Method and device for authenticating digital data by means of an authentication extension module

US 20050125659A1
Filed: 06/25/2004
Published: 06/09/2005
Est. Priority Date: 07/02/2003
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating digital data distributed between a plurality of data segments linked to each other in accordance with a chosen chaining relationship, each data segment being associated with an authentication signature, which method comprises the following steps:

authenticating said plurality of segments in accordance with a chosen authentication algorithm, adapted to calculate a signature value for each successive segment in a chained and iterative manner and to compare the value of said signature calculated in this way with said associated signature, the next segment being authenticated in said event of a positive result on comparing said current segment and said first segment being authenticated on the basis of at least one function from an authentication library contained in non-rewritable memory, providing at least one segment forming an executable authentication plug-in previously authenticated by at least one authentication function from said authentication library and linked to said plurality of segments in accordance with said chaining relationship, and in response to a request for authentication of a plurality of segments chained in accordance with said chaining relationship in this way, authenticating each successive segment and, in the case of a segment requiring said authentication plug-in, executing said authentication plug-in in order to authenticate said segment submitted in this way to said authentication plug-in.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication method provides a segment forming an executable authentication plug-in previously authenticated by at least one authentication function from an authentication library and linked to a plurality of segments in accordance with a chaining relationship. In response to a request for authentication of a plurality of segments chained in accordance with the chaining relationship in this way, the method authenticates each successive segment and, in the case of a segment requiring the authentication plug-in, it executes the authentication plug-in in order to authenticate the segment submitted in this way to the authentication plug-in.

Citations

11 Claims

1. A method of authenticating digital data distributed between a plurality of data segments linked to each other in accordance with a chosen chaining relationship, each data segment being associated with an authentication signature, which method comprises the following steps:
- authenticating said plurality of segments in accordance with a chosen authentication algorithm, adapted to calculate a signature value for each successive segment in a chained and iterative manner and to compare the value of said signature calculated in this way with said associated signature, the next segment being authenticated in said event of a positive result on comparing said current segment and said first segment being authenticated on the basis of at least one function from an authentication library contained in non-rewritable memory, providing at least one segment forming an executable authentication plug-in previously authenticated by at least one authentication function from said authentication library and linked to said plurality of segments in accordance with said chaining relationship, and in response to a request for authentication of a plurality of segments chained in accordance with said chaining relationship in this way, authenticating each successive segment and, in the case of a segment requiring said authentication plug-in, executing said authentication plug-in in order to authenticate said segment submitted in this way to said authentication plug-in.
- View Dependent Claims (2, 3, 4, 5, 10, 11)
- - 2. The method claimed in claim 1, wherein each segment is associated with a data table containing an associated signature, start and end addresses localizing said segment, start and end indicators localizing said associated signature, an indicator indicating that said segment is of the authentication plug-in type, and a designation identifying an authentication plug-in algorithm.
  - 3. The method claimed in claim 1, wherein said plurality of data segments is a result of segmenting a data file.
  - 4. The method claimed in claim 1, wherein at least one segment further contains an indicator relating to said authentication plug-in algorithm.
  - 5. The method claimed in claim 1, wherein said chaining relationship is such that said signature of said current segment comprises said identifier of said signature of said next segment.
  - 10. An information medium readable by a data processing system and optionally partially or totally removable, in particular a CD ROM, a magnetic medium such as a hard disk or a diskette, or a transmissible medium such as an electrical or optical signal, which information medium contains instructions of a computer program for executing the authentication method claimed in claim 1 when said program is loaded into and executed by a data processing system.
  - 11. A computer program stored on an information medium, said program containing instructions for executing said method claimed in claim 1 when said program is loaded into and executed by a data processing system.

6. A device for authenticating digital data distributed between a plurality of digital data segments linked to each other in accordance with a chosen chaining relationship, each data segment being associated with an authentication signature, which authentication device comprises:
- authentication means adapted to authenticate said plurality of segments in accordance with a chosen authentication algorithm and adapted to calculate a signature value for each successive segment in a chained and iterative manner and to compare the value of said signature calculated in this way with said associated signature, the next segment being authenticated in the event of a positive result for comparing said current segment, and said first segment being authenticated on the basis of at least one function from an authentication library contained in non-rewritable memory;
  
  processor means adapted to provide at least one executable authentication plug-in segment stored in rewritable memory previously authenticated by at least one authentication function from said authentication library and linked to said plurality of segments in accordance with said chaining relationship; and
  
  processing means adapted in response to a request for authentication of a plurality of segments chained in accordance with said chaining relationship in this way to authenticate each successive segment and in said case of a segment requiring said authentication plug-in to execute said authentication plug-in in order to authenticate said segment submitted in this way to said authentication plug-in.
- View Dependent Claims (7, 8, 9)
- - 7. The device claimed in claim 6, wherein each segment is associated with a data table comprising an associated authentication signature, start and end addresses localizing said segment, start and end indicators localizing said associated signature, an indicator indicating that said segment is of said authentication plug-in type, and a designation identifying an authentication extension algorithm.
  - 8. The device claimed in claim 6, wherein said plurality of data segments is the result of segmenting a data file.
  - 9. The device claimed in claim 6, wherein said chaining relationship is such that said signature of said current segment contains said identifier of said signature of the next segment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
InterDigital Patent Holdings, Inc. (InterDigital, Inc.)
Original Assignee
Thomson Licensing SA (Vantiva SA)
Inventors
Chau, Herve, Sarfati, Jean-Claude

Granted Patent

US 7,353,386 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/161
CPC Class Codes

G06F 21/33 using certificates

G06F 21/572 Secure firmware programming...

Method and device for authenticating digital data by means of an authentication extension module

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method and device for authenticating digital data by means of an authentication extension module

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links