Electronically verified digital signature and document delivery system and method

US 20020091928A1
Filed: 10/03/2001
Published: 07/11/2002
Est. Priority Date: 10/03/2000
Status: Active Grant

First Claim

Patent Images

1. A method of preventing the repudiation of digitally-signed electronic documents, the method comprising the steps of:

receiving a plurality of electronic documents during a first and second time interval;

forming a message digest for each of the plurality of electronic documents;

forming a first super-message digest derived at least in part from each of the message digests received during the first time interval;

forming a second super-message digest derived at least in part from each of the message digests received during the second time interval and from the first super-message digest;

transmitting the second super-message digest to a timestamp authority and receiving a timestamp therefrom; and

recording each of the message digests, first and second super-message digests, and timestamp in an audit log.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The secure messaging system of the invention encrypts an electronic document using a symmetric key and transmits the encrypted document and related message parameters to a recipient whose identity is then authenticated by a web server. The web server dynamically regenerates the symmetric key from a hidden key and from the message parameters accompanying the encrypted document, and thus avoids having to maintain a central repository of encrypted documents as required by typical “post and pick-up” encrypted messaging systems. Further, an audit trail produced while practicing the invention provides timestamped message digest data for a plurality of time intervals, where the message digests for adjacent time intervals are computationally linked together. The audit trail effectively enables timestamped message digest data to verify not only the existence of a document during a first time interval, but also to verify the existence of documents encountered in a prior time interval.

188 Citations

16 Claims

1. A method of preventing the repudiation of digitally-signed electronic documents, the method comprising the steps of:
- receiving a plurality of electronic documents during a first and second time interval;
  
  forming a message digest for each of the plurality of electronic documents;
  
  forming a first super-message digest derived at least in part from each of the message digests received during the first time interval;
  
  forming a second super-message digest derived at least in part from each of the message digests received during the second time interval and from the first super-message digest;
  
  transmitting the second super-message digest to a timestamp authority and receiving a timestamp therefrom; and
  
  recording each of the message digests, first and second super-message digests, and timestamp in an audit log.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein at least one of the plurality of electronic documents corresponds to a file attachment in an electronic mail message.
  - 3. The method of claim 1 wherein the first and second time intervals are predetermined.
  - 4. The method of claim 1 wherein the duration of the first and second time intervals are dynamically determined from a number of electronic documents anticipated during a particular time of day.
  - 5. The method of claim 1 further comprising the step of recording a timestamp associated with the first super-message digest in the audit log.
  - 6. The method of claim 5 wherein the first super-message digest is further derived from the timestamp associated with the first super-message digest and from a prior super-message digest.
  - 7. The method of claim 5 wherein the second super-message digest is further derived from the timestamp associated with the first super-message digest.

8. A method of securely delivering an electronic document, the method comprising the steps of:
- at a message server associated with a sender of the electronic document, computing a symmetric key from message parameters associated with the electronic document and from a hidden parameter associated with the message server using a predefined algorithm;
  
  encrypting the electronic document using the symmetric key;
  
  transmitting the encrypted electronic document and the message parameters to at least one recipient;
  
  at a web server coupled to the recipient of the encrypted electronic document, receiving identification data associated with the recipient;
  
  receiving the message parameters transmitted to the recipient;
  
  comparing the identification data associated with the recipient with the received message parameters;
  
  upon matching the identification data with at least some of the received message parameters, dynamically computing the symmetric key from the received message parameters and the hidden parameter associated with the message server using the predefined algorithm; and
  
  providing the symmetric key to the recipient.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 16)
- - 9. The method of claim 8 wherein the electronic document is digitally signed.
  - 10. The method of claim 8 wherein the message parameters include a recipient list and a hash of the electronic document.
  - 11. The method of claim 8 wherein the electronic document and message parameters are transmitted to the recipient in an electronic mail message.
  - 12. The method of claim 11 wherein the received message parameters are posted to the web server via an HTML form included in the electronic mail message.
  - 13. The method of claim 8 wherein the identification data includes a user ID and password previously registered by the web server.
  - 14. The method of claim 8 wherein the message server and the web server are controlled by the sender of the electronic document.
  - 16. The method of claim 15 further comprising the step of transmitting a message to a sender of the symmetrically encrypted electronic document after matching the identification data and the received parameters.

15. A method of securely delivering an electronic document via a web server, the method comprising the steps of:
- receiving a symmetrically encrypted electronic document and parameters associated therewith, the parameters including a recipient list associated with the electronic document;
  
  receiving identification data from the recipient via a communications network and comparing at least some of the received parameters therewith;
  
  upon matching the identification data and the at least some of the received parameters, dynamically computing a symmetric key from the received parameters;
  
  decrypting the electronic document using the symmetric key; and
  
  displaying the decrypted document on a web page accessible to the recipient.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Upland Software, Inc.
Original Assignee
Omtool Limited (Upland Software, Inc.)
Inventors
Benson, Glenn, Bouchard, Thaddeus

Granted Patent

US 7,082,538 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/178
CPC Class Codes

G06F 2221/2151   Time stamp

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 9/3247   involving digital signatures

H04L 9/3297   involving time stamps, e.g....

Electronically verified digital signature and document delivery system and method

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

188 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Electronically verified digital signature and document delivery system and method

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

188 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links