Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1998-05-20
2001-06-26
Swann, Tod (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S173000, C705S059000, C705S067000
Reexamination Certificate
active
06253322
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates to electronic certification and authentication methods and systems.
Reliable electronic commerce using cryptographic technology has been implemented in recent years in an open network environment such as Internet.
The enciphering of information involves a cryptographic algorithm and a cryptographic key. The cryptographic algorithm means a process (enciphering) for converting intelligible information that is expressed in plaintext into unintelligible information that is expressed in ciphertext and a process (deciphering) for converting ciphertext into plaintext. The cryptographic key means a control parameter used in the converting processes executed by the cryptographic algorithm. Even if a plaintext message is enciphered using the same cryptographic algorithm, resultant ciphertext messages may be different from one another depending on the cryptographic keys used. Therefore, in order to decipher ciphertext into corresponding plaintext, the same cryptographic key as that used for the enciphering or a cryptographic key that is paired with the cryptographic key used at the time of the enciphering must be used. The cryptographic algorithm requiring that exactly the same cryptographic key used for enciphering be used for deciphering is called “symmetric-key cryptography”, or “common-key cryptography” like in the former case, whereas the cryptographic algorithm using different cryptographic keys for enciphering and deciphering is called “asymmetric-key cryptography”, or “public-key cryptography.” Common-key cryptography implements high-speed processing but entails time and labor in managing keys, whereas public-key cryptography does not implement high-speed processing but is easy in managing keys and, in addition, is advantageous in that it is applicable to digital signature generation.
That is, public-key cryptography, due to asymmetry of two keys used for enciphering and deciphering, allows one of the keys (public key) to be disclosed to the public. As a result, public-key cryptography provides relatively easier cryptographic key management than common-key cryptography, and is also advantageous in that it is applicable to digital signature generation. However, in utilizing public-key cryptography, correspondence between a publicly disclosed public key and the possessor of such public key must be ensured. The reason therefor is as follows. If an illegal user A prepares a public key of a user B under the disguise of the user B and discloses the thus prepared public key as the public key of the user B (the private key corresponding to such public key is possessed by the illegal user A), then a user C might erroneously certify the illegal user A as being the user B by checking the digital signature of the user B forged by the illegal user A through deciphering using the public key of the user B. Moreover, as a result of such erroneous certification, all the information addressed to the user B is leaked to the illegal user A. Therefore, in constructing an environment in which public-key cryptography can be utilized, it is essential to provide a means for ensuring correspondence between a public key and its possessor.
A certification authority is a means for solving such problem in a large-scale open network such as Internet. A framework for certification using a certification authority and a certificate has been specified by CCITT (The International Telegraph and Telephone Consultative Committee) in its resolution X.509. The certificate means a public key of the possessor of the certificate and data that is made unforgeable by enciphering the certificate and other pieces of information using a private key of the certification authority that has issued the certificate, i.e., by putting a digital signature of the certification authority. All the entities using the system can check and certify the authenticity of a public key included in a certificate of other entity only by holding the certificate (public key) of the certification authority safely and checking the digital signature of the certification authority put on the certificate of the other entity.
By the way, electronic commerce in a network environment such as Internet tends to expand from electronic commerce between consumers and malls to electronic commerce between enterprises. Electronic commerce between enterprises will be more and more oriented towards not only attaining transaction security but also providing “authentication service” in which the contents of a transaction and the fact that the transaction was made are certified and in which the evidence of such facts is archived for a predetermined period of time. Further, such authentication service may possibly be expanded to areas other than electronic commerce (i.e., services currently supplied by a notary public at a notary's office, such as administering wills). It may be noted that an invention related to electronic commerce is disclosed in, e.g., U.S. Pat. No. 5,671,279.
However, ISO is standardizing the “non-repudiation” technology, but such standardization is still on a framework level and, therefore, implementation formalities are not yet specified. Further, a service for safekeeping electronic information that is received online (electronic safe deposit box) is available. However, not administered on a transaction basis, such service is not suited to utilize “authentication service”. Still further, although the Civil Affairs Bureau of the Ministry of Justice advocates the necessity of an electronic certification and authentication system in electronic commerce, what is envisaged by the Bureau is merely an outline, lacking implementation formalities. It may be noted that the non-repudiation technology is disclosed in, e.g., U.S. Pat. No. 5,615,268.
SUMMARY OF THE INVENTION
The object of the present invention is to implement certification and authentication services (electronic information signing and archiving services) necessary in dealing with electronic commerce in an opening network environment.
To achieve the above object, the present invention is applied to an electronic certification and authentication method to be applied to a system in which a service supplying unit and a plurality of service receiving units are connected to one another through a communication network, the service supplying unit being used by a service supplier who supplies an authentication service, each of the service receiving units being used by a service receiver who receives the authentication service. The method comprises the steps of: transmitting contract information from the service supplying unit to the service receiving units of the service receivers who are contracting parties, respectively, the contract information including a content of a contract; causing each of the service receiving units having received the contract information to prepare one party-signed contract information by causing the corresponding service receiver to electronically sign the contract information, and to transmit the one party-signed contract information to the service supplying unit; causing the service supplying unit to receive the one party-signed contract information transmitted from each of the service receiving units, to synthesize a plurality of received copies of one party-signed contract information into a single document, and then to prepare contract information signed by the service supplier by causing the service supplier to electrically sign the document; causing the service supplying unit to archive the prepared service supplier-signed contract information; and transmitting the service supplier-signed contract information from the service supplying unit to each of the service receiving units.
REFERENCES:
patent: 4264808 (1981-04-01), Owens et al.
patent: 5410646 (1995-04-01), Tondevold et al.
patent: 5422953 (1995-06-01), Fischer
patent: 5655085 (1997-08-01), Ryan et al.
patent: 5659616 (1997-08-01), Sudia
patent: 5724425 (1998-03-01), Chang et al.
patent: 5765176 (1998-06-01), Bloomberg
patent: 5812942 (1998-09-01),
Mitsunaga Satoshi
Mizuno Yasuhiko
Moriyama Shoji
Susaki Seiichi
Takahashi Miwa
Antonelli Terry Stout & Kraus LLP
Hitachi , Ltd.
Kabakoff Stephen
Swann Tod
LandOfFree
Electronic certification authentication method and system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic certification authentication method and system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic certification authentication method and system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2524617