Method for incremental authentication of documents
First Claim
1. A method of protecting an electronic document, the method comprising:
- dividing an original document into data blocks;
generating a corresponding hash value for each data block;
generating a corresponding hash value for a group of data blocks (GOB);
generating a hash tree structure based on the corresponding hash values for the data blocks and for the GOB;
calculating a hash value of a root node of the hash tree structure, the root node having no parent in the hash tree structure;
signing the hash value of the root node; and
generating auxiliary authentication data;
wherein said auxiliary authentication data enables authentication of portions of the electronic document based on a reconstruction of the hash tree structure.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of protecting an electronic document, the method comprising dividing an original document into data blocks; generating a corresponding hash value for each data block; generating a corresponding hash value for a group of data blocks (GOB); generating a hash tree structure based on the corresponding hash values for the data blocks and for the GOB; calculating a hash value of a root node of the hash tree structure, the root node having no parent in the hash tree structure; signing the hash value of the root node; and generating auxiliary authentication data; wherein said auxiliary authentication data enables authentication of portions of the electronic document based on a reconstruction of the hash tree structure.
-
Citations
14 Claims
-
1. A method of protecting an electronic document, the method comprising:
-
dividing an original document into data blocks;
generating a corresponding hash value for each data block;
generating a corresponding hash value for a group of data blocks (GOB);
generating a hash tree structure based on the corresponding hash values for the data blocks and for the GOB;
calculating a hash value of a root node of the hash tree structure, the root node having no parent in the hash tree structure;
signing the hash value of the root node; and
generating auxiliary authentication data;
wherein said auxiliary authentication data enables authentication of portions of the electronic document based on a reconstruction of the hash tree structure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of authenticating an electronic document divided into a group of data blocks (GOB), the method comprising:
-
receiving a signature based on a hash value of a root node of an original hash tree structure representation of content of an original document, the root node having no parent in the original hash tree structure;
receiving auxiliary authentication data;
generating a corresponding hash value for each received data block;
generating a corresponding hash value for the received GOB;
reconstructing an authentication hash tree structure based on the corresponding hash values for the received data blocks and for the received GOB, and based on the received auxiliary authentication data; and
authenticating a hash value of a root node of the authentication hash tree structure with said received signature.
-
-
11. A system for protecting an electronic document, the system comprising:
-
a dividing means for dividing an original document into data blocks;
a hash value generating means for generating a corresponding hash value for each data block; and
for generating a corresponding hash value for a group of data blocks (GOB);
a hash tree structure generating means for generating a hash tree structure based on the corresponding hash values for the data blocks and for the GOB;
a processor means for calculating a hash value of a root node of the hash tree structure, the root node having no parent in the hash tree structure;
a signing means for signing the hash value of the root node; and
wherein the processor means further generates auxiliary authentication data, wherein said auxiliary authentication data enables authentication of portions of the electronic document based on a reconstruction of the hash tree structure.
-
-
12. A system for authenticating an electronic document divided into a group of data blocks (GOB), the system comprising:
-
a receiving means for receiving a signature based on a hash value of a root node of an original hash tree structure representation of content of an original document, the root node having no parent in the original hash tree structure and for receiving auxiliary authentication data;
a hash value generating means generating a corresponding hash value for each received data block and for generating a corresponding hash value for the received GOB;
a hash tree structure generating means for reconstructing an authentication hash tree structure based on the corresponding hash values for the received data blocks and for the received GOB, and based on the received auxiliary authentication data; and
a processor means for authenticating a hash value of a root node of the authentication hash tree structure with said received signature.
-
-
13. A computer readable data storage medium having stored thereon computer code means for instructing a computer to execute a method of protecting an electronic document, the method comprising:
-
dividing an original document into data blocks;
generating a corresponding hash value for each data block;
generating a corresponding hash value for a group of data blocks (GOB);
generating a hash tree structure based on the corresponding hash values for the data blocks and for the GOB;
calculating a hash value of a root node of the hash tree structure, the root node having no parent in the hash tree structure;
signing the hash value of the root node; and
generating auxiliary authentication data;
wherein said auxiliary authentication data enables authentication of portions of the electronic document based on a reconstruction of the hash tree structure.
-
-
14. A computer readable data storage medium having stored thereon computer code means for instructing a computer to execute a method of authenticating an electronic document divided into a group of data blocks (GOB), the method comprising:
-
receiving a signature based on a hash value of a root node of an original hash tree structure representation of content of an original document, the root node having no parent in the original hash tree structure;
receiving auxiliary authentication data;
generating a corresponding hash value for each received data block;
generating a corresponding hash value for the received GOB;
reconstructing an authentication hash tree structure based on the corresponding hash values for the received data blocks and for the received GOB, and based on the received auxiliary authentication data; and
authenticating a hash value of a root node of the authentication hash tree structure with said received signature.
-
Specification