Cryptography – Video cryptography – Video electric signal modification
Reexamination Certificate
2000-02-22
2002-05-21
Decady, Albert (Department: 2766)
Cryptography
Video cryptography
Video electric signal modification
C380S036000, C380S239000, C713S185000, C713S178000, C713S172000, C713S159000
Reexamination Certificate
active
06393126
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates generally to methods and systems for providing and verifying a trusted source of certified time, and, more particularly, the invention relates to digitally time stamping electronic documents wherein the time stamp can be validated and verified as synchronized with an accepted standard.
2. Description of the Related Art
Electronic Commerce (e-commerce) is a rapidly expanding aspect of the economic world and demands the use of Electronic Commerce transactions. Such transactions, however, have outgrown the policies and controls that regulate traditional Paper Commerce. For example, a paper document can be typed, signed in ink, and mailed through the post office. The post office can then affix a time stamp and receipt at the destination. There are long standing legal and accounting policies that authenticate this type of transaction. When an electronic document is sent between two computers, however, it does not leave behind the same degree of tangible evidence. Even if the electronic document is stored in a computer's memory, the contents, signature, and time stamp can be manipulated by anyone with access to the computer.
Accounting and legal regulatory bodies are currently developing and mandating Electronic Commerce certification processes to provide reliable authentication for electronic transactions much like those available for paper transactions. Many of the certification processes depend on the creation of a digital signature using public key cryptography that authenticates the “Who,” “What,” and “When” of a document.
Public key cryptography was developed in the 1970s to solve problems involved with symmetric key cryptography. In public key cryptography systems, two corresponding keys are generated. One key, called a private key, is held privately by the keyholder. A second key, called a public key, is published openly for anyone that wants to secretly communicate with the keyholder or verify the authenticity of messages sent by the keyholder. Because the sender and the receiver use different keys, public key cryptography is also known as asymmetric key cryptography.
To send a secret message with public key cryptography, an entity “A” encrypts a message using the public key of an entity “B.” “A” then transmits the encrypted message to “B.” “B” decrypts the encrypted message with “B”'s corresponding private key. Since the message encrypted with “B”'s public key can only be decrypted with the corresponding private key, held only by “B,” the privacy of the communication is ensured.
To authenticate the content and origin of a message, “A” uses a one-way hash function to create a message digest. A message digest is a fixed length data element that uniquely represents the source message. Since the hash function is one-way, nothing about the content of the source message can be inferred from the message digest. For example, two message digests from two messages that differ by only one character would appear to be a completely random reordering of characters. “A” then signs the message by encrypting the digest using “A”'s private key. The signature is typically appended to the message itself. “A” then transmits the signed message to “B.” In order to authenticate the received message, “B” uses the same one-way hash functions used by “A” to create a message digest from the received message. “B” then decrypts the encrypted digest using “A”'s public key. If the decrypted digest matches the digest created from the received message, then the received message must be the identical message from which the decrypted digest was originally derived. Furthermore, that the decrypted digest was decrypted using “A”'s public key ensures that the decrypted digest was originally encrypted with “A”'s private key. The successful matching of digests, therefore, ensures that the message received by “B” is the identical message signed by “A.”
Encrypting a message itself establishes secrecy. Signing a message provides for message authentication and establishes the “who” and “what” of a message. Encryption and signatures can also be combined by encrypting a message before creating a message digest and signature. By combining encryption and signatures, secret, authenticatable communications can be accomplished.
A very significant attribute of public key cryptography is that there is no need to share a secret key or to transmit a secret key from the keyholder to a proposed communication partner. It is, however, necessary to establish credibility for who owns public and private keys. For instance, “C” could claim to be “A” and send a message to “B.” To prevent being fooled, “B” needs to be sure that “A”'s public key, is in fact paired with the private key owned by a real “A.” A Certification Authority (CA) solves this problem. (Note: The use of the word “certification” in certification authority relates to the association of public keys with particular owners and is distinct from the concept of a Time Calibration Certificate (TCCert), as used herein, which relates to the certification of a clock as synchronized with an accepted standard.) CAs provide digital certificates which contain public keys and are used to transmit the public keys in a secure, authenticated manner to participants in e-commerce transactions.
In addition to the cryptographic techniques and digital certificates provided by CAs, security and authentication of transactions is also supported by an extensive body of protocol standards. It is necessary for “A” to format messages, signatures, message digests, etc., with protocols that can be recognized by “B.” Cryptography, digital certificates, protocols, and standards together make up what is termed the Public Key Infrastructure (PKI). With PKI, one can easily guarantee the “who” and “what” of a transaction.
“When” is a measure of the time at which an event occurred and is a concept easily taken for granted. A worldwide system of time standardization is in operation. Each country that is signatory to the Treaty of the Meter maintains a National Timing Laboratory (NTL), which houses the local country's standard time clock. These clocks are kept synchronized to the world standard of time maintained in Paris, France. The world standard for commercial time is Coordinated Universal Time (UTC). In the United States, Congress has mandated that official United States “time” follow the clock maintained by the National Institute of Standards and Technology (NIST), located in Boulder, Colorado. This standard is referred to as UTC-NIST. Any time stamp for a transaction that must survive technical, auditing, or legal scrutiny must be made by a clock that is synchronized to UTC-NIST, and the synchronization process must be “traceable.” Throughout this document, reference is made to UTC-NIST but the invention described is applicable to operation in any country and with standard time clocks maintained by any country's respective national timing laboratory.
The use of “traceable” clocks in paper commerce has been sufficient to provide the “when” of ordinary paper transactions. While there have been numerous cases of falsification of dates on paper documents, the risk to commerce has been relatively small. In the case of e-commerce, however, falsification of dates creates a much greater risk because it is possible to invade computer-directed processes and effect fraud on a very large scale. Such computer crimes frequently involve falsification of electronic time stamps; and for this very reason, protection of the electronic clocks that generate those time stamps from tampering is a high priority in Electronic Commerce.
Current network procedures provide for the synchronization of all workstation clocks in a network. NIST and other agencies provide network time servers that have clocks traceable to UTC-NIST. Client workstations can synchronize their time with the network time servers through a common protocol. The Network Time Protocol (NTP) is commonly used in TCP/IP networks such as th
Dowd Gregory L.
Robinson David
Tyo David
van der Kaay Erik H.
Datum Inc.
De'cady Albert
Jack Todd
Knobbe Martens Olson & Bear LLP
LandOfFree
System and methods for generating trusted and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and methods for generating trusted and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and methods for generating trusted and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2828192