EP1938505A1 - Method, apparatus and system for generating a digital signature linked to a biometric identifier - Google Patents
Method, apparatus and system for generating a digital signature linked to a biometric identifierInfo
- Publication number
- EP1938505A1 EP1938505A1 EP06795039A EP06795039A EP1938505A1 EP 1938505 A1 EP1938505 A1 EP 1938505A1 EP 06795039 A EP06795039 A EP 06795039A EP 06795039 A EP06795039 A EP 06795039A EP 1938505 A1 EP1938505 A1 EP 1938505A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- electronic document
- biometric
- signature
- time
- signed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 238000004422 calculation algorithm Methods 0.000 claims description 20
- 230000000007 visual effect Effects 0.000 claims description 12
- 241001441724 Tetraodontidae Species 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 8
- 230000001133 acceleration Effects 0.000 claims description 4
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 claims 3
- 238000010586 diagram Methods 0.000 description 5
- 229920001690 polydopamine Polymers 0.000 description 5
- 238000013478 data encryption standard Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000001815 facial effect Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 210000003462 vein Anatomy 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/68—Special signature format, e.g. XML format
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- the invention relates to a method, an apparatus and a system for generating a digital signature linked to a biometric identifier of the signatory.
- Electronic signature of advanced security is defined by the law as an electronic signature being capable of identifying the signatory, being uniquely linked to the signatory, being created using means that the signatory can maintain under his or her sole control and being linked to the content of the document in such a manner that any change of the document made subsequently to the signing is detectable.
- the signatory is able to put his or her signature on the electronic document by using the Public Key Infrastructure (PKI) provided that he or she holds a unique object and/or piece of information.
- the object can be e.g. a smartcard, a USB token, etc. while the piece of information can be a PIN, a password, etc.
- PKI Public Key Infrastructure
- the signing takes place in effect by using a secret key stored on said object, that can be released by means of said piece of information. In this case, however, the signature is, actually, linked to the possession of said object and/or said piece of information instead of the person.
- biometric identifier being uniquely linked to the actual person must (also) be inputted.
- One of the simplest biometric identifier is the biometric data of the handwritten signature of the person, including the co-ordinates, the velocity, the acceleration and the pressing force of the pen as a function of time and/or the co-ordinates of the pen-down or pen-up points.
- the simple image of the signature is the conventional means for signing a paper document.
- Biometric identifiers include e.g. the iris-scan, the retina-scan, the fingerprint, etc.
- Japanese patent application N° JP2003134108 discloses a system for electronic signing linked to a handwritten signature or another personal identifier, a seal impress or a finger- print.
- the user creates an original document and a signature processing unit, on the one hand, receives an electronic version of the original document through inputting means and, on the other hand, after displaying the document, it receives an electronic version of the identifier, e.g. a handwritten signature, through another inputting means.
- the system combines the document and the identifier data, creates a digital signature for the dataset obtained thereby, combines the signature with the dataset and outputs the result obtained.
- a biometric identifier such as a signature created electronically but in a handwritten form
- a further object of certain embodiments of the invention is to provide a solution, in which the digital signature being linked to the biometric identifier can only be put on the electronic document in a trusted and identified environment, i.e. by using such devices.
- FIG. 1 shows a schematic block diagram of a first embodiment of the apparatus according to the invention
- Fig. 2 shows a flowchart illustrating an embodiment of the method according to the invention
- Fig. 3 shows a block diagram of a second embodiment of the apparatus according to the invention.
- Fig. 4 shows a schematic block diagram of an embodiment of the system according to the invention.
- FIGs. 5a and 5b together show a flowchart illustrating another embodiment of the method according to the invention.
- Fig. 6 is a diagram showing the structure of a signed electronic document package that can be generated by means of a preferred embodiment of a method according to the invention.
- FIG 1 A schematic block diagram of a preferred embodiment of the apparatus 1 for generating a digital signature linked to a biometric identifier, according to the invention is showed in figure 1 while a flowchart of a preferred embodiment of the method according to the in- vention is showed in figure 2.
- one or more signatories i.e. one or more so-called 'customers' in this embodiment, put their digital signatures being linked to their biometric identifiers, i.e. to their handwritten signatures in this example, on a document.
- a second person a so-called 'representative' participates in creating the signature; as it will be shown, his or her digital signature based on a crypto- graphic method, i.e., in this case, a PKI-based digital signature is used in the course of the method.
- the signatory can be a client of a firm, while the representative can be an employee of said firm.
- the customer can put his or her digital signature being linked to his or her biometric identifier e.g. on an order that he or she intends to give to said firm.
- the document to be signed may be one or more computer files of any types, e.g. files of desktop publishing, word processing, spreadsheet or image processing, etc. applications to mention just a few of the possibilities, among others, these can be files obtained by scanning paper documents.
- the document is composed of XML-structured files.
- the apparatus 1 comprises means 2 for receiving a document to be signed and for storing it as an electronic document; means 3 for receiving an identifier from at least one signatory and means 4 for processing the electronic document and the identifier.
- the processing means 4 comprise means 5 for generating a digest; encrypting means 6 and digital signing means 7.
- the document to be signed is received and it is stored as an electronic document via said means 2 (step 10; see figure 2).
- the document to be signed is ab ovo available in the form of computer file/s, it involves the reception of the file from the given application and the storing thereof on a storage means (not shown).
- a storage means Any type of data storage devices working on an electronic, magnetic, optical, or any other prin- ciple can serve as the storage means, such as a memory, a disk, etc. It can also be envisaged that only the address/es indicating the location/s of the file/s is/are received from the source application and the file/s itself/themselves is/are not copied or moved.
- the digitalization thereof takes place via said means 2, e.g. a scanner and it is stored in a suitable format.
- said means 2 e.g. a scanner and it is stored in a suitable format.
- the electronic document can be displayed on a display device (not shown) of the apparatus 1 at this time.
- biometric data is received via said means 3 and it is stored as biometric data (step 11).
- said means 3 is a digitizing tablet and the handwritten signature of the signatory, i.e. of the costumer is received for the biometric identifier and the complete dynamics thereof are stored as biometric data, i.e. the co-ordinates and/or the velocity and/or the acceleration and/or the pressing force of the pen is/are stored as functions of time and/or the co-ordinates of the pen-down and pen-up points are stored. Accordingly, instead of or in addition to the image of the signature the way of cre- ating the signature is actually stored. These data, unlike the mere image of the signature, allow a true biometric identification.
- biometric identifiers can be used instead of the handwritten signature by utilizing an appropriate means 3; iris- scans, retina-scans, fingerprints, vein patterns, facial images, hand geometries, etc. can be used.
- Said means 3 for capturing the biometric data are well known to a person skilled in the art, the biometric data can be recorded e.g. by means of an iris-scanner in case of iris- scans or by means of a fingerprint reader in case of fingerprints.
- a digest of the electronic document is generated via the digest generating means 5, in this example, by using the SHA-I algorithm (step 12).
- the digest can be made by using the MD5 algorithm or by other suitable algo- rithms.
- the digest is associated with the biometric data and the first set of information obtained thereby is encrypted via said encrypting means 6, in this embodiment, by using the 3DES algorithm in order to generate a biometric signature (step 13). Since the digests of different documents are, with great probability, not identical and the digest of the document is encrypted together with the biometric data, the biometric signature so obtained cannot be transferred to another document. It means that if an attacker extracts the so generated biometric signature from a document that was signed in accordance with the invention, such biometric signature can- not be used to sign a further document having a different digest. In other embodiments other algorithms, such as the DES, AES, Blowfish, RSA, etc. algorithms can be used the same way instead of the 3DES encrypting algorithm.
- biometric signature is associated with the electronic document and the second set of information obtained thereby is signed with the digital signature of the representative via digital signing means 7 in order to generate a signed electronic document package (step 14).
- biometric signature together with the electronic document to be signed is placed into a common standard XML file.
- This XML file holds together the two parts like an envelope.
- the representative creates, via means 7, a PKI- based digital signature which relates both to the document and to the biometric signature simultaneously.
- the object of this digital signature is to bind together the biometric signature and the document and to assure that none of these can be altered later in an unau- thorized manner. Additionally, it also authenticates the circumstances of the creation of the biometric signature originating from the handwritten signature (i.e.
- the digital signature of the representative can be a standard PKI-based digital signature that can be created by means of a certificate and a PKI secret key stored in the apparatus 1.
- the signature of the representative is based on the RSA algorithm, however, other algorithms capable of generating a cryptographic method- based digital signature can also be used, such as KCDSA, ECDSA, DSA, 3DES, DES, AES, Blowfish, etc.
- the generation of the signature can be accomplished via software means by using a key stored inside the apparatus 1 or by means of a smartcard or a USB token.
- the digital signature of the representative is created on the XML file and the signature itself is also stored in this standard XML package.
- the electronic document package, the signing of which was linked to the biometric identification is ready to be archived and used, at choice, in a computer system or the signature of the representative that has been put on it can be verified, in this case, in accordance with the PKI.
- biometric identifiers of several signatories can be inputted in step 11.
- all of the biometric data belonging to each biometric identifier are associated with the digest of the electronic document and the first set of information obtained thereby is encrypted in step 13.
- the biometric signature obtained comprises all data belonging to the biometric identifier of each signatory.
- the apparatus 1 can be implemented by a PDA or a tablet PC.
- the touch screen of the PDA or the tablet PC forms said means 3 for receiving the biometric identifier, while said other means 2, 4, 5, 6, 7 can be implemented in software.
- a notebook, a desktop PC or other computer devices provided with appropriate peripherals can be used as well. It is also possible to envisage that the different parts of the apparatus 1 are implemented by separate hardware devices or by software running on computer devices constituting a network.
- FIG. 3 shows a slightly modified embodiment of the apparatus according to the inven- tion.
- a visual representation of the biometric identifier e.g. a simple image of the handwritten signature is also generated via said means 8 from the biometric data having been derived from the biometric identifier received.
- the visual representation can be stored e.g. as a bitmap or a vector graphic file.
- the biometric data i.e. the dynamics of the signature cannot be reproduced from the visual representation. Accordingly, prior to signing the electronic document and the biometric signature with the PKI-based digital signature of the representative by means of the digital signing means 7 the visual representation may be associated with the electronic document and with the biometric signature without using the encryption that is applied to the biometric data.
- a benefit of such a visual representation is that it can be freely extracted from the signed electronic docu- ment package and it can be displayed or printed together with the electronic document at any time therefore.
- This will call to mind the well-known conventional signature for the user.
- this extractable information i.e. the image of the signature cannot be used to sign other documents in accordance with the invention since it would require the biometric data.
- the image thereof can be displayed on the display device of the apparatus 1 concurrently with the signing in order to provide the customer with a visual feedback.
- said means 3 for receiving the biometric identifier itself is also a display as in the case of PDAs, tablet PCs, touch screens, etc.
- the second set of information is rather signed with that of the signatory himself or herself. In this way a signed electronic docu- ment package is generated that has been signed with both the biometric and the e.g. PKI- based electronic signature of the signatory.
- the second set of information is rather signed with that of the apparatus 1 or another means connected thereto. In this way a signed electronic document package is generated that is linked to the signatory via the biometric signature and in relation of which the e.g.
- PKI-based digital signature of the apparatus 1 attests that the biometric signature of the signatory was created on a proper apparatus 1.
- This embodiment of the method facilitates the biometric identifier-linked signing of an electronic document by means of an apparatus 1 being placed e.g. in a client room of a governmental organization or a service provider even without the participation of a representative.
- a particularly preferred embodiment of the method of the invention can be performed in a system 30 for generating a digital signature linked to a biometric identifier, the system 30 being shown in figure 4.
- the system 30 comprises one or more apparatuses 1 according to the invention and a central server 32 being connected thereto via network 31.
- the apparatuses 1 operate as client devices of the central server 32.
- the network connections between the central server 32 and the apparatuses 1 can be implemented on several plat- forms like Ethernet, WLAN, GPRS, GSM modems, EDGE, Bluetooth, data cables, infrared ports as well as the combinations thereof.
- the flowchart of this preferred embodiment is shown in figure 5a and in figure 5b connecting thereto; the first five steps 10 to 14 are identical with those steps that were de- scribed with reference to figure 2.
- the already generated electronic document package is sent to the central server 32 by means of the client device through a secure data channel that is implemented over the network 31 as a transmission medium and the central server 32 receives it (step 16).
- the communication established through the secure data channel is based on encryption and the network devices and software means being involved in such a communication are capable of identifying one another.
- the secure data channel is implemented by using the SSL protocol.
- other protocols like the TLS, SNMPv3, VPN, HTTPS, FTPS, TelnetS, IMAPS or IPSec, etc. can also be used.
- a database being stored on the central server 32 or being accessible for the central server 32 is established, which contains information relating to the client devices being used in the system 30, based on which information the client devices can be identified.
- information relating to entities authorized to digitally sign the second set of information with the cryptographic method-based digital signature is stored in said database, based on which information the signing entities can be identified.
- entities can be the representatives, the signatories or the devices already mentioned in connection with the respective embodiments of the invention, the cryptographic method-based digital signature of each of whom/which is put on the second set of information.
- the database has to be updated in order to ensure that it always contains information relating to the actual client devices and sign- ing entities.
- the central server 32 identifies the client device (the hardware device itself and/or the sending application running on it) sending the signed electronic document package in the course of the communication through the secure data channel and goes on with the execu- tion of the method only if the client device is present in the database (steps 17, 18). As a result of this, a fake signed electronic document package having possibly been generated on an attacking device connected to the network will not be processed.
- the central server 32 identifies the signing entity based on the cryptographic method-based digital signature that has been put on the signed electronic document package and proceeds with the exe- cution of the method only if it is also present in the database (steps 19, 20). Thus, in those embodiments where the signing entity is a natural person, the signing of the electronic document by means of a device belonging to the system 30 with the participation of an unauthorized person can be avoided.
- the validity of the signature can be checked. If the identification of the sending client device or the second person failed, preferably, an error message can also be generated and it can be sent to the client device and/or to a person administering the system or the fact of the failed identification can be logged.
- the central server 32 puts its own cryptographic method-based, e.g. PKI-based, digital signature to the received package in order to generate a double signed electronic document package (step 21).
- the central server 32 authenticates thereby that the given package arriving from a client device being recognised by the central server 32 as authentic (and, in case of some embodiments, by the participation of an authorized representative or an authorized signatory). Furthermore, this signature protects the whole package from the subsequent alteration attempts.
- the digital signature of the central server 32 can be based on one of the protocols that were mentioned in connection with the signature of the representative or another signing entity.
- the XML package is signed and the signature itself is also stored in the XML package.
- time-stamp server 33 responds to the request by sending a time-stamp to the central server 32, which time-stamp is received by means of the central server 32 (step 23) and the received time-stamp is attached to the double signed electronic document package afterwards in order to generate a time-stamped double signed electronic document package (step 24).
- the time-stamp made is written into the XML package as a set of binary data.
- the time-stamp server 33 can be an independent, separate server maintained by an independent organisation that guaranties the accuracy and the authenticity of the time information.
- the time-stamp server 33 can be a separate application running on a computer being the central server 32.
- the object of the time-stamp in the procedure is to authenticate that the time of signing precedes a given moment, i.e. the time of requesting the time-stamp. Thus, a subsequent conflict regarding the time of generation can be prevented.
- an acknowledgement concerning the successful execution of the procedure is then sent to the client device through the secure data channel by means of the central server 32 (step 25).
- One or more preferred steps can be omitted and/or the time-stamp can be attached to the signed electronic document package prior to signing if digitally.
- FIG. 6 shows an example of the structure of a time-stamped double signed electronic document package generated by means of one of the above described preferred embodi- ments of the method according to the invention.
- the biometric signature 43 is formed by encrypting the digest 41 and the biometric data 42. Having been added the electronic document 44 and possibly the visual representation 45 of the biometric identifier thereto and having been signed it with the cryptographic method-based digital signature 46 of the representative or other signing entity, the signed electronic document package 47 is ob- tained.
- the digital signature 48 of the central server 32 is put thereon, resulting in the double signed electronic document package 49 and, lastly, having been attached the time-stamp 50 thereto, the time-stamped double signed electronic document package 40 is obtained.
- the embedded structure of the repeatedly referenced preferred example as it is shown in figure 6 indicates the embedded structure within an XML file compliant to the ETSI TS 101 903 standard.
- An advantage of the present invention is that it facilitates an authentication method being based on a biometric identifier e.g. a handwritten signature created by means of an electronic device.
- a biometric identifier e.g. a handwritten signature created by means of an electronic device.
- processes currently being implemented on a paper basis can be transferred into the electronic domain, which processes were not suitable for it because of the necessity of the handwritten signature.
- the biometric data 42 are encrypted. It assures that these are not accessible for other persons.
- the digest 41 of the electronic document 44 to be signed is also incorporated in the encrypted data.
- a particular signature cannot be attached to another document, hence, the system guaranties that the signatures (biometric identifiers) already captured cannot be used in an unauthorized manner or cannot be faked.
- the signing takes place with the participation of two persons.
- One of the persons is the representative, who (e.g. in the course of the conclusion of a contract) represents one of the parties while the other person is the customer, who puts his or her handwritten signature on the elec- tronic documents 44 being made.
- the biometric signature 43 and the electronic document 44 is bound together by means of the PKI-based digital signature 46 of the representative. It has two advantages. On the one hand, it renders the security level of the binding of the two parts extremely high and on the other hand, it also authenticates (certifies) the circumstances of the creation of the handwritten signature. In other embodiments, where the cryptographic method-based digital signature is linked to a device instead of a person, the circumstances of the creation of the biometric identifier-linked digital signature are likewise authenticated because it could only be created by using that certain device.
- the method, the apparatus 1 and the system 30 according to the invention can be used even for notarizing, wherein the second set of information is signed with a cryptographic method-based, e.g. PKI-based, digital signature of a notary public.
- a cryptographic method-based e.g. PKI-based, digital signature of a notary public.
- the central server 32 also puts its own digital signature 48 on the signed electronic document package 47 incorporating the handwritten signature/s and then it requests a time-stamp 50 therefor. Thus, it authenticates that all data arrived from a trusted environment through a secure data channel and the time of the arrival is recorded in a demonstrable manner by means of the time-stamp 50.
- An extremely advantageous aspect of the method, the apparatus 1 and the system 30 according to the invention is that those are based on the most secure and most reliable cryptographic solutions of our days and the digital signature linked to the biometric identi- bomb is likewise secure and reliable therefore. Moreover, as the infrastructure of cryptography develops, the cryptographic tools used for generating the digital signature of the invention can be upgraded as well.
- WLAN Wireless Local Area Network GPRS General Packet Radio Services GSM Global System for Mobile Communication EDGE Enhanced Data GSM Environment TLS Transport Layer Security SSL Secure Socket Layer SNMPv3 Single Network Management Protocol version 3
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a method for generating a digital signature linked to a biometric identifier. The method comprises the steps of receiving a document to be signed and storing it as an electronic document (44); receiving a biometric identifier from at least one signatory and storing it as biometric data (42); generating a digest (41) of the electronic document (44); associating the digest (41) with the biometric data (42) in order to obtain a first set of information and encrypting said first set of information in order to generate a biometric signature (43) and associating the biometric signature (43) with the electronic document (44) in order to obtain a second set of information and signing said second set of information by means of a cryptographic method-based digital signature (46) in order to generate a signed electronic document package (47). The invention also relates to an ap paratus and a system for generating a digital signature linked to a biometric identifier.
Description
METHOD, APPARATUS AND SYSTEM
FOR GENERATING A DIGITAL SIGNATURE
LINKED TO A BIOMETRIC IDENTIFIER
The invention relates to a method, an apparatus and a system for generating a digital signature linked to a biometric identifier of the signatory.
There are a number of different methods known for the electronic authentication and signing of electronic documents. Electronic signature of advanced security is defined by the law as an electronic signature being capable of identifying the signatory, being uniquely linked to the signatory, being created using means that the signatory can maintain under his or her sole control and being linked to the content of the document in such a manner that any change of the document made subsequently to the signing is detectable.
In case of most of the solutions in the field of electronic signatures the signatory is able to put his or her signature on the electronic document by using the Public Key Infrastructure (PKI) provided that he or she holds a unique object and/or piece of information. The object can be e.g. a smartcard, a USB token, etc. while the piece of information can be a PIN, a password, etc. In most cases the signing takes place in effect by using a secret key stored on said object, that can be released by means of said piece of information. In this case, however, the signature is, actually, linked to the possession of said object and/or said piece of information instead of the person. Accordingly, a need has arisen for a solution in which a biometric identifier being uniquely linked to the actual person must (also) be inputted. One of the simplest biometric identifier is the biometric data of the handwritten signature of the person, including the co-ordinates, the velocity, the acceleration and the pressing force of the pen as a function of time and/or the co-ordinates of the pen-down or pen-up points. At the same time, further to the biometric data of the signature, the simple image of the signature is the conventional means for signing a paper document. Biometric identifiers include e.g. the iris-scan, the retina-scan, the fingerprint, etc.
Japanese patent application N° JP2003134108 discloses a system for electronic signing linked to a handwritten signature or another personal identifier, a seal impress or a finger-
print. In this solution the user creates an original document and a signature processing unit, on the one hand, receives an electronic version of the original document through inputting means and, on the other hand, after displaying the document, it receives an electronic version of the identifier, e.g. a handwritten signature, through another inputting means. The system combines the document and the identifier data, creates a digital signature for the dataset obtained thereby, combines the signature with the dataset and outputs the result obtained. It is a drawback of this system that the electronic version of the identifier inputted cannot be uniquely linked to the signed electronic document and the signature extracted from the signed document can be used to sign a further document therefore. It is another drawback that the signatory must have a digital signature (which, actually, on its own could serve for signing the electronic document).
It is a main object of the present invention to provide a solution, in which a biometric identifier, such as a signature created electronically but in a handwritten form, can meet the requirements set for electronic signatures even if the signatory does not hold a conventional signature based on a cryptographic method, which is a PKI-based signature in most of the cases.
A further object of certain embodiments of the invention is to provide a solution, in which the digital signature being linked to the biometric identifier can only be put on the electronic document in a trusted and identified environment, i.e. by using such devices.
These objects can be attained by means of providing a system, an apparatus and a method as defined in the independent claims. Certain preferred embodiments are disclosed in the dependent claims.
The invention will be described in details below by way of exemplary embodiments thereof with reference to the accompanying drawings in which
Fig. 1 shows a schematic block diagram of a first embodiment of the apparatus according to the invention;
Fig. 2 shows a flowchart illustrating an embodiment of the method according to the invention;
Fig. 3 shows a block diagram of a second embodiment of the apparatus according to the invention;
Fig. 4 shows a schematic block diagram of an embodiment of the system according to the invention;
Figs. 5a and 5b together show a flowchart illustrating another embodiment of the method according to the invention and
Fig. 6 is a diagram showing the structure of a signed electronic document package that can be generated by means of a preferred embodiment of a method according to the invention.
A schematic block diagram of a preferred embodiment of the apparatus 1 for generating a digital signature linked to a biometric identifier, according to the invention is showed in figure 1 while a flowchart of a preferred embodiment of the method according to the in- vention is showed in figure 2. By means of the apparatus and the method, one or more signatories, i.e. one or more so-called 'customers' in this embodiment, put their digital signatures being linked to their biometric identifiers, i.e. to their handwritten signatures in this example, on a document. A second person, a so-called 'representative' participates in creating the signature; as it will be shown, his or her digital signature based on a crypto- graphic method, i.e., in this case, a PKI-based digital signature is used in the course of the method. E.g., the signatory can be a client of a firm, while the representative can be an employee of said firm. By using the apparatus and the method, the customer can put his or her digital signature being linked to his or her biometric identifier e.g. on an order that he or she intends to give to said firm.
The document to be signed may be one or more computer files of any types, e.g. files of desktop publishing, word processing, spreadsheet or image processing, etc. applications to
mention just a few of the possibilities, among others, these can be files obtained by scanning paper documents. Preferably, the document is composed of XML-structured files.
The apparatus 1 comprises means 2 for receiving a document to be signed and for storing it as an electronic document; means 3 for receiving an identifier from at least one signatory and means 4 for processing the electronic document and the identifier. The processing means 4 comprise means 5 for generating a digest; encrypting means 6 and digital signing means 7.
At the beginning of the method the document to be signed is received and it is stored as an electronic document via said means 2 (step 10; see figure 2). In case the document to be signed is ab ovo available in the form of computer file/s, it involves the reception of the file from the given application and the storing thereof on a storage means (not shown). Any type of data storage devices working on an electronic, magnetic, optical, or any other prin- ciple can serve as the storage means, such as a memory, a disk, etc. It can also be envisaged that only the address/es indicating the location/s of the file/s is/are received from the source application and the file/s itself/themselves is/are not copied or moved. If the document to be signed is a paper document, the digitalization thereof takes place via said means 2, e.g. a scanner and it is stored in a suitable format. In a preferred embodiment of the method according to the invention the electronic document can be displayed on a display device (not shown) of the apparatus 1 at this time.
Then the biometric identifier of the customer is received via said means 3 and it is stored as biometric data (step 11). In this embodiment said means 3 is a digitizing tablet and the handwritten signature of the signatory, i.e. of the costumer is received for the biometric identifier and the complete dynamics thereof are stored as biometric data, i.e. the co-ordinates and/or the velocity and/or the acceleration and/or the pressing force of the pen is/are stored as functions of time and/or the co-ordinates of the pen-down and pen-up points are stored. Accordingly, instead of or in addition to the image of the signature the way of cre- ating the signature is actually stored. These data, unlike the mere image of the signature, allow a true biometric identification. In other embodiments other biometric identifiers can be used instead of the handwritten signature by utilizing an appropriate means 3; iris-
scans, retina-scans, fingerprints, vein patterns, facial images, hand geometries, etc. can be used. Said means 3 for capturing the biometric data are well known to a person skilled in the art, the biometric data can be recorded e.g. by means of an iris-scanner in case of iris- scans or by means of a fingerprint reader in case of fingerprints.
After storing the electronic document — optionally concurrently with the reception of the biometric identifier — a digest of the electronic document is generated via the digest generating means 5, in this example, by using the SHA-I algorithm (step 12). In other embodiments the digest can be made by using the MD5 algorithm or by other suitable algo- rithms.
Having the digest been obtained and the biometric data been stored, the digest is associated with the biometric data and the first set of information obtained thereby is encrypted via said encrypting means 6, in this embodiment, by using the 3DES algorithm in order to generate a biometric signature (step 13). Since the digests of different documents are, with great probability, not identical and the digest of the document is encrypted together with the biometric data, the biometric signature so obtained cannot be transferred to another document. It means that if an attacker extracts the so generated biometric signature from a document that was signed in accordance with the invention, such biometric signature can- not be used to sign a further document having a different digest. In other embodiments other algorithms, such as the DES, AES, Blowfish, RSA, etc. algorithms can be used the same way instead of the 3DES encrypting algorithm.
Lastly, the biometric signature is associated with the electronic document and the second set of information obtained thereby is signed with the digital signature of the representative via digital signing means 7 in order to generate a signed electronic document package (step 14). In this embodiment the biometric signature together with the electronic document to be signed is placed into a common standard XML file. This XML file holds together the two parts like an envelope. The representative creates, via means 7, a PKI- based digital signature which relates both to the document and to the biometric signature simultaneously. The object of this digital signature is to bind together the biometric signature and the document and to assure that none of these can be altered later in an unau-
thorized manner. Additionally, it also authenticates the circumstances of the creation of the biometric signature originating from the handwritten signature (i.e. that the customer made his or her signature before a given representative, by his or her own hand and on a given means 3). The digital signature of the representative can be a standard PKI-based digital signature that can be created by means of a certificate and a PKI secret key stored in the apparatus 1. In this embodiment the signature of the representative is based on the RSA algorithm, however, other algorithms capable of generating a cryptographic method- based digital signature can also be used, such as KCDSA, ECDSA, DSA, 3DES, DES, AES, Blowfish, etc. The generation of the signature can be accomplished via software means by using a key stored inside the apparatus 1 or by means of a smartcard or a USB token. The digital signature of the representative is created on the XML file and the signature itself is also stored in this standard XML package.
Thus, the electronic document package, the signing of which was linked to the biometric identification is ready to be archived and used, at choice, in a computer system or the signature of the representative that has been put on it can be verified, in this case, in accordance with the PKI.
Obviously, the biometric identifiers of several signatories can be inputted in step 11. In this case all of the biometric data belonging to each biometric identifier are associated with the digest of the electronic document and the first set of information obtained thereby is encrypted in step 13. This way, the biometric signature obtained comprises all data belonging to the biometric identifier of each signatory. As a further option, it is also possible to additionally receive the biometric identifier of the representative via said means 3 and to incorporate the biometric data belonging thereto in the biometric signature in addition to the biometric data of the signatory.
Preferably, the apparatus 1 can be implemented by a PDA or a tablet PC. In this case the touch screen of the PDA or the tablet PC forms said means 3 for receiving the biometric identifier, while said other means 2, 4, 5, 6, 7 can be implemented in software. Instead of the PDA or the tablet PC, a notebook, a desktop PC or other computer devices provided with appropriate peripherals can be used as well. It is also possible to envisage that the
different parts of the apparatus 1 are implemented by separate hardware devices or by software running on computer devices constituting a network.
Figure 3 shows a slightly modified embodiment of the apparatus according to the inven- tion. In this embodiment a visual representation of the biometric identifier e.g. a simple image of the handwritten signature is also generated via said means 8 from the biometric data having been derived from the biometric identifier received. The visual representation can be stored e.g. as a bitmap or a vector graphic file. The biometric data, i.e. the dynamics of the signature cannot be reproduced from the visual representation. Accordingly, prior to signing the electronic document and the biometric signature with the PKI-based digital signature of the representative by means of the digital signing means 7 the visual representation may be associated with the electronic document and with the biometric signature without using the encryption that is applied to the biometric data. A benefit of such a visual representation is that it can be freely extracted from the signed electronic docu- ment package and it can be displayed or printed together with the electronic document at any time therefore. This will call to mind the well-known conventional signature for the user. However, this extractable information i.e. the image of the signature cannot be used to sign other documents in accordance with the invention since it would require the biometric data.
It is to be noted that in a preferred embodiment, when the handwritten signature is inputted, the image thereof can be displayed on the display device of the apparatus 1 concurrently with the signing in order to provide the customer with a visual feedback. This will be most effective when said means 3 for receiving the biometric identifier itself is also a display as in the case of PDAs, tablet PCs, touch screens, etc.
In another embodiment of the method, instead of a cryptographic method-based digital signature of a second person i.e. the representative, the second set of information is rather signed with that of the signatory himself or herself. In this way a signed electronic docu- ment package is generated that has been signed with both the biometric and the e.g. PKI- based electronic signature of the signatory.
In a further embodiment of the method, instead of a cryptographic method-based digital signature of a second person i.e. the representative, the second set of information is rather signed with that of the apparatus 1 or another means connected thereto. In this way a signed electronic document package is generated that is linked to the signatory via the biometric signature and in relation of which the e.g. PKI-based digital signature of the apparatus 1 attests that the biometric signature of the signatory was created on a proper apparatus 1. This embodiment of the method facilitates the biometric identifier-linked signing of an electronic document by means of an apparatus 1 being placed e.g. in a client room of a governmental organization or a service provider even without the participation of a representative.
A particularly preferred embodiment of the method of the invention can be performed in a system 30 for generating a digital signature linked to a biometric identifier, the system 30 being shown in figure 4.
The system 30 comprises one or more apparatuses 1 according to the invention and a central server 32 being connected thereto via network 31. In the course of the method the apparatuses 1 operate as client devices of the central server 32. The network connections between the central server 32 and the apparatuses 1 can be implemented on several plat- forms like Ethernet, WLAN, GPRS, GSM modems, EDGE, Bluetooth, data cables, infrared ports as well as the combinations thereof.
The flowchart of this preferred embodiment is shown in figure 5a and in figure 5b connecting thereto; the first five steps 10 to 14 are identical with those steps that were de- scribed with reference to figure 2. The already generated electronic document package is sent to the central server 32 by means of the client device through a secure data channel that is implemented over the network 31 as a transmission medium and the central server 32 receives it (step 16). The communication established through the secure data channel is based on encryption and the network devices and software means being involved in such a communication are capable of identifying one another. In this embodiment the secure data channel is implemented by using the SSL protocol. In other embodiments other
protocols like the TLS, SNMPv3, VPN, HTTPS, FTPS, TelnetS, IMAPS or IPSec, etc. can also be used.
When the system 30 is set up, a database being stored on the central server 32 or being accessible for the central server 32 is established, which contains information relating to the client devices being used in the system 30, based on which information the client devices can be identified. The similar way, information relating to entities authorized to digitally sign the second set of information with the cryptographic method-based digital signature is stored in said database, based on which information the signing entities can be identified. These entities can be the representatives, the signatories or the devices already mentioned in connection with the respective embodiments of the invention, the cryptographic method-based digital signature of each of whom/which is put on the second set of information. Throughout the use of the system 30 the database has to be updated in order to ensure that it always contains information relating to the actual client devices and sign- ing entities.
The central server 32 identifies the client device (the hardware device itself and/or the sending application running on it) sending the signed electronic document package in the course of the communication through the secure data channel and goes on with the execu- tion of the method only if the client device is present in the database (steps 17, 18). As a result of this, a fake signed electronic document package having possibly been generated on an attacking device connected to the network will not be processed. The central server 32 identifies the signing entity based on the cryptographic method-based digital signature that has been put on the signed electronic document package and proceeds with the exe- cution of the method only if it is also present in the database (steps 19, 20). Thus, in those embodiments where the signing entity is a natural person, the signing of the electronic document by means of a device belonging to the system 30 with the participation of an unauthorized person can be avoided.
Preferably, when identifying the signing entity, at the time of the processing of his, her or its digital signature, the validity of the signature can be checked.
If the identification of the sending client device or the second person failed, preferably, an error message can also be generated and it can be sent to the client device and/or to a person administering the system or the fact of the failed identification can be logged.
If the identification was successful, the central server 32 puts its own cryptographic method-based, e.g. PKI-based, digital signature to the received package in order to generate a double signed electronic document package (step 21). The central server 32 authenticates thereby that the given package arriving from a client device being recognised by the central server 32 as authentic (and, in case of some embodiments, by the participation of an authorized representative or an authorized signatory). Furthermore, this signature protects the whole package from the subsequent alteration attempts. The digital signature of the central server 32 can be based on one of the protocols that were mentioned in connection with the signature of the representative or another signing entity. In a preferred embodiment the XML package is signed and the signature itself is also stored in the XML package.
Then, as an extremely preferred step of the method according to the invention, it is also possible to request, by means of the central server 32, a time-stamp compliant to the RFC 3161 protocol, likewise, through a secure data channel from a time-stamp server 33 being connected to the network (step 22). The time-stamp server 33 responds to the request by sending a time-stamp to the central server 32, which time-stamp is received by means of the central server 32 (step 23) and the received time-stamp is attached to the double signed electronic document package afterwards in order to generate a time-stamped double signed electronic document package (step 24). Preferably, the time-stamp made is written into the XML package as a set of binary data.
The time-stamp server 33 can be an independent, separate server maintained by an independent organisation that guaranties the accuracy and the authenticity of the time information. Alternatively, the time-stamp server 33 can be a separate application running on a computer being the central server 32. The object of the time-stamp in the procedure is to authenticate that the time of signing precedes a given moment, i.e. the time of requesting
the time-stamp. Thus, a subsequent conflict regarding the time of generation can be prevented.
Expediently, an acknowledgement concerning the successful execution of the procedure is then sent to the client device through the secure data channel by means of the central server 32 (step 25).
One or more preferred steps (digital signing by the central server 32, attaching a time- stamp, sending an acknowledgement) described in relation to the system of the invention can be omitted and/or the time-stamp can be attached to the signed electronic document package prior to signing if digitally.
Figure 6 shows an example of the structure of a time-stamped double signed electronic document package generated by means of one of the above described preferred embodi- ments of the method according to the invention. The biometric signature 43 is formed by encrypting the digest 41 and the biometric data 42. Having been added the electronic document 44 and possibly the visual representation 45 of the biometric identifier thereto and having been signed it with the cryptographic method-based digital signature 46 of the representative or other signing entity, the signed electronic document package 47 is ob- tained. Preferably, the digital signature 48 of the central server 32 is put thereon, resulting in the double signed electronic document package 49 and, lastly, having been attached the time-stamp 50 thereto, the time-stamped double signed electronic document package 40 is obtained. The embedded structure of the repeatedly referenced preferred example as it is shown in figure 6 indicates the embedded structure within an XML file compliant to the ETSI TS 101 903 standard.
An advantage of the present invention is that it facilitates an authentication method being based on a biometric identifier e.g. a handwritten signature created by means of an electronic device. By using the invention, processes currently being implemented on a paper basis can be transferred into the electronic domain, which processes were not suitable for it because of the necessity of the handwritten signature.
At the time of inputting the biometric identifier the biometric data 42 are encrypted. It assures that these are not accessible for other persons. In the course of this encryption the digest 41 of the electronic document 44 to be signed is also incorporated in the encrypted data. Thus, a particular signature cannot be attached to another document, hence, the system guaranties that the signatures (biometric identifiers) already captured cannot be used in an unauthorized manner or cannot be faked. In some embodiments the signing takes place with the participation of two persons. One of the persons is the representative, who (e.g. in the course of the conclusion of a contract) represents one of the parties while the other person is the customer, who puts his or her handwritten signature on the elec- tronic documents 44 being made. The biometric signature 43 and the electronic document 44 is bound together by means of the PKI-based digital signature 46 of the representative. It has two advantages. On the one hand, it renders the security level of the binding of the two parts extremely high and on the other hand, it also authenticates (certifies) the circumstances of the creation of the handwritten signature. In other embodiments, where the cryptographic method-based digital signature is linked to a device instead of a person, the circumstances of the creation of the biometric identifier-linked digital signature are likewise authenticated because it could only be created by using that certain device.
The method, the apparatus 1 and the system 30 according to the invention can be used even for notarizing, wherein the second set of information is signed with a cryptographic method-based, e.g. PKI-based, digital signature of a notary public.
In some preferred embodiments of the invention the central server 32 also puts its own digital signature 48 on the signed electronic document package 47 incorporating the handwritten signature/s and then it requests a time-stamp 50 therefor. Thus, it authenticates that all data arrived from a trusted environment through a secure data channel and the time of the arrival is recorded in a demonstrable manner by means of the time-stamp 50.
An extremely advantageous aspect of the method, the apparatus 1 and the system 30 according to the invention is that those are based on the most secure and most reliable cryptographic solutions of our days and the digital signature linked to the biometric identi-
fier is likewise secure and reliable therefore. Moreover, as the infrastructure of cryptography develops, the cryptographic tools used for generating the digital signature of the invention can be upgraded as well.
Although the invention has been illustrated by describing preferred embodiments thereof, it is not limited to those embodiments; a person skilled in the art can perform a great number of variants and modifications without departing from the scope of the appended claims.
List of abbreviations
PKI Public Key Infrastructure USB Universal Serial Bus PIN Personal Identification Number XML eXtensible Markup Language SHA-I Secure Hash Algorithm MD5 Message Digest 3DES Triple Data Enciyption Standard DES Data Encryption Standard AES Advanced Encryption Standard RSA Rivest-Shamir-Adleman KCDSA Korean Certificate-based Digital Signature Algorithm ECDSA Elliptic Curve Digital Signature Algorithm DSA Digital Signature Algorithm PDA Personal Digital Assistant PC Personal Computer
WLAN Wireless Local Area Network GPRS General Packet Radio Services GSM Global System for Mobile Communication EDGE Enhanced Data GSM Environment TLS Transport Layer Security SSL Secure Socket Layer
SNMPv3 Single Network Management Protocol version 3
VPN Virtual Private Network
HTTPS HyperText Transfer Protocol over SSL
FTPS File Transfer Protocol over SSL
TelnetS Telnet over SSL
IMAPS Internet Message Access Protocol over SSL
IPSec Internet Protocol Seurity
Claims
1. A method for generating a digital signature, comprising the steps of a) receiving a document to be signed and storing it as an electronic document (44); b) receiving an identifier from at least one signatory; characterized in that the method further comprises the steps of c) receiving a biometric identifier for the identifier from the at least one signatory and storing it as biometric data (42); d) generating a digest (41) of the electronic document (44); e) associating the digest (41) with the biometric data (42) in order to obtain a first set of information and encrypting said first set of information in order to generate a biometric signature (43) and f) associating the biometric signature (43) with the electronic document (44) in order to obtain a second set of information and signing said second set of information by means of a cryptographic method-based digital signature (46) in order to generate a signed electronic document package (47).
2. The method according to claim 1, characterized in that step c) comprises receiving a handwritten signature for the biometric identifier by means of a digitizing tablet and stor- ing the handwritten signature in the form of at least one kind of biometric data (42) selected from the group comprising co-ordinates of the pen-down points, co-ordinates of the pen-up points, the co-ordinates of the pen as a function of time, the velocity of the pen as a function of time, the acceleration of the pen as a function of time, the pressing force of the pen as a function of time.
3. The method according to claim 1, characterized in that step c) comprises receiving an iris-scan for the biometric identifier by means of an iris-scanner and storing a set of digital data representing the iris-scan as the biometric data (42).
4. The method according to claim 1, characterized in that step c) comprises receiving a fingerprint for the biometric identifier by means of a fingerprint reader and storing a set of digital data representing the fingerprint as the biometric data (42).
5. The method according to any of claims 1 to 4, characterized in that in step d) the digest (41) of the received electronic document (44) is generated by means of an algorithm selected from the group comprising SHA-I, MD5, in step e) the first set of information is encrypted by means of an algorithm selected from the group comprising 3DES, DES, AES, Blowfish, RSA and in step f) the second set of information is signed by means of a digital signature (46) being based on an algorithm selected from the group comprising RSA, KCDSA, ECDSA, DSA, 3DES, DES, AES, Blowfish.
6. The method according to any of claims 1 to 5, characterized in that it further comprises the step of generating a visual representation (45) of the biometric identifier and step f) comprises associating, with the electronic document (44), said visual representation (45) in addition to the biometric signature (43) and signing the second set of information obtained thereby with the cryptographic method-based digital signature (46).
7. The method according to any of claims 1 to 6, characterized in that steps a) to f) are performed using a client device selected from the group comprising a PDA, a tablet PC, a notebook, a desktop personal computer and other computing devices.
8. The method according to claim 7, characterized in that it further comprises the steps of storing, in a database, information relating to client devices and to entities authorized to generate a cryptographic method-based signature prior to step a) and g) sending the signed electronic document package (47) to a central server (32) through a secure data channel by means of the client device and h) identifying the client device and the signing entity by means of the central server (32) and if those are present in the database, signing the signed electronic document package (47) with a cryptographic method-based digital signature (48) of the central server (32) in order to generate a double signed electronic document package (49) subsequently to step f).
9. The method according to claim 8, characterized in that it further comprises the steps of i) requesting a time-stamp (50) from a time-stamp server (33) through a secure data channel by means of the central server (32); j) sending the time-stamp (50) to the central server (32) through the secure data channel by means of the time-stamp server (33); and k) attaching the time-stamp (50) to the double signed electronic document package (49) by means of the central server (32) in order to generate a time-stamped double signed electronic document package (40) subsequently to step h).
10. The method according to claim 8 or 9, characterized in that it further comprises the step of
1) sending an acknowledgement to the client device through the secure data channel by means of the central server (32).
11. The method according to any of claims 8 to 10, characterized in that the secure data channel is established by using a protocol selected from the group comprising SSL, TLS, SNMPv3, VPN, HTTPS, FTPS, TelnetS, IMAPS, IPSec, in step h) the signed electronic document package (47) is signed with a digital signature (48) based on a protocol selected from the group comprising RSA, KCDSA, ECDSA, DSA, 3DES, DES, AES, Blowfish, and in steps i), j) and k) a time-stamp (50) being compliant to the RFC 3161 protocol is requested, received and attached to the double signed electronic document package (49), respectively.
12. The method according to any of claims 1 to 11, characterized in that it comprises embedding the electronic document (44) and/or the digest (41) of the electronic document (44) and/or the biometric signature (43) and/or the signed electronic document package (47) and/or the double signed electronic document package (49) and/or the time-stamped double signed electronic document package (40) in an XML document.
13. An apparatus for generating a digital signature, comprising means (2) for receiving a document to be signed and for storing it as an electronic document (44); means (3) for receiving an identifier from at least one signatory; means (4) for processing the electronic document (44) and the identifier; characterized in that said means (3) for receiving an identifier from the at least one signatory receives a biomet- ric identifier and stores it as biometric data (42) and that the processing means (4) comprise means (5) for generating a digest (41) of the electronic document (44); means (6) for associating the digest (41) with the biometric data (42) and for encrypting a first set of information obtained thereby in order to generate a biometric signature (43) and means (7) for associating the biometric signature (43) with the electronic document (44) and for signing a second set of information obtained thereby by means of a cryptographic method-based digital signature (46) in order to generate a signed electronic document package (47).
14. The apparatus according to claim 13, characterized in that it comprises a digitizing tablet for receiving a handwritten signature for the biometric identifier and the handwritten signature is stored in the form of at least one kind of biometric data (42) selected from the group comprising co-ordinates of the pen-down points, co-ordinates of the pen-up points, the co-ordinates of the pen as a function of time, the velocity of the pen as a function of time, the acceleration of the pen as a function of time, the pressing force of the pen as a function of time.
15. The apparatus according to claim 13, characteήzed in that it comprises an iris-scanner for receiving an iris-scan for the biometric identifier and a set of digital data representing the iris-scan is stored as the biometric data (42).
16. The apparatus according to claim 13, characteήzed in that it comprises a fingerprint reader for receiving a fingerprint for the biometric identifier and a set of digital data representing the fingerprint is stored as the biometric data (42).
17. The apparatus according to any of claims 13 to 16, characteήzed in that the digest (41) of the received electronic document (44) is generated by means of an algorithm selected from the group comprising SHA-I, MD5, the first set of information is encrypted by means of an algorithm selected from the group comprising 3DES, DES, AES, Blowfish, RSA and the second set of information is signed with a digital signature (46) based on an algorithm selected from the group comprising RSA, KCDSA, ECDSA, DSA, 3DES, DES, AES, Blowfish.
18. The apparatus according to any of claims 13 to 17, characteήzed in that it further comprises means (8) for generating a visual representation (45) of the biometric identifier and, in addition to the biometric signature (43), the visual representation (45) is also associated with the electronic document (44) and the second set of information obtained thereby is signed with the cryptographic method-based digital signature (46).
19. The apparatus according to any of claims 13 to 18, characteήzed in that the means (2) for receiving the document to be signed and/or the means (3) for receiving the biometric identifier and/or the means (5) for generating the digest (41) and/or the means (6) for encrypting the first set of information and/or the means (7) for signing the second set of information with the digital signature (46) and/or the means (8) for generating the visual representation (45) of the biometric identifier is/are implemented by a client device selected from the group comprising a PDA, a tablet PC, a notebook, a desktop personal computer and other computing devices.
20. The apparatus according to any of claims 13 to 19, characteήzed in that the elec- tronic document (44) and/or the digest (41) of the electronic document (44) and/or the biometric signature (43) and/or the signed electronic document package (47) is/are embedded in an XML document.
21. A system for generating a digital signature, characterized in that it comprises at least one apparatus (1) according to any of claims 13 to 20, a database for storing information relating to the at least one apparatus (1) and to entities authorized to generate a cryptographic method-based signature, and a central server (32) for receiving a signed electronic document package (47) from the at least one apparatus (1) through a secure data channel and for identifying the at least one apparatus (1) and the signing entity and, if those are present in the database, for signing the signed electronic document package (47) with its own cryptographic method-based digital signature (48) in order to generate a double signed electronic document package (49).
22. The system according to claim 21, characterized in that comprises a time-stamp server (33) and the central server (32) requests and receives a time-stamp (50) from the time-stamp server (33) through a secure data channel and attaches the time-stamp (50) to the double signed electronic document package (49) in order to generate a time-stamped double signed electronic document package (40).
23. The system according to claim 21 or 22, characterized in that the central server (32) sends an acknowledgement to the apparatus (1) through the secure data channel.
24. The system according to any of claims 21 to 23, characterized in that the secure data channel is based on the use of a protocol selected from the group comprising SSL, TLS, SNMPv3, VPN, HTTPS, FTPS, TelnetS, IMAPS, IPSec, the digital signature (48) of the central server (32) is based on an algorithm selected from the group comprising RSA, KCDSA, ECDSA, DSA, 3DES, DES, AES, Blowfish and the time-stamp (50) is compliant to the RFC 3161 protocol.
25. The system according to any of claims 21 to 24, characterized in that the double signed electronic document package (49) and/or the time-stamped double signed electronic document package (40) is/ are embedded in an XML document.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| HU0500872A HUP0500872A2 (en) | 2005-09-21 | 2005-09-21 | Method and apparatus for creating digital signature defined by biometric identification |
| PCT/HU2006/000081 WO2007034255A1 (en) | 2005-09-21 | 2006-09-21 | Method, apparatus and system for generating a digital signature linked to a biometric identifier |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| EP1938505A1 true EP1938505A1 (en) | 2008-07-02 |
Family
ID=89986273
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| EP06795039A Withdrawn EP1938505A1 (en) | 2005-09-21 | 2006-09-21 | Method, apparatus and system for generating a digital signature linked to a biometric identifier |
Country Status (3)
| Country | Link |
|---|---|
| EP (1) | EP1938505A1 (en) |
| HU (1) | HUP0500872A2 (en) |
| WO (1) | WO2007034255A1 (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2216729B1 (en) | 2007-10-24 | 2019-07-10 | Scytl Secure Electronic Voting, S.A. | Method and system for protection of user information registers for use in electoral processes |
| RU2522024C2 (en) * | 2012-10-15 | 2014-07-10 | Общество С Ограниченной Ответственностью "Лаборатория Эландис" | Method of signing electronic documents with analogue-digital signature with additional verification |
| EP3183680B1 (en) | 2014-08-18 | 2018-03-21 | Csík, Balázs | Methods for digitally signing an electronic file, and authenticating method |
| US9734386B2 (en) | 2014-09-12 | 2017-08-15 | Qualcomm Incorporated | Methods, systems and devices for electronic notary with signature and biometric identifier |
| CA3008323A1 (en) * | 2015-12-15 | 2017-06-22 | Applied Recognition Inc. | Systems and methods for authentication using digital signature with biometrics |
| US11900491B2 (en) | 2017-03-31 | 2024-02-13 | Syngrafii Inc. | Systems and methods for executing and delivering electronic documents |
| KR101853610B1 (en) * | 2017-11-07 | 2018-05-02 | 주식회사 시큐브 | Digital signature authentication system based on biometric information and digital signature authentication method thereof |
| CN109064606B (en) * | 2018-08-03 | 2021-09-03 | 广州邦讯信息系统有限公司 | Access control task execution method and system, access control system and readable storage medium |
| CN111898558B (en) * | 2020-08-03 | 2022-03-15 | 西南大学 | Multi-signature protection and identification method for multi-dimensional encryption and hiding sequence |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5544255A (en) * | 1994-08-31 | 1996-08-06 | Peripheral Vision Limited | Method and system for the capture, storage, transport and authentication of handwritten signatures |
| AU6759998A (en) | 1997-03-06 | 1998-09-22 | Skylight Software, Inc. | Cryptographic digital identity method |
| US20030028774A1 (en) * | 2001-08-06 | 2003-02-06 | Meka Anil Kumar | Ensuring the integrity of an electronic document |
| JP2003134108A (en) | 2001-10-30 | 2003-05-09 | Ricoh Co Ltd | Electronic signature, apparatus and method for verifying electronic signature, program and recording medium |
-
2005
- 2005-09-21 HU HU0500872A patent/HUP0500872A2/en unknown
-
2006
- 2006-09-21 EP EP06795039A patent/EP1938505A1/en not_active Withdrawn
- 2006-09-21 WO PCT/HU2006/000081 patent/WO2007034255A1/en active Application Filing
Non-Patent Citations (1)
| Title |
|---|
| See references of WO2007034255A1 * |
Also Published As
| Publication number | Publication date |
|---|---|
| HUP0500872A2 (en) | 2007-05-02 |
| HU0500872D0 (en) | 2005-11-28 |
| WO2007034255A1 (en) | 2007-03-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11799668B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| US11206133B2 (en) | Methods and systems for recovering data using dynamic passwords | |
| KR101676215B1 (en) | Method for signing electronic documents with an analog-digital signature with additional verification | |
| EP2924604B1 (en) | Electronic biometric (dynamic) signature references enrollment method | |
| US8185938B2 (en) | Method and system for network single-sign-on using a public key certificate and an associated attribute certificate | |
| US7024562B1 (en) | Method for carrying out secure digital signature and a system therefor | |
| US7069440B2 (en) | Technique for obtaining a single sign-on certificate from a foreign PKI system using an existing strong authentication PKI system | |
| JP3754565B2 (en) | Electronic seal mark authentication system | |
| WO2019237570A1 (en) | Electronic contract signing method, device and server | |
| WO2018145127A1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| US20050132201A1 (en) | Server-based digital signature | |
| WO2007034255A1 (en) | Method, apparatus and system for generating a digital signature linked to a biometric identifier | |
| US20050154889A1 (en) | Method and system for a flexible lightweight public-key-based mechanism for the GSS protocol | |
| CN107209821A (en) | For the method and authentication method being digitally signed to e-file | |
| TW200402224A (en) | Biometric private key infrastructure | |
| JP2007081482A (en) | Terminal authentication method, apparatus and program thereof | |
| JP2003244139A (en) | Time stamp imprinting system to electronic document, and program medium thereof | |
| CN105635187B (en) | Method and device for generating electronic file with stamp and method and device for authenticating electronic file with stamp | |
| CN108833431A (en) | A kind of method, apparatus, equipment and the storage medium of password resetting | |
| US6904524B1 (en) | Method and apparatus for providing human readable signature with digital signature | |
| JP2003169051A (en) | Electronic seal system | |
| CA3227278A1 (en) | Methods and systems for generating and validating uses of digital credentials and other documents | |
| JP2003134108A (en) | Electronic signature, apparatus and method for verifying electronic signature, program and recording medium | |
| USRE49968E1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| Ahn et al. | Towards scalable authentication in health services |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
| 17P | Request for examination filed |
Effective date: 20080327 |
|
| AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
| AX | Request for extension of the european patent |
Extension state: AL HR MK |
|
| 17Q | First examination report despatched |
Effective date: 20080702 |
|
| RAX | Requested extension states of the european patent have changed |
Extension state: HR Payment date: 20080327 Extension state: AL Payment date: 20080327 Extension state: MK Payment date: 20080327 |
|
| STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN |
|
| 18W | Application withdrawn |
Effective date: 20140127 |