+

WO2004068264A2 - System and method for creating electronic signatures - Google Patents

System and method for creating electronic signatures Download PDF

Info

Publication number
WO2004068264A2
WO2004068264A2 PCT/IB2004/000249 IB2004000249W WO2004068264A2 WO 2004068264 A2 WO2004068264 A2 WO 2004068264A2 IB 2004000249 W IB2004000249 W IB 2004000249W WO 2004068264 A2 WO2004068264 A2 WO 2004068264A2
Authority
WO
WIPO (PCT)
Prior art keywords
signature
computer
document
unique
statement
Prior art date
Application number
PCT/IB2004/000249
Other languages
French (fr)
Other versions
WO2004068264A3 (en
Inventor
Mart Saarepera
Ahto Buldas
Original Assignee
Linuxprobe Co.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Linuxprobe Co. filed Critical Linuxprobe Co.
Publication of WO2004068264A2 publication Critical patent/WO2004068264A2/en
Publication of WO2004068264A3 publication Critical patent/WO2004068264A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/30Compression, e.g. Merkle-Damgard construction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/76Proxy, i.e. using intermediary entity to perform cryptographic operations

Definitions

  • the present invention generally relates to electronic signatures, electronically signed statements, and electronically signed content. More particularly, the present invention relates to use of electronically signed statements to verify the integrity of the content and to authenticate the identity of the people or machines responsible for the content.
  • Background of the invention Remembering and proving events of the past is an important characteristic of human civilization. Oral testimonies were used before literary language was invented, and they are still in use today. Due to the increasing complexity of business and public relations, people started to use written documents as external memory. Numerous measures have been developed to protect the content integrity of written documents; for example, special inks, paper, and seals are used. Further, in order to bind the content of a document with a person responsible for it, a handwritten signature is used.
  • the present invention is a system for creating an electronic signature for an electronic document (or content in general).
  • the system comprises at least one workstation, a first server, and at least two second servers.
  • the first server receives a digital representation of some content from a workstation.
  • the first server authenticates the identity of an entity who wants to electronically sign the content through the workstation.
  • the first server creates a unique first signature statement utilizing the digital representation of the content and the identity of the entity.
  • the first server adds the unique first signature statement to a sequence of signature statements created by the server in a certain interval of time.
  • the first server calculates, by performing a hash function, a unique representation for the sequence of signature statements.
  • the first server then sends the unique representation to the at least two second servers.
  • Each of the at least two second servers creates verifiable cryptographic signatures corresponding to the unique digital representation and sends these cryptographic signatures to the first server.
  • the first server then creates an electronic signature utilizing the cryptographic signatures from the at least two second servers, the unique first signature statement, and authentication data calculated from the sequence of signature statements and unique first signature statement.
  • the present invention is a system for creating an electronic signature for an entity.
  • the system comprises at least one workstation, a first server, and at least two second servers.
  • the first server receives digital representations of documents or other content from one or more workstations. For each digital representation, the first server authenticates the identity of the entity who wants to electronically sign the content, creates a unique first signature statement utilizing the digital representation and a unique representation of the identity of the entity, and adds the unique first signature statement to a sequence of at least one second signature statements. At the end of the time interval, the first server calculates a unique representation of the sequence of all signature statements. The at least two second servers create verifiable cryptographic signatures corresponding to the unique representation. The first server creates electronic signatures for every digital representation utilizing the cryptographic signatures, the unique first signature statement, and authentication data calculated from the sequence of at least one second signature statements and unique first signature statement.
  • the signers of documents, or electronic content in general are the workstations.
  • the first server authenticates the identity of the workstation and incorporates the unique representation of that identity of the workstation into the unique first signature statement.
  • the first server operates in phases. In other words, during a certain period of time, the first server collects representations of documents, authenticates the signers, and creates signature statements. At the end of the phase, the first server creates a unique representation of all the signature statements collected during that phase. The at least two second servers then create verifiable cryptographic signatures corresponding to the unique representation. The first server then creates electronic signatures for the representations of documents collected during the phase. Every electronic signature is created utilizing the cryptographic signatures created by the at least two second servers, the unique first signature statement corresponding to the document, and authentication data calculated from the sequence of signature statements and unique first signature statement.
  • FIGURE 1 is a block diagram of the preferred embodiment for the configuration of the electronic signature system
  • FIGURE 2 is a block diagram illustrating the general structure of the proxy server
  • FIGURE 3 is a flowchart of the general application of the electronic signature system
  • FIGURE 4 is a flowchart of general data flow for the signature creation process
  • FIGURE 5 is a flowchart of general data flow for creating electronic signatures for a sequence of documents
  • FIGURE 6 is a general state-transition diagram of the proxy server.
  • APPENDICES 1-4 are diagrams further illustrating the processes for creating electronic signatures. Detailed Description
  • FIG. 1 is a block diagram illustrating the preferred configuration of the electronic signature system.
  • the system comprises a network 110 of one or more client workstations 01 coupled to at least one first server 02 and at least two second servers 03, 04.
  • the first server is a proxy server 02 and the two second servers are notary servers 03, 04.
  • the client workstation 01 comprises a communication interface for interacting with a human user and accessing the network 110.
  • the proxy server 02 comprises an authentication module 42, a client interface module 41, a signature statement module 43, a hashing module 44, a notary communication module 48, and a combination module 49.
  • Figure 3 depicts a method for generating an electronic signature in accordance with the present invention.
  • a digital representation 22 of a document 21 is created by a user 11 at the client workstation 01.
  • the document 21 may comprise any textual, numeric, audio, or pictorial contents.
  • a plurality of methods may be used to create the digital representation 22 of the document 21.
  • the digital representation 22 is created by computing a cryptographic hash value by using a one-way cryptographic hash function.
  • the digital representation 22 may be created utilizing a deterministic or probabilistic function of the document's 21 contents. This function may also be an identity function, wherein the document itself is the representation 22.
  • the digital representation 22 of the document 21 is transmitted 12 to the proxy server 02.
  • the client interface module 41 of the proxy server 02 receives the transmission 12 that comprises the representation 22 of the document.
  • the representation 22 may be transmitted 12 in any form of electronic communication, including but not limited to the following: local and wide area networks, the Internet, special-purpose communication channels such as a radio link, or physical delivery of a readable medium or memory device such as a compact disc, hard or floppy disk, magnetic tape, or flash memory device.
  • the authentication module 42 of the proxy server 02 verifies 13 the identity 23 of a client 01.
  • the process of verifying the client requires verification of the identity of an entity responsible for electronically signing the document.
  • An entity can be a person, a workstation, a corporation, or any other agent requiring an electronic signature.
  • the signature statement module 43 creates 14 a signature statement 24 based on output of the authentication module 42 by combining the digital representation 22 of the document 21 and a digital representation of the identity 23.
  • the verification 13 of the identity 23 of the entity includes any means of authentication, including passwords, message authentication codes, authentication protocols, public key certificate-based authentication mechanisms, biometric data such as fingerprints and retinal scans, and conventional 0 hand-written signatures. It should be noted that the sequential order of transmitting 12 and verifying 13 may vary depending on the particular embodiment of the system. For example, the identity verification 13 may occur before or after the digital representation is transmitted 12 to the proxy server 02.
  • the signature statement 24 is used to limit the risk associated with using electronic 5 signatures by uniquely fixing the signer to the content to be signed.
  • the signature statement is unique such that no one signature statement is identical to another. Consequently, the signature statement 24 may comprise additional information beyond the digital representation 22 of the document 21 and the digital representation of the identity 23 of the signer.
  • the signature statement 24 may comprise the current date or time, information on cryptographic o primitives such as those used for creating the electronic signature, trademarks, logos, or any other textual, pictorial, audio, or video content.
  • the signature statement 24 may further comprise a unique identifier representing a signing policy. This can be a document that states the type of content that can be signed and to what extent the signer and the proxy are liable for the signature.
  • the policy may comprise monetary restrictions or the maximum number of documents that can be signed.
  • the statement may further comprise the sequence number of the signature and information from previously created signatures.
  • the hashing module 44 creates 15 a cryptographic hash value 28 by applying a cryptographic hash function 27 to a sequence of signature statements 25 stored in the server memory 47.
  • the server memory 47 comprises at least the signature statement 24, wherein the digest is corresponding to the document 21 to be signed.
  • the cryptographic hash value 28 is computed by means of a succinct digest of a sequence 25 of signature statements 24 capable of uniquely identifying the sequence 25 of digital signature statements 24. Such a sequence of statements can be collected during a predetermined time interval.
  • the statements 24 may comprise digital representations of documents originated from a plurality of different client workstations 01.
  • the cryptographic hash value 28 may be computed using a Merkle Tree Scheme or by an ordinary hash of the concatenation of the sequence 25 of signature statements 24. Further, the hash value 28 may be a hash computation in the form of an arbitrary directed acyclic graph. Moreover, different hash functions 27 may be used at each computational step (represented as nodes of the graph). The hash functions 27 may also be combinations of other hash functions in order to increase the reliability of the electronic signature 31.
  • the value 28 is transmitted 16 by the notary communication module 48 to at least two notary servers 03, 04.
  • the value 28 may be transmitted in any form of electronic communication, similar to the transmission of the digital representation 22 to the proxy server 02.
  • At least two notary servers 03, 04 verify 17 the identity of the proxy 02 server and then create two verifiable digital cryptographic signatures 30 using the hash value 28.
  • the verification 17 of the proxy server 02 may be performed by means similar to the verification 13 of the identity 23 of the client workstation 01.
  • the verifiable cryptographic signatures 30, 50, 51 maybe created using any cryptographic digital signature algorithm.
  • the notary server 03, 04 may add additional data such as the current time data to the hash value 28 before creating the cryptographic digital signature 30, 50, 51.
  • the notary servers 03, 04 transmit 19 the two verifiable cryptographic digital signatures 30 to the proxy server 02.
  • the combination module 49 creates 20 an electronic signature 31.
  • the electronic signature 31 comprises at least two verifiable cryptographic signatures 30, 50, 51, the signature statement 24, and authentication data 29.
  • the authentication data may be computed by the hashing module 44 as a function of the sequence of signature statements 25.
  • the authentication data 29 is used to verify that a particular signature statement 24 was an element of the computation 15 of the cryptographic hash value 28.
  • the authentication data 29 may comprise an authentication path having a list of hash values that, when combined with the signature statement, is sufficient to recompute the cryptographic hash value.
  • the electronic signature 31 may also comprise the public signature verification keys.
  • Figure 6 is a general state-transition diagram of the proxy server 02. During the first state, the server 02 waits for requests sent from the client workstation 01. This state is denoted as the Wait Request State 60. If a request is received from a client 01, the proxy server 02 verifies 13 the client's 01 identity and upon verification creates 14 a signature statement 24 and stores it in a memory 47. Once complete, the proxy server 02 is ready to receive the next request. However, if the verification is not successful, the request is not processed further.
  • the proxy server 02 Upon the expiration of a predetermined period of time, the proxy server 02 computes 15 the cryptographic hash value 28 and transmits 16 it to the two notary servers 03, 04. The proxy server 02 waits 61 until the requests are answered by the notary servers 03, 04. When the two cryptographic signatures 30 are received, the proxy server 02 creates electronic signatures 31 for all the requests received during the predetermined period of time. Subsequently, the proxy server
  • the proxy server 02, notary servers 03, 04, and workstation 01 are computers comprising a processor or microprocessor and a memory in communication with the processor.
  • the processor is a hardware device for executing software, particularly software stored in the memory.
  • the processor can be any custom-made or commercially-available processor, a central processing unit, an auxiliary processor among several processors associated with the server, a semiconductor-based microprocessor in the form of a microchip or chip set, a macroprocessor, or generally any device similar to the 80x8 or Pentium-series microprocessors from Intel Corporation, the PowerPC microprocessor architecture from International Business Machines, the Sparc microprocessor series from Sun Microsystems, Inc., or the 8-series microprocessor from Motorola Corporation.
  • the memory can include any one or a combination of volatile memory elements, for example, a random access memory such as RAM, DRAM, SRAM, SDRAM, etc., and nonvolatile memory elements such as ROM, a hard drive, tape drive, CD-ROM, etc. Moreover, the memory may incorporate electronic, magnetic, optical, and other types of storage media.
  • the memory can have a distributed architecture where various components are situated remotely from one another, but can be accessed by the processor.
  • the proxy server 02 and notary servers 03, 04 are independent servers and, as described herein, provide uniquely different functions as parts of the system for generating electronic certificates.
  • the proxy server 02 and notary servers 03, 04 are embodied in a computer program product that runs software to execute the functions of the servers. Since a server, as embodied in a computer program product, is a computer program that may run simultaneous to other applications on the same computer processor, it will be understood that though the servers of the present invention provide different functions, they may all run simultaneously on the same computer yet still be uniquely different servers.
  • Appendices 1-4 offer more detailed illustrations of the system, including the proxy server, the notary servers, and the work stations. The process of creating an electronic signature is also shown in further detail.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A system and method for generating electronic signatures is provided. A first server receives a digital representation of a document or other content from a workstation. The first server authenticates the identity of the entity seeking to electronically sign the document or other content and generates a unique first signature statement based on the contents of the document and the identity of the signing entity. The first server adds the unique signature statement to a sequence of such statements and at some time thereafter calculates a representation of the sequence of statements by performing a hash function on the sequence. The first server sends the unique representation to at least two second servers, which generate a verifiable cryptographic signature corresponding to the unique representation, and transmits the signature to the first server. Lastly, the first server generates an electronic signature based on the unique signature statement, the sequence of unique signature statements, and the cryptographic signature from the at least two second servers.

Description

SYSTEM AND METHOD FOR CREATING ELECTRONIC SIGNATURES
DESCRIPTION Technical Field The present invention generally relates to electronic signatures, electronically signed statements, and electronically signed content. More particularly, the present invention relates to use of electronically signed statements to verify the integrity of the content and to authenticate the identity of the people or machines responsible for the content. Background of the invention Remembering and proving events of the past is an important characteristic of human civilization. Oral testimonies were used before literary language was invented, and they are still in use today. Due to the increasing complexity of business and public relations, people started to use written documents as external memory. Numerous measures have been developed to protect the content integrity of written documents; for example, special inks, paper, and seals are used. Further, in order to bind the content of a document with a person responsible for it, a handwritten signature is used. Today, written documents, as well as all kinds of data in general (usually referred to as content), are processed, transmitted, and preserved in digitized electronic form (usually referred to as electronic content). Currently, cryptographic means are used to protect the integrity of electronic content and to bind content with the persons responsible for it. Cryptographic checksums computed using asymmetric cryptography are often viewed as electronic analogues of handwritten signatures. Electronic signatures are created using private keys and verified using public keys.
Cryptographers have been studying electronic signature technologies for decades since the discovery of one-way functions (see W. Diffie and M. E. Hellman, "New Directions in Cryptography," IEEE Trans. Inform. Theory, IT-22, 6, 1976, pp. 644-654). Several electronic signature schemes are mathematically proven to be secure under some complex theoretical assumptions (see Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, "Handbook of Applied Cryptography," CRC Press series on discrete mathematics and its applications, CRC Press, 1996, ISBN 08493-8523-7 for an overview).
In many countries, electronic signatures are legally admissible. Considering the advantages of electronic data management (creation, transfer, storage) over the traditional paper-based alternatives, there is an obvious use for electronic signatures in the society. However, electronic signatures are still not widely used for two main reasons:
(1) Security concerns. Leakage of private keys may cause substantial risk because the number of possible forged signatures cannot be limited. Also, secure key management can be too complicated for the general public.
(2) Technical complexity and cost. Private key management is costly, as is the massive distribution of authentic public keys.
Rapid growth of a technology in which the main concerns are security and cost « electronic banking — suggests that these concerns can be solved for electronic signatures as well. In electronic banking, (1) the risks are always limited (at least to the amount of money in a user's account), and (2) existing infrastructure (e.g., web browsers) provides a simple and user-friendly interface to customers.
In most electronic signature systems, it has been assumed that private keys are distributed among users. It has been argued that electronic signature systems built under such an assumption are the most secure. This assumption is the main reason for the high cost and technical complexity of the systems. Abandoning this assumption may lead to considerably more cost-efficient electronic signature systems, which in addition may be more secure than the previous systems. For example, in the system presented by Asokan et al. (see A. Asokan, G. Tsudik, M. Waidner, "Server-supported Digital Signatures," in proceedings of ESORICS '96, Rome, Italy, September 25-27, 1996), personal private keys are eliminated, histead of personal private keys, the signature function is delegated to a server. In this system, the server authenticates clients and creates electronic signatures in their name by using one single private key. A few thousand servers could serve the entire on-line community.
The major concern when using such a signature server is that signers ultimately have to trust the server because of its capacity to create signatures in the name of any user. Thus, the need has arisen for a system and method that substantially addresses the shortcomings of existing electronic signature systems, namely, the security, technical complexity, and cost concerns.
Specifically, the need has arisen for a system and method for creating electronic signatures so that the authenticity of the signature is consistently reliable. The present invention is provided to solve these and other problems. Summary of the Invention
In the electronic signature system of the present invention, servers are provided that use meta-level signature services to create their signatures so that only a few key pairs are needed for the whole service. In one embodiment, the present invention is a system for creating an electronic signature for an electronic document (or content in general). The system comprises at least one workstation, a first server, and at least two second servers. The first server receives a digital representation of some content from a workstation. The first server authenticates the identity of an entity who wants to electronically sign the content through the workstation. The first server creates a unique first signature statement utilizing the digital representation of the content and the identity of the entity. The first server adds the unique first signature statement to a sequence of signature statements created by the server in a certain interval of time. At the end of the time interval, the first server calculates, by performing a hash function, a unique representation for the sequence of signature statements. The first server then sends the unique representation to the at least two second servers. Each of the at least two second servers creates verifiable cryptographic signatures corresponding to the unique digital representation and sends these cryptographic signatures to the first server. The first server then creates an electronic signature utilizing the cryptographic signatures from the at least two second servers, the unique first signature statement, and authentication data calculated from the sequence of signature statements and unique first signature statement. h another embodiment, the present invention is a system for creating an electronic signature for an entity. The system comprises at least one workstation, a first server, and at least two second servers. During a certain interval of time, the first server receives digital representations of documents or other content from one or more workstations. For each digital representation, the first server authenticates the identity of the entity who wants to electronically sign the content, creates a unique first signature statement utilizing the digital representation and a unique representation of the identity of the entity, and adds the unique first signature statement to a sequence of at least one second signature statements. At the end of the time interval, the first server calculates a unique representation of the sequence of all signature statements. The at least two second servers create verifiable cryptographic signatures corresponding to the unique representation. The first server creates electronic signatures for every digital representation utilizing the cryptographic signatures, the unique first signature statement, and authentication data calculated from the sequence of at least one second signature statements and unique first signature statement.
In at least one embodiment, it is anticipated that the signers of documents, or electronic content in general, are the workstations. The first server authenticates the identity of the workstation and incorporates the unique representation of that identity of the workstation into the unique first signature statement.
In at least one embodiment, the first server operates in phases. In other words, during a certain period of time, the first server collects representations of documents, authenticates the signers, and creates signature statements. At the end of the phase, the first server creates a unique representation of all the signature statements collected during that phase. The at least two second servers then create verifiable cryptographic signatures corresponding to the unique representation. The first server then creates electronic signatures for the representations of documents collected during the phase. Every electronic signature is created utilizing the cryptographic signatures created by the at least two second servers, the unique first signature statement corresponding to the document, and authentication data calculated from the sequence of signature statements and unique first signature statement.
Other features and advantages of the invention will be apparent from the following specification taken in conjunction with the following drawings. Brief Description of the Drawings
FIGURE 1 is a block diagram of the preferred embodiment for the configuration of the electronic signature system;
FIGURE 2 is a block diagram illustrating the general structure of the proxy server;
FIGURE 3 is a flowchart of the general application of the electronic signature system; FIGURE 4 is a flowchart of general data flow for the signature creation process;
FIGURE 5 is a flowchart of general data flow for creating electronic signatures for a sequence of documents;
FIGURE 6 is a general state-transition diagram of the proxy server; and
APPENDICES 1-4 are diagrams further illustrating the processes for creating electronic signatures. Detailed Description
While this invention is susceptible to embodiment in many different forms, there are shown in the drawings and herein described in detail preferred embodiments of the invention with the understanding that the present disclosure is to be considered an exemplification of the principles of the invention and is not intended to limit the broad aspect of the invention to the embodiments illustrated.
For more details of particular possible implementations related to the present invention, please refer to U.S. Provisional Application No. 60/355,325 filed February 8, 2002, and U.S. Publication No. 2002/0184504 Al published December 5, 2002. The invention relates to a method and system for creating electronic signatures without using special purpose software or hardware devices. The system can be easily applied to establish an electronic signature service for an existing trust relationship without the need for artificial trust structures. Further, the system complies with all common law legal requirements for electronic signatures and is suitable for legal-grade electronic documents. Figure 1 is a block diagram illustrating the preferred configuration of the electronic signature system. The system comprises a network 110 of one or more client workstations 01 coupled to at least one first server 02 and at least two second servers 03, 04. Preferably, the first server is a proxy server 02 and the two second servers are notary servers 03, 04. The client workstation 01 comprises a communication interface for interacting with a human user and accessing the network 110. As seen in Figure 2, the proxy server 02 comprises an authentication module 42, a client interface module 41, a signature statement module 43, a hashing module 44, a notary communication module 48, and a combination module 49.
Figure 3 depicts a method for generating an electronic signature in accordance with the present invention. A digital representation 22 of a document 21 is created by a user 11 at the client workstation 01. The document 21 may comprise any textual, numeric, audio, or pictorial contents. A plurality of methods may be used to create the digital representation 22 of the document 21. Preferably, the digital representation 22 is created by computing a cryptographic hash value by using a one-way cryptographic hash function. In a further embodiment of the present invention, the digital representation 22 may be created utilizing a deterministic or probabilistic function of the document's 21 contents. This function may also be an identity function, wherein the document itself is the representation 22.
After the digital representation 22 is created, the digital representation 22 of the document 21 is transmitted 12 to the proxy server 02. The client interface module 41 of the proxy server 02 receives the transmission 12 that comprises the representation 22 of the document. The representation 22 may be transmitted 12 in any form of electronic communication, including but not limited to the following: local and wide area networks, the Internet, special-purpose communication channels such as a radio link, or physical delivery of a readable medium or memory device such as a compact disc, hard or floppy disk, magnetic tape, or flash memory device. The authentication module 42 of the proxy server 02 verifies 13 the identity 23 of a client 01. The process of verifying the client requires verification of the identity of an entity responsible for electronically signing the document. An entity can be a person, a workstation, a corporation, or any other agent requiring an electronic signature.
As seen in Figure 4, once verified, the signature statement module 43 creates 14 a signature statement 24 based on output of the authentication module 42 by combining the digital representation 22 of the document 21 and a digital representation of the identity 23. The verification 13 of the identity 23 of the entity includes any means of authentication, including passwords, message authentication codes, authentication protocols, public key certificate-based authentication mechanisms, biometric data such as fingerprints and retinal scans, and conventional 0 hand-written signatures. It should be noted that the sequential order of transmitting 12 and verifying 13 may vary depending on the particular embodiment of the system. For example, the identity verification 13 may occur before or after the digital representation is transmitted 12 to the proxy server 02.
The signature statement 24 is used to limit the risk associated with using electronic 5 signatures by uniquely fixing the signer to the content to be signed. Preferably, the signature statement is unique such that no one signature statement is identical to another. Consequently, the signature statement 24 may comprise additional information beyond the digital representation 22 of the document 21 and the digital representation of the identity 23 of the signer. For example, the signature statement 24 may comprise the current date or time, information on cryptographic o primitives such as those used for creating the electronic signature, trademarks, logos, or any other textual, pictorial, audio, or video content. The signature statement 24 may further comprise a unique identifier representing a signing policy. This can be a document that states the type of content that can be signed and to what extent the signer and the proxy are liable for the signature. The policy may comprise monetary restrictions or the maximum number of documents that can be signed. The statement may further comprise the sequence number of the signature and information from previously created signatures.
Upon the creation of the signature statement 24 and as illustrated in Figure 5, the hashing module 44 creates 15 a cryptographic hash value 28 by applying a cryptographic hash function 27 to a sequence of signature statements 25 stored in the server memory 47. When the crytpgraphic hash value 28 is generated 15 by the hashing module 44, the server memory 47 comprises at least the signature statement 24, wherein the digest is corresponding to the document 21 to be signed. The cryptographic hash value 28 is computed by means of a succinct digest of a sequence 25 of signature statements 24 capable of uniquely identifying the sequence 25 of digital signature statements 24. Such a sequence of statements can be collected during a predetermined time interval. The statements 24 may comprise digital representations of documents originated from a plurality of different client workstations 01. The cryptographic hash value 28 may be computed using a Merkle Tree Scheme or by an ordinary hash of the concatenation of the sequence 25 of signature statements 24. Further, the hash value 28 may be a hash computation in the form of an arbitrary directed acyclic graph. Moreover, different hash functions 27 may be used at each computational step (represented as nodes of the graph). The hash functions 27 may also be combinations of other hash functions in order to increase the reliability of the electronic signature 31.
Once the cryptographic hash value 28 is created 15, the value 28 is transmitted 16 by the notary communication module 48 to at least two notary servers 03, 04. The value 28 may be transmitted in any form of electronic communication, similar to the transmission of the digital representation 22 to the proxy server 02. At least two notary servers 03, 04 verify 17 the identity of the proxy 02 server and then create two verifiable digital cryptographic signatures 30 using the hash value 28. The verification 17 of the proxy server 02 may be performed by means similar to the verification 13 of the identity 23 of the client workstation 01. The verifiable cryptographic signatures 30, 50, 51 maybe created using any cryptographic digital signature algorithm. Further, the notary server 03, 04 may add additional data such as the current time data to the hash value 28 before creating the cryptographic digital signature 30, 50, 51.
The notary servers 03, 04 transmit 19 the two verifiable cryptographic digital signatures 30 to the proxy server 02. Once received by the notary communication module 48 in the proxy server 02, the combination module 49 creates 20 an electronic signature 31. The electronic signature 31 comprises at least two verifiable cryptographic signatures 30, 50, 51, the signature statement 24, and authentication data 29. The authentication data may be computed by the hashing module 44 as a function of the sequence of signature statements 25. The authentication data 29 is used to verify that a particular signature statement 24 was an element of the computation 15 of the cryptographic hash value 28. For example, if the Merkle Tree Scheme is used, the authentication data 29 may comprise an authentication path having a list of hash values that, when combined with the signature statement, is sufficient to recompute the cryptographic hash value. The electronic signature 31 may also comprise the public signature verification keys. Figure 6 is a general state-transition diagram of the proxy server 02. During the first state, the server 02 waits for requests sent from the client workstation 01. This state is denoted as the Wait Request State 60. If a request is received from a client 01, the proxy server 02 verifies 13 the client's 01 identity and upon verification creates 14 a signature statement 24 and stores it in a memory 47. Once complete, the proxy server 02 is ready to receive the next request. However, if the verification is not successful, the request is not processed further.
Upon the expiration of a predetermined period of time, the proxy server 02 computes 15 the cryptographic hash value 28 and transmits 16 it to the two notary servers 03, 04. The proxy server 02 waits 61 until the requests are answered by the notary servers 03, 04. When the two cryptographic signatures 30 are received, the proxy server 02 creates electronic signatures 31 for all the requests received during the predetermined period of time. Subsequently, the proxy server
02 starts a new round.
In a preferred embodiment of the present invention, the proxy server 02, notary servers 03, 04, and workstation 01 are computers comprising a processor or microprocessor and a memory in communication with the processor. The processor is a hardware device for executing software, particularly software stored in the memory. The processor can be any custom-made or commercially-available processor, a central processing unit, an auxiliary processor among several processors associated with the server, a semiconductor-based microprocessor in the form of a microchip or chip set, a macroprocessor, or generally any device similar to the 80x8 or Pentium-series microprocessors from Intel Corporation, the PowerPC microprocessor architecture from International Business Machines, the Sparc microprocessor series from Sun Microsystems, Inc., or the 8-series microprocessor from Motorola Corporation.
The memory can include any one or a combination of volatile memory elements, for example, a random access memory such as RAM, DRAM, SRAM, SDRAM, etc., and nonvolatile memory elements such as ROM, a hard drive, tape drive, CD-ROM, etc. Moreover, the memory may incorporate electronic, magnetic, optical, and other types of storage media. The memory can have a distributed architecture where various components are situated remotely from one another, but can be accessed by the processor.
The proxy server 02 and notary servers 03, 04 are independent servers and, as described herein, provide uniquely different functions as parts of the system for generating electronic certificates. In a preferred embodiment of the present invention, the proxy server 02 and notary servers 03, 04 are embodied in a computer program product that runs software to execute the functions of the servers. Since a server, as embodied in a computer program product, is a computer program that may run simultaneous to other applications on the same computer processor, it will be understood that though the servers of the present invention provide different functions, they may all run simultaneously on the same computer yet still be uniquely different servers.
Appendices 1-4 offer more detailed illustrations of the system, including the proxy server, the notary servers, and the work stations. The process of creating an electronic signature is also shown in further detail.
The invention may be embodied in other forms without departing from its spirit or characteristics. These present embodiments, therefore, are to be considered in all aspects as illustrative and not restrictive, and the invention is not to be limited to the details give herein.

Claims

CLAIMSWhat is claimed is:
1. A system for creating electronic signatures, the system comprising: a communication network; a first computer connected to the communication network and having an identity, the first computer for creating a digital representation of a document and for creating a digital representation of an identity of an entity for electronically signing the document; a second computer connected to the communication network and for creating a unique signature statement utilizing the digital representation of the document received from the first 0 computer and the digital representation of the identity of the entity for electronically signing the document, wherein the second computer performs a hash function to calculate authentication data based on a hash value corresponding to the unique signature statement; and, at least two third computers connected to the communication network and for creating a cryptographic digital signature corresponding to the hash value received from the second 5 computer, wherein the second computer creates the electronic signature utilizing the cryptographic digital signature, the unique signature statement, and the authentication data.
2. The system of Claim 1 further comprising a memory coupled to the second computer wherein the memory stores a sequence of signature statements.
3. The system of Claim 2, wherein the hash function is applied to the sequence of signature o statements to calculate the hash value.
4. The system of Claim 2, wherein the authentication data is a function of the at least one signature statement in the memory and the unique signature statement.
5. The system of Claim 1, wherein the hash value is computed using Merkle's Tree Scheme.
6. The system of Claim 1, wherein the cryptographic digital signature is created by a digital 5 signature algorithm.
7. The system of Claim 1 , wherein the electronic signature further comprises public signature verification keys.
8. The system of Claim 1, wherein prior to creating the unique signature statement, the second computer verifies the identity of the first computer.
9. The system of Claim 1, wherein prior to creating the cryptographic digital signature, the at least two third computers verify the identity of the second computer.
10. The system of Claim 1 , wherein prior to creating the unique signature statement, the second computer verifies the digital representation of the identity of the entity for electronically signing the document, wherein the verification is performed at the first computer.
11. A system for creating a unique first signature statement utilizing a digital representation of a document received from a computer and a digital representation of an identity of an entity for electronically signing the document comprising: a first processor for verifying the identity of the first computer and for verifying the digital representation of the identity of the entity for electronically signing the document; a communication interface for receiving a request, wherein the request comprises the digital representation of the document and the digital representation of the identity of the entity for electronically signing the document; a second processor for creating the unique first signature statement, wherein the unique first signature statement is based on the digital representation of the document and the digital representation of the identity of the entity for electronically signing the document received from the first computer; a third processor for creating a new sequence of signature statements by adding the unique first signature statement to a sequence of at least one second signature statements; and, a fourth processor for computing a hash value, wherein the hash value is computed by applying a hash function to the new sequence of signature statements.
12. The system of claim 11, wherein the fourth processor computes an authentication data for each signature statement.
13. The system of claim 12, wherein the authentication data is computed as a deterministic function of the new sequence of signature statements and a particular signature statement, wherein the particular signature statement is a member of the new sequence of signature statements.
14. The system of claim 12, wherein the authentication data is computed as a probabilistic function of the new sequence of signature statements and a particular signature statement, wherein the particular signature statement is a member of the new sequence of signature statements.
15. The system of claim 11, further comprising a memory for storing the signature statements created by the third processor.
16. The system of claim 11, further comprising a fifth processor for sending a request, the request comprising the hash value computed by the fifth processor, and for receiving at the least two cryptographic digital signatures.
17. The system of claim 16, further comprising a sixth processor for composing an electronic signature for each request received.
18. The system of claim 11, wherein the first, second, third, and fourth processors are the same processor.
19. A method for creating electronic signatures, the method comprising the steps of: receiving at a computer, through a communication interface, a request comprising a digital representation of a document and a digital representation of an identity of an entity for electronically signing the document; generating at the computer a unique first signature statement utilizing the digital representation of the document and the digital representation of the identity of the entity for electronically signing the document; computing at the computer a hash value using a hash function, wherein the hash function is applied to a sequence of signature statements including the unique first signature statement; generating a digital signature corresponding to the hash value; computing at the computer authentication data utilizing the sequence of signature statements and the unique first signature statement; and, generating at the computer an electronic signature utilizing the digital signature, the unique first signature statement, and the authentication data.
20. The method of claim 19, wherein the digital representation of the identity of the entity for electronically signing the document is verified by one of the following protocols: passwords, message authentication codes (MACs), authentication protocols, public key certificate-based authentication mechanisms, biometric data, and conventional hand- written signatures.
21. The method of claim 19, wherein the hash function is Merkle's Tree Scheme.
22. The method of claim 19, wherein the hash function is an ordinary hash of a concatenation of signature statements.
23. The method of claim 19, wherein the hash function is an acyclic graph.
24. The method of claim 19, wherein the hash function is a combination of at least two other hash functions.
25. The method of Claim 19, wherein the creation of the electronic signature further utilizes public signature verification keys.
26. A computer program product comprising the method of claim 19.
PCT/IB2004/000249 2003-01-31 2004-01-30 System and method for creating electronic signatures WO2004068264A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US44412603P 2003-01-31 2003-01-31
US60/444,126 2003-01-31

Publications (2)

Publication Number Publication Date
WO2004068264A2 true WO2004068264A2 (en) 2004-08-12
WO2004068264A3 WO2004068264A3 (en) 2004-12-29

Family

ID=32825399

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2004/000249 WO2004068264A2 (en) 2003-01-31 2004-01-30 System and method for creating electronic signatures

Country Status (1)

Country Link
WO (1) WO2004068264A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007515890A (en) * 2003-12-22 2007-06-14 リナックスプローブ株式会社 System and method for generating a digital certificate
WO2013002735A1 (en) * 2011-06-30 2013-01-03 Trusted Hub Ltd Method and system for digitally signing a document
CN110881048A (en) * 2019-12-16 2020-03-13 苏宁云计算有限公司 Safety communication method and device based on identity authentication

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3278721B2 (en) * 1990-08-02 2002-04-30 テルコーディア テクノロジーズ、インコーポレーテッド How to reliably stamp timestamps on numeric documents

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007515890A (en) * 2003-12-22 2007-06-14 リナックスプローブ株式会社 System and method for generating a digital certificate
WO2013002735A1 (en) * 2011-06-30 2013-01-03 Trusted Hub Ltd Method and system for digitally signing a document
CN110881048A (en) * 2019-12-16 2020-03-13 苏宁云计算有限公司 Safety communication method and device based on identity authentication
CN110881048B (en) * 2019-12-16 2021-11-09 苏宁云计算有限公司 Safety communication method and device based on identity authentication

Also Published As

Publication number Publication date
WO2004068264A3 (en) 2004-12-29

Similar Documents

Publication Publication Date Title
Park et al. Constructing fair-exchange protocols for E-commerce via distributed computation of RSA signatures
JP3899808B2 (en) Digital signature generation method and digital signature verification method
Nicolosi et al. Proactive Two-Party Signatures for User Authentication.
US7428749B2 (en) Secure delegation using public key authorization
EP0639907B1 (en) Digital signature method and key agreement method
US8654975B2 (en) Joint encryption of data
US6263436B1 (en) Method and apparatus for simultaneous electronic exchange using a semi-trusted third party
US9882890B2 (en) Reissue of cryptographic credentials
Yang et al. On the efficiency of nonrepudiable threshold proxy signature scheme with known signers
CN101383707A (en) Light-weight authentication system and key algorithm
US20040193872A1 (en) System and method for renewing and extending digitally signed certificates
Shieh et al. Digital multisignature schemes for authenticating delegates in mobile code systems
CN100428682C (en) Systems and methods for authenticating content users
Küpçü Official arbitration with secure cloud storage application
Hwang et al. An untraceable blind signature scheme
Tzong-Chen et al. Authenticating passwords over an insecure channel
US7366911B2 (en) Methods and apparatus for computationally-efficient generation of secure digital signatures
Ansper et al. Efficient long-term validation of digital signatures
KR100438257B1 (en) Message reproducing type signature device
Seo et al. A mediated proxy signature scheme with fast revocation for electronic transactions
WO2004068264A2 (en) System and method for creating electronic signatures
Mandal et al. Design of electronic payment system based on authenticated key exchange
Kwon Virtual software tokens-a practical way to secure PKI roaming
Dossogne et al. Secure and practical threshold RSA
Chang et al. A highly efficient and secure electronic cash system based on secure sharing in cloud environment

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC (EPO FORM 1205A DATED 10.10.2005)

122 Ep: pct application non-entry in european phase
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载