Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2001-02-28
2004-11-09
Jung, David (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S178000, C713S176000
Reexamination Certificate
active
06816969
ABSTRACT:
CROSS REFERENCES
This application relates to Japanese Patent Application Reference Nos. 11-301216 filed Oct. 22, 1999, 2000-081712, filed Mar. 17, 2000 and 2000-313123, filed Oct. 06, 2000, which will be soon filed as a U.S. Patent Application corresponding thereto, and the disclosures of which are incorporated herein by references for all purposes.
This application also relates to Japanese Patent Application Reference Nos. 2000-035631, filed Feb. 08, 2000, 2000-081713, filed Mar. 17, 2000 and 2000-313122, filed Oct. 06, 2000, which will be soon filed as a U.S. Patent Application corresponding thereto, and the disclosures of which are incorporated herein by references for all purposes.
BACKGROUND OF THE INVENTION
The present invention relates to a technology for guaranteeing the legitimacy of multimedia data.
Digital signature technology provides a function corresponding to conventional signatures for electronic digitized data such as documents (also referred to as multimedia data).
In digital signature technology, a digital signature generator applies a private key, which the generator keeps secret, to a digitized data (hereinafter referred to as message) M to be signed or a hash value thereof, a hash value being a characteristic value for the message (also referred, to as a compression value or message digest). From this, a digital signature A for the message M is generated. The digital signature A is then added to the message M and made public. A digital signature verifier compares the message M or the hash value thereof to the result obtained from applying a public key corresponding to the private key to the digital signature A added to the message M. If the two do not match, the message M may have been tampered with after the digital signature A was generated. Thus, if the two do match, it confirms that the digital signature A was generated for the message M.
There is also a technology known as timestamping that uses digital signatures to guarantee that a message existed at a certain point in time. In this technology, a digital signature is generated for data formed by combining the message and the current time information. This guarantees that the message existed at that particular time.
A “threshold signature” technology has been proposed to allow operations to continue safely even if some devices have been rendered unusable due to malfunctions or the like. In this technology, a plurality of entities work together to generate a signature. If a fixed number of entities are available, a signature can be generated, but otherwise it will not be possible to correctly generate a signature.
Furthermore, a technology has been developed that prevents improper acts such as cases where the digital signature generator himself tampers with the message, generates a new digital signature, and replaces the original message and the digital signature.
In this technology, the digital signature generator generates a digital signature A
n
for a message M
n
by applying a private key, which is kept secret, to: the message M
n
to be signed or a hash value thereof; data relating to the generation of a digital signature A
n−1
; and time data. As a result, the digital signature A
n+1
generated after the digital signature A
n
will reflect data relating to the previously generated digital signature A
n
. If the digital signature generator himself tampers with the M
n
, generates a new digital signature A
n
, and uses these to replace the original message M
n
and the digital signature A
n
, there will be an inconsistency with the digital signature A
n+1
.
The technology to prevent the improper act described above does not take into account the technology in which a plurality of devices work together to generate signatures. The combination of these technologies is desirable.
SUMMARY OF THE INVENTION
The present invention provides a technology that reliably prevents improper acts even when a plurality of devices work together to generate digital signatures.
the present invention also provides a method in which previously generated signatures are reflected and in which not all devices are needed when generating signatures.
the present invention also provides a technology that reliably prevents improper acts even if the data relating to the generation of the digital signature A
n
and used in generating the digital signature A
n+1
is lost for some reason.
In other words, if a section of signature data forming a chain is lose, the present invention provides a method or a system for guaranteeing the sequential relationship between the signature data with the exception of the lost data.
the present invention also provides service system that uses the method described above and the devices used therein or a program that functionally implements the functions thereof.
Accordingly to the present invention, when signatures are generated with a plurality of devices, at least one signature generating device exists that is involved in consecutive signature generating operations.
More specifically, data involved in a signature generated by the plurality of devices and which is used in the generation of the next signature is stored in all the signature generating devices whether or not they were involved in generating the signature. This data can also be shared by being stored in a safe place and being accessible in a secure manner by all the signature generating devices.
With this implementation, no matter what combinations of signature generating devices are used to generate a signature, these signature generating devices will hold data relating to the previous signature generating operation.
Also, the present invention can be formed so that when a signature is generated, a plurality of data relating to previously generated signatures is used so that the chain (sequential relations) between individual signatures can be confirmed. As a result, if part of the chain cannot be confirmed due to data loss, the presence of an unauthorized party, or the like, the other links can be confirmed so that disrupting the chain of signatures extending from the past to the present is made difficult.
According to the present invention, techniques, including a method and system, for generating digital signatures using n devices and for verifying the digital signatures are provided.
In one embodiment of the present invention provides a method for sequentially generating digital signatures using n devices, each of the devices equipped with signature generator.
The method includes: generating a history data j when generating a j-th digital signature (j≧1); storing, in m devices (1≧m≧n) out of the n devices involved in an i-th digital signature generating operation, the history data j; and generating an i-th digital signature i using at least one of the L (1≦L<i) stored history data j
1
-j
L
.
In the method, the history data j may be either digital signature j generated by the j-th signature generating operation or data used when generating the digital signature j generated by the j-th signature generating operation.
In the method, the history data j may be generated in one of the m devices involved in an i-th digital signature generating operation.
In further embodiment of the present invention, the method for generating digital signatures may include: sending a most recent stored history data to m−1 other devices; selecting most recent history data from m units of history data, formed from m−1 units of history data sent by the m−1 other devices and a most recent history data stored locally; and using the most recent history data as one of history data used when generating the i-th digital signature.
In further embodiment of the present invention, the history data j may be generated on one of the n-m devices, and the method may include: sending, in at least one device of the n-m devices, the history data j to the m devices; and storing, in the m devices, the sent history data.
In the method, a history data (i−1) and at least one history data k (k<i−1) may be u
Iwamura Mitsuru
Matsuki Takeshi
Matsumoto Tsutomu
Mishima Hisanori
Miyazaki Kunihiko
Hitachi , Ltd.
Jung David
Townsend and Townsend / and Crew LLP
LandOfFree
Digital signature generating method and digital signature... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Digital signature generating method and digital signature..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Digital signature generating method and digital signature... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3279560