time management information. The disclosure of the time management information is performed for each time T '. Note that a value f (f (f (S))) obtained by applying f to S three times is represented as f ³ (S), that is, a value applied n times is represented as f ⁿ (S).

Thus, past time management information can be calculated from the latest time management information only by applying a one-way function. Using this time management information, it is guaranteed that the data generation time is after a certain time t _s = T + iT ′ as follows. The data creator who generates data at time T + iT 'generates data using the latest time management information S _ni obtained from the time management organization. In the case of an electronic signature, this data is created by performing an electronic signature on the document to be signed and the time management information.

On the other hand, the data time confirmer applies the one-way function f published by the time management organization several times to the latest time management information published by the time management organization, and the time management information contained in the data to be confirmed is updated. By being able to calculate, it is confirmed that the data was generated after the time T + iT ′ at which the time management information included in the data was released. Also, using the time management information, it is guaranteed that the data generation time is earlier than a certain time t _e = T + (j + 1) T ′ (where 0 < i < j < n) as follows. Data management institutions, any value L ₀ as the initial value of the latest data management information L, than this to put on the public list published subsequent latest data management information L, the data at the time T + jT 'from the data creator _Assuming that the received data is D _{T + jT ′} , the one-way function disclosed in the latest data time management information L and D _{T + jT ′} and the latest (time T + jT ′) time management information (S _nj ) g, L ′ = g (L, D _{T + jT ′} , S _nj ) is calculated, L ′ is the latest data time management information L, and this is the data D _{T + jT ′} , time management information S _nj will be added to the public list as a set.

[0009] The data creator creates confirmation target data and sends it to the data management organization. In response, the data management organization publishes new data management information L (hereinafter, referred to as the data management information L)
The time when the data arrives at the data management organization is T + jT '). On the other hand, data time confirmer confirms that the check target data is included in the public list, the data D _{T + jT ',} when the data management information corresponding thereto to L _m, this set of L _m (L _m , D _{T + jT ′} , S _nj ) and the immediately preceding data management information L _m−1 are obtained from the public list, and the one-way function g is calculated as (L _m−1 , D _{T + jT ′} , applied to S _nj), that the calculated value is equal to L _m, is that is _'by the data management information L _m corresponding to is correctly calculated, the data D _{T + jT'} the data D _{T + jT} product It is time T +
Confirm that it is before (j + 1) T '.

Also, by combining the above two methods,
It is also possible to prove that the time when the data was generated is after a certain time t _s = T + iT ′ and before t _e = T + (j + 1) T ′. If necessary, declare the name of the data management institution used by the data creator, and the data time confirmer must include the data to be confirmed in the same data management institution as the data management institution declared by the data creator. It is possible to improve the reliability by checking that

This is because the data creator A is the data creator B
This is because, when data is created and registered in a data management organization different from the one declared by A, it becomes a clue to discovering improper processing.

[0012]

FIG. 2 shows an example of a system configuration to which the present invention is applied. The data creator device 100, the data confirmer device 200, the time management institution device 300, and the data management institution device 400 are configured to be able to communicate with each other via a communication network 500. The data management institution apparatus 400 is provided with a public list 401, and the public list 40 is provided.
Anyone can obtain the information recorded in 1. Although data is transmitted and received between these devices via a communication network, the data to be transmitted by the transmitting device is recorded on a portable recording medium such as a floppy (registered trademark) disk, and the recorded contents of the recording medium are recorded. , May be read and input by the receiving device.

The time management institution device 300 is provided with time management information S _0:00 , S _1:00 , and S _2:00 at predetermined time intervals, for example, every hour from time 0:00 to time 24:00. ,
..., S _24: to publish the ₀₀ in the order. This disclosure may be made public, for example, by broadcasting, or the request source may be notified of time management information of the corresponding time by a request from the outside. The time management information is calculated by applying the disclosed one-way function f to the secret information S as follows.

S _24:00 = S S _23:00 = f (S _24:00 ) = f (S) [Same as applying f once to S] S _22:00 = f (S _23:00 ) = F (f (S)) [same as applying f twice to S] = f ² (S)… S _15:00 = f (S _16:00 ) [apply f 9 times to S Synonymous with:] f ⁹ (S)… S _13:00 = f (S _14:00 ) = f ¹¹ (S) S _12:00 = f (S _13:00 ) = f ¹² (S) S _{11: 00 = f (S 12:00) =} f 13 (S) S 10:00 = f (S 11:00) = f 14 (S) ... S 0:00 = f (S 1:00) = f 24 ( S) Note that a specific example of a method for confirming which time the data is generated is between which times will be described.

At time 10:
When generating a signature at 00, a signature is generated in the following procedure.
(See FIG. 3) The latest time management information S _{10:00 is transferred} to the time management institution 3
The data shown in parentheses in FIG. 3 is an example of a generalized case obtained from S.00 (S1), which will be described briefly later. 2. When the signed document to M _1, performs signature generation for the information linked to M ₁ and S _10:00. At this time, if the generated signature is D _A , the signed document is (M ₁ , S
_10:00 , D _A ).

3. Signature D _A data management engine 400
(S2). Further, the data management institution device 400
It is, made public any value data management information L _0. Signed D _A is to update and publish the data management information in the following procedure and arrives at 11:00. 1. Update the latest time management information S _11:00 to the time management institution device 3
00 (S3). 2. The latest data management information L (in this case, L ₀ ) and S
_{At 11:00} , L ₁ is calculated by applying the published one-way function g to D _A as follows.

L ₁ = g (L ₀ , S _11:00 , D _A ) L ₁ is the latest data management information, and L ₁ and S
_11:00 to publish D _A as a set. FIG. 4 shows a storage example of the public list 401. On the other hand, when the device 100 of the data creator B generates a signature at 12:00, the signature is generated in the following procedure. 1. Update the latest time management information S _12:00 to the time management institution 3
00 (S4).

2. M to be signed_TwoThen M_TwoWhen
S_12:00A signature is generated for the information concatenated with. This
When the generated signature is D_BThen the signed document is
(M _Two, S_12:00, D_B). 3. Signature D_BTo the data management organization device 400
(S5). Further, the data management institution apparatus 400 has a signature D
_BIf the data arrives at 13:00, the data
Update and publish management information. 1. Latest time management information S_13:00Time management institution device 3
00 (S6).

2. The latest data management information L (in this case, L
And _1), S _13:00, a one-way function g to D _B was applied as follows to calculate the L _{2. L 2 = g (L 1,} S 13:00, D B) of the L ₂ as the latest data management information, the L ₂ and S
_13:00 to publish D _B as a set. Data confirmer device 20
0 signed document _{(M 2, S 12:00, D} B) To check the generation time of D _B in, carried out by the following procedure. Note that the time at this time is 15:00 (see FIG.
See also).

1. The latest time management information S15: ₀₀ is obtained from the time management institution device 300 (S7). 2. The latest time management information S obtained as follows:
_{At 15:00} , f is repeatedly applied, and it is confirmed whether each applied value is the same as S12 _{: 00} included in the signed document. S _14:00 = f (S _15:00 ) S _13:00 = f (S _14:00 ) = f ² (S _15:00 ) S _12:00 = f (S _13:00 ) = f ³ (S _15:00 ) S _11:00 = f (S _12:00 ) = f ⁴ (S _15:00 ) Signature D _B data management engine system in signed documents 4
It is checked whether it is included in the public list of No. 00 (S8).

4. L from the public list 401 (see FIG. 4)₀,
L₁, S_11:00, D_A, L_Two, S_13:00To obtain
Applicable data (M_Two, S_12:00, D_B) And corresponding data tube
Information L_TwoAnd the two data management information just before
Obtain the data for L_TwoIs the value obtained as
Check if they are the same. L₁= G (L₀, S_10:00, D_A) L_Two= G (L₁, S_13:00, D_BAs described above, the data confirmer apparatus 200 is D_BIs 12:00
To confirm that it was generated between 13:00 and 13:00
Can be. That is, as shown in FIG.
The user B device checks the data to be confirmed (M_Two, S_12:00, D_B)
And manage the data at 13:00
L in the engine device 400_Two, S_13:00, D_BAssured
Thus, the case where the above specific example is generalized will be briefly described.
In the device of the data creator A, the time management information S_niAt the time of
A signature data D_mData management organization device 4
00, and the data management institution apparatus 400 receives the time management information.
S _njL at the time_m, S_nj, D_mPublish and data creator
Device B (data generators A and B may be the same person)
I) is time management information S_nkGenerate data at the time of signing
Data D_{m + 1}To the data management organization device 400,
In the data management institution apparatus 400, the signature data D_mReceiving
Data received immediately after transmission is D_{m + 1}Indicates that
are doing. In the data management organization device 400, the time management information
S_npL at the time _{m + 1}, S_np, D_{m + 1}And confirm the data
The recognizer device 200 checks the data to be confirmed (L_{m + 1}, S_nk, D
_{m + 1}) With time management information S_nqReceive at the time. Note that i
<J <k <p <q <n.

FIG. 6 shows the data confirmer apparatus 200.
Sea urchin confirmation data (M₁, S_nk, D_{m + 1}) Is entered
(S1), latest time management information S_nq(S2),
S_{n- q}The one-way function f is applied to (S3),
Fruit is S_nkIt is checked whether or not it matches (S4).
If so, the process returns to step S3._{m + 1}Is public list 4
01 (S5).
If the public D_{m + 1}Set of L_{m + 1}And S_npAgain
Previous L_mAnd its S_nj, D_m, And L just before that _m-1And
It is obtained from the public list 401 (S6).

L _m = g (L _m−1 , S _nj , D _m ) L _{m + 1} = g (L _m , S _np , D _{m + 1} ) is calculated (S7), and the calculation result is obtained. L _m , L
_It is checked whether or not they match _{m + 1} (S8). If they match, it is determined that L _m and L _{m + 1} have been correctly generated, and S
_nq represents time T + qT ', and for S _nq , q−k
= R times, the match is obtained in step S4 by applying the one-way function f, and since k = q−r, the time T + (q
-R) Data D _{m + 1} is generated after T ', and S
Applying the one-way function f to _{nq qp} = t times, S _np
Is obtained at time T + (q−t)
Data D _{m + 1} was generated before T ′, that is, T
It is determined that data D _{m + 1} has been generated between + (q−r) T ′ and T + (q−t) T ′, and this is output (S9). If NO in steps S5 and S8, the data to be confirmed (M, S _nk , D _{m + 1} ) is discarded as being invalid and notified to the sender of the data as necessary (S10).

The time management information f _ni often has a large number of bits. In such a case, for example, f _ni
ni and may be stored i as corresponding data to the public list 401, thus S _nj, j instead of S _np, p is obtained and the S _nj, S _np in need in the calculation in step S8, The corresponding value calculated at the time of obtaining a value matching _{Snk in} steps S3 and S4 may be used. By doing so, the storage capacity of the public list 401 can be reduced, and the amount of data obtained in step S6 can be reduced. As described above, the information (including the time management information itself) corresponding to the time management information may be stored in the public list 401 as in the following description.

An example in which it is possible to confirm that the time at which data is generated is after a certain time will be described with reference to FIG. When generating data, the data creator device 100 first obtains the latest time management information S _ni from the time management organization device 300 (S1), and data (M, S _ni ) including the time management information S _ni. Is sent to the data confirmer apparatus 200 (S2). When the data to be confirmed (M, S _ni ) is input, the data _checker apparatus 200 obtains the latest time management information S _nj (j> i) from the time management institution apparatus 300 (S3), and manages the time. The one-way function f is repeatedly applied to the information S _nj until the calculation result matches the time management information S _ni in the check target data. As a result of applying the one-way function ji = r times, they match, and S _nj is obtained as time management information at time T + jT ′. Therefore, data (M, S _ni ) is obtained at time T + (j -R) The data confirmer apparatus 200 displays that the data is generated after T '= T + iT'.

Next, an example in which it is possible to confirm that the time when data is generated is before a certain time will be described with reference to FIG. Data creator device 100, when generating the data, sends the data D _A to the data management engine unit 400 (S1). The data management organization device 400 stores the data D _A
Upon receiving the, to obtain the latest time management information S _nj from the time management authority device 300 (S2), a one-way function g to the latest data management information L and S _nj and D _A at that time
The applied _{L A = g (L, D} A, S nj) calculates the, L _A
Is the latest data management information L, and a set of L, D _A , and S _nj is made public in the public list 401.

Data D from the data creator device 100_ABut
The data is sent to the data confirmer device 200 (S3), and the data
Approver device 200, confirmation target data D_AIs entered,
The data confirmer device 200 has data D_AIs in the public list 401
Check if it is published, and if it is published, its D
_AData management information L including_AAnd S_njAnd its L _A
Of the data management information L 'immediately before
(S4). L ', D_A , S_njFor the one-way function g
G (L ', D_A, S_nj) Is calculated, and the calculation result is L_AIf it matches, L_AIs positive
Time management information S_nj
And a time T one unit time later than the time T + jT ′ corresponding to
+ (J + 1) T 'before data D_AIs generated
Is displayed on the data confirmer apparatus 200. Note that S_njWhen
Same as above if the correspondence of T + jT 'cannot be known
And the latest time management information S_nkTo the time management institution 30
Obtain from 0, S_nkApply one-way function f repeatedly to
And S_njThe number of applications (k−j) = r until it matches
Ask, S_nkFrom time T + kT ′ corresponding to T + (k−
r) Find T '= T + jT' and find T + (j + 1) T '
You.

FIG. 9 shows an example of the functional configuration of the data checker apparatus 200 in the method shown in FIG. An input unit 201 to which authentication target data such as a receiving unit from a communication network or a reading unit of a recording medium is input; a time management information obtaining unit 202 that obtains time management information from the time management institution device 300;
A one-way function calculation unit 203 that applies a one-way function f to the time management information, a determination unit 204 that determines whether the one-way function value has reached a predetermined value, and a time management in the input data. A time conversion / output unit 205 that converts information into a corresponding time based on a result of a one-way function operation and determination, and outputs (displays or prints) the time, and a storage used for temporary storage, work, and the like. The unit 206 is configured to operate sequentially under the control of the control unit 207.

FIG. 10 shows an example of the functional configuration of the data checker apparatus 200 in the method shown in FIG. Parts corresponding to those in FIG. 9 are denoted by the same reference numerals. In this case, the input unit 201 and the data confirmation unit 211 in addition to the input data D _A in the storage unit 206 and the time conversion and output unit 205 checks whether the published public list 401, the required information from the public list 401 to obtain And a data management information confirming unit 213 for confirming whether the data has been correctly created based on the acquired information, and these are sequentially operated by the control unit 207.

The method shown in FIG. 3 combines the method shown in FIG. 7 and the method shown in FIG. 8 so that it can be confirmed that data is generated after a certain time and before a certain time. And therefore the data confirmer device 20
9 has the functions of FIGS. 9 and 10 as shown in FIG. 11 by assigning the same reference numerals to parts corresponding to those of FIGS. 9 and 10.
Thus, the operation for each unit is instructed to perform the processing shown in FIG. Each of the data checker apparatuses 200 shown in FIGS. 9 to 11 can be functioned by executing a program by a computer. That is, in a computer including an interface with a transceiver, a storage unit, a program memory storing a user confirmation program, a CPU (processor), and the like, a user confirmation program is transmitted from a CD-ROM, a magnetic disk, a floppy disk, or the like, or through a transmission path. Can be downloaded to a program memory, and the user confirmation program can be executed by the CPU to function as a user confirmation person device. Further, the data sent from the data creator device 100 does not have to have an electronic signature as in the example shown in FIG.

[0031]

As described above, according to the present invention, the amount of information that the data creator has to manage before confirming the data becomes unnecessary, and the amount of information (the time Management information) can be calculated from the latest time management information, so that there is only one. Moreover, according to the example shown in FIG. 3, the data generation time (from t _s to t
_e ) can also be specified.

[Brief description of the drawings]

FIG. 1 is a diagram showing the order in which time management institution devices 300 publish time management information.

FIG. 2 is a diagram showing an example of a system configuration to which the method of the present invention is applied.

FIG. 3 is a diagram showing a procedure of an example in which the present invention is applied and a data generation period can be confirmed.

FIG. 4 is a diagram showing an example of recorded contents of a public list 401.

FIG. 5 is a view showing processing on a time axis in the method shown in FIG. 3;

FIG. 6 is a flowchart showing an example of a processing procedure in the data confirmer apparatus 200 in the method of FIG. 3;

FIG. 7 is a diagram showing a procedure of an example in which it is possible to confirm that data generation is after a certain time by applying the present invention.

FIG. 8 is a diagram showing a procedure of an example in which it is possible to confirm that data generation is before a certain time by applying the present invention.

FIG. 9 is a diagram showing an example of a functional configuration of a data checker apparatus in the example shown in FIG. 7;

FIG. 10 is a diagram showing an example of the functional configuration of the data confirming person device in the example shown in FIG. 8;

FIG. 11 is a diagram showing an example of a functional configuration of a data checker apparatus in the example shown in FIG. 3;

Claims (14)

[Claims] 1. Between time T and time T + nT ′,
A time management institution device that publishes time management information for each T ′,
A time notarization method in which a data creator device and a data confirmer device can mutually transmit and receive data, wherein the time management institution device has a time T + iT '(0 < i < n) and secret information. S is a value obtained by applying the published one-way function f ni times S ₀ = S, S ₁ = f (S), S ₂ = f (S ₁ ) = f (f
(S)),..., S _ni = f (S _ni-1 ) Only S _ni is released as the latest time management information, and the data creator device is the latest time management information released by the time management institution device at the time of data generation. _Sni is obtained, data including the time management information is generated, and the data is sent to the data checker device. When the data checker device checks the time of the data to be checked,
Latest time management information S published by the time management institution device
Get _nj the (j> i), one-way function f to the S _nj
Is repeated until it matches the time management information S _ni included in the data to be confirmed, and it is confirmed that the data to be confirmed has been generated after the time T + iT ′ at which the time management information S _ni included in the data was released. Notarization method characterized by the fact that: 2. Between time T and time T + nT ′,
A time management institution device that publishes time management information for each T ′,
A time notarization method in which a data creator device, a data confirmer, and a data management institution device can mutually transmit and receive data, wherein the time management institution device has a time T + jT ′ (0 < j < n), values S ₀ = S, S ₁ = f (S), S ₂ = f (S ₁ ) = f (f) obtained by applying the published one-way function f to the secret information S n−j times
(S)),..., S _nj = f (S _nj-1 ) Only S _nj is released as the latest time management information, the data creator device generates data, and sends the data D to the data management organization device. and, data management engine system is an arbitrary value L ₀ as the initial information, to publish the latest data management information L to the public list, data from the data generation's device at a time T + jT 'D≡D
_{When T + jT '} is received, the latest data management information L and D
_{T + jT ′} and the latest (time T + jT ′) time management information S
_The published one-way function g is applied to _nj to calculate L ′ = g (L, D _{T + jT ′} , S _nj ), and the L ′ is used as the latest data management information L.
The data D _{T + jT ′} and the time management information S _nj are added to the public list as a set, and the data _checker device confirms that the data D _{T + jT ′} to be confirmed is included in the public list, and confirms the data. obtain and time management information S _nj and _'set of data management information L containing' target data D _{T + jT,} and data management information L'-1 of the immediately preceding a public list (L'-1,
D _{T + jT ′} , S _nj ), applying a one-way function g, confirming that the result of the application matches L ′, and checking the data D _{T + jT ′.}
Time notarization method but that was generated, characterized in that to ensure that the time management information S time T + jT 'next time T + (j + 1) of T' and the corresponding _nj is earlier. 3. Between time T and time T + nT ′,
A time management institution device that publishes time management information for each T ′,
Data creator device, data checker device, data management
Engine equipment can send and receive data to and from each other
A time notarization method, wherein the time management institution device has a time (T + iT ′) time (0<i<n), secret information S
The value S obtained by applying the opened one-way function f ni times₀= S, S₁= F (S), S_Two= F (S₁) = F (f
(S)),…, S_ni= F (S_ni-1) S_niOnly the latest time management information, and the data creator device
To the latest time management information S_niGet the time management
Data D containing information_mAnd the data D _mThe
Sent to the data management institution, and the data management institution₀Is the initial information, and the latest data management information L
On the public list and publish it, and the data
jT '(0<i<j<Data D in n)_mReceive
And the latest time management information S_njFrom the time management organization device
Obtain and obtain the latest data time management information L and D_mand
S_njTo the published one-way function g, L ′ = g (L, D_m, S_nj) Is calculated, and L ′ is set as the latest data management information L.
TA D_m, Time management information S _njWith time information j for
The data is added to the public list, and the data checker device checks the data to be checked (S_nk, D_{m + 1}) Is entered, the time
The latest time management information S from the management institution device_nqGet this S_nqIs repeatedly applied to the one-way function f
Time management information S included in the elephant data_nkIs a value that matches
Confirm that it can be calculated, and confirm data D_{m + 1}Is included in the public list.
Data management information L of the data to be confirmed and confirmed_{m + 1},At that time
Time information k, data management information L immediately before_m, L_{m -1}And L
_mTime information j and its data D_m, L_{m + 1}Time information p
From the public list, (L_m-1, D_m, S_nj), (Lm
 , D_{m + 1}, S_np) To each one-way function g
The latter calculated value is the data management information L_{m + 1}Coincide with
And the data D_{m + 1}Was generated at the time
Information S_nkIs released after time T + kT '
Check that it is before T + (j + 1) T '.
Time notarization method to collect. 4. The time notarization method according to claim 1, wherein the data to be sent is digitally signed. 5. The time notarization method according to claim 2, wherein the data creator notifies the data confirmer of information for identifying the data management organization that sent the data. 6. Time management information S_niConfirmation target data including
Input means for inputting the data, and when the data to be confirmed is input,
Latest time management information S _njGet time management information
Means, and the time management information S_njTo the time management information S_niWhen
While repeating until it matches, apply the one-way function f
Directional function calculating / determining means;_njAnd the corresponding time and the number of times the one-way function was applied
From, S_niOf the release time of
Time conversion / output indicating that the above input data was generated
And a data confirmer device comprising: 7. Confirmation target data D_AInput hand where is input
And the data D to be confirmed_AIs released to the public list of the data management device
Means for confirming whether or not the data D_AData management information paired with
L_AAnd time management information S _njAnd its L_AData immediately before
Confirmation data acquiring means for acquiring the management information L ';_nj, Input data D_AAgainst the data
Applying the one-way function g for management information generation, L_A= G (L ', D_A, S_nj) Is calculated and the calculation result is obtained L_ADetermines if
Means for confirming data management information to be executed;_AIf it is determined that_njWhen
Find the corresponding time, and one unit time after this time
Input data D before the time_AIndicates that was generated
A data confirmer device comprising time conversion / output means. 8. Time management information S_nk, Data D_{m + 1}Including
Input means for inputting the data to be checked, and, when the data to be checked is input,
Latest time management information S _nqGet time management information
Means and S_nqFor the one-way function f,_nkMatches
A one-way function calculating means for applying the data D_{m + 1}Is released to the public list of data management institution equipment
Data confirmation means for confirming whether or not data D_{m + 1}Data management information L_{m + 1}
And the two data management information immediately before and related to them
Data management information obtaining means for obtaining information, and the obtained data management information and related information;
Data management information L_{m + 1}Was created correctly
Data management information confirming means for confirming that_{m + 1}The generation is the input time management information S_nkWhen
After the corresponding time and the data management information L_{m + 1}When
A set of time management information S_npIs before the corresponding time
A data conversion unit having a time conversion / output unit
Notifier device. 9. A computer for confirming data
To the time management information S_niConfirmation target data including is entered
When the data to be confirmed and the data to be confirmed are entered,
Latest time management information S _njMeans for obtaining the time management information S_njTo the time management information S_niWhen
Repeat until one matches and apply the one-way function f
Step, S above_njAnd the corresponding time and the number of times the one-way function was applied
From, S_niOf the release time of
Functions as a means to indicate that the input data has been generated
Data confirmation program to make it. 10. A computer for confirming data.
Is the data D to be confirmed_AFor inputting the confirmation data D_AIs released to the public list of the data management device
Means for confirming that the data D_AData management information paired with
L_AAnd time management information S _njAnd its L_AData immediately before
Means for obtaining management information L ', obtained L', S_nj, Input data D_AAgainst the data
Applying the one-way function g for management information generation, L_A= G (L ', D_A, S_nj) Is calculated and the calculation result is obtained L_ADetermines if
Means for performing the above, the calculation result is L_AIf it is determined that_njWhen
Find the corresponding time, and one unit time after this time
Input data D before the time_AIndicates that was generated
A data confirmation program to function as a means. 11. A computer for confirming data.
To the time management information S_nk, Data D_{m + 1}Confirmation target data including
When the data to be confirmed is entered, the time management
Latest time management information S _nqMeans to obtain the S_nqFor the one-way function f,_nkMatches
The above data D_{m + 1}Is released to the public list of data management institution equipment
Means for confirming whether or not the data D_{m + 1}Data management information L_{m + 1}
And the two data management information immediately before and related to them
Means of obtaining information, the obtained data management information and related information
Data management information L_{m + 1}Was created correctly
Means for confirming that the input data D_{m + 1}The generation is the input time management information S_nkWhen
After the corresponding time and the data management information L_{m + 1}When
A set of time management information S_npIs before the corresponding time
Data confirmation to function as a means to output
program. 12. A computer for confirming data.
To the time management information S_niConfirmation target data including is entered
When the data to be confirmed and the data to be confirmed are entered,
Latest time management information S _njMeans for obtaining the time management information S_njTo the time management information S_niWhen
Repeat until one matches and apply the one-way function f
Step, S above_njAnd the corresponding time and the number of times the one-way function was applied
From, S_niOf the release time of
Functions as a means to indicate that the input data has been generated
Computer that records the data confirmation program
Data readable recording medium. 13. A computer for confirming data.
Is the data D to be confirmed_AFor inputting the confirmation data D_AIs released to the public list of the data management device
Means for confirming that the data D_AData management information paired with
L_AAnd time management information S _njAnd its L_AData immediately before
Means for obtaining management information L ', obtained L', S_nj, Input data D_AAgainst the data
Applying the one-way function g for management information generation, L_A= G (L ', D_A, S_nj) Is calculated and the calculation result is obtained L_ADetermines if
Means for performing the above, the calculation result is L_AIf it is determined that_njWhen
Find the corresponding time, and one unit time after this time
Input data D before the time_AIndicates that was generated
Write a data confirmation program to function as a means.
A computer-readable recording medium recorded. 14. A computer for confirming data.
To the time management information S_nk, Data D_{m + 1}Confirmation target data including
When the data to be confirmed is entered, the time management
Latest time management information S _nqMeans to obtain the S_nqFor the one-way function f,_nkMatches
The above data D_{m + 1}Is released to the public list of data management institution equipment
Means for confirming whether or not the data D_{m + 1}Data management information L_{m + 1}
And the two data management information immediately before and related to them
Means of obtaining information, the obtained data management information and related information
Data management information L_{m + 1}Was created correctly
Means for confirming that the input data D_{m + 1}The generation is the input time management information S_nkWhen
After the corresponding time and the data management information L_{m + 1}When
A set of time management information S_npIs before the corresponding time
Data confirmation to function as a means to output
Computer-readable record of the program
Medium.