JP2003060879A - Electronic signature for document - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an electronic signature method and its system for protecting reliability and security in a document through the use of an electronic pen. SOLUTION: A signature by hand is picked-up, an collation ID is generated, the signature by hand, the collation ID and an optical watermark are included in a document and, then, a process is performed for the signature in the document.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to electronic signatures on documents, and more particularly but not exclusively, to electronic signature methods and systems for protecting the confidentiality and originality of signed documents.

[0002]

2. Description of the Prior Art Such methods and systems may use handwritten signatures and "captureable" features such as digital certificates, voices, stickers, fingerprints, faces, irises and the like. For example, a smart card can be used to store the seal image and use it to sign the document.
The seal may be protected against forgery by using an optical watermark. Another example is the use of voice signatures to sign documents. The voice may be recorded as a "signature" using digital recording techniques. Throughout this specification "manual signature" is meant to include all such captureable signatures.

Signature devices thus range from electronic pens to other sensing devices such as digital cameras, microphones, scanners, for example. Throughout this specification references to "e-pen" or "electronic pen" are meant to include such forms of sensing devices.

The "documents" in this specification, whether in hardcopy or digital form, are business and administrative documents, letters and voice documents, image documents, software documents, receipts, checks, tickets, contracts, scanned documents. Include documents in the form of images that have been or otherwise recorded. Throughout this specification, references to documents are intended to include all such documents.

Throughout this specification, computer references are meant to include computers such as desktop computers, personal computers, laptop computers, notebook computers, for example.

Throughout this specification, an optical watermark of 2000
Reference is made to something like a watermark in accordance with the prior international patent application PCT / SG00 / 00147 filed on Sep. 15, 2014.

To be trustworthy, the signature system
It should give proof, not repudiation, that a person has correctly signed the required document at a particular time. It is difficult to verify the identity of the person who signed a document when the crime of confidentiality in the signing process, i.e. forging a correct signature to an unrelated document from forgery of the signature, occurred at any time during the signing process. That is. When a document is signed, fraudulent parties use sensors to record the signal generated in the signature and then use the recorded signal to generate a forged signature. Criminals also get a sample of a genuine hand signature and copy it by hand.
When transferring the signature, the fraudster cuts or copies the signature data from the document and attaches it to the extraneous document. The recipient can also forge the printed document by forging the correct party signature on the document.

[0008]

SUMMARY OF THE INVENTION It is an object of the invention to provide an electronic signature method for protecting the authenticity and confidentiality of a document by means of a storable identifier such as a legitimate hand signature and / or a digital signature. Provide the system. It is preferred that it can be used in both electronic and hardcopy form.

US Pat. No. 5,517,579 describes a handwriting input device that uses at least two different sensing techniques to detect handwriting, and the output of the handwriting input device to direct the output of a code represented by handwriting. And a code identification device for receiving the code recognition device. However, while the additional sensor provides more information for the certification process, it cannot distinguish the difference between the signal resulting from the actual signature and the recorded signal of the signature. The counterfeit party can record the signal from the sensor, generate a counterfeit signature, and replay the recorded signature.

International patent application WO / 0049583 discloses a method and apparatus for personalizing and certifying identification and security documents and security documents that can be used. The identification or security document contains data specific to the numeric characters and / or graphic form printed on and / or stored in the document. Data specific to individual and / or correlated data is also shown in / above in the document in a second form that is machine readable. This data, as well as the personalized data, can be read from the document and checked for consistency using an appropriate test controller. However, this specification does not disclose a mechanism for securely protecting the confidentiality of the content of the document, nor does it disclose a method of user authentication.

International patent application WO / 0031677 describes an individual who has requested the right to prepare records for authorized reference for future reference, to give sensed documents, and to become persons with access to the documents. A document approval method that includes collecting biometric data from a person, forming a barcode containing biometric data from an individual, attaching the barcode to a document, and saving the document and the attached barcode. Disclosure. Document access gathers current biometric data from the person requesting access, compares the barcode attached to the document with the current biometric data, and the person requesting access and the authorized individual are the same You will be authorized by making sure that. It cannot protect the confidentiality of the identity of an individual with a particular document, cannot distinguish the signal corresponding to the genuine signature from the recorded signal, and is a bar code reader to prove the encoded data. Requires equipment.

International patent application WO / 0007330 uses digital signatures to provide authorization by use of biological indicia. The digital certificate is formed in the processor, which is secured from the digital representation of the enrollee's unique biological characteristics. The digital representation is signed with a private processor of the registrant in a secure processor and sent to the certification authority over the communications network. The registrant's identity is verified at the remote secure registration processor.
After identity verification, the certification authority forms a certificate during the enrollment process by encrypting the digital signature with the certification authority's unique encryption key. Certificates are also kept in publicly available directories. The document and the certificate are then transmitted to the receiving terminal. If the sending party denies sending the document, during the verification process the biological properties are extracted from the proof and directly compared with the actual biological characteristics of the sending party. This is an extension of the use of existing digital certificates with biometric data, not document related,
U.S. Pat. No. 5,867,802 relates to "Biometrically Confidential Control Systems for Preventing the Use of Unauthorized Vehicles." This relates to valid owner / driver authentication of the vehicle. It stores the owner / driver's fingerprint in the memory of the vehicle control system. The microprocessor completes a conditional loop of instructions on validating the user's "real input" biometric data before executing the instructions on the operation of the vehicle,
I have to finish. This is vehicle fingerprint access control.

US Pat. No. 5,721,781 relates to portable information devices such as smart cards. A smart card is assigned a unique digital certificate containing a digital signature from a trusted certificate authority and a unique public key. Each application stored on the smart card is also assigned an associated certificate with a digital signature of the certificate authority. The system further includes a secure processor that can access the smart card. The private processor is assigned a unique certificate, which also contains a digital signature from a trusted certificate authority and a unique key. During the transaction session, the smart card and the secure processor exchange their credentials to authenticate each other as well as the application. further,
The cardholder enters a unique PIN to authenticate the cardholder. This is a three-tiered authentication system: card, application, cardholder, not a solution for document signing and / or authentication.

All known prior art methods fail to protect a document with the confidentiality of the signature when the document is signed,
Vulnerable to “record and play” crime. In addition, it relies heavily on online proof processes that are vague to end users and vulnerable to crime from within the network.

[0015]

SUMMARY OF THE INVENTION The present invention provides a method for a person to sign a document by using an electronic pen, which captures a human hand signature, generates a verification ID, and It involves attaching a verification ID and an optical watermark to the document to complete the document signing process.

Preferably, the person's identity is verified prior to the generation of the verification ID, which is a signature of the hand and / or a document digest and / or a time stamp and / or a representative feature of the document. The hand signature is embedded in the optical watermark and the document digest and / or the time stamp is embedded in the optical watermark to form a link between the document and the hand signature.
Further, the document digest may be the critical information of the document.

The person's identity may be verified by the public key infrastructure after the security handshake challenge and response session between the server and the electronic pen, where the electronic pen has its identity number and The electronic pen's private key, the person's private key, and the measured features of the person's hand signature and / or the removable learning module may be stored. If multiple people can use the electronic pen, the electronic pen can store registration information for each such person.

The server and the electronic pen can store their respective private keys, and the measured characteristics of the hand-signed and / or hand-signed signatures are stored in the server. A security handshake between the server and the electronic pen based on the public key pair is the preferred step. Hand signatures and / or measured features of human hand signatures may be stored in the electronic pen, and hand signature processing and certification may also be performed within the electronic pen. There is preferably a security authentication process between the server and the electronic pen and between the server and the computer. After successful completion of the security handshake, the electronic pen collects the hand-signature data, encrypts the hand-signature data, and sends it to the server for further processing and authentication.

The capture and processing of the hand signature and / or the measured features of the human hand signature may be performed by a secure processor and the result of the processing sent to an electronic pen for certification. The private key and the manual signature can be stored in the electronic pen, and the measured characteristics of the manual signature and / or the manual signature are stored in the secure processor and the manual signature. And / or the measured characteristics of the manual signature are stored in the computer. The hand signature and / or the measured characteristics of the human hand signature may be stored in encrypted form, preferably in a secure memory. The private memory may be the person's authentication card.

A document management module may be included in the terminal for displaying the document and including a manual signature in the document. In addition, when a document is signed, the sticker image may be stored in the electronic pen so that both the human signature and the sticker image appear on the document. The seal image may be an optical watermark that is embedded and hidden information to protect against counterfeiting.

This method may be applied to process approval. In an alternative form, the present invention generates a confirmed hand signature on a document by signing the document using an electronic pen, creates a digest of the document, and encrypts the hand signature in the electronic pen. , Collation ID is generated, collation ID
Is included in the document to provide a method for integrating the digest into the document.

The match ID may be generated from the captured hand signature, the digest of the document, the time stamp, and / or a representative feature of the document. The hand signature is embedded in the optical watermark, and the at least one document digest, the critical properties of the document, the time stamp, and the content of the document are embedded in the optical watermark. Form a link.

The document creates a digest of the signed document, uses the document digest to generate a decryption key, uses it to decrypt the collation ID, and the hand signature extracted from the collation ID and the signature. The signature generated by the document is compared with the digest generated from the document, and the digest generated from the collation ID is compared. The signature on the document and the signature embedded in the optical watermark are compared. And can be authenticated by comparing the critical features / contents of the document and / or the time stamp embedded in the optical watermark with the equivalent in the document.

The digest of the document is derived from the representative features of the document, which features embedded in the optical watermark can be decrypted by a special key.

When the document is a printed document, the hand signature and the digest of the document are extracted from the printed document, and the confirmation of the document is a hand signature on the document and a hand embedded in the optical watermark. Confirmed by comparison with the signature by. The critical features of the document and the time stamp embedded in the optical watermark can be compared to the equivalent in the document.

The manual signature and the time stamp may be encrypted using an encryption key generated from the digest of the document, which digest is used to obtain the encryption key pair from the encryption key pair database. It Alternatively, the document digest may be used to generate a cryptographic key pair using a security feature. The database and / or security features are located on the electronic pen, server, or secret memory.

The hand-signed may include signature images and features of the hand-signed, where the features of the hand-signed include pressure and speed. The pre-registered hand signature may be stored in an electronic pen, server, private memory for future use.

[0028] Preferably, the pre-registered hand signature is updated periodically, and any hand signature may be combined with other biometric information for that person.

The encryption may be done with a public key pair and / or a symmetric key.

[0030]

In order that the invention may be readily understood and practiced, a preferred embodiment of the invention will now be described, by way of example only, with reference to the accompanying drawings, which are not intended to limit the invention. Absent. The signed document of the embodiment of the present invention has the following structure. The content of the document, the signature data by hand, the collation ID which consists of the following items and can be encrypted: the signature by hand and / or its critical properties and / or
Or a digest of it, a digest of the document content (hash, characteristic or critical item), a time stamp, a watermark containing an optical watermark, with an embedded hand signature and a critical item of the document content.

The main steps of the signing process are: manual signer authentication of the signer as defined at the beginning of this specification; manual signature capture and verification ID of the signed document. And watermark generation.

As shown in FIG. 1, in one embodiment of the invention, an e-pen 10, a secure processor 1 is provided.
2. There is a storage device 14, a computer 16 and a user 18 which are protected by confidentiality. 1. Capture signature by user 18; 3. Add a time stamp 3. Calculation of digests or representative features of the target document, Generation of the authentication ID of the document signed by the user, ie (a) manual signature, digest, and / or other characteristics of the document using a security algorithm, and (b) a time stamp using the security algorithm, 5. The creation of a watermark with embedded signatures and critical information about the document.

Furthermore, the method and system according to the invention comprises: a device or program for printing a signature and an optical watermark on a document for authenticating the printed document and the document for processing, transfer, authorization, security, authentication. It may include a device or program that provides an infrastructure for managing documents and a protocol that proves the authenticity and authenticity of a document either offline or online.

There are various possible structures for a document signing system. For example, an e-pen can be as simple as a pointing device and as complex as an electronic pen for capturing signatures by a secure storage device and a secure processor. As such, the security handshake and hand proof of proof between the e-pen, the secure storage device, the secure processor, and the computer have numerous protocols. In each case, the processor is secure and the e-pen device is secure and e-pen is secure.
It is assumed that the pen user's private keys are stored on the e-pen. The manual signature or its characteristics may be stored in the server. Here is an example of a suitable protocol. Protocol 1: In this protocol, there is no separate secret-protected memory. Both the secure processor and the e-pen can store private keys in their own secure memory and are aware of their respective other public keys. The signatures of the hand signature and / or the hand signature of the e-pen user are stored in the secure processor of the secure database along with the name and / or other identifying data of the e-pen user. The signature processing procedure is, for example, a secret protection socket layer (Secu
Start with a security handshake between the secure processor and the e-pen via a secure connection, such as the re Socket Layer) protocol.

After proper authentication of the public key pair based e-pen and the secure processor, the e-pen collects the user's hand-signed data and encrypts the data for further processing and certification. To the processor that is protected by the secret. For more information on security handshake protocols and encrypted data transmission, see the literature (Chapter 9, “Se
curity Handshaking Pitfalls ”, p. 223,“ Network
Security: Private Communication in a Public Worl
d ”, C. Kaufman, R. Perlman, M. Speciner, PTR Pre
ntice Hall, Englewood Criffs, New Jersey, 1
995) and literature (Chapter 10, “Using Algorithms”, “Appli
ed Cryptography ”, Second Edition, Bruce Schneier, John Wi
ley & Sons, 1996). Protocol 2: Identical to Protocol 1, but different in that the hand-signature and / or hand-signature characterization is stored in the e-pen and the hand-signature processing and proofing is done within the e-pen. ing. This is the "high complexity e-pen" protocol. The e-pen can be used as a token for authentication of the e-pen user for various applications. There is no secret processor and no independent secret memory. Protocol 3: There is a security authentication process between the secure processor and the secure memory, which may be a user authentication card, for example. User identity information, including name, private key, hand signed data or features is stored on the user authentication card. In this case, the e-pen can be used simply as a pointing device. Hand signatures are captured, processed and certified by a secure processor. Protocol 4: Identical to Protocol 3, except that the hand-signed and / or feature measurements are stored in encrypted form or in a secure processor secured by a secured memory. There is.

A method of digitally signing a document in one embodiment is shown in FIG. 6, which includes 1) preparing the document and sending it to a processor, 2) digesting or representative features from the document. Extract, 3) generate encryption / decryption key based on digest / feature, 4) sign document with user's hand signature, capture hand signature, encrypt this with key, 5) verify 6) Generate an ID, 6) Generate a signature by hand, a time stamp, and an optical watermark in which the critical information of the document is embedded. 7) Document, hand signature data, collation ID, optical watermark. It includes the steps of constructing a signed document package.

The document digital signature system of the present invention is shown in FIG.
3 is shown. The system has a service program that resides on a computer that communicates with external parties. It represents a user and communicates with the server. in this case,
The service program can communicate online with the server,
A client software program that can be controlled by a server. The server coordinates all document processing, management, exchange, and authorization among all other clients. The service program also processes and sends the signed document to another client. When a client receives a signed document from a client, and when they arrive, by emailing a certification request from any person. Act as a client.

Either the client-server architecture or the distributed architecture allows the service program to play a general role in providing the necessary infrastructure for document processing, management, transfer, security and authentication services. . This includes, but is not limited to, individual user and their e-pen registration, document signers, secure delivery of documents between users, maintenance of user and e-pen databases, and the like.

The e-pen is a secure hardware device. It can be used by the owner, or any person authorized by the owner. In the case of hardware, this is identified by the ID number and the encryption key. Preferably, the encryption key is a private key and / or
Or digital proof. Information about the owner's identity is also preferably provided, in which case
The encryption key is the owner's private key. The e-pen may be used in the manner of smart cards.

The encryption / decryption key may be embedded in the e-pen by the manufacturer or a trusted third party. In such devices, the encryption / decryption key pair acts as an e-pen identity. The encryption key may be kept securely and secretly within the e-pen and the decryption key may be publicly open.

Alternatively, the encryption / decryption key may be generated from the digest of the document. There are several ways to generate an encryption / decryption key pair based on the digest of a document, a pen / private memory / server identity or public / private key pair, and a user's public / private key pair. To do. For example, a group of public / private key pairs may be pre-generated and stored in an e-pen or private memory or server. When signing a document, the hash value of the document or its digest is e
-Pen / Secure memory / Server (if desired)
And may be used to generate an index number. The e-pen / secret memory / server can select a public / private key pair from a group of pre-generated key pairs in the secret memory using the index number to make the selection. Hand-signed data and other support information can be hashed and encrypted using a selected private key. The e-pen / secured memory / server returns the encrypted hash value of the manually signed data to the service program. The public keys of the pre-generated key pair are released and they are indexed in the same way as they are indexed in the e-pen / private memory / server, so the correct public key to decrypt the verification ID. The key can be easily found using the document digest, which is easily calculated from the document content.

The user may further encrypt the encrypted hash value of the manually signed data using the private key. This encryption step can provide support rationale to confirm the user's identity.

User authentication is via manual signature proof and other means such as pin numbers if necessary. The e-pen includes one or more sensors, a processor, and associated peripherals to capture the handwritten signature and convert it to digital data. The critical features are then extracted from the data, encrypted and stored for verification at the time of user registration.

The e-pen does not have to be owned by the user and can be used by the person signing the document. One example is to sign the payment of fees at the seller's premises. In this case, the e-pen may be a pointing device or a secret device for collecting signature data.

Ensure that the programs stored in the e-pen's privately protected memory are anti-counterfeit,
It may be manufactured and tested by a reputable manufacturer to prevent it from being attacked during operating time for programs running in the processor of the e-pen. The e-pen may include hardware devices including smart sensors, internal clocks, secure memory, secure processors.

When the document signing process is initiated, the service program in the computer communicates with the e-pen or a secure processor to authenticate each other through a series of challenge and response processes. For more information about security handshake protocols and encrypted data transmission, see the literature (Chapter 9, “Security Handsha
king Pitfalls ”, page 223,“ Network Security-priv
ate communicationin a public world ”, C. Kaufma
n, R. Perlman, M. Speciner, PTR PrenticeHall, 19
1995).

After proper authentication of the e-pen / secured processor and the service program, the service program sends the document digest to the e-pen / secured processor. The e-pen / private processor will capture and process the hand signature if necessary.
The verification ID is generated in such an example by assembling a signature digest by hand or a critical feature, a time stamp, and encrypting them using the private key of the e-pen. The verification ID is publicly available e
-Can be easily proved by the public key of the pen.

Alternatively, the encryption key can be obtained from the digest of the document in the e-pen / private memory / server during the signing process. The verification ID is generated by assembling a signature digest or critical features, a timestamp, in such an example, and encrypting them using the obtained encryption key.
What is the collation ID? It can be proved by a decryption key obtained with a publicly valid e-pen / private memory / server.

The service program may communicate with a trusted device such as a secure memory and / or server to generate an optical watermark. The content embedded in the optical watermark may include the content of the document and the critical information of the manual signature. When a manual signature appears on a document, the optical watermark acts as a safeguard against forgery by proving the integrity of the embedded information with the signature appearing on the document.

The user can use any tool and any method to prepare the document. The document must be in electronic form before it can be sent to the service program. The manner in which the document is transferred from the user to the signing device or program may vary. However, it is preferred that a secure document transfer channel be used. This may be the Secure Socket Layer protocol, for example. Authentication of the sender's identity and signing device is through the use of a series of confidential challenge and response processing procedures.

The signature capture and processing module may reside in a secure processor, computer, or e-pen. The technical features of capture and processing are Reje
anPlamondon, World Scientific, Singapore, 1994
“Progress in Automatic Signatur” edited by year
e Verification ”. The position, velocity, pressure of the hand signature is captured, pre-processed for the feature vector and sent for verification.

The signature data may be obtained from a manual signature capture device. The device encrypts the hash value of the digitized signature when captured. The key used to encrypt the signature data is preset by the manufacturer or user or provided by the key generator and / or program. The signature data may include information other than the information regarding the manual signature. For example, it may include other biometric data of the user, time stamps, pressure applied to or by the pen during the signature process.

One form of user signature data includes secret protected memory, e-pen, or user pre-registered signature data stored in a server.
The certification program can obtain the user's public key from a trusted third party (such as a certification authority) and use the user's public key to decrypt the hand-signed data. The decrypted manual signature data can be used as a reference to prove the authenticity of the signature data appearing in the document. User hand-signatures change over time, and reference hand-signatures need to be updated periodically.

The document digest may be generated in one or more of several ways. One is to generate a hash from a document file. Another method involves extracting the important content of the document. For example, a check digest could be the payee's name, check amount, currency, signature date,
It may include any given delivery method. For example, the "or bearer" can be erased, the check can also be delineated, and marked only for billing of the payee. The digest may be represented in plain text form or other encoded form.

Representative features may include important graphic features of the document image. For example, a representative feature of a facial image of a photograph may be the eigenvalue of the photograph, and a representative feature of a text document may be given as the layout and shape of its components.

An optical watermark may be added to the document to provide authentication of the document and to protect it from copying and / or forgery. The contents embedded in the optical watermark are the critical information of the document contents, the signature image by hand, the verification ID
One or more of the above may be included.

A device or program for printing documents may include the ability to print signatures and optical watermarks on documents in a controlled manner. The print control scheme may be applied to control multiple authorized copies of a document. The document printing device is preferably, but not necessarily, a trusted device. This is the international patent application specification (the title of the invention "Remote Printing of Secure and / or Aut
henticated Documents ”).

The security management device or program may include a database storing the following: 1) the user's confidential information, 2) the ability to encrypt and decrypt input data using a given or pre-registered key, and 3) the identity of other devices through a series of challenge and response processes. The ability to authenticate.

The encryption and decryption system preferably uses a public key infrastructure that provides the security and privacy of the signing process.

To certify a hand-signed digital document, 1) receive the document in electronic form, 2) extract digests or representative features from the document, and 3) extract hand-signature data from the document. 4) Extract the digest data and any other embedded and hidden information from the optical watermark, 5) Generate a decryption key, 6) Decrypt the hash value of the signature data by hand from the verification ID, 7) The content of the document is proved by comparing the extracted document digest and the hand signature with the optical watermark digest data and the hand signature, and 8) the hash value of the hand signature data extracted from the verification ID and the document The confidentiality of the hand signed data given to the document by comparing it with the hash value of the given hand signed data. Proved, 9) may comprise prove originality and certainty of signed by hand by decrypting the signature data.

The certification service is not a trusted service. After receiving the document, the content of the optical watermark may be extracted by using an optical decoder or a computer-assisted decoding program. This may be done manually or automatically. The certification service then generates the document digest and its hash and decrypts the document's collation ID.

If the verification ID is encrypted during the signing process using an e-pen or a private processor or the user's private key, the decryption key is publicly available. The decryption key may also be generated according to the digest / feature. The hash value of the document digest is used in the signing process to form the session index number of the encryption / decryption key pair. The decryption key may be obtained from a table of pre-registered key pairs by reference to the session index number.

The originality of the document content may be verified by a verification process by comparing the decrypted document digest with the digest data generated from the received document.

The certainty of the signature depends on the decrypted signature data,
It may be verified by comparing with the signature data that appears in the received document.

The certification program can check the authenticity of the time stamp and other support information embedded in the encrypted manual signature data.

The method of certifying a signature when applied to a printed or hardcopy document is: 1) receiving the document in printed form, and 2) using a "key" to sign from an optical watermark. data,
3) Extract the time stamp, digest data, and 3) compare the extracted document digest, time stamp, and hand signature with the digest data and hand signature attached to the document with an optical watermark to verify the document content and signature. It may include proving originality.

The receiver receives the document in printed form. A digital imaging device may be provided to convert a hard copy of the document into electronic form.

The document digest and signature data may be extracted manually or automatically from the optical watermark. For example, an optical decoder is used to allow the receiver to read the content of the glossy watermark and manually enter it into the processor.

The confidentiality of the hand-signature data provided to the document may be verified by comparing the hand-signature data decrypted from the optical watermark with the hand-signature that appears in the document.

The receiver may authenticate the originality of the received document by proving the document digest embedded in the optical watermark.

An alternative method of certifying a given signature on a printed hardcopy document is to 1) receive the document in printed form, 2) digitize the printed document into electronic form, and 3) digest. Or extracting representative features from a digitized document, 4) extracting signature data from a digitized document, 5) extracting digest data from an optical watermark, 6) generating a decryption key, 7) Decoding the hash value of the signature data by hand from the collation ID, 8) certifying the originality of the document content by comparing the extracted document digest and the signature by hand with the digest data of the optical watermark and the signature by hand, 9 ) Hash value of hand signature data extracted from the verification ID and hash value of hand signature data attached to the document The by comparing, demonstrated the confidentiality of the signature data applied to the document, 10) may comprise prove originality and certainty of signed by hand by decrypting the signature data.

This scheme is very similar to the electronic document certification protocol except for a few differences. The first of these
That is, a digital imaging device may be used to convert a hardcopy document into electronic form.
Second, the attestation process extracts digests or representative characteristics from the digitized document in a relatively error-free manner during the printout and scan-in processes. This can be done manually or automatically. For example, if the document digest is significant textual content in plain text form, it can be generated by manual input or by a proof process by computer-aided recognition algorithms such as optical character recognition. Further, when the document digest is a representative feature of a document, that feature can be selected to represent the document and the feature of the document is unchanged or error-free during the printing and scanning process.

A secure user authentication device, such as a smart card, may be attached to the processor to allow offline verification. Also, other personal information may be given. These signatures can be integrated into the verification ID and, if desired, the certification program may extract them and compare them with the hand-written signatures appearing on the signed document.

The secure memory may also be a user authentication card if desired. It is usually difficult to perform complex operations within a user authentication card. Therefore, a secure processor is preferably used to communicate with the user authentication card. The user authentication card may include an internal clock, a secret memory, and an internal secret processor.

When the service program requests authentication of a document, it communicates with the secure processor, which authenticate each other through a series of challenges and responses. The document is sent to the secure processor. The secure processor then initiates a series of secure services to generate the document digest and session key pair. The session key pair is generated from the combination of the document digest and public key in the user authentication card.

The secret protected processor then, when encrypted with the previously set session key, e
Obtain the hand signed data and its hash from the pen. The secure service then decrypts the signature data, combines it in explicit form with a time stamp and a pre-registered signature, and uses it with a privately generated session key or the private key of the user or authentication card. Re-encrypt.

The encrypted signature may be used to form the verification ID. The trusted service can then generate an optical watermark embedded with the content including the document digest and the hand-signed.

The captured manual signature can be verified by the signature device. After proper manual signature verification, the manual signature can be attached to the document with a digital signature to complete the document signing process.

Proof methods such as dynamic programming and neural networks can be used to match the input vector to the stored template.

One feature of the present invention is that it acquires the private key of the owner of the e-pen and stores it in the e-pen or other secure storage device and stored in the e-pen. Capture and process manual signatures for feature measurement. The manual signature capture and processing method is preferably the same as in the certification phase.

Since hand-signatures change over time, stored templates should be regularly updated to prevent false rejection during correct normal operation.

As will be appreciated, the present invention relates to the signing and certification of authenticated documents being sent over the network. This reduces the physical transfer of certified paper documents that are expensive and slow. However, the authenticated document may also be transferred by traditional means.

By using the present invention, security of traditional methods and higher security than other e-pen methods such as pen-op and IBM can be obtained. By providing other information not otherwise available, such as pressure and time sequences, manual signatures have a higher user credibility than in the past.

The sensor is also used to protect the confidentiality of the hand-written signature given to the document, which is not possible with conventional methods, and to effectively prevent attacks on recording and playback. Such crimes are usually fatal in conventional e-pen systems. Thus, the present invention, preferably in combination with a smart card, provides a convenient method for offline certification.

This also applies to all scenarios where traditional paper-to-paper signatures are required, eg electronic checks. Banks have smart cards that are used by customers as an "electronic checkbook." The smart card stores a pre-registered session ID in the same way that a paper checkbook is used. The customer completes that content,
Sign it and send it to the recipient. After the signing process, the pre-registered check ID is destroyed. Another is an electronic credit card that stores the user's actual credit card number and combines it with two signatures.
It may also be used for signing contracts, distributing certificates, or sending mail with the signature of the sender.

While the foregoing description has described the preferred embodiments of the invention, it will be appreciated by those skilled in the art that numerous details of variations or modifications can be made without departing from the scope of the invention. .

The present invention extends to all features described both individually and in all possible variations and combinations.

[Brief description of drawings]

FIG. 1 is a schematic diagram of an exemplary document signature system according to the present invention.

FIG. 2 is a block diagram of one form of an e-pen used in accordance with the present invention.

FIG. 3 is a block diagram of one form of a secure processor used in accordance with the present invention.

FIG. 4 is a diagram showing an example of a collation ID.

FIG. 5 is a diagram showing an example of a signed document.

FIG. 6 is a flowchart of a signature process.

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) G09C 5/00 G09C 5/00 H04L 9/32 H04L 9/00 673D (72) Inventor Lei Zen Singapore , 119000 Normanton Park, number 23-177, BLC 3F term (reference) 5B017 AA03 BA07 BA09 CA16 5B057 AA11 BA02 CA12 CA16 CA19 CB12 CB16 CB19 CC01 5B072 BB00 CC24 DD01 5C076 AA14 AA15 BA06 5J13 A14 AA09 NA

Claims (47)

[Claims] 1. A signature method in which a person signs a document by using an electronic pen, wherein (a) a signature by a person is captured, (b) a verification ID is generated, and (c) a signature and a verification ID by hand. And a signature method including the step of attaching an optical watermark to the document to complete the document signing process. 2. An individual person's identity is a collation ID.
The method of claim 1, wherein the verification ID is generated prior to the generation of the signature and the verification ID is generated from one or more of a group consisting of a captured hand signature, a document digest, a time stamp, and a representative feature of the document. 3. The method of claim 1 or 2, wherein the captured hand signature is embedded in an optical watermark. 4. The method of claim 3, wherein one or more selected from the group consisting of a document digest and a time stamp is embedded in the optical watermark to form a link between the document and the manual signature. 5. The method of claim 2, wherein the document digest is critical information about the document. 6. The method according to claim 1, wherein the identity of the individual person is proved by the public key infrastructure after the challenge and response session of the security handshake between the server and the electronic pen. . 7. The electronic pen is selected from the group consisting of the electronic pen's identity number, the electronic pen's private key, its individual's private key, the measured signature of a human hand signature, and a removable learning module. The method of claim 6, wherein one or more are stored. 8. The method of claim 7, wherein there are multiple people who can use the electronic pen, and the electronic pen can store registration information for each such person. 9. The method according to claim 7 or 8, wherein the server and the e-pen store a private key respectively, and the measured characteristics of the hand-signed and / or hand-signed are stored in the server. 10. The method of claim 7, wherein there is a preliminary step of security handshake between the server and the electronic pen based on the public key pair. 11. A digital signature and / or measured features of a human signature are stored in an electronic pen, and manual signature processing and proofing is also performed by the electronic pen. The method according to item 1. 12. The method according to claim 7, wherein a security authentication process exists between the server and the electronic pen and between the server and the service program. 13. After properly completing a security handshake, the electronic pen collects the hand-signature data, encrypts the hand-signature data, and sends it to the server for further processing and certification. Method. 14. The method of claim 12 or 13 wherein the capturing and processing of the hand signature and / or the measured features of the human hand signature is performed in a secure processor.
The method described. 15. The method according to claim 13, wherein the processing result is transmitted to an electronic pen for certification. 16. The method according to claim 7, wherein the private key and the manual signature are stored in the electronic pen. 17. A method according to claim 14 or 15, wherein the hand signature and / or the measured characteristics of the human hand signature are stored in a secure processor. 18. A method according to claim 14 or 15, wherein the hand signature and / or the measured characteristics of the human hand signature are stored in a server. 19. A method according to any one of claims 7 to 18, wherein the hand signature and / or the measured features of the human hand signature are stored in encrypted form. 20. The method according to claim 7, wherein the signature of the hand signature and / or the measured characteristics of the signature of the human signature are stored in a secure memory. 21. The method of claim 20, wherein the secured memory is a person authentication card. 22. The method of claim 12, further comprising a document management module in the computer for displaying the document and including a manual signature in the document. 23. The electronic pen further includes at least one sticker image, and when the document is signed, a manual signature and at least one sticker image appear on the document. The method according to item 1. 24. The method of claim 23, wherein the at least one seal image is an optical watermark that is embedded and hidden information to protect against counterfeiting. 25. Claim 1 as applied to process approval.
25. The method according to any one of claims 24 to 24. 26. A method of generating a confirmed human signature on a document, comprising: (a) signing the document using an electronic pen; (b) creating a digest of the document; and (c) an electronic pen. A method of encrypting a manual signature in, (d) generating a verification ID, (e) including the verification ID in the document, and integrating the digest into the document. 27. The method of claim 26, wherein the verification ID is generated from one or more of a group consisting of a captured hand signature, a document digest, a time stamp, and a representative feature of the document. 28. The method according to claim 26 or 27, wherein the hand-signature is embedded in an optical watermark. 29. The document digest, the critical feature of the document content, and / or the time stamp are embedded in an optical watermark to form a link between the document and a hand-written signature. the method of. 30. The document generates a digest of the signed document, uses the document digest to generate a decryption key, which is used to decrypt the collation ID, and the collation I
30. Authenticated by comparing the hand-signature extracted from D with the hand-signature as it appears in the signed document and comparing the digest generated from the document with the digest from the verification ID. the method of. 31. Comparing a manual signature on a document with one embedded in an optical watermark, the critical features / contents and time stamps of the document embedded in the optical watermark are equivalent in the document. 31. The method of claim 30, including the additional step of comparing with. 32. The method according to claim 26, wherein the digest of the document is obtained from the representative features of the document. 33. The method of claim 31, wherein the embedded optical watermark is decrypted using a special key. 34. The method according to claim 26, wherein the document is a printed document and the manual signature and digest of the document are extracted from the printed document. 35. The method of claim 34, wherein document verification is evidenced by comparing a hand-signed on the document with a hand-signed embedded in an optical watermark. 36. The method of claim 35, wherein the critical features / content and time stamp of the document embedded in the optical watermark are compared to the equivalent in the document. 37. A method as claimed in any one of claims 26 to 36, in which the hand signature and the time stamp are encrypted using an encryption key generated from the digest of the document. 38. The method of claim 37, wherein the digest of the document is used to obtain an encryption key pair from a database of encryption key pairs. 39. The method of claim 37, wherein the document digest is used to generate and encrypt a key pair using a security feature. 40. The method according to claim 38 or 39, wherein the database and the security function are located in one of the group consisting of the electronic pen, the server and the security protected memory. 41. The method of any one of claims 1-40, wherein the manual signature includes signature images and features of the manual signature. 42. The method of claim 41, wherein the signature signature includes pressure and velocity. 43. A method according to any one of claims 1 to 42, wherein the pre-registered hand signature is stored for future use. 44. The pre-registered hand signature is stored in at least one selected from the group consisting of an electronic pen, a server, and a secret-protected memory.
3. The method described in 3. 45. The method of claim 43 or 44, wherein the pre-registered hand signature is updated periodically. 46. A method as claimed in any one of claims 1 to 45, wherein the manual signature is combined with other biometric information of the person. 47. A method according to any one of claims 1 to 46, wherein the encryption is performed by one or more selected from the group consisting of public key pairs and symmetric keys.