摘要 |
PROBLEM TO BE SOLVED: To add a time onto a signature by off-line and to prevent an unauthorized time setting. SOLUTION: A challenge C is generated by a signature device 100. The challenge C is returned to a time setting server 200, a time request is made and a measurement of the lapse of time is started (a time t1). When the server 200 receives the challenge C, a signature is given to a present time t2 and the challenge C and a signature S and the time t2 are returned to the device 100. The device 100 obtains a lapse of time t3-t2 from a receiving time t3 of the signature S. When the time t3-t2 exceeds a beforehand determined normal time L, the time t2 is ignored. When it is not t3-t2>L, the signature S is verified by using the time t2, the challenge C and a verification key. When the verification is made, the time t2 is set on the timer located in the device 100 and a stop flag is set to OFF. A signature is given to data M only when the flag is OFF. At that time, a time tx of the timer is signed to generate a time signature. When the timer is stopped, the flag is turned ON and no signing is executed. |