JP2003258792A - Time authentication system and program for electronic information - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To authenticate the time of electronic information on the basis of an accurate time, to prevent an illegal action such as revising or forging the authenticated time and to improve the justice of the time authentication. <P>SOLUTION: The time authentication system is provided with a server S and two or more client terminals C1, C2...Cn each having a function for applying the time authentication of the electronic information via the server S and a function for issuing a time stamp for authenticating the time in response to the application of the time authentication of the electronic information from the other client terminal received via the server S, and the server S decides the justice of the time to be authenticated and controls communication among the client terminals on the basis of the decided result. <P>COPYRIGHT: (C)2003,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to time authentication of electronic information that authenticates the date and time when electronic information created by a personal computer or the like existed, and particularly to an electronic device that makes it difficult for a person who authenticates time to make an illegal act. The present invention relates to an information time authentication system and program.

[0002]

2. Description of the Related Art In recent years, with the digitalization of certificates such as minutes and patents, a technique has been developed to prove that these digital data exist at a specific time and have not been tampered with. Proposed. One of such technologies is a digital time stamp method. In the digital time stamp method, a time authentication server is provided on the network, a terminal applies for authentication regarding the creation time of electronic information to the server via the network, and digital information is provided as information indicating that the time has been authenticated. The time stamp is acquired from the server via the network.

[0003]

However, the conventional digital time stamp system as described above has the following problems. First, in general, since the time information of each terminal can be freely changed, it is easy to forge and falsify the time information in the terminal, and it is difficult to authenticate the correct time. Further, even if accurate time information is added to the electronic information, there is a problem in that it cannot be guaranteed that other people will not forge or falsify the electronic information or the time information on the network. Furthermore, there is a risk that the certification authority, which is a third party that has to carry out fair transactions, will not certify the proper time due to its interests.

The present invention has been made in view of the above circumstances, and authenticates the time of electronic information based on an accurate time and prevents fraud such as falsification or forgery of the authenticated time. , And to provide a time authentication system and program for electronic information with enhanced legitimacy.

[0005]

In order to achieve the above-mentioned object, the present invention provides a server, a function for applying for time authentication of electronic information via the server, and another function received via the server. Two or more client terminals having a function of issuing a time stamp for authenticating the time in response to an application for time authentication of electronic information from the client terminal, and the server verifies the authenticity of the time for authenticating. A time authentication system for electronic information, characterized by making a judgment and controlling communication between client terminals based on the judgment result.

According to the above invention, since the client terminal issues the time stamp for authenticating the time of the electronic information, the authority to issue the time stamp can be prevented from concentrating on the server. As described above, since the client terminals that are in a fair position perform the time authentication instead of the specific institutions performing the time authentication in a concentrated manner, it is possible to avoid improper time authentication. Further, since the authenticity of the authenticated time is judged by the server, the authenticity of the authentication time can be further enhanced.

Further, in the electronic information time authentication system, the application and the issuance of the time stamp are performed by transmitting predetermined information having the same format to a server.

According to the above invention, since the server receives information configured in the same format from each client terminal, whether the received information is a time authentication application or a time authentication time. I cannot recognize whether it is a stamp. In this way, since the server cannot distinguish the type of information, it is possible to prevent illegal actions by the server, such as falsification of the authentication time, and to make the determination of correctness for time authentication extremely fair. You can

Further, in the above-mentioned electronic information time authentication system, each client terminal uses the secret key possessed by the client terminal of the transmission destination of the information for identifying whether the predetermined information is an application or a time stamp. It is characterized in that it is encrypted with a public key paired with and transmitted.

According to the present invention, both the application and the time stamp are formed in the same format, and the server cannot identify the application or the time stamp. Therefore, the client terminal cannot separately distinguish whether the received information is an application or a time stamp. Therefore, the information to be sent to the client terminal is included in the information to be transmitted to the client terminal as the information that can be decrypted by the private key possessed by the client terminal of the transmission destination, that is, the information encrypted with the public key paired with the private key. By doing so, the client terminal on the receiving side can easily identify the above information by decrypting the encrypted information with its own private key.

In the electronic information time authentication system, the time of the server and the time of each client terminal are synchronized, and the server includes the time information included in the predetermined information received from the client terminal. And a difference between the reception time of the predetermined information and a reception time is within a predetermined time, the time information is judged to be valid, and the predetermined information is transmitted to a predetermined client terminal. .

According to the above invention, the server determines the validity of the authentication time based on the time shared by all the clients, and therefore determines the validity of the information based on the relative time. It becomes possible. This allows
The legitimacy and fairness of time authentication can be improved.

In order to achieve the above object, the present invention provides an electronic information time authentication system in which a plurality of client terminals apply for time authentication of electronic information via a server or perform time authentication for the application. , One client terminal creates an application for time authentication of electronic information in a predetermined format, sends information in this predetermined format to a server, and another client terminal that receives the application from the server applies to the application. On the other hand, a time stamp for authenticating the time is created in the same format as the application, information in this predetermined format is transmitted to the server, and the server includes it in the information created in the predetermined format received from the client terminal. The validity of the authentication time is determined based on the time information stored in the client, and based on the determination result, the client terminal Provide time authentication system for electronic information and controls the signal.

According to the above invention, since each client terminal applies for time authentication and issues the authentication with each other via the server, and the server judges the validity of the authenticated time, It is possible to avoid performing time authentication intensively. As described above, since the specific terminals do not collectively perform the time authentication, but the client terminals that are in a fair position perform the time authentication, it is possible to prevent the improper time authentication from being performed. As a result, the authenticated time becomes extremely legitimate,
It is possible to provide a system with extremely high fairness in time authentication.

In the electronic information time authentication system, among the information created in the predetermined format,
The information for identifying whether it is an application for time authentication of electronic information or a time stamp is characterized by being encrypted by an encryption method that the server cannot decrypt.

According to the above invention, since the server cannot recognize whether the received information is a time authentication application or a time stamp for time authentication, it is possible to prevent the server from falsifying the authentication time. It is possible to build a highly reliable time authentication system.

In order to achieve the above object, the present invention is a program for performing time authentication of electronic information, which is included in the information when the information in a predetermined format is received from the client terminal. There is provided a program for causing a computer to execute the steps of determining the validity of the time of day and the step of transmitting the information to a predetermined client terminal when the time of day is determined to be valid.

By executing such a program by the computer of the server in the electronic information time authentication system, it is possible to construct an electronic information time authentication system with extremely high accuracy of time authorization.

In order to achieve the above-mentioned object, the present invention is a program used for time authentication of electronic information via a server, the step of transmitting an application for time authentication of electronic information to the server. And a step of transmitting a time stamp for authenticating the time to the server in response to an application for time authentication of electronic information issued by another client terminal received via the server, the program being provided. .

By executing such a program by the computer of each client terminal in the electronic information time authentication system, it becomes possible for each client terminal to mutually perform the time authentication application and the time authentication for the application. Since the third organization does not perform the time authentication centrally, but each client terminal in a fair position performs the time authentication, it is possible to prevent falsification of the authentication time.

[0021]

DETAILED DESCRIPTION OF THE INVENTION An embodiment of the present invention will be described below with reference to the drawings. FIG. 1 is a diagram showing the configuration of a time authentication system for electronic information according to an embodiment of the present invention. As shown in FIG. 1, the electronic information time authentication system according to the present embodiment includes a server S and a plurality of client terminals C1, C2 ... Cn. The client terminals C1, C2 ... Cn are connected to the server S via a communication network, and the communication between the client terminals is controlled by the server S. The time server Q notifies the client terminals C1, C2 ... Cn and the server S of standard time information, and synchronizes the time of each constituent element of the electronic information time authentication system.

Next, FIG. 2 shows an electrical block diagram of the client terminal. In the figure, reference numeral 1 is a CPU (central processing unit) that controls the entire operation, and is connected to each of the other components by a bus 20 as shown. Code 2
Is an R that stores a program executed by the CPU 1.
It is an OM (Read Only Memory), and stores programs and the like that define the processing of the CPU 1 in the operation description below. Reference numeral 3 is R used in the arithmetic processing of the CPU 1.
It is an AM, and temporarily stores data and the like generated in the process of the above program, and stores information necessary for the process such as electronic information, a certified time stamp, and a hash value of the electronic information. There is.

Reference numeral 4 is an input unit which is a user interface, and the user can request the time authentication application of the electronic document by operating the input unit. Further, reference numeral 5 is a clock unit, and reference numeral 6 is a communication unit which is connected to the server S via a communication line and transmits / receives information to / from other client terminals via the server S. In addition to the above configuration, a display device such as a CRT (Cathode Ray Tube) display device or a liquid crystal display device may be provided.

Next, FIG. 3 shows an electrical block diagram of the server S. In the figure, reference numeral 11 is a CP that controls the entire operation.
U (Central Processing Unit), which is connected to each of the other components by a bus 30 as shown. Code 12
Is a ROM (Read Only Memory) in which a program executed by the CPU 11 is stored, and stores a program and the like defining the processing of the CPU 11 in the operation description described later. Reference numeral 13 is a RAM used in the arithmetic processing of the CPU 11, which temporarily holds data and the like generated in the processing process of the above-mentioned program, describes information of each client terminal, and controls communication between the client terminals. The information (for example, a list L described later) necessary for doing so and various information necessary for time authentication are stored.

Reference numeral 14 is a clock section. Reference numeral 15 is a control unit, which connects to each client terminal via a communication line and controls communication between the client terminals based on the list L. In addition to the above configuration, an input device such as a keyboard and a mouse, a CRT (Cathode Ray Tube)
A display device such as a display device or a liquid crystal display device may be provided.

Next, the operation of the electronic information time authentication system in this embodiment will be described. (1) Pre-processing First, pre-processing performed by each of the client terminals C1, C2 ... Cn and the server S before performing time authentication of electronic information will be described. Note that the following processing is performed by the CPU 1 included in each client terminal and the CPU 1 included in the server S.
1 is performed by executing a predetermined program stored in the ROM 2 or 12.

First, each client terminal C1, C2 ... C
n establishes a secure communication path such as SSL with the server S. Then, each client terminal C1, C2 ... Cn
And the server S performs time synchronization by receiving the time information from the time server Q. As a result, the times indicated by the clock unit 4 of the client terminal and the clock unit 14 of the server S indicate the same synchronized time. As a result, the time information that will be handled by all communications in the future has a common time.

Next, the client terminals C1, C2 ...
The CPU 1 of Cn creates a pair of the public key Kp and the secret key Ks, and transmits the public key Kp and the own ID of the pair to the server S via the communication unit 6.

The server S has client terminals C1 and C
A list number 1 is further added to each public key Kp and ID received from 2 ... Cn to create a list L as shown in FIG. Here, the list number l is a unique number individually assigned to each client terminal,
It is a number that the server S arbitrarily determines for each piece of information.

When the server S creates the list L shown in FIG. 4, only the list number l and the public key Kp of the list L are disclosed to the client terminal. Where public key Kp
Does not include information that can identify the client terminal, the client terminal uses the public key Kp
Cannot recognize which client terminal the public key Kp corresponds to. Therefore, the list number l
Also, from the public key Kp, the client terminals cannot mutually identify which client terminal. On the other hand, the ID includes an IP address and the like, and thus each client terminal can be specified. Therefore, only the server S owning this information can specify each client terminal. Therefore, all communication between client terminals is controlled by the server S.

(2) Application Processing and Issuing Processing Next, an application for time authentication of electronic information and a processing for issuing time authentication for the application will be described with reference to FIGS.

Now, as shown in FIG. 5, a case will be described in which the applicant uses the client terminal Ca to apply for time authentication of the electronic information F created by the applicant.

First, the processing executed by the CPU 1 of the client terminal when making an application will be described with reference to FIG.

First, when the applicant operates the input unit 4 of the client terminal Ca to make an application request for time authentication of the electronic information F, the CPU 1 of the client terminal Ca causes the CPU 1 of the client terminal Ca to store a predetermined hash function H stored in the RAM 3. Is used to calculate the hash value H (F) of the electronic information F (step SP1 in FIG. 6).

Here, the hash function is a function for generating a fixed-length bit string from a given bit string. The generated value is called a hash value (or a digest function or a message digest). Since this hash function includes an irreversible one-way function, it is impossible to reproduce the original text from the hash value, and it is also extremely difficult to create different data having the same hash value. In particular, it can be effectively used when checking for falsification of information. Further, it is also applied to assistance in communication encryption, user authentication, digital signature, and the like.

Next, from the list L published by the server S, the list number l of another client terminal,
The public key Kp is arbitrarily selected (step SP2), and application information is created in order to apply for time authentication of electronic information to the client terminal possessing the selected list number l.
In this embodiment, it is assumed that the list number li and public key Kpi are selected in step SP2.

Subsequently, the client terminal Ca encrypts the hash value H (F) of the electronic information F using the public key Kpi selected arbitrarily, and the encrypted hash value Kpi (H
(F)) is obtained (step SP3). Then, the list number la of itself and the list number corresponding to the selected public key Kpi
li, own signature Ksa, and the above-mentioned encrypted hash value Kpi
(H (F)), application information TS based on the current time tca
(A, i) is created (step SP4), and the created application information TS (a, i) is transmitted to the server S (step SP).
5).

Here, TS (a, i) = {la, li, Ksa (tc
a, Kpi (H (F)))}. The above tca is the current time of the application information TS (a, i), but it may be the transmission time of the application information instead of the current time.

As described above, the electronic information for which time authentication is desired (in the present embodiment, the hash value H (F) of the electronic information F) is used.
Is further encrypted by a predetermined method) and the application information including the time information is transmitted to the server S, so that the client terminal Ca can apply for the time authentication of the electronic information F from the client terminal Ci, that is, the list L. Perform on the selected recipient. As described above, the list L
Since the information disclosed to each client terminal does not include information for specifying the client terminal, the client Ca cannot specify the counterpart client Ci. Further, by falsifying the electronic information F with a hash function, further encrypting it, and transmitting it, it is possible to prevent falsification of the electronic document after the time authentication.

Next, when the information is received from the client terminal (in this case, the application information TS (a,
Processing executed by the CPU 11 of the server S (when i) is received) will be described with reference to FIG. 7.

First, the application information TS is sent from the client terminal.
When (a, i) is received, the time information tca is extracted from the application information TS (a, i) (step SP11 in FIG. 7), and the time information tca and the server S extract the application information TS (a, i). The difference from the received time tr is calculated (step SP12).
That is, the application information TS (a, i) is the client terminal Ca.
The server S sends the application information TS after being transmitted by
Calculate the time to receive (a, i). Then, it is determined whether or not the calculated time is within a preset predetermined value (step SP13). As a result, when the calculated time is within the predetermined value (step SP1
3, “YES”), the time information tca included in the application information TS (a, i) is determined to be valid, and is a component of the application information TS (a, i), and IDs corresponding to the list number li that is the information that specifies the list L
From the application information TS (a, i) to the client terminal Ci that owns the acquired IDi (step SP14).
Is transmitted (step SP15).

On the other hand, in step SP13, when the calculated time is not within the predetermined period (“NO” in step SP13), the period after the application information is transmitted is too long, so that the transmission time It is determined that the possibility of falsification is high, and an error notification is sent to the client terminal Ca that is the sender of this application information (step SP
16).

Next, the process executed by the CPU 1 of the client terminal when receiving information from the server S will be described with reference to FIG.

Upon receiving the application information TS (a, i) from the server S, the client terminal Ci first decrypts the information encrypted with its own public key Kpi (step SP21). Then, the decrypted electronic information information H (F)
Determines whether the hash value matches the hash value held by itself (step SP22). At this time, if the client terminal Ci has not applied, its own RAM
3 does not store a hash value, and when a time authentication application is made in the same manner as the client terminal Ca, the hash value of the electronic document created by itself is stored in its own RAM 3. It will be. And
In this step, by determining whether the hash value included in the received information matches the hash value owned by itself, the received information indicates the time for the time authentication for which the self is applying. It is identified whether it is a stamp or time certification application information from another client.

As a result, since the hash value included in the received information is the hash value of the electronic document for which the client Ca has applied for time authentication, the client terminal Ci does not hold the hash value. . Therefore, the received information can be determined to be an application for time authentication from another client and becomes “NO” in step SP22, and in the subsequent step SP23, the client terminal Ci issues a time stamp for the application. I do. It should be noted that this time stamp is like certification information issued when performing time authentication for a time authentication application from another client terminal.

First, in step SP23, the CPU 1
Acquires the list number la of the other party from the received application information TS (a, i), and acquires the public key Kpa corresponding to this information from the list L published by the server S.

Then, using this public key Kpa obtained from the list L, the hash value H (F) of the electronic information contained in the application information TS (a, i) is encrypted, and the encrypted hash value is obtained. Obtain Kpa (H (F)). Then, from the list number la of the applicant, the signature Ksi, the current time tci, and the encrypted hash value Kpa (H (F)), the time stamp TS (i,
Create a). Here, the time stamp TS (i, a) =
{Li, la, Ksi (tci, Kpa (H (F)))}. When the time stamp is created, the created time stamp is transmitted to the server S (step SP
24).

As described above, the time stamp T
S (i, a) has the same format as the application information TS (a, i). That is, it is composed of its own list number, the list number of the client terminal as the transmission partner, its own signature, the (current or transmission) time, and the hash value encrypted by the public key of the partner.

Subsequently, the server S which has received the time stamp TS (i, a) from the client terminal Ci executes the processing shown in FIG. 7 as described above. Specifically, the CPU 11 of the server S extracts the time information tci included in the time stamp TS (i, a) (step S of FIG. 7).
P11), the difference between this time information tci and the time tre when the server S receives the time stamp TS (i, a) is calculated (step SP12). Then, it is determined whether or not the calculated time is within a preset predetermined value (step SP13). As a result, if the calculated time is within the predetermined value (“YE
S ”), the time information included in the time stamp TS (i, a) is determined to be valid, and the list number l designated as the destination of the time stamp TS (i, a) is determined.
The IDa corresponding to a is acquired from the list L (step SP
14), the client terminal Ca that owns the acquired IDa
The time stamp TS (i, a) is transmitted to (step SP15). In step SP13, if the calculated time is not within the predetermined value set in advance, an error is notified to the client terminal Ci to which the time stamp TS (i, a) is issued ( Step SP16).

Then, the time stamp TS is sent from the server S.
Upon receiving (i, a), the client terminal Ca first decrypts the information encrypted with its own private key (FIG. 8).
Step SP21). Then, the decrypted electronic information H
It is determined whether or not (F) matches the hash value held by itself (step SP22). As a result, since the client terminal Ca holds the hash value H (F), the hash values match, and the information TS received now is received.
It is determined that (i, a) is the time stamp for the application for the time certification of itself, the information TS (i, a) is recognized as the time stamp for the electronic information F, and the RAM 3
(Step SP25).

As described above, according to the present embodiment, the client terminals C1, C2 ... Cn mutually apply for time authentication and issue authentication through the server S, and the server S performs authentication. Since the validity of the obtained time is determined, it is possible to avoid a specific organization from performing the time authentication in a concentrated manner. As described above, since the specific terminals do not collectively perform the time authentication, but the client terminals that are in a fair position perform the time authentication, it is possible to prevent the improper time authentication from being performed. As a result, the authenticity of the authenticated time becomes extremely high, and it is possible to provide a system in which the time authentication is extremely fair.

Further, in the above description, for convenience, it is specified whether the information received by the server S is the application information or the time stamp, but in reality, the application information and the time stamp are configured in the same format. Therefore, the server S
It cannot be determined whether the received information is application information or a time stamp. That is, the server S extracts the time included in that information regardless of which information is received, determines whether the difference between the time and the current time is within a predetermined value, and Based on the determination result, it is determined whether or not to send the information to the client terminal designated as the destination. In this way, since the server S cannot identify the received information, it is possible to prevent the server S from falsifying the authentication time.

In addition, each client terminal determines whether the information received from the server S is a time stamp for the time authentication applied by itself or whether it is time authentication application information from another client terminal. This is performed by the processing shown in step SP22 of 8. Specifically, the encrypted information included in the received information is decrypted by using its own private key, and subsequently, the decrypted information, that is, the hash value of the electronic information is stored in the RAM 3 provided in itself. The above judgment is made depending on whether or not there is. That is, when the hash value is stored in the RAM 3 (when the hash value is held), it is determined that the received information is the time stamp for the time authentication application issued by itself, and this time stamp is used. Is stored in RAM3. On the other hand, when the hash value is not stored in the RAM 3 (when the hash value is not held), it is determined that the received information is a time authentication application issued by another client terminal, Create and issue a time stamp for the application. Thus, in the present invention,
Since both the application and the time stunt are configured in the same format, not only the server S but also the client terminal cannot judge which information is received at first glance. Therefore, the information can be easily identified by making this determination based on whether or not the hash value is owned.

In addition to the method described above, a flag flg indicating whether it is a time stamp application, issuance, or other information is added to the information to be transmitted / received (for example, the above-mentioned TS), Apply, issue, by this flg
Others may be identified.

(3) Verification Process Next, the time stamp verification process will be described. Hereinafter, the case of verifying the time stamp of the client terminal Ca will be specifically described.

In this case, the verification station (for example, a third organization in a fair position or another client terminal) uses the information of the time stamp TS (i, a) and the electronic information owned by the client terminal Ca. F and hash function H are acquired. Then, first, the hash value H (F) of the electronic information F is calculated from the electronic information F and the hash function H. Subsequently, the hash value H (F) is encrypted using the public key Kpa of the client terminal Ca, and the encrypted hash value Kpa (H
(F)) is obtained. Then, the calculated encrypted hash value K
pa (H (F)) is compared with the encrypted hash value Kpa (H (F)) of the time stamp TS (i, a), and if they are the same, the time stamp is valid. Judge as something. If the electronic information or the like has been tampered with, the hash value obtained from the tampered electronic information will be different information, so the encrypted hash value Kpa
(H (F)) is also a value different from the encrypted hash value Kpa (H (F)) included in the time stamp. As a result, the validity of the time stamp can be easily determined.

(4) Standby Processing In order to prevent fraud such as falsification in time authentication, each client terminal may perform the following standby processing at a predetermined timing. That is, as mentioned above, the format of the application and the time stamp should be the same,
Even if the server S cannot identify the information, when only two client terminals are connected to the server S, the server S traces the flow of information from the client terminal to determine which client terminal You can easily identify if you are applying. In order to prevent such a situation, each client terminal transmits the following fake application information at a predetermined timing, which disturbs the server S and makes it difficult to identify the information.

Specifically, each client terminal creates fake application information having the same structure as the above-mentioned application information and sends it to the server S. In this fake application information, a hash value H (F) of electronic information used for normal application information
Instead of, the hash value H (D) of the empty data D is used. Then, by transmitting the fake application information to the server S at a predetermined timing, the server S is disturbed.
Thus, by sending fake application information using empty data, it is possible to determine whether the information received by the server S is an application or a time stamp even when the number of client terminals is small. To do.

Although the embodiment of the present invention has been described in detail above with reference to the drawings, the specific structure is not limited to this embodiment, and includes a design etc. within the scope not departing from the gist of the present invention. Be done.

[0060]

As described above, according to the time authentication system for electronic information of the present invention, the client terminal issues the time stamp for authenticating the time of the electronic information, so that the server is authorized to issue the time stamp. You can prevent your concentration. As described above, since the client terminals that are in a fair position perform the time authentication instead of the specific institutions performing the time authentication in a concentrated manner, it is possible to avoid improper time authentication. Further, since the authenticity of the authenticated time is judged by the server, the authenticity of the authentication time can be further enhanced.

Further, according to the electronic information time authentication system of the present invention, the application and the issuance of the time stamp are performed by transmitting predetermined information having the same format to the server, and therefore the server is the same. Since the information configured in the format is received from each client terminal, it cannot be recognized whether the received information is a time authentication application or a time stamp for time authentication. In this way, since the server cannot distinguish the type of information, it is possible to prevent illegal actions by the server, such as falsification of the authentication time, and to make the determination of correctness for time authentication extremely fair. You can

Further, according to the electronic information time authentication system of the present invention, the information that is the criterion for determining whether it is an application or a time stamp can be decrypted by the secret key possessed by the client terminal of the transmission destination, that is, the secret. By including in the information to be sent to the client terminal as the information encrypted with the public key paired with the key, the receiving client terminal can easily decrypt the encrypted information with its own private key. The above information can be identified.

Further, according to the electronic information time authentication system of the present invention, the server determines the validity of the time of authentication based on the time shared by all the clients, and therefore, based on the relative time. It is possible to judge the validity of the information. With this, the validity of time authentication,
Fairness can be increased.

Further, according to the electronic information time authentication system of the present invention, each client terminal mutually applies for the time authentication and issues the authentication via the server, and the time when the server is authenticated is correct. It is possible to prevent a specific institution from performing centralized time authentication to determine the sex. As described above, since the specific terminals do not collectively perform the time authentication, but the client terminals that are in a fair position perform the time authentication, it is possible to prevent the improper time authentication from being performed. As a result, the authenticity of the authenticated time becomes extremely high, and it is possible to provide a system in which the time authentication is extremely fair.

Further, according to the time authentication system for electronic information of the present invention, among the information created in a predetermined format,
Since the information that identifies whether it is an application for time authentication of electronic information or a time stamp is encrypted by an encryption method that cannot be decrypted by the server, it is possible to prevent falsification of the authentication time by the server. It is possible to build a highly reliable time authentication system.

According to the electronic information time authentication program of the present invention, when the information in the predetermined format is received from the client terminal, the step of determining the validity of the time included in the information, When the time is judged to be valid, the computer of the server in the electronic information time authentication system executes a program for causing the computer to execute the step of transmitting the information to a predetermined client terminal, thereby validating the time authorization. It is possible to construct a time authentication system for electronic information that is extremely high.

According to the electronic information time authentication program of the present invention, the step of transmitting an application for the electronic information time authentication to the server and the electronic information issued by another client terminal received via the server. In response to an application for time-of-day authentication of information, each client in the electronic information time-of-day authentication system executes a program for causing the computer to execute a step of transmitting a time-stamp to authenticate the time to the server. It becomes possible for the terminal to mutually apply for time authentication and time authentication for the application, so that rather than a specific third party centrally performing time authentication, each client terminal in a fair position performs time authentication. Therefore, it is possible to prevent the authentication time from being falsified.

[Brief description of drawings]

FIG. 1 is a configuration diagram of a time authentication system for electronic information according to an exemplary embodiment of the present invention.

FIG. 2 is a diagram showing an electrical configuration of a client terminal.

FIG. 3 is a diagram showing an electrical configuration of a server S.

FIG. 4 is a diagram showing a configuration example of a list L.

FIG. 5 is a diagram for specifically explaining application processing and issuance processing in the present embodiment.

FIG. 6 is a flowchart showing a program executed when a client terminal applies for time authentication of electronic information.

FIG. 7 is a flowchart showing a program executed by the server S.

FIG. 8 is a flowchart showing a program executed when a client terminal receives information via a server.

[Explanation of symbols]

1,11 CPU 2,12 ROM 3,13 RAM 4 Input section 5,14 Clock section 6,15 Communication unit C1, C2, Ca, Ci, ... Cn client terminal S server Q time server L list

   ─────────────────────────────────────────────────── ─── Continued front page    (72) Inventor Toshiaki Tanaka             2-15-1 Ohara, Kamifukuoka City, Saitama Stock             Company CAD Research Institute (72) Inventor Koji Nakao             2-15-1 Ohara, Kamifukuoka City, Saitama Stock             Company CAD Research Institute F-term (reference) 5J104 AA11 LA03

Claims (9)

[Claims] 1. A server, a function of applying for time authentication of electronic information via the server, and a time for an application for time authentication of electronic information from another client terminal received via the server. Two or more client terminals having a function of issuing a time stamp for authenticating the authentication, the server determines the validity of the authentication time, and controls communication between the client terminals based on the determination result. An electronic information time authentication system characterized by: 2. The time authentication of electronic information according to claim 1, wherein the application and the issuance of the time stamp are performed by transmitting predetermined information having the same format to a server. system. 3. Each client terminal encrypts information for identifying whether the predetermined information is an application or a time stamp with a public key paired with a private key possessed by the client terminal to which the information is transmitted. The electronic information time authentication system according to claim 2, wherein the electronic information time authentication system is transmitted. 4. The time of the server and the time of each client terminal are synchronized, and the server receives time information included in the predetermined information received from the client terminal and reception of the predetermined information. The time information is determined to be valid when the difference from the time is within a predetermined time, and the predetermined information is transmitted to a predetermined client terminal. The electronic information time authentication system described in any of the above. 5. The client terminal creates, at a predetermined timing, fake application information formed in the same format as the application and sends the fake application information to the server. The time authentication system for electronic information described in any of 1. 6. A time authentication system of electronic information, wherein a plurality of client terminals apply for time authentication of electronic information via a server or perform time authentication for the application, wherein one client terminal performs time authentication of electronic information. An application is created in a predetermined format, information in this predetermined format is sent to the server, and another client terminal that receives the application from the server sends a time stamp for authenticating the time to the application to the application. Time to authenticate based on the time information included in the information created in the predetermined format received from the client terminal, which is created in the same format and transmits the information in the predetermined format to the server When the electronic information is characterized in that the communication between the client terminals is controlled on the basis of the judgment result. Tick authentication system. 7. The information, which identifies whether it is an application for time authentication of electronic information or a time stamp among the information created in the predetermined format, is encrypted by an encryption method that cannot be decrypted by the server. The time authentication system for electronic information according to claim 6, wherein the time authentication system is electronic. 8. A program for performing time authentication of electronic information, wherein when information in a predetermined format is received from a client terminal, the step of determining the validity of the time included in the information, A program that causes a computer to execute a step of transmitting the information to a predetermined client terminal when the time is judged to be valid. 9. A program used for time authentication of electronic information via a server, the step of transmitting an application for time authentication of electronic information to the server, and another client received via the server. A program for causing a computer to execute a step of transmitting a time stamp for authenticating time to the server in response to an application for time authentication of electronic information issued by a terminal.