Method of managing digital signature, apparatus for processing digital signature, and a computer readable medium for recording program of managing digital signature

US 20030182552A1
Filed: 05/17/2002
Published: 09/25/2003
Est. Priority Date: 03/22/2002
Status: Active Grant

First Claim

Patent Images

1. A method of managing digital signature in a digital signature system in which a message and a digital signature proving validity of the message are generated, the message and the digital signature are transmitted at a time, and a message and a digital signature are received from an external device, comprising the steps of:

preparing in a memory a signature log file to which signature log entry information associated with the transmitted or received digital signature is to be registered;

generating a new digital signature to be transmitted together with a message by reflecting, in the new digital signature, signature log entry information registered to the signature log file in the past;

generating signature log entry information associated with the new digital signature using data used to generate the new digital signature and registering the signature log entry information to the signature log file;

by using a message, a received digital signature, data to verify the received digital signature which are received from an external device, generating signature log entry information associated with the received message and registering the signature log entry information to the signature log file; and

preparing a user search file in a memory in addition to the signature log file, registering to the user search file information indicating that the signature log entry information in the signature log file is a transmitted digital signature transmitted or a received digital signature received and user identifier information indicating a transmission destination of the transmitted digital signature and a transmission source of the received digital signature, with a correspondence established between the information, the user identifier information, and each signature log entry information in the signature log file.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of managing digital signature includes the steps of preparing a signature log file storing signature log entry information, generating a new digital signature for a transmission message by reflecting, in the new digital signature, signature log entry information registered to the signature log file in the past; generating signature log entry information associated with the new digital signature and registering the signature log entry information to the signature log file; and preparing a user search file in addition to the signature log file; registering, to the user search file, user identifier information indicating a transmission destination of the transmitted digital signature and a transmission source of the received digital signature, with a correspondence established between the information, the user identifier information, and each signature log entry information in the signature log file.

67 Citations

View as Search Results

16 Claims

1. A method of managing digital signature in a digital signature system in which a message and a digital signature proving validity of the message are generated, the message and the digital signature are transmitted at a time, and a message and a digital signature are received from an external device, comprising the steps of:
- preparing in a memory a signature log file to which signature log entry information associated with the transmitted or received digital signature is to be registered;
  
  generating a new digital signature to be transmitted together with a message by reflecting, in the new digital signature, signature log entry information registered to the signature log file in the past;
  
  generating signature log entry information associated with the new digital signature using data used to generate the new digital signature and registering the signature log entry information to the signature log file;
  
  by using a message, a received digital signature, data to verify the received digital signature which are received from an external device, generating signature log entry information associated with the received message and registering the signature log entry information to the signature log file; and
  
  preparing a user search file in a memory in addition to the signature log file, registering to the user search file information indicating that the signature log entry information in the signature log file is a transmitted digital signature transmitted or a received digital signature received and user identifier information indicating a transmission destination of the transmitted digital signature and a transmission source of the received digital signature, with a correspondence established between the information, the user identifier information, and each signature log entry information in the signature log file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A digital signature managing method according to claim 1, further comprising the step of identifying, according to the user identifier information registered to the user search file, signature log entry information associated with a received digital signature registered to the signature log file or signature log entry information associated with a transmitted digital signature registered to the signature log file and conducting verification using log chain crossing using the signature log entry information identified in the signature log file.
  - 3. A digital signature managing method according to claim 2, wherein said step of generating the digital signature to be transmitted together with the message comprises the step of generating data by combining with each other the new message or a hash value of the new message, a hash value of the signature log entry information registered to the signature log file in the past, and the identifier information to identify the signature log entry information of a new digital signature to be generated, and generating the new digital signature using the data and a predetermined secret key.
  - 4. A digital signature managing method according to claim 2, wherein said step of generating signature log entry information associated with the new digital signature and registering the signature log entry information to the signature log file comprises the step of adding new information generation record information to the signature log file, the new information generation record information including record identifier information to identify the signature log entry information, the new digital signature, and a hash value of the signature log entry information previously registered to the signature log file.
  - 5. A digital signature managing method according to claim 2, further comprising the step of transmitting, at transmission of a generated message thus generated, data to verify a digital signature to be transmitted, the data including a digital signature generated for the message, record identifier information to identify signature log entry information associated with the digital signature, and a hash value of the signature log entry information previously registered to the signature log file.
  - 6. A digital signature managing method according to claim 2, wherein said step of generating and registering the signature log entry information associated with the received message to the signature log file comprises the steps of:
    - generating received signature data using record identifier information to identify signature log entry information of a received digital signature corresponding to the received message, the received digital signature being received together with the received message and a hash value of the signature log entry information previously registered to the signature log file; and
      
      adding new received signature log entry information to the signature log file, the new received signature log entry information including record identifier information to identify the signature log entry information of the received digital signature corresponding to the received message, a hash value of the signature log entry information previously registered to the signature log file, and the received signature data thus generated.
  - 7. A digital signature managing method according to claim 6, further comprising the steps of:
    - verifying validity of a digital signature assigned to one of the messages to be verified in the messages generated or received in the past, using a public key paired with a secret key used to generate the digital signature;
      
      determining whether or not signature log entry information associated with the digital signature of the verification objective message has been registered to the signature log file; and
      
      judging whether or not authorized signature log entry information which is newer than signature log entry associated with the digital signature of the verification objective message and which has been confirmed as authorized information is properly chained with signature log entry information registered immediately before the authorized signature log entry information, and by repeatedly conducting said judging step, determining whether or not continuity is held up to the signature log entry associated with the digital signature of the verification objective message.
  - 8. A digital signature managing method according to claim 7, further comprising the steps of:
    - generating a signature, in a similar fashion as for the message transmission, for at least part of the signature log entry information registered to the signature log file to another user or for at least part of the signature log entry information registered to the signature log file in a form in which said at least part of the signature log entry information is added to a message, adding the signature to the signature log, and transmitting the signature log; and
      
      receiving at least part of the signature log entry information which is transmitted from another user together with a signature and which is registered to a signature log file generated by said another user, verifying the signature in substantially the same procedures as for that of the message reception, and adding the signature to the signature log.
  - 9. A digital signature managing method according to claim 8, further comprising the steps of:
    - identifying;
      
      in the judging of the chain of the signature log entry information associated with the digital signature of the verification objective message, if desired signature log entry information required for the judging of the chain has not been registered to the signature log file;
      
      another user according to user identifier information in the user search file, said another user possessing a signature log file to which the desired signature log entry information has been registered;
      
      transmitting identifier information identifying the desired signature log entry information to said another user thus identified and thereby requesting said another user to provide the desired signature log entry information; and
      
      judging of the chain using the desired signature log entry information provided from said another user according to the request.
  - 10. A digital signature managing method according to claim 9, wherein in a side of said another user having received the request for the desired signature log entry information, identifier information on said another user side identifying the desired signature log entry information registered to the user search file on said another user side is obtained according to the identifier information identifying the desired signature log entry information thus received, the desired signature log entry information is selected from the user search file on said another user side according to the identifier information on said another user side, and the desired signature log entry information is transmitted to the user having transmitted the request for the desired signature log entry information.
  - 11. A digital signature managing method according to claim 1, further comprising the step of submitting, when a user requests an arbitrating organization to verify validity of a message, a signature log file and a user search file respectively associated with the message to be verified, wherein the arbitrating organization verifies the message using the signature log file and the user search file thus submitted.
  - 12. A digital signature managing method according to claim 1, further comprising the step of transmitting signature log entry information registered to the signature log file to a publication organization periodically or at an interval of a predetermined period, wherein the public organization examines and opens the signature log entry information to the public.

13. An apparatus for managing digital signature in which a message and a digital signature proving validity of the message are generated, the message and the digital signature are transmitted at a time, and a message and a digital signature are received from an external device, comprising:
- a memory having stored a signature log file to which signature log entry information associated with the transmitted or received digital signature is to be registered;
  
  means for generating a new digital signature to be transmitted together with a message by reflecting, in the new digital signature, signature log entry information registered to the signature log file in the past;
  
  means for generating signature log entry information associated with the new digital signature using data used to generate the new digital signature and registering the signature log entry information to the signature log file;
  
  means for generating;
  
  using a message, a received digital signature, data to verify the received digital signature which are received from an external device;
  
  signature log entry information associated with the received message and registering the signature log entry information to the signature log file; and
  
  a user search file in a memory in addition to the signature log file, wherein information indicating that the signature log entry information in the signature log file is a transmitted digital signature transmitted or a received digital signature received, user identifier information indicating a transmission destination of the transmitted digital signature and a transmission source of the received digital signature, identifier information to identify each signature log entry information in the signature log file, and identifier information to establish a correspondence therebetween are registered to the user search file.
- View Dependent Claims (14)
- - 14. A digital signature managing apparatus according to claim 13, further comprising means for identifying, according to the user identifier information registered to the user search file, signature log entry information associated with a received digital signature registered to the signature log file or signature log entry information associated with a transmitted digital signature registered to the signature log file and conducting verification using log chain crossing using the signature log entry information identified in the signature log file.

15. A computer readable medium having stored a program of managing a digital signature in a digital signature system in which a message and a digital signature proving validity of the message are generated, the message and the digital signature are transmitted at a time, and a message and a digital signature are received from an external device, said medium having stored the steps of:
- preparing in a memory a signature log file to which signature log entry information associated with the transmitted or received digital signature is to be registered;
  
  generating a new digital signature to be transmitted together with a message by reflecting, in the new digital signature, signature log entry information registered to the signature log file in the past;
  
  generating signature log entry information associated with the new digital signature using data used to generate the new digital signature and registering the signature log entry information to the signature log file;
  
  by using a message, a received digital signature, data to verify the received digital signature which are received from an external device, generating signature log entry information associated with the received message and registering the signature log entry information to the signature log file; and
  
  preparing a user search file in a memory in addition to the signature log file, registering to the user search file information indicating that the signature log entry information in the signature log file is a transmitted digital signature transmitted or a received digital signature received and user identifier information indicating a transmission destination of the transmitted digital signature and a transmission source of the received digital signature, with a correspondence established between the information, the user identifier information, and each signature log entry information in the signature log file.
- View Dependent Claims (16)
- - 16. A computer readable medium according to claim 15, having further stored the step of identifying, according to the user identifier information registered to the user search file, signature log entry information associated with a received digital signature registered to the signature log file or signature log entry information associated with a transmitted digital signature registered to the signature log file and conducting verification using log chain crossing using the signature log entry information identified in the signature log file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Itoh, Shinji, Miyazaki, Kunihiko, Tanimoto, Kouichi, Nishioka, Katsuko, Omoto, Narihiro

Granted Patent

US 7,574,605 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

H04L 9/3247 involving digital signatures

H04L 9/3265 using certificate chains, t...

Method of managing digital signature, apparatus for processing digital signature, and a computer readable medium for recording program of managing digital signature

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

67 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method of managing digital signature, apparatus for processing digital signature, and a computer readable medium for recording program of managing digital signature

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links