1. Field of the Invention
The present invention relates to a verification data generating apparatus, a data verification apparatus and a storage medium for storing a verification data generating program and in particular relates to a verification data generating program that provides a signature to a data group to generate verification data, a data verification apparatus that verifies the verification data with a signature and a storage medium for storing a verification data generating program to attach a signature to a data group.
2. Discussion of the Related Art
Recently, networks have developed and various kinds of information are digitized to be distributed through a network. The information such as the character information, still pictures, animations, sound information, programs can be digitized and we can obtain various services on the network that are combinations of those pieces of digital information. However, the digital information has a major defect that it is easily copied. A copy of a piece of digital information is completely the same as the original. Once the digital information is distributed through the network, there occurs a possibility that the information would be copied and used without authorization by the author. Therefore, the author can hardly receive a justifiable reward to which he/she deserves. Thus the easiness of copying has been a factor that prevents distribution of the digital information on the network.
To overcome the problem, systems such as xe2x80x9cCD-Showcasexe2x80x9d (Trademark of International Business Machines Corporation) have been offered, wherein digital information is encrypted to be freely distributed and used with a decryption key acquired through the telephone network at some charge. However, in this method it is impossible to impose a charge to a user according to the frequency of use.
To impose the charge to the user according to the frequency of use, it is necessary to collect charge imposing information such as a using history. The collection of the using history requires a system for assuring legitimacy of the using history because it is also a piece of digital information.
As disclosed by Japanese Patent Application Laid-Open No. Hei. 3-25605 xe2x80x9cCharge imposing information transmission methodxe2x80x9d (1991) and Japanese Patent Application Laid-Open No. Hei. 6-180762 xe2x80x9cCharge imposing information collection systemxe2x80x9d (1994), devices for outputting the charge imposing information are connected to the communication network to automatically collect the charge imposing information. If the communication network is utilized, the legitimacy of the charge imposing information can be assured by a digital signature method or the like using the RSA (Rivest, Shamir, Adleman) encryption (see xe2x80x9cEncryption Theory Introductionxe2x80x9d, Eiji Okamoto, Kyoritsu Publishing company, 1993, pp. 134-138).
The above cases are suggested on the premise that a terminal device for using the digital information is always connected to a network. The premise is supposed because of the bad effects such as the tampering with the data by the user or system troubles caused by the storage of the data in the off-line terminal devices for a long time. However, in general, most of the users utilize the digital information off-line. Therefore it is hardly acceptable to constantly control the user""s terminal device through the network considering the communication costs or operability of the system.
An Integrated Circuit (IC) card attracts attentions as a medium for storing secret information. The charge imposing information or the like can be securely collected by the IC card. Japanese Patent Publication No. Hei. 6-95302 (1994) discloses xe2x80x9cSoftware administration methodxe2x80x9d applied to a system that imposes a charge for using software according to an amount of using and collects the charge by utilizing the IC card. More specifically, a user buys an IC card at a predetermined agency. The price is then written in a balance memory of the card. When the user activates the software, the balance memory of the IC card is checked and the amount corresponding to the charge for using the software is subtracted from the balance memory. When the user spends the whole amount of money written in the balance memory of the card, the card is forwarded to a Software Service Association (hereinafter, referred to as SS association). Particulars of use of the software is stored in the IC card. The SS association pays the charge for using to the author of the software based on the particulars. Therefore, it is possible to allow the user to use the software off-line and impose the charge to the user for the use of the software.
However, the method of forwarding the IC card that stored the using particulars to the SS association has problems in that whenever the amount of money stored in the balance memory of the card has been exhausted, the user has to wait for re-distribution of the card from the SS association or to buy a new IC card at the agency. In addition, the history data generally tends to be long. Accordingly, if the history data is ""stored in the IC card, it is necessary to frequently renew the card because it has merely a small memory capacity.
Therefore, a technology is required for securely saving the data, such as the charge imposing information generated by the IC card in the terminal device which should be certainly forwarded to the SS association. If the charge imposing information can be securely saved in the terminal device, frequent reissue of the IC card is unnecessary despite the small memory capacity of the card. The off-line services are available as a matter of course. The history data such as the charge imposing information is output many times. Consequently, it is necessary to maintain the order of the output pieces of the history data. The SS Association must verify the history data including the order of the pieces of the history data. If a piece of the history data is missed, the charge corresponding thereto cannot be collected.
The present invention has been made in view of the above circumstances and has an object to provide a verification data generating apparatus capable of generating data that can be saved in a terminal device without sustaining unauthorized operations and is assured to have continuity in the order of being output.
Another object of the present invention is to provide a data verification apparatus that can verify the data to be saved in a terminal device without sustaining unauthorized operations, where the continuity in the order of outputting pieces of the data is also verified.
Still another object of the present invention is to provide a storage medium storing a program to have a computer generate verification data that can be saved in a terminal device without sustaining unauthorized operations and is assured to have continuity in the order of being output.
Additional objects and advantages of the invention will be set forth in part in the description which follows and in part will be obvious from the description, or may be learned by practice of the invention.
To achieve the objects and in accordance with the purpose of the invention, as embodied and broadly described herein, a verification data generating apparatus of the present invention comprises a verification value holding element that holds a verification value and a data generating element that generates data bodies. The apparatus also comprises a verification value generating element that generates a new verification value based on both the verification value held in the verification value holding element and the data body whenever the data body is generated and updates the verification value held in the verification value holding element with the new verification value. The apparatus further comprises a data storing element that stores the data bodies generated by the data generating element in order of being generated and a verification data outputting element that generates a signature value by using the new verification value on receiving a verification data outputting request and outputs verification data including the data bodies and the signature value.
A data verification apparatus according to the present invention comprises a verification value holding element that holds a verification value and a reference verification value generating element that receives verification data that is a set of data bodies and a signature value attached thereto and generates a reference verification value based on the verification value and the set of data bodies. The apparatus also comprises an authenticating element that collates a verification value obtained from the signature value with the reference verification value and authenticates the verification data if the signature value and the reference verification value are consistent with each other. The apparatus further comprises a verification value updating element that updates the verification value with the reference verification value if the verification value obtained from the signature value and the reference verification value are consistent with each other.