Digital signature providing non-repudiation based on biological indicia
First Claim
1. A data card comprising:
- a memory;
a reader connected to the memory;
information stored in the memory identifying a registrant;
a digital certificate stored in the memory, wherein the digital certificate includes a digitized biological indicium, the biological indicium uniquely identifying the registrant;
a certificate database containing a verified copy of the digital certificate;
an access database; and
a processor connected to the reader, the certificate database and the access database, wherein the processor commands the reader to read the digital certificate and the identifying information from the memory, compares the digital certificate from the memory with the verified copy in the certificate database and stores the identifying information in the access database.
1 Assignment
0 Petitions
Accused Products
Abstract
A digital certificate is formed from a digitized representation of a unique biological feature of a registrant, for example, the registrant'"'"'s chromosomal DNA. The digital representation is signed with the registrant'"'"'s private encryption key and transmitted to a certificate authority. The registrant'"'"'s identity is verified at a remote registration terminal. When the registrant'"'"'s identity has been verified the certificate authority forms the certificate by encrypting the digital signature with the certificate authority'"'"'s own encrypting key. The certificate is also held in a publicly available directory. The certificate is used to authenticate an electronic document by appending the certificate to the electronic document. The document and the certificate are then transmitted to a receiving terminal. The identity of the transmitting party can be verified by inspecting the certificate. In the event the sending party denies sending the document, the biological feature can be extracted from the certificate and directly compared with the actual biological feature of the sending party.
-
Citations
13 Claims
-
1. A data card comprising:
-
a memory; a reader connected to the memory; information stored in the memory identifying a registrant; a digital certificate stored in the memory, wherein the digital certificate includes a digitized biological indicium, the biological indicium uniquely identifying the registrant; a certificate database containing a verified copy of the digital certificate; an access database; and a processor connected to the reader, the certificate database and the access database, wherein the processor commands the reader to read the digital certificate and the identifying information from the memory, compares the digital certificate from the memory with the verified copy in the certificate database and stores the identifying information in the access database.
-
-
2. A method for forming a certificate for authentication of electronic messages, the method comprising:
-
providing a digital representation of a biological indicium of a registrant; forming a first encrypting key according to a public key algorithm; encrypting the digitized representation using the first encrypting key to form a digital signature; transmitting the digital signature to a certificate authority; forming a second encrypting key according to the public key algorithm; and encrypting the signature using the second encrypting key by the certificate authority to form the certificate. - View Dependent Claims (3)
-
-
4. A method for forming a certificate for authentication of electronic messages, the method comprising:
-
entering information identifying a registrant; providing a digital representation of a biological indicium of the registrant; first encrypting the digital representation to form a digital signature; appending the identifying information to the digital signature; transmitting the digital signature to a certificate authority; verifying the entered identifying information at a remote registration terminal to generate verification information; transmitting the verification information from the remote registration terminal to the certificate authority; and second encrypting the digital signature by the certificate authority to form the certificate.
-
-
5. A method of authenticating an electronic document, the method comprising:
-
providing a digitized biological indicium of a registrant; first encrypting the digitized biological indicium to form a digital signature; storing the digitized biological indicium on a storage medium; transmitting the digital signature to a certificate authority from a registrant terminal; decrypting the digital signature to extract the digitized biological indicium; registering the registrant by entering identifying information provided by the registrant into a registration terminal; retrieving the digitized biological indicia from the storage medium by the registration terminal; transmitting the identifying information and the digitized biological indicium to the certificate authority from the registration terminal; comparing the transmitted digitized biological indicium with the digitized biological indicium extracted by the certificate authority; second encrypting the digital signature to form a certificate; storing the certificate in a registry; appending the certificate to the electronic document to form a signed document; transmitting the signed document to a receiving terminal by an electronic transmission means; extracting the certificate from the transmitted signed document; and comparing the extracted certificate with the certificate stored in the registry.
-
-
6. A method of authenticating an electronic document, the method comprising:
-
providing a digitized biological indicium of a registrant; first encrypting the digitized biological indicium to form a digital signature; authenticating the digital signature; generating a second private encrypting key and second public decrypting key by a certificate authority; encrypting the digital signature using the second private encrypting key to form a certificate; storing the second public decrypting key in a registry; appending the certificate to the electronic document to form a signed document; transmitting the signed document to a receiving terminal by an electronic transmission means; extracting the certificate from the transmitted signed document; and comparing the extracted certificate with the certificate stored in the registry. - View Dependent Claims (7)
-
-
8. An apparatus for forming a certificate comprising:
-
a storage medium containing a digital representation of a biological indicium of a registrant; a terminal including; input means for reading the storage medium and for inputting the digital representation; first encrypting means for encrypting the digitized representation to form a digital signature; and transmitting means for transmitting the digital signature; and a certificate authority, the certificate authority including; receiving means for receiving the transmitted digital signature; decrypting means for decrypting the digital signature to extract the digital representation; authenticating means for verifying that the biological indicium represented by the digital representation corresponds to the registrant; and second encrypting means for encrypting the digital signature to form the certificate. - View Dependent Claims (9, 10, 11, 12)
-
-
13. An apparatus for forming a certificate comprising:
-
a communication network; a memory containing a digital representation of a biological indicium of a registrant; a terminal including; a reader responsive to the memory to capture the digital representation; a first encrypting processor connected with the reader; and a first modem connected with the first encrypting processor, wherein the first encrypting processor encrypts the digital representation retrieved from the memory to form a digital signature and causes the first modem to transmit the digital signature via the communication network; and a certificate authority, the certificate authority including; a second modem connected with the communication network, wherein the second modem receives the digital signature from the communication network; a decrypting processor connected with the second modem, wherein the decrypting processor receives the digital signature from the second modem and decrypts the digital signature to recover the digital representation; a comparator connected to the decrypting processor, wherein the comparator receives the digital representation from the decrypting processor and compares the digital representation with a verified digital signature and, if a match is found between the digital signature and the verified digital signature, the comparator generates an authenticated signal; and a second encrypting processor connected with the comparator and responsive to the authenticated signal, wherein, in response to the authenticated signal, the second encrypting processor encrypts the digital signature thereby forming a digital certificate.
-
Specification