JP2010087702A - Imaging apparatus, imaging method, control program and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To enhance the reliability of images in an electronic imaging apparatus capable of detecting the alteration of photographed images. <P>SOLUTION: The imaging apparatus includes an encryption processing part 162 for encrypting information relating to acquired image information and generating an electronic signature, and a condition determination part 165 for determining the using propriety of a key used for generating the electronic signature by the encryption processing part. The encryption processing part 162 generates the electronic signature according to a determined result by the condition determination part 165. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an imaging device, an imaging method, a control program, and a recording medium, and more particularly to detection of alteration of image information generated by the imaging device.

  2. Description of the Related Art In recent years, electronic imaging devices such as digital cameras that record optically captured images electronically have become widespread. In such an electronic imaging apparatus, a method for detecting falsification of recorded image data is known (for example, see Patent Document 1). In the technique disclosed in Patent Document 1, an encryption / decryption method using a public key and a secret key is used.

Specifically, the checksum of the image data generated by imaging is encrypted with a secret key to generate encrypted data. Then, the tampering of the image data is detected by comparing the data obtained by decrypting the encrypted data with the public key and the checksum of the image data.
Japanese Patent Laid-Open No. 11-215452

  The technique disclosed in Patent Document 1 can be applied to, for example, construction sites and crime investigation site photos. If it is proved that the image data generated by photographing the site is not falsified, the reliability as evidence is improved.

  However, even if it is proved that the image data has not been tampered with, the proof may be insufficient. For example, when photographing a construction site or crime scene, even if it is proved that the image has not been tampered with, it is not possible to prove whether the generated image data is truly an image of the site. That is, it is not possible to detect impersonation by photographing different sites.

  The present invention has been made in view of the above circumstances, and an object thereof is to improve the reliability of an image in an electronic imaging device capable of detecting tampering of a captured image.

  In order to solve the above-described problem, the invention described in claim 1 is an electronic imaging apparatus capable of generating an electronic signature for detecting falsification of image information generated by imaging, and is based on optical information. An image generation unit that generates the electronic signature by encrypting information related to image information generated by the image capture unit, and a key used when the electronic signature generation unit generates the electronic signature And a key availability determination unit that determines whether or not the key can be used, and the electronic signature generation unit generates the electronic signature according to a determination result by the key availability determination unit.

  According to a second aspect of the present invention, in the electronic imaging apparatus according to the first aspect, the key availability determination unit is configured to perform the key based on information on a current date and time and a condition on a date as a key usage condition. It is characterized by determining whether or not the key can be used.

  According to a third aspect of the present invention, in the electronic imaging apparatus according to the first or second aspect, the key availability determination unit is based on information on a current position and a condition on a position as a use condition of the key. And determining whether or not the key can be used.

  According to a fourth aspect of the present invention, in the electronic imaging apparatus according to the third aspect of the present invention, the electronic imaging device further includes a wireless communication unit that performs communication via a wireless network, and the key availability determination unit includes the wireless communication unit. Determining whether or not the key can be used based on whether or not can be connected to a specific wireless network.

  Further, the invention according to claim 5 is the electronic imaging device according to claim 3 or 4, further comprising a radio wave receiver for receiving broadcast radio waves, wherein the radio wave receiver is Whether or not the key can be used is determined based on whether or not a specific radio wave can be received.

  According to a sixth aspect of the present invention, in the electronic imaging apparatus according to any one of the first to fifth aspects, the key storage unit stores a key used when the electronic signature generation unit generates the electronic signature. And a key erasure unit for erasing the key information stored in the key storage unit according to the determination result by the key availability determination unit.

  In addition, in the electronic imaging device according to claim 6, the key availability determination unit is configured to perform the key usage determination based on information on a current date and time and a date and time limit as a key usage condition. The key erasure unit determines whether or not the key can be used, and the key erasure unit erases the key information when the current date and time has passed the expiration date and time as a result of the determination by the key use and non-use determination unit. And

  The invention according to claim 8 is the electronic imaging apparatus according to any one of claims 1 to 7, wherein the use of a key indicates whether or not a key used when the electronic signature generation unit generates the electronic signature can be used. A key usability information storage unit storing information, and a key usability instruction unit for storing the key usability information in the key usability information storage unit according to a determination result by the usability determination unit. The electronic signature generation unit generates the electronic signature when the key use permission / inhibition information indicates permission to use the key.

  Further, in the electronic imaging device according to claim 8, the key usability determination unit may determine the key based on information on a current position and a position range as a use condition of the key. When the current position is out of the position range as a result of the determination by the key use permission determination section, the key use permission instruction section stores the key use permission information storage section in the key use permission information storage section. Information indicating that use is impossible is stored.

  According to a tenth aspect of the present invention, in the electronic imaging apparatus according to any one of the first to ninth aspects, the key storage unit stores a key used when the electronic signature generation unit generates the electronic signature. And a key editing unit that edits key information stored in the key storage unit when the key use determination unit determines that the key cannot be used. The generation unit generates the electronic signature using the key with the edited information.

  In the electronic imaging device according to claim 10, the key editing unit edits the key information by inverting the bits constituting the key information. It is characterized by.

  The invention according to claim 12 is the electronic imaging apparatus according to claim 10, wherein the key editing unit edits the key information by encrypting the key information. To do.

  According to a thirteenth aspect of the present invention, in the electronic imaging apparatus according to any one of the first to twelfth aspects, a key acquisition unit that acquires key information used when generating the electronic signature from a portable storage medium. Further, the electronic signature generation unit generates the electronic signature using a key acquired from the portable storage medium.

  The invention according to claim 14 is the electronic imaging device according to claim 13, wherein the key acquisition unit determines that the key can be used by the key availability determination unit. The key information is obtained from a portable storage medium.

  According to a fifteenth aspect of the present invention, there is provided an electronic imaging system capable of detecting, in another information processing apparatus, alteration of image information generated by imaging by the electronic imaging apparatus, wherein the electronic imaging apparatus is based on optical information. An image capturing unit that generates image information, an electronic signature generation unit that encrypts information related to image information generated by the image capture unit to generate the electronic signature, and the electronic signature generation unit generates the electronic signature. A key availability determination unit that determines whether or not a key used for the key can be used, and the electronic signature generation unit generates the electronic signature according to a determination result by the key availability determination unit, and the other information processing The apparatus includes a falsification detection unit that detects falsification of the image information based on the generated image information and decryption information obtained by decrypting the digital signature.

  The invention according to claim 16 is the electronic image pickup system according to claim 15, wherein the electronic image pickup device is attached to the electronic image pickup device with key information used when generating the electronic signature. The electronic signature generation unit further includes an encryption key acquisition unit that acquires from a portable storage medium, and the electronic signature generation unit generates the electronic signature using an encryption key acquired from the portable storage medium, and the other information processing The apparatus further includes a decryption key obtaining unit that obtains key information used when decrypting the electronic signature, and the tampering detection unit decrypts the electronic signature using the obtained decryption key. Features.

  The invention according to claim 17 is an electronic imaging system in which tampering of image information generated by imaging by the electronic imaging apparatus can be detected by another information processing apparatus, and the electronic imaging apparatus is based on optical information. An image capturing unit that generates image information, an electronic signature generation unit that generates the electronic signature by encrypting information about the image information generated by the image capturing unit, and key information used when generating the electronic signature An encryption key acquisition unit that acquires from a portable storage medium attached to the electronic imaging device, and the other information processing device is based on the generated image information and decryption information obtained by decrypting the electronic signature. The image processing apparatus includes a tampering detection unit that detects tampering of the image information, and a decryption key acquisition unit that acquires key information used when decrypting the electronic signature.

  The invention according to claim 18 is an electronic imaging method capable of generating an electronic signature for detecting falsification of image information generated by imaging, wherein the imaging unit generates image information based on optical information. A key availability determination unit that determines whether or not a key used when generating the electronic signature is generated, and the electronic signature generation unit generates the image information generated according to a determination result by the key availability determination unit. The electronic signature is generated by encrypting information on the electronic signature.

  According to a nineteenth aspect of the present invention, there is provided a control program for causing an information processing apparatus to operate as an electronic imaging apparatus capable of generating an electronic signature for detecting falsification of image information generated by imaging. A step of generating image information based on the information, a step of determining whether or not a key used when generating the electronic signature is usable, and information relating to the generated image information according to a determination result by the key availability determination unit. And causing the information processing apparatus to execute the step of encrypting and generating the electronic signature.

  The invention according to claim 20 is a recording medium, wherein the information processing program according to claim 19 is recorded in a format readable by the information processing apparatus.

  ADVANTAGE OF THE INVENTION According to this invention, it becomes possible to improve the reliability of an image in the electronic imaging device which can detect the alteration of the image | photographed image.

Embodiment 1 FIG.
Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. FIG. 1 is a diagram illustrating an operation mode of the electronic imaging system according to the present embodiment. As shown in FIG. 1, the electronic imaging system according to the present embodiment includes a digital camera 1 that is an electronic imaging device and a client device 2 that is an information processing device. The digital camera 1 is an electronic imaging device that a user carries and captures an image. The client device 2 is an information processing terminal operated by a user, and includes a configuration similar to that of an information processing terminal such as a PC (Personal Computer).

  As shown in FIG. 1, by connecting the digital camera 1 to the client device 2, it is possible to transfer image information captured by the digital camera 1 to the client device 2. In the electronic imaging system according to the present embodiment, it is possible to detect falsification of image information by browsing image information captured by the digital camera 1 using an application installed in the client device 2.

  Next, a hardware configuration of the digital camera 1 according to the present embodiment will be described with reference to FIG. FIG. 2 is a block diagram illustrating a hardware configuration of the digital camera 1 according to the present embodiment. As shown in FIG. 1, the digital camera 1 according to the present embodiment includes the same configuration as an information processing terminal such as a general server or PC. That is, the digital camera 1 according to the present embodiment includes a CPU (Central Processing Unit) 10, a RAM (Random Access Memory) 20, an engine 30, a ROM (Read Only Memory) 40, an NVRAM (Non-Volatile Random Access Memory) 50. An I / F 60 is connected via a bus 90. Further, an LCD (Liquid Crystal Display) 70 and an operation unit 80 are connected to the I / F 60.

  The CPU 10 is a calculation means and controls the operation of the entire digital camera 1. The RAM 20 is a volatile storage medium capable of reading and writing information at high speed, and is used as a work area when the CPU 10 processes information. The engine 30 is an engine that realizes functions as a digital camera such as a lens and a photoelectric conversion element. The ROM 40 is a read-only nonvolatile storage medium and stores a program such as firmware.

  The NVRAM 50 is a non-volatile storage medium capable of reading and writing information, and stores information such as an OS (Operating System), various control programs, application programs, and operation parameters of the application programs. The I / F 60 connects and controls the bus 90 and various hardware and networks. The LCD 70 is a visual user interface that displays a state of the digital camera 1 and an image input to the photoelectric conversion element of the digital camera 1 by the user. The operation unit 80 is a user interface for the user to input information to the digital camera 1 such as an operation button or a shutter button. The client device 2 has a configuration substantially similar to the hardware configuration shown in FIG.

  In such a hardware configuration, a program stored in a recording medium such as a ROM 40, an NVRAM 50, an HDD (Hard Disk Drive) (not shown), an optical disk, or a portable recording medium is read into the RAM 20, and operates according to the control of the CPU 10. Thus, the software control unit is configured. A functional block that realizes the functions of the digital camera 1 according to the present embodiment is configured by a combination of the software control unit configured as described above and hardware.

  Next, a functional configuration of the digital camera 1 according to the present embodiment will be described. FIG. 3 is a block diagram showing a functional configuration of the digital camera 1 according to the present embodiment. As illustrated in FIG. 3, the digital camera 1 according to the present embodiment includes a controller 100, an imaging unit 101, an external I / F 102, an operation unit 103, a display unit 104, and an image information storage unit 105. The controller 100 also includes a main control unit 111, an engine control unit 112, an operation display control unit 113, an image processing unit 114, a communication control unit 115, and an electronic signature control unit 116.

  The imaging unit 101 includes an imaging mechanism such as a zoom lens, a focus lens, a diaphragm, a shutter, an optical film, and a CCD (Charge Coupled Device). An electrical signal generated by the CCD based on the optical information is input to the engine control unit 112 of the controller 100 as imaging information.

  The external I / F 102 is an interface when the digital camera 1 exchanges information with other devices. The external I / F 102 includes, for example, Ethernet (registered trademark), USB (Universal Serial Bus), wireless LAN (Local Area Network), and Bluetooth (registered trademark) interface. The operation unit 103 and the display unit 104 correspond to the operation unit 80 and the LCD 70 described with reference to FIG.

  The image information storage unit 105 is a storage unit that stores image information generated by photographing with the digital camera 1. The image information storage unit 105 is realized by, for example, the NVRAM 50 illustrated in FIG. In addition, the image information storage unit 105 can be realized by a removable portable storage medium. As portable storage media, SD card (registered trademark), magnetic recording media such as magnetic tape, cassette tape and magnetic disk, optical disks such as CD, MO, MD, DVD, PC card, compact flash card (registered trademark), Smart media (registered trademark), IC card, Memory Stick (registered trademark), USB memory, or the like can be used.

  The main control unit 111 plays a role of controlling each unit included in the controller 100, and gives a command to each unit of the controller 100. The engine control unit 112 serves as a driving unit that controls or drives an imaging mechanism included in the imaging unit 101. The operation display control unit 113 inputs operation information input by the user from the operation unit 103 to the main control unit 111. Further, the operation display control unit 113 displays information on the display unit 104 in accordance with a command from the main control unit 111.

  The image processing unit 114 processes the imaging information generated by the imaging unit 101 and input to the engine control unit 112, and generates image information. This image information is information stored in the image information storage unit 105 as a result of the imaging operation. The electronic signature control unit 116 generates an electronic signature of image information stored in the image information storage unit 105. The processing by the electronic signature control unit 116 is one of the gist according to the present embodiment.

  When the digital camera 1 performs a general operation, first, the imaging unit 101 generates imaging information based on the optical information and inputs the imaging information to the engine control unit 112. The main control unit 111 controls the operation display control unit 113 and causes the display unit 104 to display the imaging information acquired from the imaging unit 101 by the engine control unit 112. The user confirms the optical information input to the imaging unit 101 via the display unit 104. Then, the user operates the operation unit 103 to drive the shutter of the imaging unit 101.

  When the shutter is driven according to the operation of the operation unit 103 by the user, the imaging unit 101 inputs imaging information at the time of shutter driving to the engine control unit 112. The engine control unit 112 inputs the acquired imaging information to the image processing unit 114. The image processing unit 114 generates image information based on the acquired imaging information under the control of the main control unit 111. At this time, image information compressed by a JPEG (Joint Photographic Experts Group) method or the like is generated. The main control unit 111 stores the image information generated by the image processing unit 114 in the image information storage unit 105.

  Next, the electronic signature control unit 116 according to the present embodiment will be described in more detail with reference to FIG. As illustrated in FIG. 4, the electronic signature control unit 116 according to the present embodiment includes a hash value calculation unit 161, an encryption processing unit 162, a position information detection unit 163, a date / time information acquisition unit 164, and a condition determination unit 165. In addition, the encryption processing unit 162 includes a key storage unit 166. Further, the condition determination unit 165 has a condition storage unit 167.

  The hash value calculation unit 161 acquires image information from the main control unit 111, and generates a hash value based on the image information. As a hash function for the hash value calculation unit 161 to generate a hash value, MD2 (Message Digest Algorithm 2), MD4 (Message Digest Algorithm 4), MD5 (Message Digest Algorithm 5), SHA (She (She H), SHA Can be used.

  The encryption processing unit 162 encrypts the hash value generated by the hash value calculation unit 161 using the secret key stored in the key storage unit 166. Thus, the information generated by encrypting the hash value becomes the electronic signature of the image information. The position information detection unit 163 acquires information on the current location of the digital camera 1 by a GPS (Global Positioning System) function. The position information detection unit 163 inputs the acquired current location information to the condition determination unit 165.

  The date / time information acquisition unit 164 acquires information on the current time set in the digital camera 1. Note that the current time information acquired by the date / time information acquisition unit 164 is preferably configured so that it cannot be adjusted by the user. The date / time information acquisition unit 164 may acquire time information from an NTP (Network Time Protocol) server via a network. The date / time information acquisition unit 164 inputs the acquired date / time information to the condition determination unit 165.

  The condition determination unit 165 compares the current location information input from the position information detection unit 163 and the date information input from the date information acquisition unit 164 with the condition information stored in the condition storage unit 167, and the key storage unit 166. It is determined whether or not the key stored in is usable. The process by the condition determination unit 165 is one of the gist according to the present embodiment.

  The key storage unit 166 is a storage unit that stores a key for the encryption processing unit 162 to encrypt the hash value. The key stored in the key storage unit 166 is a secret key in the RSA encryption method. FIG. 5 shows an example of information stored in the key storage unit 166. As shown in FIG. 5, the key storage unit 166 according to the present embodiment stores information on a secret key and a key invalid flag. The key invalid flag is flag information indicating that the use of the secret key by the encryption processing unit 162 is prohibited. That is, the key invalid flag is used as key availability information indicating whether or not a secret key that is an encryption key can be used. Therefore, the key storage unit 166 also functions as a key availability information storage unit.

  The condition storage unit 167 stores information on determination criteria for the condition determination unit 165 to determine whether or not the key stored in the storage unit 166 is usable. FIG. 6 shows an example of information stored in the condition storage unit 167. As shown in FIG. 6, the condition storage unit 167 according to the present embodiment includes key use time limit information and key use area range information.

  The key expiration date information is a condition for the expiration date of the key stored in the key storage unit 166, and is a condition for the date information acquired by the date information acquisition unit 164. The key usage region range information is a condition of the key usage region stored in the key storage unit 166 and is a condition for the location information acquired by the location information detection unit 163.

  The condition determining unit 165 determines whether or not the key stored in the key storage unit 166 can be used when the digital camera 1 is powered on. With reference to FIG. 7, the operation of the digital camera 1 when the power is turned on will be described. FIG. 7 is a free chart showing the operation of the condition determination unit 165 when the digital camera 1 is powered on. When the digital camera 1 is powered on (S701), the condition determination unit 165 determines a date / time condition (S702).

  In step S <b> 702, the condition determination unit 165 acquires current date / time information from the date / time information acquisition unit 164, and compares the current date / time information with key usage time limit information stored in the condition storage unit 167. If the current date and time exceeds the key usage time limit (S702 / YES), the condition determination unit 165 deletes the secret key stored in the key storage unit 166 (S703), and ends the process. That is, the condition determination unit 165 functions as a key availability determination unit and a key deletion unit.

  On the other hand, if the current date and time is within the key usage time limit (S702 / NO), then the condition determination unit 165 determines the position condition (S704). In step S <b> 704, the condition determination unit 165 acquires current position information from the position information detection unit 163, and compares the current position information with key usage region range information stored in the condition storage unit 167. If the current position is outside the key use area range (S704 / YES), the condition determination unit 165 sets the key invalid flag to ON in the key storage unit 166 (S705). Here, the condition determination unit 165 functions as a key use permission determination unit and a key use permission instruction unit.

  If the current position is within the key use area range (S704 / NO), the process is terminated as it is. In the case where the current position is within the key use area range, if the key invalid flag is on, it is turned off. With this process, the process when the digital camera 1 according to this embodiment is turned on is completed.

  In the present embodiment, as shown in FIG. 7, when the date / time condition is not satisfied, the condition determination unit 165 erases the key stored in the key storage unit 166. As a result, the encryption processing unit 162 cannot encrypt the hash value generated by the hash value calculation unit 161 and cannot generate an electronic signature.

  Also, as shown in FIG. 7, when the position condition is not satisfied, the condition determination unit 165 sets the key invalid flag to ON, and the key stored in the key storage unit 166 with respect to the encryption processing unit 162. Is prohibited. As a result, as described above, the encryption processing unit 162 cannot generate an electronic signature.

  If the position condition is not satisfied, the position condition may be satisfied again when the user moves the position. Therefore, the condition determination unit 165 does not erase the secret key, but sets the key invalid flag to Prohibit signature generation. On the other hand, if the date / time condition is not satisfied, the date / time condition is not satisfied again unless a new date / time condition is set in the condition storage unit 167, so the condition determination unit 165 is stored in the key storage unit 166. Erase the private key. This makes it impossible to generate an electronic signature unless a new secret key is stored in the key storage unit 166, so that the purpose of generating an electronic signature only under specified conditions can be completely achieved. .

  Next, the imaging operation by the digital camera 1 according to the present embodiment will be described. FIG. 8 is a flowchart showing the imaging operation of the digital camera 1 according to this embodiment. When the operation unit 103 receives an imaging operation (S801) by the user, the image processing unit 114 generates image information by the above-described processing (S802). The main control unit 111 inputs the image information generated by the image processing unit 114 to the electronic signature control unit 116.

  In the electronic signature control unit 116, the hash value calculation unit 161 acquires image information from the main control unit 111. The hash value calculation unit 161 generates a hash value based on the acquired image information (S803). The hash value calculation unit 161 inputs the generated hash value to the encryption processing unit 162.

  When the hash value is acquired from the hash value calculation unit 161, the encryption processing unit 162 determines whether the key stored in the key storage unit 166 is usable (S804). In S804, the encryption processing unit 162 determines whether or not the key can be used based on whether or not the private key is stored in the key storage unit 166 and whether or not the key invalid flag is on. When the secret key is erased by the condition determination unit 165 or the key invalid flag is turned on by the processing of FIG. 7, the encryption processing unit 162 determines that the key is unusable.

  When determining that the key is usable (S804 / YES), the encryption processing unit 162 encrypts the hash value acquired from the hash value calculation unit 161 using the secret key stored in the key storage unit 166, An electronic signature is generated (S805). As described above, the encryption processing unit 162 generates an electronic signature in accordance with the determination result of the condition determination unit that functions as the key availability determination unit. That is, the hash value calculation unit 161 and the encryption processing unit 162 function together as an electronic signature generation unit. The encryption processing unit 162 inputs the generated electronic signature to the main control unit 111.

  On the other hand, if the encryption processing unit 162 determines that the key is not usable (S804 / NO), the encryption processing unit 162 inputs a notification (not-signed notification) indicating that an electronic signature is not generated to the main control unit 111. (S807). When the main control unit 111 acquires the electronic signature or the no-title notification from the electronic signature control unit 116, the main control unit 111 stores the image information generated in S802 in the image information storage unit 105 (S806). At this time, when an electronic signature is acquired, the main control unit 111 assigns and stores the electronic signature to the image information. By such processing, the imaging operation of the digital camera 1 according to the present embodiment is completed.

  Next, an operation when browsing image information stored in the image information storage unit 105 of the digital camera 1 using an application installed in the client apparatus 2 will be described. FIG. 9 is a block diagram illustrating a functional configuration of the application 200 installed in the client device 2 according to the present embodiment.

  As illustrated in FIG. 9, the application 200 according to the present embodiment includes an image information acquisition unit 201, a hash value calculation unit 202, an electronic signature acquisition unit 203, a decryption processing unit 204, an electronic signature determination unit 206, and a display information generation unit 207. Have The decryption processing unit 204 includes a key storage unit 205. Each configuration shown in FIG. 9 is configured in the client device 2 when a program loaded in the RAM operates according to the control of the CPU.

  The image information acquisition unit 201 acquires image information stored in the image information storage unit 105 of the digital camera 1 via the external I / F 102 of the digital camera 1 and the external I / F of the client device. The image information acquisition unit 201 inputs the acquired image information to the hash value calculation unit 202. Also, the image information acquisition unit 201 inputs an electronic signature attached to the acquired image information to the electronic signature acquisition unit 203.

  The hash value calculation unit 202 generates a hash value based on the image information input from the image information acquisition unit 201. The algorithm used when the hash value calculation unit 202 generates a hash value is the same algorithm as the hash value calculation unit 161. The hash value calculation unit 202 inputs the generated hash value to the electronic signature determination unit 206.

  The electronic signature acquisition unit 203 acquires an electronic signature attached to the image information input from the image information acquisition unit 201. The electronic signature acquisition unit 203 inputs the acquired electronic signature to the decryption processing unit 204. The decryption processing unit 204 decrypts the electronic book name acquired from the electronic signature acquisition unit 203 using the public key stored in the key storage unit 205. The decryption processing unit 204 inputs information generated by decryption to the electronic signature determination unit 206. As described above, the electronic signature is information obtained by encrypting a hash value of image information with a secret key. That is, the information generated by the decoding processing unit 204 by the decoding process (hereinafter referred to as decoding information) is basically the same information as the hash value of the image information.

  The key storage unit 205 is a storage unit that stores a key for the decryption processing unit 104 to decrypt the electronic signature. The key stored in the key storage unit 205 is a public key in the RSA encryption method. This public key is a public key corresponding to the secret key stored in the key storage unit 166 of the digital camera 1.

  The electronic signature determination unit 206 compares the hash value generated by the hash value calculation unit 202 with the decryption information, and determines whether or not the electronic signature is valid. As described above, in principle, the decryption information is the same information as the hash value of the image information. Accordingly, when the hash value acquired from the hash value calculation unit 202 matches the decryption information, the electronic signature determination unit 206 determines that the electronic signature is valid.

  The display information generation unit 207 generates display information for displaying the image information acquired by the image information acquisition unit on the LCD 70 of the client device 2. The display information generation unit 207 generates information for displaying information indicating validity / invalidity of the electronic signature of each image based on the determination result of the electronic signature determination unit 206.

  Next, the operation of the application 200 according to the present embodiment will be described with reference to FIG. FIG. 10 is a flowchart illustrating an operation when the application 200 displays image information acquired from the digital camera 1. As shown in FIG. 10, first, the image information acquisition unit 201 of the application 200 acquires image information (S1001). As described above, when the digital camera 1 is connected to the client device 2 via the USB, image information is input to the client device 2 and the image information acquisition unit 201 acquires the image information. In addition, the image information may be input to the client device 2 via a portable storage medium or the like. Note that the image information acquired in S1001 includes an electronic signature added to the image information.

  When the image information acquisition unit 201 acquires image information, the hash value calculation unit 202 generates a hash value based on the image information (S1002). The hash value calculation unit 202 inputs the generated hash value to the electronic signature determination unit 206.

  When an electronic signature is added to the image information acquired by the image information acquisition unit 201 (S1003 / YES), the electronic signature acquisition unit 203 acquires the attached electronic signature. The electronic signature acquisition unit 203 inputs the electronic book name acquired in this way to the decryption processing unit 204.

  The decryption processing unit 204 decrypts the electronic signature using the public key stored in the key storage unit 205 (S1004), and generates decryption information. The decryption processing unit 204 inputs the generated decryption information to the electronic signature determination unit 206.

  When the electronic signature determination unit 206 acquires the hash value and the decryption information from the hash value calculation unit 202 and the decryption processing unit 204, respectively, the electronic signature determination unit 206 determines whether or not they match (S1005). That is, the electronic signature determination unit 206 functions as a tampering detection unit. When the hash value and the decryption information match (S1005 / YES), the electronic signature determination unit 206 inputs a notification indicating that the electronic signature is valid (hereinafter referred to as a valid notification) to the display information generation unit 207 ( S1006).

  The display information generation unit 207 generates image information acquired by the image information acquisition unit 201 and display information for displaying that the image information has not been falsified based on the validity notification acquired from the electronic signature determination unit 206. (S1007), the process ends.

  On the other hand, when an electronic signature is not attached to the image information acquired by the image information acquisition unit 201 (S1003 / NO), the electronic signature acquisition unit 203 notifies that no electronic signature is attached (hereinafter, there is no title). The notification is input to the electronic signature determination unit 206 (S1009). In this case, the display information generation unit 207 generates display information for displaying only the image information acquired by the image information acquisition unit 201 (S1007), and ends the process.

  If the hash value obtained by the hash value calculation unit 202 and the decryption information obtained from the decryption processing unit 204 do not match (S1005 / NO), the electronic signature determination unit 206 determines that the electronic signature is invalid. The notification to be displayed (hereinafter referred to as invalid notification) is input to the display information generation unit 207 (S1008). In this case, the display information generation unit 207 generates image information acquired by the image information acquisition unit 201 and display information for displaying that the image information has been tampered with (S1007), and ends the process.

  By such processing, image information and information indicating whether or not the image information has been tampered with are displayed on the LCD 70 of the client device 2 as a GUI (Graphical User Interface) of the application 200. When there are a plurality of images, display information for displaying the plurality of images is generated by repeating the process shown in FIG. 10 a plurality of times.

  FIG. 11 shows an example of the GUI of the application 200 according to this embodiment. As shown in FIG. 11, in the GUI of the application 200 according to the present embodiment, image information generated by the digital camera 1 is displayed on the thumbnail. For each piece of image information, information indicating whether or not tampering has been detected is displayed in the upper left portion of the image.

  As shown in FIG. 11, in this embodiment, “OK”, “NG”, and no display indicate whether or not tampering is detected. The display of “OK” indicates a case where the attached electronic signature is valid and no alteration has been detected. The display of “NG” indicates that the electronic signature is not attached when the attached electronic signature is invalid and there is no display on the upper left, which indicates a possibility of falsification.

  In the present embodiment, as described with reference to FIG. 7, when the use condition of the secret key is not satisfied, the secret key is set to be erased or disabled. Then, as described in FIG. 8, the electronic signature is not generated. Therefore, the image information shot and generated in a state where the use condition of the secret key is not satisfied is in a state of no display in which neither “OK” nor “NG” is displayed on the upper left of the image in the GUI of FIG. That is, the display cannot guarantee whether the image has been tampered with.

  On the other hand, when “OK” is displayed in the GUI of FIG. 11, the image is guaranteed that the use condition of the secret key is satisfied at the time of photographing by the digital camera 1. That is, in the electronic imaging system configured by the digital camera 1 and the application 200 according to the present embodiment, in addition to the image not being tampered with, a predetermined condition, that is, the secret key It can also be guaranteed that the conditions of use are met.

  As described above, the digital camera 1 according to the present embodiment can improve the reliability of an image in addition to being able to detect alteration of a captured image.

  In the description of the above embodiment, the hash value calculation unit 161 and the hash value calculation unit 202 calculate a hash value based on the image information. However, the information to be generated by the hash value calculation unit 161 and the hash value calculation unit 202 is information generated based on image information, that is, information on image information, and the same information is generated from different image information. It is difficult and small information. Therefore, it does not have to be a hash value, and an error detection code by a checksum or CRC (Cyclic Redundancy Check) method may be generated in addition to the hash value.

  In the description of the above embodiment, as described with reference to FIG. 7, when the digital camera 1 is turned on, the condition determination unit 165 determines the use condition of the secret key. Thereby, the determination of the use condition of the secret key can be completed together with the activation process. On the other hand, the processing shown in FIG. 7 may be executed other than when the power is turned on. As the timing for executing the processing shown in FIG. 7, for example, the period between S801 and S803 shown in FIG. 8 can be considered. That is, if the process of FIG. 7 is performed after the shutter operation is performed by the user and before the process of S804 is performed, the same effect as described above can be obtained.

Embodiment 2. FIG.
In the first embodiment, as described with reference to FIG. 7, the example in which the use of the secret key is prohibited by turning on the key invalid flag when the position condition is not satisfied has been described. In the present embodiment, an example will be described in which the secret key is erased even when the position condition is not satisfied, in order to more surely prohibit the use of the secret key. In addition, about the structure which attaches | subjects the same code | symbol as Embodiment 1, it abbreviate | omits detailed description which shows the same or an equivalent part.

  FIG. 12 is a block diagram showing a functional configuration of the digital camera 1 according to the present embodiment. As shown in FIG. 12, the digital camera 1 according to the present embodiment has a configuration substantially the same as the configuration of the first embodiment described in FIG. 3, and the configuration of the first embodiment is that a card slot 106 is provided. And different. The card slot 106 is an interface for mounting an SD card (registered trademark). The main control unit 111 reads information recorded on the SD card installed in the card slot 106. In this embodiment, an SD card is used as an example of the portable storage medium. However, the portable card is connected by another portable storage medium or a wireless communication medium connected via the external I / F 102. A storage medium may be used.

  The digital camera 1 according to the present embodiment has a function of reading a secret key from a portable storage medium attached to the card slot 106 and storing it in the key storage unit 166 of the encryption processing unit 162. Thereby, even after the secret key is erased from the key storage unit 166, it is possible to store the secret key in the key storage unit 166 again and generate an electronic signature.

  The digital camera 1 according to the present embodiment reads out the secret key from the card slot 106 when the power is turned on. With reference to FIG. 13, the operation of the digital camera 1 according to this embodiment when the power is turned on will be described. As shown in FIG. 13, for S1301 to S1303, processing is executed in the same manner as S701 to S703 in FIG. In the present embodiment, even when the position condition is not satisfied (S1304 / YES), the condition determination unit 165 erases the secret key (S1303), as in the case of the date / time condition. Thereby, the use of the secret key can be surely prohibited.

  When the position condition is satisfied (S1304 / NO), the encryption processing unit 162 checks whether or not the secret key is stored in the key storage unit 166 (S1305). When the secret key is stored in the key storage unit 166 (S1305 / NO), the key is used as it is, so the processing is ended as it is.

  On the other hand, when the secret key is not stored in the key storage unit 166 (S1305 / YES), the encryption processing unit 162 inputs a request for reading the secret key from the portable storage medium to the main control unit 111. The main control unit 111 confirms the state of the card slot 106 and confirms whether or not an SD card (registered trademark), which is a portable storage medium, is mounted (S1306).

    If no SD card (registered trademark) is inserted in the card slot 106 (S1306 / NO), the process is terminated. In this case, since the private key is not stored in the key storage unit 166, the encryption processing unit 162 cannot generate an electronic signature. When an SD card (registered trademark) is installed in the card slot 106 (S1306 / YES), the main control unit 111 controls the operation display control unit 113 to request the user ID and password authentication information from the user. Is displayed on the display unit 104. The user operates the operation unit 103 to input authentication information. The main control unit 111 acquires authentication information input by the user via the operation display control unit 113 (S1307).

  If the authentication information passes in the authentication information acquired in S1307 (S1308 / YES), the main control unit 111 reads the secret key from the SD card (registered trademark) installed in the card slot 106 and stores it in the key storage unit 166. (S1309), and the process ends. As a result, the private key is stored again in the key storage unit 166, and the digital signature can be generated by the encryption processing unit 162. That is, the main control unit 111 and the electronic signature control unit 116 function as a key acquisition unit that reads information on the encryption key from the portable storage medium.

  On the other hand, when the authentication is not passed (S1308 / NO), the main control unit 111 controls the operation display control unit 113 to display an error notification on the display unit 104 (S1310), and ends the process.

  As described above, in this embodiment, the condition determination unit 165 erases the secret key stored in the key storage unit 166 even when not only the date / time condition but also the position condition is not satisfied. Thereby, unlike the case of setting the key invalid flag as in the first embodiment, it is completely impossible to generate an electronic signature, and the object can be achieved more reliably.

  In addition, when the secret key is deleted because the position condition is not satisfied, the position condition may be satisfied again by the user moving the place. In such a case, if the secret key is erased, an electronic signature cannot be generated even though the position condition is satisfied. As in this embodiment, the secret key is read from the SD card (registered trademark) inserted in the card slot 106 and stored in the key storage unit 166, so that the above problem can be solved.

  In this embodiment, when reading out a secret key from an SD card (registered trademark), authentication is performed using a user ID and a password, as shown in S1307 and S1308 in FIG. Accordingly, it is possible to solve the problem that the secret key obtained illegally is stored in the key storage unit 166 of the digital camera 1.

  Further, in the electronic imaging system according to the present embodiment, it is possible to solve the security problem of the secret key. Conventionally, when a plurality of digital cameras 1 as shown in FIG. 3 or FIG. 12 are produced, the secret key stored in the key storage unit 166 has been used in common for all the digital cameras 1. The reason is that if different secret keys are used for each individual, it is necessary to manage the public key corresponding to each secret key on the application 200 side, and it becomes difficult to manage the keys.

  However, when the same secret key is used for each solid, there is a problem that the reliability of the system is lowered. For example, if a private key stored in the key storage unit 166 is illegally taken out by disassembling one solid, etc., it is synonymous with the disclosure of the private key stored in all solids, and it has been altered. This is because it can no longer be guaranteed.

  On the other hand, as in the digital camera 1 according to the present embodiment, when the private key is read from the SD card (registered trademark) and registered in the key storage unit 166, and an electronic signature can be generated using the secret key, Each user can independently generate and use a private key and a public key. Therefore, even if the secret key of the digital camera 1 used by another user is leaked, the secret key used by the user is not invalidated, and the reliability of the system can be maintained. . Further, by making it possible to rewrite the secret key, when the leakage of a certain secret key is reflected, the reliability of the system can be maintained by rewriting it with another secret key. In such a case, it is necessary to store the generated public key in the key storage unit 205 of the application 200. That is, the application 200 functions as a decryption key information acquisition unit.

  In the above embodiment, as shown in S1303 of FIG. 13, the case where the secret key is erased when each condition is not satisfied has been described. However, when the digital camera 1 is turned off, the secret key is erased and the power is turned on. It may be read from the SD card (registered trademark) every time. Such an aspect can be realized when the electronic signature control unit 116 initializes the key storage unit 166 when the user performs a power-off operation. In addition, the key storage unit 166 can be easily realized by configuring it with a volatile storage medium.

Other embodiments.
In the first and second embodiments, the example in which the date / time condition and the position condition are used as the secret key use condition has been described. In addition, various conditions are conceivable as conditions for using the secret key. For example, when the use of a secret key is permitted only within a range that can be connected to a predetermined wireless LAN (Local Area Network), the secret key may be acquired via the wireless LAN when the digital camera 1 is activated. . An example of operation in such a case will be described with reference to FIG. The functional configuration of the digital camera 1 main body is substantially the same as the configuration shown in FIG. 3 or FIG.

  FIG. 14 is a flowchart showing an operation when the digital camera 1 is turned on in the aspect using the wireless LAN. As shown in FIG. 14, when the power is turned on to the digital camera 1 (S1401), the main control unit 111 controls the communication control unit 115 so that the external I / F 102 can connect to a predetermined access point via the wireless LAN. Access is made (S1402). That is, the external I / F 102 of the digital camera 1 according to this embodiment functions as a wireless communication unit having a wireless LAN function.

  When access to a predetermined access point is possible (S1402 / YES), the main control unit 111 executes an authentication process for obtaining a secret key (S1403). In S1403, authentication information stored in advance in the digital camera 1 may be used, or authentication processing may be executed using authentication information input by the user.

  When the authentication is passed (S1403 / YES), the digital camera 1 controls the communication control unit 115 to download and obtain a secret key from a server or storage medium connected via the wireless LAN, and the key storage unit 166. (S1404) and the process is terminated. In addition, since it is not preferable in terms of security to transmit and receive the secret key as it is, it is preferable to take measures such as encryption as appropriate in S1404.

  If the connection to the access point is impossible (S1404 / NO), the main control unit 111 does not have a range where the secret key can be used, that is, a range that can be connected to a specific wireless LAN. 113, the notification that the generation of the electronic signature is impossible is displayed on the display unit 104 (S1406), and the process is terminated.

  If the authentication fails (S1403 / NO), the digital camera 1 or the user does not have a legitimate authority to use the secret key, and thus cannot obtain the secret key. It is. In this case, the main control unit 111 controls the operation display control unit 113 to display an error notification on the display unit 104 (S1405), and ends the process.

  Through such processing, the digital camera 1 can generate an electronic signature only within a range that can be connected to a specific wireless LAN. In FIG. 14, the processing when the digital camera 1 is turned on has been described. However, the processing may be executed at other timing. For example, it may be when the user performs a shutter operation, or may be re-detection when the external I / F 102 detects the connection with the wireless LAN.

  Also, as shown in FIG. 14, after executing the process at the time of power-on and acquiring a secret key, when generating image information by a shutter operation by the user, the connection state with the wireless LAN is also confirmed, and an electronic signature is obtained. It is preferable to determine whether it can be generated. As a result, the effect of generating an electronic signature only when connected to a wireless LAN can be obtained more reliably.

  In the example illustrated in FIG. 14, when the external I / F 102 detects disconnection from the wireless LAN, the main control unit 111 controls the electronic signature control unit 116 and is stored in the key storage unit 166. It is preferable to delete the secret key. As a result, the effect of generating an electronic signature only when connected to a wireless LAN can be obtained more reliably.

  In the example of FIG. 14, the wireless LAN has been described as an example, but the same effect can be obtained by applying the wireless communication technology. As a wireless communication technique, Bluetooth or the like can be considered. Further, in the example of FIG. 14, the example in which the secret key is acquired via the wireless LAN has been described. However, as in the case of the position condition in the first embodiment, the secret key invalid flag is turned on / off. Even if it exists, it is applicable.

  When the invalid flag is used, it is not necessary to acquire a secret key through communication, so it is possible to use broadcast radio waves. For example, radio broadcast radio waves and television broadcast electric fields have different radio waves that can be received in each region. Therefore, the same effect as described above can be obtained by processing the invalid flag so that the private key can be used only when a specific radio wave can be received. In this case, the external I / F 102 functions as a radio wave receiving unit having a function of receiving radio waves.

  Further, a mode in which the key invalidation flag of the key storage unit 166 is processed by causing the digital camera 1 to read predetermined information is also conceivable. For example, a mode in which the key invalidation flag of the key storage unit 166 is processed by imaging encoded information such as a barcode or a QR code (registered trademark) by the imaging unit 101 can be considered. An operation example of such an embodiment will be described with reference to FIG.

  As shown in FIG. 15, when encoding information (hereinafter referred to as a code) is acquired by imaging by the imaging unit 101 and image processing by the image processing unit 114 (S1501), the main control unit 111 determines that the acquired code is a secret key. Whether the code is valid (hereinafter referred to as a valid code) or invalid (hereinafter referred to as invalid code) (S1502).

  If the acquired code is a valid code (S1502 / YES), the main control unit 111 controls the electronic signature control unit 116 to check the current state of the key invalid flag (S1503). When the key invalidation flag is on, the main control unit 111 controls the electronic signature control unit 116 to turn off the key invalidation flag, that is, validate the private key (S1504), and terminate the process.

  On the other hand, when the key invalid flag is off, that is, when the secret key is valid, the valid control code is read again with the secret key being valid. Then, the key invalidation flag is turned on, that is, the secret key is invalidated (S1505), and the process ends. When the read code is found to be an invalid code (S1502 / NO), the main control unit 111 also controls the electronic signature control unit 116 to turn on the key invalid flag, that is, invalidate the secret key (S1505). ), The process is terminated.

  In the case of the mode shown in FIG. 15, the user possesses a card or the like on which a valid code and invalid code are displayed in addition to the digital camera 1, and performs the process shown in FIG. 15 according to whether or not an electronic signature is generated. The digital camera 1 is made to execute. Also according to such an aspect, generation of an electronic signature by an unauthorized user can be prevented, and the reliability of the system can be maintained.

  As described with reference to FIG. 15, the same effect can be obtained by reading information such as RFID (Radio Frequency IDentification) in addition to reading encoded information such as a barcode by the imaging unit 101. It becomes. In the case of using RFID, it is also possible to generate a digital signature by storing a secret key on the RFID side and reading the secret key from the RFID.

  Even in such a case, the same effect as described above can be obtained by preparing an RFID for validating the secret key and an RFID for invalidating the secret key. In such a case, it is necessary to provide an RFID reader as the external I / F 102. In addition to the digital camera 1, the user must have a card with a built-in RFID, which can be realized by, for example, an employee ID or a construction permit.

  In the first and second embodiments, the example in which the key invalidation flag is used has been described as an aspect in which generation of an electronic signature is impossible without deleting the secret key stored in the key storage unit 166. In addition, it is possible to change the contents of the key by rewriting the information constituting the secret key so that the electronic authentication process in the application 200 is not correctly authenticated.

  For example, in the example of FIG. 7, when the key invalid flag is turned on in S705, the condition determining unit 165 rewrites the information by inverting the bit information of the secret key stored in the key storage unit 166. . That is, the condition determination unit 165 functions as a key editing unit. As a result, the secret key stored in the key storage unit 166 does not correspond to the public key stored in the key storage unit 205 of the application 200. Therefore, the decryption information generated in S1004 shown in FIG. 10 does not match the hash value of the image information. As a result, the display of the application 200 shown in FIG. 11 is “NG”, which makes it possible to recognize that the electronic signature is invalid.

  When inverting the bit information, it is not necessary to invert all the bit information. In addition to the case of inverting bit information, the same effect can be obtained by encrypting the secret key.

It is a figure which shows the operation | use form of the electronic imaging system which concerns on embodiment of this invention. It is a block diagram which shows the hardware constitutions of the digital camera which concerns on embodiment of this invention. It is a block diagram which shows the function structure of the digital camera which concerns on embodiment of this invention. It is a block diagram which shows the function structure of the electronic signature control part which concerns on embodiment of this invention. It is a figure which shows the information memorize | stored in the condition memory | storage part which concerns on embodiment of this invention. It is a figure which shows the information memorize | stored in the key memory | storage part which concerns on embodiment of this invention. 6 is a flowchart showing an operation at power-on of the digital camera according to the embodiment of the present invention. 4 is a flowchart illustrating an imaging operation of the digital camera according to the embodiment of the present invention. It is a figure which shows the function structure of the application which concerns on embodiment of this invention. It is a flowchart which shows operation | movement of the application which concerns on embodiment of this invention. It is a figure which shows GUI of the application which concerns on embodiment of this invention. It is a figure which shows the function structure of the digital camera which concerns on other embodiment of this invention. It is a flowchart which shows the imaging operation of the digital camera which concerns on other embodiment of this invention. It is a flowchart which shows the operation | movement at the time of power activation of the digital camera which concerns on other embodiment of this invention. It is a flowchart which shows operation | movement of the digital camera which concerns on other embodiment of this invention.

Explanation of symbols

1 Digital Camera 2 Client Device 10 CPU
20 RAM
30 Engine 40 ROM
50 NVRAM
60 I / F
70 LCD
80 Operation unit 90 Bus 100 Controller 101 Imaging unit 102 External I / F
DESCRIPTION OF SYMBOLS 103 Operation part 104 Display part 105 Image information storage part 106 Card slot 111 Main control part 112 Engine control part 113 Operation display control part 114 Image processing part 115 Communication control part 116 Electronic signature control part 161 Hash value calculation part 162 Encryption process part 163 Position information detection unit 164 Date and time information acquisition unit 165 Condition determination unit 166 Key storage unit 167 Condition storage unit 200 Application 201 Image information acquisition unit 202 Hash value calculation unit 203 Electronic signature acquisition unit 204 Decryption processing unit 205 Key storage unit 206 Electronic signature Judgment unit 207 Display information generation unit

Claims (20)

An electronic imaging device capable of generating an electronic signature for detecting falsification of image information generated by imaging,
An imaging unit that generates image information based on optical information;
An electronic signature generation unit that encrypts information about image information generated by the imaging unit and generates the electronic signature;
A key availability determination unit that determines whether or not a key used when the electronic signature generation unit generates the electronic signature;
The electronic imaging apparatus, wherein the electronic signature generation unit generates the electronic signature in accordance with a determination result by the key availability determination unit.   The electronic imaging apparatus according to claim 1, wherein the key availability determination unit determines whether or not the key can be used based on information regarding a current date and time and a condition regarding a date as a key usage condition. .   3. The electronic device according to claim 1, wherein the key availability determination unit determines whether the key can be used based on information on a current position and a condition regarding a position as a usage condition of the key. Imaging device. A wireless communication unit that performs communication via a wireless network;
The electronic imaging according to claim 3, wherein the key availability determination unit determines whether the key can be used based on whether the wireless communication unit is connectable to a specific wireless network. apparatus. It further has a radio wave receiver for receiving broadcast radio waves,
5. The electronic device according to claim 3, wherein the key availability determination unit determines whether the key can be used based on whether the radio wave reception unit can receive a specific radio wave. 6. Imaging device. A key storage unit storing a key used when the electronic signature generation unit generates the electronic signature;
6. The key erasure unit according to claim 1, further comprising: a key erasure unit that erases key information stored in the key storage unit according to a determination result by the key availability determination unit. Electronic imaging device. The key availability determination unit determines whether or not the key can be used based on information on the current date and time and a date and time limit as a key usage condition,
7. The key erasure unit according to claim 6, wherein the key erasure unit erases the key information when the current date / time has passed the expiration date / time as a result of the determination by the key availability determination unit. Electronic imaging device. A key availability information storage unit that stores key availability information indicating availability of a key used when the electronic signature generation unit generates the electronic signature;
A key availability indicator that stores the key availability information in the key availability information storage unit according to a determination result by the availability determination unit;
The electronic imaging apparatus according to claim 1, wherein the electronic signature generation unit generates the electronic signature when the key availability information indicates permission to use the key. . The key availability determination unit determines whether the key can be used based on information on a current position and a position range as a use condition of the key,
If the current position is out of the position range as a result of the determination by the key use permission determination section, the key use permission instruction section indicates that the key use permission information storage section cannot use the key. The electronic imaging apparatus according to claim 8, wherein information to be stored is stored. A key storage unit storing a key used when the electronic signature generation unit generates the electronic signature;
A key editing unit that edits key information stored in the key storage unit when it is determined by the key availability determination unit that the key cannot be used;
The electronic imaging apparatus according to claim 1, wherein the electronic signature generation unit generates the electronic signature using the key whose information has been edited.   The electronic imaging apparatus according to claim 10, wherein the key editing unit edits the key information by inverting bits constituting the key information.   The electronic imaging apparatus according to claim 10, wherein the key editing unit edits the key information by encrypting the key information. A key acquisition unit that acquires key information used when generating the electronic signature from a portable storage medium;
The electronic imaging apparatus according to claim 1, wherein the electronic signature generation unit generates the electronic signature using a key acquired from the portable storage medium.   The key acquisition unit acquires the key information from the portable storage medium when it is determined by the key availability determination unit that the key can be used. The electronic imaging device described. An electronic imaging system capable of detecting, in another information processing device, alteration of image information generated by imaging by an electronic imaging device,
The electronic imaging device is
An imaging unit that generates image information based on optical information;
An electronic signature generation unit that encrypts information about image information generated by the imaging unit and generates the electronic signature;
A key availability determination unit that determines whether or not a key used when the electronic signature generation unit generates the electronic signature;
The electronic signature generation unit generates the electronic signature according to a determination result by the key availability determination unit,
The other information processing apparatus
An electronic imaging system comprising: a falsification detection unit that detects falsification of the image information based on the generated image information and decryption information obtained by decrypting the electronic signature. The electronic imaging device is
An encryption key acquisition unit that acquires information on a key used when generating the electronic signature from a portable storage medium attached to the electronic imaging device;
The electronic signature generation unit generates the electronic signature using an encryption key acquired from the portable storage medium,
The other information processing apparatus
A decryption key acquisition unit for acquiring key information used when decrypting the electronic signature;
The electronic imaging system according to claim 15, wherein the tampering detection unit decrypts the electronic signature using the acquired decryption key. An electronic imaging system capable of detecting, in another information processing apparatus, alteration of image information generated by imaging by an electronic imaging apparatus,
The electronic imaging device is
An imaging unit that generates image information based on optical information;
An electronic signature generation unit that encrypts information about image information generated by the imaging unit and generates the electronic signature;
An encryption key acquisition unit that acquires information on a key used when generating the electronic signature from a portable storage medium attached to the electronic imaging device;
The other information processing apparatus
A tamper detection unit that detects tampering of the image information based on the generated image information and decryption information obtained by decrypting the electronic signature;
An electronic imaging system, comprising: a decryption key acquisition unit that acquires key information used when decrypting the electronic signature. An electronic imaging method capable of generating an electronic signature for detecting falsification of image information generated by imaging,
The imaging unit generates image information based on the optical information,
A key usability judging unit judges whether the key used when generating the electronic signature is available;
An electronic imaging method, wherein an electronic signature generation unit generates the electronic signature by encrypting information relating to the generated image information in accordance with a determination result by the key availability determination unit. A control program for causing an information processing apparatus to operate as an electronic imaging apparatus capable of generating an electronic signature for detecting falsification of image information generated by imaging,
Generating image information based on the optical information;
Determining whether a key used when generating the electronic signature is usable;
A control program causing the information processing apparatus to execute the step of encrypting information relating to the generated image information and generating the electronic signature according to a determination result by the key availability determination unit.   20. A recording medium in which the information processing program according to claim 19 is recorded in a format readable by an information processing apparatus.

Images