JP2003218860A - Electronic document certification system - Google Patents

Abstract

(57) [Summary] [PROBLEMS] To provide an electronic document certification system that can easily apply “authentication of originality” of an electronic document to an electronic document that occurs on a daily basis and is advantageous in terms of cost. As an issue. An electronic signature is provided for a document created by a creator, and
An electronic signature device that creates a signed document, a time signature device that creates a second signed document by verifying the validity of the first signed document and adding a proof of creation time, and a second signed document The third that added the proof of the verification time after verifying the validity of
The above-mentioned problem is solved by an electronic document certification system including a signature verification device that creates a signature document.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an electronic document certification system for electronically signing a created document including the creation date and time.

[0002]

2. Description of the Related Art When the e-Government, which is one of the Millennium Projects of the Government of Japan, is realized, it becomes possible to make applications and notifications to public institutions using electronic documents. To make that possible, Requires a system to electronically prove who created the created document and when. That is, since an electronic document can be easily duplicated and modified, it is important to provide a so-called “original property guarantee” mechanism that guarantees that the electronic document has not changed from the content at the time of creation. This is so-called E-commerce, which is a commercial transaction on the Internet, except when performing procedures at the city hall, etc.
Due to the development of commerce, it is also required to allow sales contracts and applications between private persons (private companies) to be performed electronically with peace of mind.

A service for providing "original property guarantee" of electronic documents has already started on the Internet by some advanced businesses (for example, HYPERLINK http: // www.
ssc.nttdata.co.jp/index2.html http: //www.ssc.nttda
ta.co.jp/index2.html etc.).

[0004]

In the case of a certification service performed online by a third party (certification service institution), it is necessary to withstand a large number of service requests in order to apply it to electronic documents that occur daily. The system of the service organization must be constructed in the first place, and the cost burden for that may become a problem. In addition, if you try to guarantee the originality online including time certification, the external network will always be connected to the internal computer. Therefore, it is desirable to operate the system independently from the external network (hospital system). , Government systems, corporate systems) will create new security problems. The present invention has been made in consideration of such problems, and "guaranteeing the originality" of an electronic document is
An object of the present invention is to provide an electronic document certification system that can be easily applied to electronic documents that are generated on a daily basis and is advantageous in terms of cost.

[0005]

A first invention for solving the problems is an electronic document certification system based on a public key cryptosystem for proving the creation time and original identity of a created electronic document. In the first mode, a digital signature device that digitally signs a document created by a creator to create a first signed document, and a validity of the first signed document are verified, and then a creation time A time signature device for creating a second signed document with proof, a signature verifying device for verifying the validity of the second signed document, and a third signature document with a proof of verification time It is a gist to solve the above-mentioned problems by an electronic document certifying system composed of

As a preferred concrete second aspect of the electronic document certification system of the first invention, the time signature device receives a standard time radio wave and converts it into a standard time code of a use area. And a signature module having a private key of the time signature device issued by the certification service institution, and a document data input / output unit, wherein the signature module is a first document in which an electronic signature of the creator is attached to the original document.
For the signature document with the current time data output by the radio-controlled clock unit added, a digital signature is created with the secret key of the time signature device, and the digital signature is added to the first signature document plus the current time data. The second signature document is created. In Japan, the standard time radio wave is a standard radio wave supplied by the National Institute of Communications Research, and generally refers to the radio wave that serves as the standard time of the country or region.

As a third aspect different from the first invention, in the electronic document certification system of the first invention, the time signature device receives a standard time radio wave and converts it into a standard time code of a use area. A radio wave clock unit, a signature module containing a private key of a time signature device issued by a certification service organization, a document data input / output unit, a storage device for storing a signature document for a certain period of time, and a temporary storage in the storage device. The signature module includes a network transmission / reception means for transferring a data file to the signature verification device prepared by a certification service institution, wherein the signature module includes a first signature document in which an electronic signature of the creator is added to the original document and the radio wave. A second signed document is created by adding the electronic time signature of the private key of the time signature device to the current time data output by the clock unit. The network transmission / reception means stores the second signature document recorded on the recording device or the electronic signature by the time signature device attached to the second signature document. The data capable of verifying the legitimacy of the is periodically transferred to the signature verification device installed by the certification service institution at a predetermined time interval, and the verification result is stored in the electronic signature data of the signature verification device. It may be obtained in the included form and recorded in the recording device.

In the electronic document certification system according to the second or third aspect, the signature module of the time signature device has a built-in IC card read / write interface means, and records the private key of the time signature device. The IC card may be configured to function as a signature module by being inserted.

Further, in this case, it is desirable that the processing program for calculating the electronic signature data is also recorded in the IC card, and the processing for creating the electronic signature itself is performed by the IC card.

A second invention for solving the problem includes a radio wave clock section for receiving a standard time radio wave and converting it into a standard time code of a use area, and a secret key of a time signature device issued by a certification service organization. And a document data input / output unit based on a public key cryptosystem, the signature module adding the current time data output from the radio wave clock unit to the original document. With respect to, the electronic signature is created by the private key of the time signature device, and the digital signature is added to the original document plus the current time data to create the time-certified signed document.

A second aspect of the second invention for solving the problem is a radio clock unit for receiving a standard time radio wave and converting it to a standard time code of a use area, and a time signature device issued by a certification service institution. A signature module with a private key built in, a document data input / output unit, a storage device that stores the signed document for a certain period, and a network transmission / reception that transfers the data file temporarily recorded in the storage device to a server prepared by a certification service organization. A time proofing device comprising means for giving time proof to an electronic document based on a public key cryptosystem, wherein the signature module adds the current time data output by the radio clock unit to the input document, A signature document with a time certificate is created by adding an electronic signature using the private key of the time signature device and is temporarily stored in the recording device. The work transmitting / receiving means determines the data capable of verifying the validity of the time-signed signature document recorded on the recording device or the electronic signature by the time-signing device attached to the time-signed signature document. It is transferred to the server of the certification service institution at regular time intervals, and the verification result is obtained in the form including the electronic signature data of the certification service period and recorded in the recording device. Characterized time certification device.

In the time signature device of the second invention, the signature module has a built-in IC card read / write interface means, and by inserting an IC card recording the secret key of the time signature device, It may be configured to function as a signature module.

Further, in this case, it is desirable that the processing program for calculating the electronic signature data is also recorded in the IC card, and the processing of creating the electronic signature itself is performed by the IC card.

[0014]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An electronic document certification system 1 according to an embodiment of the present invention will be described below with reference to the drawings.
FIG. 1 is a conceptual diagram illustrating an outline of the electronic document certification system 1. The electronic certification system 1 is a time signature shared by a group of users including a digital signature device 4 used by a document creator mainly personally or in collaboration with a small number of other users, and a group of users including the document creator. The apparatus 10 and the signature verification apparatus 20 installed in the certification service institution, which accepts an electronic document from a user who has contracted with the certification service institution and verifies the validity of the electronic document, and performs signature as the certification service institution, are used. It is a system that certifies the creation time and the original of the created document.

The operation flow of the electronic document certification system 1 is as follows. First, the document creator creates the signed electronic document 101 of the creator by processing the created electronic document 100 with the electronic signature device 4 (FIG. 1). The electronic signature device 4 can be realized by installing a software program for creating an electronic signature of a public key cryptosystem in a computer device. Since the technology for creating a digital signature of public key cryptosystem is well known, detailed description of the encryption technology itself will be omitted. In FIG. 1, the encryption key (private key) data of the creator, which is required when the signature of the creator is created, is recorded in the IC card 5 having high security.
Is inserted into a card reading device connected to the computer 4 at the time of creating the electronic signature to perform the electronic signature. This is because this method is safer than recording the encryption key data in the hard disk of the computer device.

Next, the electronic signature document 101 of the creator is processed by the time signature device 10 (FIG. 1), so that the electronic signature document 102 of the time signature device including the proof of the creation time in the electronic signature document 101 is added. To create. The creator takes out the signed electronic document 102 of the time signature device and stores it as an official document (FIG. 1).

The time signature device 10 stores the signed electronic document 102 of the time signature device in a storage device in the time signature device for a certain period. Then, at a fixed time interval, automatically or selectively as required by the user, the stored electronic document 102 with a signature is sent to a certification service organization (FIG. 1) to verify the signature. Be done. As a result of the verification, if it is verified that there is no tampering, the signed electronic document 102
The electronic document 103 with the signature of the certification service institution including the verification of the verification time is created (FIG. 1) and returned to the user.

The configuration of the time signature device 10 will be described in detail later, but it is internally provided with a signature key (secret key) data of the device itself and a time signature module for creating an electronic signature with a time proof by the key. The device has a so-called tamper resistant device having a mechanism for destroying the device itself if an attempt is made to illegally disassemble the time signature device 10 in an attempt to find the signature key data of the device itself. The signature key data of the device itself is provided by the certification service organization. That is, the time signature device 10 is a dedicated mechanical device provided by the certification service institution for each group of users.

The signature verification device 20 is functionally the same as the time signature device 10. The data handled is different,
The only difference is that a large amount of data needs to be processed at one time, and the installation location is a certification service organization with security measures. Therefore, it does not need to be configured as a tamper resistant device, and can be implemented by installing necessary software in a server computer.

The user replaces the electronic document 103 with the signature of the certification service institution including the verification of the verification time with the corresponding electronic document 102 and finally stores it. Since the public key of the certification service organization, the public key of the time signature device 10, and the public key of the creator are made public, the electronic document 103 is copied,
When sent to a business partner or an administrative institution, those keys are used by anyone other than the creator of the electronic document 103 of the duplicate document.
You can always verify the identity with. If the verification result is normal,
It is confirmed that the content of the duplicate document is certainly created by the creator, is processed by the time signature device 10 at the creation time, and is the same as the electronic document 103 which has been verified by the certification service institution at the verification time.

The above is the outline of the operation of the electronic document certification system 1 shown in FIG. The merit of introducing the electronic document certification system 1 is as follows. First of all, by using the time signature device 10, it is possible to locally certify the identity of a document and at the same time to certify the time. Therefore, it is not necessary for the user and the certification service institution to constantly communicate, This means that it is possible to build a more secure user system that is separate from the external network.

Secondly, since it is not an online certification service, the processing at the certification service organization is not concentrated. In the online certification service, if there is a communication failure or the like, the certification cannot be received during that time, but the electronic document certification system 1 does not have such a situation.

Thirdly, even for a document that may not be a document that requires a certificate of originality in the future, a signature with a time certificate should be uniformly added and stored at the time of creation. It means that you can. In other words, it is possible to use the document 102 in such a state that the document 102 is stored and the signature verification by the certification service institution is performed only when the formal certification by the certification service institution is requested. This also depends on the certification service organization's service fee structure, but generally speaking, the certification service agency's service cost is lower than when using the certification service agency's resources for all user documents. Since it does not take, the service charge that the user should bear should be cheaper.

Fourth, an agreement between the creator of the document (user of the document certification system 1) and the user of the created document (the other party who conducts a commercial transaction with the creator of the document, an administrative service organization, etc.) It means that the document 102 signed by the time signature device 10 can be used instead of the document 103 in the range based on the above.

The time signature device 10 has a tamper resistant structure, and the document creator cannot modify the time signature device 10. Therefore, if the creator himself or the person who illegally obtained the creator's signature key modifies or falsifies the document contents after the certified time, the creator's electronic signature can be created correctly, but the existing document 102 to Document 1
Even if the 01 part can be replaced, the document 102 can be replaced by the public key of the time certification device 10 that is open to the public.
By verifying the signature attached to the document, it can be detected that the document content has been changed. Therefore, even in the state of the document 102, it is possible to have a certain level of trust. After all, the above-mentioned agreement is premised on trusting the certification authority that has distributed the time certification device 10 and trusting the time certified by the time certification device 10.

FIG. 10 is a diagram for generally explaining how to create an electronic signature, and FIG. 11 is a diagram for generally explaining a method for verifying the validity of an electronic signature. A digital signature is a message digest of a message created and encrypted using the sender's private key. The message digest is data of a fixed length that is compressed by converting the original message data by a function having a property called a one-way function. Since the conversion is performed by the one-way function, the obtained digest has a smaller data amount than the original message text data, but it is considered that the same message digest is not actually obtained from different message text data. The sender attaches a digital signature obtained by encrypting the message digest using the sender's private key to the communication text and sends it to the other party. The receiver compares the electronic signature part decrypted with the sender's public key (original message digest) with the message digest created from the received message, and if they match, the sender surely sent the message. It can be confirmed that the contents have not been tampered with.

MD5 and SHA-1 are used as a function for creating a message digest. RSA or the like is used as the public key method.

The target document to be digitally signed may be a document with a digital signature already created by another secret key. The document certification system 1 of the present invention handles such a nested electronic signature document.

Hereinafter, the electronic document certification system 1 will be described in detail centering on the time signature device 10, but before that, another aspect of the operation form shown in the system conceptual diagram of FIG. 1 will be described. .

FIG. 2 is a diagram for explaining a practical operation mode of the electronic document certification system 1. In FIG. 1, in order to explain the technical idea of the present invention in an easy-to-understand manner, the time signature device 10
The electronic document 102 itself was sent from the certification service organization to the certification service organization (FIG. 1). However, in order to actually verify the document 102 at the certification service organization, not the document itself but the message digest thereof (abbreviated data below). 102b and the signature 102c of the time signature device 10
And can be sent to the certification service organization (Fig. 2).
Then, instead of the electronic document 103, the electronic document 103b in which the signature of the certification service institution including the certification of the verification time is added to the signature 102c may be returned to the user. The user finally stores the pair of the electronic document 103b and the corresponding electronic document 102. In the operation mode of FIG. 2, since the content itself of the electronic document created by the user is not sent, there is no fear of invading the privacy of the user and the amount of data to be communicated can be saved. The signature verification device 20 is an electronic document 10
When 3b is generated, it is necessary to set a certain operation rule such as setting a file name so that the file 3b can be associated with the electronic document 102. In the following detailed description, description will be given based on FIG.

FIG. 6 is a block diagram for explaining the processing of the electronic signature step (FIG. 2) performed by the electronic signature device 4. The electronic signature software provided in the electronic signature device 4 creates summary data of the original document 100 and encrypts it using the private key of the creator to obtain the creator's electronic signature.
This electronic signature is added to the original document 100 to obtain a signed electronic document 101. It should be noted that it is also possible to have a program for carrying out the processes from the creation of the summary data to the creation of the electronic signature in the IC card 5 together with the private key data of the creator, and to execute the above-mentioned processing inside the IC card 5.
This configuration is more secure.

FIG. 3 is a block diagram for explaining the configuration of the time signature device 10. The time signature device 10 includes a radio clock module 11 that receives a standard radio wave supplied by the National Institute of Communications and Communications and converts it into a time code of Japan Standard Time, and a signature module 1 that incorporates a secret key 19 of the time signature device.
2, a drive device 14 for reading and writing the magnetic recording medium 7 recording the electronic document 101, a recording device 13 for recording and storing the electronic document 102 created by the signature module, a control unit for receiving user's instructions and controlling the whole It consists of 15. In the time signature device 10, the electronic document 101 is received by the magnetic recording medium 7, and the created electronic document 102 is written in the magnetic recording medium 7. The user receives the service of the certification service organization using another computer.

The signature module 12 reads the electronic document 101 recorded on the magnetic recording medium 7 via the drive unit 14 according to a command from the control unit 15, and at the same time inquires the radio clock module 11 about the current time, and the electronic document 101 is read. A time-added document 1020 to which the current time is added is created, and an electronic signature is created for this time-added document 1020.

FIG. 7 shows the operation of the signature module 12 at this time, that is, the step of time signature shown in FIG.
It is a block diagram explaining. The signature module 12
After creating the time-stamped document 1020, the summary data 102b of the time-stamped document 1020 is created, and this is encrypted with the private key 19 of the time signature device to obtain the device signature data 102c. Finally, the electronic document 102 is completed by adding the device signature 102c to the time-stamped document 1020. The electronic document 102 is temporarily stored in the storage device 13, and immediately after that, it is transferred to the magnetic recording medium 7 of the user through the drive device 14 automatically or by an explicit operation of the user when necessary. After that, the user transfers the data from his / her personal computer or the like to the signature verification device 20 of the certification service organization through the Internet.

FIG. 4 is a configuration diagram for explaining a different configuration of the time signature device 10. In FIG. 4, a network interface 16 is provided instead of the drive device 14 of FIG. 3, and the signature module 12 is an IC of 6
The IC card 6 has a secret key 19 of the time signature device and a program for executing the process of generating the electronic document 102 from the electronic document 101 shown in FIG. There is. Electronic document 1
01 is received from the electronic signature device 4 through the network 8 and the created electronic document 102 is transferred to a computer connected to the network 8. The user later receives the services of the certification service organization from the computer.

The data of the electronic document 101 is received from the electronic signature device 4 through the network 8 by the network interface 16 for each block of data and temporarily stored in the recording device 13. The signature module 12
When receiving the command from the control unit 15, the electronic document 101 recorded in the recording device 13 is read, and at the same time, the radio clock module 11 is inquired about the current time, and the two types of data are sent together with the “signature creation command” and the signature module 12 Command the IC card 6 inserted in the. IC card 6
The electronic signature means incorporated in the device executes the conversion process shown in FIG. 7 and outputs the electronic document 102, the summary data 102b, and the device signature data 102c as the processing results. The signature module 12 records these data in the recording device 13. The user can access the electronic document 10 stored in the recording device 13 from a computer connected to the network 8.
2. Read the summary data 102b and the device signature data 102c.

FIG. 5 is a configuration diagram for explaining a different configuration of the time signature device 10. The radio clock 11, the signature module 12, the recording device 13, and the control unit 15 are the same as those in FIG. The drive device 14 is provided so that the electronic document 101, the created electronic document 102 and the like can be input / output to / from the magnetic recording medium 7, and the network transmission / reception means 17 is provided to directly transfer data from the time signature device 10 to the certification service institution. However, it is different from FIG. 4 in that the verification result data is received. The network transmission / reception unit 17 stores the URL of the certification service institution, and periodically sends the summary 102b of the electronic document 102 temporarily stored in the recording device 13 and the device signature 102c by FTP.
It is sent to the certification service organization through the Internet 9 by (file transfer protocol). Then, after a lapse of a certain time from the sending time, the operation of taking out the electronic document 103b created by the signature verification device 20 of the certification service organization is performed. The user uses the recording device 13 to read the electronic document 102,
The summary 102b, the device signature 102c, and the electronic document 103
The set b is taken out to the magnetic recording medium 7 and stored in another computer or the like.

FIG. 9 is a block diagram for explaining the configuration of the signature verification device 20 installed in the certification service organization. The radio clock 21, the signature module 22, and the recording device 23 are components that perform the same functions as the radio clock 11, the signature module 12, and the recording device 13 of the time signature device 10 of FIG.
However, the signature module 22 is different in that the private key 29 of the certification service organization is stored. The network transmission / reception unit 27 receives a request (data file sending request, data file taking out request) from the user that has arrived through the network 9, and in the case of the sending request, the attached data file is recorded in the recording device. 23, and returns the specified data file in the case of an extraction request. The network transmission / reception means 27 can be realized by FTP server software. The control unit 25 monitors the new data file that has arrived at the recording device 23, and uses the new data file (summary data 102b and the electronic signature 1 of the time signature device).
When the arrival of the pair 02c) is detected, the signature module 22 is instructed to verify the validity and to make an electronic signature with the key 29.

FIG. 8 shows the operation of the signature module 22 at this time, that is, the step of signature verification shown in FIG.
It is a block diagram explaining. The signature module 22
After creating the verification certificate document 1030 in which the current time is added as the verification time to the electronic signature 102c of the time signature device, the summary data of this verification certificate document 1030 is created and encrypted with the private key 29 of the certification service institution. To obtain a verification signature. This is added to the verification certificate document 1030 to complete the electronic document 103b. The electronic document 103b is temporarily stored in the storage device 23. After that, when a request for taking out from the user comes to the network transmitting / receiving means 27, it is sent to the user through the network 9.

The document certification system 1 has been described above in detail as the embodiment of the present invention. As a method of effectively using the document certification system 1, a method in which a certification service organization lends the time signature device 10 to each user group is conceivable. At this time, if the certification service organization gives a different key 19 to each time signature device 10, even if any one time signature device key 19 is known, it does not affect the entire certification service. .

In some cases, the time signature device 10 alone can be effectively used. Once agreement is reached between the users,
For example, an in-house document of one company, an electronic medical record in one hospital, or the like can trust and use the time-certified signed document 102 within the range.

[0042]

As described above, the present invention is realized by a combination of a time signature device that performs local processing and a certification service institution that performs center processing. The remarkable effect is that it can be easily and easily applied to a document that occurs in a random manner. Further, there is a remarkable effect that a document to which a formal signature of a certification authority and a document signed by a local device can be selectively used according to the usage pattern and usage purpose of the document.

[Brief description of drawings]

FIG. 1 is a conceptual diagram illustrating an outline of an electronic document certification system 1.

FIG. 2 is a conceptual diagram illustrating an outline of the electronic document certification system 1.

FIG. 3 is a configuration diagram of a time signature device 10.

FIG. 4 is a configuration diagram of a time signature device 10.

FIG. 5 is a configuration diagram of a time signature device 10.

FIG. 6 is a block diagram illustrating data conversion in a processing step of creating a digital signature of a creator by the digital signature device 4.

FIG. 7 is a block diagram illustrating data conversion in a processing step of creating a digital signature with time certification by the time signature device 10.

FIG. 8 is a block diagram illustrating data conversion in a processing step of creating a digital signature with a verification time certificate by the signature verification device 20.

FIG. 9 is a configuration diagram of a signature verification device 20.

FIG. 10 is a diagram conceptually illustrating how to create an electronic signature.

FIG. 11 is a diagram conceptually illustrating a method of verifying the validity of an electronic signature.

[Explanation of symbols]

1 Electronic document certification system 4 Digital signature device 5 IC card (built-in secret key) 6 IC card (Built-in secret key of time signature device 10) 7 Magnetic recording media 8 local area network 9 network 10 Time signature device 11 radio clock 12 Signature module 13 Recording device 14 Magnetic recording medium drive device 15 Control unit 16 network interface 17 Network transmission / reception means 19 Private key of time signature device 10 20 Signature verification device 21 radio clock 22 Signature Module 23 Recording device 25 Control unit 27 Network transmission / reception means 29 Certification Service Private Key 100 original electronic documents 101 Electronic Document with Author's Signature 102 Electronic document with time certification 102b Summary of electronic document with time certification 102c Electronic signature created by the time signature device 10 103 Electronic Document with Certificate Authority Signature 103b Electronic signature document created by certification authority

─────────────────────────────────────────────────── ─── Continued Front Page (51) Int.Cl. ⁷ Identification Code FI Theme Coat (Reference) H04L 9/00 675B

Claims (7)

[Claims] 1. A digital document certifying system based on a public key cryptosystem for certifying creation time and original identity of a created electronic document, wherein a document created by a creator is digitally signed and An electronic signature device for creating a signed document,
A time signature device that verifies the validity of the first signed document and then creates a second signed document to which proof of the creation time is added, and a verification time of the second signed document after verifying the validity of the second signed document. An electronic document certification system including a signature verification device that creates a third signed document with a certification. 2. The time signature device includes a radio clock unit that receives standard time radio waves and converts the standard time radio waves into a standard time code of a use area, and a signature module that incorporates a private key of the time signature device issued by a certification service organization. And a document data input / output unit, wherein the signature module is configured to add a time signature to a first signed document in which an electronic signature of the creator is added to the original document and current time data output from the radio-controlled clock unit. Create an electronic signature with the device's private key and
The second one with the addition of the current time data to the signature document of
The electronic document certification system according to claim 1, which is for creating a signature document of 3. The electronic document certification system according to claim 1, wherein the time signature device receives a standard time radio wave and converts it into a standard time code of a use area, and a certification service institution. A signature module having a private key of the time signature device, a document data input / output unit,
The signature module includes a storage device for storing a signature document for a certain period of time, and a network transmission / reception unit for transferring a data file temporarily recorded in the storage device to the signature verification device prepared by a certification service organization. A second signed document obtained by adding a digital signature using the private key of the time signature device to the first signed document in which the electronic signature of the creator is added to the document and the current time data output by the radio-controlled timepiece unit is added. A second signature document recorded on the recording device or a time signature attached to the second signature document is created and temporarily stored in the recording device. The signature verification device in which data capable of verifying the authenticity of the electronic signature by the device is periodically installed by a certification service institution at a predetermined time interval. Transferred, also obtained in the form of the electronic signature data included in the signature verification device verification result, an electronic document verification system according to claim 1 is intended to be recorded in the recording device. 4. The electronic document certification system according to claim 2 or 3, wherein the signature module of the time signature device has a built-in IC card read / write interface means and a secret key of the time signature device. An electronic document certification system characterized by being configured to function as a signature module by inserting a recorded IC card. 5. A radio wave clock unit for receiving standard time radio waves and converting them into a standard time code of a region of use, a signature module incorporating a private key of a time signature device issued by a certification service organization, and a document data input / output unit. And a signature module based on a public key cryptosystem, wherein the signature module is an electronic document based on a secret key of the time signature device, which is obtained by adding the current time data output from the radio clock unit to the original document. A time signature device that creates a signature and adds it to the original document plus the current time data to create a signed document with a time certification. 6. A radio wave clock unit for receiving standard time radio waves and converting them into a standard time code of a use area, a signature module containing a private key of a time signature device issued by a certification service institution, and a document data input / output unit. And a storage device for storing the signed document for a certain period of time, and a network transmission / reception means for transferring a data file temporarily recorded in the storage device to a server prepared by a certification service organization, and public key encryption for giving time certification to the electronic document. A time certification device based on a method, wherein the signature module is a document in which current time data output by the radio-controlled clock unit is added to an input document,
A signature document with a time certificate, which is added with an electronic signature by a secret key of the time signature device, is created and temporarily stored in the recording device, and the network transmitting / receiving means is recorded on the recording device. Data that can verify the legitimacy of the electronic signature by the time-signed document with time certification or the time signature device attached to the time-signed document with time certification is periodically sent to the server of the certification service organization at fixed time intervals. A time certifying device, which transfers and obtains the verification result in a form including electronic signature data for a certifying service period and records the verification result in the recording device. 7. The time signature device according to claim 5 or 6, wherein the signature module of the time signature device has a built-in IC card read / write interface means and records a private key of the time signature device. A time signature device configured to function as a signature module when the integrated IC card is inserted.