Data verifying method apparatus for creating data to be verified and data verifying apparatus

US 6,161,183 A
Filed: 10/14/1997
Issued: 12/12/2000
Est. Priority Date: 10/21/1996
Status: Expired due to Term

First Claim

Patent Images

1. A data verifying method, comprising the steps of:

creating a verification value of a data body inside a protective apparatus from a verification value of the relevant data body out of a plurality of data bodies generated in sequence and a verification value of a data body preceding the relevant data body;

creating a verification value with a signature by adding a digital signature inside the protective apparatus to the verification value created for the last data body out of the plurality of data bodies to be verified at a time;

sending the verification value with the signature outside from the protective apparatus; and

verifying the plurality of data bodies based on the plurality of data bodies and the verification value with the signature.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A token 12 creates utilization history information and sends the information to an information processing unit 11 and simultaneously creates an verification value and stores the value in a utilization-value holding unit 21. The information processing unit 11 records the utilization history information in a history holding unit 16. On receiving a verification-value output request from the information processing unit 11, the token 12 provides the verification value with a signature and outputs the combination of the verification value and the signature. The information processing unit sends to a recovery unit 13 the verification value with the signature as well as the utilization history information. The recovery unit 13 verifies the signature and also the utilization history on the basis of the verification value further.

64 Citations

View as Search Results

21 Claims

1. A data verifying method, comprising the steps of:
- creating a verification value of a data body inside a protective apparatus from a verification value of the relevant data body out of a plurality of data bodies generated in sequence and a verification value of a data body preceding the relevant data body;
  
  creating a verification value with a signature by adding a digital signature inside the protective apparatus to the verification value created for the last data body out of the plurality of data bodies to be verified at a time;
  
  sending the verification value with the signature outside from the protective apparatus; and
  
  verifying the plurality of data bodies based on the plurality of data bodies and the verification value with the signature.

2. An apparatus for creating data to be verified, said apparatus comprising:
- means for generating data bodies in sequence;
  
  verification value storage means for storing verification values;
  
  verification value creation means for creating a new verification value from the verification value stored in the verification value storage means and a newly generated data body and updating the verification value stored in the verification value storage means to the new verification value; and
  
  signature means for attaching a signature to the verification value stored in the verification value storage means at predetermined timing;
  
  wherein said verification value creation means, said verification value storage means and said signature means are installed in a protective apparatus.

3. A data verifying apparatus, comprising:
- a plurality of data bodies generated in sequence;
  
  means for receiving a verification value with a signature resulting from providing a signature for the verification value by adding a digital signature inside a protective apparatus to the verification value created for the last data body out of the plurality of data bodies to be verified at a time;
  
  signature verifying means for verifying the signature on the verification value received; and
  
  verifying means for verifying the correctness of the plurality of data bodies received from the verification value with the signature verified by the signature verifying means.

4. A history holding method for holding in a protective apparatus only a verification value resulting from sequential calculations with respect to a group of history data comprising:
- a plurality of continuous history data, and providing a signature for only the verification value when the verification value is output from the protective apparatus.

5. A history holding apparatus comprising:
- data input means for inputting a plurality of continuous data;
  
  data processing means for processing the data;
  
  verification value creation means for creating a verification value with history data in the form of a combination of the data processing and the verification value held at the time the history data is processed as inputs;
  
  verification value holding means for holding the verification value thus created; and
  
  signature means for providing a signature for the verification value;
  
  wherein said verification value creation means, said verification value holding means and said signature means are installed in a protective apparatus.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
- - 6. A history holding apparatus as claimed in claim 5, wherein unidirectional functions are used for calculations applicable to said verification value creation means.
  - 7. A history holding apparatus as claimed in claim 5, wherein the history data is in the form of a combination of the history data body and the verification value at the time the history data is processed.
  - 8. A history holding apparatus as claimed in claim 5, further comprising counter means for counting each time data is processed, wherein the history data in the history data group is in the form of a combination of the count when the data is processed and a history body.
  - 9. A history holding apparatus as claimed in claim 5, wherein the verification value with the signature is output in compliance with a user'"'"'s request.
  - 10. A history holding apparatus as claimed in claim 5, wherein the history holding means comprising a single CPU with software;
    - andwherein when the load of the CPU applied by the data processing means is low, the signature means creates and outputs the verification value with the proper signature.
  - 11. A history holding apparatus as claimed in claim 5, further comprising function halt means for stopping the function of the data processing means at a point of time the verification value is output until a proper instruction is given from the outside.
  - 12. A history holding apparatus as claimed in claim 11, further comprising halt condition holding means for stopping the function, wherein when the conditions described in the halt condition holding means are met, the function halt means outputs the verification value with the signature written thereto and stops its function.
  - 13. A history holding apparatus as claimed in claim 11, further comprising public-key holding means for holding a public key of an external right person, wherein the function halt means verifies that an accepting instruction is intended to restore the function corresponding to the lastly-output verification value provided with a digital signature made by the external right person and that by verifying the signature with the public key held by the public-key holding means at the time of receiving the instruction, whether or not the verification value with the signature is equal to the verification value held by the verification value holding means.

14. A history verifying apparatus comprising:
- data input means for inputting a verification value with a signature, the signature being provided for the verification value calculated from a plurality of continuous history data in group and from the data groups;
  
  signature verifying means for verifying the signature of the verification value thus received with the signature; and
  
  verifying means for verifying the correctness of the data group received from the data group received and the verification value whose signature has been verified.
- View Dependent Claims (15, 16, 17, 18)
- - 15. A history verifying apparatus as claimed in claim 14, further comprising previous verification value storage means for storing the verification value received a last time;
    - wherein the verifying means employs the previous verification value when making verification.
  - 16. A history verifying apparatus as claimed in claim 14, wherein the calculations for use in said verifying means are based on unidirectional functions.
  - 17. A history verifying apparatus as claimed in claim 14, wherein the history data is in the form of a combination of the history data body and the verification value at the time the history data is processed.
  - 18. A history verifying apparatus as claimed in claim 14, wherein the history data in the history data group is in the form of a combination of the value of the counter when the data is processed and a history body.

19. A history holding apparatus comprising:
- data storage means for holding data;
  
  halt condition holding means for holding the operating state of the data storage means at the time the function is stopped;
  
  function halt means for stopping the function when the conditions held in the halt condition holding means are met and keeping the function stopped until a function start request is received from the outside;
  
  private-key holding means for holding a private key;
  
  digital signature means for providing a digital signature using the private key held in the private-key holding means for the data group held in data holding means;
  
  digital signature holding means for holding the digital signature affixed; and
  
  public-key holding means for holding the public key of an external right person, wherein the function halt means verifies that an accepting instruction is intended to restore the function corresponding to the digital signature provided by the external right person for the digital signature held in the digital signature holding means and that by verifying the signature with the public key held by the public-key holding means at the time of receiving the instruction, whether or not the value with the signature is equal to the value held by the digital signature holding means.

20. An electronic equipment comprising:
- function halt means for stopping at least part of the function of an electronic equipment body when predetermined conditions are met;
  
  means for outputting predetermined data;
  
  means for receiving data with a signature, the data being created by providing the signature for the predetermined data;
  
  signature verifying means for verifying the signature on the predetermined data received; and
  
  means for releasing the halt state of that part of the function when the correctness of the signature of the data with the signature is verified by the signature verifying means.

21. A computer program product for effecting interaction between a data creation apparatus and a data recovery apparatus for recovering data bodies that are output from the data creation apparatus, which comprises means for generating the data bodies in sequence, verification value holding means for holding verification values, verification value creation means for creating a new verification value from the verification value held in the verification value holding means and a newly generated data body and updating the verification value held in the verification value holding means to the new verification value, and signature means for attaching a signature to the verification value held in the verification value holding means at predetermined timing, characterized by causing a computer to take the steps of:
- storing the data body that is output from the data creation apparatus and the verification value provided with the signature, andsending the data body and the verification value with the signature thus stored therein to the data recovery apparatus at predetermined timing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fuji Xerox Company Limited (Xerox Holdings Corp.)
Original Assignee
Fuji Xerox Company Limited (Xerox Holdings Corp.)
Inventors
Saito, Kazuo, Takeda, Koji, Shin, Kilho
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
Callahan, Paul E.

Application Number

US08/950,184
Time in Patent Office

1,155 Days
Field of Search

705/52, 705/54, 705/55, 705/56, 705/57, 705/59, 705/65, 705/67, 705/77, 713/159, 713/176, 713/179, 713/185, 713/193, 380/231, 380/233, 380/49, 380/30, 380/282, 380/283, 380/284, 380/285
US Class Current

713/176
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/64   Protecting data integrity, ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2135   Metering

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2153   Using hardware token as a s...

G06Q 20/085   involving remote charge det...

G06Q 20/3674   involving authentication

H04L 9/0625   with splitting of the data ...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/3234   involving additional secure...

H04L 9/3247   involving digital signatures

Data verifying method apparatus for creating data to be verified and data verifying apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Data verifying method apparatus for creating data to be verified and data verifying apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links