Method and system for encoding signatures to authenticate files

US 20040054906A1
Filed: 09/09/2003
Published: 03/18/2004
Est. Priority Date: 09/12/2002
Status: Active Grant

First Claim

Patent Images

1. A computer file containing digital data wherein authentication information is encoded in the filename of said computer file at a predetermined position or using delimiters.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and system for verifying the authenticity and integrity of files transmitted through a computer network. Authentication information is encoded in the filename of the file. In a preferred embodiment, authentication information is provided by computing a hash value of the file, computing a digital signature of the hash value using a private key, and encoding the digital signature in the filename of the file at a predetermined position or using delimiters, to create a signed filename. Upon reception of a file, the encoded digital signature is extracted from the signed filename. Then, the encoded hash value of the file is recovered using a public key and extracted digital signature, and compared with the hash value computed on the file. If the decoded and computed hash values are identical, the received file is processed as authentic.

58 Citations

View as Search Results

13 Claims

1. A computer file containing digital data wherein authentication information is encoded in the filename of said computer file at a predetermined position or using delimiters.

2. A method for encoding authentication information in the filename of a computer file containing digital data, said method comprising the steps of:
- computing a digital signature of the computer file using a private key of a sender; and
  
  , encoding said computed digital signature in a filename of said computer file at a predetermined position or using delimiters.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9)
- - 3. The method of claim 2, wherein the step of encoding said computed digital signature includes the step of adding said computed digital signature in the filename just before the file extension, said computed digital signature having a fixed size.
  - 4. The method of claim 2, wherein the step of computing a digital signature is based on a symmetric or public-key algorithm.
  - 5. The method of claim 2, wherein the step of computing a digital signature includes the steps of:
    - computing a hash value of said computer file; and
      
      computing a digital signature of the computed hash value using the private key of the sender.
  - 6. The method of claim 5, wherein said step of computing a hash value uses a Secure Hash Algorithm or a Message-Digest-5 algorithm.
  - 7. The method of claim 2, further comprising the step of applying said method to files attached or linked to the computer file.
  - 8. Apparatus comprising means adapted for carrying out the method according to claim 2.
  - 9. A computer readable medium comprising program instructions for carrying out the method according to claim 2.

10. A method for authenticating a computer file having a filename comprising authentication information, said method comprising the steps of:
- extracting said authentication information from the filename of the computer file at a predetermined position or using delimiters;
  
  recovering an encoded hash value of the computer file by using a public key of a sender of the computer file and the extracted authentication information;
  
  computing a hash value of said computer file using a hash function used by the sender to generate the encoded authentication information;
  
  comparing the encoded and the computed hash values; and
  
  , if the encoded and the computed hash values are identical, processing the computer file, else, if the encoded and the computed hash values are different, rejecting the computer file.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10, further comprising the step of applying said method to files attached or linked to the computer file.
  - 12. Apparatus comprising means adapted for carrying out the method according to claim 10.
  - 13. A computer readable medium comprising program instructions for carrying out the method according to claim 10.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Carro, Fernando Incertis

Granted Patent

US 7,287,164 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

H04L 2209/60   Digital content management,...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

Method and system for encoding signatures to authenticate files

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

58 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for encoding signatures to authenticate files

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links