200302988 (1) 玖、發明說明 【發明所屬之技術領域】 本發明係有關一種x.5〇9型憑證之儲存及傳輸方法 【先前技術】 例J X. 5 〇9型憑證等的電子憑證是與以電子方式識 別持有人有關的所有事項之〜組資訊。係由承擔識別擁有 此種控憑g登的持有人的身分之公認管理機構提供此種憑證 〇 ϋ就是提供該憑證的管理機構可根據其所保證的程度 而要求憑證持有人保證其身分(例如,由一公證人確認其 身分)之原因。 大致係由對應於憑證發出機構的一部分及對應於憑證 持有人的一部分(此部分被稱爲“明示的”“ e χ p 1 i c i t,,) 部分)構成該憑證。 對應於該管理機構的該部分對該管理機構所提供的所 有憑證而言都是相同的。該部分被稱爲“默示的”( “implicit”)部分。 爲了使這兩部分成爲不可分離的狀態,一憑證包含針 對這兩部份而利用該管理機構的私密金鑰所撰寫的一數位 簽章。 當亦一儲存伺服器接收到此種憑證時,利用憑證發出 機構的公開金鑰來驗證該數位簽章。可在自該憑證發出機 -6- (2) (2)200302988 構發出的憑證中找到該公開金鑰。如前文所述,該數位簽 章可讓相關人員驗證憑證內容的可信賴性。通常係將這些 憑證以及作爲該憑證發出機構的憑證之根憑證(root certificate)儲存在一電腦的一儲存單元中。 因此,大家關注到處理一被儲存在一抽取式支援儲存 媒體的一憑證而可以身分鑑定模組之方式運用之方法。 因此,一簡單的軟碟即足以運送該憑證,而支援隨時 將此種憑證傳送給一使用者。 然而,該原則並未使私密金鑰的儲存有足夠的安全性 ,而私密金鑰也是線上交易作業所必需的。 【發明內容】 這就是本發明的目的在於保證電子憑證的可攜帶性及 私密金鑰的安全性之原因。 事實上,重要的是不得將該憑證用於諸如身分篡奪( identity usurpation)、非所需交易之授權、或交易複製 (重複交易)等的憑證持有人所無法控制的用途。 一種用於電子憑證的儲存及傳輸方法達到了上述的目 的,該憑證具有一用於憑證發出機構的一管理機構部分、 用於憑證持有人的一持有人部分、及該憑證發出機構所決 定的一數位簽章部分,該方法之特徵在於··該持有人部分 的全部或部分係被存放在一抽取式安全模組中,且至少該 管理機構部分係被存放在一主電腦中。 該方法也有減少該安全模組中儲存的資訊量之優點。 (3) (3)200302988 該模組的形式可以是一微晶片卡、具有PCMCIA或 USB介面之一模組,甚至可以是無須接觸的一傳輸模組 〇 . 網際網路上的交易程式需要藉由一 X · 5 〇 9型憑證而 進行身分鑑定。已制定該憑證的一部分可以是許多的使用 者所共有的,並代表了發出此種憑證的管理機構所適用的 該部分(默示的部分)。 因此,本發明之優點在於只將每一使用者所適用的部 分(明示的部分)儲存在該抽取式支援儲存媒體中,而在 本發明的例子中,該安全模組是一微晶片卡。此種方式避 免了資料的冗餘,因而可更有效地使用記憶體。 事實上,在這些模組中,具有契約型內容的資料儲存 是較佳的,例如由持有人所進行之交易。 雖然該憑證被分成若干部分,但是憑證發出機構對該 管理機構部分及持有人部分整體的數位簽章可重新建立這 兩個資料項間之關係。 因此,如果這兩部分中之一個部分被修改了,則唯一 映射値(unique image )不會與利用該憑證發出機構的公 開金鑰對該數位簽章計算出的身分鑑定値相同。 我們可藉由數位簽章而了解在決定該數位簽章所考慮 的資料之一唯一映射値(利用諸如雜湊函數(Hash function))並以簽署該數位簽章的實體的私密金鑰將該 唯一映射値加密之程序。建立該數位簽章所用的演算法是 一種非對稱型的加密。 -8- (4) (4)200302988 驗證此種數位簽章時,係利用該實體的公開金鑰將所 接收的數位簽章解密,然後將該値與對該資料所進行的唯 一映射値之結果比較,以便執行身分鑑定。如果該解密値 與該唯一映射値相同,則將該憑證視爲可信賴的,且該憑 證具有資料完整性。 【實施方式】 圖1示出由安全模組 SM提取根憑證的公開金鑰 之程序。 根憑證 RC A是憑證發出機構的憑證。該單元要求 STB主機單元傳送與持有人的憑證 TCI1相關聯之根憑 證 RC A。該根憑證包含該憑證發出機構的公開金鑰 C APU 〇該金鑰可以持有人的憑證之默示部分及明示部分 來鑑定該持有人的重新構成之憑證。該STB主機單元將 該根憑證傳送到該安全模組 SM ,以便提取該公開金鑰 CAPU。在將該持有人的憑證安裝到該安全模組時,該安 全模組保存係爲雜湊函數對該根憑證 RCA運算結果的 映射値 Η 5。 在提取公開金鑰 CAPU (請參閱模組 X)的同時, 在方塊 Β中以雜湊函數對該根憑證的明示資料及默示資 料執行運算(明示資料=憑證發出機構的部分,默示資 料=爲該憑證發出機構簽證的管理機構之部分),並將 所得結果 Η5 ’與原始儲存的參考値 Η5比較。如果這 兩個値不同,則停止該身分鑑定作業,並通知該主機單元 -9 - (5) (5)200302988 當這兩個値 H5及 H5 ’相等時,即保證了該憑證 發出機構的公開金鑰,且可將該公開金鑰用於該持有人的 重新構成之憑證的身分鑑定作業。 如果該 STB主機單元並無該根憑證,則該 STB主 機單元可經由網際網路向諸具有一憑證目錄(CDir )且容 許擷取所需憑證(CAl,CA2,CAn)的一網站要求該根憑證 〇 在圖 2中,示出了 一第一智慧卡 SM1,係將持有 人的明示部分 TCE1及其密鑰 TS1儲存在該第一智慧 卡 SM1。該 STB主機單元內設有目前被稱爲瀏覽器的 網際網路接取軟體 B R。 論及身分鑑定功能,該程式具有可與該智慧卡溝通的 安全軟體 S A。亦可完整傳輸該憑證,因此,該憑證包含 管理機構部分 T C11的資料。 該 S TB主機單元亦經由網際網路而連結到世界上的 其他區域,例如連結到伺服器 P S 1、P S 2,以便取得憑證 發出機構的資料 CauD、與時間有關的資訊 TSAu、以及 與根憑證目錄有關的資料 CD ir*。 在該安全模組 SM與該 STB主機單元之間進行傳 輸時,係根據大部分在該安全模組上開始的一程序,而將 與該持有人部分 TCE 1有關的資料傳送到該主機單元。 下文中將更詳細地說明該作業。 係以圖3所示之程序來驗證該憑證的完整性。在本 -10- (6) (6)200302988 文中以 STB方塊來代表的多媒體單元或主機單元傳輸該 安全模組 SM的目的地主機單元中存放的憑證之資料。 爲了達到此目的,如果該 S TB主機單元中存放了完整的 “管理機構”部分(默示部分),則亦可將該“使用者” 部分(明示部分)儲存在該主機單元,其餘的部分則被放 置在該安全模組 SM。 係將該 STB主機單元所供應的資料及該安全模組的 記憶體的資料 TCE1所供應的資料編排在模組 A中。 此處請務必注意,不只是將該安全模組的資料 TCE 1傳 送到該 STB主機單元而已,而且還有控制該作業的安全 模組 SM。 模組 A重新構成之資料被重新導向該 S TB主機單 元,且構成將被傳送到一服務提供者的憑證CERT。模組 A係以一同步器之方式作業,並根據所構成的成分區段 TCE、TCI、SCAT所揭示之預定格式,.而重新構成該憑 證。 在模組 A中重新構成之憑證中,係自來自該STB 主機單元的該持有人之憑證提取數位簽章SCAT (請參閱 模組 X )。 將不包含數位簽章 SCAT的所收集資料傳送到模組 B ,該模組 B的工作是決定來自這些資料的集合之一唯 一*映射値。 一雜湊函數(單向且不會有映射衝突(collision)的 雜湊函數)按照一精確的順序對該資料集執行運算 Η二 -11 - (7) (7)200302988 f(TCEl,TCI1),而得到該映射値。我們當了解,不會有 任何不同的資料集在該函數運算下產生相同的結果。因而 係由一單向且不會有雜湊型映射衝突的雜湊函數產生該映 射値。所使用的演算法可以是 SH A - 1或 MD5型,且 該映射値表示了該資料集的唯一性。 憑證中指定了所要使用的演算法類型。將該映射値保 存在模組 B 1中,以供未來使用。 爲了驗證該憑證的兩個部分是否爲構成整體所必需的 且爲可信賴的,該安全模組SM提取該憑證的數位簽章 SCAT ,並利用憑證發出機構的公開金鑰 CAPU在模組 C 中將該數位簽章 S C AT解密。 對於該作業而言,要考慮到該憑證中包含的參數,而 該等參數描述了簽章類型及金鑰的長度。 在模組 D中,計算基準値 B 1 ’,並將該基準値 B 1 ’與該唯一映射値 B 1比較。如果這兩個値相符,則該 憑證是可信賴的,且可將該憑證用於模組 E所揭示的未 來作業中。如果這兩個値不相符,則該智慧卡 SM將拒 絕每一交易作業,並將通知該S TB主機單元。 圖 4示出將於下文中說明的授權一交易之作業。如 果對該憑證的身分鑑定測試結果是肯定的(請參閱圖3 之模組 D及 E ),則該 STB主機模組可將有數位簽 章的交易傳送到伺服器 P S 1、P S 2。存放有接受規則的安 全模組 SM之模組 F可過濾一交易 Q。事實上,可決 定一最大量或列舉一份機構淸單,而該最大量或該份機構 -12- (8) (8)200302988 淸單都是該安全模組 SM的持有人可接受的。這些條件 可包括該持有人的憑證之有效期限日期。 一旦該交易已成功地通過了模組F的過濾器,則該 交易將出現在模組B,而模組B將以一雜湊函數H2 對該交易 Q的組合進行計算。儲存結果 B 2 ,以供後續 的使用。然後以私密金鑰 T S 1簽署該値 H2 ,以便形成 交易簽章 SQTM。模組 A2組合交易 Q的資料及該交 易的簽章 SQTM,以便將組合後的資料傳送到該 STB 主機單元。根據本發明的一變形,可將由時間 TM 作判 定基準的該交易之有效期限加入該交易 Q。 決定該時間的一種方式是使用可以是現在時間的一時 戳 T,並加上有效持續時間?τ。因而可以 TM = T + ?T 來表示該時間 ΤΜ。 在模組 Β中決定該雜湊函數時以及在模組 Α2中 決定該資料集時,將該有效期限 ΤΜ加入交易 Q。當服 務供應商接收到該交易時,該服務供應商將驗證是否未超 過該期限。 根據本發明的一變形,如果到達某一交易量,則可使 有效期限 ΤΜ的使用成爲一種必須事項。 在圖 5中,將說明該 S Τ Β主機單元所提供的時間 鑑定作業,這些時間資料包含該時戳 Τ、一隨機部分 R 、及對前兩項資料的一數位簽章。將該時戳 Τ以及該隨 機部分 R及數位簽章 STA傳送到該安全模組 SM。以 該時戳 Τ作爲開始,將該時戳Τ加上有效持續時間 -13- (9) (9)200302988 ? T,而決定有效期限ΤΜ。利用該期限來界定可以該時間 標示一交易的最長持續時間。 可以與前文所述作業相同之方式執行該鑑定,亦即, 在模組 Α中組合該時戳 T及該隨機部分 R之後,以 一雜湊函數對該組合後的資料進行計算。 將中間結果儲存在模組 B 3中,以供後續的使用。 於決定 B3 ’値時(模組 C ),將使用係爲提供該時 間的管理機構的公開金鑰之金鑰 TSPU。 若安全模組 SM中並未存有該金鑰 TSPU,則經由 該 S TB主機單元而傳送一要求,以便尋找與包含該金鑰 的與該時間 T的發出機構有關之憑證。 然後將該計算出的 B ’ 3値與資料 T及 R的唯一 映射値比較(模組 D ),以便決定該時間是否爲可信賴 的。 在圖 6中,示出了憑證及交易(以及或有的時間及 與交易有關的其他資料)之組合作業。係在模組 A中組 織該憑證的先前値 B 1、該交易 B、及時間 B 3 ,並將該 等値傳送到模組 B ,以便決定雜湊函數。然後以持有人 的密鑰 TS1簽署該値。其結果是數位信封(envelope) 、憑證組合、交易、及時間的數位簽章 SETM。 該數位信封係示於圖 7。 由於記憶體的管理是一安全模組中之一重要面向,所 以係根據由每一步驟的雜湊函數而求得的値來決定該包封 訊息的數位簽章S E T Μ。前文所述之方式可連結所有的資 -14- (10) (10)200302988 料,並保證該訊息的每一部分並未被更動。 亦可分別取得每一組成部分,然後對這些組成步驟計 算雜湊函數,而計算出一包封訊息的數位簽章。 然而,此種方法涉及將整個訊息存放在記憶體中,以 便執行該作業。 【圖式簡單說明】 若閱讀前文中之詳細說明,並參閱提供了非限制性例 子的各附圖,將可更易於了解本發明,這些附圖有: 圖 1示出憑證發出機構的憑證之驗證; 圖 2示出該憑證的兩個部分之組態; 圖 3示出重新構成的憑證之身分鑑定; 圖 4示出一交易之處理方法; 圖 5示出時間的鑑定方法; 圖 6示出對資料集的終結簽章;以及 圖 7示出所傳送的訊息。200302988 (1) 发明. Description of the invention [Technical field to which the invention belongs] The present invention relates to a method for storing and transmitting an x.509 type voucher [prior art] Example J X. 5 type 0.9 voucher and other electronic vouchers are Group information on all matters related to the electronic identification of the holder. Such a certificate is provided by a recognized management agency that is responsible for identifying the holder of such a voucher. Ϋ That is, the management agency that provides the certificate can require the certificate holder to guarantee its identity according to the degree it guarantees. (For example, their identity is confirmed by a notary public). The voucher is roughly composed of a part corresponding to the issuing authority and a part corresponding to the holder of the voucher (this part is referred to as the "explicit" "e x p 1 icit," part). The voucher corresponding to the management agency This section is the same for all certificates provided by the regulatory agency. This section is called the "implicit" section. To make the two sections inseparable, a certificate contains These two parts use a digital signature written by the private key of the management organization. When a storage server receives such a certificate, it uses the public key of the certificate issuing organization to verify the digital signature. The public key was found in the certificate issued from the certificate issuing machine-6- (2) (2) 200302988. As mentioned earlier, this digital signature allows the relevant person to verify the credibility of the certificate content. Usually it is These credentials and the root certificate that serves as the credential issuing authority are stored in a storage unit of the computer. Therefore, everyone is concerned about processing Retrieval supports a method of storing a credential of a storage medium and can be used as an authentication module. Therefore, a simple floppy disk is sufficient to transport the credential, and supports the transmission of such credential to a user at any time. However, the principle The storage of the private key is not sufficient, and the private key is also necessary for online transaction operations. [Summary] This is the purpose of the present invention to ensure the portability of the electronic certificate and the security of the private key. In fact, it is important not to use the voucher for purposes beyond the control of the voucher holder such as identity usurpation, authorization of unwanted transactions, or transaction duplication (repeated transactions). A method for storing and transmitting an electronic voucher achieves the above-mentioned object. The voucher has a management part for a voucher issuing organization, a holder part for a voucher holder, and a voucher issuing agency. A digital signature part of the decision, the method is characterized in that all or part of the holder part is stored in a draw The security module, and at least part of the management organization is stored in a host computer. This method also has the advantage of reducing the amount of information stored in the security module. (3) (3) 200302988 The form of the module can be A microchip card, a module with a PCMCIA or USB interface, or even a transmission module that does not need to be contacted. Transaction programs on the Internet need to be authenticated with an X.509 certificate. Already A part of formulating the certificate may be common to many users, and represents the part (the implied part) applicable to the management authority that issues such a certificate. Therefore, the advantage of the present invention is that only each user The applicable part (expressed part) is stored in the removable support storage medium, and in the example of the present invention, the security module is a microchip card. This method avoids data redundancy and allows more efficient use of memory. In fact, in these modules, contractual data storage is better, such as transactions conducted by the holder. Although the voucher is divided into several parts, the digital signature of the issuing body of the voucher for the management part and the holder part as a whole can re-establish the relationship between the two data items. Therefore, if one of these two parts is modified, the unique image 値 (unique image) will not be the same as the identity 値 calculated for the digital signature using the public key of the issuing authority. We can use the digital signature to understand the unique mapping of one of the data considered in determining the digital signature (using, for example, a hash function) and the unique signature of the entity that signed the digital signature with the unique signature Mapping and encryption procedures. The algorithm used to create the digital signature is an asymmetric encryption. -8- (4) (4) 200302988 When verifying such a digital signature, the public digital key of the entity is used to decrypt the received digital signature, and then this card is uniquely mapped to the data Compare results to perform identification. If the decryption 値 is the same as the unique mapping ,, the credential is considered trustworthy and the credential has data integrity. [Embodiment] Fig. 1 shows a procedure for extracting the public key of the root certificate by the security module SM. The root certificate RC A is the certificate of the issuing authority. This unit requires the STB host unit to transmit the root certificate RC A associated with the holder's certificate TCI1. The root certificate contains the public key C APU of the certificate issuing authority. The key can be used to identify the holder's certificate by the implied and explicit parts of the certificate. The STB host unit transmits the root certificate to the security module SM in order to extract the public key CAPU. When the holder's certificate is installed to the security module, the security module saves it as a hash function mapping to the root certificate's RCA operation result Η Η 5. While extracting the public key CAPU (see module X), a hash function is performed on the explicit and implicit data of the root certificate in a hash function in box B (explicit data = part of the issuing authority, implied data = Part of the governing body that issued the institutional visa for this voucher) and compare the result Η5 'with the original stored reference 値 Η5. If the two badges are different, stop the identification and notify the host unit -9-(5) (5) 200302988 When the two badges H5 and H5 'are equal, the disclosure of the voucher issuing organization is guaranteed Key, and the public key can be used for identification of the holder's reconstructed certificate. If the STB host unit does not have the root certificate, the STB host unit may request the root certificate from a website having a certificate directory (CDir) and allowing retrieval of required certificates (CAl, CA2, CAn) via the Internet. 〇 In FIG. 2, a first smart card SM1 is shown, and the holder's explicit part TCE1 and its key TS1 are stored in the first smart card SM1. The STB host unit is equipped with Internet access software B R, currently called a browser. Regarding the identification function, the program has security software S A that can communicate with the smart card. The certificate can also be transmitted in its entirety, therefore, the certificate contains the data of the management part T C11. The S TB host unit is also connected to other regions of the world via the Internet, such as servers PS 1, PS 2 in order to obtain the data CauD of the issuing authority, the time-related information TSAu, and the root certificate. Directory-related information CD ir *. During the transmission between the security module SM and the STB host unit, the data related to the holder part TCE 1 is transmitted to the host unit according to a procedure most started on the security module. . This operation is explained in more detail below. The procedure shown in Figure 3 is used to verify the integrity of the certificate. In this -10- (6) (6) 200302988 the multimedia unit or host unit represented by the STB box transmits the data of the certificate stored in the destination host unit of the security module SM. In order to achieve this, if the STB host unit has a complete "management agency" part (implicit part), then the "user" part (explicit part) can also be stored in the host unit, and the rest It is placed in the security module SM. The data supplied by the STB host unit and the data of the memory of the security module TCE1 are arranged in module A. It is important to note here that not only the data TCE 1 of the security module is transmitted to the STB host unit, but also the security module SM which controls the operation. The reconstituted data of module A is redirected to the STB host unit and constitutes a certificate CERT to be transmitted to a service provider. Module A works as a synchronizer and reconstructs the certificate according to the predetermined format disclosed by the constituent sections TCE, TCI, and SCAT. In the reconstructed certificate in module A, the digital signature SCAT is extracted from the certificate of the holder from the STB host unit (see module X). The collected data that does not contain the digital signature SCAT is transmitted to module B, whose job is to determine one of the unique * mappings from the set of these data. A hash function (a one-way hash function without mapping collisions) performs an operation on the data set in a precise order. II-11-(7) (7) 200302988 f (TCEl, TCI1), and Get the map 値. We should understand that no different data set will produce the same result under the operation of this function. Therefore, the mapping 产生 is generated by a one-way hash function without hash mapping conflicts. The algorithm used can be SH A-1 or MD5, and the mapping 値 represents the uniqueness of the data set. The type of algorithm to be used is specified in the credentials. Save this mapping in module B 1 for future use. In order to verify whether the two parts of the certificate are necessary and reliable, the security module SM extracts the digital signature SCAT of the certificate, and uses the public key CAPU of the certificate issuing authority in module C. Decrypt the digital signature SC AT. For the job, take into account the parameters contained in the certificate, which describe the type of signature and the length of the key. In module D, a reference 値 B 1 ′ is calculated, and the reference 値 B 1 ′ is compared with the unique map 値 B 1. If the two terms match, the voucher is trustworthy, and the voucher can be used in future operations disclosed by Module E. If the two frames do not match, the smart card SM will reject every transaction and will notify the STB host unit. FIG. 4 shows the operation of authorizing a transaction which will be described later. If the identification test result of the certificate is positive (see modules D and E in Figure 3), the STB host module can send digitally signed transactions to the servers P S 1, P S 2. Module F, which stores the security module SM that accepts the rules, can filter a transaction Q. In fact, it is possible to determine a maximum or enumeration of an organization's bill, and the maximum amount or the organization's -12- (8) (8) 200302988 bills are acceptable to the holder of the security module SM . These conditions may include the expiration date of the holder's credentials. Once the transaction has successfully passed the filter of module F, the transaction will appear in module B, and module B will calculate the combination of transaction Q with a hash function H2. Store result B 2 for later use. Then 値 H2 is signed with the private key T S 1 to form a transaction signature SQTM. Module A2 combines the data of transaction Q and the signature of the transaction SQTM, so as to transmit the combined data to the STB host unit. According to a variation of the present invention, the validity period of the transaction determined by time TM can be added to the transaction Q. One way to determine this time is to use a timestamp T, which can be the current time, plus a valid duration? τ. Thus TM = T +? T can be used to represent the time TM. When the hash function is determined in module B and the data set is determined in module A2, the validity period TM is added to transaction Q. When the service provider receives the transaction, the service provider will verify that the deadline has not passed. According to a variant of the invention, if a certain transaction volume is reached, the use of the expiration time TM can be made a necessity. In FIG. 5, the time identification operation provided by the STB host unit will be described. The time data includes the time stamp T, a random part R, and a digital signature of the first two data. The time stamp T and the random part R and the digital signature STA are transmitted to the security module SM. Taking the time stamp T as a starting point, the time stamp T is added with the effective duration -13- (9) (9) 200302988? T to determine the validity period TM. Use this period to define the maximum duration that a time can mark a transaction. The identification can be performed in the same manner as the operation described above, that is, after combining the time stamp T and the random part R in module A, the combined data is calculated with a hash function. The intermediate results are stored in module B 3 for subsequent use. When the decision B3 ′ 模组 is made (module C), the key TSPU which is the public key of the management agency providing the time will be used. If the key TSPU is not stored in the security module SM, a request is transmitted via the S TB host unit in order to find a certificate related to the issuing organization that includes the key at time T. The calculated B ′ 3 値 is then compared with the unique mappings 资料 of the data T and R (module D) in order to determine whether the time is trustworthy. In Figure 6, the combined operation of vouchers and transactions (and contingent time and other information related to transactions) is shown. The previous 値 B 1, the transaction B, and the time B 3 of the voucher are organized in module A, and the 値 is transmitted to module B to determine the hash function. The 値 is then signed with the holder's key TS1. The result is a digital signature SETM for digital envelopes, certificate combinations, transactions, and time. The digital envelope is shown in Figure 7. Since memory management is an important aspect of a security module, the digital signature S E T M of the encapsulated message is determined based on the 値 obtained from the hash function of each step. The method described above can link all the information and guarantee that every part of the message has not been changed. It is also possible to obtain each component separately, and then calculate a hash function for these component steps to calculate a digital signature of the envelope. However, this method involves storing the entire message in memory to perform the operation. [Brief description of the drawings] If you read the detailed description in the foregoing and refer to the accompanying drawings that provide non-limiting examples, the present invention will be easier to understand. These drawings are: Verification; Figure 2 shows the configuration of the two parts of the certificate; Figure 3 shows the identification of the reconstructed certificate; Figure 4 shows a transaction processing method; Figure 5 shows the time authentication method; Figure 6 shows A final seal on the data set is issued; and FIG. 7 shows the transmitted message.