1. Field of the Invention
The present invention relates to an electronic data storage system and a method thereof for distributing various documents and data as electronic information, and more particularly to an electronic data storage system and a method thereof for assuring original validity for a storage of an electronic data which can be easily falsified or of which falsification cannot be discovered.
2. Description of the Related Art
Currently as various systems are computerized, paper-based data is also becoming computerized. Computerized data can be easily falsified, and in some cases falsification cannot easily be discovered. Therefore to store electronic data, original validity is demanded for electronic data to be as valid as the original.
For this, it is effective to have a falsification detection function and to record the entire access history when storing electronic data, and generally the original validity of the stored data is assured using a public key-based electronic signature so that verification of a third party is possible.
Along with the recent advancements in computer technology and the spread of its knowledge, the potential of the falsification of electronic signatures has been noted, and a method of assuring the original validity of electronic data over the long term using a long term storage technology for electronic signatures has been proposed.
FIG. 13 is a diagram depicting a first prior art. The electronic data storage system 100 stores the registered electronic data A with adding a public key-based electronic signature. In the case of the known RSA encryption system, for example, a pair of a public key and a secret key is created, and the public key is brought to the CA (Certification Authority) office (station) 110 on-line or off-line using a floppy disk, etc., and the public key certificate 106 is acquired from the CA office 110.
The electronic data storage system 100 which received the public key certificate RSA-encrypts the hash value of the electronic data A to be registered using a private key, and creates the electronic signature P. This electronic signature P is stored along with the electronic data A. The public key is disclosed to the individual for whom access to the electronic data A is approved. The electronic signature encrypted by the secret key can be decoded with the public key, and a third party can confirm the original validity of the electronic data using the electronic signature.
This public key certificate has a period of validity, so a new public key is created before the period of validity expires, and a new public key certificate is acquired by using that key, and the electronic data and the electronic signature P are encrypted using the secret key to create a new electronic signature P1.
Normally the period of validity of the public key certificate is about one year, so by attaching a new electronic signature to the electronic signature every year, the dangers surrounding a signature key are prevented and original validity is assured, so as to implement the long term storage of electronic data (e.g. Japanese Patent Application Laid-Open No. 2000-59532).
FIG. 14 is a diagram depicting a second prior art. Just like FIG. 13, the public key certificate 106 is received from the CA office 110, and the electronic data A is stored with the signature P attached. Also the electronic data and the hash value of the data of the electronic signature are sent to TSA (Time Stamp Authority) 112, and the time stamp is acquired as a notarized record. This time stamp T is stored along with the electronic data A and the electronic signature P. By this, the long term storage of electronic data is implemented.
However, in the case of the first prior art, a signature is stored over a long term by attaching an electronic signature to the electronic signature every year, so the new electronic signature must be attached to all the stored electronic data each time the signature key is changed. Therefore this method takes too much time for a storage system which stores a large volume of electronic data, which causes operation problems, and in practical terms makes processing difficult.
In the case of the second prior art, the TSA 112 is outside the system, and it is the TSA 112 which is responsible for long term assurance. And this incurs additional costs since the TSA 112 is run by a third party organization. For example, the cost is xxx Yen per electronic document or xxx thousand Yen per year, which increases operation costs.