Field of the Invention
The present invention generally relates to a digital signature service system based on a hash function and a method thereof that may stably perform simultaneous digital signatures for large-scale digital data.
Description of the Related Art
Generally, an electronic document such as a Hangul document, a Word document, a PDF document, and the like, means a document that is written using a computer and is made up of digital information. Unlike conventional documents made of paper, electronic documents may be transmitted in a short time over a data communication network, the Internet, and the like. Accordingly, with the development in communications technology using computers, the use of electronic documents is rapidly increasing.
However, because the electronic document is transmitted in the form of digital signals over a communication network, the security thereof may be weak. Therefore, as one method for improving the reliability of the electronic document, a digital signature may be attached to the document.
Such a digital signature means a seal, a signature, or a cryptographic signature, which is made up of digital information for verifying the identity of the sender of an electronic document, digital data, or a digital message. This may be used to guarantee that the content of the delivered electronic document and digital data has not changed. Therefore, a user attaches a digital signature made up of digital information to an electronic document or digital data rather than directly placing a seal or writing a signature on the document.
Meanwhile, the digital signature may be used for certification of an electronic document or digital data in electronic transactions in which online contracts, electronic seals, etc. are required. Also, recently, the digital signature is actively used as a means for guaranteeing the reliability of electronic transactions, as it is legally recognized.
Also, the digital signature is performed by a signer on electronic documents or in services such as electronic contracts on the web, electronic subscriptions, and the like. In this case, authentication certificates for certifying the digital signature may be used. The authentication certificate is a certificate that is issued by institutions authorized by a country, and confirms the identity of the signer or verifies the digital signature of the signer.
Additional advantages acquired from the use of digital signatures are that the digital signature may be easily transmitted, cannot be repudiated, cannot be copied by others, and a time stamp is automatically maintained. Because the digital signature may be used for any electronic documents and digital data regardless of whether it is encrypted or not, the recipient is guaranteed that the electronic document or the digital data has arrived without falsification and may verify the identity of the sender.
Meanwhile, a conventional digital signature method uses a method in which a user stores a digital signature in a predetermined computer in advance and attaches the stored digital signature to an electronic document when needed. In this case, the seal or signature of the user, which was converted into digital information through a scanning process, may be used as the digital signature.
However, in the case of the conventional digital signature method, because it is necessary to scan the seal or signature of a user to store it in a computer, the process for registering the digital signature is complicated, and because the digital signature is provided through a certain type of network, the qualification of a user allowed to register the digital signature is limited. Also, because the recipient of the electronic document cannot verify the authenticity of the signature attached to the document, there is a disadvantage in that the document has low reliability.
Furthermore, these days, as computer crime techniques become more sophisticated, if electronic documents and/or digital signatures are falsified or forged during the process of transmitting the electronic documents, this cannot be detected. Accordingly, the digital signature may not achieve its original object.
In order to solve the above problem, a digital signature method using a public key-based structure, which is designed using public key encryption, has been used recently. Currently, with the development in information and communication technology and the proliferation of high-speed Internet access, demand for information security is increasing in various fields of society. Therefore, domestic and foreign governments and companies are promoting the distribution of documents that are digitally signed using passwords and digital signatures, which use a public key-based structure.
Meanwhile, the digital signature method using the public key-based structure electronically writes a certain document, and creates a hashed message from the document using specific software. Then, the hash is encrypted using a private key, which has been received in advance from a public-private key generation center. Here, the encrypted hash becomes the digital signature for the message.
However, the conventional digital signature method using the public key-based structure requires a large amount of arithmetic computational resources to support digital signatures based on public keys. Therefore, it is unsuitable for simultaneously generating digital signatures for the large amount of data in an Internet of Things (IoT) environment.