TWI732247B - Method to display the validation of certificate at signing time - Google Patents

Method to display the validation of certificate at signing time Download PDF

Info

Publication number
TWI732247B
TWI732247B TW108125090A TW108125090A TWI732247B TW I732247 B TWI732247 B TW I732247B TW 108125090 A TW108125090 A TW 108125090A TW 108125090 A TW108125090 A TW 108125090A TW I732247 B TWI732247 B TW I732247B
Authority
TW
Taiwan
Prior art keywords
certificate
signature
validity
signing
time
Prior art date
Application number
TW108125090A
Other languages
Chinese (zh)
Other versions
TW202105223A (en
Inventor
黃昭綺
張家棟
連子淳
劉秋宗
陳秋玉
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW108125090A priority Critical patent/TWI732247B/en
Publication of TW202105223A publication Critical patent/TW202105223A/en
Application granted granted Critical
Publication of TWI732247B publication Critical patent/TWI732247B/en

Links

Images

Abstract

The present invention relates to a method to display the validation of certificate at signing time, wherein a signature server executes: generating a key pair and applying to a Certificate Authority for the certificate of the key pair, establishing an initial record block, when a signature is generated, the hash value of the previous record block is written into the authentication attribute of the signature, and the hash value of the previous record block is added to the hash value of the signature body of the signature to establish a new record block, wherein when the expiration date of the certificate is not about to expire, the new signature is continuously generated in the above manner, and those blocks are made into a record chain, and in addition, when the expiration date of the certificate is about to expire, a time stamp from a TimeStamp Authority and a certificate validity evidence from the Certificate Authority are obtained by using the hash value of the last record block for confirmation of the validity of the certificate at the signing time.

Description

證明簽章時憑證有效性的紀錄方法 Record method to prove the validity of the certificate at the time of signing

本發明係關於憑證有效性驗證之技術,詳而言之,係關於一種證明簽章時憑證有效性的紀錄方法。 The present invention relates to a technology for verifying the validity of a certificate, in detail, it relates to a recording method for proving the validity of a certificate when signing.

目前通用的數位簽章方法為簽發者需向公開金鑰基礎建設中的數位憑證認證機構(Certificate Authority,CA)註冊其公鑰,取得相對應的數位憑證作為身分認證,並使用非對稱加密技術來實現文件完整性及不可否認性。當要驗證簽章有效性時,除了使用非對稱加密技術來驗證文件未經變動外,還需驗證憑證有效性,確認其身分未遭冒用,也就是說,如果憑證已過期或已被註銷,此數位簽章就無效。如果希望此數位簽章在憑證已過期或已被註銷時,仍可視為有效,則須證明這數位簽章產生的時候,憑證有效。 The current general digital signature method is that the issuer needs to register its public key with a digital certificate authority (CA) in the public key infrastructure, obtain the corresponding digital certificate as identity authentication, and use asymmetric encryption technology To achieve file integrity and non-repudiation. When verifying the validity of the signature, in addition to using asymmetric encryption technology to verify that the document has not been changed, it is also necessary to verify the validity of the certificate to confirm that its identity has not been fraudulently used, that is, if the certificate has expired or has been cancelled , This digital signature is invalid. If you want this digital signature to be considered valid even when the certificate has expired or has been cancelled, you must prove that the certificate was valid when the digital signature was generated.

前述證明憑證有效的方式中,如果單純使用第三方時戳來證明簽章時間落於憑證有效期間,並不能排除簽章時憑證已註銷的可能性,因為數位憑證認證機構在憑證過期後就不再維護其註銷清單,此時已無法向數位憑證認證機構求證此張憑證是否註銷過。因此,最完善的作法是在 簽章的時候使用第三方時戳來證明目前簽章時間,並同時取得此張憑證未被註銷的證明,也就是當時的憑證廢止清冊(CRL)或線上憑證狀態協定(OCSP)封包,並將時戳和憑證未被註銷的證明加入文件簽章中供日後驗證。但在實際應用來看,大部分的數位簽章有效期限等同憑證效期已足夠,僅有少部分在憑證過期或註銷後仍須視為有效,例如銀行簽發大量的對帳單,大部分的使用者當下驗證過數位簽章有效,表示是由此銀行簽發,且內容未經變造就已足夠,僅有少數對帳單中的數位簽章,例如要上法院當作證據,才在很長一段時間而銀行憑證已過期之後,需要證明此數位簽章仍有效。 In the aforementioned method of proving the validity of the certificate, if the third-party time stamp is used to prove that the time of signature falls within the validity period of the certificate, the possibility that the certificate has been cancelled at the time of signing cannot be ruled out, because the digital certificate certification authority will not After maintaining the cancellation list, it is no longer possible to verify with the digital certificate certification authority whether this certificate has been cancelled. Therefore, the most complete approach is to When signing, use a third-party time stamp to prove the current signing time, and at the same time obtain proof that the certificate has not been cancelled, that is, the certificate revocation list (CRL) or online certificate status agreement (OCSP) package at that time, and The time stamp and proof that the certificate has not been cancelled are added to the document signature for future verification. However, in practical applications, the validity period of most digital signatures is equivalent to the validity period of the voucher. Only a few of them must be considered valid after the voucher expires or is cancelled. For example, banks issue a large number of statements. The user has verified that the digital signature is valid at the moment, indicating that it was issued by this bank and the content has not been altered. There are only a few digital signatures in the statement. For example, it is very long if it is used as evidence in the court. After a period of time and the bank certificate has expired, it is necessary to prove that the digital signature is still valid.

由上可知,若能找出一種憑證有效性驗證之技術,特別是如何證明這數位簽章產生時憑證有效,且無須每次憑證時都須至第三方取得時戳和憑證有效性證明的繁複且費時、浪費資源的手續,此將成為本技術領域人員急欲追求解決方案之目標。 It can be seen from the above that if we can find a technology to verify the validity of the certificate, especially how to prove that the certificate is valid when the digital signature is generated, and there is no need to go to a third party to obtain the time stamp and the complexity of the certificate validity certificate every time the certificate is generated. The procedures that are time-consuming and wasteful of resources will become the goal of those skilled in the art who are eager to pursue solutions.

本發明之目的係提出一種簽章暨驗證之方法,僅須在憑證即將過期或註銷前,取得時戳和憑證未被註銷的證明,即可確認簽章時憑證之有效性,且無須在每次簽章時都加入時戳和憑證未被註銷證明,以降低每次簽章時的網路傳輸和運算效能。 The purpose of the present invention is to propose a method of signature and verification. It is only necessary to obtain a time stamp and proof that the certificate has not been cancelled before the certificate is about to expire or be cancelled, and the validity of the certificate at the time of signing can be confirmed, and there is no need to The time stamp and proof that the certificate has not been cancelled are added for each signature to reduce the network transmission and computing performance during each signature.

為達到上述目的與其他目的,本發明係提出一種證明簽章時憑證有效性的紀錄方法,係包括:令簽章伺服器產生金鑰對,以向一數位憑證認證機構申請該金鑰對之憑證;令該簽章伺服器建立初始紀錄區 塊;該簽章伺服器於產生簽章時,係將前一紀錄區塊之雜湊值寫入該簽章之認證屬性中,並以該前一紀錄區塊之雜湊值加上當次簽章之簽體的雜湊值以建立新紀錄區塊,其中,於該簽章伺服器檢查該憑證之到期日期為非即將到期時,係以上述方式持續產生新的簽章,俾令該初始紀錄區塊以及至少一該新紀錄區塊成為紀錄串鏈;以及於該簽章伺服器檢查該憑證之到期日期為即將到期時,令該簽章伺服器以最後一紀錄區塊之雜湊值向一時戳服務中心取得時戳以及向該數位憑證認證機構取得憑證有效性證明,俾供確認於簽章時該憑證之有效性。 In order to achieve the above and other objectives, the present invention proposes a recording method for proving the validity of a certificate at the time of signing, which includes: instructing a signing server to generate a key pair to apply to a digital certificate certification authority for the key pair Certificate; make the signature server create an initial record area Block; when the signature server generates the signature, it writes the hash value of the previous record block into the authentication attribute of the signature, and adds the hash value of the previous record block to the current signature The hash value of the signature is used to create a new record block, where, when the signature server checks that the expiration date of the certificate is not about to expire, new signatures are continuously generated in the above manner to make the initial record The block and at least one new record block become a record chain; and when the signing server checks that the expiration date of the certificate is about to expire, the signing server is made to use the hash value of the last record block Obtain the time stamp from the one-time stamp service center and obtain the certificate validity certificate from the digital certificate certification body to confirm the validity of the certificate at the time of signing.

於一實施例中,令該初始紀錄區塊以及至少一該新紀錄區塊成為該紀錄串鏈係指透過區塊鏈技術中每一個紀錄區塊包含前一個紀錄區塊之雜湊值的特性,以確保該些紀錄區塊之順序及內容未被竄改。 In one embodiment, making the initial record block and at least one new record block become the record chain means that each record block in the blockchain technology includes the hash value of the previous record block. To ensure that the order and content of the record blocks have not been tampered with.

於另一實施例中,於該簽章中放入該前一紀錄區塊之雜湊值至該認證屬性係利用非對稱加密技術以確保該雜湊值紀錄無法被竄改。 In another embodiment, putting the hash value of the previous record block into the authentication attribute in the signature uses asymmetric encryption technology to ensure that the hash value record cannot be tampered with.

另外,該初始紀錄區塊之內容包括簽章憑證相關資訊或是任何事先約定內容。 In addition, the content of the initial record block includes information related to the signature certificate or any pre-appointed content.

於又一實施例中,令該簽章伺服器以該最後一紀錄區塊之雜湊值向該時戳服務中心取得該時戳係用於證明該紀錄串鏈在時戳時間前已存在。另外,該簽章伺服器向該數位憑證認證機構取得該憑證有效性證明係包括取得憑證吊銷列表(Certificate Revocation List,CRL)或線上即時憑證狀態查詢(Online Certificate Status Protocol,OCSP),以證明該時戳時間下該憑證為有效。 In another embodiment, the signature server is made to obtain the time stamp from the time stamp service center using the hash value of the last record block to prove that the record chain exists before the time stamp time. In addition, the signing server obtains the certificate validity certificate from the digital certificate certification authority, including obtaining a certificate revocation list (CRL) or online real-time certificate status query (Online Certificate Status Protocol, OCSP) to prove the validity of the certificate. The certificate is valid under the time stamp.

於再一實施例中,若發生私鑰遺失或外洩時,該簽章伺服器 係以該最後一紀錄區塊之雜湊值向該時戳服務中心取得該時戳以及向該數位憑證認證機構取該憑證有效性證明,之後再向該數位憑證認證機構註銷憑證。 In another embodiment, if the private key is lost or leaked, the signature server The hash value of the last record block is used to obtain the time stamp from the time stamp service center and obtain the certificate validity certificate from the digital certificate certification authority, and then cancel the certificate from the digital certificate certification authority.

於一實施例中,本案所述之證明簽章時憑證有效性的紀錄方法復包括:當該憑證已過期或已註銷的情況下,由驗證者藉該簽章伺服器所留存之該紀錄串鏈、該時戳、該憑證有效性證明,進行該憑證之有效性的確認。 In one embodiment, the method for recording the validity of a certificate at the time of signing as described in this case includes: when the certificate has expired or has been cancelled, the verifier uses the record string retained by the signing server Chain, the time stamp, and the proof of the validity of the certificate to confirm the validity of the certificate.

於上述實施例中,該憑證之有效性的確認包括:檢查該紀錄串鏈中是否存在一紀錄區塊內容與該簽章相符;檢查該紀錄區塊到該最後一紀錄區塊之間,每一個紀錄區塊是否正確包含其前一個紀錄區塊之雜湊值;檢查該最後一紀錄區塊之雜湊值是否正確出現在該時戳中;以及檢查該時戳之時戳時間是否在該憑證有效性之證明時間之前。 In the above embodiment, the verification of the validity of the certificate includes: checking whether there is a record block in the record chain that matches the signature; checking the record block to the last record block, every time Whether a record block correctly contains the hash value of the previous record block; check whether the hash value of the last record block correctly appears in the time stamp; and check whether the time stamp time of the time stamp is valid in the certificate Proof of sex before time.

於其他實施例中,於該簽章伺服器以該最後一紀錄區塊之雜湊值向該時戳服務中心取得該時戳以及向該數位憑證認證機構取得該憑證有效性證明後,當該簽章伺服器欲執行簽章動作時,需重新產生新金鑰對以及申請新憑證,以產生該新憑證相對應之紀錄串鏈。 In other embodiments, after the signature server obtains the time stamp from the time stamp service center with the hash value of the last record block and obtains the certificate validity certificate from the digital certificate certification authority, when the signature server obtains the time stamp from the time stamp service center, When the chapter server wants to execute the signature action, it needs to regenerate a new key pair and apply for a new certificate to generate the record chain corresponding to the new certificate.

綜上可知,本發明所提出之證明簽章時憑證有效性的紀錄方法,係在簽章中包含前一紀錄區塊之雜湊值且建立一新紀錄區塊,其中包含本次簽體的雜湊值及前一紀錄區塊之雜湊值的鏈結紀錄方法,透過此方法,達成簽章伺服器無法偽造簽章順序的目的;另外,當簽章伺服器所使用的憑證即將過期或是所使用的金鑰遺失或外洩而需要註銷憑證時,僅需拿最後一筆紀錄區塊之雜湊值至時戳服務中心(TimeStamp Authority,TSA) 取得時戳,以及至數位憑證認證機構(Certificate Authority,CA)取得憑證有效性證明(OCSP或CRL),即能確認所有出現在紀錄串鏈上的簽章,在簽章的時候憑證為有效,因為所有出現在紀錄串鏈上的簽章,皆存在於取得時戳和憑證有效性的時間點之前,且時戳和憑證有效性證明能證明在此時間點憑證為有效,故本發明可防止簽章伺服器為節省憑證費用,繼續使用過期憑證產出簽章,卻偽造簽章紀錄,宣稱簽章時憑證有效,另外亦能節省製作長效型簽章時,每次簽章需至第三方取得時戳和憑證有效性證明的運算花費和網路傳輸。 In summary, the recording method for proving the validity of the certificate at the time of signature proposed by the present invention is to include the hash value of the previous record block in the signature and create a new record block, which contains the hash of the current signature Value and the hash value of the previous record block. Through this method, the signing server cannot forge the signing order; in addition, when the certificate used by the signing server is about to expire or the used When your key is lost or leaked and you need to cancel the certificate, you only need to take the hash value of the last record block to the Time Stamp Authority (TSA) Obtain the time stamp and obtain the certificate validity certificate (OCSP or CRL) from a digital certificate authority (CA), which can confirm all the signatures that appear on the chain of records. The certificate is valid at the time of signing. Because all the signatures appearing on the chain of records exist before the time point when the time stamp and the validity of the certificate are obtained, and the time stamp and the certificate validity certificate can prove that the certificate is valid at this point in time, the present invention can prevent In order to save certificate costs, the signature server continues to use expired certificates to generate signatures, but forges the signature record, claiming that the certificate is valid at the time of the signature. In addition, it can also save the creation of a long-term signature. The calculation cost and network transmission for the three parties to obtain the time stamp and the validity of the certificate.

11‧‧‧簽章伺服器 11‧‧‧Signing Server

12‧‧‧簽章伺服器管理員 12‧‧‧Signing Server Administrator

13‧‧‧數位憑證認證機構 13‧‧‧Digital Certificate Certification Authority

14‧‧‧時戳服務中心 14‧‧‧Time Stamp Service Center

15‧‧‧驗證端 15‧‧‧Verifier

S11~S14‧‧‧步驟 S11~S14‧‧‧Step

101~106‧‧‧流程 101~106‧‧‧Process

201、202‧‧‧流程 201, 202‧‧‧ process

301、302‧‧‧流程 301, 302‧‧‧ process

S501~S508‧‧‧流程 S501~S508‧‧‧Process

S601~S607‧‧‧流程 S601~S607‧‧‧Process

第1圖為本發明之證明簽章時憑證有效性的紀錄方法的步驟圖。 Figure 1 is a step diagram of the method for recording the validity of a certificate when proving the signature of the present invention.

第2圖為本發明之證明簽章時憑證有效性的紀錄方法一具體實施例的系統架構與訊息傳遞的示意圖。 Figure 2 is a schematic diagram of the system architecture and message transmission of a specific embodiment of the method for recording the validity of a certificate at the time of signature verification of the present invention.

第3圖為本發明所述簽章的示意圖。 Figure 3 is a schematic diagram of the signature of the present invention.

第4圖為本發明所述紀錄串鏈的示意圖。 Figure 4 is a schematic diagram of the record chain of the present invention.

第5圖為本發明之簽章伺服器實施簽章的流程圖。 Figure 5 is a flowchart of the signature server implementation of the present invention.

第6圖為本發明之驗證簽章時憑證有效性的流程圖。 Figure 6 is a flow chart of the validity of the certificate when verifying the signature of the present invention.

以下藉由特定的具體實施形態說明本發明之技術內容,熟悉此技藝之人士可由本說明書所揭示之內容輕易地瞭解本發明之優點與功效。 然本發明亦可藉由其他不同的具體實施形態加以施行或應用。 The following describes the technical content of the present invention with specific specific embodiments. Those familiar with the art can easily understand the advantages and effects of the present invention from the content disclosed in this specification. However, the present invention can also be implemented or applied by other different specific embodiments.

第1圖為本發明之證明簽章時憑證有效性的紀錄方法的步驟圖。如圖所示,本發明之證明簽章時憑證有效性的紀錄方法,係揭露如何簽章過程如何紀錄,藉以後續能驗證簽章時憑證是否有效。 Figure 1 is a step diagram of the method for recording the validity of a certificate when proving the signature of the present invention. As shown in the figure, the recording method for proving the validity of a certificate at the time of signing of the present invention discloses how to record the signing process, so that it can be subsequently verified whether the certificate is valid at the time of signing.

於步驟S11中,令簽章伺服器產生金鑰對,以向一數位憑證認證機構申請該金鑰對之憑證。於此步驟中,當簽章管理者先產生金鑰對,以向數位憑證認證機構執行註冊公鑰之申請,並由數位憑證認證機構發放該金鑰對之憑證。 In step S11, the signing server is asked to generate a key pair to apply for a certificate of the key pair from a digital certificate certification authority. In this step, when the signature manager first generates a key pair to perform an application for registration of the public key with the digital certificate certification authority, the digital certificate certification authority issues the certificate of the key pair.

於步驟S12中,令該簽章伺服器建立初始紀錄區塊。為了日後能驗證簽章時憑證是否有效,故簽章伺服器每發出一次簽章時,簽章伺服器會執行紀錄,紀錄每一個簽章產出的前後順序,以便日後檢查時能發現是否有被竄改,故,本發明提出類似區塊鏈的技術概念,透過建立紀錄串鏈來記載簽章情況,故一開始先產生一個初始紀錄區塊。 In step S12, the signature server is asked to create an initial record block. In order to verify the validity of the certificate at the time of signing in the future, the signing server will execute a record every time a signature is issued by the signing server, recording the sequence of each signature output, so that you can find out if there is any It has been tampered with, therefore, the present invention proposes a technical concept similar to a blockchain, which records the signature by establishing a chain of records, so an initial record block is generated at the beginning.

於一實施例中,前述初始紀錄區塊之內容包括簽章憑證相關資訊或是任何事先約定內容,主要可與後續其他紀錄區塊區別即可。 In one embodiment, the content of the aforementioned initial record block includes information related to the signature certificate or any pre-appointed content, which can be mainly distinguished from other subsequent record blocks.

於步驟S13中,該簽章伺服器於產生簽章時,係將前一紀錄區塊之雜湊值寫入該簽章之認證屬性(authenticated/signed attribute)中,並以該前一紀錄區塊之雜湊值加上當次簽章之簽體的雜湊值以建立新紀錄區塊,其中,於該簽章伺服器檢查該憑證之到期日期為非即將到期時,係以上述方式持續產生新的簽章,俾令該初始紀錄區塊以及至少一該新紀錄區塊成為紀錄串鏈。此步驟即是說明前述的紀錄串鏈是如何建立,可分為簽章部分和紀錄區塊部分。 In step S13, when the signature server generates the signature, it writes the hash value of the previous record block into the authenticated/signed attribute of the signature, and uses the previous record block The hash value of the current signature is added to the hash value of the signature body of the current signature to create a new record block. When the signature server checks that the expiration date of the certificate is not about to expire, it will continue to generate new records in the above manner The signature of, so that the initial record block and at least one new record block become a record chain. This step is to explain how the aforementioned record chain is established, which can be divided into a signature part and a record block part.

首先,簽章部分會將前一紀錄區塊之雜湊值寫入該簽章之認證屬性中,如此當簽章的認證屬性內容遭到竄改時,則驗證簽章會失敗,換言之,如此可與紀錄串鏈做連結,藉此確保這次簽章會出現在紀錄串鏈之後。 First, the signature part will write the hash value of the previous record block into the authentication attribute of the signature, so when the authentication attribute content of the signature is tampered with, the authentication of the signature will fail. In other words, it can be compared with The record chain is linked to ensure that this signature will appear after the record chain.

另外,除了前述簽章部分,另外還有產生新的紀錄區塊,即以該前一紀錄區塊之雜湊值加上當次簽章之簽體的雜湊值以建立新紀錄區塊,這裡所建立的紀錄區塊即可於前述簽章作對應,亦即,簽章部分會將前一紀錄區塊之雜湊值寫入該簽章之認證屬性中,而對應的紀錄區塊則包含前一紀錄區塊之雜湊值加上當次簽章之簽體的雜湊值。也就是說,此作法係利用區塊鏈技術中每一個區段包含了前一個區段的雜湊值的特性,即讓每一個紀錄區塊包含前一個紀錄區塊之雜湊值,故可確保這些紀錄區塊的順序及內容難被竄改。 In addition, in addition to the aforementioned signature part, there is also the creation of a new record block, that is, the hash value of the previous record block plus the hash value of the signature body of the current signature to create a new record block, which is created here The record block of can correspond to the aforementioned signature, that is, the signature part will write the hash value of the previous record block into the authentication attribute of the signature, and the corresponding record block contains the previous record The hash value of the block plus the hash value of the signature of the current signature. That is to say, this method uses the characteristic that each section in the blockchain technology contains the hash value of the previous section, that is, each record block contains the hash value of the previous record block, so it can ensure these The order and content of the record blocks are difficult to be tampered with.

後續當新的紀錄區塊建立後,當該簽章伺服器檢查該憑證之到期日期為非即將到期時,則可持續以相同方式產生新的簽章,並且產生對應紀錄區塊,而該些紀錄區塊和一開始的初始紀錄區塊即可成為紀錄串鏈。 Subsequently, when a new record block is created, when the signature server checks that the expiration date of the certificate is not about to expire, it can continue to generate a new signature in the same way and generate a corresponding record block, and These record blocks and the initial initial record block can become a record chain.

於一實施例中,於該簽章中放入該前一紀錄區塊之雜湊值至該認證屬性係利用了非對稱加密技術,如此可確保該雜湊值紀錄無法被竄改。 In one embodiment, putting the hash value of the previous record block into the authentication attribute in the signature uses asymmetric encryption technology, which can ensure that the hash value record cannot be tampered with.

於步驟S14中,於該簽章伺服器檢查該憑證之到期日期為即將到期時,令該簽章伺服器以最後一紀錄區塊之雜湊值向一時戳服務中心取得時戳以及向該數位憑證認證機構取得憑證有效性證明該簽章伺服器向 該數位憑證認證機構取得。具體來說,該簽章伺服器取得的時戳及得憑證有效性證明,可與紀錄串鏈一同留存,故能提供後續「簽章時憑證有效性」之檢驗。詳言之,在步驟S13中是在憑證之到期日期為未即將到期下,持續產生簽章和紀錄區塊,若當憑證之到期日期為即將到期時,則該簽章伺服器會以最後一紀錄區塊之雜湊值向時戳服務中心取得時戳,以證明該紀錄串鏈在時戳時間前已存在,也就是整個紀錄串鏈出現在時戳時間之前,另外,該簽章伺服器會向數位憑證認證機構取得憑證有效性證明,以供確認簽章時該憑證之有效性,須說明者,在憑證未過期且未註銷的情況下,簽章伺服器皆可由數位憑證認證機構取得憑證有效性證明。 In step S14, when the signing server checks that the expiration date of the certificate is about to expire, the signing server is asked to obtain the time stamp from the time stamp service center with the hash value of the last record block and send it to the time stamp service center. The digital certificate certification authority obtains the certificate validity certificate. The signature server sends Obtained by the digital certificate certification authority. Specifically, the time stamp obtained by the signing server and the certificate validity certificate can be stored together with the record chain, so it can provide subsequent "validity of the certificate at the time of signing" check. In detail, in step S13, when the expiration date of the certificate is not about to expire, the signature and record block are continuously generated. If the expiration date of the certificate is about to expire, the signature server The time stamp will be obtained from the time stamp service center with the hash value of the last record block to prove that the record chain already exists before the time stamp time, that is, the entire record chain appears before the time stamp time. In addition, the signature The chapter server will obtain the certificate validity certificate from the digital certificate certification authority to confirm the validity of the certificate at the time of signing. If you need to explain, the signing server can use the digital certificate if the certificate has not expired and is not cancelled. The certification body obtains proof of the validity of the certificate.

於另一實施例中,該簽章伺服器向該數位憑證認證機構取得該憑證有效性證明係包括取得憑證吊銷列表(Certificate Revocation List,CRL)或線上即時憑證狀態查詢(Online Certificate Status Protocol,OCSP),以證明該時戳時間下該憑證為有效。 In another embodiment, obtaining the certificate validity certificate from the digital certificate authority by the signing server includes obtaining a certificate revocation list (CRL) or online real-time certificate status query (Online Certificate Status Protocol, OCSP). ) To prove that the voucher is valid under the time stamp.

另外,前述說明憑證為非過期或未被註銷的處理情況,假若該憑證已過期或已註銷的情況下,則驗證者能由該簽章伺服器所留存之該紀錄串鏈、該時戳、該憑證有效性證明,以進行該憑證之有效性的確認。 In addition, the foregoing description shows that the certificate is not expired or cancelled. If the certificate has expired or has been cancelled, the verifier can use the record chain, the time stamp, and the time stamp saved by the signature server. The validity of the certificate is used to confirm the validity of the certificate.

於前述方法中,該簽章伺服器若發生私鑰遺失或外洩時,則以該最後一紀錄區塊之雜湊值向該時戳服務中心取得該時戳以及向該數位憑證認證機構取該憑證有效性證明,之後再向該數位憑證認證機構註銷憑證。於上述情況下,在註銷憑證後,外洩的私鑰就算被惡意拿來產生簽章,也會因為憑證已失效再加上非簽章伺服器所產生,故無簽章紀錄區塊可證明簽章時憑證有效,因而會被視為無效的簽章。 In the aforementioned method, if the private key of the signature server is lost or leaked, the hash value of the last record block will be used to obtain the time stamp from the time stamp service center and obtain the time stamp from the digital certificate certification authority. Proof of the validity of the certificate, and then cancel the certificate with the digital certificate certification authority. In the above case, after the certificate is cancelled, even if the leaked private key is maliciously used to generate a signature, it will be generated by the certificate invalid and a non-signature server, so there is no signature record block to prove The certificate is valid at the time of signing, so it will be regarded as an invalid signature.

另外,有關憑證之有效性的確認可包括下列幾個步驟:檢查該紀錄串鏈中是否存在一紀錄區塊內容與該簽章相符;檢查該紀錄區塊到該最後一紀錄區塊之間,每一個紀錄區塊是否正確包含其前一個紀錄區塊之雜湊值;檢查該最後一紀錄區塊之雜湊值是否正確出現在該時戳中;以及檢查該時戳之時戳時間是否在該憑證有效性之證明時間之前。 In addition, the verification of the validity of the certificate may include the following steps: check whether there is a record block in the record chain that matches the signature; check between the record block and the last record block, Whether each record block correctly contains the hash value of the previous record block; check whether the hash value of the last record block correctly appears in the time stamp; and check whether the time stamp time of the time stamp is in the certificate Before the proof of validity.

於上述步驟中,會先檢查所取得簽章是否與紀錄串鏈中的一紀錄區塊內容相符,若有,則進一步檢查此紀錄區塊到最後一紀錄區塊之間,每一個紀錄區塊是否正確包含其前一個紀錄區塊之雜湊值,如前所述,透過紀錄串鏈方式,每一個紀錄區塊都會包含前一個紀錄區塊之雜湊值,若有不符,表示憑證有效性有問題。接著,再檢查最後一紀錄區塊之雜湊值是否與在時戳中,並檢查該時戳之時戳時間是否在該憑證有效性之證明時間之前,假若上述皆符合,則可證明此憑證在簽章時是有效的。 In the above steps, it will first check whether the obtained signature matches the content of a record block in the record chain. If so, it will further check from this record block to the last record block, each record block Whether the hash value of the previous record block is included correctly, as mentioned above, through the record chain method, each record block will contain the hash value of the previous record block. If there is any discrepancy, it means that the validity of the certificate is problematic . Then, check whether the hash value of the last record block is in the time stamp, and check whether the time stamp time of the time stamp is before the proof time of the validity of the certificate. If all of the above are met, it can be proved that the certificate is in the time stamp. It is valid at the time of signature.

於其他實施例中,當簽章伺服器以最後一紀錄區塊之雜湊值向時戳服務中心取得時戳以及向數位憑證認證機構取得憑證有效性證明後,假若簽章伺服器還要執行簽章動作時,則需重新產生新金鑰對並且如步驟S11須向數位憑證認證機構申請該新金鑰對之憑證,並對應產生該新憑證相對應之紀錄串鏈,也就是說,在向時戳服務中心取得時戳以及向數位憑證認證機構取得憑證有效性證明後,整個紀錄區塊會重新紀錄。 In other embodiments, after the signing server obtains the time stamp from the time stamp service center with the hash value of the last record block and obtains the certificate validity certificate from the digital certificate certification authority, if the signing server also executes the signature During the chapter action, you need to regenerate a new key pair and, in step S11, you must apply for the certificate of the new key pair from the digital certificate certification authority, and generate the corresponding record chain corresponding to the new certificate. After the time stamp service center obtains the time stamp and obtains the certificate validity certificate from the digital certificate certification authority, the entire record block will be re-recorded.

第2圖為本發明之證明簽章時憑證有效性的紀錄方法一具體實施例的系統架構與訊息傳遞的示意圖。如圖所示,本發明所述方法可包含五個角色及十個訊息傳遞的流程,其中,簽章伺服器11可提供大量簽章服務,舉例來說,假設一個公司要在其電子帳單中加入電子簽章防止帳 單內容被竄改或被偽造,即需建置此類簽章伺服器,簽章伺服器管理員12係負責簽章憑證的申請、註銷及相關管理功能,數位憑證認證機構13為負責發放和管理數位憑證的公正第三方權威機構,時戳服務中心14為提供時戳服務的公正第三方單位,驗證端15即為要執行驗證者,舉例來說,可為接受電子帳單的客戶,想驗證此電子帳單有無被竄改或偽造。 Figure 2 is a schematic diagram of the system architecture and message transmission of a specific embodiment of the method for recording the validity of a certificate at the time of signature verification of the present invention. As shown in the figure, the method of the present invention can include five roles and ten message transmission processes. Among them, the signing server 11 can provide a large number of signing services. Add electronic signature to prevent account If the single content is tampered with or forged, it is necessary to build such a signature server. The signature server administrator 12 is responsible for the application, cancellation and related management functions of the signature certificate, and the digital certificate certification authority 13 is responsible for issuance and management. The impartial third-party authority of digital certificates, the time stamp service center 14 is a impartial third-party unit that provides time stamp services, and the verifier 15 is the person who needs to perform the verifier. For example, it can be a customer who accepts electronic bills and wants to verify Whether this electronic bill has been tampered with or forged.

首先為建立簽章的相關流程,包括:流程101為簽章伺服器11產生金鑰對後,由簽章伺服器管理員12向數位憑證認證機構13註冊公鑰;流程102為數位憑證認證機構13發放憑證,並由簽章伺服器管理員12匯入憑證至簽章伺服器11;流程103為簽章伺服器11判斷憑證即將過期,或是有私鑰遺失或外洩情況發生而簽章伺服器管理員12預備向數位憑證認證機構13註銷憑證時,傳送最後一個紀錄區塊之雜湊值至時戳服務中心14;流程104為時戳服務中心14回傳時戳;流程105為簽章伺服器11向數位憑證認證機構13要求憑證有效性證明;流程106為數位憑證認證機構13回傳憑證有效性證明。 The first is the related process of creating a signature, including: process 101 generates a key pair for the signature server 11, and then the signature server administrator 12 registers the public key with the digital certificate certification authority 13; the process 102 is the digital certificate certification authority 13 Issue the certificate, and the signing server administrator 12 imports the certificate to the signing server 11; the process 103 is for the signing server 11 to determine that the certificate is about to expire, or the private key is lost or leaked and signed When the server administrator 12 prepares to cancel the certificate with the digital certificate certification authority 13, the hash value of the last record block is sent to the time stamp service center 14; the process 104 is the time stamp service center 14 to return the time stamp; the process 105 is the signature The server 11 requests a certificate validity certificate from the digital certificate certification authority 13; the process 106 is for the digital certificate certification authority 13 to return a certificate validity certificate.

在一般情況,憑證還未過期時的驗證程序如下:流程201為驗證端15在憑證還未過期時,向數位憑證認證機構13要求憑證有效性證明,藉以判斷憑證狀態;流程202則為數位憑證認證機構13回傳憑證目前狀態。 In general, the verification procedure when the certificate has not expired is as follows: flow 201 is that when the certificate has not expired, the verifier 15 asks the digital certificate certification authority 13 to verify the validity of the certificate to determine the status of the certificate; flow 202 is a digital certificate The certification authority 13 returns the current status of the certificate.

若憑證過期下或是流程202的結果為憑證已註銷,則執行流程301,即驗證端15向簽章伺服器11要求簽章伺服器11所留存之紀錄串鏈、時戳、憑證有效性證明,另外,流程302則為簽章伺服器11回傳其所保存之紀錄串鏈、時戳、憑證有效性證明。 If the certificate expires or the result of the process 202 is that the certificate has been cancelled, the process 301 is executed, that is, the verification terminal 15 requests the signing server 11 for the chain of records, time stamps, and certificate validity certificates stored by the signing server 11 In addition, the process 302 is for the signature server 11 to return the record chain, time stamp, and certificate validity certificate stored by it.

第3圖為本發明所述簽章的示意圖,第4圖為本發明所述紀錄串鏈的示意圖。請一併參考第2-4圖,本發明所述方法是要求簽章伺服器11先建立一初始區塊L0,其內容可為簽章憑證相關資料或任意約定內容,能與其他紀錄區塊區別即可。在產生第一個簽章S1的時候,將L0的雜湊值H(L0),寫入簽章中的認證屬性,並產生一紀錄區塊L1,其內容包含H(L0)和此簽章中簽體的雜湊值H(S'1),其中,簽體為簽章的一部份,是使用私鑰對認證屬性區域的雜湊值加密後的結果,簽章的示意圖可如第2圖所示。 Figure 3 is a schematic diagram of the signature of the present invention, and Figure 4 is a schematic diagram of the record chain of the present invention. Please also refer to Figures 2-4. The method of the present invention requires the signing server 11 to first create an initial block L 0 , the content of which can be related to the signing certificate or any agreed content, which can be combined with other record areas. Block difference can be. When generating a first signature S 1 of the L hash value H 0, heteroaryl (L 0), writing in the signature authentication attributes, and generates a record of block L 1, which comprises a content H (L 0) And the hash value H(S' 1 ) of the signature body in this signature, where the signature body is a part of the signature, which is the result of using the private key to encrypt the hash value of the authentication attribute area. The schematic diagram of the signature can be as As shown in Figure 2.

當此簽章伺服器11在產生第i個簽章Si的時候,會將前一紀錄區塊Li-1的雜湊值H(Li-1),寫入簽章中的認證屬性,並產生一紀錄區塊Li,其內容包含H(Li-1)和此簽章中簽體的雜湊值H(S'i),透過前述方式所產生的簽章和紀錄串鏈之範例如第3圖所示。於本發明所述方法中,利用區塊鏈技術中每一個區段包含了前一個區段雜湊值的特性,可以確保這些紀錄區塊的順序及內容難以竄改,其中,在簽章中放入前一紀錄區塊的雜湊值至認證屬性則可利用非對稱加密技術來確保此雜湊值紀錄無法被竄改,並藉此與紀錄串鏈做連結,確保簽章前此紀錄串鏈已存在,也可防範簽章伺服器11產出多筆簽章,再任意對調其順序,建立出相對應的紀錄串鏈,達成偽造簽章順序之目的。 When this signature server 11 generates the signature S i i-th time, the previous record will heteroaryl L i-1 of the block hash value H (L i-1), writing of signature authentication attributes, And generate a record block Li , whose content includes H(L i-1 ) and the hash value H(S' i ) of the signature in this signature. The example of the signature and record chain generated by the aforementioned method is As shown in Figure 3. In the method of the present invention, using the feature that each section in the blockchain technology contains the hash value of the previous section, it can ensure that the order and content of these record blocks are difficult to tamper with. Among them, put in the signature The hash value to the authentication attribute of the previous record block can use asymmetric encryption technology to ensure that the hash value record cannot be tampered with, and to link with the record chain to ensure that the record chain already exists before signing. It can prevent the signature server 11 from generating multiple signatures, and then arbitrarily reverse their order to establish a corresponding chain of records to achieve the purpose of forging the order of signatures.

另外,當簽章伺服器11判斷憑證即將過期或有私鑰遺失或外洩情況發生而簽章伺服器管理員12預備向數位憑證認證機構13註銷憑證時,簽章伺服器11會將目前紀錄串鏈最後一區塊Lf的雜湊值H(Lf)至時戳服務中心14取時戳,以證明此紀錄串鏈在時戳時間前已存在,以及至數 位憑證認證機構13取得憑證有效性證明(CRL或OCSP),以供後續能證明在此時戳時間此憑證狀態為有效。須說明者,在上述動作後,如果簽章伺服器11仍想執行簽章動作,則需重新產生金鑰對且申請憑證後,再產生新憑證相對應的紀錄串鏈。 In addition, when the signing server 11 determines that the certificate is about to expire or a private key is lost or leaked, and the signing server administrator 12 prepares to cancel the certificate with the digital certificate certification authority 13, the signing server 11 will record the current record The hash value H(L f ) of the last block L f of the chain is time stamped by the time stamp service center 14 to prove that the record chain exists before the time stamp time, and the certificate is valid from the digital certificate authority 13 Proof of nature (CRL or OCSP) for subsequent proof that the status of the certificate is valid at this time stamp. It should be noted that after the above actions, if the signing server 11 still wants to perform the signing action, it needs to regenerate the key pair and apply for the certificate, and then generate the record chain corresponding to the new certificate.

由上可知,本發明所述方法是要求簽章伺服器11留存紀錄串鏈、時戳、憑證有效性證明,如此可供任何想要驗證簽章時憑證有效性的驗證端15存取,且由於紀錄串鏈中僅有雜湊值,因此無須擔心簽章文件資料洩漏。 It can be seen from the above that the method of the present invention requires the signing server 11 to save the record chain, time stamp, and certificate validity certificate, so that it can be accessed by any verification terminal 15 that wants to verify the validity of the certificate when signing, and Since there is only a hash value in the record chain, there is no need to worry about the leakage of the signature file data.

當驗證端15要驗證簽章St其憑證有效性時,在憑證還未過期時,可直接向數位憑證認證機構13查詢憑證狀態。另外,當憑證已過期或憑證已註銷的情況下,驗證端15則需取得簽章伺服器11所留存的紀錄串鏈、時戳、憑證有效性證明,此時驗證端15首先驗證簽體S't的雜湊值H(S't)和認證屬性中的H(Lt-1)所組合出的紀錄區塊Lt是否出現在紀錄串鏈中,接著驗證Lt到Lf中,每一個紀錄區塊是否正確包含前一紀錄區塊的雜湊值,以及驗證最後一紀錄區塊的雜湊值H(Lf)是否出現於時戳中,最後,再由驗證端15驗證時戳時間是否在憑證有效性證明時間之前,藉以確認簽章其憑證的有效性。基於區塊鏈特性,僅需檢查Lt到Lf紀錄串鏈,即可證明Lt出現於Lf之前,無須處理Lt之前的紀錄區塊,且由於Lf存在於時戳時間之前,而在時戳所證明的時間點有憑證有效性證明來證明憑證有效,由此可證明簽章St在簽章時憑證有效。 When the verification terminal 15 to verify the validity of the signature S t their credentials, while not expired certificate, certificate status queries 13 directly to the digital certificate authentication mechanism. In addition, when the certificate has expired or the certificate has been cancelled, the verifier 15 needs to obtain the record chain, time stamp, and certificate validity certificate stored by the signature server 11. At this time, the verifier 15 first verifies the signature S '(t and authentication attributes in H t hash S) H value' (L t-1) is a combination of a record block L t appears in the record chaining, followed by verification L t to L f, each Whether a record block correctly contains the hash value of the previous record block, and verify whether the hash value H(L f ) of the last record block appears in the time stamp. Finally, the verification terminal 15 verifies whether the time stamp time is Before the time for proof of the validity of the voucher, to confirm the validity of the voucher. Based on the characteristics of the blockchain, it is only necessary to check the L t to L f record chain to prove that L t appears before L f , and there is no need to process the record block before L t , and since L f exists before the time stamp time, and when the point in time stamp has demonstrated proof of validity certificate credentials to prove effective, whereby proof signatures S t at the time of signature credentials are valid.

第5圖為本發明之簽章伺服器實施簽章的流程圖,係說明產生簽章會建立紀錄區塊,並且於確認憑證即將過期時,取得時戳和憑證有 效性證明。 Figure 5 is a flowchart of the signature server implementation of the present invention, which explains that the generation of the signature will create a record block, and when it is confirmed that the certificate is about to expire, the time stamp and the certificate will be obtained. Proof of effectiveness.

流程S501為產生金鑰對,以向數位憑證認證機構申請此金鑰對之憑證。於此流程中,簽章伺服器會產生金鑰對,簽章伺服器管理員向數位憑證認證機構申請此金鑰對之憑證,簽章伺服器管理員會將憑證匯入至簽章伺服器。 The process S501 is to generate a key pair to apply for a certificate of the key pair from a digital certificate certification authority. In this process, the signing server will generate a key pair, and the signing server administrator will apply for the certificate of this key pair from the digital certificate authority, and the signing server administrator will import the certificate to the signing server .

流程S502為建立初始紀錄區塊。於此流程中,簽章伺服器建立一初始紀錄區塊,初始紀錄區塊內容為簽章憑證相關資訊或任何事先約定內容,可與其他紀錄區塊區別即可。 The process S502 is to create an initial record block. In this process, the signing server creates an initial record block. The content of the initial record block is information related to the signing certificate or any pre-appointed content, which can be distinguished from other record blocks.

流程S503為將前一紀錄區塊之雜湊值寫入認證屬性產生簽章。於此流程中,簽章伺服器簽章時在簽章的認證屬性中加入前一紀錄區塊之雜湊值,以與紀錄串鏈做連結,確保這次簽章出現在紀錄串鏈之後,倘若簽章的認證屬性內容遭到竄改,則驗簽會失敗。 The process S503 is to write the hash value of the previous record block into the authentication attribute to generate a signature. In this process, the signature server adds the hash value of the previous record block to the authentication attribute of the signature to link with the record chain to ensure that this signature appears after the record chain. If the authentication attribute content of the chapter is tampered with, the signature verification will fail.

流程S504為以前一紀錄區塊之雜湊值和簽體的雜湊值建立新紀錄區塊。於此流程中,簽章伺服器完成簽章後建立一新紀錄區塊,其內容包含這次簽體的雜湊值和前一紀錄區塊之雜湊值,具體而言,可利用區塊鏈技術中每一個區段包含了前一個區段的雜湊值的特性,以確保這些紀錄區塊的順序及內容難以竄改。 The process S504 creates a new record block for the hash value of the previous record block and the hash value of the signature. In this process, the signing server creates a new record block after completing the signature. Its content includes the hash value of this signature and the hash value of the previous record block. Specifically, the blockchain technology can be used Each section contains the characteristics of the hash value of the previous section to ensure that the order and content of these record blocks are difficult to tamper with.

流程S505為判斷憑證是否即將過期。於此流程中,簽章伺服器檢查憑證到期日期,若非即將到期,則重複流程S503和流程S504產生簽章和相對應的紀錄區塊,若即將到期,則執行流程S506。 The process S505 is to determine whether the voucher is about to expire. In this process, the signing server checks the expiration date of the certificate, and if it is not about to expire, it repeats the process S503 and the process S504 to generate a signature and corresponding record block, and if it is about to expire, executes the process S506.

流程S506為以最後一紀錄區塊之雜湊值向時戳服務中心取得時戳。於此流程中,簽章伺服器傳送最後一紀錄區塊之雜湊值至時戳服 務中心取得時戳,所取得的時戳內容將會包含最後一紀錄區塊之雜湊值,目的是為了證明整個紀錄串鏈出現在時戳時間之前。 The process S506 is to obtain the time stamp from the time stamp service center based on the hash value of the last record block. In this process, the signature server sends the hash value of the last record block to the time stamp server The service center obtains the time stamp, and the content of the time stamp obtained will contain the hash value of the last record block. The purpose is to prove that the entire record chain appears before the time stamp time.

流程S507為向該數位憑證認證機構取得憑證有效性證明(OCSP或CRL)。於此流程中,簽章伺服器向數位憑證認證機構取得憑證有效性證明,並藉由流程S506和S507所取得之時戳和憑證有效性證明,以供日後確認簽章時憑證有效性。 The process S507 is to obtain a certificate validity certificate (OCSP or CRL) from the digital certificate certification authority. In this process, the signing server obtains the certificate validity certificate from the digital certificate certification authority, and uses the time stamp and certificate validity certificate obtained in the processes S506 and S507 to confirm the validity of the certificate at the time of signing in the future.

另外,流程S508是說明為若發生私鑰遺失或外洩的情況,需先執行S506和S507,再向該數位憑證認證機構註銷憑證,避免S507無法取得憑證有效性證明。在註銷憑證後,因為憑證已失效或是即便被惡意產生簽章也非屬簽章伺服器所產生,故無簽章紀錄區塊可證明簽章時憑證有效,如此可確保惡意產生簽章為無效簽章。 In addition, the process S508 explains that if the private key is lost or leaked, S506 and S507 need to be executed first, and then the certificate is cancelled with the digital certificate certification authority to avoid the failure of S507 to obtain the certificate validity certificate. After the certificate is cancelled, because the certificate is invalid or even if the signature is generated maliciously, it is not generated by the signature server. Therefore, there is no signature record block to prove that the certificate is valid when the signature is signed. This can ensure that the maliciously generated signature is Invalid signature.

第6圖為本發明之驗證簽章時憑證有效性的流程圖,係說明如何驗證簽章時憑證有效性。以下請一併參考第4圖進行說明。 Figure 6 is a flow chart of the present invention for verifying the validity of the certificate when signing, which explains how to verify the validity of the certificate when signing. Please refer to Figure 4 for description below.

流程S601為檢查憑證是否未過期,即驗證端檢查憑證到期日期,是否未過期。流程S602為向數位憑證認證機構查詢憑證是否未被註銷,即驗證端向數位憑證認證機構查詢憑證是否未被註銷。 The process S601 is to check whether the certificate has not expired, that is, the verifier checks the expiration date of the certificate to see if it has not expired. The process S602 is to query the digital certificate certification authority whether the certificate has not been cancelled, that is, the verification terminal queries the digital certificate certification authority whether the certificate has not been cancelled.

流程S603為在未通過S601或S602的情況下,向簽章伺服器取得紀錄串鏈、時戳、憑證有效性證明。於此流程中,在未通過流程S601或S602的情況下,驗證端向簽章伺服器取得紀錄串鏈、時戳、憑證有效性證明,在實際應用上,流程S601和流程S602即可證明簽章時憑證有效,僅有少數簽章在長時間過後憑證已失效時,需要驗證簽章時憑證有效性。 The process S603 is to obtain the record chain, time stamp, and certificate validity certificate from the signature server in the case of failing S601 or S602. In this process, if the process S601 or S602 is not passed, the verifier obtains the record chain, time stamp, and certificate validity certificate from the signature server. In practical applications, the process S601 and the process S602 can prove the signature. The certificate is valid at the time of the seal, and only a few signatures need to verify the validity of the certificate at the time of signing when the certificate is invalid after a long period of time.

流程S604為檢查是否存在一紀錄區塊內容與此簽章相符, 即驗證端檢查紀錄串鏈中是否存在一紀錄區塊Lt內容與此簽章相符。 The process S604 is to check whether there is a record block whose content matches the signature, that is, the verifier checks whether there is a record block L t in the record chain that matches the signature.

流程S605為檢查此一紀錄區塊到最後一紀錄區塊間,每個紀錄區塊是否正確包含前一區塊之雜湊值。於此流程中,驗證端檢查此紀錄區塊Lt到最後一個紀錄區塊Lf中,每一個紀錄區塊是否正確包含前一區塊之雜湊值,且依據區塊鏈特性,僅需檢查Lt到Lf紀錄串鏈,就可證明Lt出現於Lf之前,無須處理Lt之前的紀錄區塊。 The process S605 is to check whether each record block correctly contains the hash value of the previous block from this record block to the last record block. In this process, the verifier checks from this record block L t to the last record block L f , whether each record block correctly contains the hash value of the previous block, and according to the characteristics of the blockchain, it only needs to be checked The record chain from L t to L f can prove that L t appears before L f , and there is no need to process the record block before L t.

流程S606為檢查最後一個區塊的雜湊值是否正確出現在時戳中,即驗證端會檢查最後一個區塊的雜湊值是否正確出現在時戳中,而最後一個區塊的雜湊值出現在時戳中,代表整個紀錄串鏈出現於時戳時間前。 The process S606 is to check whether the hash value of the last block correctly appears in the time stamp, that is, the verifier will check whether the hash value of the last block correctly appears in the time stamp, and the hash value of the last block appears in the time stamp. In stamp, it means that the entire record chain appears before the time stamp time.

流程S607為查時戳時間是否在憑證有效性證明時間之前,即驗證端檢查時戳時間是否在憑證有效性證明時間之前,而時戳時間在憑證有效性證明時間之前,代表憑證狀態在此時戳時間為有效。因此,透過流程S605到S607的結果,即可證明簽章時憑證有效。 The process S607 is to check whether the time stamp time is before the certificate validity proof time, that is, the verifier checks whether the time stamp time is before the certificate validity proof time, and the time stamp time is before the certificate validity proof time, which represents the status of the certificate at this time. The stamp time is valid. Therefore, through the results of the processes S605 to S607, it can be proved that the certificate is valid at the time of signing.

綜上所述,本發明要求簽章伺服器將前一紀錄區塊的雜湊值寫入簽章中的認證屬性,且將前一紀錄區塊的雜湊值和簽體的雜湊值建立新紀錄區塊並留存下來,利用區塊鏈特性,無須將此紀錄即時公開或交由第三方公證,即達成簽章伺服器無法變造簽章順序的目的。另外,本發明要求簽章伺服器在簽章憑證即將過期或所使用的金鑰遺失或外洩需要註銷憑證時,以最後一筆紀錄區塊的雜湊值至時戳服務中心取得時戳以及至數位憑證認證機構取得憑證有效性證明,並與紀錄串鏈一同留存,故能提供後續檢查「簽章時憑證有效性」使用;另外,本發明在憑證過期或註銷後, 能藉由簽章伺服器所留存的紀錄串鏈、時戳、憑證有效性證明來證明簽章時憑證有效,因此簽章有效性不會受到憑證目前狀態所影響,此與每一次簽章時皆需至第三方取時戳和憑證有效性證明以達到憑證過期或註銷後仍可證明簽章有效的現有方法相比,本發明大量節省了每次簽章時所需的運算花費和網路傳輸。 In summary, the present invention requires the signature server to write the hash value of the previous record block into the authentication attribute in the signature, and create a new record area from the hash value of the previous record block and the hash value of the signature. Blocks are retained and the block chain is used. There is no need to disclose this record in real time or hand it over to a third-party notarization, which achieves the purpose that the signature server cannot change the order of signatures. In addition, the present invention requires the signing server to use the hash value of the last record block to obtain the time stamp and to the digital value when the signing certificate is about to expire or the used key is lost or leaked. The certificate certification authority obtains the certificate validity certificate and keeps it together with the record chain, so it can provide a follow-up check on the validity of the certificate at the time of signing; in addition, the present invention can be used after the certificate expires or is cancelled. It can be verified that the certificate is valid at the time of signing by the record chain, time stamp, and certificate validity certificate saved by the signing server. Therefore, the validity of the signature will not be affected by the current status of the certificate. This is the same as every time the certificate is signed. All need to go to a third party to get the time stamp and the certificate validity certificate to achieve the validity of the signature after the certificate expires or is cancelled. Compared with the existing method that can prove the validity of the signature, the present invention greatly saves the computational cost and network required for each signature. transmission.

上述實施形態僅例示性說明本發明之原理及其功效,而非用於限制本發明。任何熟習此項技藝之人士均可在不違背本發明之精神及範疇下,對上述實施形態進行修飾與改變。因此,本發明之權利保護範圍,應如後述之申請專利範圍所列。 The above-mentioned embodiments only exemplarily illustrate the principles and effects of the present invention, and are not intended to limit the present invention. Anyone who is familiar with this technique can modify and change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Therefore, the scope of protection of the rights of the present invention should be listed in the scope of patent application described later.

S11~S14‧‧‧步驟 S11~S14‧‧‧Step

Claims (10)

一種證明簽章時憑證有效性的紀錄方法,係包括:令簽章伺服器產生金鑰對,以向一數位憑證認證機構申請該金鑰對之憑證;令該簽章伺服器建立初始紀錄區塊;該簽章伺服器於產生簽章時,係將前一紀錄區塊之雜湊值寫入該簽章之認證屬性中,並以該前一紀錄區塊之雜湊值加上當次簽章之簽體的雜湊值以建立新紀錄區塊,其中,於該簽章伺服器檢查該憑證之到期日期為非即將到期時,係以上述方式持續產生新的簽章,俾令該初始紀錄區塊以及至少一該新紀錄區塊成為紀錄串鏈;以及於該簽章伺服器檢查該憑證之到期日期為即將到期時,令該簽章伺服器以最後一紀錄區塊之雜湊值向一時戳服務中心取得時戳以及向該數位憑證認證機構取得憑證有效性證明,俾供確認於簽章時該憑證之有效性。 A recording method for proving the validity of a certificate at the time of signing includes: ordering a signing server to generate a key pair to apply for a certificate of the key pair from a digital certificate certification authority; ordering the signing server to create an initial record area Block; when the signature server generates the signature, it writes the hash value of the previous record block into the authentication attribute of the signature, and adds the hash value of the previous record block to the current signature The hash value of the signature is used to create a new record block, where, when the signature server checks that the expiration date of the certificate is not about to expire, new signatures are continuously generated in the above manner to make the initial record The block and at least one new record block become a record chain; and when the signing server checks that the expiration date of the certificate is about to expire, the signing server is made to use the hash value of the last record block Obtain the time stamp from the one-time stamp service center and obtain the certificate validity certificate from the digital certificate certification body to confirm the validity of the certificate at the time of signing. 如申請專利範圍第1項所述之證明簽章時憑證有效性的紀錄方法,其中,令該初始紀錄區塊以及至少一該新紀錄區塊成為紀錄串鏈係指透過區塊鏈技術中每一個紀錄區塊包含前一個紀錄區塊之雜湊值的特性,以確保該些紀錄區塊之順序及內容未被竄改。 For example, the recording method for proving the validity of the certificate at the time of signing as described in the scope of patent application, wherein, making the initial record block and at least one new record block become a record chain refers to the use of each block chain technology A record block contains the characteristics of the hash value of the previous record block to ensure that the order and content of the record blocks are not tampered with. 如申請專利範圍第1項所述之證明簽章時憑證有效性的紀錄方法,其中,於該簽章中放入該前一紀錄區塊之雜湊值至該認證屬性係利用非對稱加密技術以確保該雜湊值紀錄無法被竄改。 For example, the recording method for proving the validity of the certificate at the time of signing as described in item 1 of the scope of patent application, wherein the hash value of the previous record block is placed in the signature to the authentication attribute by using asymmetric encryption technology Ensure that the hash value record cannot be tampered with. 如申請專利範圍第1項所述之證明簽章時憑證有效性的紀錄方法,其中,該初始紀錄區塊之內容包括簽章憑證相關資訊或是任何事先約定內容。 For example, the recording method for proving the validity of the certificate at the time of signing as described in item 1 of the scope of patent application, wherein the content of the initial record block includes information related to the signing certificate or any pre-appointed content. 如申請專利範圍第1項所述之證明簽章時憑證有效性的紀錄方法,其中,令該簽章伺服器以該最後一紀錄區塊之雜湊值向該時戳服務中心取得該時戳係用於證明該紀錄串鏈在時戳時間前已存在。 For example, the recording method for proving the validity of the certificate at the time of signing as described in item 1 of the scope of patent application, in which the signing server is made to obtain the time stamp system from the time stamp service center with the hash value of the last record block It is used to prove that the record chain already exists before the time stamp time. 如申請專利範圍第5項所述之證明簽章時憑證有效性的紀錄方法,其中,該簽章伺服器向該數位憑證認證機構取得該憑證有效性證明係包括取得憑證吊銷列表(Certificate Revocation List,CRL)或線上即時憑證狀態查詢(Online Certificate Status Protocol,OCSP),以證明該時戳時間下該憑證為有效。 For example, the method for recording the validity of a certificate at the time of signing as described in item 5 of the scope of patent application, wherein the signing server obtains the certificate validity certificate from the digital certificate certification authority including obtaining a certificate revocation list (Certificate Revocation List). , CRL) or online real-time certificate status query (Online Certificate Status Protocol, OCSP) to prove that the certificate is valid under the time stamp. 如申請專利範圍第1項所述之證明簽章時憑證有效性的紀錄方法,其中,若發生私鑰遺失或外洩時,該簽章伺服器係以該最後一紀錄區塊之雜湊值向該時戳服務中心取得該時戳以及向該數位憑證認證機構取該憑證有效性證明,之後再向該數位憑證認證機構註銷憑證。 For example, the recording method for proving the validity of the certificate at the time of signing as described in item 1 of the scope of patent application, in which, if the private key is lost or leaked, the signing server uses the hash value of the last record block to forward The time stamp service center obtains the time stamp and obtains the certificate validity certificate from the digital certificate certification authority, and then cancels the certificate from the digital certificate certification authority. 如申請專利範圍第1項所述之證明簽章時憑證有效性的紀錄方法,復包括當該憑證已過期或已註銷的情況下,由驗證者藉該簽章伺服器所留存之該紀錄串鏈、該時戳、該憑證有效性證明,進行該憑證之有效性的確認。 For example, the method of recording the validity of a certificate at the time of signing as described in item 1 of the scope of patent application includes the record string kept by the verifier through the signing server when the certificate has expired or has been cancelled. Chain, the time stamp, and the proof of the validity of the certificate to confirm the validity of the certificate. 如申請專利範圍第8項所述之證明簽章時憑證有效性的紀錄方法,其中,該憑證之有效性的確認包括:檢查該紀錄串鏈中是否存在一紀錄區塊內容與該簽章相符; 檢查該紀錄區塊到該最後一紀錄區塊之間,每一個紀錄區塊是否正確包含其前一個紀錄區塊之雜湊值;檢查該最後一紀錄區塊之雜湊值是否正確出現在該時戳中;以及檢查該時戳之時戳時間是否在該憑證有效性之證明時間之前。 For example, the recording method for proving the validity of the certificate at the time of signing as described in item 8 of the scope of patent application, wherein the confirmation of the validity of the certificate includes: checking whether there is a record block in the chain of records that matches the signature ; Check whether each record block correctly contains the hash value of the previous record block between the record block and the last record block; check whether the hash value of the last record block correctly appears on the time stamp Middle; and check whether the time stamp time of the time stamp is before the proof time of the validity of the certificate. 如申請專利範圍第1項所述之證明簽章時憑證有效性的紀錄方法,其中,於該簽章伺服器以該最後一紀錄區塊之雜湊值向該時戳服務中心取得該時戳以及向該數位憑證認證機構取得該憑證有效性證明後,當該簽章伺服器欲執行簽章動作時,需重新產生新金鑰對以及申請新憑證,以產生該新憑證相對應之紀錄串鏈。 For example, the recording method for proving the validity of a certificate at the time of signing as described in item 1 of the scope of patent application, wherein the signature server uses the hash value of the last record block to obtain the time stamp from the time stamp service center and After obtaining the certificate validity certificate from the digital certificate authority, when the signing server wants to perform the signing action, it needs to regenerate a new key pair and apply for a new certificate to generate the record chain corresponding to the new certificate .
TW108125090A 2019-07-16 2019-07-16 Method to display the validation of certificate at signing time TWI732247B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108125090A TWI732247B (en) 2019-07-16 2019-07-16 Method to display the validation of certificate at signing time

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108125090A TWI732247B (en) 2019-07-16 2019-07-16 Method to display the validation of certificate at signing time

Publications (2)

Publication Number Publication Date
TW202105223A TW202105223A (en) 2021-02-01
TWI732247B true TWI732247B (en) 2021-07-01

Family

ID=75745375

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108125090A TWI732247B (en) 2019-07-16 2019-07-16 Method to display the validation of certificate at signing time

Country Status (1)

Country Link
TW (1) TWI732247B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI747659B (en) * 2020-12-11 2021-11-21 中華電信股份有限公司 Iot system and privacy authorization method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106301792A (en) * 2016-08-31 2017-01-04 江苏通付盾科技有限公司 Ca authentication management method based on block chain, Apparatus and system
CN106789090A (en) * 2017-02-24 2017-05-31 陈晶 Public key infrastructure system and semi-random participating certificate endorsement method based on block chain
CN106789041A (en) * 2017-02-15 2017-05-31 江苏信源久安信息科技有限公司 A kind of credible block chain method of decentralization certificate
CN106850190A (en) * 2017-02-14 2017-06-13 北京乐酷达网络科技有限公司 It is a kind of to the destroying method based on block chain digital certificate
CN108696348A (en) * 2017-04-06 2018-10-23 中国移动通信有限公司研究院 A kind of method, apparatus, system and electronic equipment for realizing CA mutual trusts

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106301792A (en) * 2016-08-31 2017-01-04 江苏通付盾科技有限公司 Ca authentication management method based on block chain, Apparatus and system
CN106850190A (en) * 2017-02-14 2017-06-13 北京乐酷达网络科技有限公司 It is a kind of to the destroying method based on block chain digital certificate
CN106789041A (en) * 2017-02-15 2017-05-31 江苏信源久安信息科技有限公司 A kind of credible block chain method of decentralization certificate
CN106789090A (en) * 2017-02-24 2017-05-31 陈晶 Public key infrastructure system and semi-random participating certificate endorsement method based on block chain
CN108696348A (en) * 2017-04-06 2018-10-23 中国移动通信有限公司研究院 A kind of method, apparatus, system and electronic equipment for realizing CA mutual trusts

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI747659B (en) * 2020-12-11 2021-11-21 中華電信股份有限公司 Iot system and privacy authorization method

Also Published As

Publication number Publication date
TW202105223A (en) 2021-02-01

Similar Documents

Publication Publication Date Title
US20200382326A1 (en) Digital certificate verification method and apparatus, computer device, and storage medium
US10915552B2 (en) Delegating credentials with a blockchain member service
US10862892B2 (en) Certificate system for verifying authorized and unauthorized secure sessions
WO2020062668A1 (en) Identity authentication method, identity authentication device, and computer readable medium
US10361852B2 (en) Secure verification system
US10432595B2 (en) Secure session creation system utililizing multiple keys
JP2020509680A (en) How to sign new blocks in a decentralized blockchain consensus network
US20050132201A1 (en) Server-based digital signature
CN108830733A (en) A kind of information processing method, block scm cluster and system
US10374808B2 (en) Verification system for creating a secure link
CN109547206A (en) The processing method and relevant apparatus of digital certificate
CN111339116A (en) Block chain-based method for sharing open bank data
US20160359633A1 (en) System and method for publicly certifying data
CN102724042B (en) Third-party platform electronic contracting system based on electronic signature technology
CN114760071B (en) Zero-knowledge proof based cross-domain digital certificate management method, system and medium
JPWO2020010279A5 (en)
TW201909013A (en) System and method for identity verification and privacy protection in public blockchain
JP2004104750A (en) Verify method of digital signature
TWI668590B (en) Certificate validity verification system and method thereof
TWI732247B (en) Method to display the validation of certificate at signing time
CN115277010A (en) Identity authentication method, system, computer device and storage medium
CN115147975B (en) Encryption network voting method based on block chain
TWI786981B (en) System and mehtod of precertificate management and computer readable medium thererof
US20230188353A1 (en) Multi-issuer anonymous credentials for permissioned blockchains
Dumas et al. LocalPKI: An interoperable and IoT friendly PKI