System and Method for Sequential Data Signatures
First Claim
1. A method for signing a digital message, comprising:
- computing a password sequence comprising a plurality of passwords such that each respective password corresponds to an index unit;
receiving the message;
submitting a current request to a signature server, said current request being computed as a first function of the message and a current one of the passwords; and
if the request is approved, receiving from the signature server a current time-stamp for the current request and forming a signature for the message to include at least the current time-stamp.
3 Assignments
0 Petitions
Accused Products
Abstract
A digital message is signed and, if a request is approved, receives a time stamp. The request is computed as a first function of the message and a current one of a sequence of passwords computed such that each password corresponds to an index unit. Each of the passwords may be computed as a function, such as a hash function, pseudo-random function, or encryption function, of the subsequent password, whereby the sequence terminates with an initial password that forms a public key parameter for the password sequence. At least one hash tree uses at least a subset of the passwords as inputs to a hash tree used to verify the passwords.
-
Citations
44 Claims
-
1. A method for signing a digital message, comprising:
-
computing a password sequence comprising a plurality of passwords such that each respective password corresponds to an index unit; receiving the message; submitting a current request to a signature server, said current request being computed as a first function of the message and a current one of the passwords; and if the request is approved, receiving from the signature server a current time-stamp for the current request and forming a signature for the message to include at least the current time-stamp. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. The method of claim 23, further comprising receiving from the signature device a hash chain corresponding to a hash tree computation path from at least a subset of the passwords to a verifying root value, said subset of passwords including previously used passwords and a current password, but only within a predetermined period relative to the submitted index unit value.
-
24. A system for signing a digital message, comprising:
-
a processor; a memory; a password module comprising computer-executable code including instructions which, upon execution by the processor, cause the processor to compute a password sequence comprising a plurality of passwords such that each respective password corresponds to an index unit; and to compute a current request as a first function of a message (m) and a current one of the passwords; a certificate software module comprising computer-executable code including instructions which, upon execution by the processor, cause the processor to submit the current request to a signature server and, if the request is approved, to receive from the signature server a current time-stamp for the current request and forming a signature for the message to include at least the current time-stamp. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A password generation system comprising:
-
a client server that includes a processor and a non-volatile memory, said client server communicating with a signature device and a signature server; said client server being configured to receive a message, to submit the message along with an index value to the signature device; to receive the request back from the signature device, said request being computed as a cryptographic function of the message and a password corresponding to the index value; and to submit the request to the signature server and, if the request is approved, to receive from the signature server a current time-stamp for the current request and to a signature for the message to include at least the current time-stamp. - View Dependent Claims (44)
-
Specification