In recent years, the Internet and electronized documents are widely used, and images are frequently converted to or generated as electronic data. However, there is a danger that the electronic data are altered in the progress of conversion via a network or storage into a storage medium. To prevent such alteration, an electronic signature technique has been developed.
According to the electronic signature technique, a sender A obtains a hash value (HV) of electronic data to be transmitted using a hash function, then encrypts the obtained HV with a secret key, then attaches the HV to the electronic data as an electronic signature value, and transmits the electronic data with the electronic signature value to a receiver B. Further, when the electronic signature value is transmitted to an authentication bureau C, the authentication bureau C transmits, the electronic signature value and a certificate of the sender A issued by the authentication bureau C, and a public key, as a set, to the receiver B.
The receiver B obtains the HV of the electronic data received from the sender A using the hash function, further, obtains the HV by decoding the electronic signature value received from the authentication bureau C with the received public key. Then the receiver B compares the two HV values and determines whether or not the electronic data has been altered.
In the above technique, to protect the secret key of the sender A from others, it is desirable that duplication of secret key is impossible. However, in a case where a signatory is an organization or company, signature may be made by plural persons in plural places. If duplication of secret key is impossible, it is impossible for persons belonging to the organization or company to hold the same secret key. For this reason, in a case where such organization or company is a signatory, secret keys are generated for the persons and places to sign, and managed by the organization or company.
To verify a signature, it is necessary to obtain a public key corresponding to a secret key used in the signature. Regardless of signatory, i.e., an organization, a company or a person, when plural secret keys are managed, a receiver manages plural public keys and uses a public key corresponding to received signature data, as in the case of management of plural secret keys.
To simplify the key management, known is a method for electronic signature processing for unified secret key management by providing an electronic signature server.
Japanese Patent Application Laid-Open JP 2002-281475 discloses a method for generating an image-data electronic signature via a signature server. An image sensing apparatus transmits image data to a client, encrypts an HV of the image data and transmits the data to a signature server. The signature server decodes the HV, performs electronic signature processing and transmits signature data to the client. According to the method, as a secret key utilized in the electronic signature is managed by the signature server, the secret key can be unified.
However, in the above electronic signature generating method, as the sender of image data and that of signature data are different, it is necessary for the receiver (client) to associate the image data with the signature data, received from the different senders. If some error occurs in the management and discordance occurs between the signature data and the image data, verification of signature of image data cannot be correctly performed.
Further, in the electronic signature generating method, the signature server decodes the encrypted HV of image data, encrypts the HV with the secret key in the signature server and transmits the HV to the client. If the signature data itself is altered on a communication channel, the client cannot correctly perform signature verification. That is, as an verification result, it is determined that the image data has altered although the signature data has been altered.
As described above, in the method utilizing a signature server for unified management of secret key disclosed in JP 2002-281475, as image data and signature data are sent to a client from different senders, the receiver side takes a lot of trouble with association between the two data.
Further, scan data can be transmitted to a designated destination by using a multi-function equipment provided in a convenience store, a public place or the like. In this case, it is significant to transmit correct data (unaltered data). For this purpose, known is a method for performing encryption and electronic signature processing on scan data using a secret key held in a device or an IC card and transmitting the image data with electronic signature.
However, as the use of secret key is closed in the device and it must not exit to the outside, it is necessary to hold different secret keys in devices or IC cards. That is, even in the same type multi-function equipments belonging to the same convenience store group, as the secret keys are different in different shops or devices, it is necessary for a receiver to obtain a public key corresponding to the shop or device. Further, as it is necessary for a person who manages the secret keys to hold a lot of keys, the management cost is increased.