Long-term secure digital signatures

US 20060288216A1
Filed: 03/03/2004
Published: 12/21/2006
Est. Priority Date: 03/04/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

digitally signing an electronic document for long term security purposes, the step of digitally signing comprising the steps of;

marking electronic document with a digital mark forming a marked electronic document, and signing the marked electronic document with a first digital signature forming a signed electronic document, wherein the signed electronic document is signed with a second digital signature that is less computationally intensive in its generation than the first digital signature.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to digitally signing of electronic documents which are to be kept secure for a very long time, thereby taking into account future cryptographic developments which could render current cryptographic key-lengths insufficient. In accordance with the invention a double signature is issued for each document. A first digital signature (DTS) ensures the long time security, whilst a second digital signature (DUS) ensures the involvement of an individual user. Thereby, the second digital signature is less computationally intensive in its generation than the first digital signature.

78 Citations

View as Search Results

20 Claims

1. A method comprising:
- digitally signing an electronic document for long term security purposes, the step of digitally signing comprising the steps of;
  
  marking electronic document with a digital mark forming a marked electronic document, and signing the marked electronic document with a first digital signature forming a signed electronic document, wherein the signed electronic document is signed with a second digital signature that is less computationally intensive in its generation than the first digital signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 12, 17)
- - 2. The method according to claim 1, further comprising generating the digital mark to be dependent upon the content of the electronic document;
    - and generating the first digital signature using the digital mark.
  - 3. The method according to claim 1, further comprising providing the electronic document and the first digital signature to a client computer;
    - and using a cryptographic token to generate the second digital signature that depends on the content of the electronic document and the first digital signature.
  - 4. The method according to claim 3, wherein the cryptographic token is related to at least one of an individual user and a user group.
  - 5. The method according to claim 1, wherein the digital mark comprises a unique number that is at least one of a sequence number, a timestamp, and a value derived thereof.
  - 6. The method according to claim 1, wherein the second digital signature is based on a shorter cryptographic key then the first digital signature.
  - 7. The method according to claim 1, further comprising signing the signed electronic document additionally with a third digital signature.
  - 8. A method according to claim 1, further comprising:
    - employing a computer device for performing the signing of the second digital signature.
  - 9. The method according to claim 8 wherein the computer device comprising an electronic smart card reader for reading a smart card.
  - 12. The system according to claim 1, wherein the cryptographic device comprises an internal clock for verifying a predefined time-interval between the issuance of the digital mark signature and the second digital signature.
  - 17. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for signing an electronic document, said method steps comprising the steps of claim 1.

10. A system for digitally signing an electronic document for long term security purposes, the system comprising:
- a document repository for storing and providing the electronic document;
  
  a digital signature computing device connected to the document repository for deriving from a digital mark and the electronic document a first digital signature; and
  
  a cryptographic device for generating a second digital signature that is less computationally intensive in its generation than the first digital signature.
- View Dependent Claims (11, 13)
- - 11. The system according to claim 10, wherein the digital signature computing device comprises a tamperproof clock.
  - 13. The system according to claim 10, used for verifying the digital signed electronic document using a first public key corresponding to the first digital signature and a second public key corresponding to the second digital signature.

14. A method comprising verifying an electronic document that has been digitally signed by a first digital signature using a digital mark, and signed by a second digital signature forming a digitally signed electronic document, the step of verifying comprising the step of:
- verifying a validity of the digitally signed electronic document by using a first public key corresponding to the first digital signature and a second public key corresponding to the second digital signature, said second digital signature being less computationally intensive in its generation than the first digital signature.
- View Dependent Claims (15, 19, 20)
- - 15. The method according to claim 14, further comprising:
    - generating the digital mark to be dependent upon the content of the electronic document; and
      
      generating the first digital signature using the digital mark.
  - 19. An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing verification of an electronic document, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of claim 14.
  - 20. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for verifying an electronic document, said method steps comprising the steps of claim 14.

16. An article of manufacture comprising a computer usable medium having computer readable program code means embodied therein for causing functions of signing an electronic document, the computer readable program code means in said article of manufacture comprising computer readable program code means for causing a computer to effect the steps of:
- marking electronic document with a digital mark forming a marked electronic document, and signing the marked electronic document with a first digital signature forming a signed electronic document, wherein the signed electronic document is signed with a second digital signature that is less computationally intensive in its generation than the first digital signature.

18. A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing functions of a system for digitally signing an electronic document, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of;
- a document repository for storing and providing the electronic document;
  
  a digital signature computing device connected to the document repository for deriving from a digital mark and the electronic document a first digital signature; and
  
  a cryptographic device for generating a second digital signature that is less computationally intensive in its generation than the first digital signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Buhler, Peter, Kursawe, Klaus, Osborne, Michael, Maeder, Roman

Application Number

US10/548,137
Publication Number

US 20060288216A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 9/3234   involving additional secure...

H04L 9/3247   involving digital signatures

H04L 9/3297   involving time stamps, e.g....

Long-term secure digital signatures

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

78 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Long-term secure digital signatures

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links