Vol. 45 No. 8 Aug. 2004, 1999 11 (1) (2) (3) 2003 7 Digital Evidence Enhancement for the Japanese Official Gazette Data Providing Services Atsuko Umezawa,, Hiroyuki Ueno, Yukio Miyata, Yasuharu Saikawa, Takayuki Enami, Katsunari Yoshioka and Tsutomu Matsumoto Since November 1999 the National Printing Bureau of Japan has been providing the Japanese Official Gazette digital data via the Internet. The Official Gazette digital data has the following requirements: (1) the integrity of the data is verifiable, (2) the manufacturer should be identifiable, and (3) viewing should be convenient. In order to fulfill these requirements, the National Printing Bureau started adopting digital signature and time stamping schemes to the Official Gazette digital data in July 2003. Many countries have also been providing their documents data via the Internet. However, as far as we know, it is the first example of employing digital signature and time stamp to the Official Gazette digital data, which are important official documents used for proclamation of statutes to take a simple example. This paper outlines how individual security technologies are applied in the current version of the Official Gazette Data Providing Services and also discusses their achievements. 1. IT Graduate School of Environment and Information Sciences, Yokohama National University National Printing Bureau, Incorporated Administrative Agency, Japan 14 2002 2004 2 2004 6 1) 1954
Vol. 45 No. 8 1955 Web 1999 15 2003 7 2 3 4 5 6 7 8 2. 2) 3) 40 1907 32 1957 12 28 4),5) 1 Fig. 1 The Official Gazette. WTO A4 1 8 1 3. 3.1
1956 Aug. 2004 1999 11 6) 2001 9 7) B Basic service A Advanced service 3.2 B PDF Portable Document Format PDF PDF B 1 PDF A PDF PDF HTML JPEG PDF/HTML PDF/HTML JPEG 1 JPEG A 1947 5 3 HTML JPEG 1947 5 3 1999 3 31 / PDF 1999 4 1 PDF PDF Acrobat Reader 3.3 B 1 PDF A 2 B 2 HTML 1999 3 31 JPEG 1999 4 1 PDF PDF PDF PDF HTML JPEG B HTML B A A ID 1 B A 4. 4.1 2 2
Vol. 45 No. 8 1957 Table 1 1 The Official Gazette Data Providing Services. (1) (2) (3) 4.2 4.1 (3) (1) (2) (1) (2) 5 5. B A 8) 1 B A PDF PDF PDF PDF 4.1 (1) 2 B A B A 4.1 (2) 6. 4.1 (1) (2)
1958 Aug. 2004 1 2 2003 7 PDF PDF PDF HTML PDF (1) (2) 1 Adobe Acrobat PDF PDF 1 5.5 1 7. 7.1 6 PDF B PDF A PDF B-S Basic service with digital Signature A-ST Advanced service with digital Signature andtimestamp B-S 2003 7 15 PDF A-ST 2003 7 15 PDF 2 2 PDF Table 2 Applicable periods of digital signature and time stamp for the paginal PDF data.
Vol. 45 No. 8 1959 2 A-ST Fig. 2 Outline of Official Gazette Data Providing Services with digital signature and time stamp. 2 A-ST 7.2 7.1 2 CA Certification Authority TSA Time Stamp Authority CA JCSI SecureSign 9) TSA 10) Chronotrust 11) NTT SecureSeal 12) 3 13) 3 Chronotrust SecureSeal Chronotrust I SecureSeal L TSA B-S A-ST PDF TSA SecureSign 7.3 PDF 3 4 JCSI PDF Acrobat PDF
1960 Aug. 2004 Fig. 3 3 Embedding of digital signature. 5 Fig. 5 Issuing process of time stamp. PDF Sig PDF HTTP JCSI PDF 2003 7 B-S A-ST SHA-1 1024 RSA 7.4 4 Fig. 4 Verification of digital signature. Acrobat H Sig 3 PDF H JCSI Sig Adobe Acrobat5.05 Adobe Acrobat Reader5.1 5 RSA 2 2003 12 31 NIST National Institute of Standards and Technology UTC NIST 2004 1 1 NICT National Institute of Information and Communications Technology
Vol. 45 No. 8 1961 UTC NICT NICT NICT GPS 1 1 Web (1) (2) 3DES (3) (2) (1) (4) (2) (5) (3) (4) 2 (6) 2 (4) (7) (6) 2 (3) (8) (9) (8) (6) (10) (9) (11) 6 Fig. 6 Local verification of time stamp. 7 Fig. 7 Central verification of time stamp. 0.5 A-ST 6 1 2 5 6 6 7
1962 Aug. 2004 Adobe Acrobat5.05 Adobe Acrobat Reader5.1 TS PDF e-timing EVIDENCE for Adobe Acrobat 2003 7 A-ST SHA-1 2048 RSA CA TA TSA 7.5 A-ST PDF 8 PDF 8 PDF A-ST PDF 8 Fig. 8 Screen image of the Official Gazette Data Providing Services with digital signature and time stamp. PDF 8. 1
Vol. 45 No. 8 1963 2 4.1 4.2 3 RFC3126 14) 15) Federal Register London Gazette EU Official Journal of the European Union PDF 2004 3 PDF The UK online annual report 16) 2000 12 UK online 17) e-envoy e 2002 Adobe Acrobat Self-Sign e-envoy Self-Sign e-envoy UK online 1 1 1 1) 2003 pp.55 60 (2003). 2) (1983). 3) http://www.npb.go.jp/(last visit: 26 Nov. 2003). 4) (2001). 5) (1994). 6) http:// kanpou.npb.go.jp/ (last visit: 26 Nov. 2003). 7) https:// search.npb.go.jp/ (last visit: 26 Nov. 2003). 8) PKI http://www.ipa.go.jp/ security/pki/ (last visit: 26 Nov. 2003). 9) SecureSign http://www.jcsinc.co.jp/service/s sign. html (last visit: 26 Nov. 2003) 10)
1964 Aug. 2004 http://www.e-timing.ne.jp/tsa/ (last visit: 26 Nov. 2003). 11) Chronotrust, http://www.sii.co.jp/ni/tss/s090054.html (last visit: 26 Nov. 2003). 12) NTT SecureSeal http://210.144.76.11/technical/tech01.html (last visit: 26 Nov. 2003). 13) vol43, No.8, pp.2644 2658 (2002). 14) Pinkas, D., Ross, J. and Pope, N.: RFC3126 Electronic Signature Formats for long term electronic signatures. http://www.ietf.org/rfc/ rfc3126.txt 15) http://www.ndl.go.jp/horei jp/links/ link.htm (last visit: 26 Nov. 2003). 16) The UK online annual report, http://www. e-envoy.gov.uk/assetroot/04/00/04/01/ 04000401.pdf (last visit: 26 Nov. 2003). 17) UK online, http://www.ukonline.gov.uk/ (last visit: 26 Nov. 2003). A.1 9 A.2 L I I L 10 10 SRH SRH i 1 TSA SRH H 1 TSA H 1 H 1 TSA RH 1 RH 1 SRH i 1 SRH i SRH i SRH i I 11 9 10 L Fig. 9 Outline of digital signature procedures. Fig. 10 Tree-structured linked time stamp scheme.
Vol. 45 No. 8 1965 1983 11 I Fig. 11 An example of I scheme. RFC3161 TA TA TSA CA TSA ( 15 11 28 ) ( 16 6 8 ) 2000 2003 4 2004 3 1985 1994 1982 1977 2000 2002 1986 3 1981 1982 IACR CRYPTREC