×

Large-scale simultaneous digital signature service system based on hash function and method thereof

  • US 10,091,004 B2
  • Filed: 02/26/2016
  • Issued: 10/02/2018
  • Est. Priority Date: 11/17/2015
  • Status: Active Grant
First Claim
Patent Images

1. A system for a simultaneous digital signature service based on a hash function, comprising:

  • a plurality of digital signature target terminals;

    a plurality of digital signature service provision servers for providing a simultaneous digital signature service based on distributed processing of a hash chain of a hash tree in response to a request to generate a digital signature from each of the digital signature target terminals;

    a digital signature service configuration server for constructing the hash tree having a hierarchical structure that is preset in order to perform parallel distributed processing for generating a digital signature according to a digital signature service performance right based on unique authentication information provided by each of the digital signature service provision servers; and

    a digital signature service relay server for enabling access to any one digital signature service provision server, selected from among currently available digital signature service provision servers, in response to a request for accessing the digital signature service from each of the digital signature target terminals,wherein when one of the digital signature service provision servers is newly registered by the digital signature service configuration server,the newly registered digital signature service provision server transmits a message that requests issue of a unique authentication token for digital signature service interworking authorization to the digital signature service configuration server, using unique authentication information;

    the digital signature service configuration server compares the unique authentication information, transmitted from the newly registered digital signature service provision server, with previously stored unique authentication information, generates and encrypts both the unique authentication token for the unique authentication information and information about digital signature service interworking if the newly registered digital signature service provision server has the digital signature service performance right, and transmits the encrypted token and the encrypted information to the newly registered digital signature service provision server;

    the newly registered digital signature service provision server decrypts the encrypted unique authentication token and the encrypted information about digital signature service interworking, which are transmitted from the digital signature service configuration server, and transmits a message that requests approval of the digital signature service interworking authorization using the unique authentication token according to a list of digital signature service provision servers to be accessed, which is included in the decrypted information about digital signature service interworking; and

    each of the digital signature service provision servers to be accessed decrypts the unique authentication token, transmitted from the newly registered digital signature service provision server, by interworking with the digital signature service configuration server, and transmits a result of the approval of the digital signature service interworking authorization to the newly registered digital signature service provision server when decrypting is successfully performed, andwherein the information about digital signature service interworking includes a list of the digital signature service provision servers to be accessed, a position of a hash subtree to be processed, and information about a service right;

    when the digital signature service provision server performs the simultaneous digital signature service depending on a specific server administrator, the unique authentication information includes at least one of unique identification information of the server administrator, selected from among an ID and password of the server administrator, biometric information of the server administrator, and authentication information generated by a private key based on a One-Time Password (OTP) and a Public key Infrastructure (PKI); and

    when the digital signature service provision server performs the simultaneous digital signature service depending on specific server hardware, the unique authentication information includes at least one of unique identification information of a device, selected from among a name of the device, a password of the device, a serial number of the device, a kind of the device, a manufacturer of the device, a Media Access Control (MAC) address of the device, a unique Internet Protocol (IP) address of the device, a model and version of the device, a secret key of the device, and authentication information of the device, generated by a private key based on a PKI.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×