Electronic signature method, program and server for implementing the method

US 20040093499A1
Filed: 09/11/2003
Published: 05/13/2004
Est. Priority Date: 09/18/2002
Status: Active Grant

First Claim

Patent Images

1. A method for applying an electronic signature from a client station, comprising the steps of:

/A/ authenticating the client station at a server, thereby establishing an authenticated communication channel between the client station and said server;

/B/ generating a private key/public key pair at the client station;

/C/ sending from the client station to the server, via the authenticated channel, a request for a signature certificate, generated by means of at least the public key;

/D/ sending from the server to the client station, via the authenticated channel, a signature certificate provided in response to said request;

/E/ calculating a cryptographic signature at the client station by means of the private key, then destroying the private key at the client station; and

/F/ formatting the calculated signature with the aid of the signature certificate received by the client station via the authenticated channel.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In order to apply an electronic signature from a client station having authentication resources at a server, the following steps are carried out: the client station is authenticated at the server, thus establishing an authenticated communication channel; a private key/public key pair is generated at the client station; a signature certificate request generated by means of at least the public key is transmitted from the client station to the server via the authenticated channel; a signature certificate obtained in response to the request is returned via the authenticated channel; this certificate is verified at the client station; an electronic signature is calculated at the client station by means of the private key, after which this private key is destroyed; and the calculated signature is formatted with the aid of the signature certificate received via the authenticated channel.

78 Citations

View as Search Results

14 Claims

1. A method for applying an electronic signature from a client station, comprising the steps of:
- /A/ authenticating the client station at a server, thereby establishing an authenticated communication channel between the client station and said server;
  
  /B/ generating a private key/public key pair at the client station;
  
  /C/ sending from the client station to the server, via the authenticated channel, a request for a signature certificate, generated by means of at least the public key;
  
  /D/ sending from the server to the client station, via the authenticated channel, a signature certificate provided in response to said request;
  
  /E/ calculating a cryptographic signature at the client station by means of the private key, then destroying the private key at the client station; and
  
  /F/ formatting the calculated signature with the aid of the signature certificate received by the client station via the authenticated channel.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. Method according to claim 1, wherein steps /C/ and /E/ are executed in parallel at the client station.
  - 3. Method according to claim 1, wherein steps /B/, /C/, /E/ and /F/ are at least partially executed at the client station under the control of a program downloaded from the server in response to step /A/.
  - 4. Method according to claim 1, wherein step /A/ comprises mutually authenticating the server and the client station.
  - 5. Method according to claim 1, comprising the further step of verifying, at the client station, the signature certificate received via the authenticated channel.
  - 6. Method according to claim 1, wherein the signature certificate obtained by the server has a validity period of at most one day.
  - 7. Method according to claim 1, comprising the preliminary step of registering the client station with respect to a certification authority with which the server cooperates, or with respect to a registration authority associated with said certification authority.

8. A computer program product, comprising instructions to be executed in a client station having authentication resources with respect to an electronic signature assistance server, said instructions including:
- instructions for generating a private key/public key pair after the establishment of an authenticated channel between the client station and said server;
  
  instructions for transmitting to the server, via the authenticated channel, a request for a signature certificate generated by means of at least the public key;
  
  instructions for receiving from the server, via the authenticated channel, a signature certificate obtained in response to said request;
  
  instructions for calculating a cryptographic signature by means of the private key, and then for destroying the private key; and
  
  instructions for formatting the calculated signature with the aid of the signature certificate received via the authenticated channel.
- View Dependent Claims (9, 10, 11)
- - 9. Computer program product according to claim 8, wherein the instructions for transmitting the signature certificate request and the instructions for calculating the electronic signature and then for destroying the private key are executable in parallel.
  - 10. Computer program product according to claim 8, wherein at least some of said instructions form part of a program written in a mobile code language and downloadable from said server (2) after establishment of the authenticated channel.
  - 11. Computer program product according to claim 8, wherein said instructions further include instructions for verifying the signature certificate received via the authenticated channel.

12. Electronic signature assistance server, comprising means of authenticating a client station to establish an authenticated communication channel with said client station, means for obtaining a signature certificate in response to a request received from the client station via the authenticated channel and for transmitting said certificate to the client station via the authenticated channel, and means for downloading to the client station a program written in a mobile code language, including instructions for controlling, at least partially, the execution of the following operations by the client station:
- generation of a private key/public key pair at the client station after the establishment of the authenticated channel;
  
  transmission to the server, via the authenticated channel, of a request for a signature certificate generated by means of at least the public key;
  
  reception, via the authenticated channel, of the signature certificate transmitted by the server in response to said request;
  
  calculation of a cryptographic signature at the client station by means of the private key, followed by destruction of the private key; and
  
  formatting of the calculated signature with the aid of the signature certificate received via the authenticated channel.
- View Dependent Claims (13, 14)
- - 13. Assistance server according to claim 12, wherein the signature certificate has a validity period of at most one day.
  - 14. Assistance server according to claim 12, wherein said operations further comprise a verification of the signature certificate received via the authenticated channel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Orange S.A.
Original Assignee
Orange S.A.
Inventors
Mouton, Dimitri, Arditi, David, Frisch, Laurent

Granted Patent

US 7,398,396 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 2209/68   Special signature format, e...

H04L 2209/80   Wireless network architectu...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

H04L 9/3297   involving time stamps, e.g....

Electronic signature method, program and server for implementing the method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

78 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Electronic signature method, program and server for implementing the method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others