JP5648247B2 - Long-term signature server - Google Patents

Description

  The present invention relates to a long-term signature server, for example, to a long-term signature for electronic data.

There may be a case where it is desired to prove that image data of a subject photographed at a certain date and time at a certain place is certainly photographed at that date and time and at that location, and that the image data has not been falsified.
Thus, for example, it is possible to prove that the person was in a certain place at a certain date and time, or to photograph the accident site and apply it to insurance work.

As a technique for proving that a person exists at a certain place at a certain time, there is a “location certification method, location certification service system, and network system” of the following Patent Document 1.
This technology reads the user's fingerprint with a mobile phone and sends it to the server. The server authenticates the user with the fingerprint and specifies the time and location of the mobile phone (specified from the base station with which the mobile phone communicated) as an electronic signature. To do.

However, this system has a problem that it is necessary to mount a fingerprint sensor on the mobile phone.
In addition, it cannot be used when it is desired to prove the non-falsification by taking an image.

JP 2003-284113 A

  An object of the present invention is to make it possible to verify the non-falsification of image data taken with a mobile terminal, the date and time of shooting, and the shooting location.

(1) In the invention described in claim 1, from the electronic signature server communicating with the mobile terminal, a function value obtained by calculating the image data of the subject captured by the mobile terminal with a predetermined function, and the shooting at the time of the shooting Image time position information receiving means for receiving image time position information including shooting position specifying information for specifying a position and shooting date / time specifying information for specifying the shooting date / time of the shooting, and the received image time position information Signature target data generation means for generating signature target data for long-term signature data using the above, signature target data transmission means for transmitting the generated signature target data to the electronic signature server, and the transmitted signature target data Electronic signature value receiving means for receiving an electronic signature value from the electronic signature server, and generating the long-term signature data of the image time position information using the received electronic signature value Providing long-term signature server, characterized by comprising the phases signature data generating unit.
(2) The invention according to claim 2, further comprising public key certificate receiving means for receiving a public key certificate of a public key corresponding to a private key used for the electronic signature from the electronic signature server, 2. The long-term signature server according to claim 1, wherein the signature target data generation means includes the received public key certificate in the signature target data.
(3) In the invention according to claim 3, a time stamp acquisition means for acquiring a time stamp for the received electronic signature value, and a verification information generation means for generating verification information for verifying the electronic signature value and the time stamp And basic signature data generating means for generating basic signature data including the signature target data, the electronic signature value, the time stamp, and the verification information, and long-term verification for verifying the generated basic signature data for a predetermined period A long-term verification information acquisition means for acquiring information, wherein the long-term signature data generation means generates long-term signature data by adding the acquired long-term verification information to the generated basic signature data. A long-term signature server described in 2 is provided.
(4) In the invention according to claim 4, long-term verification for transmitting long-term verification information creation information for creating long-term verification information to a predetermined terminal having the image data, the photographing position, and the photographing date and time Information creation information transmitting means, and receiving the long-term verification function value calculated by a predetermined function by adding the image data, the shooting position, and the shooting date and time to the transmitted long-term verification information generation information from the predetermined terminal 4. The long-term verification function value receiving means for performing the processing, wherein the long-term verification information acquiring means adds a time stamp to the received long-term verification function value to acquire the long-term verification information. The long-term signature server described in 1. is provided.
(5) In the invention according to claim 5, long-term signature data receiving means for receiving long-term signature data from a predetermined terminal, long-term verification information extracting means for extracting long-term verification information from the received long-term signature data, Re-long-term verification information acquisition means for acquiring long-term verification information again for verifying the extracted long-term verification information for a predetermined period, and the long-term signature data generation means includes the acquisition in the received long-term signature data The long-term signature server according to claim 3 or 4, wherein the long-term signature data is updated by adding the re-examined long-term verification information.
(6) In the invention described in claim 6, a second long-term verification information creation information transmitting means for transmitting a second long-term verification information creation information for creating a second long-term verification information to the predetermined terminal; The second long-term verification function value calculated by a predetermined function by adding the image data, the shooting position, and the shooting date / time to the transmitted second long-term verification information creation information is received from the predetermined terminal again. A verification function value receiving means, wherein the second long-term verification information acquisition means adds a time stamp to the received second long-term verification function value to acquire the second long-term verification information. The long-term signature server according to claim 5 is provided.
(7) In the invention according to claim 7, the electronic signature server specifies image data of a subject photographed by the portable terminal from the communication means that communicates with the portable terminal and the communicating portable terminal. Image time position information for receiving image time position information including image specifying information, shooting position specifying information for specifying a shooting position at the time of shooting, and shooting date / time specifying information for specifying a shooting date / time of the shooting A receiving means; a current position detecting means for detecting a current position of the portable terminal; a current date / time acquiring means for acquiring a current date / time; And the judgment means for judging whether or not the photographing date and time of the received image time position information coincide with the acquired current date and time within a predetermined range, and the judgment means 7. The electronic signature server comprising: a signature unit that performs an electronic signature on the received image time position information when the image is received. A long-term signature server according to one claim is provided.

  The present invention verifies the non-falsification of image data captured with a mobile terminal, the date and time of shooting, and the shooting location by digitally signing the image data after confirming the date and time of shooting the subject. can do.

It is a figure for demonstrating the outline | summary of this Embodiment. It is a figure for demonstrating the network structure of a long-term signature system. It is a figure for demonstrating the format of long-term signature data. It is the figure which showed an example of the hardware-like structure of a portable terminal. It is a figure for demonstrating hardware-like structures, such as a long-term signature server. It is a flowchart for demonstrating the procedure which produces long-term signature data. It is a flowchart for demonstrating image GPS information processing. It is a flowchart for demonstrating ES production processing. It is a flowchart for demonstrating ES-T preparation processing. It is a flowchart for demonstrating ES-XL creation processing. It is a flowchart for demonstrating ES-A (1st) creation processing. It is a flowchart for demonstrating the procedure which produces ES-A (2nd). It is a flowchart for demonstrating the verification method of long-term signature data.

(1) Outline of Embodiment FIG. 1 is a diagram for explaining the outline of the present embodiment.
The long-term signature data (ES-A) is configured by XML, and is configured by using each element such as ES, STS, ES-T, verification information, ES-XL, ATS as shown in the figure. Yes.
There are ATSs of the first generation ATS (1st), second generation ATS (2nd),..., And accordingly, the ES-A becomes the first generation ES-A (1st ), Second generation ES-A (2nd), and the like.

ATS (n) (n is 1st, 2nd, 3rd,...) Is an archive time stamp for verifying the contents of ES-A (n).
When creating long-term signature data, ES-A (1st) is created, and before ATS (1st) expires, ATS (2nd) is created and updated to ES-A (2nd), etc. By updating to ES-A (n + 1) before the expiration date of ES-A (n) expires, the expiration date of the long-term signature data can be permanently extended.

Long-term signature data is created as follows.
When a subject is photographed by the portable terminal 6, the portable terminal 6 generates and stores image data of the subject and calculates a hash value (hereinafter referred to as an image hash value) of the image data.
The mobile terminal 6 also has a GPS (Global Positioning Systems) function, detects the current date and time and the current position at the time of shooting, and sets these as the shooting date and time and the shooting position.
Then, when the mobile terminal 6 captures the subject, the mobile terminal 6 immediately transmits the image data, the capturing date and time, and image time position information (hereinafter referred to as image GPS information) specifying the capturing position to the base station server 5. In addition, you may transmit separately the information which specifies these image data, imaging | photography date, and an imaging | photography position.

When the base station server 5 receives the image GPS information, the base station server 5 checks whether or not the shooting date and time and the shooting position in the image GPS information are correct.
The shooting date / time is confirmed by comparing the current date / time with the shooting date / time.
On the other hand, the shooting position is confirmed by specifying the area where the portable terminal 6 exists by the base station server 5 that has received the radio wave of the portable terminal 6 and confirming that the shooting position based on the image GPS information is within the area. Done.
When the base station server 5 confirms that the shooting date and time are correct, the base station server 5 transmits the image GPS information and the public key certificate of the private key used for the electronic signature to the long-term signature server 3.

When the long-term signature server 3 receives the image GPS information and the public key certificate, the long-term signature server 3 generates pre-signature XAdES data for generating an ES using the image GPS information and the public key certificate, and transmits the pre-signature XAdES data to the base station server 5. This is digitally signed with a private key and the electronic signature value is transmitted to the long-term signature server 3.
When the long-term signature server 3 receives the electronic signature value, the long-term signature server 3 generates an ES using the electronic signature value, and subsequently generates an STS, ES-T, verification information, and ES-XL.
Then, the long-term signature server 3 generates hash value target data creation data for creating ATS (1st) and transmits it to the mobile terminal 6.

When the portable terminal 6 receives the data for creating the hash value target data, it adds the image data, the shooting date and time, and the shooting position to this to calculate a hash value and transmits it to the long-term signature server 3.
The long-term signature server 3 generates ATS (1st) using this hash value, completes ES-A (1st), and transmits it to the portable terminal 6.
Thereafter, before the expiration date of ES-A (1st) expires, the portable terminal 6 transmits ES-A (1st) to the long-term signature server 3, and the long-term signature server 3 transmits this to ES-A (2nd). Update to

The image GPS information includes first image GPS information (image data, shooting date time, shooting position), second image GPS information (image hash value, shooting date time, shooting position), and third image GPS. There are forms (variations) such as information (image hash value, shooting date / time hash value, shooting position hash value).
The first image GPS information is image GPS information generated when a subject is photographed by the mobile terminal 6, and the second image GPS information is image GPS information transmitted from the mobile terminal 6 to the base station server 5. The third image GPS information is image GPS information used when the long-term signature server 3 creates long-term signature data.
The image data and the image hash value both function as image specifying information for specifying image data, and the shooting position and the shooting position hash value both function as shooting position specifying information for specifying the shooting position. The shooting date / time and the shooting date / time hash value both function as shooting date / time specifying information for specifying the shooting date / time.
Therefore, the image GPS information (first to third image GPS information) functions as image time position information including image specifying information, shooting position specifying information, and shooting date / time specifying information.

(2) Details of Embodiment FIG. 2 is a diagram for explaining a network configuration of the long-term signature system 1 according to the present embodiment.
The long-term signature system 1 includes a time stamp server 2, a long-term signature server 3, a network 4, a base station server 5, a portable terminal 6, a CA repository server 10, a CA-TSA repository server 11, and the like.

The mobile terminal 6 is a mobile terminal having a camera function and a GPS function, and is configured by a mobile phone as an example in the present embodiment.
The portable terminal 6 may be any portable terminal having a camera function and a GPS function, such as a digital camera, a portable PC (Personal Computer), a PDA (Personal Digital Assistant), or a portable game machine.

The portable terminal 6 shoots a subject with a camera function and generates image data.
Moreover, the portable terminal 6 acquires this as a photographing date time and a photographing position by measuring the current date time and the current position when photographing by the GPS function.
In this way, the portable terminal 6 measures the current date and time and the current position simultaneously with shooting, and generates first image GPS information (image data, shooting date and time, shooting location).

Then, the mobile terminal 6 calculates a hash value of the image data to generate second image GPS information (image hash value, shooting date and time, and shooting position), and transmits this to the base station server 5.
Further, in creating the long-term signature data, the long-term signature server 3 later transmits the data for creating the hash value target data to the portable terminal 6, and the portable terminal 6 also has a function of processing this.

The base station server 5 is a server installed in the base station, wirelessly communicates with the mobile terminal 6, and connects the mobile terminal 6 to the network 4.
The base station server 5 covers a predetermined communication area. Although not shown, the base station server 5 covers the entire communication area by installing a plurality of such base station servers 5.
And the base station server 5 can detect that the portable terminal 6 exists in an own communication area by receiving the electromagnetic wave which the portable terminal 6 emits.
In other words, the base station server 5 that has received the radio wave from the mobile terminal 6 can identify the range in which the mobile terminal 6 exists (hereinafter referred to as an existing area).
In addition, when there are a plurality of base station servers 5 that receive radio waves from the mobile terminal 6, the mobile terminal 6 exists in a region where the existing areas overlap, and thus the presence area of the mobile terminal 6 can be further limited.

When the base station server 5 receives the second image GPS information, the base station server 5 compares the shooting date time of the second image GPS information with the current date time, and the shooting date time is within a predetermined time past the current date time. In some cases (for example, within 5 minutes), it is determined that the shooting date / time is correct.
Further, the base station server 5 compares the shooting position of the second image GPS information with the presence area of the mobile terminal 6 and determines that the shooting position is correct when the shooting position is within the existence area.
Thus, since the second image GPS information includes the shooting date and time and the shooting location, the base station server 5 can verify the shooting date and time and the shooting location.

If the base station server 5 determines that the shooting date / time and the shooting position are correct, the hash value of the shooting date / time and the hash value of the shooting location (hereinafter referred to as shooting date / time hash value, shooting location hash) of the second image GPS information. Value) is calculated to generate third image GPS information (image hash value, shooting date / time hash value, shooting location hash value), and transmit this to the long-term signature server 3.
This is because the long-term signature data ES (described later) cannot include the shooting date and time and the shooting location as they are.
The base station server 5 stores a private key for electronic signature and a public key certificate of a public key corresponding to the private key, and transmits the public key certificate to the long-term signature server 3.

Then, the long-term signature server 3 generates the pre-signature XAdES data (FIG. 3) using the third image GPS information and the public key certificate, and transmits it to the base station server 5, but the base station server 5 This is digitally signed with a private key, and an electronic signature value based on the electronic signature is transmitted to the long-term signature server 3.
As described above, the base station server 5 has a function of confirming the second image GPS information of the mobile terminal 6 and a function of digitally signing the pre-signature XAdES data.

The long-term signature server 3 is a server operated by the certification center, and can communicate with the base station server 5, the mobile terminal 6, the time stamp server 2, the repository server 10, and the repository server 11 via the network 4.
The long-term signature server 3 generates pre-signature XAdES data and has the base station server 5 electronically sign it, and creates an ATS in cooperation with the mobile terminal 6 to generate long-term signature data.

At that time, the long-term signature server 3 has the time stamp server 2 issue a time stamp to the ES, ES-XL, or ATS, or the revocation information of the public key certificate of the private key used for the electronic signature, and the time The revocation information of the public key certificate of the private key used for the stamp is collected from the repository server 10 and the repository server 11.
Note that the first image GPS information is required to create the ATS, but for the ATS creation, the first image GPS information is moved from the portable terminal 6 to the user terminal (for example, the user's PC) for a long time. You may perform between the signature server 3 and a user terminal.

The time stamp server 2 is a server operated by TSA (Time Stamp Authority), which issues a time stamp to electronic data such as an electronic document, and performs time certification. In this form, the long-term signature server 3 issues a time stamp to the ES, ES-XL, or ATS when creating the long-term signature data.
The time stamp is issued by giving a time to electronic data to be issued by the time stamp transmitted via the network 4 and digitally signing it with a secret key.
This confirmation of the electronic signature can be performed because the electronic signature can be decrypted by using the public key corresponding to the secret key used for the time stamp, and the electronic signature is made by the time stamp server 2. I can confirm that.

The repository server 10 is a server operated by a CA (Certificate Authority), and is a public key certificate (corresponding to the private key used for the electronic signature) used for verification of the electronic signature performed by the base station server 5. Revocation information of the public key certificate).
When a third party verifies the electronic signature of the base station server 5 using the public key certificate of the private key of the base station server 5, confirm that the public key certificate is not described in the revocation information Thus, it can be confirmed that the electronic signature has been made in a state where the public key certificate is valid.
The revocation information is updated to the latest one regularly or irregularly, for example, every 24 hours.

The repository server 11 is a server operated by TSA-CA (Time Stamp Authority Certificate Authority), which is a public key certificate used for verifying a time stamp (a public key certificate corresponding to a secret key used for the time stamp). Provide key revocation information.
When a third party verifies the electronic signature of the time stamp server 2 using the time stamp public key certificate, the public key certificate is confirmed by confirming that the public key certificate is not described in the revocation information. It is possible to confirm that the time stamp has been issued while the certificate is valid.
The revocation information is updated to the latest one regularly or irregularly, for example, every 24 hours.

  The network 4 is configured by a communication network such as the Internet or a mobile phone network, for example, and communicates between the mobile terminal 6 and the long-term signature server 3, and the long-term signature server 3 and the time stamp server 2, the repository server 10, and the repository. Mediates communication between servers 11.

FIG. 3 is a diagram for explaining the format of long-term signature data (long-term signature format) used in the present embodiment.
The long-term signature data of the present embodiment is described using an XML (Extensible Markup Language) language in accordance with the rules of XAdES (XML Advanced Electronic Signatures).
This format is merely an example, and the format of the long-term signature data is not limited to XML.

  The pre-signature XAdES data is an XML element that stores signature target data to be subjected to electronic signature by the long-term signature server 3, and is composed of each element of KeyInfo, signature target property, and SignedInfo. The long-term signature server 3 digitally signs the pre-signature XAdES data to generate an ES.

In KeyInfo, a public key certificate of a public key corresponding to the secret key used for the electronic signature by the base station server 5 is set. The public key certificate includes, for example, a public key, a public key owner, a certificate authority, a certificate authority signature, and the like.
In the signature target property, the hash value of the public key certificate is set.
In the SignedInfo, third image GPS information and a hash value of the signature target property (hereinafter, signature target property hash value) are set.

The ES is composed of the pre-signature XAdES data and the SignatureValue as elements.
In SignatureValue, a signature value obtained by signing SignedInfo by the base station server 5 with a secret key is set.
When SignedInfo is verified by the signature value, the signature target property is verified by this, and KeyInfo is verified by the signature target property. Thus, the long-term signature server 3 digitally signs the SignatureValue as described above. The pre-signature XAdES data is signed.

The ES-T is configured with the ES and the signature time stamp as elements.
An STS (signature time stamp) issued to the ES is set as the signature time stamp. The STS is obtained by giving the current date and time to the hash value of the SignatureValue in the time stamp server 2 and digitally signing it with the private key of the time stamp server 2.

ES-XL (ES-XLong) is configured with the ES-T and verification information as elements.
The verification information is configured using a certificate group and a revocation information group.
The certificate group includes a public key certificate of the private key used for signature by the long-term signature server 3 and a public key certificate on the certification path of the public key certificate of the private key used by the time stamp server 2 for time stamp. is there.
In this certification path, the root certificate authority issues a self-signed certificate, the root certificate authority issues a certificate to the child certificate authority, the child certificate authority issues a certificate to the grandchild certificate authority,... The end certificate authority verifies the verification of the public key certificate back to the root certificate authority in a certificate trust chain in which a certificate is issued to an individual or certificate owner.
The revocation information group is revocation information of each public key certificate included in the certificate group.

ES-A (1st) is composed of the ES-XL and ATS (1st) described above.
ATS (Archive Time Stamp) (1st) is a first generation ATS, information for verifying ES-T, third image GPS information, electronic signature by long-term signature server 3, time stamp server 2 is included, and the validity of the ES-XL can be verified by ATS (1st).
More specifically, ATS (1st) includes hash value target data (first image GPS information, third image GPS information, signature target property, SignedInfo, SignatureValue, KeyInfo, STS (signature time stamp), and certificate group. , The data obtained by concatenating the revocation information group, etc.) and a hash value issued to the hash value.

ES-A (2nd) is composed of ES-A (1st) and ATS (2nd) as elements.
ATS (2nd) is a second generation ATS, and includes information for verifying ES-A (1st), third image GPS information, electronic signature by time stamp server 2, time stamp by time stamp server 2, and the like. It is included, and the validity of ATS (1st) can be verified by ATS (2nd).
Although not shown, ES-A (3rd) having ES-A (2nd) and ATS (3rd) as elements, ES-A (4th) having ES-A (3rd) and ATS (4th) as elements, ... and continue the generation.

Each generation of the long-term signature data configured as described above is created as follows.
First, ES-XL is created, ATS (1st) is acquired while the signature time stamp and verification information are valid, and ES-A (1st) is constructed.
Then, before ATS (1st) loses its validity (before expiration or expiration of the public key certificate of the time stamp token, or before compromise of the related cryptographic algorithm), ATS (2nd) is acquired, ES-A (1st) is updated to ES-A (2nd).
Similarly, the ES-A is updated by repeating the process of acquiring the next generation ATS before the current ATS loses its effectiveness.
In this way, ATS is given to ES-XL in time series, and long-term signature data in which the latest generation ATS is within the expiration date is obtained.
The verification of the long-term signature data created in this way will be described in detail later.

FIG. 4 is a diagram illustrating an example of a hardware configuration of the mobile terminal 6.
The mobile terminal 6 is a mobile phone having a camera function and a GPS function as an example, and has the following configuration.
The CPU 22 performs various types of information processing and controls each unit of the mobile terminal 6 according to a program stored in the EEPROM 33 or the like.
For example, the CPU 22 captures a subject, stores image data obtained by capturing the subject, calculates a hash value of the image data, detects the current position and current date and time by GPS, generates first image GPS information, and second image. Each process such as generation of GPS information and transmission to the base station server 5 is performed.

Under the control of a CPU (Central Processing Unit) 22, the speaker 23 outputs various sounds such as the voice of the other party.
Under the control of the CPU 22, the display 24 is an image of the subject captured by the camera 30, an image based on the captured image data when the subject is photographed, a browser screen for connecting to the network 4, and the base station server 5. Display various screens such as notifications.

The key 25 is, for example, a device for inputting commands, characters, symbols, numbers, and the like, and an operation screen for operating the mobile terminal 6 to photograph a subject or acquiring long-term signature data for the photographed image data. It is used to operate.
The microphone 26 electrically converts the voice of a user's call and the like, and the resulting voice signal is digitized and input to the CPU 22.
The battery 27 is a rechargeable secondary battery and supplies power to each part of the mobile terminal 6.

The RF circuit 28 includes an antenna, and connects the base station server 5 and the CPU 22 by wireless communication.
Thereby, the CPU 22 can transmit the second image GPS information to the base station server 5.

The GPS 29 detects the current position and the current time of the mobile terminal 6. The GPS 29 receives radio waves from GPS satellites and communicates with a predetermined server, analyzes the information, and acquires the latitude and longitude of the current position and the current date and time.
The camera 30 projects an image of a subject on a CCD (Charge-Coupled Device) with an optical system using a lens, and converts the image into image data.
The camera 30 includes a shutter button, and when the user presses the shutter button, image data when the shutter button is pressed is stored and saved in the EEPROM 33 by the processing of the CPU 22.

The ROM 31 is a read-only memory, and stores programs, parameters, and the like for the CPU 22 to perform functions required for the portable terminal 6.
The RAM 32 is a readable / writable memory, and provides a working memory when the CPU 22 performs calculation of a hash value of image data, analysis of a current position and current date / time by GPS, and other various information processing.

An EEPROM (Electrically Erasable and Programmable ROM) 33 is a readable / writable memory, and can retain the stored contents even if the battery 27 does not supply power.
The EEPROM 33 is formed with a program unit 34 that stores a program to be executed by the CPU 22 and a data unit 35 that stores image data captured by the camera 30, a shooting date and time, a shooting position, and other data.
Note that the EEPROM 33 can also be realized by a non-volatile memory such as a flash memory.

FIG. 5A is a diagram for explaining a hardware configuration of the long-term signature server 3.
The long-term signature server 3 includes a CPU 41, a ROM 42, a RAM 43, a communication unit 44, a storage unit 45, and the like.

  The CPU 41 performs various information processing and control of each part of the long-term signature server 3 according to a predetermined program, and for example, communicates with the base station server 5, the mobile terminal 6, the time stamp server 2, the repository server 10, and the repository server 11 for a long time. Create signature data.

The ROM 42 is a read-only memory, and stores basic programs and parameters for the long-term signature server 3 to operate.
The RAM 43 is a readable / writable memory, and provides a working memory when the CPU 41 loads a program or performs various types of information processing.
The communication unit 44 connects the long-term signature server 3 to the network 4. The long-term signature server 3 can communicate with the base station server 5, the mobile terminal 6, the time stamp server 2, the repository server 10, the repository server 11, and the like via the communication unit 44.

The storage unit 45 is configured using, for example, a large-capacity storage device such as a hard disk.
In the storage unit 45, a program storage unit 46 and a data storage unit 47 are formed.
The program storage unit 46 stores a program for causing the CPU 41 to perform the above functions.
The data storage unit 47 stores information necessary for creating long-term signature data such as the CA certificate that issued the public key certificate, the CA root certificate, the TSA certificate, and the TSA root certificate. Has been.

FIG. 5B is a diagram for explaining a hardware configuration of the base station server 5.
The base station server 5 includes a CPU 51, a ROM 52, a RAM 53, a communication unit 55, a storage unit 56, and the like.
The CPU 51 performs various information processing and control of each part of the base station server 5 according to a predetermined program. Specifically, for example, in addition to mediating connection of the mobile terminal 6 to the network 4, the second image GPS information is received from the mobile terminal 6, and the shooting date and time and the shooting position of the second image GPS information are received. Is confirmed, or the pre-signature XAdES data transmitted from the long-term signature server 3 is digitally signed.

The ROM 52 is a read-only memory, and stores basic programs and parameters for the base station server 5 to operate.
The RAM 53 is a readable / writable memory, and provides a working memory when the CPU 51 loads a program or performs various types of information processing.
The communication unit 55 communicates with the mobile terminal 6 and communicates with various servers via the network 4.
The storage unit 56 is configured using, for example, a large-capacity storage device such as a hard disk. The program storage unit 57 stores a program for causing the CPU 51 to perform the above functions, and the data storage unit 58. Stores a secret key for performing an electronic signature, a public key certificate of a public key corresponding to the secret key, and the like.

Although not shown, the time stamp server 2 includes a CPU, a ROM, a RAM, a storage unit, a communication unit, an input / output unit, etc., as well as the base station server 5, etc. Is measured.
The time stamp server 2 stores a secret key for time stamp. For example, the time stamp server 2 adds a date and time measured by an atomic clock to the electronic data, encrypts the date with the secret key, and performs an electronic signature. Is issued.
The electronic signature functions as a time stamp because the contents of the electronic data and the correctness of the date and time given by the time stamp server 2 can be confirmed by decrypting with the public key corresponding to the secret key.
In addition, the repository server 10 and the repository server 11 include a CPU, a ROM, a RAM, a storage unit, a communication unit, an input / output unit, and the like, like the base station server 5 and the like.

FIG. 6 is a flowchart for explaining a procedure in which the mobile terminal 6, the base station server 5, and the long-term signature server 3 create long-term signature data.
The following processing is performed by the CPU 21 of the mobile terminal 6, the CPU 51 of the base station server 5, and the CPU 41 of the long-term signature server 3 according to a predetermined program.
First, the portable terminal 6 and the base station server 5 cooperate to perform image GPS information processing (step 50).
Next, the base station server 5 and the long-term signature server 3 cooperate to perform ES creation processing (step 100).

Next, the long-term signature server 3 performs ES-T creation processing (step 200) and ES-XL creation processing (step 300).
Then, the portable terminal 6 and the long-term signature server 3 cooperate to perform ES-A (1st) creation processing (step 400).
In this way, long-term signature data (ES-A) is created.
Although not shown, the created ES-A (1st) is updated to ES-A (2nd) by adding ATS (2nd) while it is valid, and the validity of the long-term signature data is lost. Continue generations so as not to break.

The procedure for creating long-term signature data is roughly divided into the phases as described above. The detailed procedure for each phase will be described below.
FIG. 7 is a flowchart for explaining the image GPS information processing in step 50.
When the user operates the shooting shutter button of the mobile terminal 6, the mobile terminal 6 detects the current date and time and the current position by the GPS 29 (step 55), and captures the subject by the camera 30, and the image data of the subject. Is generated.
Next, the portable terminal 6 sets the current date and time and the current position acquired by the GPS 29 when the camera 30 has photographed the subject as the shooting date and time and the shooting position, respectively.
Then, the portable terminal 6 generates first image GPS information including the image data, the shooting date and time, and the shooting position (for example, linked according to a predetermined format) (step 60).

Next, the mobile terminal 6 calculates an image hash value from the image data of the first image GPS information using a hash function (step 65).
Next, the mobile terminal 6 generates second image GPS information including the image hash value, the shooting date and time, and the shooting position (for example, linked according to a predetermined format), and transmits the second image GPS information to the base station server 5 (step). 70).
Note that the image hash value, the shooting date and time, and the shooting position may be individually transmitted to the base station server 5, and the base station server 5 may generate the second image GPS information.

The base station server 5 receives the second image GPS information from the mobile terminal 6 (step 75), and acquires the shooting date and time and the shooting position included in the second image GPS information.
Next, the base station server 5 determines whether the GPS information is correct as follows.
First, the base station server 5 acquires the current date and time using its own clock, and the current date and time and the shooting date and time are within a predetermined range (for example, the shooting date and time are within 5 minutes before the current date and time). (Step 80).
This considers the accuracy of the clock of the mobile terminal 6 and the time for the mobile terminal 6 to generate the second image GPS information and transmit it to the base station server 5 to give a certain range in the determination of coincidence. is there.

Furthermore, the base station server 5 checks whether or not the shooting position is within the current area where the mobile terminal 6 is present.
If the plurality of base station servers 5 can receive radio waves from the mobile terminal 6 and further narrow down the area where the mobile terminal 6 exists, it is confirmed whether the mobile terminal 6 exists in the narrowed-down existence area. It can also be configured to.
Then, the base station server 5 determines that the second image GPS information is correct when the current date and time and the shooting date and time coincide within a predetermined range and the shooting position is within the existing area, and at least one of the conditions Is not satisfied, it is determined that the second image GPS information is not correct.

If the second image GPS information is correct (step 80; Y), the base station server 5 proceeds to the ES creation process of step 100. If the second image GPS information is not correct (step 80; N), the base station server 5 The station server 5 transmits an error notification to the mobile terminal 6 and ends the process (step 85).
When the portable terminal 6 receives the error notification from the base station server 5, the portable terminal 6 displays this on the display 24 and presents the error notification to the user.

As a modification, second image GPS information (image hash value, shooting date / time, shooting date / time hash value, shooting position, shooting position hash value) may be used.
That is, the second image GPS information includes the shooting date and time and the shooting position to be confirmed by the base station server 5, and the shooting date and time hash value and shooting position hash value necessary for creating the long-term signature data by the long-term signature server 3. Keep it. With this configuration, the base station server 5 does not need to calculate the shooting date / time hash value and the shooting position hash value.

FIG. 8 is a flowchart for explaining the ES creation process in step 100.
First, the base station server 5 transmits a public key certificate of a private key to be digitally signed later to the long-term signature server 3 (step 110).
Next, the long-term signature server 3 receives the public key certificate from the base station server 5 (step 115), and creates the format of the pre-signature XAdES data by XML (step 120).

Next, the base station server 5 calculates a shooting date time hash value and a shooting position hash value by a hash function from the shooting date time and the shooting position of the second image GPS information received from the mobile terminal 6, and the image hash value, Third image GPS information including the shooting date / time hash value and the shooting position hash value (for example, linked according to a predetermined format) is generated.
The base station server 5 transmits the third image GPS information to the long-term signature server 3 (step 125), and the long-term signature server 3 receives the third image GPS information (step 130).
The base station server 5 transmits the second image GPS information to the long-term signature server 3, and the long-term signature server 3 is configured to generate the third image GPS information from the second image GPS information. You can also.

When the long-term signature server 3 receives the third image GPS information from the base station server 5 (step 130), it creates a KeyInfo area in the pre-signature XAdES data and receives the public key certificate received from the base station server 5 in this area. Is set (step 135).
Next, the long-term signature server 3 calculates the hash value of the public key certificate (hereinafter referred to as the public key certificate hash value), creates a signature target property area in the pre-signature XAdES data, and public key certificate is created here. A book hash value is set (step 140).

Next, the long-term signature server 3 calculates a signature target property hash value (step 145), creates a SignedInfo area in the pre-signature XAdES data, and receives the third image GPS information received from the base station server 5 here. And the signature target property hash value.
When creating the SignedInfo in this way, the long-term signature server 3 extracts the SignedInfo area from the pre-signature XAdES data and transmits it to the base station server 5 (step 150).

When the base station server 5 receives the SignedInfo from the long-term signature server 3, it generates an electronic signature value by digitally signing it with a private key, and transmits the generated electronic signature value to the long-term signature server 3 (step 155). .
When the long-term signature server 3 receives the electronic signature value from the base station server 5, the long-term signature server 3 creates a SignatureValue area, sets an electronic signature value in this area, and creates an ES (step 160).

FIG. 9 is a flowchart for explaining the ES-T creation processing in step 200.
First, the long-term signature server 3 inputs the ES created in step 100 as a processing target (step 205). At this time, the ES may be verified.
Next, the long-term signature server 3 extracts the SignatureValue area from the ES (Step 210), and calculates the hash value of the SignatureValue (Step 215).

Next, the long-term signature server 3 generates a TSQ (Time-stamp Request) for requesting a time stamp for the hash value of the SignatureValue, and transmits the TSQ (Time-stamp Request) to the time stamp server 2 (step 220).
When receiving the TSQ, the time stamp server 2 generates a TST (Time Stamp Token) by signing with the secret key after giving the current date and time.
Then, the time stamp server 2 generates a TSR (Time-stamp Response) using the issued TST and transmits it to the long-term signature server 3 (step 225).
More specifically, a TST exists in the TSR, and the TST extracted from the TSR is called an STS (signature time stamp) or an ATS (archive time stamp).

The long-term signature server 3 receives the TSR from the time stamp server 2 and extracts the TST from the TSR (step 230).
Then, the long-term signature server 3 creates a signature time stamp area in the ES-T, sets TST as an STS (signature time stamp), and creates an ES-T (step 235).

FIG. 10 is a flowchart for explaining the ES-XL creation processing in step 300.
First, the long-term signature server 3 inputs the ES-T created in Step 200 as a processing target (Step 305).

Next, the long-term signature server 3 calculates necessary certificate information from the ES-T and collects it as follows.
First, the long-term signature server 3 acquires a signature certificate by a certificate authority for verifying the public key certificate of the base station server 5 (step 310), and further acquires a root certificate of the signature certificate (step 310). Step 315).
Next, the long-term signature server 3 obtains a TSA certificate for proving the signature time stamp (step 320), and then obtains a root certificate of the TSA certificate (step 325). These certificate groups to be acquired are stored in the long-term signature server 3.

  Next, the long-term signature server 3 includes the revocation list including the public key certificate of the base station server 5, the public key certificate of the STS, and the certificate of the certificate authority for verifying these from each certificate in the certificate group. The revocation information necessary to confirm that it is not listed in the above is determined, and these are collected as follows.

Note that the signing certificate can be used for revocation procedures and revocation even though the revocation application has been filed with the certificate authority, for example, because the owner of the valid signing key has lost the key. Due to information disclosure timing, there is a possibility that the revocation status is not registered in the revocation information.
In such a case, since it takes time until it is registered in the revocation information after it expires, the long-term signature server 3 creates a group of certificates and then passes a certain period of time (operation of the certificate authority that issued the signature certificate). Revocation information is collected based on policy, eg, 24 hours or days.

First, the long-term signature server 3 accesses the CA repository server 10 and requests a CRL (Certificate Revocation List) of the collected signature certificate (step 330).
In response to this, the repository server 10 transmits the CRL of the signature certificate to the long-term signature server 3 (step 335).
Here, the CRL is a list that lists the revoked certificates, and is used to determine whether the certificate is valid by checking the certificate with the CRL.

Next, the long-term signature server 3 requests the ARL (Authority Revocation List) of the root certificate of the signature certificate from the repository server 10 (step 340).
In response to this, the repository server 10 transmits the ARL of the root certificate of the signature certificate to the long-term signature server 3 (step 345).
Here, ARL is a list of revoked self-signed certificates and the like. Since the root CA is at the top of the certificate trust chain, the root CA proves itself with a self-signed certificate. Then, it is possible to determine whether or not the root certificate is valid by comparing the root certificate with the ARL.

  The validity of the signing certificate can be verified by the CRL of the signing certificate, and the validity of the root certificate of the signing certificate can be verified by the ARL of the root certificate of the signing certificate. The validity of the signature by the base station server 5 can be verified by verifying the certificate.

Next, the long-term signature server 3 accesses the repository server 11 of the TSA-CA and requests a CRL of the TSA certificate (step 350).
In response to this, the repository server 11 transmits the CRL of the TSA certificate to the long-term signature server 3 (step 355).
Next, the long-term signature server 3 requests the ARL of the root certificate of the TSA certificate from the repository server 11 (step 360).
In response to this, the repository server 11 transmits the ARL of the root certificate of the TSA certificate to the long-term signature server 3 (step 365).

  The validity of the TSA certificate can be verified by the CRL of the TSA certificate, and the validity of the root certificate of the TSA certificate can be verified by the ARL of the root certificate of the TSA certificate, and the root of the TSA certificate and the TSA certificate The validity of the STS can be verified by verifying the certificate.

  When the long-term signature server 3 collects the certificate group and the revocation information group as described above, the long-term signature server 3 uses these to construct a certification path based on the hierarchy of the certificate trust chain, and adds this to the ES-T. An ES-XL is created (step 370).

FIG. 11 is a flowchart for explaining the ES-A (1st) creation process in step 400.
The following processing is performed by the mobile terminal 6, but the first image GPS information (image data, shooting date and time, shooting position may be stored, and the first image GPS information may be generated). You may carry out with the user terminal to memorize.
First, the long-term signature server 3 inputs the ES-XL created in step 300 as a processing target (step 405). At this time, the long-term signature server 3 can be configured to verify the ES-XL.
Next, the long-term signature server 3 creates an ATS area in the long-term signature data (step 410).

When the long-term signature server 3 creates an ATS area and is ready to create ES-A (1st), it sends a preparation completion notification to the mobile terminal 6 (step 415).
When the portable terminal 6 receives the notification, the portable terminal 6 reads and acquires the stored first image GPS information (step 420).
When the long-term signature server 3 transmits a preparation completion notification to the mobile terminal 6, the long-term signature server 3 creates hash value target data creation data for ES-A (1st).

Specifically, the long-term signature server 3 extracts the signature target property, SignedInfo, SignatureValue, KeyInfo, STS, certificate group, and revocation information group from the ES-XL, and sets them according to a predetermined form. Combine to generate data for creating hash value target data.
The hash value target data creation data is obtained by removing the first image GPS information from the hash value target data.
After creating the signature value target data creation data, the long-term signature server 3 transmits it to the portable terminal 6 (step 425).

When the portable terminal 6 receives the data for creating the hash value target data from the long-term signature server 3, the first image GPS information read in step 420 is added to the data (step 430), and the hash value target data is created.
Next, the portable terminal 6 calculates a hash value of the hash value target data and transmits it to the long-term signature server 3 (step 435).
When the long-term signature server 3 receives the hash value from the portable terminal 6, the long-term signature server 3 generates a TSQ for requesting a time stamp for the hash value and transmits it to the time stamp server 2 (step 440).
When receiving the TSQ, the time stamp server 2 extracts the hash value of the hash value target data from the TSQ, gives the current date and time to this, and generates a TST by signing with the secret key.
Then, the time stamp server 2 generates a TSR using TST and transmits it to the long-term signature server 3 (step 445).

When the long-term signature server 3 receives the TSR from the time stamp server 2 (step 450), it extracts the TST from this (step 460).
Then, the long-term signature server 3 adds the extracted TST as ATS (1st) to the ES-XL, generates ES-A (1st), and transmits it to the mobile terminal 6 (step 465).

Then, the mobile terminal 6 receives and stores ES-A (1st) from the long-term signature server 3 (step 470).
As described above, it is possible to create long-term signature data (ES-A (1st)) for the image data while holding the image data in the portable terminal 6.

  The ES-A (1st) created as described above is stored on the client side, but before the validity of ATS (1st) is lost, ATS (2nd) is assigned to ES-A (1st). It is necessary to update to ES-A (2nd). Therefore, a procedure for updating to ES-A (2nd) will be described next.

FIG. 12 is a flowchart for explaining a procedure for creating ES-A (2nd).
The following processing is performed by the mobile terminal 6, but may be performed by a user terminal that stores the first image GPS information.
First, the portable terminal 6 transmits ES-A (1st) to the long-term signature server 3 (step 505). When ES-A (1st) is input by the portable terminal 6, it can also be configured to verify this.
The long-term signature server 3 receives ES-A (1st) from the portable terminal 6 (step 510).
Then, the long-term signature server 3 calculates the certificate information necessary for the ATS (1st) from the ES-A (1st) and collects them as follows.

First, the long-term signature server 3 acquires a TSA certificate of ATS (1st) (step 515), and further acquires a root certificate of the TSA certificate (step 520). These certificates are stored in the long-term signature server 3.
Next, the long-term signature server 3 accesses the repository server 11 of the TSA-CA, requests the CRL of the ATS (1st) TSA certificate (step 525), and the repository server 11 sends the CRL to the long-term signature server 3. Transmit (step 530).
Then, the long-term signature server 3 receives the CRL.

Next, the long-term signature server 3 requests the repository server 11 for the ARL of the root certificate of the ATS (1st) TSA certificate (step 535), and the repository server 11 asks the long-term signature server 3 for the root certificate. An ARL is transmitted (step 540).
Then, the long-term signature server 3 receives the ARL.

Next, the long-term signature server 3 constructs an authentication path from these certificate groups (TSA certificate, TSA certificate root certificate) and revocation information groups (CRL, ARL) (step 545).
Next, the long-term signature server 3 adds the collected certificate group and revocation information group to the certificates area and crls area of the ATS (1st), respectively, and updates the ATS (1st) (step 550).
Next, the long-term signature server 3 creates an area for ATS (2nd) in ES-A (1st) with updated ATS (1st), and prepares that preparation for creating ES-A (2nd) is ready A completion notification is transmitted to the portable terminal 6 (step 555).

The subsequent processing is the same as the processing from step 420 onward in FIG. 11, and the long-term signature server 3 can create ES-A (2nd) while holding the image data inside the portable terminal 6.
That is, the long-term signature server 3 creates hash value target data creation data and transmits it to the mobile terminal 6.

Then, the mobile terminal 6 adds the first image GPS information to the hash value target data creation data, calculates the hash value, digitally signs the hash value, and transmits the signature value to the long-term signature server 3.
The long-term signature server 3 transmits the signature value to the time stamp server 2 to issue a time stamp, adds this to ES-A (1st), and creates ES-A (2nd).
Later generations such as ES-A (3rd) and ES-A (4th) are created in the same manner.

According to the embodiment described above, the following effects can be obtained.
(1) When a subject is photographed by the portable terminal 6, the date and time of photographing and the photographing place can also be recorded by the GPS 29.
(2) The hash value of the image data obtained by photographing the subject, the photographing date and time when the photographing was performed, and the photographing location can be transmitted to the base station server 5 at the same time.
(3) A long-term signature can be applied to the hash value of the image data obtained by photographing the subject, the photographing date and time when the photographing was performed, and the photographing location.
(4) Since the long-term signature data can be created without sending the image data to the base station server 5 or the long-term signature server 3, it is possible to prove the existence of the subject while protecting the privacy.
(5) Since it is not necessary to send image data to the base station server 5 or the long-term signature server 3, communication costs can be reduced.
(6) The image data and the first image GPS information can be moved from the mobile terminal 6 to the user terminal, and the subsequent processing can be performed at the user terminal.
(7) Only processing using the first image GPS information is performed by the portable terminal 6 (or user terminal), and processing with high computer load, such as XML analysis, electronic signature, time stamp, and acquisition of verification information, is a long-term signature server. Therefore, the load on the mobile terminal 6 (user terminal) can be reduced.
(8) It is possible to outsource the creation of long-term signature data while holding the image data on the user side, and there is no need to construct a long-term signature system in the user environment, so the user can manage the operation (log monitoring, failure monitoring) , Recovery processing, etc.) is not necessary.
(9) Since a long-term signature system is not constructed in the user environment, there is no need for network settings (IP, port opening, etc.) for acquiring a time stamp and revocation information from the user environment.
(10) Since the long-term signature server 3 has the root certificate of the signing certificate and the root certificate of the TSA certificate for acquiring the certification path, it is necessary to hold these pieces of information in the user environment. Absent. Therefore, for example, even when the TSA changes the certificate authority, it is not necessary to re-register a new certificate authority certificate (root certificate or intermediate certificate) in the user environment.
(11) Since the long-term signature server 3 acquires the time stamp, the user side such as the portable terminal 6 or the user terminal does not need to make a contract with the TSA.
(12) When the version of the long-term signature format is upgraded or the encryption algorithm is compromised, the long-term signature server 3 corresponds, and the user does not need to cope. If the hash function is compromised, it is necessary to change the hash function of the user side device. In this case, a plurality of latest hash functions assumed in advance may be embedded on the user side and switched by a switch, or a hash value group calculated using a plurality of hash functions may be sent to the server each time. (Not a big size).
(13) By outsourcing the generation of long-term signature data to the long-term signature server 3, for example, an insurance company or the like wants to construct a long-term signature system for long-term signature of the first image GPS information, but the first image GPS to be processed Satisfies customer demands such as the inability to estimate the number of information, initial costs, the lack of personnel to operate the long-term signature system, the inability to have a server system within the company, and the inability to take image data from within the company A solution can be provided.
(14) By using the long-term signature format, it becomes possible to extend the validity of the electronic signature and cope with the compromise of the encryption algorithm.
(15) Using the second and third image GPS information, the first image GPS information is signed with a signature key, a signature time stamp is added, and an ES-T is created. ES-T It is possible to provide a system that collects and assigns necessary verification information (certification pass and revocation information) to an image, assigns an archive time stamp, and creates an ES-A in the cloud while ensuring confidentiality .
(16) When the image data may be transmitted to the long-term signature server 3, it is possible to transmit the image data to the long-term signature server 3, but the data size is large or immediacy is required. Yes, it is possible to send a hash value with a small data size first and request a signature and a signature time stamp from the certification center (long-term signature server 3).
(17) Since the connection between the portable terminal 6 and the user terminal is the long-term signature server 3 and is not connected to the time stamp server 2, the repository server 10, and the repository server 11, the number of connection destinations of the portable terminal 6 and the user terminal is reduced as much as possible. It is possible to prevent an increase in security holes due to a large number of connection destinations.
(18) It is possible to construct the following system for proof of evidence with ASP.
The user of the portable terminal 6 creates an image using the camera function and sends the GPS information acquired at the same time as the hash value of the image to the base station server 5 (base station). When determining that the GPS information is correct, the base station server 5 sends the GPS information and the hash value of the image to the long-term signature server 3 (certification center). The long-term signature server 3 creates signature target data based on the received data and sends it to the base station server 5. The base station server 5 performs a signature as a “location checker” and sends a signature value to the long-term signature server 3 (signature time stamp plays a role in proof of time). The long-term signature server 3 creates a signature time stamp based on the signature value, and then proceeds to archive time stamp processing. After a certain period of time, the certification center communicates with the requested portable terminal 6 and performs the remaining processing to complete the ES-A.

According to the present embodiment described above, the following configuration can be obtained.
In the long-term signature system 1, the mobile terminal 6 functions as a mobile terminal, the base station server 5 functions as an electronic signature server, and the long-term signature server 3 functions as a long-term signature server. .
Further, the image data and the image hash value function as image specifying information for specifying the image data of the subject photographed by the mobile terminal 6, and the photographing date / time, the photographing date / time hash value, the photographing position, and the photographing position hash value. Respectively function as shooting date / time specifying information and shooting position specifying information.
Therefore, the image GPS information (first image GPS information, second image GPS information, and third image GPS information) functions as image time position information that specifies image data, shooting date and time, and shooting position. .

Since the base station server 5 communicates with the mobile terminal 6 via wireless communication, the base station server 5 includes a communication unit that communicates with the mobile terminal.
Since the base station server 5 receives the second image GPS information from the mobile terminal 6, the image specifying information (image) for specifying the image data of the subject photographed by the mobile terminal from the communicating mobile terminal. Image time position information for receiving image time position information including hash value), shooting date / time specifying information for specifying the shooting position at the time of shooting, and shooting position specifying information for specifying the shooting date / time of the shooting A receiving means is provided.
Further, since the base station server 5 can detect that the mobile terminal 6 is present in the communication area of the base station server 5 by receiving the radio wave emitted by the mobile terminal 6, the current position of the mobile terminal is determined. Current position detecting means for detecting is provided.
Furthermore, since the base station server 5 can acquire the current date and time using its own clock or the like, the base station server 5 includes current date and time acquisition means for acquiring the current date and time.
Then, the base station server 5 matches the current position of the mobile terminal 6 in the predetermined range (existing area) with the shooting position included in the second image GPS information, and the shooting date / time is equal to the current date / time and the predetermined range. If the two match, the second image GPS information includes the pre-signature XAdES data (the second image GPS information is included in the pre-signature XAdES data as the third image GPS information). Therefore, the captured position of the received image time position information matches the detected current position within a predetermined range, and the received image time position information is captured. A determination unit that determines whether or not a date and time matches with the acquired current date and time within a predetermined range, and when the determination unit determines that the date and time match, And a signature means for signing.

  In addition, the base station server 5 sets the third image GPS information for a long time when the shooting date and time and the shooting position of the second image GPS information coincide with the current date and time and the current position of the mobile terminal 6 within a predetermined range. It is transmitted to the signature server 3 (the second image GPS information may be transmitted to the long-term signature server 3 and the third image GPS information may be generated by the long-term signature server 3). In order to digitally sign the transmitted pre-signature XAdES data (the second image GPS information is included as the third image GPS information), a predetermined period for generating long-term signature data when the determination unit determines that they match. Image time position information transmitting means for transmitting the image time position information (third image GPS information) to a server (long-term signature server 3), and long-term signature data created using the transmitted image time position information Signature target data receiving means for receiving the signature target data (pre-signature XAdES data), and the signature means electronically sign the received signature target data to electronically sign the image time position information. Signing.

  The base station server 5 also uses the public key certificate of the public key corresponding to the private key used for the electronic signature before transmitting the third image GPS information so that the long-term signature server 3 creates the pre-signature XAdES data. Is transmitted to the long-term signature server 3, and the electronic signature value is transmitted to the base station server 5 by electronically signing the pre-signature XAdES data transmitted thereto. A public key certificate transmitting unit that transmits a public key certificate of a public key corresponding to a secret key used for the electronic signature to the predetermined server, and an electronic signature value digitally signed by the signing unit is transmitted to the predetermined server. Electronic signature value transmitting means is provided.

  The image specifying information can be a function value (hash value) obtained by calculating the image data with a predetermined function (hash function).

  The base station server 5 determines that the shooting position and the current position of the mobile terminal 6 match when the shooting position of the second image GPS information is within the area where the mobile terminal 6 is present. The means detects an area (existing area) where the mobile terminal is present, and the judging means detects the shooting position and the shooting position when the shooting position of the received image time position information is inside the detected area. It is determined that the current position matches within a predetermined range.

Since the long-term signature server 3 receives the third image GPS information from the base station server 5, the long-term signature server 3 takes a picture with the portable terminal from the electronic signature server (base station server 5) communicating with the portable terminal (mobile terminal 6). A function value (hash value) obtained by calculating image data of a subject with a predetermined function (hash), shooting position specifying information for specifying a shooting position at the time of shooting, and a shooting date and time for specifying the shooting date and time of the shooting Image time position information receiving means for receiving image time position information including the specific information (third image GPS information, where the shooting date and time and the shooting position are hash values) is provided.
The long-term signature server 3 generates the pre-signature XAdES data using the received third image GPS information and transmits it to the base station server 5, and the base station server 5 performs the electronic processing performed on the pre-signature XAdES data. Signature target data generating means for generating signature target data for long-term signature data (pre-signature XAdES data) using the received image time position information in order to receive the electronic signature value of the signature, and the generated signature target data Is transmitted to the electronic signature server, and an electronic signature value receiving unit is provided to receive the electronic signature value of the transmitted signature target data from the electronic signature server.
Further, the long-term signature server 3 uses the digital signature value to generate long-term signature data for the image GPS information (which may be any of the first, second, and third image GPS information). Long-term signature data generation means for generating long-term signature data of the image time position information using the value is provided.

  The long-term signature server 3 receives the public key certificate of the public key corresponding to the private key used for the electronic signature from the base station server 5 and generates the pre-signature XAdES data including the public key certificate. A public key certificate receiving unit configured to receive a public key certificate of a public key corresponding to a secret key used for the electronic signature from the electronic signature server, wherein the signature target data generation unit includes the received public key certificate Is included in the signature target data.

The long-term signature server 3 obtains a time stamp for the received electronic signature value in order to have the time stamp server 2 issue a time stamp to the hash value of the SignatureValue (the electronic signature value is stored). Means.
The long-term signature server 3 generates the public key certificate (the electronic signature value is verified by verifying the public key certificate) and the verification information for verifying the time stamp. Verification information generating means for generating verification information for verifying the stamp is provided.
The long-term signature server 3 creates the ES-XL using the pre-signature XAdES data, the SignatureValue, the signature time stamp, and the verification information. A basic signature data generating means for generating basic signature data (ES-XL) including the time stamp (signature time stamp) and the verification information, and an ATS for verifying the ES-XL for a predetermined period In order to acquire (1st), long-term verification information acquisition means for acquiring long-term verification information (ATS (1st)) for verifying the generated basic signature data for a predetermined period is provided.
The long-term signature data generation means generates the long-term signature data (ES-A (1st)) in addition to the acquired long-term verification information (ATS (1st)) in addition to the generated basic signature data (ES-XL). doing.

The long-term signature server 3 transmits the hash value target data creation data for creating the ATS (1st) to the mobile terminal 6 and the user terminal, and the first image GPS information is included in the hash value target data creation data. In order to receive the calculated hash value, information for creating long-term verification information (data for creating hash value target data) for creating long-term verification information (ATS (1st)) is used as the image data, the shooting position, Long-term verification information creation information transmitting means for transmitting to a predetermined terminal (portable terminal 6 or user terminal) having the shooting date and time, and the transmitted long-term verification information creation information to the image data, the shooting position, and Long-term verification function value reception for receiving a long-term verification function value (hash value) calculated by a predetermined function (hash function) by adding the shooting date and time from the predetermined terminal And it includes a stage.
Then, since the long-term signature server 3 adds the time stamp to the hash value by the time stamp server 2 and acquires ATS (1st), the long-term verification information acquisition unit adds the time stamp to the received long-term verification function value. To obtain the long-term verification information.

Further, the long-term signature server 3 receives the long-term signature data from the mobile terminal 6 or the user terminal, extracts the latest generation ATS, and acquires the next-generation ATS for verifying the ATS for a predetermined period. Long-term signature data receiving means for receiving long-term signature data from a predetermined terminal (such as portable terminal 6 or user terminal), and long-term verification information extracting means for extracting long-term verification information (newest ATS) from the received long-term signature data; , A long-term verification information acquisition unit for acquiring long-term verification information (next-generation ATS) for verifying the extracted long-term verification information for a predetermined period is provided.
Then, the long-term signature server 3 adds the next generation ATS to the ES-A and updates the ES-A. Therefore, the long-term signature data generation means adds the acquired long-term verification information to the received long-term signature data. In addition, the long-term signature data is updated.

Then, when generating the next generation ATS, the long-term signature server 3 generates the next generation hash value target data creation data and transmits the data to the portable terminal 6 or the user terminal. From the portable terminal 6 or the user terminal, In order to receive the hash value calculated by adding the first image GPS information to the next-generation hash value target data creation data, the second long-term verification information creation information (next generation The long-term verification information creation information) for transmitting the hash value target data creation data) to the predetermined terminal (the mobile terminal 6 or the user terminal), and the transmitted long-term verification information creation information A second long-term verification function value (hash value) calculated by a predetermined function (hash function) by adding the image data, the shooting position, and the shooting date / time is received from the predetermined terminal. And a long-term verification function value receiving means again for.
Since the long-term signature server 3 has the time-stamp server 2 issue a time-stamp to the next-generation ATS, the second long-term verification information acquisition unit receives the received second long-term verification function value. The second long-term verification information is acquired by giving a time stamp to.

Next, a method for verifying long-term signature data will be described using the flowchart of FIG.
The following verifier terminal is a user terminal that acquires long-term signature data and first image GPS information and verifies the first image GPS information using the long-term signature data.
For example, it is assumed that the second party receives the long-term signature data and the first image GPS information created by the first party, and the second party verifies this at the verifier terminal.

The verifier terminal stores long-term signature data and first image GPS information. If the first image GPS information is verified by the long-term signature data, the shooting date and time, the shooting location, and the image data of the first image GPS information are verified.
Alternatively, the verifier terminal may acquire the image data, the shooting date and time, and the shooting location, and generate the first image GPS information from these.

First, the verifier terminal transmits long-term signature data to the long-term signature server 3 (step 605), and the long-term signature server 3 receives this (step 610).
Next, the verifier terminal generates the third image GPS information from the first image GPS information and transmits it to the long-term signature server 3 (step 615), and the long-term signature server 3 receives this. (Step 620).

Next, the long-term signature server 3 verifies the third image GPS information (step 625).
This process is performed by comparing the third image GPS information transmitted from the verifier terminal with the third image GPS information in the XAdES of the long-term signature data and confirming that they match.
Next, the long-term signature server 3 verifies the public key certificate (signature certificate) (step 630).
This verification is performed by using the certificate group and the revocation information group included in the verification information to confirm that the certification path is connected and that the certificate on the certification path has not been revoked.

Next, the long-term signature server 3 verifies the signature value (step 635).
This verification is performed by decrypting the signature value of the SignatureValue with the public key extracted from the public key certificate, calculating the hash value of the SignedInfo, and confirming that the decrypted value matches the hash value. Is called.
Next, the long-term signature server 3 verifies the STS (step 640).
This verification is performed by calculating the hash value of SignatureValue and confirming that this matches the hash value described in the STS.

Next, the long-term signature server 3 verifies the STS certificate (signature time stamp certificate) (step 645).
This verification is performed by decrypting and confirming the TSA signature value with the TSA certificate, using the certificate group and the revocation information group included in the verification information to connect the certification path of the STS certificate, and on the certification path. This is done by confirming that the certificate has not been revoked.

  Next, the long-term signature server 3 creates data before the first image GPS information is combined with the ATS target data from the data included in the ES-XL to create the hash value target data creation data, This is transmitted to the verifier terminal (step 650).

When the verifier terminal receives the data for creating the hash value target data, the verifier terminal combines and adds the first image GPS information to the data to create the hash value target data (step 655).
Next, the verifier terminal calculates a hash value of the hash value target data and transmits it to the long-term signature server 3 (step 660).

When the long-term signature server 3 receives the hash value from the verifier terminal, the long-term signature server 3 verifies the hash value of the ATS (1st) by confirming that the hash value described in the ATS (1st) matches ( Step 665).
Next, the long-term signature server 3 obtains a certificate (root certificate) for creating an authentication path for the ATS (1st) certificate from the server itself (step 670).

Next, the long-term signature server 3 obtains the certificate revocation information on the certification path from the repository server 11 (steps 675 and 680).
The long-term signature server 3 verifies the ATS (1st) certificate by confirming that the certification path is connected and that the certificate on the certification path has not expired (step 685).

Next, the long-term signature server 3 performs XAdES verification (step 690).
This verification is performed by confirming that the time consistency between each certificate, each revocation information, and each time stamp can be obtained, and confirming the format consistency.
The long-term signature server 3 generates a verification result by the above verification and transmits it to the verifier terminal (step 695).
Then, the verifier terminal receives the verification result from the long-term signature server 3 and presents it to the verifier (step 700).
In addition, when ATS is ATS (2nd), ATS (3rd), and lower generations, the same verification is performed.

As described above, according to the above verification method, the verifier can verify the long-term signature data with the long-term signature server 3 while holding the image data in the verifier terminal.
Therefore, for example, if Party A provides the first image GPS information and long-term signature data to Party B and does not want to pass the image data to a party other than Party B, Party B does not provide the image data to long-term signature server 3. In addition, the validity of the image data based on the long-term signature data can be confirmed, and the validity of the photographing date and time and the photographing place can also be confirmed.

Further, even if the algorithm used for generating the ES-T is compromised, the evidence of the ES-A (1st) is not lost until the algorithm used for generating the ATS (1st) is compromised.
If there is a possibility that the algorithm used to generate ATS (1st) may be compromised, the evidence will not be lost if ATS (2nd) is given with the latest algorithm.
Thereafter, evidence can be maintained for the future by continuing generations with the latest algorithms.

The following configuration can be obtained by the verification method described above.
In the following configuration, the original data is data to be verified as long-term signature data, and in the present embodiment, image GPS information (first, second, and third image GPS information) corresponds.
In order to verify the authenticity of the original data, comprising long-term verification information including signature target data, verification information for verifying the signature target data, and long-term verification information for verifying the signature target data and the verification information for a predetermined period Long-term signature data receiving means for receiving the long-term signature data from the verifier terminal, extracting predetermined information included in the signature target data to create long-term verification information creation information, and creating the created long-term verification information Long-term verification information creation information transmitting means for transmitting information to the verifier terminal, and long-term verification information calculated by a predetermined function by adding the original data to the transmitted long-term verification information creation information from the verifier terminal Long-term verification information creation function value receiving means for receiving a creation function value, and long-term verification information verification using the received long-term verification information creation function value Long-term signature verification server for the witness information verification unit, characterized by comprising a (first configuration).
A signature target data verification unit that verifies the signature target data using the verification information, wherein the long-term verification information verification unit verifies the long-term verification information after verification by the signature target data verification unit; The long-term signature verification server of the first configuration (second configuration).

Thus, according to the present embodiment, the signature on the original data can be verified on the server side without passing the original data to the server side.
In this case, the terminal uses the function value of the original data according to a predetermined function, the signature data of the original data (the signature value obtained by encrypting the function value of the original data with the secret key, and the public key certificate of the public key corresponding to the secret key). The server decrypts the signature value with the public key, extracts the function value, compares the extracted function value with the function value transmitted by the terminal, determines the validity of the original data, The validity of the public key certificate is confirmed using the certificate related to the certification path.
Further, when the signature data is a long-term signature, the server creates information excluding the original data from the information for creating a function value for confirming the long-term signature using the information constituting the signature data. To the terminal.
In contrast, the terminal adds original data to the information, calculates a function value based on a predetermined function, and transmits the function value to the server. The server verifies the validity of the long-term signature using the function value.

  As described above, in this embodiment, the original data (image GPS information) to be signed is grouped into a plurality of original data (image hash value, current date time hash value, current position hash value) as one ES-A. Can be created.

In addition, based on this embodiment demonstrated above, it can be set as the following structures 1-5 as a server for electronic signatures.
(1) Configuration 1
In the configuration 1, the communication unit that communicates with the mobile terminal, the image specifying information that specifies the image data of the subject captured by the mobile terminal, and the shooting position at the time of the shooting are specified from the communicating mobile terminal. Image time position information receiving means for receiving image time position information including shooting position specifying information and shooting date / time specifying information for specifying the shooting date / time of the shooting, and a current position for detecting the current position of the portable terminal A detection means, a current date / time acquisition means for acquiring the current date / time, and a shooting position of the received image time position information matches the detected current position within a predetermined range, and the received image time / position information And the received image time position information when it is determined that the determination means matches with the acquired current date and time within a predetermined range. To provide an electronic signature server, characterized by comprising a signature means for performing an electronic signature, the for.
(2) Configuration 2
In Configuration 2, when the determination unit determines that they match, the image time position information transmission unit that transmits the image time position information to a predetermined server that creates long-term signature data, and the transmitted image time position information are used. Signature target data receiving means for receiving the signature target data for the long-term signature data created in the above, wherein the signature means electronically signs the received signature target data to An electronic signature server according to Configuration 1, which performs electronic signature, is provided.
(3) Configuration 3
In the configuration 3, the public key certificate transmitting means for transmitting the public key certificate of the public key corresponding to the private key used for the electronic signature to the predetermined server before the electronic signature is made by the signing means, and the signature The electronic signature server according to Configuration 2, further comprising: an electronic signature value transmitting unit that transmits the electronic signature value electronically signed by the unit to the predetermined server.
(4) Configuration 4
In Configuration 4, the electronic signature server according to Configuration 1, Configuration 2, or Configuration 3 is provided, wherein the image specifying information is a function value obtained by calculating the image data with a predetermined function.
(5) Configuration 5
In Configuration 5, the current position detection unit detects an area where the mobile terminal is present, and the determination unit determines that the shooting position of the received image time position information is within the detected area. An electronic signature server according to any one of Configurations 1 to 4 is provided, wherein it is determined that a shooting position and the current position match within a predetermined range.

DESCRIPTION OF SYMBOLS 1 Long-term signature system 2 Time stamp server 3 Long-term signature server 4 Network 5 Base station server 6 Portable terminal 10 Repository server 11 Repository server

Claims (7)

A function value obtained by calculating a predetermined function of image data of a subject photographed by the portable terminal from a server for electronic signature communicating with the portable terminal, photographing position specifying information for specifying a photographing position at the time of photographing, and the photographing Image time position information receiving means for receiving image time position information including image date / time specifying information for specifying the image date / time of
Signature target data generating means for generating signature target data for long-term signature data using the received image time position information;
Signature target data transmitting means for transmitting the generated signature target data to the electronic signature server;
An electronic signature value receiving means for receiving an electronic signature value of the transmitted signature target data from the electronic signature server;
Long-term signature data generating means for generating long-term signature data of the image time position information using the received electronic signature value;
A server for long-term signatures. Comprising public key certificate receiving means for receiving a public key certificate of a public key corresponding to a secret key used for the electronic signature from the electronic signature server,
The long-term signature server according to claim 1, wherein the signature target data generation unit includes the received public key certificate in the signature target data. Time stamp obtaining means for obtaining a time stamp for the received electronic signature value;
Verification information generating means for generating verification information for verifying the electronic signature value and the time stamp;
Basic signature data generating means for generating basic signature data including the signature target data, the electronic signature value, the time stamp, and the verification information;
Long-term verification information acquisition means for acquiring long-term verification information for verifying the generated basic signature data for a predetermined period,
The long-term signature server according to claim 2, wherein the long-term signature data generation unit generates long-term signature data by adding the acquired long-term verification information to the generated basic signature data. Long-term verification information creation information transmission means for transmitting long-term verification information creation information for creating long-term verification information to a predetermined terminal having the image data, the shooting position, and the shooting date and time;
Long-term verification function value receiving means for receiving a long-term verification function value calculated from a predetermined function by adding the image data, the shooting position, and the shooting date / time to the transmitted long-term verification information creation information; ,
Comprising
4. The long-term signature server according to claim 3, wherein the long-term verification information acquisition unit acquires the long-term verification information by adding a time stamp to the received long-term verification function value. Long-term signature data receiving means for receiving long-term signature data from a predetermined terminal;
Long-term verification information extracting means for extracting long-term verification information from the received long-term signature data;
A second long-term verification information acquisition means for acquiring a second long-term verification information for verifying the extracted long-term verification information for a predetermined period;
Comprising
5. The long-term signature data generation unit updates the long-term signature data by adding the acquired long-term verification information to the received long-term signature data, and updates the long-term signature data. A signing server. Re-long-term verification information creation information transmitting means for transmitting re-long-term verification information creation information for creating re-long-term verification information to the predetermined terminal;
The second long-term verification function value calculated by a predetermined function by adding the image data, the shooting position, and the shooting date / time to the transmitted second long-term verification information creation information is received from the predetermined terminal again. A verification function value receiving means;
Comprising
The long-term signature server according to claim 5, wherein the second long-term verification information acquisition unit adds the time stamp to the received second long-term verification function value to acquire the second long-term verification information. . The electronic signature server is:
Communication means for communicating with a mobile terminal, image specifying information for specifying image data of a subject photographed by the mobile terminal from the communicating mobile terminal, and shooting position specifying information for specifying a shooting position at the time of shooting Image time position information receiving means for receiving image time position information including the shooting date and time specifying information for specifying the shooting date and time of the shooting, and current position detecting means for detecting the current position of the portable terminal, Current date and time acquisition means for acquiring the current date and time, and the shooting position of the received image time position information coincides with the detected current position within a predetermined range, and the shooting date and time of the received image time position information Is determined to match the acquired current date and time within a predetermined range, and when it is determined that the determination means match, the received image time position information is electronically And signature means for performing a name,
An electronic signature server comprising:
The long-term signature server according to any one of claims 1 to 6, wherein the long-term signature server is provided.

Images