Secure digital signing of data
First Claim
1. A method of signing digital data, comprising the steps of:
- subjecting the data to be signed to a message digest function to produce a digest of the data to be signed;
transmitting the message digest to a small, mobile transaction device which contains a secret key and a user'"'"'s PIN code;
determining whether a user'"'"'s PIN code is correct and, if it is, hashing the digest as a function of said secret key;
returning the transformed message digest to a service provider;
digesting and hashing the original data at the service provider using the same message digest function and secret key; and
determining whether the hashed message digest at the service provider matches the hashed message digest received from the transaction device.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of signing digital data, comprising the steps of subjecting the data to be signed to a message digest function to produce a digest of the data to be signed, transmitting the message digest to a small, mobile transaction device which contains a secret key and a user'"'"'s PIN code, determining whether a user'"'"'s PIN code is correct and, if it is, hashing the digest as a function of said secret key, returning the transformed message digest to a service provider, digesting and hashing the original data at the service provider using the same message digest function and secret key, and determining whether the hashed message digest at the service provider matches the hashed message digest received from the transaction device.
34 Citations
1 Claim
-
1. A method of signing digital data, comprising the steps of:
-
subjecting the data to be signed to a message digest function to produce a digest of the data to be signed;
transmitting the message digest to a small, mobile transaction device which contains a secret key and a user'"'"'s PIN code;
determining whether a user'"'"'s PIN code is correct and, if it is, hashing the digest as a function of said secret key;
returning the transformed message digest to a service provider;
digesting and hashing the original data at the service provider using the same message digest function and secret key; and
determining whether the hashed message digest at the service provider matches the hashed message digest received from the transaction device.
-
Specification
-
- Resources
-
Current AssigneeCypak AB
-
Original AssigneeCypak AB
-
InventorsEhrensvard, Jakob
-
Application NumberUS10/024,576Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current713/181CPC Class CodesG06F 21/31 User authenticationG06F 21/64 Protecting data integrity, ...G06Q 20/3823 combining multiple encrypti...G06Q 20/42 Confirmation, e.g. check or...G07F 7/1091 Use of an encrypted form of...H04L 2209/56 Financial cryptography, e.g...H04L 2209/80 Wireless network architectu...H04L 9/3226 using a predetermined code,...H04L 9/3236 using cryptographic hash fu...H04L 9/3247 involving digital signatures
