United States Patent  [ii] Patent Number: 5,136,647
Haber et ai.  Date of Patent: Aug. 4, 1992
 METHOD FOR SECURE TIME-STAMPING OF DIGITAL DOCUMENTS
 Inventors: Stuart A. Haber, New York, N.Y.;
Wakefield S. Stornetta, Jr.,
 Assignee: Bell Communications Research, Inc., Livingston, N.J.
 Appl. No.: 561,888
 Filed: Aug. 2,1990
 Int. CI.' H04L 9/00; H04L 9/30
 US. CI 380/49; 380/23;
 Field of Search 364/200, 900; 380/3,
380/4, 30, 49, 850, 5, 9, 10, 28
 References Cited
U.S. PATENT DOCUMENTS
4,145,568 3/1979 Ehrat 380/50 X
4,405,829 9/1983 Rivest et al 380/30
4,972,474 11/1990 Sabin 380/49 X
"New Directions in Cryptography", W. Diffie & M. E. Hellman, IEEE Transactions On Information Theory, vol. IT-22, Nov. 1976, pp. 644-654. "Collision-Free Hash Functions & Public Key Signature Schemes", I. B. Damgdard, Advanaces in Cryptology-Eurocrypt '87, Springer-Verlag, LNCS, 1988, vol. 304, pp. 203-216.
"Pseudorandom Generation From One-Way Functions", R. Impagliazzo & L. A. Levin, Proc. 21st STOC, pp. 12-24, ACM, 1989.
"The MD4 Message Digest Algorithm", R. L. Rivest
Crypto '90 Abstracts, Aug. 1990, pp. 281-291.
Alan G. Konheim, Cryptography, a Primer; (John Wiley
& Sons, Inc.; 1981); pp. 331-333.
Primary Examiner—Bernarr E. Gregory
A system for time-stamping a digital document, including for example text, video, audio, or pictorial data, protects the secrecy of the document text and provides a tamper-proof time seal establishing an author's claim to the temporal existence of the document. Initially, the author reduces the document to a number by means of a one-way hash function, thereby fixing a unique representation of the document text. In one embodiment of the invention the number is then transmitted to an outside agency where the current time is added to form a receipt which is certified by the agency using a public key signature procedure before being returned to the author as evidence of the document's existence. In later proof of such existence, the certificate is authenticated by means of the agency's public key to reveal the receipt which comprises the hash of the alleged document along with the time seal that only the agency could have signed into the certificate. The alleged document is then hashed with the same one-way function and the original and newly-generated hash numbers are compared. A match establishes the identify of the alleged document as the time-stamped original. In order to prevent collusion in the assignment of a time stamp by the agency and thus fortify the credibility of the system, the receipt is linked to other contemporary receipts before certification by the agency, thereby fixing a document's position in the continuum of time. In another embodiment, a plurality of agencies are designated by mean's of random selection based upon a unique seed that is a function of the hash number of the document to be time-stamped. Thus being denied the ability to choose at will the identity of an agent, the author cannot feasibly arrange for falsification of a time stamp.
18 Claims, 3 Drawing Sheets