Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
1998-12-24
2003-05-20
Barron, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S166000, C713S180000, C380S283000, C380S285000
Reexamination Certificate
active
06567913
ABSTRACT:
FIELD OF THE INVENTION
The instant invention relates to certificate meters which certify users of electronic commerce and, more, particularly, to a certificate meter for electronic commerce that provides for the selective issuance of digitally signed messages together with corresponding certificates that have different validity periods associated therewith.
BACKGROUND OF THE INVENTION
U.S. Pat. No. 5,796,841, issued to Cordery, et al. on Aug. 18, 1998, (hereinafter referred to as the '841 patent) discloses a certificate meter. The certificate meter of the '841 patent is used in electronic commerce to account for a service charge associated with each use of the certificate meter and to ensure that upon receipt of a message the recipient can verify that (1) the message is genuine and signed by the sender (authentication) and (2) the message has not been altered (integrity). However, the period: for which the certificate issued by the certificate meter is valid, from a security viewpoint, is dependent upon advances made in cryptoanalysis and computing power. That is, it should be assumed that the private key used to digitally sign the message will likely, at sometime in the future, be capable of being compromised. Accordingly, the period of time for which a signed message is considered to be valid is at least partially dependent upon the length of the private key used to sign the message. The larger the private key that is used, the more time consuming and complex are the computations required to compromise the private key.
In view of the above, one way to make the signed message more secure is to use to a private key that is extremely large. Thus, the private key can be made large enough so that any foreseeable advances in computing power will still make determination of the private key impractical. Unfortunately, as the size of the key increases the amount of processing time required to generate and verify a digitally signed message also significantly increases. The potentially large increase in processing time is not acceptable because it decreases the overall efficiency of the certificate meter system.
In addition to the above, not all messages require the same level of security. Some messages need to be protected for a significantly longer period of time and have a large value associated with them (e.g. a home mortgage contract). Other messages need to, be protected for only a few years and have comparatively little value associated with them (e.g. a college ID). Still other messages occur on a frequent basis and therefore the time required to process them must be kept to a minimum (e.g. credit card transaction). As mentioned above, the additional processing overhead required to provide security for a long period of time is burdensome and unwarranted for messages that have only a short life and must be processed quickly. Thus, what is needed is a certificate meter that provides the user with a capability to selectively apply one of a plurality of digital signatures of varying levels of security to a specific message. The selected digital signature will have a validity period that is commensurate with the type of message being processed.
SUMMARY OF THE INVENTION
It is an object of the invention to provide a system that overcomes the limitations of the prior art discussed above. This object is met by providing system including apparatus for selecting and associating one of a plurality of different security levels with a message; and structure for generating a digital signature for the message at times when the one of the plurality of different security levels has been selected and associated with the message, the digital signature for the message being generated based upon the contents of the message and the selected one of the plurality of different security levels.
In yet another embodiment the invention accounts for a service charge associated with the generation of a signed message and public key certificate. In this embodiment the system includes a device for generating a message; structure for selecting one of a plurality of different private keys stored within the system, each of the plurality of different private keys providing a different level of security when used in the generation of an SMPKC for the message; apparatus for associating each of a plurality of different service charges with a corresponding one of the plurality of different private keys, a device for generating an SMPKC for the message using the selected one of the plurality of different private keys; and structure for accounting for a one of the plurality of different service charges that corresponds to the selected one of the plurality of different private keys.
REFERENCES:
patent: 4633036 (1986-12-01), Hellman et al.
patent: 4900904 (1990-02-01), Wright et al.
patent: 5073934 (1991-12-01), Matyas et al.
patent: 5204961 (1993-04-01), Barlow
patent: 5214702 (1993-05-01), Fischer
patent: 5416841 (1995-05-01), Merrick
patent: 5418854 (1995-05-01), Kaufman et al.
patent: 5422953 (1995-06-01), Fischer
patent: 5448641 (1995-09-01), Pintsov et al.
patent: 5504818 (1996-04-01), Okano
patent: 5768388 (1998-06-01), Goldwasser et al.
patent: 5796841 (1998-08-01), Cordery et al.
patent: 5838812 (1998-11-01), Pare, Jr. et al.
patent: 5862223 (1999-01-01), Walker et al.
patent: 5987123 (1999-11-01), Scott et al.
patent: 6044350 (2000-03-01), Weiant, Jr. et al.
patent: 6076163 (2000-06-01), Hoffstein et al.
patent: 6158007 (2000-12-01), Moreh et al.
patent: 6272639 (2001-08-01), Holden et al.
patent: 6308266 (2001-10-01), Freeman
patent: 6330677 (2001-12-01), Madoukh
patent: 2306865 (1997-05-01), None
Barron Gilberto
Chaclas Angelo N.
Pitney Bowes Inc.
Shapiro Steven J.
Zand Kambiz
LandOfFree
Selective security level certificate meter does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Selective security level certificate meter, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Selective security level certificate meter will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3030711