CA2290170C - Improved digital signature - Google Patents
Improved digital signature Download PDFInfo
- Publication number
- CA2290170C CA2290170C CA002290170A CA2290170A CA2290170C CA 2290170 C CA2290170 C CA 2290170C CA 002290170 A CA002290170 A CA 002290170A CA 2290170 A CA2290170 A CA 2290170A CA 2290170 C CA2290170 C CA 2290170C
- Authority
- CA
- Canada
- Prior art keywords
- signature
- chipcard
- key
- accordance
- digital signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 claims description 39
- 241000122141 Cryphonectria hypovirus 1 Species 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- VBMOHECZZWVLFJ-GXTUVTBFSA-N (2s)-2-[[(2s)-6-amino-2-[[(2s)-6-amino-2-[[(2s,3r)-2-[[(2s,3r)-2-[[(2s)-6-amino-2-[[(2s)-2-[[(2s)-6-amino-2-[[(2s)-2-[[(2s)-2-[[(2s)-2,6-diaminohexanoyl]amino]-5-(diaminomethylideneamino)pentanoyl]amino]propanoyl]amino]hexanoyl]amino]propanoyl]amino]hexan Chemical compound NC(N)=NCCC[C@@H](C(O)=O)NC(=O)[C@H](CCCCN)NC(=O)[C@H](CCCCN)NC(=O)[C@H]([C@@H](C)O)NC(=O)[C@H]([C@H](O)C)NC(=O)[C@H](CCCCN)NC(=O)[C@H](C)NC(=O)[C@H](CCCCN)NC(=O)[C@H](C)NC(=O)[C@H](CCCN=C(N)N)NC(=O)[C@@H](N)CCCCN VBMOHECZZWVLFJ-GXTUVTBFSA-N 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 239000000945 filler Substances 0.000 description 1
- 108010068904 lysyl-arginyl-alanyl-lysyl-alanyl-lysyl-threonyl-threonyl-lysyl-lysyl-arginine Proteins 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
Abstract
The invention relates to the generation of digital signatures by the use of which the legally binding nature of a digital signature is enhanced. For this, an expanded digital signature is created which, in addition to the hash, contains other information, in particular information identifying the hardware and software environment used in generating the signature.
Description
IMPROVED DIGITAL SIGNATURE
The invention relates to digital signatures, methods for generating digital signatures and signature devices to execute the methods.
B~~CKGROUND OF THE INVENTION
Digital signatures can be seen as the ~;.ounterpart to handwritten signatures.
The digital signature appended by a sender to an electronic document can be used to establish the sender's identity and the authenticity of the transmitted document. The legally binding nature of the digital signature is a key topic for public administration, for companies and, increasingly, for private individuals.
The principle of the digital signature is known. It is based on an asymmetric method in which each user is assigned two different keys: a. private key and a public key. The public key is generally accessible. The prerequisite is that each pair of keys is unique. With the private key, which is usually on a chipcard, the digital signature is ~~enerated by the sender. The recipient of a document signed with a digital signature can separate the signature from the document using an appropriate software program and decode the hash with the aid of the sender's public key, thereby verifying the authenticity of the document and the identity of the sender. This method can be used between natural persons and between hardware devices.
Methods of generating digital signatures are known. For example, signature devices are used which apply cryptographic method; such a~; the familiar RSA (Rivest-Shamir-Adleman cryptographic algorithm) public key method. In this, a document extract value (hash) generated by a hashing method such as MDS (Messal;e Digest #5) or SHA-1 (Secure Hashing Algorithm) is signed with the private key of the sender (encrypted) .and appended to the document as a digital signature prior to dispatch.
In cryptographic methods it is necessary that the length of the digital signature matches the length of the key used, e.g. 512, 758. or 1024 bits. Since the size of the hash is only around 20 bytes, the unused area of the signature is filled out with filler characters (pads).
Consequently, in a digital signature, for example, 108 bytes of these pads are stored and transported uselessly when a 1024-bit RSA key and the SHA-1 hashing algorithm are used.
In the known methods there i.s no unique allocation of the digital signature to a specific signature device. Thus it would be possible, for example, with the aid of a fake or stolen key and a signature device, to append a fake signature to a document. The legitimate owner of the key used has little or no chance of proving that such an unauthorized signature was indeed made without his or her knowledge.
It would also be possible that a manipulated or stolen signature device of the key holder may be used, together with a third-party program (virus), to sign documents without the knowledge of the key holder. This may also occur with no intervention from outside, for example as a result of faulty software or interfaces. Here, too, the key holder has little chance of proving the illegitimacy of the signatures generated.
It is therefore the object of the present: invention to deliver a digital signature by the use of which the legally binding nature of ;~ digital ;signature is enhanced.
SUMMARY OF THE INVENTION
The object of the invention is fulfilled by the independent claims. In accordance with the present invention, an expanded digital signature is created. The expanded digital signature contains other information in addition to the hash, in particular information identifying the hardware and software environment used in generating the signature. Through the expanded digital signature, the legally binding nature and thus also the recognition of the digital signature is substantially enhanced.
BRIEF DESC',RIPTION OF THE DRAWINGS
The invention is described in more detail in the following description based on preferred embodiments and illustrated by way of example and not limitation in the Figures of the accompanying drawings in which like references indicate similar or corresponding elements, and in which:
Fig. 1 shows a schematic; representation of the use of a chipcard to generate a digital signature;
Fig. 2 shows a schematic representation of a chipcard used to generate a digital signature in accordance with a.n embod.iment of the invention;
Fig. 3 shows a flowchart for the method of releasing a signature key for use;
Fig. 4 shows a representation of a form for input of a signature password;
Fig. 5 shows a flowchar: for the method of generating an expanded digital signature based on the present invention;
Fig. 6 shows a schematic representation of a digital signature based on the state of the art;
Fig. 7 shows a schemati~~ representation of an expanded digital signature based on the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
In the preferred embodiment of the invention the signature device is software on a chipcard. A
chipcard 101 of this kind is shown in F ig. 1. The invention is not restricted to chipcards, however.
Other signature devices, such as crypto-adaptors, can be used. The chipcard is used here to sign a document created on a personal computer (PC) 102 for example. On the chipcard there is a chipcard program 106 which primarily serves to sign - that is to say, to encrypt -input data with the aid of a private key. The chipcard 101 is issuer with a non-changeable and unique serial number 103. The originality of the serial number 103 can be verified by means of cryptographic keys stored on the chipcard, for example by the "f:xternal/i:nternal authentication" method commonly used on chipcards.
A PC-based user program 104, such. as Microsoft Outlook~ or Netscape Navigator~ e-mail products, is used to send the document. As shown in Fig. 1, a special signature program 1 OS running on the PC 102 serves as the interface between the chipcard 101 with the chipcard program for the signing process 106 and the fC user program 104.
Referring to Fig. 2, before the chipcard 1 O 1 can be used for signing, a signature key 202, for example from a certification body, is transferred via the PC 102 onto the chipcard 101. In this, it is assumed that the holder of the signature key 202 is at the same time the owner of the chipcard 101. The signature key 202 can be transferred by means of the signature program 105 for example. The signature key 202 is stored by means of the chipcard program 106 on the chipcard 101 as a component element of a certificate 201. This is effected by creating a key object, for example by means of a "create object" command in the chipcard program 106. Further components of the certificate 201 are, for example, a name for the certificate and a designation for the encryption process employed.
Through the use of existing chipcard operating systems, for example the one described in ISO 7816-4, key objects - that is, including signature keys - can be stored securely on a chipcard. The signature key 202 stored in the memory of the chipcard, for example a private key of the RSA method, is protected within the chipcard ~~peratin~; system for example by the access conditions "Read=Never", "Update=CHV1", "Use=SignPW" (CHV1 = Card Holder Verification #1).
To further increase security, when the key object is created the signature key 202 is stored together with a "secure sign" attribute 203, which after creation of the signature key 202 can no longer be changed. The "secure sign" attribute 203 distinguishes specific signature keys from other key objects such as are used for other types of encryption of data for example. No other cryptographic methods on the chipcard 101 can use this special signature key 202.
When each key object is created with ~:he "secure sign" attribute 203, another attribute is generated which is logically linked to the signature key 202. A signature key with expanded attributes is created. This attribute is a signature counter 204. Thus each signature key 202 is assigned its own signature counter 204.
The signature counter 204 is <~ simple digital counter. In order to protect against manipulation, it is accommodated in the non-volatile memory on the chipcard 1 O l . In the present example the signature counter 204 is 4 bytes big (:32 bits i:nteger). When the signature counter 204 is generated it is assigned the initial value "zero".
The size of the signature counter 204 is chosen such that, over a normal service life of the chipcard 101, the counter does not overflow through repeated use. After an overflow (value of all bits equal to "zero") use of the signature key 202 i s internally disabled, in order to prevent abuse resulting from an intentionally provoked overflow. The signature counter 204 can be read as an attribute of the signature key 202 by the chipcard 101, but cannot be changed from outside.
This can be safeguarded, for example, by the chipcard operating; system with the access condition "Read=Never".
In the preferred embodiment of the invention, security in creating a digital signature is increased further by provision of a unique confirmation of each digital signature by the holder of the signature key 202 every time a document is signed. This can be effected by input of an identifying characteristic, such as a password or a. PIN (Personal Identification Number) for example, or by a biometric method such as scanning of a fingerprint. If the identifying characteristic is a password, for example, when each key object is created with the "secure sign" attribute, in addition to the signature counter 204 a further attribute, a signature password 205, is generated, which is in turn also logically linked to the signature key 202. Thus each signature key 202 is also assigned its own signature password 205. When generated, the signature password 205 is assigned an initial value, for example with the digits "123456".
Through the use of the signature password 205 unintentional signing of documents is prevented. The signature password 205 for use of the signature key 202 exists in addition to a password for use of the chipcard 101. This complies with a legal requirement in Germany that the password should be scanned for each signature being executed.
In the preferred embodiment of the invention, prior to generating the first signature with the signature key 202 the initial value of the signature password 205 must be changed to a customized value. This serves to increase security. When the chipcard 101 is issued, signing is only possible when this change has been made. Fig. 3 shows the process sequence for initial release of the signature key 202. On conclusion of this procedure the signature key 202 is released for digital signing.
In step 301 of Fig. 3, the method is started by the chipcard signing program 106. Then, in step 302, the chipcard program checks whether the signature key 202 is disabled, such as due to an overflow of the signature counter 204 or a defective item of hardware. If so, the chipcard program 106 in step 303 delivers an error message to the user of the chipcard 101 and automatically terminates.
If several signature keys 202 are stored on the chipcard 101, the user of the chipcard 101 can be enabled prior to step 302, for example by the chipcard program 106, to define which signature key 202 is to be used.
If the signature key 202 is not disabled, the user of the chipcard 1 O 1 is prompted, in step 304, to enter the signature password 305. The entered signature password 205 is compared against the valid stored signature password in step 305.
If the compared signature password: are not identical, in step 306 a misoperation counter is increased by the value "one". The rnisoperation counter monitors the password status and is implemented on the chipcard 101. Thf; password status may be defined by the states "unchanged", "changed" and "disabled", for example. Use of the signature key 202 is disabled if the number of failed attempts exceeds a predefined number (password status "disabled") Then, in step 307, a check is made as to whether the predefined limit of the misoperation counter has been reached. If it has not, the chipcard program 106 in step 308 delivers an error message and terminates automatically. If the limit value has been reached, the chipcard program 106 disables the signature key 202 in step 309 and, in step 310, terminates automatically with an error message.
If the signature passwords compared in step 305 are identical, in step 311 the chipcard program 106 prompts the user of the chipc:ard 101 to enter a new, customized password 205.
The entered new signature password 205 is stored on the chipcard 101 and logically linked to the relevant signature key 202.
Then, in step 312, a check is made as to whether the signature counter 204 of the signature key 202 has the initial value "zero". If it does :not, the procedure is aborted in step 313 and an error in the chipcard 101 or abuse of the signature key 202 is the likely cause. If the value of the signature counter 204 is "zero", in step 314 the signature counter 204 is increased to the value "one" and the procedure is terminated by step 315.
In a preferred embodiment of the invention as shown in Fig. 4, the value of the signature counter 204 and the password status may be displayed to the user of the chipcard 101 before and/or during the password change operation. If the si~;nature counter 204 is not set to the value "zero" when the chipcard 1 O l is issued to the user, and if the password status is not at the original status "unchanged", this indicates that a digital signature not authorized by the holder of the chipcard 1 O 1 was generated before the chipcard was issued.
When the signature password 205 has been changed for the first time, a document can be signed.
Fig. 5 shows the sequence of the signature process using an expanded signature key 202. The first part of this procedure comprises steps 501 to 510, which are the same as steps 301 to 310 in Fig. 3 for initial release of the signature key 202 and are not reproduced again in detail in Fig. 5.
If the signature passwords compared in step 505 (corresponding to step 305 in Fig. 3) are identical, in step 520 a check is made as to whether the signature counter 204 of the signature key 202 has the initial value "zero". If it does, the signing procedure is aborted in step 521 with an error message, as, based on step 314 from Fig. 3, to create a signature the value of the signature counter must not correspond to the initial value.
Then, if the value of the signature counter is not "zero", in step 522 the chipcard program 106 requests information from outside the chipcard. This external information is preferentially a date and time, for example in the format "DDDDYYYYHHMMSS", which can be read from an item of PC
hardware or PC software program for example. A further item of external information may be the identification number of the document to be signed, which could be read from the PC software program with which the document in question was created. The identification number and/or the license number of the signature program 105 used could also be applied as additional information.
Then, in step 523, the chipcard program 106 reads the internal information from the chipcard 101 -that is, the value of the signature counter 204 of the relevant signature key 202 and the serial number 103 of the chipcard 101 from the memory of the chipcard 101. A further item of information which may be used for an expanded signature is an indication of which cryptographic method, for example RSA, is used to create the signature. This information was stored in the certificate 201 beforehand on creation of the signaturf; key 202. A further item of information may be an identifying characteristic of the chipcard signing program 106 used, for example the license number or serial number of the program.
In step 524 the external and internal information together with the hash are merged on the chipcard 1 O1 to form a signature data set for creation of the expanded digital signature. The hash, generated beforehand by the PC user program 104 in the PC 102, needs to be transmitted to the chipcard program 106 for this. The merger is effected by the chipcard program. In the process, the previously unused memory space which lzad merely been filled out with pads is filled out in a defined sequence by the additional external and internall information. Any remaining free capacity is then filled out with pads, as previously. Wi~:h a view to a possible usage of the expanded signature as standard, binding definition of a standard sequence is necessary.
Fig. 6 shows a schematic representation of a conventional digital signature based on PKCS# 1 (Public Key Cryptographic Standard). In the lc;ft-hand section there is a signature identifier (type block). In the right-hand section is the predefined data field in which the encrypted hash is stored. The hash is usually around 20 bytes big. The rest of the signature is filled out with 42, 74 or 106 bytes of pads, depending on the length of the signature key 202 used.
As shown in Fig. 5, following on from step 524 the signature data set created in this way is then encrypted by means of the ;signature key 202. An expanded digital signature is created. This encryption takes place on the chipcard 1 O l . The current value of the signature counter 204, the serial number 103 of the chipcard 1 O 1 and thc: other additional items of information as part of the signature data set are signed, together with the hash, with the signature key 202.
Fig. 7 shows an expanded digital signature of such a kind. In addition to the hash, it also shows the value of the signature counter 204 and the serial number 103 of the chipcard 101, as well as additional internal and external information inserted as signature data. The additional items of information in this example are an identifier (ID) for the chipcard signing program 106, the date and time, and an identifier for the signed document. The preferred size of the individual items of information is given in bytes. The format of the resulting signature is compatible with that from the previous existing method. Thc~ previously free capacity of pads is used for useful information, based on which the hardware and software environment used are unambiguously identified.
Through the inclusion of additional inf ~rmation in the digital signature an expanded digital signature is delivered which provides indications of the hardware and software environment used in the signing process. In this embodiment in particular, the two values, signature counter 204 and serial number 103, originating from the chipcard 101 are incorruptible.
The sequence of the signature; effected with a specific chipcard 1 O 1 can thus be defined in a binding manner by the sender. Also, the recipient of several documents with an expanded sender's signature has the possibility of ascertaining the order in which the documents were signed. This can be beneficial, for example, where the time of signing a document is decisive.
Based on the present inven,rion, the holder of the chipcard 101 can ascertain whether other (unauthorized) signatures have been created with his or her chipcard 1 O 1 since the last (authorized) creation of a digital signature with thc: chipcard 101. He or she can also determine the number of such signatures. Thus if the si;;nature counter 204 has increased by "n" since the last authorized use, this indicates that a digital signature has been generated without the authorization of the holder of the chipcard 101 since the last use of th~~ relevant signature key 202. It may be helpful in determining the value of the signature counter 204 to display this value to the user of the chipcard 101 during signing. To ascertain the value of thc; signature counter 204 subsequently in the signature of a previously transmitted document, the storage of all documents to which a digital signature has been appended is beneficial.
If the chipcard 101 is lost and then found again, by checking the signature counter 204 and comparing the counter value against the last authorized signature it is easy to ascertain whether the signature key 202 has been abused. Accordingly, the digital signatures with the counter values "n+1"
to "m-1" - with "m" representing the current counter reading - were unauthorized. The documents containing the unauthorized signature can be unambiguously identified based on the reading of the signature counter 204 and rejected.
Unique allocation of a signature to a specific chipcard 101 is also ensured.
The user of a chipcard 101 can thus ascertain whether a specific signature really was generated with his or her chipcard.
Since the structure of the digital signature is defined, on the recipient's side it is easy to isolate and evaluate the corresponding additional information. This could be effected by an adapted software program on the recipient's PC.
As shown in step 526 in Fig. _'>, the signature counter 204 of the signature key 202 used is increased by the value "one" every time a digital signature is generated. This numbers the digital signatures in the order in which they were created.
The expanded digital signature is transmitted to the signing program 105 in step 527. Generation of the expanded digital signature thus ends in step 528.
The digital signature generated in this way can now be appended to the document for transmission.
This may be effected by the expanded signature being passed by the signature program 105 to the PC user program 104, where it is then linked to the document for transmission.
A further preferential embodiment of the invention, as also shown in Fig. 4 for example, is that before and/or during signing.. the value of the signature counter 204 and the password status are displayed to the user of the chipcard 101. To further increase security and to provide closer monitoring, the serial number 103 of the chipcard 101 may also be displayed during the signing operation. This enables the user of ~:he chipcard 101 to verify that the chipcard is in perfect undisturbed order.
The invention relates to digital signatures, methods for generating digital signatures and signature devices to execute the methods.
B~~CKGROUND OF THE INVENTION
Digital signatures can be seen as the ~;.ounterpart to handwritten signatures.
The digital signature appended by a sender to an electronic document can be used to establish the sender's identity and the authenticity of the transmitted document. The legally binding nature of the digital signature is a key topic for public administration, for companies and, increasingly, for private individuals.
The principle of the digital signature is known. It is based on an asymmetric method in which each user is assigned two different keys: a. private key and a public key. The public key is generally accessible. The prerequisite is that each pair of keys is unique. With the private key, which is usually on a chipcard, the digital signature is ~~enerated by the sender. The recipient of a document signed with a digital signature can separate the signature from the document using an appropriate software program and decode the hash with the aid of the sender's public key, thereby verifying the authenticity of the document and the identity of the sender. This method can be used between natural persons and between hardware devices.
Methods of generating digital signatures are known. For example, signature devices are used which apply cryptographic method; such a~; the familiar RSA (Rivest-Shamir-Adleman cryptographic algorithm) public key method. In this, a document extract value (hash) generated by a hashing method such as MDS (Messal;e Digest #5) or SHA-1 (Secure Hashing Algorithm) is signed with the private key of the sender (encrypted) .and appended to the document as a digital signature prior to dispatch.
In cryptographic methods it is necessary that the length of the digital signature matches the length of the key used, e.g. 512, 758. or 1024 bits. Since the size of the hash is only around 20 bytes, the unused area of the signature is filled out with filler characters (pads).
Consequently, in a digital signature, for example, 108 bytes of these pads are stored and transported uselessly when a 1024-bit RSA key and the SHA-1 hashing algorithm are used.
In the known methods there i.s no unique allocation of the digital signature to a specific signature device. Thus it would be possible, for example, with the aid of a fake or stolen key and a signature device, to append a fake signature to a document. The legitimate owner of the key used has little or no chance of proving that such an unauthorized signature was indeed made without his or her knowledge.
It would also be possible that a manipulated or stolen signature device of the key holder may be used, together with a third-party program (virus), to sign documents without the knowledge of the key holder. This may also occur with no intervention from outside, for example as a result of faulty software or interfaces. Here, too, the key holder has little chance of proving the illegitimacy of the signatures generated.
It is therefore the object of the present: invention to deliver a digital signature by the use of which the legally binding nature of ;~ digital ;signature is enhanced.
SUMMARY OF THE INVENTION
The object of the invention is fulfilled by the independent claims. In accordance with the present invention, an expanded digital signature is created. The expanded digital signature contains other information in addition to the hash, in particular information identifying the hardware and software environment used in generating the signature. Through the expanded digital signature, the legally binding nature and thus also the recognition of the digital signature is substantially enhanced.
BRIEF DESC',RIPTION OF THE DRAWINGS
The invention is described in more detail in the following description based on preferred embodiments and illustrated by way of example and not limitation in the Figures of the accompanying drawings in which like references indicate similar or corresponding elements, and in which:
Fig. 1 shows a schematic; representation of the use of a chipcard to generate a digital signature;
Fig. 2 shows a schematic representation of a chipcard used to generate a digital signature in accordance with a.n embod.iment of the invention;
Fig. 3 shows a flowchart for the method of releasing a signature key for use;
Fig. 4 shows a representation of a form for input of a signature password;
Fig. 5 shows a flowchar: for the method of generating an expanded digital signature based on the present invention;
Fig. 6 shows a schematic representation of a digital signature based on the state of the art;
Fig. 7 shows a schemati~~ representation of an expanded digital signature based on the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
In the preferred embodiment of the invention the signature device is software on a chipcard. A
chipcard 101 of this kind is shown in F ig. 1. The invention is not restricted to chipcards, however.
Other signature devices, such as crypto-adaptors, can be used. The chipcard is used here to sign a document created on a personal computer (PC) 102 for example. On the chipcard there is a chipcard program 106 which primarily serves to sign - that is to say, to encrypt -input data with the aid of a private key. The chipcard 101 is issuer with a non-changeable and unique serial number 103. The originality of the serial number 103 can be verified by means of cryptographic keys stored on the chipcard, for example by the "f:xternal/i:nternal authentication" method commonly used on chipcards.
A PC-based user program 104, such. as Microsoft Outlook~ or Netscape Navigator~ e-mail products, is used to send the document. As shown in Fig. 1, a special signature program 1 OS running on the PC 102 serves as the interface between the chipcard 101 with the chipcard program for the signing process 106 and the fC user program 104.
Referring to Fig. 2, before the chipcard 1 O 1 can be used for signing, a signature key 202, for example from a certification body, is transferred via the PC 102 onto the chipcard 101. In this, it is assumed that the holder of the signature key 202 is at the same time the owner of the chipcard 101. The signature key 202 can be transferred by means of the signature program 105 for example. The signature key 202 is stored by means of the chipcard program 106 on the chipcard 101 as a component element of a certificate 201. This is effected by creating a key object, for example by means of a "create object" command in the chipcard program 106. Further components of the certificate 201 are, for example, a name for the certificate and a designation for the encryption process employed.
Through the use of existing chipcard operating systems, for example the one described in ISO 7816-4, key objects - that is, including signature keys - can be stored securely on a chipcard. The signature key 202 stored in the memory of the chipcard, for example a private key of the RSA method, is protected within the chipcard ~~peratin~; system for example by the access conditions "Read=Never", "Update=CHV1", "Use=SignPW" (CHV1 = Card Holder Verification #1).
To further increase security, when the key object is created the signature key 202 is stored together with a "secure sign" attribute 203, which after creation of the signature key 202 can no longer be changed. The "secure sign" attribute 203 distinguishes specific signature keys from other key objects such as are used for other types of encryption of data for example. No other cryptographic methods on the chipcard 101 can use this special signature key 202.
When each key object is created with ~:he "secure sign" attribute 203, another attribute is generated which is logically linked to the signature key 202. A signature key with expanded attributes is created. This attribute is a signature counter 204. Thus each signature key 202 is assigned its own signature counter 204.
The signature counter 204 is <~ simple digital counter. In order to protect against manipulation, it is accommodated in the non-volatile memory on the chipcard 1 O l . In the present example the signature counter 204 is 4 bytes big (:32 bits i:nteger). When the signature counter 204 is generated it is assigned the initial value "zero".
The size of the signature counter 204 is chosen such that, over a normal service life of the chipcard 101, the counter does not overflow through repeated use. After an overflow (value of all bits equal to "zero") use of the signature key 202 i s internally disabled, in order to prevent abuse resulting from an intentionally provoked overflow. The signature counter 204 can be read as an attribute of the signature key 202 by the chipcard 101, but cannot be changed from outside.
This can be safeguarded, for example, by the chipcard operating; system with the access condition "Read=Never".
In the preferred embodiment of the invention, security in creating a digital signature is increased further by provision of a unique confirmation of each digital signature by the holder of the signature key 202 every time a document is signed. This can be effected by input of an identifying characteristic, such as a password or a. PIN (Personal Identification Number) for example, or by a biometric method such as scanning of a fingerprint. If the identifying characteristic is a password, for example, when each key object is created with the "secure sign" attribute, in addition to the signature counter 204 a further attribute, a signature password 205, is generated, which is in turn also logically linked to the signature key 202. Thus each signature key 202 is also assigned its own signature password 205. When generated, the signature password 205 is assigned an initial value, for example with the digits "123456".
Through the use of the signature password 205 unintentional signing of documents is prevented. The signature password 205 for use of the signature key 202 exists in addition to a password for use of the chipcard 101. This complies with a legal requirement in Germany that the password should be scanned for each signature being executed.
In the preferred embodiment of the invention, prior to generating the first signature with the signature key 202 the initial value of the signature password 205 must be changed to a customized value. This serves to increase security. When the chipcard 101 is issued, signing is only possible when this change has been made. Fig. 3 shows the process sequence for initial release of the signature key 202. On conclusion of this procedure the signature key 202 is released for digital signing.
In step 301 of Fig. 3, the method is started by the chipcard signing program 106. Then, in step 302, the chipcard program checks whether the signature key 202 is disabled, such as due to an overflow of the signature counter 204 or a defective item of hardware. If so, the chipcard program 106 in step 303 delivers an error message to the user of the chipcard 101 and automatically terminates.
If several signature keys 202 are stored on the chipcard 101, the user of the chipcard 101 can be enabled prior to step 302, for example by the chipcard program 106, to define which signature key 202 is to be used.
If the signature key 202 is not disabled, the user of the chipcard 1 O 1 is prompted, in step 304, to enter the signature password 305. The entered signature password 205 is compared against the valid stored signature password in step 305.
If the compared signature password: are not identical, in step 306 a misoperation counter is increased by the value "one". The rnisoperation counter monitors the password status and is implemented on the chipcard 101. Thf; password status may be defined by the states "unchanged", "changed" and "disabled", for example. Use of the signature key 202 is disabled if the number of failed attempts exceeds a predefined number (password status "disabled") Then, in step 307, a check is made as to whether the predefined limit of the misoperation counter has been reached. If it has not, the chipcard program 106 in step 308 delivers an error message and terminates automatically. If the limit value has been reached, the chipcard program 106 disables the signature key 202 in step 309 and, in step 310, terminates automatically with an error message.
If the signature passwords compared in step 305 are identical, in step 311 the chipcard program 106 prompts the user of the chipc:ard 101 to enter a new, customized password 205.
The entered new signature password 205 is stored on the chipcard 101 and logically linked to the relevant signature key 202.
Then, in step 312, a check is made as to whether the signature counter 204 of the signature key 202 has the initial value "zero". If it does :not, the procedure is aborted in step 313 and an error in the chipcard 101 or abuse of the signature key 202 is the likely cause. If the value of the signature counter 204 is "zero", in step 314 the signature counter 204 is increased to the value "one" and the procedure is terminated by step 315.
In a preferred embodiment of the invention as shown in Fig. 4, the value of the signature counter 204 and the password status may be displayed to the user of the chipcard 101 before and/or during the password change operation. If the si~;nature counter 204 is not set to the value "zero" when the chipcard 1 O l is issued to the user, and if the password status is not at the original status "unchanged", this indicates that a digital signature not authorized by the holder of the chipcard 1 O 1 was generated before the chipcard was issued.
When the signature password 205 has been changed for the first time, a document can be signed.
Fig. 5 shows the sequence of the signature process using an expanded signature key 202. The first part of this procedure comprises steps 501 to 510, which are the same as steps 301 to 310 in Fig. 3 for initial release of the signature key 202 and are not reproduced again in detail in Fig. 5.
If the signature passwords compared in step 505 (corresponding to step 305 in Fig. 3) are identical, in step 520 a check is made as to whether the signature counter 204 of the signature key 202 has the initial value "zero". If it does, the signing procedure is aborted in step 521 with an error message, as, based on step 314 from Fig. 3, to create a signature the value of the signature counter must not correspond to the initial value.
Then, if the value of the signature counter is not "zero", in step 522 the chipcard program 106 requests information from outside the chipcard. This external information is preferentially a date and time, for example in the format "DDDDYYYYHHMMSS", which can be read from an item of PC
hardware or PC software program for example. A further item of external information may be the identification number of the document to be signed, which could be read from the PC software program with which the document in question was created. The identification number and/or the license number of the signature program 105 used could also be applied as additional information.
Then, in step 523, the chipcard program 106 reads the internal information from the chipcard 101 -that is, the value of the signature counter 204 of the relevant signature key 202 and the serial number 103 of the chipcard 101 from the memory of the chipcard 101. A further item of information which may be used for an expanded signature is an indication of which cryptographic method, for example RSA, is used to create the signature. This information was stored in the certificate 201 beforehand on creation of the signaturf; key 202. A further item of information may be an identifying characteristic of the chipcard signing program 106 used, for example the license number or serial number of the program.
In step 524 the external and internal information together with the hash are merged on the chipcard 1 O1 to form a signature data set for creation of the expanded digital signature. The hash, generated beforehand by the PC user program 104 in the PC 102, needs to be transmitted to the chipcard program 106 for this. The merger is effected by the chipcard program. In the process, the previously unused memory space which lzad merely been filled out with pads is filled out in a defined sequence by the additional external and internall information. Any remaining free capacity is then filled out with pads, as previously. Wi~:h a view to a possible usage of the expanded signature as standard, binding definition of a standard sequence is necessary.
Fig. 6 shows a schematic representation of a conventional digital signature based on PKCS# 1 (Public Key Cryptographic Standard). In the lc;ft-hand section there is a signature identifier (type block). In the right-hand section is the predefined data field in which the encrypted hash is stored. The hash is usually around 20 bytes big. The rest of the signature is filled out with 42, 74 or 106 bytes of pads, depending on the length of the signature key 202 used.
As shown in Fig. 5, following on from step 524 the signature data set created in this way is then encrypted by means of the ;signature key 202. An expanded digital signature is created. This encryption takes place on the chipcard 1 O l . The current value of the signature counter 204, the serial number 103 of the chipcard 1 O 1 and thc: other additional items of information as part of the signature data set are signed, together with the hash, with the signature key 202.
Fig. 7 shows an expanded digital signature of such a kind. In addition to the hash, it also shows the value of the signature counter 204 and the serial number 103 of the chipcard 101, as well as additional internal and external information inserted as signature data. The additional items of information in this example are an identifier (ID) for the chipcard signing program 106, the date and time, and an identifier for the signed document. The preferred size of the individual items of information is given in bytes. The format of the resulting signature is compatible with that from the previous existing method. Thc~ previously free capacity of pads is used for useful information, based on which the hardware and software environment used are unambiguously identified.
Through the inclusion of additional inf ~rmation in the digital signature an expanded digital signature is delivered which provides indications of the hardware and software environment used in the signing process. In this embodiment in particular, the two values, signature counter 204 and serial number 103, originating from the chipcard 101 are incorruptible.
The sequence of the signature; effected with a specific chipcard 1 O 1 can thus be defined in a binding manner by the sender. Also, the recipient of several documents with an expanded sender's signature has the possibility of ascertaining the order in which the documents were signed. This can be beneficial, for example, where the time of signing a document is decisive.
Based on the present inven,rion, the holder of the chipcard 101 can ascertain whether other (unauthorized) signatures have been created with his or her chipcard 1 O 1 since the last (authorized) creation of a digital signature with thc: chipcard 101. He or she can also determine the number of such signatures. Thus if the si;;nature counter 204 has increased by "n" since the last authorized use, this indicates that a digital signature has been generated without the authorization of the holder of the chipcard 101 since the last use of th~~ relevant signature key 202. It may be helpful in determining the value of the signature counter 204 to display this value to the user of the chipcard 101 during signing. To ascertain the value of thc; signature counter 204 subsequently in the signature of a previously transmitted document, the storage of all documents to which a digital signature has been appended is beneficial.
If the chipcard 101 is lost and then found again, by checking the signature counter 204 and comparing the counter value against the last authorized signature it is easy to ascertain whether the signature key 202 has been abused. Accordingly, the digital signatures with the counter values "n+1"
to "m-1" - with "m" representing the current counter reading - were unauthorized. The documents containing the unauthorized signature can be unambiguously identified based on the reading of the signature counter 204 and rejected.
Unique allocation of a signature to a specific chipcard 101 is also ensured.
The user of a chipcard 101 can thus ascertain whether a specific signature really was generated with his or her chipcard.
Since the structure of the digital signature is defined, on the recipient's side it is easy to isolate and evaluate the corresponding additional information. This could be effected by an adapted software program on the recipient's PC.
As shown in step 526 in Fig. _'>, the signature counter 204 of the signature key 202 used is increased by the value "one" every time a digital signature is generated. This numbers the digital signatures in the order in which they were created.
The expanded digital signature is transmitted to the signing program 105 in step 527. Generation of the expanded digital signature thus ends in step 528.
The digital signature generated in this way can now be appended to the document for transmission.
This may be effected by the expanded signature being passed by the signature program 105 to the PC user program 104, where it is then linked to the document for transmission.
A further preferential embodiment of the invention, as also shown in Fig. 4 for example, is that before and/or during signing.. the value of the signature counter 204 and the password status are displayed to the user of the chipcard 101. To further increase security and to provide closer monitoring, the serial number 103 of the chipcard 101 may also be displayed during the signing operation. This enables the user of ~:he chipcard 101 to verify that the chipcard is in perfect undisturbed order.
Claims (14)
1. A method of generating a digital signature in a signature device for the signing of documents, with the following steps:
a) receiving input information to said signature device;
b) creating a signature data set comprising at least the input information and a document extract value of the document for signing;
c) creating an expanded digital signature by encryption of the signature data set with the aid of a signature key.
a) receiving input information to said signature device;
b) creating a signature data set comprising at least the input information and a document extract value of the document for signing;
c) creating an expanded digital signature by encryption of the signature data set with the aid of a signature key.
2. The method in accordance with claim 1, characterized in that step a) comprises receiving a value of a signature counter.
3. The method in accordance with claim 2, characterized in that the signature counter was created beforehand as an attribute of the signature key.
4. The method in accordance with any one of claims 1 to 3, characterized in that step a) comprises receiving an identifying characteristic to identify the signature device.
5. The method in accordance with any one of claims 1 to 4, characterized in that step a) comprises receiving input information as to hardware and software environment used in creating the digital signature.
6. The method in accordance with any one of claims 1 to 5, characterized in that prior to step a) an identifying characteristic is entered to identify a holder of the signature key.
7. The method in accordance with claim 6, characterized in that the identifying characteristic to identify the holder of the signature key was created beforehand as an attribute of the signature key.
8. The method in accordance with claim 6 or claim 7, characterized in that prior to initial execution of step a) the identifying characteristic to identify the holder of the signature key is changed.
9. A signature device, characterized in that it comprises a device to execute the method in accordance with any one of claims 1 to 8.
10. The signature device in accordance with claim 9, characterized in that it is a chipcard.
11. A data structure for a digital signature, characterized in that the digital signature contains additional information in addition to a document extract value of a document for signing.
12. The data structure in accordance with claim 11, characterized in that the digital signature comprises information which uniquely identifies the digital signature in relation to every other digital signature generated with a same signature key.
13. The data structure in accordance with claim 11 or claim 12, characterized in that the digital signature comprises information as to the signature device with which the digital signature was executed.
14. The data structure in accordance with any one of claims 11 to 13, characterized in that the digital signature comprises information on hardware and software environment used in generating the signature.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP99101913.4 | 1999-01-29 | ||
| EP99101913 | 1999-01-29 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2290170A1 CA2290170A1 (en) | 2000-07-29 |
| CA2290170C true CA2290170C (en) | 2005-06-14 |
Family
ID=8237475
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002290170A Expired - Fee Related CA2290170C (en) | 1999-01-29 | 1999-11-22 | Improved digital signature |
Country Status (3)
| Country | Link |
|---|---|
| US (1) | US7096365B1 (en) |
| CA (1) | CA2290170C (en) |
| DE (1) | DE19959764A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7806325B2 (en) | 2007-12-20 | 2010-10-05 | Bce Inc. | Contact-less tag with signature, and applications thereof |
| US9037859B2 (en) | 2008-12-18 | 2015-05-19 | Bce Inc. | Processing of communication device signatures for use in securing nomadic electronic transactions |
| US9231928B2 (en) | 2008-12-18 | 2016-01-05 | Bce Inc. | Validation method and system for use in securing nomadic electronic transactions |
Families Citing this family (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002028005A2 (en) * | 2000-09-27 | 2002-04-04 | Siemens Ag Österreich | Method and reader used to produce digital signatures |
| JP2006501536A (en) * | 2002-04-29 | 2006-01-12 | コンテントガード ホールディングズ インコーポレイテッド | Copyright management system using legal expression language |
| JP4036838B2 (en) * | 2004-03-12 | 2008-01-23 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Security device, information processing device, method executed by security device, method executed by information processing device, program executable for executing the method, and ticket system |
| JP2007538320A (en) * | 2004-05-18 | 2007-12-27 | シルバーブルック リサーチ ピーティワイ リミテッド | Method and computer system for tracking product items |
| US7757086B2 (en) * | 2004-05-27 | 2010-07-13 | Silverbrook Research Pty Ltd | Key transportation |
| US7484831B2 (en) | 2004-05-27 | 2009-02-03 | Silverbrook Research Pty Ltd | Printhead module having horizontally grouped firing order |
| US7314261B2 (en) * | 2004-05-27 | 2008-01-01 | Silverbrook Research Pty Ltd | Printhead module for expelling ink from nozzles in groups, alternately, starting at outside nozzles of each group |
| US20060004829A1 (en) * | 2004-05-27 | 2006-01-05 | Silverbrook Research Pty Ltd | Rolling keys |
| US7281330B2 (en) * | 2004-05-27 | 2007-10-16 | Silverbrook Research Pty Ltd | Method of manufacturing left-handed and right-handed printhead modules |
| US7448707B2 (en) * | 2004-05-27 | 2008-11-11 | Silverbrook Research Pty Ltd | Method of expelling ink from nozzels in groups, starting at outside nozzels of each group |
| US7549718B2 (en) * | 2004-05-27 | 2009-06-23 | Silverbrook Research Pty Ltd | Printhead module having operation controllable on basis of thermal sensors |
| US7557941B2 (en) * | 2004-05-27 | 2009-07-07 | Silverbrook Research Pty Ltd | Use of variant and base keys with three or more entities |
| US7427117B2 (en) * | 2004-05-27 | 2008-09-23 | Silverbrook Research Pty Ltd | Method of expelling ink from nozzles in groups, alternately, starting at outside nozzles of each group |
| JP2006050209A (en) * | 2004-08-04 | 2006-02-16 | Ricoh Co Ltd | Electronic signature providing method, electronic signature providing apparatus, portable information processing device, electronic signature providing system, electronic signature providing program, signature data creating program and recording medium |
| US20060136731A1 (en) * | 2004-12-21 | 2006-06-22 | Signaturelink, Inc. | System and method for providing an online electronic signature |
| US8588483B2 (en) * | 2004-12-21 | 2013-11-19 | Signaturelink, Inc. | System and method for providing a real-time, online biometric signature |
| US8620818B2 (en) * | 2007-06-25 | 2013-12-31 | Microsoft Corporation | Activation system architecture |
| US20170063550A1 (en) * | 2015-04-23 | 2017-03-02 | Keith J Brodie | Secure Digital Signature Apparatus and Methods |
| CN108292330B (en) | 2015-12-04 | 2023-02-28 | 维萨国际服务协会 | Secure token distribution |
Family Cites Families (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5005200A (en) * | 1988-02-12 | 1991-04-02 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
| US5214702A (en) * | 1988-02-12 | 1993-05-25 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
| IL101623A (en) * | 1992-04-16 | 1997-06-10 | Fortress U & T 2000 Ltd | Digital signature device |
| NL9301348A (en) * | 1993-08-02 | 1995-03-01 | Stefanus Alfonsus Brands | Electronic payment system |
| US5539828A (en) * | 1994-05-31 | 1996-07-23 | Intel Corporation | Apparatus and method for providing secured communications |
| JPH08305662A (en) * | 1995-05-02 | 1996-11-22 | Fujitsu Ltd | Method and system for client authentication |
| US6021491A (en) * | 1996-11-27 | 2000-02-01 | Sun Microsystems, Inc. | Digital signatures for data streams and data archives |
| GB9626241D0 (en) * | 1996-12-18 | 1997-02-05 | Ncr Int Inc | Secure data processing method and system |
| DE19702049C1 (en) * | 1997-01-22 | 1998-05-14 | Ibm | Chipcard cryptographic key certification method |
| DE19718547C2 (en) * | 1997-05-02 | 2002-06-20 | Deutsche Telekom Ag | System for secure reading and changing of data on intelligent data carriers |
| US6119228A (en) * | 1997-08-22 | 2000-09-12 | Compaq Computer Corporation | Method for securely communicating remote control commands in a computer network |
| US6085321A (en) * | 1998-08-14 | 2000-07-04 | Omnipoint Corporation | Unique digital signature |
| US6516414B1 (en) * | 1999-02-26 | 2003-02-04 | Intel Corporation | Secure communication over a link |
-
1999
- 1999-11-22 CA CA002290170A patent/CA2290170C/en not_active Expired - Fee Related
- 1999-12-11 DE DE19959764A patent/DE19959764A1/en not_active Ceased
-
2000
- 2000-01-27 US US09/492,632 patent/US7096365B1/en not_active Expired - Fee Related
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7806325B2 (en) | 2007-12-20 | 2010-10-05 | Bce Inc. | Contact-less tag with signature, and applications thereof |
| US8103872B2 (en) | 2007-12-20 | 2012-01-24 | Bce Inc. | Contact-less tag with signature, and applications thereof |
| US8412638B2 (en) | 2007-12-20 | 2013-04-02 | Bce Inc. | Method and system for validating a device that uses a dynamic identifier |
| US8553888B2 (en) | 2007-12-20 | 2013-10-08 | Bce Inc. | Generation of communication device signatures for use in securing nomadic electronic transactions |
| US9305282B2 (en) | 2007-12-20 | 2016-04-05 | Bce Inc. | Contact-less tag with signature, and applications thereof |
| US9971986B2 (en) | 2007-12-20 | 2018-05-15 | Bce Inc. | Method and system for validating a device that uses a dynamic identifier |
| US9037859B2 (en) | 2008-12-18 | 2015-05-19 | Bce Inc. | Processing of communication device signatures for use in securing nomadic electronic transactions |
| US9231928B2 (en) | 2008-12-18 | 2016-01-05 | Bce Inc. | Validation method and system for use in securing nomadic electronic transactions |
Also Published As
| Publication number | Publication date |
|---|---|
| US7096365B1 (en) | 2006-08-22 |
| CA2290170A1 (en) | 2000-07-29 |
| DE19959764A1 (en) | 2000-08-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2290170C (en) | Improved digital signature | |
| US6671804B1 (en) | Method and apparatus for supporting authorities in a public key infrastructure | |
| US7844832B2 (en) | System and method for data source authentication and protection system using biometrics for openly exchanged computer files | |
| JP3748155B2 (en) | File management system with falsification prevention / detection function | |
| US6408389B2 (en) | System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record | |
| US6401206B1 (en) | Method and apparatus for binding electronic impressions made by digital identities to documents | |
| JP2686218B2 (en) | Alias detection method on computer system, distributed computer system and method of operating the same, and distributed computer system performing alias detection | |
| US20020026578A1 (en) | Secure usage of digital certificates and related keys on a security token | |
| EP1302018B1 (en) | Secure transactions with passive storage media | |
| AU716912B2 (en) | Electronic copy protection mechanism | |
| KR100757350B1 (en) | Method of data protection and apparatus therefor | |
| US20050138387A1 (en) | System and method for authorizing software use | |
| US20020019938A1 (en) | Method and apparatus for secure identification for networked environments | |
| US20050060561A1 (en) | Protection of data | |
| US7039808B1 (en) | Method for verifying a message signature | |
| US20020023214A1 (en) | Systems and methods using cryptography to protect secure computing environments | |
| JPH06176036A (en) | Method for forming duplication which can be authenticated | |
| JPH07117383A (en) | Credit card check system | |
| EP0849658A2 (en) | Secure data processing method and system | |
| US6983364B2 (en) | System and method for restoring a secured terminal to default status | |
| JP2003513388A (en) | System and method for ensuring data reliability with a secured counter | |
| KR19980070017A (en) | How to check encryption key for chip card | |
| US7590853B1 (en) | Systems and methods using cryptography to protect secure computing environments | |
| JP2000215280A (en) | Identity certification system | |
| US20080307232A1 (en) | Method and a System for Authenticating and Recording Digital Documents and/or Files |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| MKLA | Lapsed | ||
| MKLA | Lapsed |
Effective date: 20101122 |