CA2453853C - Method and system for verifying data integrity - Google Patents

Method and system for verifying data integrity Download PDF

Info

Publication number
CA2453853C
CA2453853C CA2453853A CA2453853A CA2453853C CA 2453853 C CA2453853 C CA 2453853C CA 2453853 A CA2453853 A CA 2453853A CA 2453853 A CA2453853 A CA 2453853A CA 2453853 C CA2453853 C CA 2453853C
Authority
CA
Canada
Prior art keywords
output
secure
data
correspondents
data message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CA2453853A
Other languages
English (en)
French (fr)
Other versions
CA2453853A1 (en
Inventor
Scott A. Vanstone
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BlackBerry Ltd
Original Assignee
Certicom Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Certicom Corp filed Critical Certicom Corp
Publication of CA2453853A1 publication Critical patent/CA2453853A1/en
Application granted granted Critical
Publication of CA2453853C publication Critical patent/CA2453853C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/105Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/102Route integrity, e.g. using trusted paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Communication Control (AREA)
CA2453853A 2001-07-16 2002-07-16 Method and system for verifying data integrity Expired - Lifetime CA2453853C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09/905,113 US7216237B2 (en) 2001-07-16 2001-07-16 System and method for trusted communication
US09/905,113 2001-07-16
PCT/CA2002/001079 WO2003009619A1 (en) 2001-07-16 2002-07-16 Method and system for verifying data integrity

Publications (2)

Publication Number Publication Date
CA2453853A1 CA2453853A1 (en) 2003-01-30
CA2453853C true CA2453853C (en) 2016-02-02

Family

ID=25420307

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2453853A Expired - Lifetime CA2453853C (en) 2001-07-16 2002-07-16 Method and system for verifying data integrity

Country Status (5)

Country Link
US (2) US7216237B2 (enExample)
EP (2) EP2408170B1 (enExample)
JP (2) JP2005509334A (enExample)
CA (1) CA2453853C (enExample)
WO (1) WO2003009619A1 (enExample)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7216237B2 (en) * 2001-07-16 2007-05-08 Certicom Corp. System and method for trusted communication
US7269732B2 (en) 2003-06-05 2007-09-11 Sap Aktiengesellschaft Securing access to an application service based on a proximity token
CN100344195C (zh) * 2004-09-24 2007-10-17 华为技术有限公司 一种用于保护用户输入信息的移动终端及方法
CN1331017C (zh) * 2005-03-23 2007-08-08 联想(北京)有限公司 安全芯片
US20070100653A1 (en) * 2005-11-01 2007-05-03 Jorey Ramer Mobile website analyzer
ES2296518B1 (es) * 2006-05-11 2009-03-01 Inelcan, S.L. "dispositivo firmador externo para pc, con capacidad de comunicacion inalambrica".
ES2332675B1 (es) * 2006-08-09 2011-01-17 Juan Jose Pons Bordes Metodo y dispositivo de remision de informacion para la realizacion de transacciones electronicas seguras.
US8060447B2 (en) * 2007-08-08 2011-11-15 Imation Corp. Method of providing transactions employing advertising based verification
US8924309B2 (en) * 2007-08-08 2014-12-30 Imation Corp. Method of providing assured transactions by watermarked file display verification
AU2008314461A1 (en) * 2007-10-19 2009-04-23 Imation Corp. Method of providing assured transactions using secure transaction appliance and watermark verification
TW200929974A (en) * 2007-11-19 2009-07-01 Ibm System and method for performing electronic transactions
US20120198234A1 (en) * 2011-01-31 2012-08-02 Intuit Inc. Method and apparatus for ensuring the integrity of a downloaded data set
CN103546289B (zh) * 2013-09-29 2017-01-11 北京握奇智能科技有限公司 一种基于USBKey的安全传输数据的方法及系统
US20150229618A1 (en) * 2014-02-11 2015-08-13 Futurewei Technologies, Inc. System and Method for Securing Source Routing Using Public Key based Digital Signature
US9674194B1 (en) * 2014-03-12 2017-06-06 Amazon Technologies, Inc. Privilege distribution through signed permissions grants
US10389733B2 (en) * 2016-09-06 2019-08-20 Apple Inc. Data verification via independent processors of a device
RU2634179C1 (ru) * 2016-12-12 2017-10-24 Акционерное общество "Лаборатория Касперского" Способ и система для доверенного доведения информации до пользователя
EP4060540A1 (en) * 2021-03-17 2022-09-21 Sebastien Armleder Devices, systems, and methods for performing a digital signature

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5557518A (en) * 1994-04-28 1996-09-17 Citibank, N.A. Trusted agents for open electronic commerce
US5778071A (en) 1994-07-12 1998-07-07 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
SE506506C2 (sv) 1995-04-11 1997-12-22 Au System Elektronisk transaktionsterminal, telekommunikationssystem innefattande en elektronisk transaktionsterminal, smart kort som elektronisk transaktionsterminal samt metod för överföring av elektroniska krediter
US5778072A (en) * 1995-07-07 1998-07-07 Sun Microsystems, Inc. System and method to transparently integrate private key operations from a smart card with host-based encryption services
US5917913A (en) * 1996-12-04 1999-06-29 Wang; Ynjiun Paul Portable electronic authorization devices and methods therefor
US6085976A (en) * 1998-05-22 2000-07-11 Sehr; Richard P. Travel system and methods utilizing multi-application passenger cards
WO1999008415A2 (de) * 1997-08-06 1999-02-18 Infineon Technologies Ag Einrichtung zum sicheren erstellen von elektronischen unterschriften
ES2173652T5 (es) 1997-10-28 2010-10-13 First Data Mobile Holdings Limited Procedimiento para la firma digital de un mensaje.
DE19747603C2 (de) 1997-10-28 2001-07-05 Brokat Informationssysteme Gmb Verfahren zum digitalen Signieren einer Nachricht
US6092202A (en) * 1998-05-22 2000-07-18 N*Able Technologies, Inc. Method and system for secure transactions in a computer system
FI108813B (fi) 1999-03-08 2002-03-28 Sonera Smarttrust Oy Menetelmä ja järjestelmä tietoliikennejärjestelmässä
EP1055989A1 (en) * 1999-05-28 2000-11-29 Hewlett-Packard Company System for digitally signing a document
NO311000B1 (no) * 1999-06-10 2001-09-24 Ericsson Telefon Ab L M Sikkerhetslosning for mobile telefoner med WAP
JP2001067444A (ja) 1999-08-25 2001-03-16 Hitachi Ltd Icカード
DE29922971U1 (de) 1999-12-29 2000-03-23 Me Technology Europe GmbH, 04430 Dölzig Anordnung zur Validierung von Geschäftsvorfällen im e-Business
US6895502B1 (en) * 2000-06-08 2005-05-17 Curriculum Corporation Method and system for securely displaying and confirming request to perform operation on host computer
WO2002028005A2 (de) 2000-09-27 2002-04-04 Siemens Ag Österreich Verfahren und lesegerät zur erzeugung digitaler signaturen
US7216237B2 (en) * 2001-07-16 2007-05-08 Certicom Corp. System and method for trusted communication

Also Published As

Publication number Publication date
JP2010200381A (ja) 2010-09-09
WO2003009619A1 (en) 2003-01-30
EP1413157B1 (en) 2013-11-20
EP2408170A1 (en) 2012-01-18
EP1413157A1 (en) 2004-04-28
US8099769B2 (en) 2012-01-17
CA2453853A1 (en) 2003-01-30
EP2408170B1 (en) 2013-12-18
US20070214362A1 (en) 2007-09-13
US20030014632A1 (en) 2003-01-16
US7216237B2 (en) 2007-05-08
JP2005509334A (ja) 2005-04-07

Similar Documents

Publication Publication Date Title
US8099769B2 (en) System and method for trusted communication
JP5133248B2 (ja) クライアント/サーバー認証システムにおけるオフライン認証方法
TWI486045B (zh) 使用機密視覺信息以用於螢幕上認證的方法及系統
CA2241052C (en) Application level security system and method
US6092202A (en) Method and system for secure transactions in a computer system
US9083746B2 (en) Method of providing assured transactions using secure transaction appliance and watermark verification
US6138239A (en) Method and system for authenticating and utilizing secure resources in a computer system
US8321353B2 (en) Method of providing transactions employing advertising based verification
US20020165830A1 (en) Process and device for electronic payment
US20100180120A1 (en) Information protection device
WO2000031644A1 (en) High assurance digital signatures
US20110202772A1 (en) Networked computer identity encryption and verification
US20040049679A1 (en) Authenticating method and device
JP5135331B2 (ja) 無線通信能力を有するpc用外部署名装置
Ortiz-Yepes Enhancing Authentication in eBanking with NFC-enabled mobile phones
AU760021B2 (en) High assurance digital signatures
HK1245530A1 (zh) 生成及应用图形编码的方法和装置
Chakrawarti et al. Result Evaluation for Multilevel Email Security using Image Authentication, Compression, OTP & Cryptography (IA-COTPC)
IL185795A (en) Device encryption and authentication method against malicious access to local computer

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20220718

MKEX Expiry

Effective date: 20220718

MKEX Expiry

Effective date: 20220718