Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2000-07-21
2002-12-24
Darrow, Justin T. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S170000, C713S181000, C705S051000, C380S202000
Reexamination Certificate
active
06499105
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to technology which authenticates the relation between digital data and an individual/organization.
2. Description of Related Art
As the information society has evolved recently, more and more digital data is used instead of traditional printed matter as communication media. Digital data is sometimes sold as a valuable commodity.
In the information society like this, some means are necessary to authenticate the relation between digital data and an individual/organization in order to prevent crimes or malicious actions including illegal copying, illegal alteration, and illegal use of digital data. For example, to check that digital data has been provided by an authentic organization, some means are necessary to authenticate the relation between the digital data and the authentic organization. Similarly, to check the source of digital data or to check the individual or organization owning the right to digital data, some means are necessary to authenticate the relation between the digital data and an individual or an organization.
Conventionally, a technique known as a digital signature has been used to authenticate the relation between digital data and an individual/organization.
As described in “ANGO RIRON NYUMON (Introduction to Cryptography)”, pages 133-137, Kyoritsu Shuppan Co., Ltd. 1993, the digital signature technique, developed to prove the correctness of documents, combines public key cipher technology with one-way functions.
In this technology, a pair of keys, a private key S and a public key V which satisfy g(f (n, S) V)=n and f(g (n, V), S)=n, is created first, where n represents data, and f and g represent functions. These formulae mean that data encrypted with the private key S may be decrypted by with the public key V and that, conversely, data encrypted with the public key V may be decrypted with the private key S. It should also be noted that it is virtually impossible to find the private key S from the public key V.
Once the private key S and the public key V are created, the creator passes the public key V to a partner and holds the private key S privately.
When the key creator sends data to the partner, the creator passes data to which a digital signature is attached. This digital signature is created by evaluating data with a predetermined one-way function and then encrypting the resulting evaluation value with the private key S.
The one-way function described above can calculate an evaluation value from data, but it is impossible to virtually calculate the original data from the evaluation value. In addition, it is necessary for the one-way function used in creating a digital signature to return a unique bit string for each piece of unique data; that is, the probability of the function returning the same bit string to two or more pieces of data must be very small. An example of such functions is a one-way hash function which evaluates data and returns a bit string as the evaluation value of the data. The evaluation value h(D) calculated by the one-way hash function is called the hash value of D, where h is the one-way hash function and D is data.
Upon receiving data to which a digital signature is attached, the receiving partner evaluates the data with the one-way function to obtain an evaluation value and then checks if the evaluation value matches the value generated by decrypting the digital signature using the public key V. When they match, it is verified that the digital signature was created by the holder of the private key S corresponding to the public key V and that the digital signature is for the data that was received.
The technique described in “Applied Cryptography”, John Wilsy & Sons, Inc. (1996), pp 39-41, is known as a technique for creating digital signatures for use by a plurality of persons that are attached to one piece of data.
When this technique is used, not all signature creators need to generate the hash value of data to create a digital signature; and instead, each of the second and subsequent signature creators calculates the hash value of the digital signature of the immediately-preceding creator to get his or her digital signature. That is, the first signature creator calculates the hash value of data and then encrypts the resulting hash value with his or her own private key to get a digital signature, as described above. The second creator encrypts the hash value of the first creator's digital signature with his or her own private key to get a digital signature. This is repeated for the subsequent signature creators. That is, the n-th creator encrypts the hash value of the (n−1)th creator's digital signature with his or her own private key to obtain a digital signature.
In this case, the digital signatures created by n signature creators are verified as follows. The final digital signature is decrypted by the public key of the final (n-th) signature creator, the decrypted digital signature is then decrypted by the public key of the (n-1)th signature creator, and so on, until the digital signature of the first signature creator is decrypted. If the result obtained by decrypting the signature by the public key of the first signature creator matches the hash value of the original data, it is determined that the digital signature was created by n signature creators each having his or her own public key and that the digital signature corresponds to the data. However, when the sequence in which the signature creators created signatures is not known, this technique requires that the above process be performed for the number of times generated by permutating all signature creators.
Also available for authenticating the relation between digital data and an individual/organization is a technique known as a digital watermark.
As described in Nikkei Electronics (1997), No. 683, pp. 99-107, this technique embeds management information, such as copyright information, into image data itself.
The digital watermark technique has the following features. Embedded data is not usually seen when image data containing that embedded information is displayed and, in addition, the image data itself displayed on a screen is almost not affected by the embedded information. Removing only the embedded information is difficult and, if the embedded information is removed accurately, the picture quality of the image data is significantly degraded. In general, even when the image data is compressed, embedded information may be restored to some extent.
A digital watermark technique which enables information to be embedded, not into image data, but into text data, drawing data (graphic data), and audio data has also been proposed.
In Nikkei Electronics (1997), No. 683, pp. 99-107, a technique using such digital watermark for preventing the illegal copy of contents, which are composed of digital data such as image data, is also described.
This technique embeds the identification of the contents purchaser into the contents in the form of a digital watermark. When illegally copied contents are seized, the embedded information is extracted to identify the person (that is, the purchaser) who produced the illegal copy.
The basic procedure for embedding purchaser's identification information is as follows:
(1) The provider (contents provider) assigns a unique number to a contents purchaser.
(2) The provider embeds the number of the contents purchaser into the contents in the form of a digital watermark.
(3) When illegally-copied contents are found and seized, the provider or inspection division extracts the number from the contents to identify the purchaser.
(4) The penalty is imposed on the purchaser for illegal copy or for lending the contents to a person who produced the illegal copy.
Recently, a WWW (World Wide Web) system, composed of a WWW server program and a browser program, has become popular as means for providing and sending information to a plurality of users over an open network such as the Internet. As this type of WWW system has become widely u
Saito Tsukasa
Sasaki Ryoichi
Susaki Seiichi
Takaragi Kazuo
Toyoshima Hisashi
Antonelli Terry Stout & Kraus LLP
Darrow Justin T.
Hitachi , Ltd.
LandOfFree
Digital data authentication method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Digital data authentication method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Digital data authentication method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2986014