Data verifying method apparatus for creating data to be verified and data verifying apparatus
First Claim
1. A data verifying method, comprising the steps of:
- creating a verification value of a data body inside a protective apparatus from a verification value of the relevant data body out of a plurality of data bodies generated in sequence and a verification value of a data body preceding the relevant data body;
creating a verification value with a signature by adding a digital signature inside the protective apparatus to the verification value created for the last data body out of the plurality of data bodies to be verified at a time;
sending the verification value with the signature outside from the protective apparatus; and
verifying the plurality of data bodies based on the plurality of data bodies and the verification value with the signature.
1 Assignment
0 Petitions
Accused Products
Abstract
A token 12 creates utilization history information and sends the information to an information processing unit 11 and simultaneously creates an verification value and stores the value in a utilization-value holding unit 21. The information processing unit 11 records the utilization history information in a history holding unit 16. On receiving a verification-value output request from the information processing unit 11, the token 12 provides the verification value with a signature and outputs the combination of the verification value and the signature. The information processing unit sends to a recovery unit 13 the verification value with the signature as well as the utilization history information. The recovery unit 13 verifies the signature and also the utilization history on the basis of the verification value further.
64 Citations
21 Claims
-
1. A data verifying method, comprising the steps of:
-
creating a verification value of a data body inside a protective apparatus from a verification value of the relevant data body out of a plurality of data bodies generated in sequence and a verification value of a data body preceding the relevant data body; creating a verification value with a signature by adding a digital signature inside the protective apparatus to the verification value created for the last data body out of the plurality of data bodies to be verified at a time; sending the verification value with the signature outside from the protective apparatus; and verifying the plurality of data bodies based on the plurality of data bodies and the verification value with the signature.
-
-
2. An apparatus for creating data to be verified, said apparatus comprising:
-
means for generating data bodies in sequence; verification value storage means for storing verification values; verification value creation means for creating a new verification value from the verification value stored in the verification value storage means and a newly generated data body and updating the verification value stored in the verification value storage means to the new verification value; and signature means for attaching a signature to the verification value stored in the verification value storage means at predetermined timing; wherein said verification value creation means, said verification value storage means and said signature means are installed in a protective apparatus.
-
-
3. A data verifying apparatus, comprising:
-
a plurality of data bodies generated in sequence; means for receiving a verification value with a signature resulting from providing a signature for the verification value by adding a digital signature inside a protective apparatus to the verification value created for the last data body out of the plurality of data bodies to be verified at a time; signature verifying means for verifying the signature on the verification value received; and verifying means for verifying the correctness of the plurality of data bodies received from the verification value with the signature verified by the signature verifying means.
-
-
4. A history holding method for holding in a protective apparatus only a verification value resulting from sequential calculations with respect to a group of history data comprising:
a plurality of continuous history data, and providing a signature for only the verification value when the verification value is output from the protective apparatus.
-
5. A history holding apparatus comprising:
-
data input means for inputting a plurality of continuous data; data processing means for processing the data; verification value creation means for creating a verification value with history data in the form of a combination of the data processing and the verification value held at the time the history data is processed as inputs; verification value holding means for holding the verification value thus created; and signature means for providing a signature for the verification value; wherein said verification value creation means, said verification value holding means and said signature means are installed in a protective apparatus. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A history verifying apparatus comprising:
-
data input means for inputting a verification value with a signature, the signature being provided for the verification value calculated from a plurality of continuous history data in group and from the data groups; signature verifying means for verifying the signature of the verification value thus received with the signature; and verifying means for verifying the correctness of the data group received from the data group received and the verification value whose signature has been verified. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A history holding apparatus comprising:
-
data storage means for holding data; halt condition holding means for holding the operating state of the data storage means at the time the function is stopped; function halt means for stopping the function when the conditions held in the halt condition holding means are met and keeping the function stopped until a function start request is received from the outside; private-key holding means for holding a private key; digital signature means for providing a digital signature using the private key held in the private-key holding means for the data group held in data holding means; digital signature holding means for holding the digital signature affixed; and public-key holding means for holding the public key of an external right person, wherein the function halt means verifies that an accepting instruction is intended to restore the function corresponding to the digital signature provided by the external right person for the digital signature held in the digital signature holding means and that by verifying the signature with the public key held by the public-key holding means at the time of receiving the instruction, whether or not the value with the signature is equal to the value held by the digital signature holding means.
-
-
20. An electronic equipment comprising:
-
function halt means for stopping at least part of the function of an electronic equipment body when predetermined conditions are met; means for outputting predetermined data; means for receiving data with a signature, the data being created by providing the signature for the predetermined data; signature verifying means for verifying the signature on the predetermined data received; and means for releasing the halt state of that part of the function when the correctness of the signature of the data with the signature is verified by the signature verifying means.
-
-
21. A computer program product for effecting interaction between a data creation apparatus and a data recovery apparatus for recovering data bodies that are output from the data creation apparatus, which comprises means for generating the data bodies in sequence, verification value holding means for holding verification values, verification value creation means for creating a new verification value from the verification value held in the verification value holding means and a newly generated data body and updating the verification value held in the verification value holding means to the new verification value, and signature means for attaching a signature to the verification value held in the verification value holding means at predetermined timing, characterized by causing a computer to take the steps of:
-
storing the data body that is output from the data creation apparatus and the verification value provided with the signature, and sending the data body and the verification value with the signature thus stored therein to the data recovery apparatus at predetermined timing.
-
Specification