1. Technical Field
The present invention relates to an information processing system, an information processing apparatus, an information processing method, and a storage medium.
2. Related Art
When digital data such as an electronic file is created on a computer, the time at which the digital data was created (hereinafter referred to the creation time) is set as attribute information of the digital data. Here, while the creation time is originally considered to be attribute information that should not be changed, it is actually possible to rewrite the creation time in a manner similar to normal data. Specifically, as digital data can be created freely as having time in the past or time in the future, when the digital data was actually created cannot be guaranteed by attribute information alone.
In order to deal with the above disadvantage, at present, time stamp authorities are established to perform time authentication of digital data by third party authorities. More specifically, receiving a time stamp request including a digest of digital data that is transmitted by a user, a time stamp authority adds time information to the transmitted digest and further applies a digital signature to the digest using a private key of the time stamp authority. The time stamp authority then returns the digest with digital signature to the user. Here, the information that is returned to the user is referred to as a “time stamp token”. Then, later, when the user wishes to prove the existence of the digital data at a certain time, the user transmits the digest of the digital data having a time stamp added thereto to the time stamp authority to thereby request verification of the time stamp. The time stamp authority, receiving the request, verifies the time stamp that is transmitted, by using digital signature. In this manner, the user can prove that the digital data already existed at the certain time.
However, the time stamp is not necessarily valid permanently and can be invalidated. Invalidation of time stamp may or may not be anticipated. Invalidation of time stamp that can be anticipated is expiration of a valid period. Specifically, because the expiration date is established for the private key itself that is used for generating a time stamp by the time stamp authority, the expiration date naturally exists for the time stamp as well. On the other hand, invalidation of time stamp that cannot be anticipated includes: a case where the private key of a time stamp authority has leaked out; a case where a certificate authority that issued the private key to the time stamp authority is in a critical situation; a case where the signature algorithm in the time stamp authority is in a critical state, and so on.
In the former case, because the expiration date of the time stamp can be known in advance, expiration of the valid period can be dealt with easily by obtaining the time stamp once again before expiration. In the latter case, on the other hand, it is not possible to predict leakage of the private key of the time stamp authority or crisis of the certificate authority or the like. Therefore, the unanticipated invalidation of time stamp cannot be dealt with easily. Consequently, when leakage of the private key of the time stamp authority or the like occurs, the time stamp becomes invalidated, making it impossible to certify the time at which the digital data exists. As such, when the time stamp is invalidated in an unanticipated manner, the time at which the digital data exists, in other words, the time at which the time stamp was applied, cannot be verified accurately.
However, there may be cases where requirements for the time certification can be satisfied only by verifying that the time stamp was applied in a certain time width, rather than at an exact time. It is therefore advantageous that such a time width can be verified.