1. Field of the Invention
The present invention relates to a data-processing system and a method for controlling the data-processing system, and particularly relates to a technology for synthesizing digital-signature information.
2. Description of the Related Art
In recent years, digital cameras are rapidly becoming available. Images photographed by the digital cameras are now used in many fields, since they can be stored and kept, as electronic image data. Therefore, unlike known silver-salt photographs, the user of the digital camera does not have to develop and print an image photographed by the digital camera. Furthermore, the image is free from aging degradation, easy to be retrieved, and can be transmitted to a distant location via a communication line, as the image data.
Among the above-described fields, there are the non-life-insurance industry, wherein an accident is assessed by using photographed images of the damage conditions of an automobile involved in an accident, the construction industry, wherein a construction site is photographed for confirming the progress thereat, and wherein a building is photographed for confirming the specification thereof, and so forth. Ministry of Land, Infrastructure, and Transport (MLIT) of Japan has already permitted to use an image photographed by the digital camera for making the record of a civil-engineering-work site.
However, since a photographed image taken by the digital camera can be changed into digital data, the following problems have arisen. Namely, the photographed image can be easily changed and modified on a personal computer (PC) by using a commercially available photo-retouch tool, which is an application program. Since the digital data can be easily processed and/or modified, the reliability of the image photographed by the digital camera is considered to be lower than that of the image of a silver-salt photograph, particularly in the case where the image is used, as a photographic evidence of an accident, or attached to the report of the accident.
Although the image of a silver-salt photograph can be changed, such change is hardly made, since the cost of making the change is significantly higher than compensation obtained for the change, or the result of the change is unnatural, which makes a silver-salt photograph suitable to be used, as evidence. Therefore, there is apprehension that the above-described defect of an image photographed by the digital camera would be a great problem for the non-life-insurance industry and the construction industry in the future. Subsequently, a system configured to solve the above-described problem has been demanded.
At present, a system for detecting a change in image data by using digital-signature data synthesized by an encryption technology is disclosed in U.S. Pat. No. 5,499,294.
The above-described system includes an image-generation device (a camera) configured to synthesize image data and an image-verification device configured to verify the integrity of the image data. In the image-generation device, predetermined calculation is executed based on private information unique to the image-generation device and data on an image photographed and digitized by the image-generation device, whereby digital-signature data (described later) which is information used for identifying the image data (detecting a change in the image) is synthesized. Then, the digital-signature data and the data on the image photographed and digitized by the image-generation device are externally transmitted from the image-generation device. The image-verification device performs verification by comparing data obtained by executing predetermined calculation to the image data to data obtained by executing the inverse of the calculation performed at the time where the digital-signature data is synthesized to the digital-signature data. Further, in the case of U.S. Pat. No. 5,499,294, a hash function (a compression function) and a public-key cryptosystem are used, for synthesizing the digital-signature data.
Here, a system configured to detect a change in an image by using a digital signature is considered, where the system is used for an image-synthesis unit such as a camera. The digital signature allows synthesizing signature data by using a private key, as is the case with the above-described known technology. The private key can be set according to the following two methods.    1. The user of the camera synthesizes the private key and sets it to the camera.    2. The manufacturer of the camera synthesizes the private key and sets it to the camera.
Subsequently, the following problems arise.    1. Since the user knows the private key, and is the very person who sets the private key, the image data can be changed only by the user. Therefore, there is no guarantee that the image photographed by the camera has not been changed, even though the above-described known technology had already succeeded in offering the guarantee.    2. If the manufacturer sets the private key, the user cannot know the private key so that a high degree of security is achieved. However, setting private keys to cameras so that each of the private keys is unique to the camera corresponding thereto makes the steps of manufacturing the camera complicated. Therefore, identical private keys should be set for all of the cameras. In that case, however, if the private key of one of the cameras is analyzed, the private keys of the other cameras may be analyzed.