公开(公告)号：US09363411B2

公开(公告)日：2016-06-07

申请号：US14240521

申请日：2012-04-27

申请人： Shinichi Murao ,  Masakazu Uehata ,  Hitoshi Yoshida ,  Toshio Takahashi

发明人： Shinichi Murao ,  Masakazu Uehata ,  Hitoshi Yoshida ,  Toshio Takahashi

IPC分类号： H04L9/32 ,  H04N1/32 ,  G06T1/00

CPC分类号： H04N1/32336 ,  G06T1/0021 ,  G06T2201/0062 ,  G06T2201/0064 ,  G06T2201/0065 ,  H04L9/321 ,  H04L9/3239 ,  H04L9/3297 ,  H04N1/32352

摘要： A data certification system includes a proof information generation unit that generates certification information for certifying non-falsification of raw data, and generates proof information including the certification information and time information representing the time of the generation of the certification information. A server transmission unit transmits the proof information which is received by a client reception unit. A time information acquisition unit acquires the time information representing the time of the generation of the certification information from the proof information. A report generation unit generates report data in which the time information and publishing destination information representing a publishing destination are included in the raw data. A transfer unit transfers the raw data, the proof information, and the report data to a publishing server which releases the report data. An output unit outputs the report data.

摘要翻译： 数据认证系统包括证明信息生成单元，其生成用于认证原始数据的非伪造的认证信息，并且生成包括认证信息的证明信息和表示认证信息生成的时间的时间信息。 服务器发送单元发送由客户接收单元接收的证明信息。 时间信息获取单元从证明信息获取表示认证信息生成时间的时间信息。 报告生成单元生成报告数据，其中表示发布目的地的时间信息和发布目的地信息被包括在原始数据中。 转移单元将原始数据，证明信息和报告数据传送到发布报告数据的发布服务器。 输出单元输出报告数据。

公开(公告)号：US09100419B2

公开(公告)日：2015-08-04

申请号：US13985582

申请日：2011-12-08

申请人： Shinichi Murao

发明人： Shinichi Murao

IPC分类号： H04L29/06 ,  H04L9/32

CPC分类号： H04L63/123 ,  H04L9/3247 ,  H04L9/3297 ,  H04L2209/68

摘要： A long-term signature system acquires electronic signature data for each of a series of pieces of original data, transmits the acquired electronic signature data to a predetermined server, and acquires a time stamp issued for the electronic signature data from the predetermined server. Verification information is acquired for verifying the electronic signature data and the time stamp from a predetermined server. Long-term signature target data for confirming unfalsification of the original data, the electronic signature data, the time stamp, and the verification information is acquired for each of the pieces of original data. The acquired long-term signature target data is transmitted to a predetermined server, and long-term signature data having an archive time stamp issued for the long-term signature target data applied thereto is acquired.

摘要翻译： 长期签名系统获取一系列原始数据中的每一个的电子签名数据，将获取的电子签名数据发送到预定的服务器，并从预定的服务器获取为电子签名数据签发的时间戳。 获取验证信息，用于验证来自预定服务器的电子签名数据和时间戳。 为每个原始数据获取用于确认原始数据的不正确的长期签名目标数据，电子签名数据，时间戳和验证信息。 获取的长期签名目标数据被发送到预定的服务器，并且获取具有针对应用于其的长期签名目标数据发行的归档时间戳的长期签名数据。

公开(公告)号：US20130326633A1

公开(公告)日：2013-12-05

申请号：US13985582

申请日：2011-12-08

申请人： Shinichi Murao

发明人： Shinichi Murao

IPC分类号： H04L29/06

CPC分类号： H04L63/123 ,  H04L9/3247 ,  H04L9/3297 ,  H04L2209/68

摘要： A long-term signature system 1 can generate long-term signature data for each of a plurality of pieces of original data in cooperation with a long-term signature server 2 while retaining original data and a secret key for signature in a client terminal 3 without sending original data and the secret key to the outside. In the long-term signature system 1, there are PAdES and XAdES as a long-term signature scheme, a scheme is designated for each piece of original data, and in a state where the plurality of schemes are mixed, long-term signature data can be generated in parallel. In the long-term signature system 1, the secret key of a certificate authority issued a public key certificate paired with the secret key for signature is identical, and the secret key of a TSA certificate authority issued a public key certificate paired with a secret key for time stamp is also identical. Accordingly, verification information is common to original data, and it is only necessary to process single verification information. With the above, it is possible to perform a long-term signature on a plurality of pieces of original data while retaining confidential information on the user side.

摘要翻译： 长期签名系统1可以与长期签名服务器2合作，为多个原始数据中的每一个生成长期签名数据，同时保留原始数据和用于签名的秘密密钥，而不在 将原始数据和密钥发送到外部。 在长期签名系统1中，将PAdES和XAdES作为长期签名方案，为每个原始数据指定方案，并且在多个方案混合的状态下，长期签名数据 可以并行生成。 在长期签名系统1中，证书颁发机构发行的密钥证书与用于签名的秘密密钥相对应的密钥相同，TSA认证机构的秘密密钥发布与秘密密钥配对的公开密钥证书 时间戳也是一样的。 因此，验证信息对于原始数据是共同的，并且仅需要处理单个验证信息。 利用上述，可以在保留用户侧的机密信息的同时对多个原始数据执行长期签名。

公开(公告)号：US09158937B2

公开(公告)日：2015-10-13

申请号：US13985586

申请日：2011-12-08

申请人： Shinichi Murao

发明人： Shinichi Murao

IPC分类号： G06F21/64 ,  H04L9/32

CPC分类号： G06F21/64 ,  H04L9/3247 ,  H04L2209/68

摘要： An information processing device manages the protection state of original data by long-term signature data in storage-target data obtained by combining the long-term signature data and the original data. Management information having a management-target value for each management item obtained from the storage-target data recorded therein is acquired. A management-target value of a predetermined management item is acquired from the acquired management information. The acquired management-target value is compared with a value acquired from the storage-target data or a value acquired from the outside to determine the state of management. A result corresponding to the determined state of management is outputted.

摘要翻译： 信息处理装置通过组合长期签名数据和原始数据而获得的存储目标数据中的长期签名数据来管理原始数据的保护状态。 获取具有从其中记录的存储目标数据获得的每个管理项目的管理目标值的管理信息。 从所获取的管理信息中获取预定管理项目的管理目标值。 将获取的管理目标值与从存储目标数据获取的值或从外部获取的值进行比较以确定管理状态。 输出与确定的管理状态对应的结果。

公开(公告)号：US08819441B2

公开(公告)日：2014-08-26

申请号：US13508752

申请日：2010-07-06

申请人： Shinichi Murao ,  Masakazu Uehata ,  Koichi Shibata

发明人： Shinichi Murao ,  Masakazu Uehata ,  Koichi Shibata

IPC分类号： H04L9/32 ,  G06F15/16 ,  G06F21/64

CPC分类号： H04L9/3247 ,  G06F21/64 ,  H04L9/3236 ,  H04L9/3263 ,  H04L9/3268 ,  H04L9/3297 ,  H04L2209/68

摘要： A long-term signature server includes a signing target data acquisition function for acquiring signing target data, a signature data transmission function for transmitting to a long-term signature terminal signature data for the electronic-signing of the acquired signing target data, a signature value reception function for receiving an electronic signature value of the signing target data generated using the signature data transmitted from the long-term signature terminal, a time stamp acquisition function for acquiring a time stamp corresponding to the received electronic signature value, and a signature data generation function for generating basic signature data using at least the acquired signing target data, the received electronic signature value, and the acquired time stamp.

摘要翻译： 长期签名服务器包括用于获取签名目标数据的签名目标数据获取功能，用于向长期签名终端发送用于所取得的签名目标数据的电子签名的签名数据的签名数据传输功能，签名值 用于接收使用从长期签名终端发送的签名数据生成的签名对象数据的电子签名值的接收功能，用于获取与接收的电子签名值对应的时间戳的时间戳获取功能，以及签名数据生成 用于使用至少所获取的签名目标数据，所接收的电子签名值和所获取的时间戳来生成基本签名数据的功能。

公开(公告)号：US09130973B2

公开(公告)日：2015-09-08

申请号：US13985584

申请日：2011-12-08

申请人： Shinichi Murao

发明人： Shinichi Murao

IPC分类号： H04L29/06 ,  H04L9/32 ,  G06F21/64

CPC分类号： H04L63/123 ,  G06F21/64 ,  H04L9/3247 ,  H04L9/3297 ,  H04L2209/68

摘要： A long-term signature terminal acquires storage-target data and electronic signature data corresponding to the acquired storage-target data. The acquired electronic signature data is transmitted to a server, and electronic signature data having a time stamp applied thereto is received from the server. The received electronic signature data with the applied time stamp is combined with the acquired storage-target data to generate signed data. Verification information for verifying the validity of the electronic signature data having the time stamp is received from the server and applied to the signed data to generate first long-term signature data. Confirmation data for confirming unfalsification of the generated long-term signature data is generated and transmitted to the server, and the confirmation data having a time stamp applied thereto is received from the server. The received confirmation data with the time stamp is applied to the first long-term signature data to generate second long-term signature data.

摘要翻译： 长期签名终端获取与获取的存储目标数据相对应的存储目标数据和电子签名数据。 所获取的电子签名数据被发送到服务器，并且从服务器接收到具有应用时间戳的电子签名数据。 所接收的具有应用时间戳的电子签名数据与获取的存储目标数据组合以生成签名数据。 从服务器接收到用于验证具有时间戳的电子签名数据的有效性的验证信息，并将其应用于签名数据，以产生第一长期签名数据。 生成用于确认产生的长期签名数据的不正确的确认数据并发送给服务器，并且从服务器接收具有应用于其的时间戳的确认数据。 将接收到的具有时间戳的确认数据应用于第一长期签名数据以生成第二长期签名数据。

公开(公告)号：US20130326225A1

公开(公告)日：2013-12-05

申请号：US13985584

申请日：2011-12-08

申请人： Shinichi Murao

发明人： Shinichi Murao

IPC分类号： H04L9/32

CPC分类号： H04L63/123 ,  G06F21/64 ,  H04L9/3247 ,  H04L9/3297 ,  H04L2209/68

摘要： A client terminal 3 can generate PAdES while performing communication with a long-term signature server 2 without delivering a PDF document and a secret key used in an electronic signature to the long-term signature server 2. PAdES is a long-term signature format which is specified for a PDF file. The client terminal 3 transmits CAdES with the electronic signature before time stamp issuance to the long-term signature server 2 to request to issue a time stamp to CAdES. The client terminal 3 requests the long-term signature server 2 to collect verification information, acquires the verification information, further generates information for confirming unfalsification of a signed PDF document and the verification information therefrom, and transmits the information to the long-term signature server 2 to request to generate DTS. With the above, it is possible to perform a long-term signature while retaining confidential information on a user side.

摘要翻译： 客户终端3可以在与长期签名服务器2进行通信的同时生成PAdES，而不将PDF文档和电子签名中使用的秘密密钥交付给长期签名服务器2.PAdES是长期签名格式， 是为PDF文件指定的。 客户端3将具有电子签名的CAdES发送到长期签名服务器2，以请求向CAdES发布时间戳。 客户终端3请求长期签名服务器2收集验证信息，获取验证信息，进一步生成用于确认签名的PDF文档的不正确的信息及其验证信息，并将该信息发送到长期签名服务器 2请求生成DTS。 通过上述，可以在保留用户侧的机密信息的同时执行长期签名。

公开(公告)号：US20120303963A1

公开(公告)日：2012-11-29

申请号：US13508752

申请日：2010-07-06

申请人： Shinichi Murao ,  Masakazu Uehata ,  Koichi Shibata

发明人： Shinichi Murao ,  Masakazu Uehata ,  Koichi Shibata

IPC分类号： H04L9/32 ,  G06F21/24

CPC分类号： H04L9/3247 ,  G06F21/64 ,  H04L9/3236 ,  H04L9/3263 ,  H04L9/3268 ,  H04L9/3297 ,  H04L2209/68

摘要： Long-term signature data is formed at a server side while a private key and the like are held at a client side. The long-term signature data is configured by arranging ES, STS, verification information, ATS (1st), and ATS (2nd) in a predetermined long-term signature format. Among these elements, those for which processing using the private key and original data are necessary are ES and ATS. Due to processing where the original data and the private key is necessary being performed by a client terminal 3 and processing where the long-term signature data is analyzed and generated being performed by a long-term signature server 2, the long-term signature data is generated in the long-term signature server 2 while the original data and the private key are held in an inner portion of the client terminal 3. In this manner, the processing where the long-term signature data is formed is separated from the processing using the private key and the original data and the processing where the analysis and generation of XML is performed, and the former is undertaken in the client terminal 3 and the latter is undertaken in the long-term signature server 2.

摘要翻译： 在服务器端形成长期签名数据，而在客户端保持私钥等。 通过以预定的长期签名格式安排ES，STS，验证信息，ATS（1st）和ATS（2nd））来配置长期签名数据。 在这些元素中，使用私钥和原始数据进行处理的元素是ES和ATS。 由于由客户终端3执行原始数据和专用密钥的处理以及由长期签名服务器2执行长期签名数据分析和生成的处理，所以长期签名数据 在原始数据和专用密钥被保存在客户终端3的内部的同时在长期签名服务器2中生成。以这种方式，形成长期签名数据的处理与处理 使用私钥和原始数据以及执行XML的分析和生成的处理，并且前者在客户终端3中进行，后者在长期签名服务器2中进行。

公开(公告)号：US09231766B2

公开(公告)日：2016-01-05

申请号：US13985585

申请日：2011-12-08

申请人： Shinichi Murao

发明人： Shinichi Murao

IPC分类号： H04L29/06 ,  H04L9/32 ,  G06F21/64

CPC分类号： H04L9/3247 ,  G06F21/645 ,  H04L9/3268 ,  H04L9/3297

摘要： An information processing device has a long-term registration system and a long-term signature system. The long-term registration system receives original data, sets attribute information with respect to the acquired original data, and associates the acquired original data with the set attribute information. The long-term signature system acquires long-term signature data obtained by performing a long-term signature on the associated original data and attribute information.

摘要翻译： 信息处理装置具有长期注册系统和长期签名系统。 长期注册系统接收原始数据，根据获取的原始数据设置属性信息，并将所获取的原始数据与设置的属性信息相关联。 长期签名系统获取通过对相关联的原始数据和属性信息执行长期签名获得的长期签名数据。

公开(公告)号：US20130326234A1

公开(公告)日：2013-12-05

申请号：US13985586

申请日：2011-12-08

申请人： Shinichi Murao

发明人： Shinichi Murao

IPC分类号： G06F21/64

CPC分类号： G06F21/64 ,  H04L9/3247 ,  H04L2209/68

摘要： A long-term signature group has a package of long-term signature data and an information file. The package of long-term signature data is obtained by compressing original data and XAdES as long-term signature data of original data into a single file. In the information file, the hash value of the package of long-term signature data, the expiration date of ATS to be used in XAdES, a distribution point of expiration information, the serial number of ATS, and the like are recorded. Non-destruction of the package of long-term signature data can be confirmed by the hash value, the expiration date of ATS can be confirmed by the expiration date, and the expiration information can be obtained from the distribution point of the expiration information to confirm the validity of ATS. Therefore, the validity of the long-term signature is efficiently confirmed.

摘要翻译： 长期签名组有一个长期的签名数据和一个信息文件。 通过将原始数据和XAdES作为原始数据的长期签名数据压缩为单个文件，获得长期签名数据的包。 在信息文件中，记录长期签名数据的包的散列值，XAdES中使用的ATS的到期日，到期信息的分发点，ATS的序列号等。 可以通过哈希值确认长期签名数据包的不被破坏，到期日可以确认ATS的到期日，并且可以从到期信息的分发点获得到期信息，以确认 ATS的有效性。 因此，长期签名的有效性得到有效的确认。