System and method for generating a digital certificate

US 20050138361A1
Filed: 12/07/2004
Published: 06/23/2005
Est. Priority Date: 12/22/2003
Status: Active Grant

First Claim

Patent Images

1. A method for generating a digital certificate, comprising the steps of:

providing for receiving a new digital record;

providing for assigning a sequence value to the new digital record;

providing for generating a first composite digital value by applying a first deterministic function to at least a first subset of the digital records stored in a repository;

providing for generating a first digital certificate, wherein the first digital certificate comprises at least the sequence value and the first composite digital value;

providing for adding the new digital record to the repository;

providing for generating a second composite digital value by applying a second deterministic function to at least a second subset of the digital records stored in the repository, wherein the second subset includes the new digital record;

providing for generating a composite sequence value;

providing for generating an interval digital value, wherein the interval digital value is based upon the first and second composite digital values; and

, providing for generating a second digital certificate, wherein the second digital certificate comprises at least the sequence value and the interval digital value.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for generating a digital certificate is provided wherein a new digital record is received and is assigned a sequence value. A first composite digital value is generated by applying a first deterministic function to the digital records stored in a repository. The sequence value and first composite digital value are included in a first certificate. After the digital record is added to the repository, a second composite digital value is generated by applying a second deterministic function to the digital records in the repository. This second composite digital value, and a composite sequence value, are published. An interval digital value which is based upon the first and second composite digital values, and the sequence value, are included in a second certificate which thus verifies the authenticity and sequence value of the digital record.

187 Citations

View as Search Results

37 Claims

1. A method for generating a digital certificate, comprising the steps of:
- providing for receiving a new digital record;
  
  providing for assigning a sequence value to the new digital record;
  
  providing for generating a first composite digital value by applying a first deterministic function to at least a first subset of the digital records stored in a repository;
  
  providing for generating a first digital certificate, wherein the first digital certificate comprises at least the sequence value and the first composite digital value;
  
  providing for adding the new digital record to the repository;
  
  providing for generating a second composite digital value by applying a second deterministic function to at least a second subset of the digital records stored in the repository, wherein the second subset includes the new digital record;
  
  providing for generating a composite sequence value;
  
  providing for generating an interval digital value, wherein the interval digital value is based upon the first and second composite digital values; and
  
  , providing for generating a second digital certificate, wherein the second digital certificate comprises at least the sequence value and the interval digital value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the sequence value is representative of the order in which the new digital record was received.
  - 3. The method of claim 1, further comprising the step of:
    - applying a digital signature to the first digital certificate.
  - 4. The method of claim 3, wherein the first digital certificate is generated using an asymmetric cryptographic algorithm.
  - 5. The method of claim 1, wherein the step of generating the first composite digital value is performed by applying the first deterministic function to all of the digital records stored in the repository.
  - 6. The method of claim 1, wherein the first and second deterministic functions are not the same functions.
  - 7. The method of claim 1, wherein the first and second deterministic functions are the same functions.
  - 8. The method of claim 1, wherein the step of generating the second composite digital value is performed by applying the second deterministic function to all of the digital records stored in the repository.
  - 9. The method of claim 1, wherein the first digital certificate further comprises the new digital record.
  - 10. The method of claim 1, wherein the second digital certificate further comprises at least one of:
    - the new digital record and the composite sequence value.
  - 11. The method of claim 1, wherein the repository of digital records comprises a data structure based on a forest of binary hash trees.
  - 12. The method of claim 1, further comprising the step of:
    - transmitting the second composite digital value to a public forum.
  - 13. The method of claim 1, further comprising the step of:
    - transmitting the composite sequence value to a public forum.
  - 14. The method of claim 1, wherein the step of generating the first composite digital value is performed before the step of adding the new digital record to the repository.
  - 15. The method of claim 1, wherein the step of generating the first composite digital value is performed before the step of generating the second composite digital value.

16. A digital certificate comprising:
- a sequence value, wherein the sequence value represents the number of digital records stored in a repository of digital records at a particular time; and
  
  , an interval digital value, wherein the interval digital value is a component of a composite digital value generated by the application of a deterministic function to at least a subset of the digital records stored in the repository at a particular time.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The digital certificate of claim 16, wherein the deterministic function is dependent upon the sequence value.
  - 18. The digital certificate of claim 16, wherein the composite digital value is generated by the application of the deterministic function to all of the digital records stored in the repository.
  - 19. The digital certificate of claim 16, further comprising at least a portion of a digital record.
  - 20. The digital certificate of claim 16, wherein the sequence value represents the number of digital records stored in the repository when a digital record was added to the repository.
  - 21. The digital certificate of claim 16, wherein the digital certificate further comprises a composite sequence value representing the number of digital records stored in the repository at a particular time.
  - 22. The digital certificate of claim 21, wherein the composite sequence value is transmitted to a public forum.
  - 23. The digital certificate of claim 16, wherein the repository of digital records comprises a data structure based on a forest of binary hash trees.

24. A method for evaluating a digital certificate comprising at least a sequence value and a first composite digital value, comprising the steps of:
- providing for generating a second composite digital value by applying a deterministic function to at least a subset of the digital records stored in a repository;
  
  providing for generating an interval digital value, wherein the interval digital value is based upon the first and second composite digital values; and
  
  , providing for determining from the interval digital value whether the first composite digital value accurately reflects at least a subset of the digital records in the repository.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 25. The method of claim 24, wherein the sequence value is representative of the order in which a digital record was received.
  - 26. The method of claim 24, wherein the digital certificate further comprises a digital signature.
  - 27. The method of claim 26, wherein the digital signature is generated using an asymmetric cryptographic algorithm.
  - 28. The method of claim 26, further comprising the step of:
    - providing for determining whether the digital signature is authentic.
  - 29. The method of claim 24, wherein the first composite digital value is generated by applying a second deterministic function to at least a subset of the digital records stored in the repository.
  - 30. The method of claim 29, wherein the first composite digital value is generated by applying the second deterministic function to all of the digital records stored in the repository.
  - 31. The method of claim 24, wherein the second composite digital value is generated by applying the deterministic function to all of the digital records stored in the repository.
  - 32. The method of claim 24, wherein the digital certificate further comprises a digital record.
  - 33. The method of claim 24, wherein the digital certificate further comprises a digital timestamp.
  - 34. The method of claim 24, wherein the repository comprises a data structure based on a forest of binary hash trees.
  - 35. The method of claim 24, further comprising the step of:
    - providing for generating a composite sequence value by applying a second deterministic function to at least a subset of the digital records in the repository.
  - 36. The method of claim 35, wherein the composite sequence value is representative of the number of digital records in the repository when the second composite digital value is generated.

37. A method for generating a plurality of digital certificates, comprising the steps of:
- providing for receiving a new digital record;
  
  providing for assigning a sequence value to the new digital record, wherein the sequence value represents the order in which the new digital record was received;
  
  providing for generating a first composite digital value by applying a hash function to all of the digital records stored in a repository, wherein the new digital record is not stored in the repository;
  
  providing for generating a first digital certificate, wherein the first digital certificate comprises the sequence value, the composite digital value, and the digital record;
  
  providing for applying a digital signature to the first digital certificate, wherein the digital signature is applied using an asymmetric cryptographic algorithm;
  
  providing for adding the new digital record to the repository;
  
  providing for generating a second composite digital value by applying a second hash function to all of the digital records stored in the repository, wherein the new digital record is stored in the repository;
  
  providing for generating a composite sequence value, wherein the composite sequence value is equal to the number of digital records stored in the repository when the second composite digital value is generated;
  
  providing for generating an interval value, wherein the interval value is generated by the application of a third hash function dependent upon the first and second composite digital values; and
  
  , providing for generating a second digital certificate, wherein the second digital certificate comprises at least the sequence value, the new digital record, the composite sequence value, the composite sequence number, and the interval digital value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Guardtime SA
Original Assignee
Guardtime IP Holdings Limited
Inventors
Buldas, Ahto, Saarepera, Mart

Granted Patent

US 7,698,557 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 9/3263 involving certificates, e.g...

System and method for generating a digital certificate

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

187 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for generating a digital certificate

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

187 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links