Digital signature with auditing bits
First Claim
1. A method for performing a cryptographically assured electronic transaction requested by a user module, and providing multiple independent audit trails therefor, comprising the steps performed by an application module of:
- (a) cryptographically interlocking with a user module;
(b) receiving, from said user module, a cryptographically verifiable transaction request;
(c) cryptographically verifying said received transaction request;
(d) electronically performing said transaction;
(e) logging said performed transaction as part of a digitally signed hash chain including at least one previously performed transaction, to provide a first cryptographically assured audit trail of said transaction;
(f) cryptographically interlocking with an auditing module separate from said application module; and
(g) transmitting said hash chain to said auditing module, to provide thereat a second cryptographically assured audit trail of said transaction, independent of said first audit trail in said application module.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for digitally signing a message by a tamper-resistant device to generate a digital signature. The method includes the step of hashing the message to form message bits; and encrypting with a private key the message bits, redundancy bits for the security of the signature, and auditing bits to form the digital signature for the message. The auditing bits provide an audit trail for the message. The auditing bits include one or more of the following categories: signature-packet version bits to identify the version of the device generating the signature; device ID bits to identify the token generating the digital signature; key ID bits to identify the private key; a packet-sequence number, which increments every time the device generates a signature to indicate the sequence of signatures generated; bits generated by hashing the prior signature to provide an auditing trail of signatures generated and a time-stamp to indicate the time when the signature is generated. The auditing bits may further include a random number.
366 Citations
20 Claims
-
1. A method for performing a cryptographically assured electronic transaction requested by a user module, and providing multiple independent audit trails therefor, comprising the steps performed by an application module of:
-
(a) cryptographically interlocking with a user module; (b) receiving, from said user module, a cryptographically verifiable transaction request; (c) cryptographically verifying said received transaction request; (d) electronically performing said transaction; (e) logging said performed transaction as part of a digitally signed hash chain including at least one previously performed transaction, to provide a first cryptographically assured audit trail of said transaction; (f) cryptographically interlocking with an auditing module separate from said application module; and (g) transmitting said hash chain to said auditing module, to provide thereat a second cryptographically assured audit trail of said transaction, independent of said first audit trail in said application module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A cryptographic application module for performing a cryptographically assured electronic transaction requested by a user module, and providing multiple independent audit trails therefor, comprising:
-
(a) means for cryptographically interlocking with a user module; (b) means for receiving, from said user module, a cryptographically verifiable transaction request; (c) means for cryptographically verifying said received transaction request; (d) means for electronically performing said transaction; (e) means for logging said performed transaction as part of a digitally signed hash chain including at least one previously performed transaction, to provide a first cryptographically assured audit trail of said transaction; (f) means for cryptographically interlocking with an auditing module separate from said application module; and (g) means for transmitting said hash chain to said auditing module, to provide thereat a second cryptographically assured audit trail of said transaction, independent of said first-audit trail in said application module. - View Dependent Claims (18, 19, 20)
-
Specification