Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-12-01
2002-04-02
Hayes, Gail (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S176000, C713S158000
Reexamination Certificate
active
06367013
ABSTRACT:
BACKGROUND
This invention relates to systems and methods for providing a verifiable chain of evidence and security for the transfer and retrieval of documents and other information objects in digital formats.
The continuing evolution of the methods of commerce is evident in the increasing replacement of paper-based communications with electronic communications. When communication is by electronically reproduced messages such as e-mail, facsimile machine, imaging, electronic data interchange or electronic fund transfer, however, there no longer exists a signature or seal to authenticate the identity of a party to a deal or transaction. The traditional legally accepted methods of verifying the identity of a document's originator, such as physical presence or appearance, a blue-ink signature, personal witness or Notary Public acknowledgment, are not possible.
To address these problems, a document authentication system (DAS) has been described that provides the needed security and protection of electronic information objects, or electronic documents and other information objects, and that advantageously utilizes an asymmetric cryptographic system to help ensure that a party originating an information object is electronically identifiable as such. This system is one aspect of the methods and apparatus for secure transmission, storage, and retrieval of information objects that are described in U.S. Pat. No. 5,615,268 to Bisbee et al. and U.S. Pat. No. 5,748,738 to Bisbee et al. and in U.S. patent application Ser. No. 09/072,079 filed on May 4, 1998, by Bisbee at al. These patents and application are expressly incorporated by reference in this application.
As an initial matter, it will be helpful to understand the following terminology that is common in the field of secure electronic commerce and communications.
“Public key cryptography (PKC)” uses pairs of cryptographic “keys”, each pair having a private (secret) key and a public key, that are associated with respective registered users. The public keys are published for anyone to use for encrypting information intended for the respective users. Only the holder of the paired private key can read information, i.e., an electronic document or more generally an information object, that was encrypted using the respective public key. Conversely, an electronic document that is “digitally signed” using a user's private key can be verified as that user's by anyone who knows the user's public key. The encrypt and decrypt functions of both keys are truly “one-way”, meaning that no one can determine a private key from the corresponding public key, and vice versa, which in popular PKC systems is due to the fact that, at least currently, finding large prime numbers is computationally easy but factoring the products of two large prime numbers is computationally difficult. Example PKC algorithms, which comply with applicable government or commercial standards, are the digital signature algorithm (DSA/RSA) and secure hash algorithm (SHA-1/MD5).
Various aspects of public-key cryptographic (PKC) systems are described in the literature, including R. L. Rivest et al., “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,”
Communications of the ACM
vol. 21, pp. 120-126 (February 1978); M. E. Hellman, “The Mathematics of Public-Key Cryptography”,
Scientific American,
vol. 234, no. 8, pp. 146-152, 154-157 (August 1979); and W. Diffie, “The First Ten Years of Public-Key Cryptography”,
Proceedings of the IEEE,
vol. 76, pp. 560-577 (May 1988). It can also be noted that for a PKC system, as for other cryptographic systems, the system's strength, i.e., the computational effort needed to break an encrypted message, depends to a great extent on the length of the key, as described in C. E. Shannon, “Communication Theory of Secrecy Systems”,
Bell Sys. Tech. J.
vol. 28, pp. 656-715 (October 1949).
A “digital signature” is an unforgeable data element, which asserts that the user(s) corresponding to the digital signature wrote or otherwise agreed to the contents of an electronic document or other information object to which the digital signature is appended. A digital signature is typically created by “hashing” the electronic document, encrypting the resulting hash (integrity block) using the user's private (secret) key, and appending the encrypted hash to the electronic document.
An “authentication certificate” is an unforgeable digitally signed data element that binds a user's public key to the user's identity information and that advantageously, but not necessarily, conforms to the international standard X.509 version 3, “The Directory-Authentication Framework 1988”, promulgated by the International Telecommunications Union (ITU). Each authentication certificate includes the following critical information needed in the signing and verification processes: a version number, a serial number, an identification of the Certification Authority (CA) that issued the certificate, identifications of the issuer's hash and digital signature algorithms, a validity period, a unique identification of the user who owns the certificate, and the user's public cryptographic signature verification key. Authentication certificates are issued and digitally signed by a CA that is responsible for insuring the unique identification of all users.
An authentication certificate is a digital “ID”, much like a driver's license or other documentation that is used to verify a person's identity. The e-original public key infrastructure can use the X.509v3 certificate that is based on an ISO/ITU standard, as interpreted by the Internet Engineering Task Force (IETF) Public Key Infrastructure X.509 (PKIX) recommendations. These certificates are digitally signed by the issuing Certification Authority, which ensures both content and source integrity. The act of digitally signing makes the certificates substantially tamper-proof, and therefore further protection is not needed. The intent of the certificate is to reliably associate (bind) a user's name to the user's public cryptographic key. The strength of protection equates directly to the strength of the algorithm and key size used in creating the issuer's digital signature (hash and digital signature algorithms). A certificate therefore securely identifies the owner of the public key pair, which is used to provide authentication, authorization, encryption, and non-repudiation services. A typical certificate has the following form:
[Version, Serial No., Issuer Algorithm (Hash & Digital Signature), Issuer Distinguished Name (DN), Validity Period, Subject DN, Subject Public Key Info, Issuer Unique Identifier (optional), Subject Unique Identifier (optional), Issuer Public Key, Extensions (e.g., Subject Alt Name)] Issuer Digital Signature
A unique DN is formed by concatenating naming specific information (e.g., country, locality, organization, organization unit, e-mail address, common name).
Certificate extensions can also be used as a way of associating additional attributes with users or public keys, and for managing the public key infrastructure certificate hierarchy. Guidance for using extensions is available in the recommendations of ITU X.509v3 (1993) |ISO/IEC 9594-8:1995, “The Directory: Authentication Framework” or in IETF Internet X.509 Public Key Infrastructure Certificate and CRL Profile <draft-ietf-pkix-ipki-part
1
-
11
>.
A user's authentication certificate is advantageously and preferably appended to an electronic document with the user's digital signature so that it is possible to verify the digital signature. Alternatively, the certificate may be retrieved from the issuing CA or directory archive.
“Public Key Infrastructure (PKI)” is the hierarchy of CAs responsible for issuing authentication certificates and certified cryptographic keys used for digitally signing and encrypting information objects. Certificates and certification frameworks are described in C. R. Merrill, “Cryptography for Commerce—Beyond C
Bisbee Stephen F.
Moskowitz Jack J.
White Michael W.
Burns Doane et al.
eOriginal Inc.
Hayes Gail
Meislahn Douglas J
LandOfFree
System and method for electronic transmission, storage, and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for electronic transmission, storage, and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for electronic transmission, storage, and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2893552