Digital signature purpose encoding
First Claim
1. A method for encoding a purpose description for a data stream comprising the steps of:
- passing a purpose description to an extended digital signature function;
seeding a first hash function with a hash value generated from said data stream;
passing said purpose description to said hash function;
generating an extended hash value from said purpose description and said first hash value; and
generating an extended digital signature using a digital signature function on said extended hash value.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for encoding a purpose into a digital signature, where purpose and digital signature bound into an extended digital signature. The extended digital signature capability binds a purpose description identifying the purpose for the digital signature so that when affixed to a digital signature, the digital signature cannot be employed for improper purposes. A hash function is used to generate a hash value from the purpose description. The hash value is used in a digital signature function to bind the purpose to a digital signature. The extended digital signature can be verified for validity by comparing it to a hash value. In an electronic transaction, the extended digital signature can allow a purpose to be bound with the digital signature so that improper or unauthorized transactions are detected and disallowed.
178 Citations
14 Claims
-
1. A method for encoding a purpose description for a data stream comprising the steps of:
-
passing a purpose description to an extended digital signature function; seeding a first hash function with a hash value generated from said data stream; passing said purpose description to said hash function; generating an extended hash value from said purpose description and said first hash value; and generating an extended digital signature using a digital signature function on said extended hash value.
-
-
2. A method of verifying a digital signature and a purpose description for a data stream comprising the steps of:
-
passing said purpose description and said digital signature to an extended digital signature function; generating a first extended hash value using said purpose description; recovering a second extended hash value from said digital signature; and comparing said first extended hash value with said second extended hash value, a true comparison resulting in verifying that digital signature and said purpose description are valid. - View Dependent Claims (3, 4, 5, 6, 7)
-
-
8. A method for encoding a purpose description for a digital signature of a data stream in an electronic transaction, comprising the steps of:
-
generating a hash value using a hash function on said data stream; passing said hash value and said purpose description to said hash function to generate an extended hash value; generating said extended digital signature by passing said extended hash value to a digital signature function wherein said digital signature function binds said purpose description with said digital signature; and affixing said extended digital signature to said input data stream to perform said electronic transaction. - View Dependent Claims (9)
-
-
10. In a network capable of handling an electronic transaction, an apparatus comprising:
-
a client coupled to said network requesting said electronic transaction, said client sending a request over said network; a server coupled to said client, and to said network, said server receiving said request and sending an extended digital signature for authorizing said request, wherein a purpose description is binded in said extended digital signature; and an electronic transaction provider, said provider coupled to said network, said provider completing said electronic transaction in accordance with said purpose description of said authorization. - View Dependent Claims (11)
-
-
12. In a computer system having main memory, CPU, and bus, a digital signature processor comprising:
-
a hash function circuit coupled to said bus receiving input data signals over said bus and converting said input data signals to a hash value; a digital signature circuit coupled to said hash function circuit to receive said hash value and a purpose description stored in said computer system and to bind said purpose description and said hash value into an extended digital signature. - View Dependent Claims (13, 14)
-
Specification