Verification of electronic signatures

US 20070220259A1
Filed: 03/02/2006
Published: 09/20/2007
Est. Priority Date: 03/02/2006
Status: Active Grant

First Claim

Patent Images

1. A method of verifying an electronic signature associated with a plurality of timestamps, wherein each timestamp includes a time value, the method comprising:

detecting one or more invalid certificates in a certificate chain of the electronic signature;

selecting an earliest invalidity time of the one or more invalid certificates;

verifying the timestamps associated with the electronic signature;

recording the time value of the earliest valid timestamp;

declaring the electronic signature as valid if the time value of the earliest valid timestamp is earlier than the earliest invalidity time value of the one or more invalid certificates.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system verifies an electronic signature. The electronic signature may be associated with timestamps, each including a time value. A timestamp verification module detects invalid certificates in a certificate chain of the electronic signature and records an earliest invalidity time value of the invalid certificates. The verification module also verifies the timestamps associated with the electronic signature and records the time value of the earliest valid timestamp. A declaration module declares the electronic signature as valid if the time value of the earliest valid timestamp is earlier than the earliest invalidity time value of the one or more invalid certificates. The electronic signature may alternatively or additionally be associated with countersignatures. A countersignature verification module verifies the countersignatures associated with the electronic signature, and the declaration module declares the electronic signature as valid if all of the countersignatures are determined to be valid.

Citations

20 Claims

1. A method of verifying an electronic signature associated with a plurality of timestamps, wherein each timestamp includes a time value, the method comprising:
- detecting one or more invalid certificates in a certificate chain of the electronic signature;
  
  selecting an earliest invalidity time of the one or more invalid certificates;
  
  verifying the timestamps associated with the electronic signature;
  
  recording the time value of the earliest valid timestamp;
  
  declaring the electronic signature as valid if the time value of the earliest valid timestamp is earlier than the earliest invalidity time value of the one or more invalid certificates.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein the electronic signature is associated with a plurality of countersignatures and further comprising:
    - verifying the plurality of countersignatures associated with the electronic signature, wherein the declaration operation comprises declaring the electronic signature as valid if all of the countersignatures are determined to be valid and the time value of the earliest valid timestamp is earlier than the earliest invalidity time value of the one or more invalid certificates.
  - 3. The method of claim 1 wherein one or more of the countersignatures are certified by a chain of one or more certificates and the operation of verifying the countersignatures comprises:
    - verifying the certificates that certify the countersignatures; and
      
      determining a countersignature to be valid if the one or more certificates in its chain are determined to be valid.
  - 4. The method of claim 1 further comprising:
    - verifying the certificates in the certificate chain of the electronic signature, wherein a certificate is considered invalid if a certificate in the certificate chain is expired or revoked.
  - 5. The method of claim 1 wherein an invalidity time of an invalid certificate represents a time after a validity period of the invalid certificate.
  - 6. The method of claim 1 wherein an invalidity time of an invalid certificate represents a time at which the invalid certificate was revoked.
  - 7. The method of claim 1 wherein the electronic signature includes an electronic signature value provided by a signer and further comprising verifying the electronic signature value using a public key of the signer.
  - 8. The method of claim 1 wherein the timestamps are each certified by a chain of one or more certificates and the operation of verifying the timestamps comprises:
    - determining whether each certificate of a timestamp is expired or revoked, wherein a timestamp is considered invalid if a certificate in its chain is expired or revoked.
  - 9. The method of claim 1 wherein the timestamps are each certified by a chain of one or more certificates and the operation of verifying the timestamps comprises:
    - verifying the certificates that certify the timestamps; and
      
      determining a timestamp to be valid if the one or more certificates in its chain are determined to be valid.
  - 10. A computer-readable medium having computer-executable instructions for performing a computer process that implements the operations recited in claim 1.

11. A method of verifying an electronic signature associated with a plurality of countersignatures, the method comprising:
- verifying the plurality of countersignatures associated with the electronic signature;
  
  declaring the electronic signature as valid if all of the countersignatures are determined to be valid.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11 wherein one or more of the countersignatures are certified by a chain of one or more certificates and the operation of verifying the countersignatures comprises:
    - verifying the certificates that certify the countersignatures; and
      
      determining a countersignature to be valid if the one or more certificates in its chain are determined to be valid.
  - 13. The method of claim 11 further comprising:
    - verifying the certificates in the certificate chain of the electronic signature, wherein a certificate is considered invalid if a certificate in the certificate chain is expired or revoked.
  - 14. The method of claim 11 wherein the electronic signature includes an electronic signature value provided by a signer and further comprising verifying the electronic signature value using a public key of the signer.
  - 15. A computer-readable medium having computer-executable instructions for performing a computer process that implements the operations recited in claim 11.

16. A system for verifying an electronic signature associated with a plurality of timestamps, wherein each timestamp includes a time value, the system comprising:
- a timestamp verification module that detects one or more invalid certificates in a certificate chain of the electronic signature, records an earliest invalidity time value of the one or more invalid certificates, verifies the timestamps associated with the electronic signature, and records the time value of the earliest valid timestamp;
  
  a declaration module that declares the electronic signature as valid if the time value of the earliest valid timestamp is earlier than the earliest invalidity time value of the one or more invalid certificates.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16 wherein the electronic signature is associated with a plurality of countersignatures and further comprising:
    - a countersignature verification module that verifies the plurality of countersignatures associated with the electronic signature, wherein the declaration module declares the electronic signature as valid if all of the countersignatures are further determined to be valid.
  - 18. The system of claim 17 wherein one or more of the countersignatures are certified by a chain of one or more certificates and the countersignature verification module further verifies the certificates that certify the countersignatures and determines a countersignature to be valid if the one or more certificates in its chain are determined to be valid.
  - 19. The system of claim 16 further comprising:
    - an electronic signature verification module that verifies the certificates in the certificate chain of the electronic signature, wherein a certificate is considered invalid if a certificate in the certificate chain is expired or revoked.
  - 20. The system of claim 16 wherein the electronic signature includes an electronic signature value provided by a signer and further comprising an electronic signature verification module that verifies the electronic signature value using a public key of the signer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Pavlicic, Miladin

Granted Patent

US 7,904,725 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/3825   Use of electronic signatures

G06Q 20/389   Keeping log of transactions...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3265   using certificate chains, t...

H04L 9/3297   involving time stamps, e.g....

Verification of electronic signatures

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Verification of electronic signatures

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links