1. Technical Field
The present invention relates to a long-term signature terminal, a long-term signature server, a long-term signature terminal program, and a long-term signature server program, and for example, to a technique for creating long-term signature data.
2. Background Art
In order to certify unfalsification (authenticity) of electronic data, an electronic signature is widely used in which electronic data is encrypted with a secret key to perform the electronic signature, and then electronic data is decrypted with a public key corresponding to the secret key to verify the electronic signature.
Electronic data is decrypted with the public key, and thus it can be confirmed that electronic data is encrypted with the secret key corresponding to the public key. However, since a signatory has the secret key, it can be certified that electronic data is generated by the signatory. For example, the secret key functions as a seal, and the public key functions as a certificate of the seal.
The public key is distributed by a public key certificate which is issued by a certificate authority, and when the public key is distributed, the authenticity of the public key can be confirmed by the certificate.
Meanwhile, the electronic signature has an expiration date which is set so as to cope with a compromise or the like of an encryption algorithm used in the signature or the like.
Even before the expiration date, the electronic signature may be expired according to signatory's convenience or all certificates following a root certificate may be expired if the secret key is omitted.
Accordingly, in order to cope with the above-described problem, as in PTL 1, an electronic signature format (hereinafter, referred to as long-term signature format) for perpetuating the validity of an electronic signature is specified.
In the long-term signature format, an archive time stamp which is a time stamp having an expiration date longer than an electronic signature is applied to original data and the electronic signature, thereby securing the legitimacy of the electronic data even after the expiration date of the electronic signature has elapsed.
Before the expiration date of the archive time stamp elapses, a second-generation archive time stamp having an expiration date longer than the archive time stamp is applied to extend the expiration date. Hereinafter, the expiration date is extended to the third-generation, the fourth-generation, . . . , making it possible to verify unfalsification of original data over a long period of time.
In the related art, in order to receive a long-term signature service, a user needs to deliver a secret key for signature or original data to a long-term signature service provider, and there is a problem in that confidential information (secret key and original data) should be sent to the outside.
Otherwise, when performing a long term signature on a plurality of pieces of original data while retaining confidential information on the user side, that is, when the user performs a long-term signature without receiving the long-term signature service, there is a need for constructing a long-term signature system on the user side and for performing operation, such as certificate management, time stamp acquisition, and expiration information acquisition.