JP2009188608A - Time stamp device and method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To issue a time stamp of a right time which has no complex device composition and is free from tampering from the outside. <P>SOLUTION: A time stamp device 10 has first and second oscillation means which create oscillation signals of fixed periods, creates a time for time stamping from the oscillation signal of the first oscillation means, and creates a time for confirmation from the oscillation signal created by the second oscillation means. Then the device sends the time for time stamping created by the first time control means to a time audit station system 70 and receives and holds data of a time audit certification. When a time stamp request is received from a client terminal 80, if a time for time stamping created at the time of request reception is in a valid period obtained from the data of the time audit certification, and if an error between the time for time stamping and the time for confirmation is smaller than a prescribed value, the device issues the time stamp data based on the time for time stamping. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a time stamp apparatus and method for issuing a time stamp used to prove that a digital document or the like was present at a certain time, for example.

Conventionally, time stamp technology has been used to prove that a digital document is indeed present at a certain time and has not been altered or altered since then. A time stamp device that issues a time stamp issues a time stamp using a local time that has been audited and calibrated by a time distribution audit server at all times or at regular intervals.
Patent Document 1 describes a technique in which a time stamp device issues a time stamp using a local time when the time distribution audit server has received time auditing / calibration. Patent Document 2 describes that when a time stamp device cannot always connect to a time distribution audit server, the time is corrected by a radio clock to maintain the accuracy of the clock after receiving the time distribution. ing.
JP 2002-229869 A JP 2006-236251 A

  The above-described conventional method for calibrating / correcting the time of the time stamp apparatus with an external time source has a high possibility of being subject to time tampering from the outside, and also complicates the apparatus. In addition, the conventional time stamp apparatus does not have a means for confirming that the time in the issued time stamp is an appropriate time, and even if the time is appropriate at the time of receiving the time distribution audit, I didn't have a way to check that the time was correct.

  The present invention has been made in view of such circumstances, and its purpose is to issue a time stamp of the correct time without having a complicated device configuration and without being tampered with from the outside. It is an object of the present invention to provide a time stamp apparatus and method capable of performing the above.

  The present invention has been made to solve the above problem, and includes a first oscillation unit and a second oscillation unit that generate an oscillation signal having a constant period, and an oscillation signal generated by the first oscillation unit. A first time control unit that generates a time for time stamp, a second time control unit that generates a confirmation time from an oscillation signal generated by the second oscillation unit, and a first time control unit. From the client terminal and the time audit control unit that transmits the generated time stamp time information to the time audit station system, receives the time audit certificate data for the transmitted time information, and writes the time audit certificate data to the time audit certificate holding unit When a time stamp request is received, and the time stamp time generated by the first time control unit when the time stamp request is received is stored in the time audit certificate holding unit A predetermined condition that is within the validity period obtained from the audit certificate data and that an error between the time for the time stamp and the confirmation time generated by the second time control unit is determined to be correct. And a time stamp generating unit that generates time stamp data according to the time for the time stamp and returns the data to the client terminal.

  Further, the present invention is the above-described time stamp device, wherein the transmission data includes information on an encrypted time stamp time obtained by encrypting the time stamp time generated by the first time control unit, and A signal transmission unit that outputs transmission data including information on the encryption confirmation time obtained by encrypting the confirmation time generated by the time control unit of time 2, and the time from the time for encryption time stamp set in the transmission data The information processing apparatus further includes a time acquisition unit that decrypts the information on the stamp time from the encryption confirmation time.

  Further, the present invention is the above-described time stamp device, wherein a first encryption time holding unit that holds information in which a time stamp time is associated with an encryption time stamp time, a confirmation time, A second encryption time holding unit that holds information associated with the encryption confirmation time, and the signal transmission unit generates a time stamp time generated by the first time control unit. The time information for encryption time stamp corresponding to the time information for confirmation and the time information for confirmation corresponding to the time for confirmation generated by the second time control unit are read from the encryption time holding unit and the transmission data is output. It is characterized by.

  Further, the present invention is the time stamp device described above, wherein the time audit control unit corrects the time for time stamp based on information on time lag indicated by the received time audit certificate data. It is characterized by.

  Further, the present invention is the time stamp apparatus described above, wherein the first time control unit generates the time for time stamp, and the second time control unit generates the time for confirmation. A state in which the second time control unit generates the time for time stamp and the state in which the first time control unit generates the confirmation time is switched by a predetermined time.

  Further, the present invention is the time stamp device described above, wherein the time stamp creating unit generates time stamp data further setting the time audit certificate data.

  The present invention is also the time stamp device described above, wherein the computer device is connected to the client terminal via a network, the first oscillating unit, the second oscillating unit, and the first time control. And a hardware security module including the second time control unit, the time audit control unit, and the time stamp generation unit.

  In addition, the present invention is the time stamp device described above, which is a hardware security module connected to the client terminal by a connector.

  Further, the present invention is a time stamp method used in a time stamp device, wherein the first oscillating unit and the second oscillating unit generate an oscillation signal having a constant period, and the first time control unit A time stamp time is generated from the oscillation signal generated by the first oscillation unit, and a second time control unit generates a confirmation time from the oscillation signal generated by the second oscillation unit, and a time audit is performed. The control unit transmits the time stamp time information generated by the first time control unit to the time audit station system, receives the time audit certificate data for the transmitted time information, and holds the time audit certificate The time stamp creation unit receives a time stamp request from the client terminal, and for the time stamp generated by the first time control unit when the time stamp request is received. The time is within the expiration date obtained from the time audit certificate data stored in the time audit certificate holding unit, and the time for the time stamp and the confirmation generated by the second time control unit A time stamp method characterized in that when a predetermined condition for determining that the time is correct satisfies an error with a time for use, the time stamp data is generated based on the time for the time stamp and returned to the client terminal. is there.

  Further, the present invention is the time stamp method described above, wherein the first time control unit generates the time for time stamp, and the second time control unit generates the time for confirmation; A state in which the second time control unit generates the time for time stamp and the state in which the first time control unit generates the confirmation time is switched by a predetermined time.

  According to the present invention, a check is performed with another clock in order to prevent an undesired time stamp from being continuously issued due to a significant shift in the clock after the audit. As a result, it is possible to prevent a time stamp with an incorrect time from being issued.

  Hereinafter, an embodiment of the present invention will be described with reference to the drawings.

[First Embodiment]
FIG. 1 is an overall configuration diagram of a time stamp system according to a first embodiment of the present invention. As shown in the figure, the time stamp system includes a time stamp device 10 as a TSU (Time-Stamping Unit) used in a TSA (Time-Stamping Authority), and the time stamp device 10. Time audit authority system 70 of a time authority (TA) that issues a time audit certificate indicating an audit result of a time generated by receiving power supplied from an independent power source provided in the apparatus, and a time stamp The client terminal 80 requests the apparatus 10 to issue a time stamp, receives the time stamp data, and adds it to the digital document. The time stamp apparatus 10 and the time audit station system 70 are connected by a network such as ISDN, for example. Further, for example, a personal computer (hereinafter referred to as “PC”) is used as the client terminal 80, and the time stamp device 10 is connected via a network such as the Internet or a LAN (Local Area Network). Or a connector such as a USB.

  FIG. 2 is a functional block diagram of the time stamp apparatus 10 (TSU) according to the present embodiment. In the figure, the time stamp device 10 includes a local clock unit 20, a time stamp processing unit 30, a communication unit 50, a time stamp receiving / outputting unit 51, and a display unit 52. The time stamp device 10 can be configured by connecting a local security unit 20 and a hardware security module (HSM) as the time stamp processing unit 30 to a computer device such as a PC, for example. In this case, the communication unit 50, the time stamp reception / output unit 51, and the display unit 52 can be realized by a PC.

  The communication unit 50 transmits / receives data to / from other devices, and here, performs encrypted communication with the time audit station system 70 and the client terminal 80 using SSL (Secure Socket Layer) or the like. The time stamp receiving / outputting unit 51 receives a time stamp request from the client PC as the client terminal 80, notifies the time stamp processing unit 30, and returns the time stamp generated by the time stamp processing unit 30 to the client terminal 80. . The display means 52 is a display or lamp such as an LCD (Liquid Crystal Display), and displays information.

  The local clock unit 20, which is an HSM, includes time setting means 21, independent power supply means 22a and 22b, oscillation means 23a and 23b, time control means 24a and 24b, time A temporary holding means 25a, time B temporary holding means 25b, and encryption. Time label holding means 26 a and 26 b and signal transmission means 27 are provided.

  The independent power supply means 22a supplies power to the oscillation means 23a, and the independent power supply means 22b supplies power to the oscillation means 23b. The oscillating means 23a and 23b generate and output an oscillation signal having a predetermined frequency based on the frequency of the source oscillator. The time control unit 24a generates a time using the oscillation signal output from the oscillation unit 23a, and temporarily writes the generated time in the time A temporary holding unit 25a. Similarly, the time control unit 24b generates a time using the frequency signal output from the oscillation unit 23b, and temporarily writes the generated time in the time B temporary holding unit 25b. Here, the time generated by the time control unit 24a using the oscillation signal A that is the oscillation signal from the oscillation unit 23a is referred to as time A, and the time control unit 24b uses the oscillation signal B that is the oscillation signal from the oscillation unit 23b. The time to be generated is time B. The encryption time label holding means 26a and 26b store information in which the time is associated with the encryption time label corresponding to the time, and the time control means 24a is the encryption time corresponding to the generated time A. The encryption time A which is a label is read from the encryption time label holding unit 26a and output to the signal transmission unit 27, and the time control unit 24b converts the encryption time B which is the encryption time label corresponding to the generated time B into the encryption time. Read from the label holding means 26 b and output to the signal transmitting means 27. The signal transmission unit 27 outputs the information of the encryption time A and the encryption time B and the identification number of the local clock unit 20 to the time stamp processing unit 30.

  The time stamp processing unit 30 which is an HSM includes a signal receiving unit 31, a decrypting unit 32, encrypted time label holding units 33a and 33b, a local clock identification number confirmation unit 34, a time A holding unit 35a, a time B holding unit 35b, Time stamp issuance control means 36, time audit control means 37, signature key / certificate holding means 38, time audit certificate holding means 39, time comparison means 40, time stamp creation means 41, signature means 42, time stamp time confirmation means 43.

  The signal receiving unit 31 receives the encryption time A, the encryption time B, and the identification number of the local clock unit 20 from the local clock unit 20. The decrypting means 32 refers to the encrypted time label holding means 33a that stores information in which the time A and the encrypted time A are associated with each other, decrypts the received encrypted time A into the time A, and sends it to the time A holding means 35a. Write. Similarly, the decrypting means 32 decrypts the encrypted time B received with reference to the encrypted time label holding means 33b that stores the information that associates the time B with the encrypted time B into the time B, and the time B holding means Write to 35b. The local clock identification number confirmation unit 34 confirms the validity of the local clock unit 20 that has output the encryption time A and the encryption time B based on the received identification number of the local clock unit 20.

  The time audit control unit 37 sends the time A or time B information to the time audit station system 70 and the device authentication certificate data (hereinafter simply referred to as “device”) of the time stamp device 10 read from the signature key / certificate holding unit 38. A time audit request in which "authentication certificate" is set is transmitted to the time audit authority system 70, and the returned time audit certificate data (hereinafter simply referred to as "time audit certificate" or "time audit certificate") ) Is written in the time audit certificate holding means 39. The time stamp issuance control means 36 receives the time stamp request data from the time stamp reception / output means 51, determines whether or not a time stamp can be created, and if it can be created, the time stamp issuance control means 36 proceeds to the time stamp creation means 41. Instructs creation of a time stamp. The time comparison means 40 determines whether the currently held time information is correct by comparing time A and time B. The time stamp creating means 41 uses the information in the time stamp request data for creating the time stamp, the data of the time A or the time B when it is determined to be correct by the time comparing means 40 and the time audit control means 37. Time stamp data before digital signature is generated. The signature unit 42 adds an electronic signature to the time stamp data generated by the time stamp generation unit 41 using a signature key that is a secret key for signature of the time stamp device 10. If the stamp time in the generated time stamp data is the time A, the time stamp time confirmation unit 43 has an error from the time B held in the time B holding unit 35b. If the error from the time A held in the A holding means 35a is within a predetermined allowable value, the time stamp data is output to the time stamp receiving / outputting means 51.

  When the client terminal 80 is a portable computer terminal such as a mobile computer, the local clock unit 20 and the HSM as the time stamp processing unit 30 are configured to be directly connected to the client terminal 80 by USB or the like. Can do. In this case, the communication unit 50 that communicates with the time inspection station system 70 and other devices, the time stamp reception / output unit 51, and the display unit 52 can be realized by the client terminal 80.

  The time audit bureau system 70 receives a time audit means 71 for receiving a time audit request, the time set in the received time audit request, and the UTC (Coordinated Universal Time) managed by the time audit bureau system 70 with high accuracy. A time audit certificate issuing means 72 for detecting a time lag from the correct current time synchronized with (Coordinated Universal Time) and returning a time audit certificate to which the time error and the electronic signature of the time audit authority are added. .

  When a time stamp is generated in a mobile PC environment or the like that cannot be always connected to the time distribution audit server, the time audit certificate received once is desired to be valid after the mobile PC is stopped / started. However, in the conventional time stamp apparatus, the HSM that performs time stamp processing is connected to a personal computer (PC) and operates by receiving power supply. Therefore, if the PC is restarted or stopped after receiving a time audit for the clock in the HSM, the clock is also initialized. Therefore, it was necessary to receive time distribution and audit again after the start. Therefore, it is conceivable to have an independent power supply (battery) in the HSM. However, this makes it possible to keep the time for a certain period, but since the power supply is provided in the HSM, if the power supply stops operating, other functions, that is, a signature encryption processing function, a time stamp generation function Although the data processing function, the memory function, the communication function, etc. operate normally, the HSM itself needs to be discarded / replaced, which is not economical. Therefore, in the time stamp device 10 according to the present embodiment, the local clock unit 20 that operates by receiving power from the autonomous power supply is detachable, and when the power is cut off, only the local clock unit 20 is replaced with a new one. It can be exchanged. While the local clock unit 20 is not exchanged with another local clock unit 20, the time audit certificate received once is stored in the time audit certificate holding means 39 of the time stamp processing unit 30 and is stored in another local clock unit. When it is detected that the clock unit 20 has been replaced, the local clock identification number confirmation unit 34 of the time stamp processing unit 30 deletes the time audit certificate stored in the time audit certificate holding unit 39.

FIG. 3 shows an example of data held by the encrypted time label holding unit 26a of the local clock unit 20. The encrypted time label holding unit 26b holds similar data.
The encrypted time label holding means 26a, 26b includes a time label indicating time information, an encrypted time label corresponding to the time label, a hash value generated from the encrypted time label and the identification number, and the remaining number of days. Information associated with the label and an identification number identifying the local clock unit 20 are held, and these pieces of information are output to the time stamp processing unit 30 as transmission data. By holding such data, the local clock unit 20 can generate the information of the time A and time B generated by itself only during the date and time period indicated by the time labels held by the encrypted time label holding means 26a and 26b. The data can be output to the time stamp processing unit 30. Therefore, the encrypted time label holding means 26a and 26b hold a time label corresponding to a period during which the local clock unit 20 is guaranteed to operate correctly (for example, a period during which the independent power supply means 22a and 22b can supply power). As a result, it is possible to prevent the local clock unit 20 from being used when the period has passed. In the following, the encryption time label, identification number, hash value, and remaining days label corresponding to time A will be referred to as encryption time label A, identification number A, hash value A, and remaining days label A. The corresponding encryption time label, identification number, hash value, and remaining day number label are described as encryption time label B, identification number B, hash value B, and remaining day number label B.

  The hash value held in the encryption time label holding means 26a, 26b is, for example, 40 hexadecimal digits by using an algorithm such as SHA1 (Secure Hash Algorithm 1) from information obtained by combining the encryption time label and the identification number. A hash value of (160 bits) is calculated, and only the first 20 digits of the calculated hash value are extracted. In addition, the remaining number of days label indicates how many days are left until the date indicated by the label corresponding to the last time among the held time labels, that is, until the date that can be used is reached. By displaying the remaining number of days indicated by the remaining number of days label on the display means 52, it is possible to notify the user that the expiration date of the local clock unit 20 is almost over and prompt the user to replace the local clock unit 20 with a new one. Note that the date and time when “−1” is set in the remaining days label indicates that there is a sufficient number of days until the expiration date is reached. Further, the remaining time may be used instead of the remaining days.

FIG. 4 shows an example of data held by the encrypted time label holding means 33 a of the time stamp processing unit 30. The encrypted time label holding unit 33b also holds similar data.
In the figure, encrypted time label holding means 33a and 33b hold information in which an encrypted time label is associated with a decryption time label indicating a time after decryption of the encrypted time label. For example, the encrypted time label holding means 26a and 26b hold information for one year, the encrypted time label holding means 33a and 33b hold information for 20 years, and the like. Furthermore, by holding information corresponding to a time of a sufficiently longer period than the encrypted time label holding means 26a, 26b, the time can be decrypted even when the local clock unit 20 is replaced with a new one. Hereinafter, a decryption time label corresponding to the encryption time label A is referred to as a decryption time label A, and a decryption time label corresponding to the encryption time label B is referred to as a decryption time label B.

FIG. 5 is a diagram for explaining the time stamp control flag held in the storage means included in the time stamp issue control means 36.
As shown in the figure, the time stamp control flag includes four flags F0 to F3, and a time normal flag or a time abnormal flag is set in each of the flags F0 to F3. In the flag F0, a time normal flag N0 indicating that the local clock unit 20 is normal or a time abnormality flag E0 indicating that the local clock unit 20 is abnormal is set. In the flag F1, a time normal flag N1 indicating that the time audit is normal or a time abnormality flag E1 indicating that the time audit is abnormal is set. In the flag F2, a time normal flag N2 indicating that it is within the valid period indicated by the time audit certificate or a time abnormality flag E2 indicating that it is outside the valid period is set. As a result of the comparison between time A and time B, a time normal flag N3 indicating that the time is normal or a time abnormality flag E3 indicating that the time is abnormal is set in the flag F3.

Next, the operation of the time stamp device 10 will be described.
FIG. 6 is a diagram showing an outline operation flow of the time stamp apparatus 10, and each flow is repeatedly executed.
First, time A and time B are initially set in the local clock unit 20 (step S101). After the initial setting, the local clock unit 20 starts generating time A and time B, and corresponds to the generated time A every time time A is generated at a constant cycle (for example, every second). Encrypted time label corresponding to the generated time B each time the generated data A including the encrypted time label A, the identification number A, the hash value A, and the remaining number of days label A is generated. Transmission data B including information of B, identification number B, hash value B, and remaining days label B is output to the time stamp processing unit 30 (step S102).

  Each time the time stamp processing unit 30 receives transmission data A and transmission data B from the local clock unit 20, the time stamp processing unit 30 confirms the validity of the transmission data, and transmits the time A from the encrypted time label A of the transmission data A. Time B is obtained from the encryption time label B of data B (step S111). The time stamp processing unit 30 compares the obtained time A and time B to determine whether the time is normal, and holds a time stamp control flag indicating the determination result as issuance permission information (step S112).

  The time stamp processing unit 30 sets time A or time B information obtained in step S111, and periodically (or makes necessary) a time audit request to which the device authentication certificate of the time stamp processing unit 30 is added. In response (non-regularly), it is transmitted to the time audit bureau system 70. Thereby, the time audit certificate indicating the time audit result is received from the time audit station system 70 (step S121). The time stamp processing unit 30 determines whether a time audit certificate indicating that the time is an error within the normal time is received, and holds a time stamp control flag indicating the determination result as issue permission information. Whether time A or time B is used for the time audit request follows a predetermined rule. For example, time A (or time B) can always be used, or time A and time B can be used every time or alternately every predetermined time (number of times). Further, the time audit request may be transmitted autonomously from the time stamp device 10 every predetermined time. The time audit request transmitted from the time audit station system 70 every predetermined time is received and transmitted. It may be. The time audit can be performed at a cycle shorter than the expiration date that can be set in the time audit certificate, such as every several hours.

  The time audit certificate includes error information indicating how long the time notified by the time audit request is from UTC and information on the expiration date of the time audit certificate. If the time is large, a zero value is set as the expiration date. The time stamp processing unit 30 determines whether the time A or the time B notified from the local clock unit 20 is correct based on the expiration date information set in the received time audit certificate, and indicates the determination result. The stamp control flag is held as issuance permission information, and the expiration date of the time audit certificate is checked every predetermined time (for example, at the same interval as the reception interval of the transmission data A and B) (step S122). The time stamp processing unit 30 holds the received time audit certificate until the next time audit certificate is received or until the exchange of the local clock unit 20 is detected.

  When the time stamp issuing request is received from the client terminal 80, the time stamp processing unit 30 has a normal time by comparing the time A and the time B in step S112 based on the time stamp issuance permission information (time stamp control flag). And the time is determined to be within the normal time from the time audit certificate received in step S121, and the current time is within the validity period indicated by the time audit certificate held. Is confirmed, the time stamp data is generated from the current time A or time B and returned to the client terminal 80 (step S131). For generating the time stamp data, if the currently held time audit certificate is for the time A at the time audit, the current time A is used, and if it is for the time B at the time audit, Use the current time B. In addition, after the time stamp data is generated and before output to the client terminal 80, the time in the time stamp data is checked based on the confirmation time A or time B that is not used for generating the time stamp data.

  The time stamp request received from the client terminal 80 includes hash data of a digital document to which a time stamp is desired. The time stamp data generated by the time stamp processing unit 30 in response to the time stamp request includes data including the hash data of the digital document acquired from the time stamp request, the current time A or time B, and the time audit certificate. It is an electronic signature with the signature key of the time stamp device 10.

  When verifying the time stamp of the digital document, the client terminal 80 recalculates the hash data of the digital document and uses the public key paired with the signature key of the TSA (time stamp device 10) to obtain the electronic signature value of the time stamp data. The validity is confirmed by decrypting and verifying. The public key may be received in advance and held in the client terminal 80, or may be included in the time stamp data. If the recalculated hash value matches the hash value included in the time stamp data, it can be proved that the digital document exists at the time stamp time indicated by the time stamp data. It is judged that there was.

  Next, detailed operation of the time stamp apparatus 10 will be described. Here, it is assumed that the oscillating means 23a and 23b output an oscillation signal having a period of 1 second.

FIG. 7 is a detailed flow of the time initial setting process in step S101 of FIG. Here, a case where the initial setting of time A is performed will be described.
The time setting unit 21 of the local clock unit 20 determines whether a flag indicating that the time A has been initialized is set in the storage unit provided in the time setting unit 21 (step S201). When the time setting means 21 determines that the flag indicating that the time A has been initialized is not set (step S201: YES), the time setting means 21 receives a time label based on the time output from the TA from an external time setting device. Then, the reception timing of the time label is synchronized with the oscillation signal A generated by the oscillation means 23a (step S202). The time setting means 21 determines whether or not the synchronization error resulting from the synchronization in step S202 is smaller than a predetermined specified value (step S203). If it is determined that the value is equal to or greater than the predetermined specified value (step S203: NO), the process returns to step S202 and the synchronization process is performed again.

When it is determined that the synchronization error resulting from the synchronization in step S202 is smaller than the predetermined specified value (step S203: YES), the time control unit 24a displays the time label indicating the acquired time A as time A temporary. The time setting means 21 sets the flag indicating that the time A has been initialized (step S205) in the storage means included in the time setting means 21 (step S205).
If it is determined in step S201 that the flag indicating that the time A has been initially set is set (step S201: NO), the process ends.

  Although the initial setting process for time A has been described above, the same applies to the initial setting for time B. In the case of the initial setting process for time B, the oscillating means 23a, the time control means 24a, the time A temporary holding means 25a, the oscillation signal A, and the time A are respectively set to the oscillating means 23b, the time control means 24b, the time B temporary holding means 25b, The oscillation signal B and time B may be replaced.

FIG. 8 is a detailed flow of the time generation transmission process in step S102 of FIG. Here, the case of performing time generation transmission processing at time A will be described.
The time control unit 24a obtains a time A ′ that is a past time A held in the time A temporary holding unit 25a based on the oscillation rising timing of the oscillation signal A output from the oscillation unit 23a (oscillation unit A). Then, a new time A is generated by adding 1 second to the time A ′, and is set in the time A temporary holding means 25a (step S301). The time control unit 24a uses the encrypted time label holding unit to transmit the information of the encrypted time label A, the identification number A, the hash value A, and the remaining number of days label A corresponding to the time A as the transmission data A indicating the time A. It reads from 26a (step S302). The time control unit 24a determines whether or not the information has been successfully read from the encrypted time label holding unit 26a based on whether the read data is 0 (step S303). If it is determined that the information has been successfully read (step S303: YES), the signal transmission unit 27 reads the encrypted time label A, the identification number A, the hash value A, and the read value from the encrypted time label holding unit 26a. Then, the transmission data A including the information of the remaining number of days label A is transmitted to the time stamp processing unit 30 (step S304), and the processing from step S301 is repeated again. If it is determined that reading of information from the encrypted time label holding unit 26a has failed (step S303: NO), the process ends.

  Although the time generation / transmission process at time A has been described above, the same applies to the time generation / transmission process at time B. In the case of time generation transmission processing at time B, the oscillation means 23a, time control means 24a, time A temporary holding means 25a, encrypted time label holding means 26a, oscillation signal A, time A, time A ', transmission data A, encryption Oscillating means 23b, time control means 24b, time B temporary holding means 25b, encrypted time label holding means 26b, oscillation signal B, time B, respectively. , Time B ′, transmission data B, encrypted time label B, identification number B, hash value B, remaining number of days label B.

FIG. 9 is a detailed flow of the time setting process in step S111 of FIG. Here, the case where the time setting process of time A is performed will be described.
The signal receiving means 31 of the time stamp processing unit 30 receives the transmission data A from the local clock unit 20 (step S401). The decryption means 32 determines whether the encryption time label A set in the transmission data A is not all 0 (a series of 0s) and does not match the encryption time label A received before. It is determined whether label A is valid (step S402). If it is determined that it is valid (step S402: YES), the decryption means 32 reads the decryption time label A corresponding to the encryption time label A from the encryption time label holding means 33a (step S403). At this time, processing is performed by sequentially searching the rows after the row from which the previous decoding time label A is read, or by searching only the rows near the row from which the previous decoding time label A is read. Can be speeded up. The decoding unit 32 obtains the time A ′ that is the past time A held in the current time A holding unit 35a, and the time indicated by the read decoding time label A, that is, the time A is the time A ′. It is determined whether or not the time is further advanced (step S404).

When it is determined that the time A is a time advanced from the time A ′ (step S404: YES), the local clock identification number confirmation unit 34 confirms the validity by the clock identification (step S405). Details of this processing will be described later.
When the local clock identification number confirmation means 34 determines that the clock identification is correct, the decryption means 32 stores the decryption time label A in the time A holding means 35a (step S406), and the time stamp issuance control means 36 The clock normal flag N0 is set in the storage means provided (step S407). When the remaining number of days label A set in the transmission data A is a negative value (step S408: YES), the decrypting means 32 repeats the processing from step S401 again, and the remaining number of days label A is a positive value. If this is the case (step S408: NO), the remaining number of days is displayed on the display means 52, or a warning is output by a warning means (not shown) (for example, a device that informs the user that the local clock replacement time is near) ( Step S409), the processing from step S401 is repeated again.

  When it is determined in step S402 that the encrypted time label A is not valid (step S402: NO), or when it is determined in step S404 that the time A is not a time advanced from the time A ′ (step S402). (S404: NO), the decryption means 32 sets the clock abnormality flag E0 in the storage means included in the time stamp issue control means 36 (step S410), and ends the process.

Although the time setting process when the transmission data A is received has been described above, the same applies to the time setting process when the transmission data B is received. In the case of time setting processing when transmission data B is received, encrypted time label holding means 33a, time A holding means 35a, time A, time A ′, transmission data A, encrypted time label A, and decryption time label A , Remaining time number label A is encrypted time label holding means 33b, time B holding means 35b, time B, time B ', transmission data B, encrypted time label B, decryption time label B, remaining day number label B and Replace it.
The decryption key may be stored in advance, and the encrypted time labels A and B may be decrypted each time.

FIG. 10 is a detailed flow of the time comparison process in step S112 of FIG.
The time comparison unit 40 acquires the time A information from the time A holding unit 35a and the time B information from the time B holding unit 35b (step S501), and the time error between the time A and the time B is a predetermined rule. It is determined whether it is smaller than the value (step S502). When it is determined that the time difference between the time A and the time B is smaller than the predetermined specified value (step S502: YES), the time comparison unit 40 stores the clock normal flag N3 in the storage unit included in the time stamp issue control unit 36. Is set (step S503), and the process returns to step S501. On the other hand, when it is determined that the time difference between the time A and the time B is equal to or greater than the predetermined specified value (step S502: NO), the time comparison unit 40 stores the clock in the time stamp issuance control unit 36. The abnormality flag E3 is set (step S504), and a warning is output by the display means 52 or a warning means (not shown) to prompt replacement of the local clock (step S505).

FIG. 11 is a detailed flow of the time audit process in step S121 of FIG. Hereinafter, a case where the time audit is performed based on the time A will be described.
The time audit control unit 37 detects that it is a predetermined time for transmitting the time audit request, or receives a time audit instruction from the time audit station system 70 (step S601). The time audit control unit 37 receives the TA device authentication certificate from the time audit station system 70 (step S602) and confirms the validity (step S603). If it is determined that the TA device authentication certificate is correct (step S603: YES), the device authentication certificate of the time stamp device 10 acquired from the signature key / certificate holding means 38 is further transmitted to the time auditing authority system 70. Thus, when it is confirmed by the time auditing bureau system 70 that the time stamp apparatus 10 is correct, the communication means 50 establishes encrypted communication by SSL. The time audit control unit 37 acquires the time A from the time A holding unit 35a, and transmits a time audit request in which the acquired time A is set to the time audit station system 70 (step S604).

  When an abnormality such as a communication error does not occur and the transmission of the time audit request is successful (step S605: YES), the time audit control unit 37 receives the time audit certificate from the time audit station system 70. The time audit control unit 37 writes the received time audit certificate and the identification number A in the transmission data A in the time audit certificate holding unit 39 (step S606). The time audit control unit 37 determines that the time audit is successful if a normal value (positive value) is set in the expiration date information of the received time audit certificate (step S607: YES), and the time stamp. Information on the expiration date of the time audit certificate is set in the storage means held by the issue control means 36, and the clock normal flags N1 and N2 are set (step S608). The time comparison unit 40 performs the audit in the time audit certificate from the audit time in the time audit certificate, the time A acquired from the time A holding unit 35a, and the information on the time B acquired from the time B holding unit 35b. A time error of time B with respect to time is calculated (step S609). If the time error of the calculated time B with respect to the TA time is smaller than a predetermined specified value (step S610: YES), the process is terminated as it is.

If it is determined in step S603 that the TA device authentication certificate is not correct (step S603: NO), if the time audit request transmission fails in step S605 (step S605: NO), the display means 52 or A warning of failure of time audit is output by warning means (not shown) (step S613).
In step S607, when the time expiration date information in the time audit certificate is not positive (step S607: NO), the clock abnormality flag E1 is set in the storage unit included in the time stamp issue control unit 36 ( Step S611), a warning is output by the display means 52 or a warning means (not shown) to prompt the exchange of the local clock (Step S613).
In step S609, when the time error of the calculated time B with respect to the TA time is equal to or greater than a predetermined value (step S610: NO), the clock abnormality flag E3 is set in the storage unit included in the time stamp issue control unit 36. Then, a warning is output by the display means 52 or a warning means (not shown) to prompt replacement of the local clock (step S613).

  Although the audit process at time A has been described above, the same applies to the audit process at time B. In the case of the audit process at time B, time A holding means 35a, time A, identification number A, time B holding means 35b, and time B are set as time B holding means 35b, time B, identification number B, time A holding means 35a, respectively. The time A may be replaced.

FIG. 12 is a detailed flow of the time audit certificate expiration date check process in step S122 of FIG. Hereinafter, a case where the immediately preceding time audit is performed at time A will be described.
When the time normality flag N1 is set in the time stamp issuing control means 36 (step S701), the time audit control means 37 reads the information of time A from the time A holding means 35a (step S702). The time audit control unit 37 issues a time stamp when the read time A is within the expiration date set in the time audit certificate held in the time audit certificate holding unit 39 (step S703: YES). The time normal flag N2 is set in the storage means provided in the control means 36 (step S704). Further, the time audit control unit 37 determines whether or not the expiration date set in the time audit certificate becomes the expiration date after the specified number of days (or time) (step S705). If it is determined that the expiration date is not yet reached after the specified number of days (or time), the process ends (step S705: NO), and if the expiration date is determined after the specified number of days (or time) Then, the remaining number of days or the remaining time is displayed on the display means 52 or a warning means (not shown) to warn that the time audit certificate is almost due (step S706).

The time audit control unit 37 ends the process when the time normal flag N1 is not set in the time stamp issuance control unit 36 (step S701: NO).
In step S703, when the read time A exceeds the expiration date set in the time audit certificate (step S703: NO), the time abnormality flag E2 is stored in the storage unit included in the time stamp issue control unit 36. Is set (step S707), and a time audit request is transmitted to the TA time audit station system 70 (step S708).

  In the above description, the time audit certificate expiration date check process when the previous time audit is performed at time A has been described, but the same applies to the time audit certificate expiration date check process when the immediately previous time audit is performed at time B. is there. In the case of the time audit certificate expiry date check process when the previous time audit is performed at time B, the time A holding means 35a, time A, and remaining day number label A are respectively time B holding means 35b, time B, remaining day number label. Replace with B.

FIG. 13 is a detailed flow of the time stamp issuing process in step S131 of FIG. Hereinafter, a case where the immediately preceding time audit is performed at time A will be described.
The time stamp issuance control means 36 receives time stamp request data from the client PC as the client terminal 80 via the communication means 50 and the time stamp reception / output means 51 (step S801). The time stamp issuance control means 36, when the clock normal flag N0 is set in the storage means (step S802: YES) and the time normal flag N3 is set by time comparison (step S803: YES), Information on the time A, which is the current time, is acquired from the A holding means 35a (step S804). When the time stamp issuance control means 36 refers to its own storage means and determines that the time A is within the validity period and that the time normal flags N1 and N2 have been set (step S805: YES), The time stamp creating means 41 is instructed to generate a time stamp using the time A. The time stamp creating means 41 generates plaintext data of a time stamp including the hash data of the digital document acquired from the time stamp request, the time A, and the time audit certificate held in the time audit certificate holding means 39. Generate. The signature unit 42 performs an electronic signature on the generated plaintext data using the signature key of the TSA (time stamp device 10) read from the signature key / certificate holding unit 38, and adds it to the plaintext data ( Step S806). The time stamp time confirming unit 43 determines that the time error between the time A that is the stamp time in the time stamp data generated in this way and the time B acquired from the time B holding unit 35b is smaller than a predetermined specified value. (Step S807: YES), a time stamp response including the generated time stamp data is returned to the client PC (Step S808).

  When the clock normal flag N0 is not set in the storage means (step S802: NO), when the time normal flag N3 is not set (step S803: NO), when the time A is not within the expiration date, or If the time normal flags N1 and N2 are not set in the storage means (step S805: NO), or the time A that is the stamp time in the time stamp data and the time B acquired from the time B holding means 35b If the time error is equal to or greater than the predetermined specified value (step S807: NO), the time stamp creating means 41 returns a time stamp response in which an error is set to the client PC (step S809).

  In the above description, the time stamp issuing process when the immediately preceding time audit is performed at the time A has been described, but the same applies to the time stamp issuing process when the immediately preceding time audit is performed at the time B. In the case of the time audit certificate expiry date check process when the immediately preceding time audit is performed at time B, time A holding means 35a, time A, time B holding means 35b, and time B are set as time B holding means 35b and time B, respectively. The time A holding means 35a and the time A may be replaced.

FIG. 14 is a flow of the time audit certificate presence / absence confirmation process, which is executed at predetermined time intervals such as every second and before the time audit certificate expiration date check process of FIG.
The time audit control unit 37 determines whether or not the time audit certificate holding unit 39 holds the time audit certificate (step S901). When the time audit certificate is held, the time audit certificate expiration date check process shown in FIG. 12 is executed (step S902), and the processes from step S901 are repeated. On the other hand, when the time audit certificate is not held in the time audit certificate holding means 39, the clock abnormality flags E1 and E2 are set in the storage means included in the time stamp issuance control means 36, and the processing from step S901 is repeated. (Step S903).

FIG. 15 is a detailed flow of the clock identification confirmation process in step S405 of FIG.
The local clock identification number confirmation unit 34 uses the SHA1 that is the same algorithm as the hash algorithm held in the local clock unit 20 from information obtained by combining the encrypted time label A and the identification number A set in the transmission data A. A hash value α is calculated using an algorithm (step S1001). If the first 20 digits of the calculated hash value α are the same as the hash value A set in the transmission data A (step S1002: YES), the local clock identification number confirmation unit 34 determines the time audit certificate holding unit 39. Is acquired (step S1003), and it is determined whether it matches the identification number A acquired from the transmission data A (step S1004). When the identification number A ′ and the identification number A match (step S1004: YES), the local clock identification number confirmation unit 34 terminates the processing. When the identification number A ′ and the identification number A do not match (step S1004: NO), the time clock certificate holding unit The time audit certificate stored in 39 is erased (step S1005).

  If it is determined in step S1002 that the calculated hash value α does not match the hash value A set in the transmission data A, the local clock identification number confirmation unit 34 stores the time audit certificate holding unit 39. The stored time audit certificate is erased (step S1006), and the clock abnormality flag E0 is set in the storage means included in the time stamp issue control means 36 (step S1007).

  In the above, the clock identification confirmation process when the transmission data A is received has been described, but the same applies to the clock identification confirmation process when the transmission data B is received. In the case of the clock identification confirmation processing when the transmission data B is received, the transmission data A, the encryption time label A, the identification number A, the hash value A, and the identification number A ′ are respectively set to the time B, the transmission data B, and the encryption time. The label B, the identification number B, the hash value B, and the identification number B ′ may be replaced.

In this way, by including the unique identification number for identifying the local clock unit 20 and the hash value in the transmission data transmitted from the local clock unit 20, the time stamp processing unit 30 receives a time audit certificate in the past. It is compared with the identification number of the watch, and if there is a change, the time audit certificate received in the past is deleted. The hash value is generated from the encrypted time label and the identification number. However, since the hash value exists, it is not necessary to create the encrypted time label for each local clock unit 20, and the time stamp processing unit 30 stores the hash value. Power decoding data can be reduced. Further, it is possible to prevent the time audit certificate from being used continuously by inputting a new local clock unit 20 and a fake identification number (because it is fixed).
Therefore, as long as the time audit certificate is within the validity period, even when the time stamp device 10 is turned off, it is possible to issue a time stamp again without starting a new time audit at the time of activation.

16 and 17 show examples of the hardware configuration of the local clock unit 20.
In FIG. 16, the hardware security unit of the local clock unit 20 includes a CPU (central processing unit) 101a, an EEPROM (Electronically Erasable and Programmable Read Only Memory) 102a, a RAM (Random Access Memory) 103a, a power supply unit 104a, a clock 105a, A configuration in which an input I / F (interface) 106a and an output I / F 107a are connected by a bus 108a, a CPU 101b, an EEPROM 102b, a RAM 103b, a power supply unit 104b, a clock 105b, an input I / F (interface) 106b, and an output I / F107b is connected by a bus 108b.

The CPU 101a is a central processing unit that performs calculation and control, and implements the time setting means 21 and the time control means 24a of FIG. The EEPROM 102a stores the programs of the time setting unit 21 and the time control unit 24a, and realizes the encrypted time label holding unit 26a. The RAM 103a is a readable / writable memory, and includes a work area when the CPU 101a executes various programs, and implements the time A temporary holding means 25a. The power supply unit 104a implements the independent power supply unit 22a, and the timepiece 105a implements the oscillation unit 23a.
Similarly, the CPU 101b realizes the time setting means 21 and the time control means 24b, and the EEPROM 102b stores the programs of the time setting means 21 and the time control means 24b, and the time setting means 21 and the encrypted time label holding means 26b. Realize. The RAM 103b includes a work area when the CPU 101b executes various programs, and implements the time B temporary holding unit 25b. The power supply unit 104b implements the independent power supply unit 22b, and the timepiece 105b implements the oscillation unit 23b.
The input I / Fs 106a and 106b can receive data from the outside, realize the time setting means 21, and the output I / Fs 107a and 107b can transmit data to the outside. The transmission means 27 is realized.

  In FIG. 17, the hardware security unit of the local clock unit 20 connects the CPU 101, EEPROM 102, RAM 103, power supply unit 104, clocks 105 a and 105 b, input I / F (interface) 106, and output I / F 107 via a bus 108. Configured. The oscillation means 23a and 23b are realized by the clocks 105a and 105b, respectively, but the other means are realized by common hardware.

  FIG. 18 is a diagram illustrating an example of the hardware configuration of the time stamp processing unit 30, the communication unit 50, the time stamp reception / output unit 51, and the display unit 52. In the figure, a hardware security unit 115 as a time stamp processing unit 30 includes a CPU 111, a ROM 112, a RAM 113, a storage unit 114, and a communication control unit of a computer device such as a PC connected to the hardware security unit 115 via a USB or the like. 116, the output I / F 117, the input I / F 118, and the display unit 119 are connected to the bus 121. The hardware security unit 115 includes a CPU 122, a ROM 123, a RAM 124, and an EEPROM 125.

  The CPU 111 reads a system program from the ROM 112 and controls each unit. The RAM 113b includes a work area when the CPU 111 executes various programs. The storage unit 114 is a hard disk or the like, and stores various programs as well as data. The communication control unit 116 controls the output of data to the outside by the output I / F 117 and the input of data from the outside by the input I / F 118, thereby realizing the communication unit 50 of FIG. The display unit 119 is a display device such as a display.

  The CPU 122 reads the program from the ROM 123, decrypts the program 32, the local clock identification number confirmation unit 34, the time stamp issue control unit 36, the time audit control unit 37, the time comparison unit 40, the time stamp creation unit 41, the signature unit 42, A time stamp time confirmation unit 43 is realized. The RAM 124 realizes a time A holding unit 35a, a time B holding unit 35b, and a time audit certificate holding unit 39, and the EEPROM 125 implements encrypted time label holding units 33a and 33b and a signature key / certificate holding unit 38. .

  FIG. 19 is a diagram illustrating an example of a hardware configuration of the entire time stamp apparatus 10. In FIG. 16, the output I / Fs 107a and 107b as shown in FIG. 16 are connected to the hardware security unit of the local clock unit 20 as shown in FIG. However, the output I / F 117 and the input I / F 118 are combined as an input / output I / F 120.

  FIG. 20 is a view showing the appearance of a tamper-resistant local timepiece used as the local timepiece unit 20. The tamper-resistant local timepiece has an internal module case in which internal modules consisting of CPU, RAM, EEPROM, oscillator, battery, etc. are packaged with resin, and a signal transmission terminal for inputting external signals to the internal module (initial time setting) And a terminal X and a terminal Y connected to a terminal of a coil wound around the internal module case.

  FIG. 21 is a diagram showing a module configuration of the local clock unit 20. FIG. 21A shows the shape of the coil 1, and FIG. 21B shows the shape of the coil 2. Each of the coil 1 and the coil 2 is one electric wire, and the coil 1 is wound around the inner module, and the coil 2 is wound around the coil 1 in a direction perpendicular to the coil 1. Then, the coil terminal X is connected to one terminal of the coil 1, the other terminal of the coil 1 is connected to one terminal of the coil 2, and the other terminal of the coil 2 is connected to the coil terminal Y. The coil terminal X and the coil terminal Y act as one electric wire. After the coils 1 and 2 are wound in this way, the resin is packaged in an external module case as shown in FIG. 21C, resulting in a module configuration as shown in FIG.

  FIG. 22 is a diagram for explaining unauthorized operation detection of the tamper resistant local timepiece. As shown in the figure, the tips of the coils are respectively connected to two terminals of a switch connected to the CPU. In such a configuration, when the coil is broken, the CPU detects the disconnection and erases the data of the encrypted time label stored in the EEPROM.

Specifically, when the coil is connected from the outside of the internal module in the manufacturing process, the initial disconnected state is 0, the coil connected state is 1, and the coil is broken, and the RAM is 2 Above, the initial state 0 is set, and the EEPROM data is protected. Next, when the coil is connected, the CPU detects the connection and sets state 1 on the RAM. If the CPU detects a break in the state where the state 1 is set on the RAM, the state 2 is set and the data on the EEPROM is erased.
Due to the above mechanism, when the external resin is destroyed and the coil is destroyed for the purpose of unauthorized operation, the encrypted time data on the EEPROM is erased. It becomes possible not to take out.

According to the present embodiment, in order to prevent an undesired time stamp from being continuously issued due to a significant shift in the clock after the audit, an illegal time stamp is issued by performing a check based on the time of the two clocks. You can prevent it from happening.
Further, the local clock of the time stamp apparatus can be set only at the time of shipment, and is not subjected to calibration / correction from the external time, so that it is possible to prevent the time from being tampered with.
Further, since the time label output from the local clock is encrypted, it is impossible to illegally enter a future time in the time stamp processing device. Since the time label of the local clock is encrypted in advance and held in the local clock unit, the local clock does not need a complicated cryptographic processing device. In addition, since the time stamp processing device cannot receive the time received in the past again, it is possible to block the replay attack (observing the encrypted data and transmitting the same content later).
In addition, since the time stamp processing apparatus can issue a time stamp only for the time limit specified by the time audit certificate acquired from the time auditing authority, the time stamp issuing authority depends on the time auditing authority. Therefore, it is possible to prevent a time stamp based on the tampered time from being issued.
Since the time audit certificate is valid while the local clock and time stamp processing device are connected, even if the power supply to the time stamp processing device is cut off, the validity period of the time audit certificate after the power is resupplied If it is within, you can continue issuing time stamps.
In addition, by making the local timepiece detachable, maintenance becomes easy, it is economical, and time accuracy can be guaranteed. And when the local clock replacement timing, that is, several days before the label disappears, when an error occurs in the time comparison, an error is output when the time deviation is out of the allowable range due to the time audit. it can.

[Second Embodiment]
Next, a difference between the second embodiment of the present invention and the first embodiment will be described. In the second embodiment, time A and time B are alternately used for a predetermined number of times or every predetermined time in the time audit request, and the local clock identification number is not confirmed. This is because the time A and the time B are subjected to a time audit by replacing the time A and the time B with the time stamp time and the time for confirmation of the time stamp in the time audit request. This is because it is possible to guarantee that both B and the correct time.

  FIG. 23 is a functional block diagram of the time stamp apparatus 10 according to the present embodiment. The time stamp processing unit 54 of the time stamp device 10 of the present embodiment is different from the first embodiment in that it does not have the local clock identification number confirmation means 34 in the time stamp processing unit 30 of the first embodiment.

FIG. 24 shows an example of data held by the encrypted time label holding means 26a of the local clock unit 20 according to the present embodiment. The encrypted time label holding unit 26b holds similar data. As shown in the figure, the encrypted time label holding means 26a, 26b of the present embodiment associates a time label indicating time information, an encrypted time label corresponding to the time label, and a remaining number of days label. The information attached is retained.
FIG. 25 shows an example of data held by the encrypted time label holding means 33a of the time stamp processing unit 54 according to the present embodiment. The encrypted time label holding unit 33b also holds similar data. As shown in the figure, the encrypted time label holding means 33a, 33b according to the present embodiment associates an encrypted time label with a decrypted time label indicating the time after decrypting the encrypted time label. Information is retained.

In the present embodiment, the transmission data read in step S302 in FIG. 8 and transmitted in step S304 includes information on the encrypted time label A and the remaining number of days label A corresponding to time A. Then, the timepiece identification confirmation process shown in step S405 of FIG. 9 and FIG. 15 is not executed.
Further, either time A or time B may be always used as a time for time stamp.
According to the present embodiment, the processing is simplified as compared with the first embodiment.

[Third Embodiment]
Next, a difference between the third embodiment of the present invention and the first and second embodiments will be described.
FIG. 26 shows a functional block diagram of the time stamp apparatus 10 according to the present embodiment. The time stamp apparatus 10 according to the present embodiment does not have the local clock unit 20, and the time stamp processing unit 55 includes a signal reception unit 31, a decryption unit 32, and an encrypted time label holding unit of the time stamp processing unit 30. Instead of 33a and 33b, the oscillation means 23a and 23b and the time control means 24a and 24b of the local clock unit 20 are provided, and the time A generated by the time control means 24a using the oscillation signal A from the oscillation means 23a is set to the time A A time audit certificate obtained by the time audit control means 37 and a time B hold means 25b that holds the time B generated by the time control means 24b using the oscillation signal B from the oscillation means 23b. The point which correct | amends the time A and the time B based on a letter differs from 1st and 2nd embodiment. Further, since the local clock unit 20 is not provided, the local clock identification number confirmation means 34 is not provided, and the clock normal flags N0 and E0 are not used.

  Specifically, in step S101 in FIG. 6, the time stamp processing unit 55 is initially set at time A and time B (the flag indicating that the initial setting has been completed is not used), and in S102, a fixed period (for example, Every second), the time A generated by the time controller 24a using the oscillation signal A from the oscillator 23a is held in the time A holder 25a, and the time controller 24b receives the oscillation signal B from the oscillator 23b. The time B generated by use is held in the time B holding means 25b. And step S111 is not performed.

In step S121 (FIG. 11), when the time audit control unit 37 of the time stamp processing unit 55 receives the time audit certificate, the time A holding unit 25a receives the time audit certificate due to the time lag indicated by the time audit certificate. The time A held and the time B held in the time B holding means 25b are corrected. Specific processing is shown below.

  FIG. 27 is a detailed flow of the time audit process according to this embodiment, and is executed in place of the time audit process according to the first embodiment shown in FIG. The processing from step S1101 to step S1113 shown in FIG. 27 is the same as the processing from step S601 to step S613 in FIG. Then, after step S1110 or step S1113, time correction processing is performed (step S1114).

FIG. 28 is a detailed flow of the time correction process in step S1114 of FIG. Here, a case where a time audit certificate for time A is received will be described.
In the figure, the time audit control unit 37 acquires OffsetA, which is an audit time error at time A, from the received time audit certificate (step S1201). Further, the time audit control unit 37 includes the audit time in the time audit certificate, the information on the time A held in the time A holding unit 25a, and the information on the time B held in the time B temporary holding unit 25b. Then, OffsetB, which is a time error with respect to the time audit certificate at time B, is calculated (step S1202). The time control unit 24a acquires the time A from the time A temporary holding unit 25a, and sets the time A + 1 + OffsetA acquired at the next oscillation rising timing as the new time A in the time A temporary holding unit 25a (step S1203). Similarly, the time control unit 24b acquires the time B from the time B temporary holding unit 25b, and sets the time B + 1 + OffsetB acquired at the next oscillation rising timing as the new time B in the time B temporary holding unit 25b (step S1). S1204).

  The time correction process when the time audit certificate for time A is received has been described above, but the same applies to the time correction process when the time audit certificate for time B is received. In the case of time correction processing when a time audit certificate for time B is received, time control means 24a, time A temporary holding means 25a, time A holding means 35a, time A, OffsetA, time control means 24b, time B The temporary holding means 25b, the time B holding means 35b, the time B, and OffsetB may be replaced with each other.

  By the above, it is possible to realize a time stamp device with a simple configuration, and in order to prevent an undesirable time stamp from being continuously issued due to a significant shift in the clock after the audit, by checking with the time of the two clocks, It is possible to prevent illegal time stamps from being issued. In addition, the time can be corrected by time audit. Therefore, it is possible to prevent a time stamp based on the tampered time from being issued and to generate a time stamp based on an accurate time.

It is a figure which shows the structure of the time stamp system by the 1st Embodiment of this invention. It is a functional block diagram of the time stamp apparatus by the same embodiment. It is a figure which shows the example of the data which the encryption time label holding | maintenance means of the local clock part by the same embodiment hold | maintains. It is a figure which shows the example of the data which the encryption time label holding means of the time stamp process part by the same embodiment hold | maintains. It is a figure which shows the example of the time stamp control flag which the time stamp issuing control means by the same embodiment hold | maintains. It is a figure which shows the outline | summary processing flow of the time stamp apparatus by the embodiment. It is a figure which shows the time initial setting process flow of the time stamp apparatus by the embodiment. It is a figure which shows the time generation transmission process flow of the time stamp apparatus by the embodiment. It is a figure which shows the time setting process flow of the time stamp apparatus by the embodiment. It is a figure which shows the time comparison processing flow of the time stamp apparatus by the embodiment. It is a figure which shows the time audit process flow of the time stamp apparatus by the embodiment. It is a figure which shows the time audit certificate expiration date check processing flow of the time stamp apparatus by the embodiment. It is a figure which shows the time stamp issuing process flow of the time stamp apparatus by the embodiment. It is a figure which shows the time audit certificate presence / absence confirmation processing flow of the time stamp apparatus by the embodiment. It is a figure which shows the timepiece identification confirmation processing flow of the time stamp apparatus by the embodiment. It is a figure which shows the hardware structural example of the local timepiece part by the embodiment. It is a figure which shows the hardware structural example of the local timepiece part by the embodiment. It is a figure which shows the hardware structural example of the time stamp process part by the embodiment. It is a figure which shows the hardware structural example of the time stamp apparatus by the embodiment. It is a figure which shows the structural example of the tamper resistant local timepiece by the same embodiment. It is a module block diagram of the tamper resistant local timepiece shown in FIG. FIG. 21 is a diagram for explaining unauthorized operation detection of the tamper resistant local timepiece shown in FIG. 20. It is a functional block diagram of the time stamp apparatus by 2nd Embodiment. It is a figure which shows the example of the data which the encryption time label holding means of the local timepiece part hold | maintains by the same embodiment. It is a figure which shows the example of the data which the encryption time label holding means of the time stamp process part by the same embodiment hold | maintains. It is a functional block diagram of the time stamp apparatus by 3rd Embodiment. It is a figure which shows the time audit process flow of the time stamp apparatus by the embodiment. It is a figure which shows the time correction process flow of the time stamp apparatus by the embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 ... Time stamp apparatus 20 ... Local clock part 21 ... Time setting means 22a, 22b ... Independent power supply means 23a, 23b ... Oscillation means (1st oscillation part, 2nd oscillation part)
24a, 24b ... time control means (first time control unit, second time control unit)
25a ... Time A temporary holding means 25b ... Time B temporary holding means 26a, 26b ... Encrypted time label holding means 27 ... Signal transmission means (signal transmission section)
30, 54, 55 ... Time stamp processing unit 31 ... Signal receiving unit 32 ... Decoding unit (time acquisition unit)
33a, 33b ... encryption time label holding means (first encryption time holding unit, second encryption time holding unit)
34 ... Local clock identification number confirmation unit 35a ... Time A holding unit 35b ... Time B holding unit 36 ... Time stamp issue control unit 37 ... Time audit control unit (time audit control unit)
38 ... Signature key / certificate holding means 39 ... Time audit certificate holding means 40 ... Time comparison means 41 ... Time stamp creating means (time stamp creating section)
42 ... Signature means 43 ... Time stamp time confirmation means 50 ... Communication means 51 ... Time stamp reception / output means 52 ... Display means 70 ... Time audit station system 80 ... Client terminal

Claims (10)

A first oscillating unit and a second oscillating unit for generating an oscillation signal having a constant period;
A first time control unit that generates a time for time stamp from the oscillation signal generated by the first oscillation unit;
A second time control unit for generating a confirmation time from the oscillation signal generated by the second oscillation unit;
The time when the time stamp time information generated by the first time control unit is transmitted to the time audit station system, and the time audit certificate data corresponding to the transmitted time information is received and written into the time audit certificate holding unit An audit control unit;
A time audit certificate that receives a time stamp request from the client terminal and stores the time stamp time generated by the first time control unit when the time stamp request is received in the time audit certificate holding unit When it is within the expiration date obtained from the data and an error between the time for the time stamp and the confirmation time generated by the second time control unit satisfies a predetermined condition for determining that the time is correct In addition, a time stamp generating unit that generates time stamp data based on the time for the time stamp and sends it back to the client terminal;
A time stamp device comprising: The transmission data including encrypted time stamp time information obtained by encrypting the time stamp time generated by the first time control unit and the confirmation time generated by the second time control unit are encrypted. A signal transmission unit that outputs transmission data including information on the encryption confirmation time;
A time acquisition unit that decrypts the time stamp time information from the encryption time stamp time set in the transmission data and the time information for confirmation from the encryption confirmation time;
The time stamp apparatus according to claim 1. A first encryption time holding unit for holding information in which a time stamp time and an encryption time stamp time are associated with each other;
A second encryption time holding unit that holds information in which the confirmation time and the encryption confirmation time are associated with each other;
The signal transmission unit corresponds to the confirmation time generated by the second time control unit with the information of the encrypted time stamp time corresponding to the time stamp generated by the first time control unit. Reading the confirmation time information from the encryption time holding unit and outputting the transmission data;
The time stamp apparatus according to claim 2, wherein:   2. The time stamp apparatus according to claim 1, wherein the time audit control unit corrects the time for time stamp based on time lag information indicated by the received time audit certificate data.   A state in which the first time control unit generates the time for the time stamp, the second time control unit generates the time for the confirmation, and the second time control unit generates the time for the time stamp. 5. The time stamp device according to claim 1, wherein a state in which the first time control unit generates the confirmation time is switched by a predetermined time. 6.   6. The time stamp apparatus according to claim 1, wherein the time stamp creating unit generates time stamp data further setting the time audit certificate data.   A computer device connected to the client terminal via a network, the first oscillation unit, the second oscillation unit, the first time control unit, the second time control unit, and the time audit control unit The time stamp apparatus according to claim 1, further comprising: a hardware security module including the time stamp creation unit.   The time stamp apparatus according to claim 1, wherein the time stamp apparatus is a hardware security module connected to the client terminal by a connector. A time stamp method used in a time stamp device,
The first oscillating unit and the second oscillating unit generate an oscillation signal having a constant period,
The first time control unit generates a time for time stamp from the oscillation signal generated by the first oscillation unit,
The second time control unit generates a confirmation time from the oscillation signal generated by the second oscillation unit,
The time audit control unit transmits the time stamp time information generated by the first time control unit to the time audit station system, receives the time audit certificate data for the transmitted time information, and receives the time audit certificate. Write in the letter holding department,
The time stamp generating unit receives a time stamp request from the client terminal, and the time stamp time generated by the first time control unit when the time stamp request is received is stored in the time audit certificate holding unit. It is determined that the time is within the validity period obtained from the time audit certificate data and the error between the time for the time stamp and the confirmation time generated by the second time control unit is correct. When a predetermined condition is satisfied, time stamp data is generated according to the time for the time stamp, and returned to the client terminal.
A time stamp method characterized by that.   A state in which the first time control unit generates the time for the time stamp, the second time control unit generates the time for the confirmation, and the second time control unit generates the time for the time stamp. The time stamp method according to claim 9, wherein the state in which the first time control unit generates the confirmation time is switched by a predetermined time.

Images