Systems and methods for authenticating and protecting the integrity of data streams and other data
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for enabling a recipient of a cryptographically-signed electronic communication to verify the authenticity of the communication on-the-fly using a signed chain of check values, the chain being constructed from the original content of the communication, and each check value in the chain being at least partially dependent on the signed root of the chain and a portion of the communication. Fault tolerance can be provided by including error-check values in the communication that enable a decoding device to maintain the chain'"'"'s security in the face of communication errors. In one embodiment, systems and methods are provided for enabling secure quasi-random access to a content file by constructing a hierarchy of hash values from the file, the hierarchy deriving its security in a manner similar to that used by the above-described chain. The hierarchy culminates with a signed hash that can be used to verify the integrity of other hash values in the hierarchy, and these other hash values can, in turn, be used to efficiently verify the authenticity of arbitrary portions of the content file.
234 Citations
94 Claims
-
1-74. -74. (canceled)
-
75. A method for encoding and transmitting a digital file in a manner designed to facilitate authentication of a streamed transmission of the file, the method including:
-
generating a progression of check values, each check value in the progression being derived from at least one other check value in the progression and from a transformed portion of the file;
transmitting the digital file and the progression of check values to a user'"'"'s system, whereby the user'"'"'s system is able to receive portions of the file and to use one or more received check values to authenticate said portions of the file before the entire file is received. - View Dependent Claims (76, 77, 78)
-
-
79. A computer program product for encoding a data block in a manner designed to facilitate authentication of a streamed transmission of the data block, the computer program product including:
-
(a) computer code for generating a progression of data check values, wherein each data check value is derived, at least in part, from (i) at least one other data check value in the progression, and (ii) a hash of a portion of the data block;
(b) computer code for encoding the data block by inserting each data check value into the data block in proximity to a portion of the data block to which the data check value corresponds;
(c) computer code for sending a streamed transmission of the encoded data block to a user'"'"'s system, whereby the user'"'"'s system is able to receive and authenticate portions of the streamed transmission before all of the data block is received; and
(d) a computer readable medium for storing the computer codes. - View Dependent Claims (80, 81, 82, 83)
-
-
84. A computer program product for verifying the integrity of a block of data, the computer program product including:
-
computer code for receiving a first portion of the block of data, and for receiving first and second check values in a chain of check values, wherein each check value in the chain is derived from a corresponding transformed portion of the block of data and from at least one other check value in the chain;
computer code for verifying the integrity of the first portion of the block of data and the second check value using, at least in part, the first check value;
computer code for allowing at least one use of the first portion of the block of data if the integrity of said first portion is successfully verified; and
a computer readable medium for storing the computer codes. - View Dependent Claims (85, 86, 87, 88, 89, 90)
-
-
91. A method for authenticating data, the method including:
-
(a) receiving a first sub-block of the data, a first error-check value, a first check value, and a second check value, wherein the first check value and the second check value form part of a progression of check values associated with the data, each check value in the progression being derived, at least in part, from (i) a sub-block of the data, and (ii) at least one other check value in the progression;
(b) using the first error-check value to detect a corruption of the integrity of the first sub-block;
(c) recording the detection of the corruption; and
(d) using the first check value and the first error-check value to verify the integrity of the second check value. - View Dependent Claims (92, 93, 94)
-
Specification