EP1938505A1 - Procede, appareil et systeme permettant de generer une signature numerique associee a un identifiant biometrique - Google Patents

Procede, appareil et systeme permettant de generer une signature numerique associee a un identifiant biometrique

Info

Publication number
EP1938505A1
EP1938505A1 EP06795039A EP06795039A EP1938505A1 EP 1938505 A1 EP1938505 A1 EP 1938505A1 EP 06795039 A EP06795039 A EP 06795039A EP 06795039 A EP06795039 A EP 06795039A EP 1938505 A1 EP1938505 A1 EP 1938505A1
Authority
EP
European Patent Office
Prior art keywords
electronic document
biometric
signature
time
signed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP06795039A
Other languages
German (de)
English (en)
Inventor
Árpád KOVÁCS
Csaba Lengyel
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Csik Balazs
Original Assignee
Csik Balazs
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Csik Balazs filed Critical Csik Balazs
Publication of EP1938505A1 publication Critical patent/EP1938505A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/68Special signature format, e.g. XML format
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the invention relates to a method, an apparatus and a system for generating a digital signature linked to a biometric identifier of the signatory.
  • Electronic signature of advanced security is defined by the law as an electronic signature being capable of identifying the signatory, being uniquely linked to the signatory, being created using means that the signatory can maintain under his or her sole control and being linked to the content of the document in such a manner that any change of the document made subsequently to the signing is detectable.
  • the signatory is able to put his or her signature on the electronic document by using the Public Key Infrastructure (PKI) provided that he or she holds a unique object and/or piece of information.
  • the object can be e.g. a smartcard, a USB token, etc. while the piece of information can be a PIN, a password, etc.
  • PKI Public Key Infrastructure
  • the signing takes place in effect by using a secret key stored on said object, that can be released by means of said piece of information. In this case, however, the signature is, actually, linked to the possession of said object and/or said piece of information instead of the person.
  • biometric identifier being uniquely linked to the actual person must (also) be inputted.
  • One of the simplest biometric identifier is the biometric data of the handwritten signature of the person, including the co-ordinates, the velocity, the acceleration and the pressing force of the pen as a function of time and/or the co-ordinates of the pen-down or pen-up points.
  • the simple image of the signature is the conventional means for signing a paper document.
  • Biometric identifiers include e.g. the iris-scan, the retina-scan, the fingerprint, etc.
  • Japanese patent application N° JP2003134108 discloses a system for electronic signing linked to a handwritten signature or another personal identifier, a seal impress or a finger- print.
  • the user creates an original document and a signature processing unit, on the one hand, receives an electronic version of the original document through inputting means and, on the other hand, after displaying the document, it receives an electronic version of the identifier, e.g. a handwritten signature, through another inputting means.
  • the system combines the document and the identifier data, creates a digital signature for the dataset obtained thereby, combines the signature with the dataset and outputs the result obtained.
  • a biometric identifier such as a signature created electronically but in a handwritten form
  • a further object of certain embodiments of the invention is to provide a solution, in which the digital signature being linked to the biometric identifier can only be put on the electronic document in a trusted and identified environment, i.e. by using such devices.
  • FIG. 1 shows a schematic block diagram of a first embodiment of the apparatus according to the invention
  • Fig. 2 shows a flowchart illustrating an embodiment of the method according to the invention
  • Fig. 3 shows a block diagram of a second embodiment of the apparatus according to the invention.
  • Fig. 4 shows a schematic block diagram of an embodiment of the system according to the invention.
  • FIGs. 5a and 5b together show a flowchart illustrating another embodiment of the method according to the invention.
  • Fig. 6 is a diagram showing the structure of a signed electronic document package that can be generated by means of a preferred embodiment of a method according to the invention.
  • FIG 1 A schematic block diagram of a preferred embodiment of the apparatus 1 for generating a digital signature linked to a biometric identifier, according to the invention is showed in figure 1 while a flowchart of a preferred embodiment of the method according to the in- vention is showed in figure 2.
  • one or more signatories i.e. one or more so-called 'customers' in this embodiment, put their digital signatures being linked to their biometric identifiers, i.e. to their handwritten signatures in this example, on a document.
  • a second person a so-called 'representative' participates in creating the signature; as it will be shown, his or her digital signature based on a crypto- graphic method, i.e., in this case, a PKI-based digital signature is used in the course of the method.
  • the signatory can be a client of a firm, while the representative can be an employee of said firm.
  • the customer can put his or her digital signature being linked to his or her biometric identifier e.g. on an order that he or she intends to give to said firm.
  • the document to be signed may be one or more computer files of any types, e.g. files of desktop publishing, word processing, spreadsheet or image processing, etc. applications to mention just a few of the possibilities, among others, these can be files obtained by scanning paper documents.
  • the document is composed of XML-structured files.
  • the apparatus 1 comprises means 2 for receiving a document to be signed and for storing it as an electronic document; means 3 for receiving an identifier from at least one signatory and means 4 for processing the electronic document and the identifier.
  • the processing means 4 comprise means 5 for generating a digest; encrypting means 6 and digital signing means 7.
  • the document to be signed is received and it is stored as an electronic document via said means 2 (step 10; see figure 2).
  • the document to be signed is ab ovo available in the form of computer file/s, it involves the reception of the file from the given application and the storing thereof on a storage means (not shown).
  • a storage means Any type of data storage devices working on an electronic, magnetic, optical, or any other prin- ciple can serve as the storage means, such as a memory, a disk, etc. It can also be envisaged that only the address/es indicating the location/s of the file/s is/are received from the source application and the file/s itself/themselves is/are not copied or moved.
  • the digitalization thereof takes place via said means 2, e.g. a scanner and it is stored in a suitable format.
  • said means 2 e.g. a scanner and it is stored in a suitable format.
  • the electronic document can be displayed on a display device (not shown) of the apparatus 1 at this time.
  • biometric data is received via said means 3 and it is stored as biometric data (step 11).
  • said means 3 is a digitizing tablet and the handwritten signature of the signatory, i.e. of the costumer is received for the biometric identifier and the complete dynamics thereof are stored as biometric data, i.e. the co-ordinates and/or the velocity and/or the acceleration and/or the pressing force of the pen is/are stored as functions of time and/or the co-ordinates of the pen-down and pen-up points are stored. Accordingly, instead of or in addition to the image of the signature the way of cre- ating the signature is actually stored. These data, unlike the mere image of the signature, allow a true biometric identification.
  • biometric identifiers can be used instead of the handwritten signature by utilizing an appropriate means 3; iris- scans, retina-scans, fingerprints, vein patterns, facial images, hand geometries, etc. can be used.
  • Said means 3 for capturing the biometric data are well known to a person skilled in the art, the biometric data can be recorded e.g. by means of an iris-scanner in case of iris- scans or by means of a fingerprint reader in case of fingerprints.
  • a digest of the electronic document is generated via the digest generating means 5, in this example, by using the SHA-I algorithm (step 12).
  • the digest can be made by using the MD5 algorithm or by other suitable algo- rithms.
  • the digest is associated with the biometric data and the first set of information obtained thereby is encrypted via said encrypting means 6, in this embodiment, by using the 3DES algorithm in order to generate a biometric signature (step 13). Since the digests of different documents are, with great probability, not identical and the digest of the document is encrypted together with the biometric data, the biometric signature so obtained cannot be transferred to another document. It means that if an attacker extracts the so generated biometric signature from a document that was signed in accordance with the invention, such biometric signature can- not be used to sign a further document having a different digest. In other embodiments other algorithms, such as the DES, AES, Blowfish, RSA, etc. algorithms can be used the same way instead of the 3DES encrypting algorithm.
  • biometric signature is associated with the electronic document and the second set of information obtained thereby is signed with the digital signature of the representative via digital signing means 7 in order to generate a signed electronic document package (step 14).
  • biometric signature together with the electronic document to be signed is placed into a common standard XML file.
  • This XML file holds together the two parts like an envelope.
  • the representative creates, via means 7, a PKI- based digital signature which relates both to the document and to the biometric signature simultaneously.
  • the object of this digital signature is to bind together the biometric signature and the document and to assure that none of these can be altered later in an unau- thorized manner. Additionally, it also authenticates the circumstances of the creation of the biometric signature originating from the handwritten signature (i.e.
  • the digital signature of the representative can be a standard PKI-based digital signature that can be created by means of a certificate and a PKI secret key stored in the apparatus 1.
  • the signature of the representative is based on the RSA algorithm, however, other algorithms capable of generating a cryptographic method- based digital signature can also be used, such as KCDSA, ECDSA, DSA, 3DES, DES, AES, Blowfish, etc.
  • the generation of the signature can be accomplished via software means by using a key stored inside the apparatus 1 or by means of a smartcard or a USB token.
  • the digital signature of the representative is created on the XML file and the signature itself is also stored in this standard XML package.
  • the electronic document package, the signing of which was linked to the biometric identification is ready to be archived and used, at choice, in a computer system or the signature of the representative that has been put on it can be verified, in this case, in accordance with the PKI.
  • biometric identifiers of several signatories can be inputted in step 11.
  • all of the biometric data belonging to each biometric identifier are associated with the digest of the electronic document and the first set of information obtained thereby is encrypted in step 13.
  • the biometric signature obtained comprises all data belonging to the biometric identifier of each signatory.
  • the apparatus 1 can be implemented by a PDA or a tablet PC.
  • the touch screen of the PDA or the tablet PC forms said means 3 for receiving the biometric identifier, while said other means 2, 4, 5, 6, 7 can be implemented in software.
  • a notebook, a desktop PC or other computer devices provided with appropriate peripherals can be used as well. It is also possible to envisage that the different parts of the apparatus 1 are implemented by separate hardware devices or by software running on computer devices constituting a network.
  • FIG. 3 shows a slightly modified embodiment of the apparatus according to the inven- tion.
  • a visual representation of the biometric identifier e.g. a simple image of the handwritten signature is also generated via said means 8 from the biometric data having been derived from the biometric identifier received.
  • the visual representation can be stored e.g. as a bitmap or a vector graphic file.
  • the biometric data i.e. the dynamics of the signature cannot be reproduced from the visual representation. Accordingly, prior to signing the electronic document and the biometric signature with the PKI-based digital signature of the representative by means of the digital signing means 7 the visual representation may be associated with the electronic document and with the biometric signature without using the encryption that is applied to the biometric data.
  • a benefit of such a visual representation is that it can be freely extracted from the signed electronic docu- ment package and it can be displayed or printed together with the electronic document at any time therefore.
  • This will call to mind the well-known conventional signature for the user.
  • this extractable information i.e. the image of the signature cannot be used to sign other documents in accordance with the invention since it would require the biometric data.
  • the image thereof can be displayed on the display device of the apparatus 1 concurrently with the signing in order to provide the customer with a visual feedback.
  • said means 3 for receiving the biometric identifier itself is also a display as in the case of PDAs, tablet PCs, touch screens, etc.
  • the second set of information is rather signed with that of the signatory himself or herself. In this way a signed electronic docu- ment package is generated that has been signed with both the biometric and the e.g. PKI- based electronic signature of the signatory.
  • the second set of information is rather signed with that of the apparatus 1 or another means connected thereto. In this way a signed electronic document package is generated that is linked to the signatory via the biometric signature and in relation of which the e.g.
  • PKI-based digital signature of the apparatus 1 attests that the biometric signature of the signatory was created on a proper apparatus 1.
  • This embodiment of the method facilitates the biometric identifier-linked signing of an electronic document by means of an apparatus 1 being placed e.g. in a client room of a governmental organization or a service provider even without the participation of a representative.
  • a particularly preferred embodiment of the method of the invention can be performed in a system 30 for generating a digital signature linked to a biometric identifier, the system 30 being shown in figure 4.
  • the system 30 comprises one or more apparatuses 1 according to the invention and a central server 32 being connected thereto via network 31.
  • the apparatuses 1 operate as client devices of the central server 32.
  • the network connections between the central server 32 and the apparatuses 1 can be implemented on several plat- forms like Ethernet, WLAN, GPRS, GSM modems, EDGE, Bluetooth, data cables, infrared ports as well as the combinations thereof.
  • the flowchart of this preferred embodiment is shown in figure 5a and in figure 5b connecting thereto; the first five steps 10 to 14 are identical with those steps that were de- scribed with reference to figure 2.
  • the already generated electronic document package is sent to the central server 32 by means of the client device through a secure data channel that is implemented over the network 31 as a transmission medium and the central server 32 receives it (step 16).
  • the communication established through the secure data channel is based on encryption and the network devices and software means being involved in such a communication are capable of identifying one another.
  • the secure data channel is implemented by using the SSL protocol.
  • other protocols like the TLS, SNMPv3, VPN, HTTPS, FTPS, TelnetS, IMAPS or IPSec, etc. can also be used.
  • a database being stored on the central server 32 or being accessible for the central server 32 is established, which contains information relating to the client devices being used in the system 30, based on which information the client devices can be identified.
  • information relating to entities authorized to digitally sign the second set of information with the cryptographic method-based digital signature is stored in said database, based on which information the signing entities can be identified.
  • entities can be the representatives, the signatories or the devices already mentioned in connection with the respective embodiments of the invention, the cryptographic method-based digital signature of each of whom/which is put on the second set of information.
  • the database has to be updated in order to ensure that it always contains information relating to the actual client devices and sign- ing entities.
  • the central server 32 identifies the client device (the hardware device itself and/or the sending application running on it) sending the signed electronic document package in the course of the communication through the secure data channel and goes on with the execu- tion of the method only if the client device is present in the database (steps 17, 18). As a result of this, a fake signed electronic document package having possibly been generated on an attacking device connected to the network will not be processed.
  • the central server 32 identifies the signing entity based on the cryptographic method-based digital signature that has been put on the signed electronic document package and proceeds with the exe- cution of the method only if it is also present in the database (steps 19, 20). Thus, in those embodiments where the signing entity is a natural person, the signing of the electronic document by means of a device belonging to the system 30 with the participation of an unauthorized person can be avoided.
  • the validity of the signature can be checked. If the identification of the sending client device or the second person failed, preferably, an error message can also be generated and it can be sent to the client device and/or to a person administering the system or the fact of the failed identification can be logged.
  • the central server 32 puts its own cryptographic method-based, e.g. PKI-based, digital signature to the received package in order to generate a double signed electronic document package (step 21).
  • the central server 32 authenticates thereby that the given package arriving from a client device being recognised by the central server 32 as authentic (and, in case of some embodiments, by the participation of an authorized representative or an authorized signatory). Furthermore, this signature protects the whole package from the subsequent alteration attempts.
  • the digital signature of the central server 32 can be based on one of the protocols that were mentioned in connection with the signature of the representative or another signing entity.
  • the XML package is signed and the signature itself is also stored in the XML package.
  • time-stamp server 33 responds to the request by sending a time-stamp to the central server 32, which time-stamp is received by means of the central server 32 (step 23) and the received time-stamp is attached to the double signed electronic document package afterwards in order to generate a time-stamped double signed electronic document package (step 24).
  • the time-stamp made is written into the XML package as a set of binary data.
  • the time-stamp server 33 can be an independent, separate server maintained by an independent organisation that guaranties the accuracy and the authenticity of the time information.
  • the time-stamp server 33 can be a separate application running on a computer being the central server 32.
  • the object of the time-stamp in the procedure is to authenticate that the time of signing precedes a given moment, i.e. the time of requesting the time-stamp. Thus, a subsequent conflict regarding the time of generation can be prevented.
  • an acknowledgement concerning the successful execution of the procedure is then sent to the client device through the secure data channel by means of the central server 32 (step 25).
  • One or more preferred steps can be omitted and/or the time-stamp can be attached to the signed electronic document package prior to signing if digitally.
  • FIG. 6 shows an example of the structure of a time-stamped double signed electronic document package generated by means of one of the above described preferred embodi- ments of the method according to the invention.
  • the biometric signature 43 is formed by encrypting the digest 41 and the biometric data 42. Having been added the electronic document 44 and possibly the visual representation 45 of the biometric identifier thereto and having been signed it with the cryptographic method-based digital signature 46 of the representative or other signing entity, the signed electronic document package 47 is ob- tained.
  • the digital signature 48 of the central server 32 is put thereon, resulting in the double signed electronic document package 49 and, lastly, having been attached the time-stamp 50 thereto, the time-stamped double signed electronic document package 40 is obtained.
  • the embedded structure of the repeatedly referenced preferred example as it is shown in figure 6 indicates the embedded structure within an XML file compliant to the ETSI TS 101 903 standard.
  • An advantage of the present invention is that it facilitates an authentication method being based on a biometric identifier e.g. a handwritten signature created by means of an electronic device.
  • a biometric identifier e.g. a handwritten signature created by means of an electronic device.
  • processes currently being implemented on a paper basis can be transferred into the electronic domain, which processes were not suitable for it because of the necessity of the handwritten signature.
  • the biometric data 42 are encrypted. It assures that these are not accessible for other persons.
  • the digest 41 of the electronic document 44 to be signed is also incorporated in the encrypted data.
  • a particular signature cannot be attached to another document, hence, the system guaranties that the signatures (biometric identifiers) already captured cannot be used in an unauthorized manner or cannot be faked.
  • the signing takes place with the participation of two persons.
  • One of the persons is the representative, who (e.g. in the course of the conclusion of a contract) represents one of the parties while the other person is the customer, who puts his or her handwritten signature on the elec- tronic documents 44 being made.
  • the biometric signature 43 and the electronic document 44 is bound together by means of the PKI-based digital signature 46 of the representative. It has two advantages. On the one hand, it renders the security level of the binding of the two parts extremely high and on the other hand, it also authenticates (certifies) the circumstances of the creation of the handwritten signature. In other embodiments, where the cryptographic method-based digital signature is linked to a device instead of a person, the circumstances of the creation of the biometric identifier-linked digital signature are likewise authenticated because it could only be created by using that certain device.
  • the method, the apparatus 1 and the system 30 according to the invention can be used even for notarizing, wherein the second set of information is signed with a cryptographic method-based, e.g. PKI-based, digital signature of a notary public.
  • a cryptographic method-based e.g. PKI-based, digital signature of a notary public.
  • the central server 32 also puts its own digital signature 48 on the signed electronic document package 47 incorporating the handwritten signature/s and then it requests a time-stamp 50 therefor. Thus, it authenticates that all data arrived from a trusted environment through a secure data channel and the time of the arrival is recorded in a demonstrable manner by means of the time-stamp 50.
  • An extremely advantageous aspect of the method, the apparatus 1 and the system 30 according to the invention is that those are based on the most secure and most reliable cryptographic solutions of our days and the digital signature linked to the biometric identi- bomb is likewise secure and reliable therefore. Moreover, as the infrastructure of cryptography develops, the cryptographic tools used for generating the digital signature of the invention can be upgraded as well.
  • WLAN Wireless Local Area Network GPRS General Packet Radio Services GSM Global System for Mobile Communication EDGE Enhanced Data GSM Environment TLS Transport Layer Security SSL Secure Socket Layer SNMPv3 Single Network Management Protocol version 3

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé permettant de générer une signature numérique associée à un identifiant biométrique. Ce procédé comprend les étapes consistant : à recevoir un document à signer et à stocker ce dernier sous forme de document électronique (44) ; à recevoir un identifiant biométrique en provenance d'au moins un signataire et à stocker celui-ci sous forme de données biométriques (42) ; à générer un condensé (41) du document électronique (44) ; à associer le condensé (41) aux données biométriques (42) afin d'obtenir un premier ensemble d'informations et à chiffrer ledit premier ensemble d'informations afin que soit générée une signature biométrique (43) ; et à associer ladite signature biométrique au document électronique (44) afin d'obtenir un deuxième ensemble d'informations et à signer celui-ci au moyen d'une signature numérique (46) fondée sur un procédé cryptographique afin que soit généré un paquetage de document électronique signé (47). L'invention concerne également un appareil et un système permettant de générer une signature numérique associée à un identifiant biométrique.
EP06795039A 2005-09-21 2006-09-21 Procede, appareil et systeme permettant de generer une signature numerique associee a un identifiant biometrique Withdrawn EP1938505A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
HU0500872A HUP0500872A2 (en) 2005-09-21 2005-09-21 Method and apparatus for creating digital signature defined by biometric identification
PCT/HU2006/000081 WO2007034255A1 (fr) 2005-09-21 2006-09-21 Procede, appareil et systeme permettant de generer une signature numerique associee a un identifiant biometrique

Publications (1)

Publication Number Publication Date
EP1938505A1 true EP1938505A1 (fr) 2008-07-02

Family

ID=89986273

Family Applications (1)

Application Number Title Priority Date Filing Date
EP06795039A Withdrawn EP1938505A1 (fr) 2005-09-21 2006-09-21 Procede, appareil et systeme permettant de generer une signature numerique associee a un identifiant biometrique

Country Status (3)

Country Link
EP (1) EP1938505A1 (fr)
HU (1) HUP0500872A2 (fr)
WO (1) WO2007034255A1 (fr)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009053500A1 (fr) 2007-10-24 2009-04-30 Scytl Secure Electronic Voting, S.A. Procédé et système de protection de registres d'informations d'utilisateurs applicable à des processus électoraux
RU2522024C2 (ru) * 2012-10-15 2014-07-10 Общество С Ограниченной Ответственностью "Лаборатория Эландис" Способ подписания электронных документов аналого-цифровой подписью с дополнительной верификацией
SG11201700760TA (en) 2014-08-18 2017-03-30 Balázs Csík Methods for digitally signing an electronic file, and authenticating method
US9734386B2 (en) 2014-09-12 2017-08-15 Qualcomm Incorporated Methods, systems and devices for electronic notary with signature and biometric identifier
US11080384B2 (en) * 2015-12-15 2021-08-03 Applied Recognition Corp. Systems and methods for authentication using digital signature with biometrics
CA3058205A1 (fr) 2017-03-31 2018-10-04 Syngrafii Inc. Systemes et procedes d'execution et de distribution de documents electroniques
KR101853610B1 (ko) * 2017-11-07 2018-05-02 주식회사 시큐브 생체정보 기반의 전자서명 인증 시스템 및 그의 전자서명 인증 방법
CN109064606B (zh) * 2018-08-03 2021-09-03 广州邦讯信息系统有限公司 门禁任务执行方法、系统、门禁系统和可读存储介质
CN111898558B (zh) * 2020-08-03 2022-03-15 西南大学 一种多维度加密隐藏顺序的多重签名保护和识别方法

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5544255A (en) * 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
AU6759998A (en) 1997-03-06 1998-09-22 Skylight Software, Inc. Cryptographic digital identity method
US20030028774A1 (en) * 2001-08-06 2003-02-06 Meka Anil Kumar Ensuring the integrity of an electronic document
JP2003134108A (ja) 2001-10-30 2003-05-09 Ricoh Co Ltd 電子署名システム、電子署名検証装置、電子署名検証方法、プログラム、及び記録媒体

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2007034255A1 *

Also Published As

Publication number Publication date
WO2007034255A1 (fr) 2007-03-29
HU0500872D0 (en) 2005-11-28
HUP0500872A2 (en) 2007-05-02

Similar Documents

Publication Publication Date Title
US11799668B2 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
US11777726B2 (en) Methods and systems for recovering data using dynamic passwords
KR101676215B1 (ko) 추가적 검증에 의해 아날로그 디지털 서명으로 전자문서에 사인하는 방법
EP2924604B1 (fr) Procédé permettant de créer des références de signature (dynamique) biométrique électronique
US8185938B2 (en) Method and system for network single-sign-on using a public key certificate and an associated attribute certificate
US7024562B1 (en) Method for carrying out secure digital signature and a system therefor
WO2019237570A1 (fr) Procédé, dispositif et serveur de signature de contrat électronique
US7069440B2 (en) Technique for obtaining a single sign-on certificate from a foreign PKI system using an existing strong authentication PKI system
JP3754565B2 (ja) 電子印鑑マーク認証システム
WO2018145127A1 (fr) Procédés et systèmes de vérification d'une identification électronique avec stockage d'enregistrements de certification sur une chaîne latérale
US20050132201A1 (en) Server-based digital signature
EP1938505A1 (fr) Procede, appareil et systeme permettant de generer une signature numerique associee a un identifiant biometrique
US20050154889A1 (en) Method and system for a flexible lightweight public-key-based mechanism for the GSS protocol
CN107209821A (zh) 用于对电子文件进行数字签名的方法以及认证方法
TW200402224A (en) Biometric private key infrastructure
JP2003244139A (ja) 電子文書に対するタイムスタンプ押印システム、及び、そのプログラム媒体
CN105635187B (zh) 带印模的电子文件的生成方法与装置、认证方法与装置
CN108833431A (zh) 一种密码重置的方法、装置、设备及存储介质
US6904524B1 (en) Method and apparatus for providing human readable signature with digital signature
JP2003169051A (ja) 電子印鑑システム
CA3227278A1 (fr) Procedes et systemes pour generer et valider des utilisations de justificatifs d'identite numeriques et d'autres documents
JP2003134108A (ja) 電子署名システム、電子署名検証装置、電子署名検証方法、プログラム、及び記録媒体
USRE49968E1 (en) Electronic identification verification methods and systems with storage of certification records to a side chain
Ahn et al. Towards scalable authentication in health services
CN117837124A (zh) 通过可视化标记签署和提交电子文档的方法

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20080327

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL HR MK

17Q First examination report despatched

Effective date: 20080702

RAX Requested extension states of the european patent have changed

Extension state: HR

Payment date: 20080327

Extension state: AL

Payment date: 20080327

Extension state: MK

Payment date: 20080327

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20140127