System and method for guaranteeing software integrity via combined hardware and software authentication
First Claim
1. A system for guaranteeing message integrity, comprising:
- a distribution center that transmits a message and at least one appended value; and
a user device that receives said transmission and computes an integrity value K′
that depends on said transmission and at least one stored secret value, where K′
selectively enables successful further processing of said message.
4 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product enabling individual user devices to authenticate and validate a digital message sent by a distribution center, without requiring transmissions to the distribution center. The center transmits the message with an appended modulus that is the product of two specially selected primes. The transmission also includes an appended authentication value that is based on an original message hash value, a new message hash value, and the modulus. The new message hash value is designed to be the center'"'"'s public RSA key; a corresponding private RSA key is also computed. Individual user devices combine a digital signet, a public modulus, unique hardware-based secret numbers, and an original message hash to compute a unique integrity value K. Subsequent messages are similarly processed to determine new integrity values K′, which equal K if and only if new messages originated from the center and have not been corrupted.
-
Citations
44 Claims
-
1. A system for guaranteeing message integrity, comprising:
-
a distribution center that transmits a message and at least one appended value; and
a user device that receives said transmission and computes an integrity value K′
that depends on said transmission and at least one stored secret value, where K′
selectively enables successful further processing of said message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for guaranteeing message integrity, comprising:
-
a user device having at least one stored integrity value related to an additional integrity value h0; and
a distribution center that transmits a message and an encryption of said additional integrity value h0, where said encryption uses a key based on a hash of said message. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A computer program product for guaranteeing message integrity, comprising a computer-readable medium tangibly embodying computer-executable code means thereon, said code means including:
-
a first code means for transmitting a message and at least one appended value from a distribution center;
a second code means for receiving said transmission with a user device; and
a third code means for computing an integrity value K′
that depends on said transmission and at least one stored secret value, where K′
selectively enables successful further processing of said message.
-
-
23. A method for guaranteeing message integrity, comprising:
-
transmitting a message together with an encrypted integrity value h0, said encrypted integrity value h0 being encrypted with a key based on the hash of said message;
decrypting said encrypted integrity value h0;
using said integrity value h0 together with stored integrity values to perform an integrity calculation; and
using the result of said integrity calculation for further processing. - View Dependent Claims (24, 25, 26, 27)
-
-
28. A method for conducting electronic commerce, comprising:
-
transmitting a message and at least one appended value from a distribution center;
receiving said transmission with a user device; and
computing an integrity value K′
that depends on said transmission and at least one stored secret value, where K′
selectively enables successful further processing of said message,wherein said further processing completes an electronic commerce transaction.
-
-
29. A method for guaranteeing message integrity, comprising:
-
transmitting a message and at least one appended value from a distribution center;
receiving said transmission with a user device;
computing an integrity value K′
that depends on said transmission and at least one stored value, where K′
selectively enables successful further processing of said message. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
Specification