Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-05-20
2003-03-04
Hayes, Gail (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S165000, C713S178000, C713S180000, C380S029000, C380S044000, C380S054000, C380S059000, C380S258000
Reexamination Certificate
active
06530023
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention is directed to securing digital data for storage and transmission and, more particularly, to a system for sealing computer data using a time stamp and encryption.
2. Description of the Related Art
There has been a tremendous upsurge in recent years in the exchange of data and information by computer, fax, telex and other electronic media. The growing use of electronic data processing in all fields, in light of the quality and quantity of the data processed, has created a whole new dimension in the demand for data security. As daily press reports indicate, this is especially true in the area of remote data transmission. For example, see “Internet is Not Suitable for Sensitive Data” (“Internet ist für sensible Daten nicht geeignet”) in
Ärzte-Zeitung
14, No. 86, May 11, 1995, and “Don't Trust Anyone per Fax” (“Trau' keinem über Fax”) in
PraxisComputer
No. 1, Feb. 10, 1995, p. 15.
The demand for data sealing, document authenticity and legally binding communications is becoming ever louder. It is only a matter of time until legislators devise applicable guidelines. The text of an interview with Dr. Winfried Schorre and Horst Seehofer on this subject, entitled “Make Better Use of Scarce Resources” (“Knappe Ressourcen besser nutzen”), appeared in
PraxisComputer
No. 5, Aug. 10, 1995, p. 36.
To illustrate the current situation, several possible opportunities for manipulation are described briefly below.
Example: Medicine
A surgeon dictates a post-operative report, which is then entered into the computer by administrative personnel. It is later found that the surgeon made a mistake: for example, removing a cataractous lens on the basis of a pre-operative diagnosis—but from the wrong eye. Afterward, the surgeon attempts to manipulate the pre-operative findings (cataractous left lens) to clear himself (cataractous right lens).
Example: Finance
Exchange-rate transactions are carried out at timepoint t1. At timepoint t2, the rate has dropped. Post-facto manipulation is undertaken to fraudulently avoid a loss.
Example: Research
Who was the first to document an invention?
Example: Law
A written record of testimony is made. For use in court, document authenticity is required.
Example: Data Exchange
A letter of discharge for a psychiatric patient is to be sent by modem to the patient's family physician. The authenticity of the receiver must be ensured, and unauthorized access to confidential documents must be prevented. See: “Pledge of Secrecy and Data Networks” (“Schweigepflicht und Datennetze”) in
PraxisComputer
No. 6, Oct. 15, 1994, p. 5.
The Federal Physical Technical Agency in Braunschweig broadcasts the time of day, as determined by a cesium clock, via radio waves from Mainflingen. The broadcast signals can be received within a radius of 1500 to 2000 km. For details, see “DCF Reception Technology” (“DCF Empfangstechnik”) in
ELV
-
Journal
June 1994, pp. 27 ff.
Receiver modules for broadcast time signals have achieved a high technical level (as discussed in
Design&Electronik
10, May 16, 1995, No. 242: “Industrial Clocks in the Atomic Age” (“Industrie-Uhren im Atomzeitalter”)). Such receivers provide the date and time of day, referred to hereinafter as “standard time,” on a minute by minute basis.
Time signals also exist in foreign countries, e.g., MSF (England) and WWVR (United States). Furthermore, a time signal is contained in the Global Positioning System (GPS, see below).
For as long as there has been information, there has been the desire to shield information from general access by encryption. The security of the key used correlates with the quality of the key algorithm.
Various encryption methods are available for protecting the secrecy of confidential data. These methods offer more or less data security, in keeping with their costs. A basic distinction is made between symmetrical methods (crypto procedures as per Feal, DES, etc.) and asymmetrical methods (RSA, PGP, etc.).
Various attempts to achieve document authenticity and legally binding communications have thus far yielded no satisfactory solution. The equivalence of a digital signature to a personal handwritten signature is the object of intensive research, as outlined in the articles “Crypto Envy” (“Crypto-Neid”) in
c't Magazin
1995, Vol. 6, p. 46 and “Single Chip Controllers for Crypto-Cards” (“Single-Chip-Controller für Kryptokarten”) in
Design&Electronik
14/15, Jul. 18, 1995, No. 212. Compared with encryption alone, digital signatures offer a variety of advantages (Glade, A., Reimer, H., Struif, B.: “The Digital Signature and Security-Sensitive Applications” (“Digitale Signatur und sicherheits-sensitive Anwendungen”), Wiesbaden 1995).
The post-facto vulnerability of electronic data to manipulation represents a problem that has not yet been solved. In the legal sense, a file becomes a document only by virtue of being published, including a date and signature. However, in view of the abundance of data and the speed with which data is produced and destroyed (data turnover), that method reaches the limits of the possible.
The growing exchange of data by computer, fax and other media, as well as the permanently increasing number of networks on the national and international lever (Internet, etc. See: “Internet is Not Suitable for Sensitive Data” (“Internet ist für sensible Daten nicht geeignet”) in Ärzte-Zeitung 14, No. 86, May 11, 1995), makes adequate measures for data security a necessity. For more information, see: “Don't Trust Anyone per Fax” (“Trau' keinem über Fax”) in
PraxisComputer
No. 1, Feb. 10, 1995, p. 156, May 11, 1995 and “Data Keys, Foundations of Cryptology (“Datenschlösser, Grundlagen der Kryptologie”) in
c't Magazin
1994, Vol. 8, pp. 230 ff.
SUMMARY OF THE INVENTION
An object of the invention is therefore to provide a method and a device for sealing electronic data that protect the sealed data against unauthorized access or manipulation and can be used in stationary operation (PCs, etc.) as well as during transport (fax, etc.).
Pursuant to this object, and others which will become subsequently apparent, one aspect of the present invention resides in a method for sealing digital data, whereby the digital data is provided with a time stamp of an internal time signal of an internal clock. The method includes the steps of receiving and evaluating an internal broadcast or a cable signal of an external time source, from which a standard time can be derived, comparing the standard time with the internal time signal of the internal clock, time stamping the digital data, if a time difference between the internal and external time signals lies within a given tolerance range, and encrypting the time-stamped digital data.
The object is achieved by incorporating, during the encryption process, a signal that contains the standard time and an authentication code. Decryption is carried out by the person or persons having the key, and the file is checked for possible modifications (manipulation).
The method and device described here ensure that access to the sealed data remains blocked, as a rule, and thus constitute a significant step toward document authenticity and legally binding communications (see FIG.
1
: Data Flow Diagram).
For data transport, this means that the authenticity of transmitter and receiver is guaranteed, while unauthorized access to the transmitted data is prevented by the simultaneous encryption.
The method and device for sealing computer data by a combination of standard time incorporation, authentication and encryption thus protects the sealed data against unauthorized access or manipulation, both in the area of stationary electronic data processing (example: PC plug-in cards) and in that of remote data transmission (example: additional circuit boards).
To upgrade on the PC level, a plug-in card is favored. For data transmission devices, an additional or “daughter” circuit board is preferred. Of course, technology attempts to miniaturize such circuits and compress t
Meinhold Matthias
Nissl Klaus
Hayes Gail
Jackson Jenise
Staas & Halsey , LLP
TimeSafe TrustCenter GmbH
LandOfFree
Method and device that validates time of an internal source... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and device that validates time of an internal source..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and device that validates time of an internal source... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3084442