Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2000-02-22
2004-06-22
Robinson, Greta (Department: 2177)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C707S793000, C707S793000, C707S793000
Reexamination Certificate
active
06754661
ABSTRACT:
TECHNICAL FIELD
This invention relates generally to cryptography and, more particularly, to methods and systems for managing electronic information that can be used for verification and authentication such as digital certificates.
BACKGROUND
Cryptography provides a set of techniques for encoding data and messages such that the data and messages can be stored and transmitted securely. Cryptography can be used to achieve secure communications, even when the transmission media (for example, the Internet) is untrustworthy. Using cryptography, it becomes possible to verify the authenticity and origin of data and messages using evidentiary information such as digital signatures and digital certificates. Management of such evidentiary information can pose significant challenges particularly when the volume of such information becomes large, as will become apparent below. Before discussing problems associated with management of evidentiary information, however, some background information on cryptography in general will be useful in understanding how and where the inventive methods and systems fit.
One aspect of cryptography makes use of so-called public and private key pairs. The key pairs are mathematically related, e.g, derived from extremely large prime numbers, such that it is computationally infeasible to derive one key from the other. In public key cryptography, the public key is made public while the private key is kept private. The private key typically never leaves the machine on which it was generated. Accordingly, when using public key cryptography, the only component that must remain secret is the private key. In public key cryptography, information that is encrypted with one of the public or private keys can only be decrypted with the other of the public or private keys.
FIG. 1
illustrates a computer network that makes use of public and private keys. In the illustrated example, there are two users—Alice and Bob, that desire to send protected messages to one another. If Bob wishes to send Alice a secure email message, he can encrypt the email message with Alice's public key. When Alice receives the message, she can decrypt it using her private key. Bob should have access to Alice's public key because, after all, it is public. If, on the other hand, Alice wishes to send a secure email response to Bob, she can simply encrypt the email message with Bob's public key and send it to Bob. Since only Bob's private key can decrypt messages encrypted with Bob's public key, Alice can be assured that the message is private between her and Bob. In addition to providing privacy, public key cryptography can be used to provide integrity. The notion of a digital signature can be used to sign documents and software.
FIG. 2
illustrates a computer network in which a digital signature is utilized. A digital signature can be produced by passing a file, such as an email message, through a specific one-way hashing algorithm. The hashing algorithm produces a much smaller bit stream, e.g. 128-bits or 160-bits, often termed a message digest. The message digest is a unique value that acts as a fingerprint for the file. Because of the nature of the hashing algorithms, a one-bit change in the message can produce a change in roughly one half of the bits in the message digest. This helps to ensure that the recipient receives the actual file that was sent, and not a modified or altered version as will become apparent below. Once a message digest is created, it can be encrypted using the signer's private key and attached to the file when it is sent. Thus, in this example, Bob can produce a hash of his email message to Alice to provide a message digest, encrypt the message digest with his private key, and attach the encrypted message digest to the email message as his digital signature. To verify the integrity of the file, the application opening the file on Alice's end, e.g. Alice's email program, first uses the same hashing algorithm to produce her own message digest of the file. The application then decrypts the signature attached to the file by using Bob's public key to recover the original message digest produced when the file was originally signed. The two message digests are then compared by Alice's software. If any part of the message digests do not match identically, then the contents of the file have been modified or corrupted and cannot be trusted.
FIG. 3
illustrates a computer system in which a session key is used. A session key can be thought of as a secret that is “shared” between Alice and Bob.
Specifically, Bob can create a session key and use it to encrypt his email message to Alice. After Bob encrypts the email message with the session key, he can encrypt the session key with Alice's public key and transmit it to Alice. Alice can then decrypt the session key using her private key. With the decrypted session key, Alice can now decrypt the encrypted email message, run the hash to produce the message digest, and process it as described above.
One problem with the above scenario stems from the fact that someone, other than Bob, could conceivably masquerade as Bob by fraudulently holding out a public key that is represented to be “Bob's public key”. Any messages that are intended for Bob and encrypted with the fraudulent public key, could conceivably then be decrypted with the accompanying private key by a person other than Bob. This person would then have access to information that was intended by the sender only for Bob. To address this, as well as other situations, the notion of a digital certificate is used. Digital certificates can be used both to ensure that Bob's public key is, in fact, his public key, and to a lesser degree, to ensure that Bob's private key has not been compromised.
A digital certificate can be thought of as an electronic counterpart of an ID card, such as a driver's license or passport. The validity of a digital certificate is based on systems similar to those used to issue physical ID cards. Specifically, information, e.g. information from and about Bob, is provided to a trusted public body called a certification authority, such as VeriSign, Inc. The certification authority validates the information and then issues a digital certificate. The digital certificate contains information about who the certificate was issued to, as well as the certification authority that issued it. For example, the digital certificate can contain Bob's email address, and the company and division he works for, etc. The certificate also contains Bob's public key. In addition, the certificate contains a digest of the certificate's contents that is signed with the private key of the certification authority to ensure that the certificate has not been altered or forged. That is, the certification authority first creates a hash of the certificate contents, and then encrypts the hash with its private key. Any application having the public key of the certification authority can decrypt the digest and check it against their own hash. If the digests match up, then the certificate can be trusted. If the digests do not match up, then the certificate cannot be trusted. When it comes to certificates, trust is very important. In the above example, Alice and Bob must both trust the certification authority that issues the certificates.
Certification authorities can have their own certificates that can be used to validate that anything signed by the certification authority is, in fact, authentic. To do this, so-called self-signed certificates are used. Self-signed certificates, also referred to as “root certificates”, are issued and signed by certification authorities. Thus, the self-signed certificates must be trusted as being valid. Additionally, some certification authorities may themselves be certified by a hierarchy of one or more certification authorities. When a digital certificate is used to sign documents and software, this information is stored with the signed item in a verifiable form so that it can be di
Debique Kirt
Hallin Philip J.
Vogel Keith R.
Black Linh
Lee & Hayes PLLC
Microsoft Corporation
Robinson Greta
LandOfFree
Hierarchical storage systems for holding evidentiary objects... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Hierarchical storage systems for holding evidentiary objects..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Hierarchical storage systems for holding evidentiary objects... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3331551