Electronically verified digital signature and document delivery system and method
First Claim
1. A method of preventing the repudiation of digitally-signed electronic documents, the method comprising the steps of:
- receiving a plurality of electronic documents during a first and second time interval;
forming a message digest for each of the plurality of electronic documents;
forming a first super-message digest derived at least in part from each of the message digests received during the first time interval;
forming a second super-message digest derived at least in part from each of the message digests received during the second time interval and from the first super-message digest;
transmitting the second super-message digest to a timestamp authority and receiving a timestamp therefrom; and
recording each of the message digests, first and second super-message digests, and timestamp in an audit log.
5 Assignments
0 Petitions
Accused Products
Abstract
The secure messaging system of the invention encrypts an electronic document using a symmetric key and transmits the encrypted document and related message parameters to a recipient whose identity is then authenticated by a web server. The web server dynamically regenerates the symmetric key from a hidden key and from the message parameters accompanying the encrypted document, and thus avoids having to maintain a central repository of encrypted documents as required by typical “post and pick-up” encrypted messaging systems. Further, an audit trail produced while practicing the invention provides timestamped message digest data for a plurality of time intervals, where the message digests for adjacent time intervals are computationally linked together. The audit trail effectively enables timestamped message digest data to verify not only the existence of a document during a first time interval, but also to verify the existence of documents encountered in a prior time interval.
188 Citations
16 Claims
-
1. A method of preventing the repudiation of digitally-signed electronic documents, the method comprising the steps of:
-
receiving a plurality of electronic documents during a first and second time interval;
forming a message digest for each of the plurality of electronic documents;
forming a first super-message digest derived at least in part from each of the message digests received during the first time interval;
forming a second super-message digest derived at least in part from each of the message digests received during the second time interval and from the first super-message digest;
transmitting the second super-message digest to a timestamp authority and receiving a timestamp therefrom; and
recording each of the message digests, first and second super-message digests, and timestamp in an audit log. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of securely delivering an electronic document, the method comprising the steps of:
-
at a message server associated with a sender of the electronic document, computing a symmetric key from message parameters associated with the electronic document and from a hidden parameter associated with the message server using a predefined algorithm;
encrypting the electronic document using the symmetric key;
transmitting the encrypted electronic document and the message parameters to at least one recipient;
at a web server coupled to the recipient of the encrypted electronic document, receiving identification data associated with the recipient;
receiving the message parameters transmitted to the recipient;
comparing the identification data associated with the recipient with the received message parameters;
upon matching the identification data with at least some of the received message parameters, dynamically computing the symmetric key from the received message parameters and the hidden parameter associated with the message server using the predefined algorithm; and
providing the symmetric key to the recipient. - View Dependent Claims (9, 10, 11, 12, 13, 14, 16)
-
-
15. A method of securely delivering an electronic document via a web server, the method comprising the steps of:
-
receiving a symmetrically encrypted electronic document and parameters associated therewith, the parameters including a recipient list associated with the electronic document;
receiving identification data from the recipient via a communications network and comparing at least some of the received parameters therewith;
upon matching the identification data and the at least some of the received parameters, dynamically computing a symmetric key from the received parameters;
decrypting the electronic document using the symmetric key; and
displaying the decrypted document on a web page accessible to the recipient.
-
Specification