CA2151590C - Method of extending the validity of a cryptographic certificate - Google Patents
Method of extending the validity of a cryptographic certificateInfo
- Publication number
- CA2151590C CA2151590C CA002151590A CA2151590A CA2151590C CA 2151590 C CA2151590 C CA 2151590C CA 002151590 A CA002151590 A CA 002151590A CA 2151590 A CA2151590 A CA 2151590A CA 2151590 C CA2151590 C CA 2151590C
- Authority
- CA
- Canada
- Prior art keywords
- certificate
- function
- document
- different
- cryptographic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Abstract
A cryptographic certificate attesting to the authenticity of the original document elements will lose its validity when the cryptographic function underlying the certifying scheme is compromised. The present invention extends the reliability of such a certificate by subjecting the combination of the original certificate and the digital representation of the document to a scheme based on a less vulnerable function using the steps of: obtaining the original document (11); applying the function to the document to create the original certificate (13); combining the original document and the certificate (15); and, applying another function to the combination to create an extended certificate (17).
Description
~wo ~"~1 21~15 9 0 PCT~S93/11173 METHOD OF EXTENDING THE VALIDITY
OF A CRYPTOGRAPHIC CERTIFICATE
BACKGROUND OF THE INVENTION
"
This invention relates to methods for certifying or validating the existence or occurrence of a recorded document or event, particularly methods which rely upon cryptographic assumptions to establish the basis for such a certification or validation. More specifically, the invention relates to a method for reconfirming an original certificate in order to maintain its validity for a significant period of time beyond the probable compromise of an underlying cryptographic assumption or step in the original certification procedure.
Time-stamping procedures described in U.S. Patent Nos.
5,136,646 and 5,136,647 are representative of a type of certification for which the present method is adapted. Such schemes for setting a reliable time of creation of a document, or providing indisputable evidence against the alteration of a document, generally digital computer data in alphanumeric, pictorial, video, or audio form, depend upon the assumption that there exist cryptographic functions which, when applied to a digital representation of such a document, defy any manner of manipulation which might permit undetectable alterations or falsifications of the original state of document elements. The functional procedures generally exemplified in those disclosures typically provide this required property, since they generate unique certificate statements which essentially can not be duplicated other than from an identical document representation. This security arises from the fact that the derivation or reconstruction of these functions from the products of their application is computationally infeasible.
Ultimate achievement of such derivations must be anticipated, 2l5l59~ _ however, since a given function or procedure may be fatally flawed or, as is becoming more probable, advancements in computer technology and algorithmic techniques are likely to make more readily available a level of calculating power which enables such derivation.
With compromise of a step or algorithm in a procedural certification function, the possibility arises of generating duplicate certificates or parts thereof from different digital representations, i.e., creating "collisions", and thereby defeating the previously reliable basis for a certification scheme. Substitution of a newer and presumably less vulnerable function in the certification procedure may prevent for some finite time the compromise of future certificates, but the value of past certificates in establishing original creation dates, for example, is all but lost. The present invention, however, provides a means for bridging the technological gap and extending into the era of a newer function or procedure the validity of the original certification.
SU~M~Y OF T~ T~V~NTTON
Historically, there has usually been an overlap period between the time spans of reliability of an established cryptographic function and one which has been newly implemented with improved resistance to compromise. As computational power increases and algorithmic techniques improve, the evolution and phasing of cryptographic certification procedures or functions, for example, can generally be foreseen. It is possible, therefore, to anticipate the final stages of reliability provided by an existing certification scheme and to initiate a procedure, such as provided by the present invention, to ensure the continuity of original certificate validity.
In essence, this invention entails generating from the 2 1 5 1 S 9 0 . ~ usg3~lll73 original document a new document certificate during the viable term of the original certification scheme, such as may be based upon a cryptographic signature key procedure or a time-stamping procedure. This new certification process comprises applying a different cryptographic function, e.g., a time-stamping procedure, to a combination including the original certificate and the original digital document from which the certificate was derived. Such a different function is preferably a new and presumably more reliable algorithm or procedure, or at least one upon which the original certification did not rely. The resulting certificate, generated by means of a function or procedure having a significant expected remaining term of reliability, now implacably embodies the original certificate elements at a time prior to any likely compromise of the original certification function. Since these original elements have as yet been exposed to no threat of compromise and are now bound by the new time stamp within the protective cloak of a far more relatively invulnerable certification function, their original veracity has been extended for at least the reliable term of this new function.
B~T~F D~';CP~TPTTON OF T~F~ DRA~ITNG
The present invention will be described with reference to the accompanying drawing of which:
FIG. 1 presents a flow chart of steps embodying a general procedure implementing the certificate extension process of the invention; and FIG. 2 presents a flow chart of steps embodying a rudimentary time-stamping procedure implementing the certificate extension process of the invention.
-DESCRI PTION OF T~ INVENTION
The extension procedure of the present invention is applicable to any manner of certificate digitally derived by cryptographic means. For instance, the process may be used to support the veracity of a document transmittal originally certified with a cryptographic key signature algorithm or function beyond a time when that function might be compromised, whether due to misappropriation of a secret key or to advances in computer technology and algorithmic techniques. A digital time-stamp certificate could similarly benefit by application of the invention to prevent its coming into question after compromise of the scheme or function underlying the time-stamping procedure. In general, the process of the invention isuseful to ensure the continued viability of any certificate produced by a digital scheme or function which is capable of compromlse.
The steps comprising a basic application of the certificate extension process are shown in FIG. 1. There, initial steps 11, 13 are intended to depict any certification procedure, such as a signature scheme or time-stamping process, in which a digital document, Dl, e.g., a body of text or alphanumeric representations, a picture, an audio recording, or the like, is subjected to a cryptographic scheme or procedure, generally a "function", Fl, to produce a certificate, Cl, which will serve later as evidence of the original existence and substance of Dl. The value of certificate, Cl, will persist, however, only until a compromise of the certification function, as a whole or in a component step or algorithm, since, as a result of such a compromise, the certificate might thereafter be duplicated by an imposter or through the use of a counterfeit document.
The basic steps of the invention are therefore effected prior to any such compromise, as projected, for example, on the ~ WO94/15421 2 15 1 ~ 9 0 PCT~S93111173 basis of the current state of computational technology, and comprise combining, at 15, the original document, D, with the original certificate, Cl, and applying to that combination, at 17, a different and presumably more secure scheme or function to ~ 5 obtain a new certificate, C2, which will later attest to the validity of original certificate, C1, at a time when its generating function, F1, was as yet uncompromised and secure.
The essential element of this process resides in the application of the new certification function to the conjunction of original document, D, with original certificate, Cl. This step avoids the error inherent in the naive and ineffectual procedure of merely recertifying either the original certificate or the original document alone; namely, that of perpetuating a compromise which reflects directly upon the veracity of the original document, D.
As an example, one might consider application of the present invention to extend the valid lifetime of a digitally signed document where, in keeping with usual practices, a digital signature, ~, is derived by application of some cryptographic signature scheme to a document, D. To avoid invalidation of such a signed document by subsequent compromise of the scheme, for instance, due to misappropriation of a user's private key, the pre-compromise generation of a certificate, C, by application of a time-stamp function, T, to a combination of the signature and the document:
C = T(~,D) will provide continuing proof that the signature was created prior to the compromise, i.e., at a time when only a legitimate user could have produced it. Such a certificate might also be used to establish original authorship of the document.
The invention is broadly useful, as well, as a means of extending or "renewing" time-stamp certificates, generally. For example, a simple scheme for certifying an event, such as time-stamping the creation of a document, comprises establishing a WO9411~1 21 ~ I 5 9 o PCT~S93/11173 digital representation of the document content, adding data denoting current time, and permanently fixing the resulting digital statement against subsequent revision, all under trustworthy circumstances, to yield a certificate which will provide irrefutable evidence of the event at a later time. Means for ensuring the original veracity of the certificate have been described in our earlier-noted patent specifications as including use of trusted outside agencies, arbitrary selection of agencies, linking of certificates in temporal chains, and similar practices which remove substantially all influence a document author might have upon the certification process.
Other methods of establishing the authenticity of original certification procedures might also include private and public key cryptographic comm~]n;cations.
Common to certification procedures is the application of some manner of cryptographic function by which the document, related identifying data, or digital representations of these elements may be algorithmically reduced to a unique statement or cipher which can not feasibly be duplicated from different representative elements by computational means. Any of the general class of one-way hashing algorithms, for example, may be used in such a procedure or function applied to a digital representation of a time-receipted document to produce an inimitable certificate, usually in the form of a cryptic string of alphanumeric characters, which can only be generated by such an application of that same function to exactly that digital representation. The additional characteristic property of the one-way function is that of possessing such mathematical complexity as to discourage the computational derivation or reconstruction of the original digital representation from the resultant certificate, as well as to discourage the generation of a matching certificate from a different representation.
A simple certification procedure utilizing such a one-way hashing algorithm is represented in FIG. 2 at steps 21-23.
There, digital document, Dl, of step 21 is identified , e.g., ~,W094/1~1 21~ 9 0 PCT~S93/11173 annotated with author data, to yield a receipt, Rl, that, in a rudimentary procedure which may be simply stated as:
Cl = Fl (Hl (Rl) ) is in turn reduced at step 23 to a certificate, Cl, by application of a time-stamping function, Fl, comprising a current hash algorithm, Hl.
As a result of computational or algorithmic developments over time, or in the event of a flaw in the function itself, hash, Hl, may become compromised with the result that a falsified receipt, Rx, could produce a duplicate, or "collision", certificate, Cl. The veracity of original certificate, Cl, and its value as probative evidence of the contents of document, D, and other elements of receipt, Rl, would thus be destroyed, since there would no longer exist a singular certificate cipher that could be traced solely to the original document and its once-unique receipt, Rl.
Advent of the collision need not denigrate the worth of the initial certificate back to the time of its creation, however, but only for the period subsequent to the compromise.
The value of the certificate during its earlier term could be preserved and extended into the future if means were available to link into a time prior to such compromise with a trustworthy scheme for deriving a new certificate at least as unique and intractable as was the initial certificate. The problem, therefore, has been to "recertify" the original certificate in a manner which would verify the facts that had been securely bound into that certificate until the first collision occurred.
A naive solution to this problem would appear to be just that simple; that is, to recertify the original certificate, for example by applying a new and more robust hash, H2. The fallacy in this approach becomes apparent, however, when one WO94/1~421 - PCT~S93/11173 considers that after the instance of a collision the condition exists where:
H1(R1) = C1 = Hl(Rx) The hashing of certificate, C1, with a new function, H2, would therefore not produce a renewal certificate ciphert C2, unique only to receipt, Rl, since:
C2 = H2(Cl) = H2(Hl(Rl) ) = H2(Hl(Rx) ) and, thus, there is no reliable distinction between those resulting certificates.
The present invention, however, does provide such a unique certificate which serves to extend the veracity of an original certificate beyond subsequent compromise of the original function or algorithm. This is accomplished, as in the representative of FIG. 2, by combining, at step 25, the original certificate, C1, with the original document, Dl, from which it was generated and which is to be later proven, and applying to that composite statement, at step 27, a different certification function, F2, e.g., comprising a new hashing algorithm, H2, to yield the extended certificate:
C2 = F2 (H2 (Cl~ Dl) ) = F2 (H2 (Hl (Rl), Dl) ) -The final represented step, 29, in which it is established that the new certificate, C2, was created during the valid term of original certificate, Cl, i.e., prior to any compromise of the original certification function, may be effected along with step 27, for example in the course of applying an earlier-described time-stamping procedures, to generate certificate, C2. Alternatively, the effective time of the new certificate, C2, may be established simply by publication, e.g., in a widely-distributed newspaper, either alone or as incorporated into a derivative representation similar to the "authentication tree"
noted by D.E.R.Denning in C~yptography and Data Security, pp. 170-171, Addison-Wesley (1982).
~ WO94/1~21 21 S 15 ~ D i' PCT~Sg3llll73 In the ultimate utilization of this new certificate, C2, to prove the original document, Dl, by recomputing certificate, C2, from its elements, such proof will fail unless original document, Dl, rather than a bogus document, Dx, is an included eIement. Even though a collision due to compromised function, Hl, may exist at the time of using certificate, C2, in a proof, the as yet invulnerable state of hash function, H2, ensures against any collision with the expanded statement, i.e., one comprising document element, Dl, which is used to generate that new certificate. During a normal proofing process, the original certificate, Cl, will also be recomputed using the document in question. Unless the document then employed to recompute original certificate, Cl, matches precisely the document similarly employed with new certificate, C2, the proof will not be realized. A false document, Dx, therefore can not be substituted surreptitiously for an original document as long as the applied hash function, H2, remains uncompromised, since for any document, Dx, which one could feasibly compute:
H2(Cl,Dl) ~ H2(Cl,Dx)-When advancements in computation portend a compromise situation, yet a different time-stamp function, e.g., one utilizing algorithm, H3, with longer life expectancy may be employed in the same procedure to again extend the involved certificate.
As an example of the implementation of the present invention, one might consider first an initial certificate prepared in the manner described in our earlier U. S. Patent No.
5,136,646 employing the one-way hash algorithm specified by R. L. Rivest in "The MD4 Message Digest Algorithm", Advances in C~yptology - C~ypto '90, Lecture Notes in Computer Science, Vol. 537 (ed. A. J. Menezes et al.), pp. 303-311, Springer-Verlag (Berlin, 1991). In that earlier example, elements of the W094/15421 PCT~S93/11173 21!;1590 ' "
receipt, Rl, identifying the quotation "document" appeared as:
1328, 194628GMT06MAR91, 634, ee2ef3ea60eflOcb621c4fb3f8dc34c7 and with additional data representing a prior transaction formed the basic statement to which the function comprising MD4 hash algorithm, Hl, was applied to yield the unique cipher:
46f7d75fOfbea95e96fc38472aa28cal which is held by the author as a time-stamp certificate, Cl.
In the event of an anticipated compromise of the MD4 hash function algorithm, the procedure of this invention would be initiated utilizing a different time-stamping certification function comprising, for example, a new algorithm, H2, such as the MD5 hashing function described by Rivest and Dusse, ~The MD5 Message Digest Algorithm", Network Working Group, Internet Draft, RSA Data Security, Inc. (July 1991); RFC 1321, Internet Activities Board (April 1992).
As an initial step in this procedure, the document representation, Dl, to be proven at a later time is combined with original certificate, Cl, either in original digital form or, preferably, as the convenient, condensed output of hash function, H2, viz.:
.D9776652kDAj2.M5191CAD7 thus forming the combination statement, (Cl,Dl), as:
46f7d75fOfbea95e96fc38472aa28cal, .D9776652kDAj2.M5191CAD7.
Applying to this statement hashing algorithm, H2, comprising the new function, F2, produces:
656h//PDDM6OM9/qDDt85F56 which in a time-stamping procedure, for instance, may be transmitted to an outside agency for the inclusion of current WO94/1~1 2 1 5 1 5 9 0 PCT~S93111i73 time data and authenticating cryptographic signature to yield extended certificate, C2. As earlier noted, the effective date of a new certificate, C2, may otherwise be established, such as in other time-stamping schemes or by public display or notoriety.
A variation on the foregoing embodiment provides an even more reliable practice in that it substantially eliminates the uncertainties associated with estimating the onset of a certification function compromise. This is accomplished by using a plurality of different cryptographic functions, e.g., Fa and Fb, to derive a compound original certificate, C~:
Ca = Fa(Dl) ~Fb(Dl) which will remain valid even after the confirmed compromise of one of those function due to the likely continued viability of the other. Thus a period of security continues during which one may select a new certification function, Fc, to be employed in the extension of certificate, Ca as:
C~ = Fb(Ca~Dl)~Fc(Ca~Dl)-Subse~uent compromise of any current cryptographic function can be remedied in like manner.
It is anticipated that other variants will become apparent to the skilled artisan in the light of the foregoing disclosure, and such embodiments are likewise considered to be encompassed within the scope of the invention defined by the appended claims.
OF A CRYPTOGRAPHIC CERTIFICATE
BACKGROUND OF THE INVENTION
"
This invention relates to methods for certifying or validating the existence or occurrence of a recorded document or event, particularly methods which rely upon cryptographic assumptions to establish the basis for such a certification or validation. More specifically, the invention relates to a method for reconfirming an original certificate in order to maintain its validity for a significant period of time beyond the probable compromise of an underlying cryptographic assumption or step in the original certification procedure.
Time-stamping procedures described in U.S. Patent Nos.
5,136,646 and 5,136,647 are representative of a type of certification for which the present method is adapted. Such schemes for setting a reliable time of creation of a document, or providing indisputable evidence against the alteration of a document, generally digital computer data in alphanumeric, pictorial, video, or audio form, depend upon the assumption that there exist cryptographic functions which, when applied to a digital representation of such a document, defy any manner of manipulation which might permit undetectable alterations or falsifications of the original state of document elements. The functional procedures generally exemplified in those disclosures typically provide this required property, since they generate unique certificate statements which essentially can not be duplicated other than from an identical document representation. This security arises from the fact that the derivation or reconstruction of these functions from the products of their application is computationally infeasible.
Ultimate achievement of such derivations must be anticipated, 2l5l59~ _ however, since a given function or procedure may be fatally flawed or, as is becoming more probable, advancements in computer technology and algorithmic techniques are likely to make more readily available a level of calculating power which enables such derivation.
With compromise of a step or algorithm in a procedural certification function, the possibility arises of generating duplicate certificates or parts thereof from different digital representations, i.e., creating "collisions", and thereby defeating the previously reliable basis for a certification scheme. Substitution of a newer and presumably less vulnerable function in the certification procedure may prevent for some finite time the compromise of future certificates, but the value of past certificates in establishing original creation dates, for example, is all but lost. The present invention, however, provides a means for bridging the technological gap and extending into the era of a newer function or procedure the validity of the original certification.
SU~M~Y OF T~ T~V~NTTON
Historically, there has usually been an overlap period between the time spans of reliability of an established cryptographic function and one which has been newly implemented with improved resistance to compromise. As computational power increases and algorithmic techniques improve, the evolution and phasing of cryptographic certification procedures or functions, for example, can generally be foreseen. It is possible, therefore, to anticipate the final stages of reliability provided by an existing certification scheme and to initiate a procedure, such as provided by the present invention, to ensure the continuity of original certificate validity.
In essence, this invention entails generating from the 2 1 5 1 S 9 0 . ~ usg3~lll73 original document a new document certificate during the viable term of the original certification scheme, such as may be based upon a cryptographic signature key procedure or a time-stamping procedure. This new certification process comprises applying a different cryptographic function, e.g., a time-stamping procedure, to a combination including the original certificate and the original digital document from which the certificate was derived. Such a different function is preferably a new and presumably more reliable algorithm or procedure, or at least one upon which the original certification did not rely. The resulting certificate, generated by means of a function or procedure having a significant expected remaining term of reliability, now implacably embodies the original certificate elements at a time prior to any likely compromise of the original certification function. Since these original elements have as yet been exposed to no threat of compromise and are now bound by the new time stamp within the protective cloak of a far more relatively invulnerable certification function, their original veracity has been extended for at least the reliable term of this new function.
B~T~F D~';CP~TPTTON OF T~F~ DRA~ITNG
The present invention will be described with reference to the accompanying drawing of which:
FIG. 1 presents a flow chart of steps embodying a general procedure implementing the certificate extension process of the invention; and FIG. 2 presents a flow chart of steps embodying a rudimentary time-stamping procedure implementing the certificate extension process of the invention.
-DESCRI PTION OF T~ INVENTION
The extension procedure of the present invention is applicable to any manner of certificate digitally derived by cryptographic means. For instance, the process may be used to support the veracity of a document transmittal originally certified with a cryptographic key signature algorithm or function beyond a time when that function might be compromised, whether due to misappropriation of a secret key or to advances in computer technology and algorithmic techniques. A digital time-stamp certificate could similarly benefit by application of the invention to prevent its coming into question after compromise of the scheme or function underlying the time-stamping procedure. In general, the process of the invention isuseful to ensure the continued viability of any certificate produced by a digital scheme or function which is capable of compromlse.
The steps comprising a basic application of the certificate extension process are shown in FIG. 1. There, initial steps 11, 13 are intended to depict any certification procedure, such as a signature scheme or time-stamping process, in which a digital document, Dl, e.g., a body of text or alphanumeric representations, a picture, an audio recording, or the like, is subjected to a cryptographic scheme or procedure, generally a "function", Fl, to produce a certificate, Cl, which will serve later as evidence of the original existence and substance of Dl. The value of certificate, Cl, will persist, however, only until a compromise of the certification function, as a whole or in a component step or algorithm, since, as a result of such a compromise, the certificate might thereafter be duplicated by an imposter or through the use of a counterfeit document.
The basic steps of the invention are therefore effected prior to any such compromise, as projected, for example, on the ~ WO94/15421 2 15 1 ~ 9 0 PCT~S93111173 basis of the current state of computational technology, and comprise combining, at 15, the original document, D, with the original certificate, Cl, and applying to that combination, at 17, a different and presumably more secure scheme or function to ~ 5 obtain a new certificate, C2, which will later attest to the validity of original certificate, C1, at a time when its generating function, F1, was as yet uncompromised and secure.
The essential element of this process resides in the application of the new certification function to the conjunction of original document, D, with original certificate, Cl. This step avoids the error inherent in the naive and ineffectual procedure of merely recertifying either the original certificate or the original document alone; namely, that of perpetuating a compromise which reflects directly upon the veracity of the original document, D.
As an example, one might consider application of the present invention to extend the valid lifetime of a digitally signed document where, in keeping with usual practices, a digital signature, ~, is derived by application of some cryptographic signature scheme to a document, D. To avoid invalidation of such a signed document by subsequent compromise of the scheme, for instance, due to misappropriation of a user's private key, the pre-compromise generation of a certificate, C, by application of a time-stamp function, T, to a combination of the signature and the document:
C = T(~,D) will provide continuing proof that the signature was created prior to the compromise, i.e., at a time when only a legitimate user could have produced it. Such a certificate might also be used to establish original authorship of the document.
The invention is broadly useful, as well, as a means of extending or "renewing" time-stamp certificates, generally. For example, a simple scheme for certifying an event, such as time-stamping the creation of a document, comprises establishing a WO9411~1 21 ~ I 5 9 o PCT~S93/11173 digital representation of the document content, adding data denoting current time, and permanently fixing the resulting digital statement against subsequent revision, all under trustworthy circumstances, to yield a certificate which will provide irrefutable evidence of the event at a later time. Means for ensuring the original veracity of the certificate have been described in our earlier-noted patent specifications as including use of trusted outside agencies, arbitrary selection of agencies, linking of certificates in temporal chains, and similar practices which remove substantially all influence a document author might have upon the certification process.
Other methods of establishing the authenticity of original certification procedures might also include private and public key cryptographic comm~]n;cations.
Common to certification procedures is the application of some manner of cryptographic function by which the document, related identifying data, or digital representations of these elements may be algorithmically reduced to a unique statement or cipher which can not feasibly be duplicated from different representative elements by computational means. Any of the general class of one-way hashing algorithms, for example, may be used in such a procedure or function applied to a digital representation of a time-receipted document to produce an inimitable certificate, usually in the form of a cryptic string of alphanumeric characters, which can only be generated by such an application of that same function to exactly that digital representation. The additional characteristic property of the one-way function is that of possessing such mathematical complexity as to discourage the computational derivation or reconstruction of the original digital representation from the resultant certificate, as well as to discourage the generation of a matching certificate from a different representation.
A simple certification procedure utilizing such a one-way hashing algorithm is represented in FIG. 2 at steps 21-23.
There, digital document, Dl, of step 21 is identified , e.g., ~,W094/1~1 21~ 9 0 PCT~S93/11173 annotated with author data, to yield a receipt, Rl, that, in a rudimentary procedure which may be simply stated as:
Cl = Fl (Hl (Rl) ) is in turn reduced at step 23 to a certificate, Cl, by application of a time-stamping function, Fl, comprising a current hash algorithm, Hl.
As a result of computational or algorithmic developments over time, or in the event of a flaw in the function itself, hash, Hl, may become compromised with the result that a falsified receipt, Rx, could produce a duplicate, or "collision", certificate, Cl. The veracity of original certificate, Cl, and its value as probative evidence of the contents of document, D, and other elements of receipt, Rl, would thus be destroyed, since there would no longer exist a singular certificate cipher that could be traced solely to the original document and its once-unique receipt, Rl.
Advent of the collision need not denigrate the worth of the initial certificate back to the time of its creation, however, but only for the period subsequent to the compromise.
The value of the certificate during its earlier term could be preserved and extended into the future if means were available to link into a time prior to such compromise with a trustworthy scheme for deriving a new certificate at least as unique and intractable as was the initial certificate. The problem, therefore, has been to "recertify" the original certificate in a manner which would verify the facts that had been securely bound into that certificate until the first collision occurred.
A naive solution to this problem would appear to be just that simple; that is, to recertify the original certificate, for example by applying a new and more robust hash, H2. The fallacy in this approach becomes apparent, however, when one WO94/1~421 - PCT~S93/11173 considers that after the instance of a collision the condition exists where:
H1(R1) = C1 = Hl(Rx) The hashing of certificate, C1, with a new function, H2, would therefore not produce a renewal certificate ciphert C2, unique only to receipt, Rl, since:
C2 = H2(Cl) = H2(Hl(Rl) ) = H2(Hl(Rx) ) and, thus, there is no reliable distinction between those resulting certificates.
The present invention, however, does provide such a unique certificate which serves to extend the veracity of an original certificate beyond subsequent compromise of the original function or algorithm. This is accomplished, as in the representative of FIG. 2, by combining, at step 25, the original certificate, C1, with the original document, Dl, from which it was generated and which is to be later proven, and applying to that composite statement, at step 27, a different certification function, F2, e.g., comprising a new hashing algorithm, H2, to yield the extended certificate:
C2 = F2 (H2 (Cl~ Dl) ) = F2 (H2 (Hl (Rl), Dl) ) -The final represented step, 29, in which it is established that the new certificate, C2, was created during the valid term of original certificate, Cl, i.e., prior to any compromise of the original certification function, may be effected along with step 27, for example in the course of applying an earlier-described time-stamping procedures, to generate certificate, C2. Alternatively, the effective time of the new certificate, C2, may be established simply by publication, e.g., in a widely-distributed newspaper, either alone or as incorporated into a derivative representation similar to the "authentication tree"
noted by D.E.R.Denning in C~yptography and Data Security, pp. 170-171, Addison-Wesley (1982).
~ WO94/1~21 21 S 15 ~ D i' PCT~Sg3llll73 In the ultimate utilization of this new certificate, C2, to prove the original document, Dl, by recomputing certificate, C2, from its elements, such proof will fail unless original document, Dl, rather than a bogus document, Dx, is an included eIement. Even though a collision due to compromised function, Hl, may exist at the time of using certificate, C2, in a proof, the as yet invulnerable state of hash function, H2, ensures against any collision with the expanded statement, i.e., one comprising document element, Dl, which is used to generate that new certificate. During a normal proofing process, the original certificate, Cl, will also be recomputed using the document in question. Unless the document then employed to recompute original certificate, Cl, matches precisely the document similarly employed with new certificate, C2, the proof will not be realized. A false document, Dx, therefore can not be substituted surreptitiously for an original document as long as the applied hash function, H2, remains uncompromised, since for any document, Dx, which one could feasibly compute:
H2(Cl,Dl) ~ H2(Cl,Dx)-When advancements in computation portend a compromise situation, yet a different time-stamp function, e.g., one utilizing algorithm, H3, with longer life expectancy may be employed in the same procedure to again extend the involved certificate.
As an example of the implementation of the present invention, one might consider first an initial certificate prepared in the manner described in our earlier U. S. Patent No.
5,136,646 employing the one-way hash algorithm specified by R. L. Rivest in "The MD4 Message Digest Algorithm", Advances in C~yptology - C~ypto '90, Lecture Notes in Computer Science, Vol. 537 (ed. A. J. Menezes et al.), pp. 303-311, Springer-Verlag (Berlin, 1991). In that earlier example, elements of the W094/15421 PCT~S93/11173 21!;1590 ' "
receipt, Rl, identifying the quotation "document" appeared as:
1328, 194628GMT06MAR91, 634, ee2ef3ea60eflOcb621c4fb3f8dc34c7 and with additional data representing a prior transaction formed the basic statement to which the function comprising MD4 hash algorithm, Hl, was applied to yield the unique cipher:
46f7d75fOfbea95e96fc38472aa28cal which is held by the author as a time-stamp certificate, Cl.
In the event of an anticipated compromise of the MD4 hash function algorithm, the procedure of this invention would be initiated utilizing a different time-stamping certification function comprising, for example, a new algorithm, H2, such as the MD5 hashing function described by Rivest and Dusse, ~The MD5 Message Digest Algorithm", Network Working Group, Internet Draft, RSA Data Security, Inc. (July 1991); RFC 1321, Internet Activities Board (April 1992).
As an initial step in this procedure, the document representation, Dl, to be proven at a later time is combined with original certificate, Cl, either in original digital form or, preferably, as the convenient, condensed output of hash function, H2, viz.:
.D9776652kDAj2.M5191CAD7 thus forming the combination statement, (Cl,Dl), as:
46f7d75fOfbea95e96fc38472aa28cal, .D9776652kDAj2.M5191CAD7.
Applying to this statement hashing algorithm, H2, comprising the new function, F2, produces:
656h//PDDM6OM9/qDDt85F56 which in a time-stamping procedure, for instance, may be transmitted to an outside agency for the inclusion of current WO94/1~1 2 1 5 1 5 9 0 PCT~S93111i73 time data and authenticating cryptographic signature to yield extended certificate, C2. As earlier noted, the effective date of a new certificate, C2, may otherwise be established, such as in other time-stamping schemes or by public display or notoriety.
A variation on the foregoing embodiment provides an even more reliable practice in that it substantially eliminates the uncertainties associated with estimating the onset of a certification function compromise. This is accomplished by using a plurality of different cryptographic functions, e.g., Fa and Fb, to derive a compound original certificate, C~:
Ca = Fa(Dl) ~Fb(Dl) which will remain valid even after the confirmed compromise of one of those function due to the likely continued viability of the other. Thus a period of security continues during which one may select a new certification function, Fc, to be employed in the extension of certificate, Ca as:
C~ = Fb(Ca~Dl)~Fc(Ca~Dl)-Subse~uent compromise of any current cryptographic function can be remedied in like manner.
It is anticipated that other variants will become apparent to the skilled artisan in the light of the foregoing disclosure, and such embodiments are likewise considered to be encompassed within the scope of the invention defined by the appended claims.
Claims (20)
1. A method of extending the validity of a first cryptographic certificate derived by applying a first cryptographic function to a digital document, which method comprises:
a) combining a digital representation of said document with a digital representation of said certificate; and b) applying to the resulting combination during the valid term of said first certificate a different cryptographic function to thereby generate a second certificate attesting to the then current validity of said first certificate.
a) combining a digital representation of said document with a digital representation of said certificate; and b) applying to the resulting combination during the valid term of said first certificate a different cryptographic function to thereby generate a second certificate attesting to the then current validity of said first certificate.
2. A method according to claim 1 wherein said first function is a cryptographic signature scheme.
3. A method according to claim 2 wherein said different function is a time-stamping procedure.
4. A method according to claim 3 wherein said different function comprises a one-way hashing algorithm.
5. A method according to claim 1 wherein said first function is a time-stamping procedure.
6. A method according to claim 5 wherein said first function comprises a one-way hashing algorithm.
7. A method according to claim 5 wherein said different function is a time-stamping procedure.
8. A method according to claim 7 wherein said first function comprises a first one-way hashing algorithm and said different function comprises a different one-way hashing algorithm.
9. A method according to claim 1 wherein said different function is a time-stamping procedure.
10. A method of certifying a digital representation of a document which comprises:
a) generating a first certificate by applying to said digital representation at least a first cryptographic function;
b) combining said first certificate with said digital representation; and c) generating a second certificate by applying to said combination at least one cryptographic function which is different from said first function.
a) generating a first certificate by applying to said digital representation at least a first cryptographic function;
b) combining said first certificate with said digital representation; and c) generating a second certificate by applying to said combination at least one cryptographic function which is different from said first function.
11. A method according to claim 10 wherein said first function is a cryptographic signature scheme.
12. A method according to claim 11 wherein said different function is a time-stamping procedure.
13. A method according to claim 12 wherein said different function comprises a one-way hashing algorithm.
14. A method according to claim 10 wherein said first function is a time-stamping procedure.
15. A method according to claim 14 wherein said first function comprises a one-way hashing algorithm.
16. A method according to claim 14 wherein said different function is a time-stamping procedure.
17. A method according to claim 16 wherein said first function comprises a first one-way hashing algorithm and said different function comprises a different one-way hashing algorithm.
18. A method according to claim 10 wherein:
a) said first certificate is generated by applying to said digital representation at least first and second different cryptographic functions; and b) said second certificate is generated by applying to said combination at least one cryptographic function which is different from said first and second functions.
a) said first certificate is generated by applying to said digital representation at least first and second different cryptographic functions; and b) said second certificate is generated by applying to said combination at least one cryptographic function which is different from said first and second functions.
19. A certificate authenticating a digital representation of a document, said certificate consisting of a second certificate generated according to the method of claim 10.
20. A certificate according to claim 19 wherein:
a) said first certificate is generated by applying to said digital representation at least first and second different cryptographic functions; and b) said second certificate is generated by applying to said combination at least one cryptographic function which is different from said first and second functions.
a) said first certificate is generated by applying to said digital representation at least first and second different cryptographic functions; and b) said second certificate is generated by applying to said combination at least one cryptographic function which is different from said first and second functions.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US07/992,883 US5373561A (en) | 1992-12-21 | 1992-12-21 | Method of extending the validity of a cryptographic certificate |
| US992,883 | 1992-12-21 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2151590A1 CA2151590A1 (en) | 1994-07-07 |
| CA2151590C true CA2151590C (en) | 1998-05-26 |
Family
ID=25538851
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002151590A Expired - Lifetime CA2151590C (en) | 1992-12-21 | 1993-11-17 | Method of extending the validity of a cryptographic certificate |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US5373561A (en) |
| EP (1) | EP0676109B1 (en) |
| JP (1) | JPH08504965A (en) |
| AU (1) | AU670166B2 (en) |
| CA (1) | CA2151590C (en) |
| DE (1) | DE69333068T2 (en) |
| WO (1) | WO1994015421A1 (en) |
Families Citing this family (154)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5606609A (en) * | 1994-09-19 | 1997-02-25 | Scientific-Atlanta | Electronic document verification system and method |
| US5606617A (en) * | 1994-10-14 | 1997-02-25 | Brands; Stefanus A. | Secret-key certificates |
| NZ296340A (en) * | 1994-10-28 | 2000-01-28 | Surety Technologies Inc | Digital identification and authentication of documents by creating repository of hash values based on documents |
| US6363483B1 (en) * | 1994-11-03 | 2002-03-26 | Lucent Technologies Inc. | Methods and systems for performing article authentication |
| US7743248B2 (en) | 1995-01-17 | 2010-06-22 | Eoriginal, Inc. | System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components |
| US6367013B1 (en) * | 1995-01-17 | 2002-04-02 | Eoriginal Inc. | System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents |
| US6237096B1 (en) | 1995-01-17 | 2001-05-22 | Eoriginal Inc. | System and method for electronic transmission storage and retrieval of authenticated documents |
| US5748738A (en) * | 1995-01-17 | 1998-05-05 | Document Authentication Systems, Inc. | System and method for electronic transmission, storage and retrieval of authenticated documents |
| US7162635B2 (en) * | 1995-01-17 | 2007-01-09 | Eoriginal, Inc. | System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents |
| ATE441897T1 (en) | 1995-02-13 | 2009-09-15 | Intertrust Tech Corp | SYSTEMS AND METHODS FOR MANAGING SECURED TRANSACTIONS AND PROTECTING ELECTRONIC RIGHTS |
| US5892900A (en) | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
| US5943422A (en) | 1996-08-12 | 1999-08-24 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
| US6948070B1 (en) | 1995-02-13 | 2005-09-20 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
| US6157721A (en) | 1996-08-12 | 2000-12-05 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
| US7133846B1 (en) * | 1995-02-13 | 2006-11-07 | Intertrust Technologies Corp. | Digital certificate support system, methods and techniques for secure electronic commerce transaction and rights management |
| US6658568B1 (en) | 1995-02-13 | 2003-12-02 | Intertrust Technologies Corporation | Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management |
| US5590197A (en) * | 1995-04-04 | 1996-12-31 | V-One Corporation | Electronic payment system and method |
| DE19513896A1 (en) * | 1995-04-12 | 1996-10-17 | Deutsche Telekom Ag | Method of signing a message |
| US5742845A (en) | 1995-06-22 | 1998-04-21 | Datascape, Inc. | System for extending present open network communication protocols to communicate with non-standard I/O devices directly coupled to an open network |
| US5794221A (en) | 1995-07-07 | 1998-08-11 | Egendorf; Andrew | Internet billing method |
| US6393566B1 (en) | 1995-07-28 | 2002-05-21 | National Institute Of Standards And Technology | Time-stamp service for the national information network |
| US6985888B1 (en) | 1995-08-21 | 2006-01-10 | Pitney Bowes Inc. | Secure user certification for electronic commerce employing value metering system |
| US5796841A (en) * | 1995-08-21 | 1998-08-18 | Pitney Bowes Inc. | Secure user certification for electronic commerce employing value metering system |
| DE69503374T2 (en) | 1995-08-28 | 1999-04-15 | Ofra Feldbau | Setup and method for authenticating the sending and content of a document |
| US5638446A (en) * | 1995-08-28 | 1997-06-10 | Bell Communications Research, Inc. | Method for the secure distribution of electronic files in a distributed environment |
| AU758834B2 (en) * | 1995-09-15 | 2003-04-03 | Eoriginal, Inc. | Document authentication system and method |
| US6175626B1 (en) | 1995-09-29 | 2001-01-16 | Intel Corporation | Digital certificates containing multimedia data extensions |
| US5712914A (en) * | 1995-09-29 | 1998-01-27 | Intel Corporation | Digital certificates containing multimedia data extensions |
| US5781635A (en) * | 1995-12-29 | 1998-07-14 | Intel Corporation | Method and apparatus for improved digital message transaction model |
| US20010011253A1 (en) | 1998-08-04 | 2001-08-02 | Christopher D. Coley | Automated system for management of licensed software |
| US6327656B2 (en) | 1996-07-03 | 2001-12-04 | Timestamp.Com, Inc. | Apparatus and method for electronic document certification and verification |
| US5949879A (en) * | 1996-09-06 | 1999-09-07 | Pitney Bowes Inc. | Auditable security system for the generation of cryptographically protected digital data |
| WO1998015925A2 (en) | 1996-10-09 | 1998-04-16 | Visa International Service Association | Electronic statement presentment system |
| US6175922B1 (en) | 1996-12-04 | 2001-01-16 | Esign, Inc. | Electronic transaction systems and methods therefor |
| US5917913A (en) * | 1996-12-04 | 1999-06-29 | Wang; Ynjiun Paul | Portable electronic authorization devices and methods therefor |
| US8225089B2 (en) | 1996-12-04 | 2012-07-17 | Otomaku Properties Ltd., L.L.C. | Electronic transaction systems utilizing a PEAD and a private key |
| US6381741B1 (en) | 1998-05-18 | 2002-04-30 | Liberate Technologies | Secure data downloading, recovery and upgrading |
| US6604242B1 (en) | 1998-05-18 | 2003-08-05 | Liberate Technologies | Combining television broadcast and personalized/interactive information |
| US5991799A (en) | 1996-12-20 | 1999-11-23 | Liberate Technologies | Information retrieval system using an internet multiplexer to focus user selection |
| US5920861A (en) | 1997-02-25 | 1999-07-06 | Intertrust Technologies Corp. | Techniques for defining using and manipulating rights management data structures |
| US6282522B1 (en) | 1997-04-30 | 2001-08-28 | Visa International Service Association | Internet payment system using smart card |
| US7631188B2 (en) * | 1997-05-16 | 2009-12-08 | Tvworks, Llc | Hierarchical open security information delegation and acquisition |
| US6400371B1 (en) | 1997-05-16 | 2002-06-04 | Liberate Technologies | Television signal chrominance adjustment |
| US6513116B1 (en) * | 1997-05-16 | 2003-01-28 | Liberate Technologies | Security information acquisition |
| US6111953A (en) * | 1997-05-21 | 2000-08-29 | Walker Digital, Llc | Method and apparatus for authenticating a document |
| US7290288B2 (en) | 1997-06-11 | 2007-10-30 | Prism Technologies, L.L.C. | Method and system for controlling access, by an authentication server, to protected computer resources provided via an internet protocol network |
| US6584565B1 (en) * | 1997-07-15 | 2003-06-24 | Hewlett-Packard Development Company, L.P. | Method and apparatus for long term verification of digital signatures |
| JP3799757B2 (en) * | 1997-07-18 | 2006-07-19 | 富士ゼロックス株式会社 | VERIFYED DATA GENERATION DEVICE AND COMPUTER-READABLE RECORDING MEDIUM CONTAINING VERIFYED DATA GENERATION PROGRAM |
| US7047415B2 (en) * | 1997-09-22 | 2006-05-16 | Dfs Linkages, Inc. | System and method for widely witnessed proof of time |
| US7017046B2 (en) * | 1997-09-22 | 2006-03-21 | Proofspace, Inc. | System and method for graphical indicia for the certification of records |
| US6105008A (en) * | 1997-10-16 | 2000-08-15 | Visa International Service Association | Internet loading system using smart card |
| WO1999022486A1 (en) * | 1997-10-28 | 1999-05-06 | Brokat Infosystems Ag | Method for digital signing of a message |
| US6112181A (en) | 1997-11-06 | 2000-08-29 | Intertrust Technologies Corporation | Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information |
| JP3905961B2 (en) * | 1997-11-11 | 2007-04-18 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Temporary signature authentication method and system |
| US6725373B2 (en) * | 1998-03-25 | 2004-04-20 | Intel Corporation | Method and apparatus for verifying the integrity of digital objects using signed manifests |
| US6237098B1 (en) | 1998-04-22 | 2001-05-22 | Interface Logic Systems, Inc. | System for protecting weight verification device private key |
| US6246967B1 (en) | 1998-04-22 | 2001-06-12 | Interface Logic Systems, Inc. | Weight verification device |
| US6850916B1 (en) | 1998-04-27 | 2005-02-01 | Esignx Corporation | Portable electronic charge and authorization devices and methods therefor |
| US6577351B1 (en) | 1998-05-18 | 2003-06-10 | Liberate Technologies | Anti-aliasing television signals for display |
| BR9815908A (en) * | 1998-07-15 | 2001-10-09 | Ibm | Process of establishing a participant's level of reliability in a communication connection |
| WO2000013368A1 (en) * | 1998-08-31 | 2000-03-09 | Borgers Frederick J | Method of authenticating or 'digitally signing' digital data objects |
| DE19847943A1 (en) | 1998-10-09 | 2000-04-13 | Deutsche Telekom Ag | Digital water mark generation method for documents used for identification |
| US7386727B1 (en) | 1998-10-24 | 2008-06-10 | Encorus Holdings Limited | Method for digital signing of a message |
| CA2787789C (en) * | 1999-01-20 | 2014-09-30 | Certicom Corp. | A resilient cryptograhic scheme |
| US6305603B1 (en) * | 1999-01-29 | 2001-10-23 | International Business Machines Corporation | Personal digital assistant based financial transaction method and system |
| CA2363465A1 (en) * | 1999-02-26 | 2000-08-31 | Authentidate Holding Corp. | Digital file management and imaging system and method including secure file marking |
| AU4197200A (en) * | 1999-04-07 | 2000-10-23 | Federal Express Corporation | System and method for dimensioning objects |
| US6839879B1 (en) | 1999-05-07 | 2005-01-04 | Xilinx, Inc. | Method and system for time-stamping and managing electronic documents |
| US6959384B1 (en) | 1999-12-14 | 2005-10-25 | Intertrust Technologies Corporation | Systems and methods for authenticating and protecting the integrity of data streams and other data |
| AU3712300A (en) | 1999-06-11 | 2001-01-02 | Liberate Technologies | Hierarchical open security information delegation and acquisition |
| US6629150B1 (en) | 1999-06-18 | 2003-09-30 | Intel Corporation | Platform and method for creating and using a digital container |
| US6948069B1 (en) | 1999-07-02 | 2005-09-20 | Time Certain, Llc | Method and system for determining and maintaining trust in digital image files with certifiable time |
| US6895507B1 (en) | 1999-07-02 | 2005-05-17 | Time Certain, Llc | Method and system for determining and maintaining trust in digital data files with certifiable time |
| US7409557B2 (en) | 1999-07-02 | 2008-08-05 | Time Certain, Llc | System and method for distributing trusted time |
| US7908216B1 (en) | 1999-07-22 | 2011-03-15 | Visa International Service Association | Internet payment, authentication and loading system using virtual smart card |
| US7729986B1 (en) | 1999-07-30 | 2010-06-01 | Visa International Service Association | Smart card transactions using wireless telecommunications network |
| US7161688B1 (en) | 1999-08-31 | 2007-01-09 | Brett Bonner | Mass scanning and dimensioning system |
| US7797543B1 (en) | 1999-09-30 | 2010-09-14 | United States Postal Service | Systems and methods for authenticating an electronic message |
| WO2001024437A2 (en) | 1999-09-30 | 2001-04-05 | United States Postal Service | Systems and methods for authenticating an electronic message |
| US8434113B1 (en) | 1999-10-06 | 2013-04-30 | Tvworks, Llc | Electronic commerce using streaming media |
| US6792536B1 (en) | 1999-10-20 | 2004-09-14 | Timecertain Llc | Smart card system and methods for proving dates in digital files |
| EP1094424A3 (en) | 1999-10-22 | 2004-06-16 | Hitachi, Ltd. | Digital signing method |
| US20050160272A1 (en) * | 1999-10-28 | 2005-07-21 | Timecertain, Llc | System and method for providing trusted time in content of digital data files |
| US7519824B1 (en) | 1999-12-10 | 2009-04-14 | International Business Machines Corporation | Time stamping method employing multiple receipts linked by a nonce |
| US6742119B1 (en) | 1999-12-10 | 2004-05-25 | International Business Machines Corporation | Time stamping method using time delta in key certificate |
| US6965998B1 (en) | 1999-12-10 | 2005-11-15 | International Business Machines Corporation | Time stamping method using time-based signature key |
| US7490241B1 (en) | 1999-12-10 | 2009-02-10 | International Business Machines Corporation | Time stamping method employing user specified time |
| US6993656B1 (en) | 1999-12-10 | 2006-01-31 | International Business Machines Corporation | Time stamping method using aged time stamp receipts |
| US7315948B1 (en) | 1999-12-10 | 2008-01-01 | International Business Machines Corporation | Time stamping method employing a separate ticket and stub |
| US7441014B1 (en) | 2000-02-09 | 2008-10-21 | Tvworks, Llc | Broadcast distribution using low-level objects and locator tables |
| WO2001071463A2 (en) | 2000-03-17 | 2001-09-27 | United States Postal Service | Methods and systems for providing a secure electronic mailbox |
| US7047404B1 (en) * | 2000-05-16 | 2006-05-16 | Surety Llc | Method and apparatus for self-authenticating digital records |
| US6978929B2 (en) * | 2000-06-19 | 2005-12-27 | The United States Postal Service | Systems and methods for providing mail item retrieval |
| US7295997B2 (en) * | 2000-06-19 | 2007-11-13 | United States Of America Postal Service | Method for shipping a package privately to a customer |
| WO2001099009A2 (en) * | 2000-06-20 | 2001-12-27 | United States Postal Service | Systems and methods for electronic message content identification |
| US7729957B2 (en) * | 2000-07-25 | 2010-06-01 | United States Postal Service | Item attribute preverification |
| US6820201B1 (en) * | 2000-08-04 | 2004-11-16 | Sri International | System and method using information-based indicia for securing and authenticating transactions |
| US7275155B1 (en) * | 2000-09-01 | 2007-09-25 | Northrop Grumman Corporation | Chain of trust processing |
| JP4137370B2 (en) * | 2000-12-19 | 2008-08-20 | 株式会社リコー | Secure electronic media management method |
| CA2436143A1 (en) * | 2001-01-26 | 2002-08-01 | Shearman & Sterling | Methods and systems for electronically representing records of obligations |
| DE10106083A1 (en) * | 2001-02-08 | 2002-08-29 | Jan Wendenburg | Procedure for assigning digital time stamps |
| WO2002066344A1 (en) * | 2001-02-20 | 2002-08-29 | United States Postal Service | Universal delivery and collection box unit (udcbu) |
| US6546029B2 (en) * | 2001-03-15 | 2003-04-08 | Ecole Polytechnique Federale De Lausanne | Micro-electromechanically tunable vertical cavity photonic device and a method of fabrication thereof |
| US7779481B2 (en) | 2001-04-12 | 2010-08-17 | United States Postal Service | Systems and methods for electronic postmarking of data including location data |
| US7124299B2 (en) * | 2001-05-18 | 2006-10-17 | Claymore Systems, Inc. | System, method and computer program product for auditing XML messages in a network-based message stream |
| US7451110B2 (en) * | 2001-05-18 | 2008-11-11 | Network Resonance, Inc. | System, method and computer program product for providing an efficient trading market |
| US7936693B2 (en) * | 2001-05-18 | 2011-05-03 | Network Resonance, Inc. | System, method and computer program product for providing an IP datalink multiplexer |
| US7464154B2 (en) * | 2001-05-18 | 2008-12-09 | Network Resonance, Inc. | System, method and computer program product for analyzing data from network-based structured message stream |
| US8166115B2 (en) * | 2001-06-20 | 2012-04-24 | United States Postal Service | Systems and methods for electronic message content identification |
| JP2005520364A (en) * | 2001-07-09 | 2005-07-07 | リナックスプローブ株式会社 | System and method for updating and extending a digitally signed certificate |
| US7210134B1 (en) | 2001-09-06 | 2007-04-24 | Sonic Solutions | Deterring reverse-engineering of software systems by randomizing the siting of stack-based data |
| US20070277037A1 (en) * | 2001-09-06 | 2007-11-29 | Randy Langer | Software component authentication via encrypted embedded self-signatures |
| US8255235B2 (en) | 2001-09-07 | 2012-08-28 | United States Postal Service | Item tracking and anticipated delivery confirmation system method |
| FR2841409B1 (en) * | 2001-10-19 | 2004-07-30 | Marc Viot | DATA PROTECTION METHOD AND DEVICE |
| US20030105876A1 (en) * | 2001-11-30 | 2003-06-05 | Angelo Michael F. | Automatic generation of verifiable customer certificates |
| US7225161B2 (en) * | 2001-12-21 | 2007-05-29 | Schlumberger Omnes, Inc. | Method and system for initializing a key management system |
| US7134020B2 (en) | 2002-01-31 | 2006-11-07 | Peraogulne Corp. | System and method for securely duplicating digital documents |
| US7251635B2 (en) * | 2002-02-25 | 2007-07-31 | Schlumberger Omnes, Inc. | Method and apparatus for managing a key management system |
| US7769997B2 (en) * | 2002-02-25 | 2010-08-03 | Network Resonance, Inc. | System, method and computer program product for guaranteeing electronic transactions |
| US6874089B2 (en) | 2002-02-25 | 2005-03-29 | Network Resonance, Inc. | System, method and computer program product for guaranteeing electronic transactions |
| EP1401144B1 (en) * | 2002-09-17 | 2005-01-19 | Siemens Aktiengesellschaft | Method for Key Certification and Signature Validation |
| US7861088B1 (en) | 2002-12-10 | 2010-12-28 | Verizon Laboratories Inc. | Method and system for verifiably recording voice communications |
| IL156606A (en) * | 2003-06-23 | 2011-07-31 | Aviad Kipnis | Digital certificates |
| US20050138388A1 (en) * | 2003-12-19 | 2005-06-23 | Robert Paganetti | System and method for managing cross-certificates copyright notice |
| US7698557B2 (en) * | 2003-12-22 | 2010-04-13 | Guardtime As | System and method for generating a digital certificate |
| US20050216531A1 (en) * | 2004-03-24 | 2005-09-29 | Blandford Robert R | Personal web diary |
| US20060242406A1 (en) | 2005-04-22 | 2006-10-26 | Microsoft Corporation | Protected computing environment |
| US7748606B2 (en) * | 2004-06-29 | 2010-07-06 | United States Postal Service | Cluster box mail delivery unit having security features |
| US20060047951A1 (en) * | 2004-08-27 | 2006-03-02 | Michael Reilly | Continuing public key infrastructure operation while regenerating a new certification authority keypair and certificate |
| US7340610B1 (en) | 2004-08-31 | 2008-03-04 | Hitachi, Ltd. | Trusted time stamping storage system |
| DE102004063393B3 (en) * | 2004-12-23 | 2006-08-24 | Deutsches Zentrum für Luft- und Raumfahrt e.V. | A method for verifying the identity of a first entity to another entity in a system and system for carrying out the method |
| US7549051B2 (en) * | 2005-03-10 | 2009-06-16 | Microsoft Corporation | Long-life digital certification for publishing long-life digital content or the like in content rights management system or the like |
| US9363481B2 (en) | 2005-04-22 | 2016-06-07 | Microsoft Technology Licensing, Llc | Protected media pipeline |
| US9436804B2 (en) | 2005-04-22 | 2016-09-06 | Microsoft Technology Licensing, Llc | Establishing a unique session key using a hardware functionality scan |
| USD745765S1 (en) | 2005-06-29 | 2015-12-15 | United States Postal Service | Cluster box mail delivery unit |
| US7650492B2 (en) * | 2005-07-19 | 2010-01-19 | Microsoft Corporation | Automatic update of computer-readable components to support a trusted environment |
| US7590841B2 (en) * | 2005-07-19 | 2009-09-15 | Microsoft Corporation | Automatic update of computer-readable components to support a trusted environment |
| JP4489712B2 (en) * | 2006-02-24 | 2010-06-23 | 大日本印刷株式会社 | Electronic form processing method |
| GB0622149D0 (en) * | 2006-11-07 | 2006-12-20 | Singlepoint Holdings Ltd | System and method to validate and authenticate digital data |
| US20090006258A1 (en) * | 2007-06-26 | 2009-01-01 | John Gordon Ross | Registration Process |
| US20090006860A1 (en) * | 2007-06-26 | 2009-01-01 | John Gordon Ross | Generating multiple seals for electronic data |
| US20090003588A1 (en) * | 2007-06-26 | 2009-01-01 | John Gordon Ross | Counter Sealing Archives of Electronic Seals |
| US20090006842A1 (en) * | 2007-06-26 | 2009-01-01 | John Gordon Ross | Sealing Electronic Data Associated With Multiple Electronic Documents |
| US20090189441A1 (en) * | 2008-01-29 | 2009-07-30 | Paul Degoul | Distributed electrical/electronic architectures for brake-by-wire brake systems |
| JP2009194443A (en) * | 2008-02-12 | 2009-08-27 | Ntt Data Corp | Signature system and method, and computer program |
| US8458743B2 (en) * | 2008-09-24 | 2013-06-04 | Nec Europe Ltd. | Method and a system for distributing TV content over a network |
| CN102223374B (en) * | 2011-06-22 | 2014-04-23 | 熊志海 | Third-party authentication security protection system and third-party authentication security protection method based on online security protection of electronic evidence |
| US8856514B2 (en) | 2012-03-12 | 2014-10-07 | International Business Machines Corporation | Renewal processing of digital certificates in an asynchronous messaging environment |
| US8683605B1 (en) * | 2012-03-27 | 2014-03-25 | Adobe Systems Incorporated | Long-term validation of a digital signature status indicator |
| US9292283B2 (en) | 2012-07-11 | 2016-03-22 | Intel Corporation | Method for fast large-integer arithmetic on IA processors |
| US8914641B2 (en) * | 2012-07-11 | 2014-12-16 | Intel Corporation | Method for signing and verifying data using multiple hash algorithms and digests in PKCS |
| US20160365985A1 (en) * | 2015-06-11 | 2016-12-15 | Jared Pilcher | Method and system for recursively embedded certificate renewal and revocation |
| CN106657049B (en) * | 2016-12-15 | 2020-03-31 | 重庆法记云网络科技有限责任公司 | System and method for real-time collecting and fixing electronic evidence |
| US10389518B2 (en) * | 2017-01-27 | 2019-08-20 | Entit Software Llc | Blockchain hash value recomputation |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
| US4625076A (en) * | 1984-03-19 | 1986-11-25 | Nippon Telegraph & Telephone Public Corporation | Signed document transmission system |
| US4881264A (en) * | 1987-07-30 | 1989-11-14 | Merkle Ralph C | Digital signature system and method based on a conventional encryption function |
| US4868877A (en) * | 1988-02-12 | 1989-09-19 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
| US4972474A (en) * | 1989-05-01 | 1990-11-20 | Cylink Corporation | Integer encryptor |
| US5001752A (en) * | 1989-10-13 | 1991-03-19 | Fischer Addison M | Public/key date-time notary facility |
| US5136647A (en) * | 1990-08-02 | 1992-08-04 | Bell Communications Research, Inc. | Method for secure time-stamping of digital documents |
| US5136646A (en) * | 1991-03-08 | 1992-08-04 | Bell Communications Research, Inc. | Digital document time-stamping with catenate certificate |
-
1992
- 1992-12-21 US US07/992,883 patent/US5373561A/en not_active Expired - Lifetime
-
1993
- 1993-11-17 CA CA002151590A patent/CA2151590C/en not_active Expired - Lifetime
- 1993-11-17 EP EP94902285A patent/EP0676109B1/en not_active Expired - Lifetime
- 1993-11-17 AU AU56706/94A patent/AU670166B2/en not_active Expired
- 1993-11-17 DE DE69333068T patent/DE69333068T2/en not_active Expired - Lifetime
- 1993-11-17 WO PCT/US1993/011173 patent/WO1994015421A1/en active IP Right Grant
- 1993-11-17 JP JP6515149A patent/JPH08504965A/en active Pending
Also Published As
| Publication number | Publication date |
|---|---|
| WO1994015421A1 (en) | 1994-07-07 |
| AU670166B2 (en) | 1996-07-04 |
| US5373561A (en) | 1994-12-13 |
| AU5670694A (en) | 1994-07-19 |
| EP0676109B1 (en) | 2003-06-25 |
| JPH08504965A (en) | 1996-05-28 |
| EP0676109A1 (en) | 1995-10-11 |
| EP0676109A4 (en) | 1999-11-17 |
| DE69333068T2 (en) | 2004-05-06 |
| DE69333068D1 (en) | 2003-07-31 |
| CA2151590A1 (en) | 1994-07-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2151590C (en) | Method of extending the validity of a cryptographic certificate | |
| US7287164B2 (en) | Method and system for encoding signatures to authenticate files | |
| WO2021135757A1 (en) | Method and apparatus for executing transaction correctness verification | |
| US7519824B1 (en) | Time stamping method employing multiple receipts linked by a nonce | |
| US7770009B2 (en) | Digital signing method | |
| US5136646A (en) | Digital document time-stamping with catenate certificate | |
| CA2317139C (en) | Folder type time stamping system and distributed time stamping system | |
| JP2003533940A (en) | Method and apparatus for self-authenticating digital records | |
| JP2002514799A (en) | Electronic transmission, storage and retrieval system and method for authenticated documents | |
| KR20080104137A (en) | Verification of electronic signatures | |
| JPH11119650A (en) | Method for long-term verification of digital signature and device therefor | |
| US8631235B2 (en) | System and method for storing data using a virtual worm file system | |
| US6742119B1 (en) | Time stamping method using time delta in key certificate | |
| JP3507341B2 (en) | Data storage system and its program recording medium | |
| WO2000013368A1 (en) | Method of authenticating or 'digitally signing' digital data objects | |
| US6993656B1 (en) | Time stamping method using aged time stamp receipts | |
| EP1282263B1 (en) | Method and system for securely timestamping digital data | |
| US20230237200A1 (en) | Digital witness systems and methods for authenticating and confirming the integrity of a digital artifact | |
| Geihs | Long-Term Protection of Integrity and Confidentiality–Security Foundations and System Constructions | |
| JP5159752B2 (en) | Communication data verification device and computer program therefor | |
| JP4144645B2 (en) | Non-disclosure processing system for electronic documents | |
| Matsuura et al. | Digital Timestamps for Dispute Settlement in Electronic Commerce: Generation, Verification, and Renewal. | |
| JP2006166354A (en) | Method, device and program for preparing electronic signature validity certification data, and method, device and program for confirming justice of electronic signature validity certification data, and method, device and program for confirming electronic signature validity | |
| Chokhani et al. | PKI and certificate authorities | |
| Kubiak et al. | Mediated signatures-towards undeniability of digital data in technical and legal framework |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| MKEX | Expiry |
Effective date: 20131118 |