Systems and Methods for Registering and Acquiring E-Credentials using Proof-of-Existence and Digital Seals
First Claim
Patent Images
1. A method for registering and acquiring e-credentials comprised of:
- providing personal identity devices of owners, a device of an owner having an identity engine, the identity engine of the owner having e-credentials, including e-credentials of the owner and e-credentials of other owners;
providing a method for handling digital seals applied to electronic artifacts including documents, messages and e-credentials including affixing a digital seal to an electronic artifact using an e-credential of the owner, and inspecting a digital seal affixed to an electronic artifact using an e-credential of the owner;
providing an identity registry system having a memory, said system capable of storing an identifying thumbprint of an e-credential into said memory at a memory location, said identifying thumbprint and memory location specified by means of the identity engine of an owner, said identity registry system further capable of fetching said identifying thumbprint of said e-credential from a memory location of said memory specified by means of the identity engine of an owner, whereby an e-credential is registered in the identity registry system when stored, and the registration of said e-credential is verified when fetched;
an owner registering an e-credential by means of the identity engine of the owner, selecting an e-credential of the owner or an e-credential of another owner, the e-credential to be registered, hashing at least the identifier and public encryption keys of said e-credential yielding a hash, using said hash to specify a memory location, selecting an e-credential of the owner, the registering e-credential, using the method for handling digital seals, the registering e-credential, and said hash to affix a digital seal to the hash, the hash and the affixed digital seal yielding the identifying thumbprint of the e-credential to be registered, and storing said identifying thumbprint into said memory location of the identity registry system;
whereby the identifying thumbprint of the registered e-credential does not reveal personally identifying information of said e-credential, and the owner of the registering e-credential cannot repudiate having registered the e-credential to be registered;
an owner verifying the registration of an e-credential by means of the identity engine of the owner, selecting an e-credential of the owner or an acquired e-credential of another owner, the e-credential to be verified, hashing at least the identifier and public encryption keys of said e-credential to be verified yielding the hash of the e-credential to be verified, using said hash to specify a memory location, using said memory location to fetch the contents of the memory location from the identity registry system, terminating if an identifying thumbprint cannot be found in the memory location, extracting the hash and the digital seal of the identifying thumbprint, terminating if said hash and the hash of the e-credential to be verified do not match, examining said digital seal to determine and acquire the registering e-credential, using said registering e-credential, said hash, said digital seal, and the method for handling digital seals to verify said digital seal, terminating if said digital seal does not verify, otherwise indicating that the e-credential to be verified is registered;
whereby the owner verifies that the e-credential to be verified is registered in the identity registry system by the owner of the registering e-credential.
0 Assignments
0 Petitions
Accused Products
Abstract
Described is a system and methods for registering and acquiring e-credentials using personal devices and an identity registry system that combines the method for handling digital seals with a proof-of-existence method. The identity registry system is used to register and verify e-credentials. Device owners register their e-credentials when created and updated, and verify acquired e-credentials to safeguard against tampering and errors. When registering an e-credential, the e-credential is hashed and digitally sealed creating an identifying thumbprint that is stored in the identity registry system. When verifying an acquired e-credential, the e-credential is hashed, the identity registry system is searched to locate the identifying thumbprint, and the digital seal of the thumbprint is verified. A requesting owner can request an issuing owner to proof, attest, and digitally seal an e-credential of the requester. Both the issuer and requester use the identity registry system to verify e-credentials acquired from the other party.
41 Citations
4 Claims
-
1. A method for registering and acquiring e-credentials comprised of:
-
providing personal identity devices of owners, a device of an owner having an identity engine, the identity engine of the owner having e-credentials, including e-credentials of the owner and e-credentials of other owners; providing a method for handling digital seals applied to electronic artifacts including documents, messages and e-credentials including affixing a digital seal to an electronic artifact using an e-credential of the owner, and inspecting a digital seal affixed to an electronic artifact using an e-credential of the owner; providing an identity registry system having a memory, said system capable of storing an identifying thumbprint of an e-credential into said memory at a memory location, said identifying thumbprint and memory location specified by means of the identity engine of an owner, said identity registry system further capable of fetching said identifying thumbprint of said e-credential from a memory location of said memory specified by means of the identity engine of an owner, whereby an e-credential is registered in the identity registry system when stored, and the registration of said e-credential is verified when fetched; an owner registering an e-credential by means of the identity engine of the owner, selecting an e-credential of the owner or an e-credential of another owner, the e-credential to be registered, hashing at least the identifier and public encryption keys of said e-credential yielding a hash, using said hash to specify a memory location, selecting an e-credential of the owner, the registering e-credential, using the method for handling digital seals, the registering e-credential, and said hash to affix a digital seal to the hash, the hash and the affixed digital seal yielding the identifying thumbprint of the e-credential to be registered, and storing said identifying thumbprint into said memory location of the identity registry system;
whereby the identifying thumbprint of the registered e-credential does not reveal personally identifying information of said e-credential, and the owner of the registering e-credential cannot repudiate having registered the e-credential to be registered;an owner verifying the registration of an e-credential by means of the identity engine of the owner, selecting an e-credential of the owner or an acquired e-credential of another owner, the e-credential to be verified, hashing at least the identifier and public encryption keys of said e-credential to be verified yielding the hash of the e-credential to be verified, using said hash to specify a memory location, using said memory location to fetch the contents of the memory location from the identity registry system, terminating if an identifying thumbprint cannot be found in the memory location, extracting the hash and the digital seal of the identifying thumbprint, terminating if said hash and the hash of the e-credential to be verified do not match, examining said digital seal to determine and acquire the registering e-credential, using said registering e-credential, said hash, said digital seal, and the method for handling digital seals to verify said digital seal, terminating if said digital seal does not verify, otherwise indicating that the e-credential to be verified is registered;
whereby the owner verifies that the e-credential to be verified is registered in the identity registry system by the owner of the registering e-credential. - View Dependent Claims (2, 3, 4)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeKalman Csaba Toth
-
Original AssigneeKalman Csaba Toth
-
InventorsToth, Kalman Csaba
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current
-
CPC Class CodesG06F 21/33 using certificatesG06F 21/35 communicating wirelesslyG06F 21/45 Structures or tools for the...G06K 7/1095 the scanner comprising adap...H04L 2463/082 applying multi-factor authe...H04L 63/083 using passwords cryptograph...H04L 63/0853 using an additional device,...H04L 63/0861 using biometrical features,...H04L 9/0643 Hash functions, e.g. MD5, S...H04L 9/3247 involving digital signaturesH04L 9/3263 involving certificates, e.g...H04L 9/3268 using certificate validatio...H04W 12/068 using credential vaults, e....H04W 12/126 Anti-theft arrangements, e....
