EP0972374A1 - Verfahren und vorrichtung zur effizienten authentifizierung und prüfung der integrität unter verwendung von hierarchischem hashing - Google Patents
Verfahren und vorrichtung zur effizienten authentifizierung und prüfung der integrität unter verwendung von hierarchischem hashingInfo
- Publication number
- EP0972374A1 EP0972374A1 EP99905733A EP99905733A EP0972374A1 EP 0972374 A1 EP0972374 A1 EP 0972374A1 EP 99905733 A EP99905733 A EP 99905733A EP 99905733 A EP99905733 A EP 99905733A EP 0972374 A1 EP0972374 A1 EP 0972374A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- hash
- data
- packets
- block
- hash block
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- This invention generally relates to data corruption detection and, more particularly, to a method and apparatus for efficient authentication and integrity checking in data processing using hierarchical hashing.
- Video conferencing is another example of an application that demands the secure transmission of information (video/voice/data).
- Open networks such as the Internet provide simple and effective means for digital communication. However, such communication can be unintentionally corrupted by network transmission errors or altered by malicious acts.
- Several conventional techniques guard against these communication problems. These techniques require applying checksums or digital signatures to data before transmission and verifying the checksum or digital signature upon receipt.
- Checksums values derived from the data, are typically easy to compute. After computing the checksum, a transmitting machine sends the checksum with the data itself. A receiving machine then recalculates the checksum from the received data and compares the calculated checksum with the received checksum. However, a hacker with the ability to modify data likely also has the ability to replace the original checksum with a recalculated checksum that corresponds to the modified data.
- Digital signatures protect against malicious acts intended to corrupt data but are more expensive than checksums to compute.
- the protection provided by digital signatures becomes increasingly important in networked environments where data must pass through unguarded points.
- Digital signatures are often used in a bulk signature format in which a digital signature is applied to a complete data set.
- the bulk signature format has several drawbacks.
- the packet-level signature method assigns a digital signature to each individual packet. Although allowing the verification to begin as the individual packets are received making it easy to identify individual corrupted packets, this method requires additional computation and repeated checking of the digital signatures, which is quite time-consuming.
- a conventional hierarchical hashing technique for neighboring databases on a local area network (LAN) allows a database management system to check if the databases are identical by hashing pieces of the database. The hashes are then hashed, and the final value is broadcast periodically to confirm that all neighbors on the LAN have identical databases. If they do not, the next hash level is compared until the area of the database that differs is located, at which time it can be updated accordingly.
- Creating a hierarchy of hash values that start with packet hashes of an arbitrary data set and culminate in a single signed block allows a single digital signature to protect the data set from both data corruption and malicious acts that cause errors in data processing. Receiving this hierarchy of hashes before the data also allows the data packets to be quickly verified as they are received.
- the hierarchical structure used in the method cryptographically protects individual portions of the data and makes it easier to recognize corruption. Systems consistent with the present invention verify portions of the data even if other portions of the data are corrupt or have not yet been received.
- a computer-implemented data processing method comprises the steps of dividing a data set into packets, hashing the data within each of the packets to produce a hash block including hash values and applying a signature to the hash block.
- a computer-implemented data processing method comprises the steps of receiving a packet including data, a hash block and a digital signature, verifying the digital signature, hashing the data to produce hash values and comparing the hash values to values in the hash block.
- FIG. 1 is a schematic block diagram illustrating a computer architecture suitable for use with the present invention
- FIG.2 is a flowchart of the steps used to digitally sign the hash block in accordance with an implementation of the present invention
- FIG. 3 is a flowchart of the steps used to verify the data in accordance with an implementation of the present invention.
- FIG. 4 is a diagram of an example of the hashing of a sample data set and signing of a hash block
- FIG. 5 is a diagram of a sample hierarchical structure of hash blocks and data based on the data set in Fig. 4.
- Systems consistent with the present invention generally perform two data processing functions: (1) signing data and (2) verifying data.
- Such systems generally sign data by creating a hierarchical structure of hash blocks, sequences of hash values, which correspond to the given data. To accomplish this, a data set is divided into packets. A one-way, collision-proof hash function is applied to each packet which will result in a sequence of hash values. These hash values are grouped into packets, referred to as hash blocks. Higher level hash blocks are created by hashing the hash blocks. This process continues until a single hash block small enough to fit in a packet is achieved. The top level hash block, the smallest one, is signed with a digital signature. The hash blocks and data are then transmitted to an intended destination such as a network node.
- Systems consistent with the present invention generally verify the data set by checking the digital signature on the top level hash block. Once the top level hash block is verified, the next lower level hash block can be verified by comparing the hash of the packets of that hash block against the hashes stored in the top level block. All lower level hash blocks are checked against the next higher level hash blocks in the same manner. Finally, the data is checked against the hash block containing the hashes of the data set. Any given data packet can be checked once all hash blocks above it are received.
- FIG. 1 is a block diagram that illustrates a computer system 100 upon which an embodiment of the invention may be implemented.
- Computer system 100 includes a bus 102 or other communication mechanism for communicating information, and a processor 104 coupled with bus 102 for processing information.
- Computer system 100 also includes a main memory 106, such as a random access memory (RAM) or other dynamic storage device, coupled to bus 101 for storing information and instructions to be executed by processor 104.
- Main memory 106 also may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by processor 104.
- Computer system 100 further includes a read only memory (ROM) 108 or other static storage device coupled to bus 102 for storing static information and instructions for processor 104.
- ROM read only memory
- a storage device 110 such as a magnetic disk or optical disk, is provided and coupled to bus 102 for storing information and instructions.
- Computer system 100 may be coupled via bus 102 to a display 112, such as a cathode ray tube (CRT), for displaying information to a computer user.
- a display 112 such as a cathode ray tube (CRT)
- An input device 1 f4 is coupled to bus 102 for communicating information and command selections to processor 104.
- cursor control 116 is Another type of user input device
- cursor control 116 such as a mouse, a trackball or cursor direction keys for communicating direction information and command selections to processor 104 and for controlling cursor movement on display 112.
- This input device typically has two degrees of freedom in two axes, a first axis (e.g., x) and a second axis (e.g., y), that allows the device to specify positions in a plane.
- the invention is related to the use of computer system 100 for signing data and verifying data.
- signed or verified data is provided by computer system 100 in response to processor 104 executing one or more sequences of one or more instructions contained in main memory 106.
- Such instructions may be read into main memory 106 from another computer-readable medium, such as storage device 110.
- Execution of the sequences of instructions contained in main memory 106 causes processor 104 to perform the process steps described herein.
- hard- wired circuitry may be used in place of or in combination with software instructions to implement the invention.
- embodiments of the invention are not limited to any specific combination of hardware circuitry and software.
- Nonvolatile media includes, for example, optical or magnetic disks, such as storage device 110.
- Volatile media includes dynamic memory, such as main memory 106.
- Transmission media includes coaxial cables, copper wire and fiber optics, including the wires that comprise bus 102. Transmission media can also take the form of acoustic or light waves, such as those generated during radio-wave and infra-red data communications.
- Computer-readable media include, for example, a floppy disk, a flexible disk, hard disk, magnetic tape, or any other magnetic medium, a CD-ROM, any other optical medium, punchcards, papertape, any other physical medium with patterns of holes, a RAM, PROM, and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave as described hereinafter, or any other medium from which a computer can read.
- Various forms of computer readable media may be involved in carrying one or more sequences of one or more instructions to processor 104 for execution.
- the instructions may initially be carried on magnetic disk of a remote computer.
- the remote computer can load the instructions into its dynamic memory and send the instructions over a telephone line using a modem.
- a modem local to computer system 100 can receive the data on the telephone line and use an infra-red transmitter to convert the data to an infra-red signal.
- An infra-red detector coupled to bus 102 can receive the data carried in the infra-red signal and place the data on bus 102.
- Bus 102 carries the data to main memory 106, from which processor 104 retrieves and executes the instructions.
- the instructions received by main memory 106 may optionally be stored on storage device 110 either before or after execution by processor 104.
- Computer system 100 also includes a communication interface 118 coupled to bus 102.
- Communication interface 118 provides a two-way data communication coupling to a network link 120 that is connected to local network 122.
- communication interface 118 may be an integrated services digital network (ISDN) card or a modem to provide a data communication connection to a corresponding type of telephone line.
- ISDN integrated services digital network
- communication interface 118 may be a local area network (LAN) card provide a data communication connection to a compatible LAN.
- LAN local area network
- Wireless links may also be implemented.
- communication interface 118 sends and receives electrical, electromagnetic or optical signals that carry digital data streams representing various types of information.
- Network link 120 typically provides data communication through one or more networks to other data devices.
- network link 120 may provide a connection through local network 122 to a host computer 124 or to data equipment operated by an Internet Service Provider (ISP) 126.
- ISP 126 in turn provides data communication services through the world wide packet data communication network now commonly referred to as the "Internet" 128.
- Local network 122 and Internet 128 both use electric, electromagnetic or optical signals that carry digital data streams.
- the signals through the various networks and the signals on network link 120 and through communication interface 118, which carry the digital data to and from computer system 100, are exemplary forms of carrier waves transporting the information.
- Computer system 100 can send messages and receive data, including program code, through the network(s), network link 120 and communication interface 118.
- a server 130 might transmit a requested code for an application program through Internet 128, ISP 126, local network 122 and communication interface 118.
- one such downloaded application provides the data processing operations described herein. For example, data to be stored on computer-readable medium or transmitted to a remote device may be signed in accordance with the principles of the present invention. Additionally, data retrieved from a computer-readable medium or received from a remote device may be verified in accordance with the principles of the present invention.
- the received code may be executed by processor 104 as it is received, and/or stored in storage device 110, or other non- volatile storage for later execution. In this manner, computer system 100 may obtain application code in the form of a carrier wave.
- Systems consistent with the present invention utilize a one-way, collision-proof hash function to transform data of arbitrary length into a fixed length hash value.
- One-way hash functions also have other characteristics. For example, it is relatively simple to apply the 8 function to a given data set or message to compute the hash value for that set. However, given a hash value it is difficult to determine a data set that would produce the same hash value if the hash function was applied to that data set.
- collision-resistance means it is unlikely for two random messages to have the same hash value for the same function.
- collision-resistant hash functions are described in detail in C. Kaufman, R. Perlman, M. Specine, "Network Security: Private Communication in a Public World,” Prentice Hall, 1995.
- Fig. 2 is a flowchart of the steps used in the signing procedure of hierarchical hashing.
- Systems consistent with the present invention generally begin the hashing process by dividing the data set into small packets (step 210).
- the packet boundaries are generally arbitrary but, for more efficient use, should correspond to likely boundaries between good and corrupt data.
- Network datagram boundaries or disk sectors are examples of suitable boundaries.
- a collision-proof, one-way hash function is applied to each packet (step 220).
- Each application of the hash function will produce a single hash value.
- the application of the hash function to each of the data packets will produce a sequence of hash values. This sequence is called a hash block (step 230).
- the hash block created by the application of the hash function to the data packets is too large to fit in a single packet along with the digital signature (step 240), the hash block must be further broken down.
- the hash block itself is divided into packets (steps 245).
- the hash function is applied to each packet. Once again, the application of the hash function to the packets will produce a sequence of hash values. This new hash block will be smaller than the previous hash block and will be referred to as the next higher level hash block. If the next higher level hash block is too large to fit into a single packet with the digital signature, a new smaller hash block of a higher level is created by repeating steps 220-245.
- Fig. 5 is the smallest hash block.
- the hash block from which the top level hash block was created is referred to as the next level down hash block 501, with the complete structure of hash blocks forming a hierarchy of hash blocks 510. If, however, the hash block originally created by the hashing of the data packets (step 230) is small enough to fit in a single packet with the digital signature, there is no need to go through the steps of breaking down the hash block and creating another higher level hash block and the top level hash block remains the only hash block.
- Systems consistent with the present invention apply a digital signature to the top level hash block packet (step 250). No signature need be applied to any of the other hash blocks or data packets. The single digital signature applied to the top level packet is sufficient to verify all of the data. If extraordinary redundancy is desired, lower level hash blocks may be signed. These signatures would only be used if the top level hash block was corrupted and could not be recovered.
- the packets are transmitted in order beginning with the top level hash block packet (step 260), followed by each of the larger hash blocks (steps 270, 275, 280), and finally the data (step 280).
- the hash block packets and the data packets may be intermingled and need not be sent with all hash blocks first, but the top level packet should be sent first and lower level hashes be sent before the data they represent because their contents will need to be checked first, as explained below.
- the top level hash block packet with the single digital signature, the hierarchy of lower level hash blocks, and the data are sent to a receiver. This is all the information needed to protect the data.
- Fig. 3 is a flowchart of the steps used in the data receiving and verification procedure for systems consistent with the present invention.
- the digital signature on the top level packet must be verified first (step 320). If the signature fails this verification step or it is determined that the packet was corrupted during transmission, the top level packet must be repaired or recovered before checking the other packets (steps 330, 335). If lower level hash blocks were signed for extraordinary redundancy, their signatures may be checked in this case to allow verification to proceed. 10
- step 340 by computing the hash of the packet and comparing it with the hash value stored in the hash block (step 350). If this check fails, the data packet is corrupt and should be repaired or recovered (step 350). Of course the verification process must use the same hash function used to sign the data.
- the packets of these hash blocks are then received and verified (step 370).
- the hash function is applied to each packet to derive its hash value.
- the hash value derived from the received hash block packet is compared with the one stored in the received top level hash block. If the comparison fails, the packet is corrupt and must be repaired or replaced before any packets that depend on this hash block can be verified (step 370).
- the hashes of the packets of each lower level hash block are compared with the values stored in the hash block in the level above. If this verification step fails, the packet is corrupt and must be repaired or recovered before any packets that depend on this packet can be verified. However, other packets in the hash block can be verified. Examples
- FIG. 4 is a block diagram of example of the hashing of a sample set of data and signing of a hash block.
- Figure 5 is a diagram of a sample hierarchical structure of hash blocks and data based on the data in Fig. 4.
- the packet size and amount of data in this sample is completely arbitrary.
- additional levels of hash blocks may be utilized depending on the size of the data and the selected hash function.
- the data values are divided into data packets 402a-f.
- the present example shows 18 data values, A, though A 18 , divided into six packets with three data values in each packet.
- a one-way, collision-proof hash function 403 is applied to the data packets 403.
- the hashing of each data packet results in a single hash value. For instance, the hashing of the data packet A Arlington A 2 , A 3 in this case yields value B,. 11
- the hash values derived from the data packets, B, through B 6 form a hash block (404).
- the sequence of hash values in the hash block will not fit in a single packet with a digital signature so they are divided into two packets 404a and b of three hash values: B,, B 2 , and B 3 form one packet 404a and B 4 , B 5 , and B 6 form the second packet 404b.
- a one-way, collision-proof hash function 405 is then applied to the hash block packets
- Each hash block packet will form another hash value.
- the packet B For example, the packet B dislike B 2 , B 3 will create the hash value C,.
- These hash values, C, and C 2 form another hash block 406. This one, however, is small enough that it does not need to be broken down any further.
- the last hash block C is signed with a digital signature 407 and results in the top level hash block with a digital signature 408.
- the signing procedure (Fig. 2) is applied to data sequence 401 to generate top level hash block 408 and the next level hash block 404.
- Data verification begins with checking the digital signature on the top level hash block 502. If the top level hash block 502 passes this check, the next level hash block 501 is verified.
- a hash function (not shown) is applied to each packet and compared with the corresponding hash value in the hash block in the level above it. For example, the packets 501a and b of the hash block ⁇ Ol , B, through B 6 , are checked with the values stored in the other hash block 502, C j and C 2 . In the sample in Fig. 5, the hash of the packet Berne B 2 , B 3 would be compared with the value C,.
- the packet B,, B 2 , B 3 is corrupt and must be repaired or replaced before any packets that depend on it can be verified, in this case, data values A, through A,, 500a-c.
- the other hash block packet can be verified and remains unaffected by the corruption of the previous hash block packet. For instance, in Fig. 5, even if the first packet 501 a in the hash block, B , , B 2 , B 3 , was damaged, the second packet 501 b in the same hash block, B 4 , B 5 , B 6 , could still be checked by comparison of the hash of the packet 501b with the value C 2 .
- the data packets are checked in the same manner.
- the data packet A 10 , A, , , A, 2 would be checked by comparing the hash of the data packet 500d with the value B 4 . If this check fails, the data packet A, 0 , A,,, A 12 , is corrupt. However, the other data packets can still be verified.
- the data receiving 12 and verification procedure (Fig. 3) is applied to the top level hash block 502 to verify data set 500.
- data packets may be verified even if the data is sent, received or retrieved out of order.
- Systems consistent with the present invention need not wait for all of the packets to be delivered to verify a data packet. Any packet can be verified as long as the hash block for that packet has been received and verified. This effectively reduces the delay time to the amount of time required to compute the hash and compare it to the value stored in its corresponding hash block. This delay time is much less than bulk signature's delay time in which all packets must be received before any can be verified.
- the computational overhead is less than packet-level signature.
- Hierarchical hashing consistent with the present invention protects against malicious modification of data, while checksums do not. It also allows a single digital signature to apply to an arbitrary amount of data, which packet-level signature does not.
- the structure permits verification of data as it is received, thus eliminating the delay time of waiting for all of the data to be received as in bulk signature methods.
- the data can be verified as it is received, systems consistent with the present invention do not have the high computational overhead associated with individual packet signing. Additionally, the data need not be received or sent in any particular order for verification to begin.
- the hierarchical structure allows for recognition of corrupt individual packets or sections of data.
- the other packets that are not corrupt can be used and are unaffected by the corrupt packets. Additionally, other packets that are unverified can be verified even though some packets may be corrupt. Corrupt packets can be repaired or recovered while other packets are being checked. Total replacement of the data is not needed as in bulk signature methods, thus creating greater efficiency and reducing time expended. 13
- systems consistent with the present invention thus allow a single digital signature to protect an arbitrary amount of data, while cryptographically protecting individual portions of the data.
- a hierarchy of hash values representing the data is built, and the top level of hashes are signed and sent. After receipt, the digital signature on the hash values is checked. The data, upon receipt, is checked against the hash values that corresponded to the data.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US1853198A | 1998-02-04 | 1998-02-04 | |
US18531 | 1998-02-04 | ||
PCT/US1999/002417 WO1999040702A1 (en) | 1998-02-04 | 1999-02-04 | Method and apparatus for efficient authentication and integrity checking using hierarchical hashing |
Publications (1)
Publication Number | Publication Date |
---|---|
EP0972374A1 true EP0972374A1 (de) | 2000-01-19 |
Family
ID=21788409
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP99905733A Withdrawn EP0972374A1 (de) | 1998-02-04 | 1999-02-04 | Verfahren und vorrichtung zur effizienten authentifizierung und prüfung der integrität unter verwendung von hierarchischem hashing |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP0972374A1 (de) |
JP (1) | JP2001519930A (de) |
AU (1) | AU2583099A (de) |
WO (1) | WO1999040702A1 (de) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11254153B2 (en) | 2019-02-06 | 2022-02-22 | Hewlett-Packard Development Company, L.P. | Modifying control data packets that include random bits |
US11364719B2 (en) | 2019-02-06 | 2022-06-21 | Hewlett-Packard Development Company, L.P. | Print component with memory array using intermittent clock signal |
US11400704B2 (en) | 2019-02-06 | 2022-08-02 | Hewlett-Packard Development Company, L.P. | Emulating parameters of a fluid ejection die |
US11407218B2 (en) | 2019-02-06 | 2022-08-09 | Hewlett-Packard Development Company, L.P. | Identifying random bits in control data packets |
US11485134B2 (en) | 2019-02-06 | 2022-11-01 | Hewlett-Packard Development Company, L.P. | Data packets comprising random numbers for controlling fluid dispensing devices |
US11559985B2 (en) | 2019-02-06 | 2023-01-24 | Hewlett-Packard Development Company, L.P. | Integrated circuit with address drivers for fluidic die |
US11912025B2 (en) | 2019-02-06 | 2024-02-27 | Hewlett-Packard Development Company, L.P. | Issue determinations responsive to measurements |
Families Citing this family (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000050573A1 (fr) | 1999-02-22 | 2000-08-31 | Transgene S.A. | Procede d'obtention d'une preparation virale purifiee |
US6715076B1 (en) * | 1999-10-21 | 2004-03-30 | Koninklijke Philips Electronics N.V. | Video signal authentication system |
EP1195734B1 (de) | 2000-01-21 | 2008-02-27 | Sony Corporation | Daten-identifizierungs-system |
US6986048B1 (en) * | 2000-01-24 | 2006-01-10 | Koninklijke Philips Electronics N.V. | Protecting content from illicit reproduction by proof of existence of a complete data set using security identifiers |
JP4137370B2 (ja) * | 2000-12-19 | 2008-08-20 | 株式会社リコー | セキュア電子メディア管理方法 |
GB0229894D0 (en) | 2002-12-21 | 2003-01-29 | Ibm | Methods, apparatus and computer programs for generating and/or using conditional electronic signatures and/or for reporting status changes |
JP4460251B2 (ja) * | 2003-09-19 | 2010-05-12 | 株式会社エヌ・ティ・ティ・ドコモ | 構造化文書署名装置、構造化文書適応化装置及び構造化文書検証装置。 |
CN101086880B (zh) * | 2004-04-02 | 2010-06-02 | 松下电器产业株式会社 | 未授权内容检测系统 |
JP2005354217A (ja) | 2004-06-08 | 2005-12-22 | Sony Corp | 情報出力処理装置、情報入力処理装置、情報処理システム及び情報処理方法 |
FR2887350A1 (fr) * | 2005-06-21 | 2006-12-22 | France Telecom | Procede de securisation d'un contenu stocke sur un support de donnees a partir de la verification d'une signature d'int egrite, programme, dispositif et support correspondants |
JP4827468B2 (ja) | 2005-07-25 | 2011-11-30 | キヤノン株式会社 | 情報処理装置及び情報処理装置の制御方法、並びにコンピュータプログラム及びコンピュータ可読記憶媒体 |
CA2627136A1 (en) * | 2005-11-04 | 2007-05-10 | Nec Corporation | Message authentication device, message authentication method, message authentication program and storage medium therefor |
US8204213B2 (en) | 2006-03-29 | 2012-06-19 | International Business Machines Corporation | System and method for performing a similarity measure of anonymized data |
JP5002205B2 (ja) * | 2006-07-10 | 2012-08-15 | 任天堂株式会社 | データ認証方法およびデータ認証システム |
WO2008026238A1 (fr) * | 2006-08-28 | 2008-03-06 | Mitsubishi Electric Corporation | Système de traitement de données, procédé de traitement de données, et programme |
JP4869845B2 (ja) * | 2006-09-14 | 2012-02-08 | Kddi株式会社 | デジタル放送用コンテンツ配信装置、デジタル放送用コンテンツ認証システム、デジタル放送用コンテンツ認証方法およびプログラム |
JP4938409B2 (ja) * | 2006-10-13 | 2012-05-23 | Kddi株式会社 | デジタル放送用コンテンツ配信装置、デジタル放送用コンテンツ認証システム、デジタル放送用コンテンツ認証方法およびプログラム |
US7624276B2 (en) * | 2006-10-16 | 2009-11-24 | Broadon Communications Corp. | Secure device authentication system and method |
US8949600B2 (en) | 2006-10-27 | 2015-02-03 | Qualcomm Incorporated | Composed message authentication code |
KR101356736B1 (ko) * | 2007-01-19 | 2014-02-06 | 삼성전자주식회사 | 콘텐츠의 무결성을 확인하기 위한 콘텐츠 제공 장치 및방법 및 콘텐츠 사용 장치 및 방법, 및 콘텐츠 사용 장치를폐지하는 콘텐츠 제공 장치 및 방법 |
JP4359622B2 (ja) | 2007-01-22 | 2009-11-04 | 富士通株式会社 | 電子署名プログラム、および電子署名装置 |
US9032181B2 (en) | 2009-05-19 | 2015-05-12 | Vmware, Inc. | Shortcut input/output in virtual machine systems |
KR20130024996A (ko) * | 2011-08-24 | 2013-03-11 | 한국전자통신연구원 | 멀티캐스트 환경에서 싱글 버퍼 해시를 이용한 소스 인증 방법 및 장치 |
JP5315422B2 (ja) * | 2012-01-10 | 2013-10-16 | 任天堂株式会社 | データ認証方法およびデータ認証システム |
DE102012104947B4 (de) * | 2012-06-07 | 2016-06-30 | cp.media AG | Verfahren zum Erzeugen eines gesicherten Datenobjekts und System |
DE102013226780A1 (de) * | 2013-12-19 | 2015-06-25 | Siemens Aktiengesellschaft | Verfahren und Vorrichtung zum digitalen Signieren einer Datei |
JP6289680B2 (ja) | 2015-01-19 | 2018-03-07 | 三菱電機株式会社 | パケット送信装置、パケット受信装置、パケット送信プログラムおよびパケット受信プログラム |
IL248237A0 (en) | 2016-10-06 | 2017-01-31 | Kipnis Aviad | A method and system for signing |
IL250359A0 (en) | 2017-01-30 | 2017-03-30 | Kipnis Aviad | Method and system for signing |
JP6794383B2 (ja) * | 2018-01-15 | 2020-12-02 | 株式会社東芝 | 電子装置、方法、プログラム及びサーバ、方法、プログラム |
CN109361734B (zh) * | 2018-09-18 | 2021-04-20 | 百度在线网络技术(北京)有限公司 | 一种区块链的数据处理方法、装置、设备及介质 |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5625693A (en) * | 1995-07-07 | 1997-04-29 | Thomson Consumer Electronics, Inc. | Apparatus and method for authenticating transmitting applications in an interactive TV system |
US5754659A (en) * | 1995-12-22 | 1998-05-19 | General Instrument Corporation Of Delaware | Generation of cryptographic signatures using hash keys |
-
1999
- 1999-02-04 EP EP99905733A patent/EP0972374A1/de not_active Withdrawn
- 1999-02-04 JP JP54061899A patent/JP2001519930A/ja active Pending
- 1999-02-04 WO PCT/US1999/002417 patent/WO1999040702A1/en not_active Application Discontinuation
- 1999-02-04 AU AU25830/99A patent/AU2583099A/en not_active Abandoned
Non-Patent Citations (1)
Title |
---|
See references of WO9940702A1 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11254153B2 (en) | 2019-02-06 | 2022-02-22 | Hewlett-Packard Development Company, L.P. | Modifying control data packets that include random bits |
US11364719B2 (en) | 2019-02-06 | 2022-06-21 | Hewlett-Packard Development Company, L.P. | Print component with memory array using intermittent clock signal |
US11400704B2 (en) | 2019-02-06 | 2022-08-02 | Hewlett-Packard Development Company, L.P. | Emulating parameters of a fluid ejection die |
US11407218B2 (en) | 2019-02-06 | 2022-08-09 | Hewlett-Packard Development Company, L.P. | Identifying random bits in control data packets |
US11485134B2 (en) | 2019-02-06 | 2022-11-01 | Hewlett-Packard Development Company, L.P. | Data packets comprising random numbers for controlling fluid dispensing devices |
US11559985B2 (en) | 2019-02-06 | 2023-01-24 | Hewlett-Packard Development Company, L.P. | Integrated circuit with address drivers for fluidic die |
US11840075B2 (en) | 2019-02-06 | 2023-12-12 | Hewlett-Packard Development Company, L.P. | Emulating parameters of a fluid ejection die |
US11912025B2 (en) | 2019-02-06 | 2024-02-27 | Hewlett-Packard Development Company, L.P. | Issue determinations responsive to measurements |
Also Published As
Publication number | Publication date |
---|---|
WO1999040702A1 (en) | 1999-08-12 |
AU2583099A (en) | 1999-08-23 |
JP2001519930A (ja) | 2001-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0972374A1 (de) | Verfahren und vorrichtung zur effizienten authentifizierung und prüfung der integrität unter verwendung von hierarchischem hashing | |
US10068090B2 (en) | Systems and methods for detecting undesirable network traffic content | |
US6611925B1 (en) | Single point of entry/origination item scanning within an enterprise or workgroup | |
US6145012A (en) | Apparatus and method for efficiently updating files in computer networks | |
US6430608B1 (en) | Method and apparatus for accepting and rejecting files according to a manifest | |
AU2003218378B2 (en) | Enhancements to data integrity verification mechanism | |
US8316240B2 (en) | Securing computer log files | |
US7970821B2 (en) | Device and method for updating code | |
EP0966708B1 (de) | Verfahren um die gültigkeit der beschreibung einer ausführbaredatei zu identifizieren | |
US5633931A (en) | Method and apparatus for calculating message signatures in advance | |
US20040199743A1 (en) | Data block location verification | |
KR19980042805A (ko) | 자료파일내 자료가 진짜임을 검증하기 위한 방법, 장치 및 프로덕트 | |
US7685174B2 (en) | Automatic regeneration of computer files | |
US7389538B2 (en) | Static code image modeling and recognition | |
US11269540B2 (en) | Method, apparatus, and computer program product for managing application system | |
US20020191785A1 (en) | Apparatus and method for encrypting and decrypting data with incremental data validation | |
US5822431A (en) | Virtual authentication network for secure processors | |
CN114612101A (zh) | 面向连接的可靠链间路由跨链方法及系统 | |
US11307790B2 (en) | Method, device, and computer program product for managing data placement | |
CN114138562B (zh) | 基于备份系统恢复数据的方法及系统 | |
EP1168165A2 (de) | Gerät und Verfahren für Kodeaktualisierung | |
CN117667788B (zh) | 数据的交互方法、计算机系统、电子设备和存储介质 | |
CN116185449A (zh) | 插件升级方法、装置、系统及终端设备 | |
CN113806780A (zh) | 一种基于区块链的部分可变信息存储方法和装置 | |
CN117573399A (zh) | 一种数据分布式存储数据错误检测方法及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 19991004 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SUN MICROSYSTEMS, INC. |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SUN MICROSYSTEMS, INC. |
|
17Q | First examination report despatched |
Effective date: 20040216 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20040629 |