Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-12-23
2001-10-23
Beausoleil, Robert (Department: 2184)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S156000, C713S175000
Reexamination Certificate
active
06308277
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to the field of secure telecommunications, and, more specifically, the issuance and management of “certificates” in such telecommunications, particularly in electronic commerce.
BACKGROUND OF THE INVENTION
Herein, “network” refers to any electronic communications network, including but not limited to the Internet, “Intranets”, various wide area networks (WANs) and local area networks (LANs), connecting computer systems or “nodes”, sometimes referred to here as a “computer”. In addition, herein, “transactions” refer broadly to any transfer of information between any nodes of the network, including transfers of “data”, “records” or other information, typically referring to what is apparent to a user at higher layer of network communication. These transactions may take place between virtually any entities each associated with one or more network nodes and may be used in a variety of applications such as electronic data interchange (EDI), electronic commerce, financial information and trading, health and governmental records and filing, and legal communications.
“Certificate” is herein defined as information issued by a “certificate authority”, an entity generally holding a position of trust within the scope of application to which the certificate is relevant, to authenticate or certify that a transaction is associated with a particular entity. Particular types of certificates for which the invention may be used are described generally in draft ANSI X9.57, “Public Key Cryptography for the Financial Services Industry, Certificate Management”, available from the American Bankers Association.
The Internet network provides connection among a large and growing number of entities including vendors of goods and services and their potential customers. Incentives to conduct business over the network are many and compelling, for example, the reduction or elimination of the need for physical travel, samples, and sales personnel in the selling process and the centralized provision of the latest product or services descriptions and terms, allowing inexpensive, uniform and timely updates at the point of sale. Using the Internet, small businesses can communicate with an audience of customers far beyond that previously available to them. For these and many other reasons, business is being conducted in increasingly large volumes over the Internet and other networks.
However, there are limitations and problems associated with sales and other transactions over the network. One fundamental concern is how to verify the identity of a party to a transaction (and whether that party is trustworthy), particularly in a transaction that results in the transfer of value to that party. In typical consumer credit card transactions for purchase of goods by mail order or telephone order, some of the risk is limited by allowing delivery of goods only to a physical address that has some associated trustworthiness (an owned home, as opposed to a post office box). This safeguard is absent where valuable information, such as software or proprietary databases, is made available on a network to the general public and may be downloaded anonymously. Even in the case of physical delivery, there is still the possibility that the addressee party may repudiate the transaction.
A general approach to assuring the identity of parties to a transaction and providing a basis for non-repudiation of a transaction in a network environment is the employment therein of a certification procedure in a “public key infrastructure” such as that exemplified in the draft X9.57 standard. This approach is built upon a public/private key or “asymmetric” encryption/decryption scheme defined, for example, in the ANSI X9.30 series of specifications covering “the Digital Signature Algorithm”, available from the American Bankers Association.
General asymmetric or “public key” encryption/decryption mechanisms are well known in the art, such as those invented by Rivest, Shamir and Adleman (“RSA”). The concept is based upon the existence of algorithms that allow encryption/decryption using related “keys” that are associated with each other, but one of which, the “private” key, is extremely difficult to derive from the other, “public” key.
In one type of asymmetrically coded or encrypted communication, the message is encrypted using the public key, made available to any number of senders for use in such encryption, and only one recipient of the encrypted message may decipher the communication—the sole holder of the private key. This assures that there is only one recipient of decoded or deciphered information encrypted with the public key.
In another type of asymmetrically coded communication, the communication is encrypted using the private key, held only by one sender, and any number of recipients of the encrypted communication may decipher the communication using the public key made available to them. This assures that there is only one sender of information encrypted with the private key that is decipherable with a given public key and thus allows recipients to uniquely associate that sender with that public key. By applying this type of encryption to a shortened, unique representation of a communication generated by a “hash function”, a “digital signature” can be generated that authenticates to holders of the public key that the sender/encoder of the communication is the holder of the associated private key.
The communication of a digitally signed message according to this approach is shown in
FIG. 1. A
message
10
is uniquely represented by a “hash value” or hash result
20
using a hash function
15
, which may be a one-way hash function so that it is computationally infeasible to derive the original message from knowledge of the hash value. The hash result
20
is then encoded using the message sender's private key
35
in a signing function
25
to result in a digital signature
30
that is stored or transmitted with the original message
10
. The process of transmission
40
may be by direct link or communication over a network and may itself involve encryption and decryption of the entire package. (One approach is to generate a random symmetric key using the Digital Encryption Standard DES, encrypt the entire package using that key, encrypt the symmetric key using the recipient's public key to create a “digital envelope”
41
, and send the encrypted package with the digital envelope to the recipient.)
When the message
10
and its digital signature
30
are received (and decrypted) or retrieved, the message to is subjected to the hash function
45
(identical to hash function
15
) to generate a new hash result
47
. This is compared in the verification function
50
with the digital signature
30
as decoded using the public key
55
associated with the private key
35
(and previously sent on
60
or simultaneously sent on
40
, possibly encrypted in a digital envelope
61
), resulting in verification
67
. This process assures that the message
10
was signed at
25
using the private key
35
associated with the public key
65
and that the message
10
was unaltered (otherwise the hash results would not match). The process thereby authenticates that message
10
was signed by the holder of private key
35
associated with public key
65
and thereby provides evidence against any repudiation by the private key holder that it signed message
10
.
The scheme shown in
FIG. 1
, however, merely assures that message
10
is signed at
25
with the holder of the private key
35
associated with public key
55
. There is no assurance provided in this framework that the holder of the private key/public key pair is who the recipient of verification
67
believes the holder to be. An impostor could send his own public key over communication link
60
and sign his own message with his corresponding private key. This possibility of fraud may be multiplied extensively in the relatively anonymous “cyberspace” of those connected to the Internet and has been viewed as an obstacle
Vaeth J. Stuart
Walton Charles S.
Baderman Scott T.
Beausoleil Robert
GTE CyberTrust Solutions Incorporated
Wolf Greenfield & Sacks P.C.
LandOfFree
Virtual certificate authority does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Virtual certificate authority, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Virtual certificate authority will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2590052