Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2010-03-31
2011-12-13
Moazzami, Nasser (Department: 2436)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
Reexamination Certificate
active
08078879
ABSTRACT:
Apparatus for certifying electronic data supplied by a user receives data to be signed, supplied by the user from a source device, at a certifying apparatus including at least a signature server providing a signing function. An encrypted password is received at that server from the source device via a first communication path, the password being generated by an authentication system providing an authentication function separate from the signing function and the password being transmitted to the source device via a second communication path, the signature server and the authentication system have different communication paths with the source device. A version of the encrypted password is communicated between the signature server and the authentication system via a third communication path, different to the first and second paths, for authenticating the user. A result of the authenticating of the user is determined at the signature server by the communication between the authentication system and the signature server, that result being determined by verification of the version of the encrypted password, that verification being performed without the signature server verifying the actual plaintext password. The data to be signed is signed using elements of information secure to the signature server if the result of the authentication indicates that the user is authenticated. The signed data from the certifying apparatus is then passed to a recipient device so that the elements of secure information certify that the data supplier is the user. A method of certifying the data is also disclosed.
REFERENCES:
patent: 5208858 (1993-05-01), Vollert et al.
patent: 5418854 (1995-05-01), Kaufman et al.
patent: 5491752 (1996-02-01), Kaufman et al.
patent: 5638446 (1997-06-01), Rubin
patent: 5748738 (1998-05-01), Bisbee et al.
patent: 5966445 (1999-10-01), Park et al.
patent: 5982898 (1999-11-01), Hsu et al.
patent: 6006256 (1999-12-01), Zdepski et al.
patent: 6058480 (2000-05-01), Brown
patent: 6078908 (2000-06-01), Schmitz et al.
patent: 6745327 (2004-06-01), Messing
patent: 7085931 (2006-08-01), Smith et al.
patent: 7210037 (2007-04-01), Samar
patent: 2001/0002485 (2001-05-01), Bisbee et al.
patent: 2002/0002678 (2002-01-01), Chow et al.
patent: 2002/0042879 (2002-04-01), Gould et al.
patent: 2002/0078355 (2002-06-01), Samar
patent: 2002/0095507 (2002-07-01), Jerdonek
patent: 2002/0095569 (2002-07-01), Jerdonek
patent: 2003/0093678 (2003-05-01), Bowe et al.
patent: 2003/0105966 (2003-06-01), Pu et al.
patent: 0813132 (1997-05-01), None
patent: 0803789 (1997-10-01), None
patent: 0936530 (1999-08-01), None
patent: 1102157 (1999-11-01), None
patent: 1039420 (2000-01-01), None
patent: 1 030 282 (2000-08-01), None
patent: WO 97/31306 (1997-08-01), None
patent: WO 99/21321 (1999-04-01), None
patent: WO 00/10286 (2000-02-01), None
patent: WO 0072502 (2000-11-01), None
patent: WO 01/18635 (2001-03-01), None
patent: WO 0117310 (2001-08-01), None
patent: WO 02/48848 (2002-06-01), None
patent: WO 02/058357 (2002-07-01), None
Torben Pedersen: “Signature Servers”, NEWSONINK, [Online] Jan. 2001, http://www.cryptomathic.com/pdf
eWs5.pdf.
Cryptomathic: Home page Cryptomathic Wed Site, May 18, 2001, http://web.archive.org/web/2001 0051817081 0/http://www.cryptomathic.com.
Cryptomathic: “EasySign—A User Friendly Way of doing Mobile Commerce”, Cryptomathic Website, Aug. 6, 2001, http://web.archive.org/web/2001 080615 1 906/http:www.cryptomathic.com/products/easysign.html.
Cryptomathic: “A New Approach to Digital Signatures”, Cryptomathic website, Aug. 1, 2001, http://www.cryptomathic.com/company/sigserv.html.
Garfinkel Simson et al: Web Security & Commerce, Jun. 1997, pp. 108-111.
Holloway CJ, “Controlling Digital Signature Services Using a Smartcard”, Computers & Security International Journal Devoted to the Study of Technical and Financial Aspects of Computer Security, Elsevier Science Publishers, Amsterdam, NL, vol. 14, No. 8, 1995, pp. 681-690.
Letter dated Apr. 5, 2004 from F.R. Kelly & Co. to European Patent Office with Enclosures.
“Virtual Smart Card Server Solution”, published by Secure Computing Corporation, Jul. 2000, 3 pages.
Kessler, Gary C. “Roaming PKIs: Harbinger of Virtual VPNs”, Information Security Magazine, published Feb. 2000, 4 pages.
Smith, Richard. “Authentication: From Passwords to Public Keys”, first printing Oct. 2001, 4 pages.
Rigne et al. “Remote Authentication Dial in User Service”, RFC 2058, published by Network Working Group, Apr. 1997, 29 pages.
Frank et al. “HTTP Authentication: Basic and Digest Access Authentication”, RFC 2617, published by Network Working Group, Jun. 1999, 15 pages.
Källström, Olle. “Business Solutions for Mobile E-commerce”, Ericsson Review No. 2, 2000, 7 pages.
Rivest et al., “A Method for Obtaining Digital Signatures and Public-key Cryptosystems”, Communications of the ACM, Feb. 1978, vol. 21, No. 2, pp. 120-126.
Landrock, Peter, “Interactive Identification Protocols (Transcript of Discussion)”, Lecture Notes in Computer Science, Jan. 1, 2001, Springer Berlin, pp. 43-48.
“Authentication in an Electronic Banking Environment”, Federal Financial Institutions Examination Council, Washington, DC, Aug. 8, 2001, 12 pages.
“Jyste Netbank—Kom godt I gang”, Jyske Bank, Apr. 1998, 8 pages.
Munk, Stephanie, “Et foredrag om kryptografi”, daimposten, Oct. 1998, 2 pages.
“ActivCard Synchronous Authentication”, Copyright ActivCard 1997, 13 pages.
Landrock Peter
Tuliani Jonathani Roshan
Cesari and McKenna LLP
Cryptomathic A/S
McKenna John F.
McNally Michael S
Moazzami Nasser
LandOfFree
Data certification method and apparatus does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Data certification method and apparatus, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Data certification method and apparatus will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4313875