201126992 六、發明說明: 【發明所屬之技術領域】 [0001] 本發明係涉及一種數位檔案時間證明系統,特別是指用 來提供證據證明數位檔案在某個時間點之前已經存在之 系統。 【先前技術】 【發明内容】 [0002] 一種數位檔案時間證明系統,包括:一數位稽案輪入程 序,用以輸入一數位檔案;一第一雜湊方法程序,用以 ^ 將該數位稽案產生一第一雜湊值.;一第二雜凑方法程序 ,用以將該數位檔案產生一第二雜湊值;一合併程序, 用以將該第一雜湊值及該第二雜湊值合併為—合併雜凑 訊息;以及一傳送程序’將該合併雜湊訊息傳送到一存 證位址;.其中該第一雜湊方法程序與該第二雜凑方法程 序不相同。 [0003] 因為在證明作品完成時間這.件事上,該證明必需要保持_ Q 長久的有效性,例如發明莖少要保留20年,著作權至少 要保留50年;而在這段不算短的時間内,雜凑方法是有 可能被破解的,所以要使用兩個以上不同的雜凑方法以 處理雜湊方法被破解的問題。 【實施方式】 v [0004] 請參閱第1圖,第1圖係本發明之流程圖,說明一種數位 檔案時間證明系統,包括:一數位檔案輸入程序(11〇), 用以輸入一數位檔案;一第一雜湊方法程序(21〇),用以 將該數位檔案產生一第一雜湊值(211); —第二雜凑方法 099101420 表單編號A0101 第3頁/共9頁 0992002770-0 201126992 程序(220 ),用以將該數位檔案產生—第二雜湊值(221) ;一合併程序(230),用以將該第—雜湊值及該第二雜湊 值合併為一合併雜湊訊息,該合併_湊訊息也可以更包 含一檔案名稱,該檔案名稱用以代表該數位檔案,以方 便管理β亥數位檔案與該合併雜湊訊息之間的關係丨以及 一傳送程序(300),將該合併雜湊訊息傳送到一存證位址 〇 [0005] 雜凑方法包含 M D 5、S H A1、S Η A - 2 2 4、S Η Α 5 6S Ιί Α ~ 384及SHA-512等雜湊演算法,其中該第一雜湊方法程序 與S亥第二雜凑方法程序不相同,因為在證明作品完成時 間這件事上,該證明必需要保持長久的有效性,例如發 明至少要保留20年,著作權至少要保留5〇年;而在這段 不算短的時間内,雜湊方法是有可能被破解的,所以要 使用兩個以上不同的雜湊方法以處理雜湊方法被破解的 問題,例如當第一雜凑方法被破解後,在第二雜湊方法 還沒有被破解前,使用者可以蔣第二雜湊方法程序產生 的第二雜湊值,再用一第三雜湊方法,產生一第三雜湊 值,忒第二雜凑方法與該第一雜凑方法及該第二雜湊方 法均不相同,並且存證該第三雜湊值,用以證明該第二 雜湊值在第二雜湊方法還沒有被破解前就已經出現。即 便將來第二雜湊方法也被破解,但因為有第三雜湊值及 第二雜湊值的存證時間,足以證明該第二雜湊值不可能 疋因為第一雜湊方法被破解才會產生的。 而該存證位址可以包含複數個電子郵件地址,因為目前 網路上有許多免費的電子郵件服務,例如H〇tmail、 099101420 表單編號A0101 第4頁/共9頁 0992002770-0 [0006] 201126992 Ο [0007] ❹ [0008] [0009] [0010]201126992 VI. Description of the Invention: [Technical Field of the Invention] [0001] The present invention relates to a digital file time certification system, and more particularly to a system for providing evidence that a digital file has existed before a certain point in time. [Prior Art] [Abstract] [0002] A digital file time certification system includes: a digital auditing round entry program for inputting a digital file; a first hashing method program for ^ digital accounting Generating a first hash value; a second hashing method for generating a second hash value for the digital file; and a combining procedure for combining the first hash value and the second hash value into - Merging the hash message; and a transmitting program 'transferring the merged hash message to a deposit address; wherein the first hash method is different from the second hash method. [0003] Because in the case of proving the completion time of the work, the proof must maintain the long-term validity of the _Q, for example, the invention must be kept for 20 years, and the copyright must be kept for at least 50 years; In the time, the hash method is likely to be cracked, so use two or more different hash methods to deal with the problem that the hash method is cracked. [Embodiment] v [0004] Please refer to FIG. 1 , which is a flow chart of the present invention, illustrating a digital file time certification system, including: a digital file input program (11〇) for inputting a digital file. a first hash method (21〇) for generating a first hash value (211) for the digital file; - a second hash method 099101420 Form No. A0101 Page 3 of 9 0992002770-0 201126992 Procedure (220) for generating the digital file - a second hash value (221); a combining procedure (230) for combining the first hash value and the second hash value into a merged hash message, the merge The _ message may also include a file name, the file name is used to represent the digital file, to facilitate management of the relationship between the β Hai digital file and the merged hash message, and a transfer program (300), the merged hash The message is transmitted to a deposit address 〇 [0005] The hash method includes a hash algorithm such as MD 5, SH A1, S Η A - 2 2 4, S Η Α 5 6S Ιί Α ~ 384, and SHA-512, where First hash method procedure and S Hai second The method of making up is not the same, because the proof must be effective for a long time in proving the completion time of the work. For example, the invention must be kept for at least 20 years, and the copyright must be kept for at least 5 years; In the time, the hash method is likely to be cracked, so use two or more different hash methods to deal with the problem that the hash method is cracked. For example, when the first hash method is cracked, the second hash method is not yet available. Before being cracked, the user can generate a third hash value by using a second hash method generated by the second hash method, and a third hash value, the second hash method and the first hash method. The second hashing method is different, and the third hash value is verified to prove that the second hash value has appeared before the second hashing method has been cracked. Even if the second hash method is also cracked in the future, but because of the third hash value and the second hash value, it is enough to prove that the second hash value cannot be generated because the first hash method is cracked. The deposit address can contain multiple email addresses because there are many free email services on the Internet, such as H〇tmail, 099101420 Form No. A0101 Page 4 / Total 9 Pages 0992002770-0 [0006] 201126992 Ο [0007] [0009] [0010]
Gmail或Yah00!Mail,只要提供一個輪入晝面(wo) ,包含一存證位址輸入程序(12〇),供使用者輪入其 郵件地址,該傳送㈣(_),就能將該合併雜凑訊= 送到該此電子郵件服務上,而這些電子郵件服務都會二 ,收信的時間’可以作為一免費的時間證明服務,雖然 單電子郵件服務證明時間的證明能力很弱,但若使用 者提供多個電子郵件地址,將有衫電子郵件服務能證 明收到該合併雜凑訊息的時間,這可以讓證明能力提升 到法院可以接受的程度。 又存證位址也可以是-魏_,將該合併雜凑訊息列 印成一紙本,將該紙本善加管理作為該合併雜湊訊息存 在時間點的證明;或是可以列印成-明信片,將該明信 片交給郵局’寄回來給自己,郵局會在明信片上加上郵 戮’以證明該明信片存在的時間點,如此也能作為該合 併雜湊訊息存在時間點的證明;會是麟舍併雜凑訊息 以一存證信函的方式寄給自己,利用該存證信函作為該 合併雜湊訊息存在時間點的證明。 又存證位it也可以包含一數位簽章程序,該數位簽章程 序用以對該合併雜凑訊息合併—時間訊息後簽章,以產 生之一數位簽章值,如此利用該數位簽章值,可以更加 強化證明該合併雜凑訊息存在之時間點,。 此外,像網站留言板、技術揭露網站如IP. COM,都可以 作為存證位址。 上述實施例所揭示者係藉以具體說明本發明且文中雖 099101420 表單編號A0101 0992002770-0 201126992 透過特定的術語進行說明,當不能以此限定本發明之專 利範圍;熟悉此項技術領域之人士當可在瞭解本發明之 精神與原則後對其進行變更與修改而達到等效之目的, 而此等變更與修改,皆應涵蓋於如後所述之申請專利範 圍所界定範疇中。 【圖式簡單說明】 [0011] 第1圖係本發明之流程圖。 【主要元件符號說明】 [0012] 100 輸入晝面 [0013] 110 數位檔案輸入程序 [0014] 120 存證位址輸入程序 [0015] 210 第一雜湊方法程序 [0016] 211 第一雜湊值 [0017] 220 第二雜湊方法程序 [0018] 221 第二雜湊值 [0019] 230 合併程序 [0020] 300 傳送程序 099101420 表單編號A0101 第6頁/共9頁 0992002770-0Gmail or Yah00!Mail, as long as you provide a wheeled face (wo), including a deposit address entry program (12〇) for the user to turn in their email address, the transfer (four) (_), you can Consolidated hash messages = sent to this e-mail service, and these e-mail services will be two, the time of receipt 'can be used as a free time proof service, although the single e-mail service proves that the time is weak, but If the user provides multiple e-mail addresses, the e-mail service will be able to prove the time of receipt of the merged message, which will increase the ability to prove to a level acceptable to the court. The certificate address may also be - Wei_, the merged hash message is printed as a paper, and the paper is managed as a proof of the time point of the merged hash message; or it may be printed as a postcard. Send the postcard to the post office 'send it back to yourself, and the post office will add a postal message on the postcard' to prove the time point of the postcard. This can also be used as a proof of the time point of the merged message. The hash message is sent to itself as a certificate of deposit, and the certificate letter is used as proof of the point in time at which the merged message is present. The stored certificate bit may also include a digital signature program for combining the merged hash message with a time message to generate a one-digit signature value, thus utilizing the digital signature The value can be more enhanced to prove the point in time when the merged hash message exists. In addition, websites such as website message boards and technology disclosure websites such as IP.COM can be used as deposit addresses. The disclosures of the above embodiments are specifically illustrated by the present invention, and although the texts of the inventions are not specifically limited by the specific terminology, the number of the invention is not limited thereto; those skilled in the art can Changes and modifications may be made to the equivalents thereof, and such changes and modifications are intended to be included within the scope of the appended claims. BRIEF DESCRIPTION OF THE DRAWINGS [0011] Fig. 1 is a flow chart of the present invention. [Main component symbol description] [0012] 100 input file [0013] 110 digital file input program [0014] 120 certificate address input program [0015] 210 first hash method program [0016] 211 first hash value [0017] ] 220 Second Hash Method [0018] 221 Second Hash Value [0019] 230 Merge Program [0020] 300 Transfer Program 099101420 Form Number A0101 Page 6 / Total 9 Page 0992002770-0