WO1999016209A1 - Procede et systeme pour horodateurs numeriques a cles transitoires - Google Patents

Procede et systeme pour horodateurs numeriques a cles transitoires Download PDF

Info

Publication number
WO1999016209A1
WO1999016209A1 PCT/US1998/020036 US9820036W WO9916209A1 WO 1999016209 A1 WO1999016209 A1 WO 1999016209A1 US 9820036 W US9820036 W US 9820036W WO 9916209 A1 WO9916209 A1 WO 9916209A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
time interval
time
private key
certification request
Prior art date
Application number
PCT/US1998/020036
Other languages
English (en)
Inventor
Michael D. Doyle
Original Assignee
Eolas Technologies, Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eolas Technologies, Incorporated filed Critical Eolas Technologies, Incorporated
Priority to CA002304342A priority Critical patent/CA2304342C/fr
Priority to JP2000513384A priority patent/JP4563577B2/ja
Priority to IL13506998A priority patent/IL135069A0/xx
Priority to AU95796/98A priority patent/AU760742C/en
Priority to EP98949485A priority patent/EP1018239A4/fr
Priority to KR1020007003052A priority patent/KR100563515B1/ko
Publication of WO1999016209A1 publication Critical patent/WO1999016209A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp

Definitions

  • the present invention relates to a method for digital time stamping data. More particularly, the present invention relates to the digital time stamping of data, without the need for subsequent third party verification, by the chaining of key pairs, the key pairs being generated for particular time intervals .
  • Notary Public service a formalized system of professional document witnesses was developed, for example, called the Notary Public service.
  • Notary Publics would, for a fee, attest to such things as the existence of a document and the identity of the document holder or signer.
  • a notary could not swear to any knowledge of the actual contents of a document, since that would have required that the notary keep copies, m perpetuity, of every document ever witnessed -- an impractical requirement.
  • a result of this technological advance is the fact that some states, such as California, no longer accept notarization as absolute proof of document validity.
  • Public key cryptography One approach that has been developed to deal with some of this problem is based upon a technology called "public key” cryptography.
  • One of the most well known of this type of system is the program called Pretty Good Privacy, distributed by the Massachusetts Institute of Technology, which makes use of the Rivest-Shamir-Adleman (RSA) public key cryptosystem
  • RSA Rivest-Shamir-Adleman
  • Such systems are built around the concept of encrypting data m such a way that allows both secure transmission and authentication of sensitive data.
  • Public key systems employ a pair of cryptographic keys for each encryption/decryption event.
  • One key is kept secret by the owner (e.g., the private key), and the other key is publicly distributed (e.g., the public key)
  • a message encrypted with one of the keys m a key pair can only be decrypted with the other key, and vice versa.
  • This system allows, for example, the encryption of data by one individual, using a second individual's public key.
  • the message could then be sent to a second individual over unsecure channels, and only the second individual could access the unencrypted data, since it could only be decrypted with the second individual's private key.
  • the first individual Prior to using the second individual ' s public key to encrypt the data, the first individual could have used his or her private key to encrypt the data, thereby digitally "signing" the data.
  • the recipient could then use the sender's public key to decrypt it, thus proving that it actually came from the sender, since only the sender could have used the correct secret key to sign the data.
  • Such a system provides both confidentiality of data and a mechanism for authentication of the identity of the sender.
  • Public keys themselves, can be "certified” by signing them with a trusted individual's secret key (e.g., a digital signature) . Others can then assess the authenticity of published public keys by authenticating them using that trusted individual's public key. If that trusted individual later loses faith m the validity of the certified key, then he can issue a so-called revocation certificate, signed by the trusted individual's private key, that notifies others that the previously-certified public key is no longer to be trusted m the future.
  • a trusted individual's secret key e.g., a digital signature
  • Public key digital signatures therefore, can irrefutably prove that signed data was originally signed by a given secret key and that the data has not changed m any way since the signature was made.
  • Systems such as PGP routinely attach time-stamps to both key pairs at their creation, and to digital signatures, each time they are created.
  • time- stamps are dependent only upon the internal clocks within the computers being used, and thus are subject to inaccuracies or falsification by, for example, an individual intentionally changing the time on a computer's clock m order to make it falsely appear that a given digital signature was created at a specific point m time.
  • Transient-key digital time-stamps provide these capabilities.
  • irrefutable public key digital signature time-stamps are created and used.
  • the system is based upon, for example, the concept of transient time-mterval-related secret cryptographic keys, which are used to digitally sign submitted data during specific time intervals, and then are permanently destroyed.
  • the public-key correlate for each time interval is saved for future authentication of the content of time-stamped data and time of creation of time-stamped data.
  • the validity of the public keys is ensured through the certification (e.g., signing) of each time interval's public key using the previous time interval's secret key, immediately before that secret key is destroyed.
  • Figure 1 illustrates an exemplary flowchart for a method for digital time stamping according to an embodiment of the present invention.
  • Figure 2A illustrates a portion of an exemplary flowchart for another method for digital time stamping according to an embodiment of the present invention.
  • Figure 2B illustrates another portion of an exemplary flowchart for another method for digital time stamping according to an embodiment of the present invention.
  • Figure 3A illustrates a first exemplary embodiment for a time stamping system according to the present invention.
  • Figure 3B illustrates a second exemplary embodiment for a time stamping system according to the present invention.
  • the digital time stamping method provides a mechanism to irrefutably prove that a collection of data existed at a given interval of time and has not changed since that interval of time.
  • a significant advantage of the present invention is that it provides non-repudiation to the user. It is difficult to deny the veracity of the time-stamp certificates generated by the method according to an embodiment of the present invention. For example, the system does not depend upon the trustworthiness (or later existence) of any external "certification authority" or any external time tracking system.
  • all that is needed to authenticate the time stamp generated according to an embodiment of the present invention is, for example, the time- stamped data, the signature from the time-stamp certificate, the time interval's public key from the time-stamp certificate, and a standard public-key authentication program, such as either the free or commercial version of PGP.
  • Other public key encryption programs such as the J/CRYPTO Professional Cryptography Classes for Java Developers
  • Systems utilizing the method for transient-key digital time stamps according to the present invention can be set up as, for example, Internet servers, stamping all requests on a fee- for-service basis.
  • the time of creation and the internal state of information can be proven without endangering the confidentiality of sensitive data.
  • the time stamping method according to an embodiment of the present invention makes the method suitable for use m, for example, invention documentation systems. Accordingly, the method according to an embodiment of the present invention can also be used to authenticate critical confidential records, such as medical records and financial transactions, can be easily adapted to any computing platform, and is not dependent upon any specific public-key algorithm.
  • FIG. 1 illustrates an exemplary flowchart for a digital time stamping method according to an embodiment of the present invention.
  • a key pair is generated at time interval t comme .
  • the key pair includes a public key and a private key.
  • the time interval can be any defined period, e.g., every second, 10 seconds, minute or 10 minutes.
  • the current time interval is referred to as t n .
  • step 1020 it is determined if a time stamp request is received during time interval t n . If no time stamp request is received during time interval t n , then the process returns to step 1010 to generate a new key pair for the next time interval, n being incremented by 1 to indicate the next time interval.
  • step 1030 the data accompanying the time stamp request is automatically signed.
  • a conventional message digest for the data could be generated that would be automatically encrypted using the private key of time interval t n .
  • the signature of the time stamp can only be decrypted using the public key of time interval t .
  • step 1040 a time stamp certificate is generated for delivery to the requestor indicating the temporal existence of the data.
  • step 1050 it is determined if additional time stamp requests are received within time interval X .
  • the private key for time interval t n is deleted m step 1060 and the process returns to step 1010 to generate a key pair for the next time interval, n being incremented by 1. If further time stamp requests are received during time interval t n , then the process returns to step 1030 to process each further time stamp request. As indicated m step 1060, the private key for time interval t n is deleted at the end of the t me interval and the public key would be, for example, archived for subsequent se to decrypt the time stamp. Thus, a separate private key is used to automatically time stamp the data associated with a time stamp request received during each defined time interval according to an embodiment of the present invention.
  • the process according to an embodiment of the present invention illustrated m Figure 1 differs from prior art systems m that, for example, the key pairs are automatically generated every defined time interval and the data accompanying the time stamp request is automatically signed using the private key of the time interval that the time stamp request is received, the private key being deleted after the time interval.
  • prior art time stamping systems would use a single private key to sign all time stamp requests and employ a separate mechanism, usually based on the computer system implementing the time stamp, to provide the time stamp data.
  • some prior art systems would chain together the message digests for sequentially- submitted documents that have been signed to generate the message digest encrypted for the time stamp, for example, as described m U.S. Patent No. 5,136,647, which is hereby incorporated by reference.
  • FIG. 2A illustrates an exemplary flowchart for a digital time stamping method according to another embodiment of the present invention.
  • a key pair is generated.
  • the key pair includes a public key and a private key.
  • a key pair is generated for each time interval utilized by the system implementing the time stamping method.
  • the implementing system can include, for example, a conventional general purpose computer, such as a microprocessor based personal computer or server.
  • the method is implemented m software that executes on a client-server computer system architecture.
  • the time interval can be any defined period, e.g., every second, 10 seconds, minute or 10 minutes.
  • the current time interval is referred to as t n and the next time interval is referred to as t tract +1 .
  • accuracy to the minute may be sufficient for subsequent authentication purposes.
  • step 2020 another key pair is generated at time t_- ⁇ Like the first key pair, the next key pair also has a public key and a private key.
  • a conventional digital time stamping system such as PGP could be modified to automatically generate key pairs every defined time interval.
  • conventional digital time stamping systems are designed for users to generate key pairs, usually via user I/O with the system to input the information necessary to generate a key pair (e.g., a pass phrase and a random seed required by PGP) .
  • the source code for such systems could be modified to generate, for example, a pass phrase and a random seed that would be automatically fed to the key pair generation algorithm for each defined time interval, thereby automatically providing the input normally provided by a user to generate a key pair.
  • the public key of time interval t n+1 is signed using the private key of time interval t n .
  • a conventional message digest for the public key of time interval t n+1 could be generated that would be encrypted using the private key of time interval t n .
  • the signature of the public key can only be decrypted using the public key of time interval t r .
  • the signing of the public key of time interval t n+1 using the private key of time interval t n could be accomplished, for example, using script based control of existing software, such as the PGP software (e.g., a single command line instructing that one key sign another key) .
  • step 2040 the private key of time interval t n is deleted.
  • the private key for time interval t exists for the duration of time interval tania and for the time necessary during time interval t n+1 to sign the public key of time interval t n+1 .
  • the public key for time interval t n is archived for subsequent use, e.g., to decrypt the time stamp on the public key of time interval t + .
  • step 2060 it is determined if a time stamp request is received during time interval t +1 . If no time stamp request is received, then the process returns to step 2020 to generate a key pair for the next time interval, n being incremented by 1. If a time stamp request is received during time interval t il , m step 2070, illustrated m Figure 2B, the data accompanying the time stamp request is signed using the private key of time interval t tract +1 . For example, as is known m the art, a conventional message digest for the data to be time stamped according to an embodiment of the present invention could be generated that would be encrypted using the private key of time interval t n+1 .
  • the signature of the time stamp could only be decrypted using the public key of time interval t n+1 , which public key itself has been time stamped according to an embodiment of the present invention and can be authenticated only using the public key of the prior time interval t as described above. Therefore, using an embodiment of the method according to the present invention, authentication of the time stamp on data is self-validated as the keys for two time intervals have been chained together. o independent third party is required to verify that the time stamp on the data is accurate.
  • the key pair for t n+1 is generated and certified m advance, during the end of the prior time interval t n , to insure that the key pair for time interval t n+1 is available immediately at the beginning of t n+1 .
  • a stamp certificate is generated for delivery to the requesting party.
  • a stamp certificate includes a digital signature of the submitted data and the certified public keys for time intervals t n and t +i .
  • step 2100 the data accompanying the time stamp request is signed using the private key of time interval t n+i as described above and the process loops back to step 2090 until no further time stamp requests are received during time interval t n+1 .
  • the method according to an embodiment of the present invention for time stamping data can be implemented, for example as software, firmware or hard-wired logic using a suitable general purpose computer.
  • the software implementation of the present invention can be written m the Java programming language, that can run on any platform.
  • FIG. 3A illustrates an exemplary client-server architecture for implementing the time stamping method according to an embodiment of the present invention.
  • the server portion of time stamping program for an embodiment of the present invention would reside m, for example, a memory 3015 of the server 3010.
  • the time stamping program would execute on the cpu 3016 connected to the memory 3015.
  • the server 3010 is connected to the client 3020 via, for example, a connection 3030, such as a LAN, WAN or Internet connection.
  • the client computer 3020 would include a time stamping client portion of the method according to an embodiment of the present invention residing m a memory 3025, the time stamping client program executing on the cpu 3026 connected to the memory 3025
  • An I/O device 3040 such as a keyboard or mouse provides user access to the time stamping method according to an embodiment of the present invention.
  • a user would identify data to be time stamped via the I/O device 3040 which would cause the client application program stored in memory 3025 to execute m memory 3026 and generate a message digest for the data, for example m a manner known m the art.
  • the message digest would be transmitted via connection 3030 to server 3010, where the application program stored m memory 3015 would execute m memory 3016 to time stamp the message digest and return a time stamp certificate to client computer 3020 via connection 3030, for example as described m Figures 1 or 2A-2B.
  • the signing could occur at the client computer 3020.
  • a user via the I/O device 3040, a user could identify data to be time stamped and submit the stamp request to the server computer 3010 via connection 3030 without providing a message digest for the data.
  • the server 3010 would generate a key pair for the current time interval according to an embodiment of the present invention (e.g., with a public key signed by the private key of the prior time interval key pair) and return the key pair for the current time interval, the passphrase for the time interval's private key, and the public key from the prior time interval to the client computer 3020.
  • the connection 3030 can include, for example, a secure channel using SECURE SOCKETS LAYER (SSL) .
  • the client 3020 can generate the message digest and sign the message digest of the time stamp request using the private key of the current time interval, for example m a manner as is known m the art. After the time stamp is created, the client-side copies of the associated private key and passphrase are then immediately deleted.
  • the client computer 3020 can generate its own key pair and use a key pair generated by the server 3010 to time stamp the public key of the key pair generated by the client computer 3020.
  • the client computer 3020 would generate a key pair and transmit the public key of the key pair to the server 3010 via connection 3030.
  • the private key of a key pair generated by the server 3010 for the current time interval would be used to sign the public key from the client 3020.
  • the signed public key and the public key of the key pair generated by the server would be transmitted back to the client 3020.
  • the private key from the key pair generated by the client 3020 would be used to time stamp the data.
  • the client-side private key would be immediately deleted, then the client-side public key would be revoked by using the server-side private key to issue a revocation certificate for the client-side public key.
  • the private key from the server 3010 would be destroyed.
  • the revocation certificate would be incorporated into the time stamp certificate, together with the signature of the data, the server-side public keys for the current and previous time intervals, and the client-side public key.
  • Figure 3B illustrates an alternative embodiment for a system implementing the time stamping method according to an embodiment of the present invention.
  • the time stamping method is carried out m a single computer system 3100, such as a relational database system or a financial transaction system.
  • Computer system 3100 includes a memory 3115 connected to a cpu 3116.
  • An I/O device 3140 such as a keyboard or mouse, is connected to the computer 3100 and provides user access to the time stamping method according to an embodiment of the present invention.
  • the memory 3115 would contain, for example, both the resident program to generate the message digests for data to be time stamped and the time stamping program according to an embodiment of the present invention .
  • either the user would identify data to be time stamped via the I/O device 3140 or the system would automatically identify data to be time stamped, for example as m response to a database transaction. Identification of the data to be time stamped then would cause the resident program stored m memory 3115 to execute m CPU 3116 and generate a message digest for the data. The message digest would be provided to the application program, also stored m memory 3115, which would execute m CPU 3116 to time stamp the data and return a time stamp certificate to the resident program, which could cause the time stamp certificate to be forwarded to the I/O device 3140 for the user.
  • key pairs are generated for particular time intervals and time stamp requests are automatically carried out using the private key for the time interval, the private key being destroyed after the time interval.
  • the private key of a prior time interval is used to sign the public key for a subsequent time interval before the private key of the prior time interval is destroyed.
  • every time interval has its own key pair for which the private key is destroyed after signing the public key for the next time interval.
  • key pairs do not have to be continuously generated every time interval, but can be pre- generated and selected from a queue for each time interval that a time stamp request is received.
  • the time stamping method uses public key cryptography m a new way to, first, create key pairs that correspond not to fixed entities, such as previous systems employ, but which correspond to transient time intervals; and second, to provide a mechanism to use the keys, and signatures created by those keys, to provide rigorous proof of the time of existence and the authenticity of the content within data signed by the system.
  • a feature of the system is that the secret key for a given time interval only exists for a finite, typically very short, period of time, and is replaced by subsequent secret keys as subsequent time intervals proceed.
  • a public key cryptography system such as PGP with the above-described modifications, is employed to automatically generate a series of public-key encryption key pairs at regular time intervals.
  • Each key contains a designation, for example typically within the key's user ID, which identifies the specific time interval during which it is to be (or was) used.
  • the minimum possible duration of a time interval is limited by the time necessary for creation of a key pair and the use of that key pair to validate a public key. As indicated above, shorter time intervals can be enabled by pre-generatmg the key pairs .
  • the veracity of the time designation is proven by "chaining" of signatures, so that each new time interval's public key is certified (e.g., digitally signed) using the prior interval's secret key, immediately prior to deleting that prior time interval's secret key. This is done, for example, by using the prior time interval's secret key to digitally sign the new time interval's public key. Immediately after the public key is signed, the prior interval's secret key is deleted
  • the public key of each key pair is stored for future use. Any given private key is used for time-stamping data only during the time interval immediately following the interval within which the private key was generated.
  • the secret key is used to digitally sign and time-stamp all data submitted to the system for such processing. As data is submitted to the system for time-stamping, these data are processed by signing them using the respective time interval's private key. This signing process generates a time-stamp certificate.
  • Each time-stamp certificate includes, for example, the digital signature of the data generated by the secret key and the certified public key for the current time interval of use.
  • Each mterval-of-use ' s public key can be also archived for future reference.
  • time-stamp certificates can be archived as well, although such time-stamp certificate archiving is not necessary for later proof of the veracity of time-stamps generated by the system.
  • a new key pair is generated, the public key of the new pair is certified (e.g., signed) by the current time interval's secret key, and that secret key is then deleted, and the cycle continues.
  • Validation of a time- stamp at any later point requires using the respective time interval ' s public key to authenticate the digital signature m the time-stamp certificate.
  • Validation of that public key is accomplished by using the previous time interval's public key to authenticate the certification signature on the public key to be authenticated.
  • the ability to trace back through the "chain" of public key certification signatures provides irrefutable proof of the location, m time, of any individual time interval's stamp within the chain of signatures.
  • time stamping method according to an embodiment of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Circuits Of Receivers In General (AREA)

Abstract

On crée et on utilise des horodateurs (1040) numériques à clés publiques irréfutables en se basant, par exemple, sur le concept de clés cryptographiques secrètes transitoires associées à l'intervalle de temps, qui sont utilisées pour la signature numérique (2030) des données soumises au cours d'intervalles de temps spécifiques, puis détruites (2040) définitivement. Le corrélat de clé publique pour chaque intervalle de temps est mémorisé en vue d'une authentification future du contenu des données horodatées et du moment de création des données horodatées. La validité des clés publiques est assurée par la certification de chaque clé publique d'intervalle de temps au moyen de la clé secrète de l'intervalle de temps précédente, immédiatement avant que cette clé secrète soit détruite.
PCT/US1998/020036 1997-09-22 1998-09-22 Procede et systeme pour horodateurs numeriques a cles transitoires WO1999016209A1 (fr)

Priority Applications (6)

Application Number Priority Date Filing Date Title
CA002304342A CA2304342C (fr) 1997-09-22 1998-09-22 Procede et systeme pour horodateurs numeriques a cles transitoires
JP2000513384A JP4563577B2 (ja) 1997-09-22 1998-09-22 トランジエント鍵ディジタルスタンプ方法およびシステム
IL13506998A IL135069A0 (en) 1997-09-22 1998-09-22 Method and system for transient key digital time stamps
AU95796/98A AU760742C (en) 1997-09-22 1998-09-22 Method and system for transient key digital time stamps
EP98949485A EP1018239A4 (fr) 1997-09-22 1998-09-22 Procede et systeme pour horodateurs numeriques a cles transitoires
KR1020007003052A KR100563515B1 (ko) 1997-09-22 1998-09-22 과도 키 디지탈 시간 스탬프 방법 및 시스템

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US5945597P 1997-09-22 1997-09-22
US60/059,455 1997-09-22

Publications (1)

Publication Number Publication Date
WO1999016209A1 true WO1999016209A1 (fr) 1999-04-01

Family

ID=22023060

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1998/020036 WO1999016209A1 (fr) 1997-09-22 1998-09-22 Procede et systeme pour horodateurs numeriques a cles transitoires

Country Status (7)

Country Link
EP (1) EP1018239A4 (fr)
JP (2) JP4563577B2 (fr)
KR (1) KR100563515B1 (fr)
AU (1) AU760742C (fr)
CA (1) CA2304342C (fr)
IL (1) IL135069A0 (fr)
WO (1) WO1999016209A1 (fr)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6742119B1 (en) 1999-12-10 2004-05-25 International Business Machines Corporation Time stamping method using time delta in key certificate
US6965998B1 (en) 1999-12-10 2005-11-15 International Business Machines Corporation Time stamping method using time-based signature key
US6993656B1 (en) 1999-12-10 2006-01-31 International Business Machines Corporation Time stamping method using aged time stamp receipts
US7017046B2 (en) * 1997-09-22 2006-03-21 Proofspace, Inc. System and method for graphical indicia for the certification of records
US7047415B2 (en) * 1997-09-22 2006-05-16 Dfs Linkages, Inc. System and method for widely witnessed proof of time
EP1771965A1 (fr) * 2004-07-23 2007-04-11 Data Security Systems Solutions Pte Ltd Systeme et procede d'implementation de signatures numeriques par clefs privees a usage unique
US7315948B1 (en) 1999-12-10 2008-01-01 International Business Machines Corporation Time stamping method employing a separate ticket and stub
US7490241B1 (en) 1999-12-10 2009-02-10 International Business Machines Corporation Time stamping method employing user specified time
US7519824B1 (en) 1999-12-10 2009-04-14 International Business Machines Corporation Time stamping method employing multiple receipts linked by a nonce
US7890764B2 (en) 2005-09-30 2011-02-15 Kabushiki Kaisha Toshiba System, apparatus, program and method for obtaining time stamp
CN101395624B (zh) * 2006-03-02 2012-07-04 微软公司 电子签名的验证
WO2016098303A1 (fr) * 2014-12-16 2016-06-23 パナソニックIpマネジメント株式会社 Dispositif de vérification de signature, dispositif de génération de signature, système de traitement de signature, procédé de vérification de signature et procédé de génération de signature
EP4262142A4 (fr) * 2022-02-28 2023-10-18 Rakuten Group, Inc. Système, procédé et programme de communication

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2618135C (fr) 2005-08-09 2014-10-28 Nexsan Technologies Canada Inc. Systeme d'archivage de donnees
JP2009212747A (ja) * 2008-03-04 2009-09-17 Nec Corp 電子署名システム
JP5518668B2 (ja) * 2010-10-14 2014-06-11 日本電信電話株式会社 電子署名用鍵管理装置、電子署名用鍵管理方法、電子署名用鍵管理プログラム
CN109687967B (zh) * 2017-10-18 2022-02-08 克洛斯比尔有限公司 电子签名方法和设备
JP7371015B2 (ja) * 2018-05-14 2023-10-30 エヌチェーン ライセンシング アーゲー ブロックチェーンを使って原子的スワップを実行するためのコンピュータ実装されるシステムおよび方法
KR20210062488A (ko) 2019-11-21 2021-05-31 대한민국(전북기계공업고등학교장) 2축 모션 시뮬레이터

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5001752A (en) * 1989-10-13 1991-03-19 Fischer Addison M Public/key date-time notary facility
US5201000A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Method for generating public and private key pairs without using a passphrase
US5469507A (en) * 1994-03-01 1995-11-21 International Business Machines Corporation Secure communication and computation in an insecure environment
US5673316A (en) * 1996-03-29 1997-09-30 International Business Machines Corporation Creation and distribution of cryptographic envelope
US5787172A (en) * 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2142307T3 (es) * 1990-08-02 2000-04-16 Telcordia Tech Inc Metodo de marcacion segura del tiempo en documentos digitales.
US5422953A (en) * 1993-05-05 1995-06-06 Fischer; Addison M. Personal date/time notary device
US5604801A (en) * 1995-02-03 1997-02-18 International Business Machines Corporation Public key data communications system under control of a portable security device
IL113259A (en) * 1995-04-05 2001-03-19 Diversinet Corp A device and method for a secure interface for secure communication and data transfer
JP3659791B2 (ja) * 1998-03-23 2005-06-15 インターナショナル・ビジネス・マシーンズ・コーポレーション 小時間鍵生成の方法及びシステム
JPH11296078A (ja) * 1998-04-15 1999-10-29 Yrs:Kk 記念品

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5001752A (en) * 1989-10-13 1991-03-19 Fischer Addison M Public/key date-time notary facility
US5201000A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Method for generating public and private key pairs without using a passphrase
US5787172A (en) * 1994-02-24 1998-07-28 The Merdan Group, Inc. Apparatus and method for establishing a cryptographic link between elements of a system
US5469507A (en) * 1994-03-01 1995-11-21 International Business Machines Corporation Secure communication and computation in an insecure environment
US5673316A (en) * 1996-03-29 1997-09-30 International Business Machines Corporation Creation and distribution of cryptographic envelope

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1018239A4 *

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7017046B2 (en) * 1997-09-22 2006-03-21 Proofspace, Inc. System and method for graphical indicia for the certification of records
US7210035B2 (en) 1997-09-22 2007-04-24 Dfs Linkages, Inc. System and method for graphical indicia for the certification of records
US7047415B2 (en) * 1997-09-22 2006-05-16 Dfs Linkages, Inc. System and method for widely witnessed proof of time
US7487359B2 (en) * 1999-12-10 2009-02-03 International Business Machines Corporation Time stamping method employing a separate ticket and stub
US6993656B1 (en) 1999-12-10 2006-01-31 International Business Machines Corporation Time stamping method using aged time stamp receipts
US7519824B1 (en) 1999-12-10 2009-04-14 International Business Machines Corporation Time stamping method employing multiple receipts linked by a nonce
US6965998B1 (en) 1999-12-10 2005-11-15 International Business Machines Corporation Time stamping method using time-based signature key
US7315948B1 (en) 1999-12-10 2008-01-01 International Business Machines Corporation Time stamping method employing a separate ticket and stub
US6742119B1 (en) 1999-12-10 2004-05-25 International Business Machines Corporation Time stamping method using time delta in key certificate
US7490241B1 (en) 1999-12-10 2009-02-10 International Business Machines Corporation Time stamping method employing user specified time
EP1771965A4 (fr) * 2004-07-23 2009-03-04 Data Security Systems Solution Systeme et procede d'implementation de signatures numeriques par clefs privees a usage unique
EP1771965A1 (fr) * 2004-07-23 2007-04-11 Data Security Systems Solutions Pte Ltd Systeme et procede d'implementation de signatures numeriques par clefs privees a usage unique
AU2005264830B2 (en) * 2004-07-23 2010-03-18 Data Security Systems Solutions Pte Ltd System and method for implementing digital signature using one time private keys
US7689828B2 (en) 2004-07-23 2010-03-30 Data Security Systems Solutions Pte Ltd System and method for implementing digital signature using one time private keys
US7890764B2 (en) 2005-09-30 2011-02-15 Kabushiki Kaisha Toshiba System, apparatus, program and method for obtaining time stamp
CN101395624B (zh) * 2006-03-02 2012-07-04 微软公司 电子签名的验证
WO2016098303A1 (fr) * 2014-12-16 2016-06-23 パナソニックIpマネジメント株式会社 Dispositif de vérification de signature, dispositif de génération de signature, système de traitement de signature, procédé de vérification de signature et procédé de génération de signature
EP4262142A4 (fr) * 2022-02-28 2023-10-18 Rakuten Group, Inc. Système, procédé et programme de communication

Also Published As

Publication number Publication date
AU760742B2 (en) 2003-05-22
IL135069A0 (en) 2001-05-20
AU9579698A (en) 1999-04-12
EP1018239A1 (fr) 2000-07-12
KR100563515B1 (ko) 2006-03-27
JP4563577B2 (ja) 2010-10-13
AU760742C (en) 2006-11-09
CA2304342C (fr) 2009-01-27
JP2001517818A (ja) 2001-10-09
JP2010148098A (ja) 2010-07-01
KR20010040248A (ko) 2001-05-15
CA2304342A1 (fr) 1999-04-01
EP1018239A4 (fr) 2005-07-13

Similar Documents

Publication Publication Date Title
US6381696B1 (en) Method and system for transient key digital time stamps
AU760742C (en) Method and system for transient key digital time stamps
CN109067801B (zh) 一种身份认证方法、身份认证装置及计算机可读介质
CN102077213B (zh) 用于确保通信的认证和完整性的技术
US7305558B1 (en) Digital signing method
US20070118732A1 (en) Method and system for digitally signing electronic documents
US20050132201A1 (en) Server-based digital signature
US20020023220A1 (en) Distributed information system and protocol for affixing electronic signatures and authenticating documents
US20050228999A1 (en) Audit records for digitally signed documents
US20100031039A1 (en) Method and apparatus for data protection system using geometry of fractals or other chaotic systems
US20070294537A1 (en) Time Stamping Method Employing a Separate Ticket and Stub
WO2003034308A1 (fr) Systeme de gestion electronique de documents
CN111698093B (zh) 一种基于pki体系的数字时间戳签发和查证方法
WO2020143318A1 (fr) Procédé de vérification de données et dispositif terminal
US8694788B1 (en) Security system
JP3873603B2 (ja) ディジタル署名方法および装置
KR100646948B1 (ko) 전자문서의 공증 및 검증 처리가 가능한 공증 센터 서버 및 그 방법
EP1125393B1 (fr) Procede d'envoi et de reception de donnees protegees a l'aide d'une cle partagee
US6839842B1 (en) Method and apparatus for authenticating information
US20020144120A1 (en) Method and apparatus for constructing digital certificates
EP1185024B1 (fr) Système, procédé et logiciel pour administrer une clé d'utilisateur servant à signer un message pour un système de traitement de données
JP2000099421A (ja) 電子情報の到達確認方法
TWM579789U (zh) Electronic contract signing device
JP2004040830A (ja) ディジタル署名方法および装置
CN111414629B (zh) 电子合约签署装置

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 135069

Country of ref document: IL

AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 95796/98

Country of ref document: AU

ENP Entry into the national phase

Ref country code: JP

Ref document number: 2000 513384

Kind code of ref document: A

Format of ref document f/p: F

ENP Entry into the national phase

Ref document number: 2304342

Country of ref document: CA

Ref country code: CA

Ref document number: 2304342

Kind code of ref document: A

Format of ref document f/p: F

WWE Wipo information: entry into national phase

Ref document number: 1020007003052

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 1998949485

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1998949485

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWP Wipo information: published in national office

Ref document number: 1020007003052

Country of ref document: KR

WWG Wipo information: grant in national office

Ref document number: 95796/98

Country of ref document: AU

WWG Wipo information: grant in national office

Ref document number: 1020007003052

Country of ref document: KR