Digital signature providing non-repudiation based on biological indicia

US 6,167,518 A
Filed: 07/28/1998
Issued: 12/26/2000
Est. Priority Date: 07/28/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A data card comprising:

a memory;

a reader connected to the memory;

information stored in the memory identifying a registrant;

a digital certificate stored in the memory, wherein the digital certificate includes a digitized biological indicium, the biological indicium uniquely identifying the registrant;

a certificate database containing a verified copy of the digital certificate;

an access database; and

a processor connected to the reader, the certificate database and the access database, wherein the processor commands the reader to read the digital certificate and the identifying information from the memory, compares the digital certificate from the memory with the verified copy in the certificate database and stores the identifying information in the access database.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A digital certificate is formed from a digitized representation of a unique biological feature of a registrant, for example, the registrant'"'"'s chromosomal DNA. The digital representation is signed with the registrant'"'"'s private encryption key and transmitted to a certificate authority. The registrant'"'"'s identity is verified at a remote registration terminal. When the registrant'"'"'s identity has been verified the certificate authority forms the certificate by encrypting the digital signature with the certificate authority'"'"'s own encrypting key. The certificate is also held in a publicly available directory. The certificate is used to authenticate an electronic document by appending the certificate to the electronic document. The document and the certificate are then transmitted to a receiving terminal. The identity of the transmitting party can be verified by inspecting the certificate. In the event the sending party denies sending the document, the biological feature can be extracted from the certificate and directly compared with the actual biological feature of the sending party.

Citations

13 Claims

1. A data card comprising:
- a memory;
  
  a reader connected to the memory;
  
  information stored in the memory identifying a registrant;
  
  a digital certificate stored in the memory, wherein the digital certificate includes a digitized biological indicium, the biological indicium uniquely identifying the registrant;
  
  a certificate database containing a verified copy of the digital certificate;
  
  an access database; and
  
  a processor connected to the reader, the certificate database and the access database, wherein the processor commands the reader to read the digital certificate and the identifying information from the memory, compares the digital certificate from the memory with the verified copy in the certificate database and stores the identifying information in the access database.

2. A method for forming a certificate for authentication of electronic messages, the method comprising:
- providing a digital representation of a biological indicium of a registrant;
  
  forming a first encrypting key according to a public key algorithm;
  
  encrypting the digitized representation using the first encrypting key to form a digital signature;
  
  transmitting the digital signature to a certificate authority;
  
  forming a second encrypting key according to the public key algorithm; and
  
  encrypting the signature using the second encrypting key by the certificate authority to form the certificate.
- View Dependent Claims (3)
- - 3. The method according to claim 2 further comprising providing a workstation in the custody of the registrant and performing at least one of the first encrypting step and the second encrypting step at the workstation.

4. A method for forming a certificate for authentication of electronic messages, the method comprising:
- entering information identifying a registrant;
  
  providing a digital representation of a biological indicium of the registrant;
  
  first encrypting the digital representation to form a digital signature;
  
  appending the identifying information to the digital signature;
  
  transmitting the digital signature to a certificate authority;
  
  verifying the entered identifying information at a remote registration terminal to generate verification information;
  
  transmitting the verification information from the remote registration terminal to the certificate authority; and
  
  second encrypting the digital signature by the certificate authority to form the certificate.

5. A method of authenticating an electronic document, the method comprising:
- providing a digitized biological indicium of a registrant;
  
  first encrypting the digitized biological indicium to form a digital signature;
  
  storing the digitized biological indicium on a storage medium;
  
  transmitting the digital signature to a certificate authority from a registrant terminal;
  
  decrypting the digital signature to extract the digitized biological indicium;
  
  registering the registrant by entering identifying information provided by the registrant into a registration terminal;
  
  retrieving the digitized biological indicia from the storage medium by the registration terminal;
  
  transmitting the identifying information and the digitized biological indicium to the certificate authority from the registration terminal;
  
  comparing the transmitted digitized biological indicium with the digitized biological indicium extracted by the certificate authority;
  
  second encrypting the digital signature to form a certificate;
  
  storing the certificate in a registry;
  
  appending the certificate to the electronic document to form a signed document;
  
  transmitting the signed document to a receiving terminal by an electronic transmission means;
  
  extracting the certificate from the transmitted signed document; and
  
  comparing the extracted certificate with the certificate stored in the registry.

6. A method of authenticating an electronic document, the method comprising:
- providing a digitized biological indicium of a registrant;
  
  first encrypting the digitized biological indicium to form a digital signature;
  
  authenticating the digital signature;
  
  generating a second private encrypting key and second public decrypting key by a certificate authority;
  
  encrypting the digital signature using the second private encrypting key to form a certificate;
  
  storing the second public decrypting key in a registry;
  
  appending the certificate to the electronic document to form a signed document;
  
  transmitting the signed document to a receiving terminal by an electronic transmission means;
  
  extracting the certificate from the transmitted signed document; and
  
  comparing the extracted certificate with the certificate stored in the registry.
- View Dependent Claims (7)
- - 7. The method according to claim 6 further comprising:
    - retrieving the second public decrypting key from the registry;
      
      decrypting the certificate using the second public decrypting key to obtain the digital signature;
      
      decrypting the digital signature using the first public decrypting key to extract the digitized representation; and
      
      comparing the extracted digitized representation with the biological indicium of the registrant.

8. An apparatus for forming a certificate comprising:
- a storage medium containing a digital representation of a biological indicium of a registrant;
  
  a terminal including;
  
  input means for reading the storage medium and for inputting the digital representation;
  
  first encrypting means for encrypting the digitized representation to form a digital signature; and
  
  transmitting means for transmitting the digital signature; and
  
  a certificate authority, the certificate authority including;
  
  receiving means for receiving the transmitted digital signature;
  
  decrypting means for decrypting the digital signature to extract the digital representation;
  
  authenticating means for verifying that the biological indicium represented by the digital representation corresponds to the registrant; and
  
  second encrypting means for encrypting the digital signature to form the certificate.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The apparatus according to claim 8 wherein the terminal includes hashing means for hashing the digital representation.
  - 10. The apparatus according to claim 8 wherein the transmitting means includes a communication network.
  - 11. The apparatus according to claim 10 wherein the authenticating means includes a remote registration terminal connected with the certificate authority via the communication network.
  - 12. The apparatus according to claim 11 wherein the remote registration terminal includes a reader for reading the digital representation from the storage medium and input means for inputting information identifying the registrant.

13. An apparatus for forming a certificate comprising:
- a communication network;
  
  a memory containing a digital representation of a biological indicium of a registrant;
  
  a terminal including;
  
  a reader responsive to the memory to capture the digital representation;
  
  a first encrypting processor connected with the reader; and
  
  a first modem connected with the first encrypting processor, wherein the first encrypting processor encrypts the digital representation retrieved from the memory to form a digital signature and causes the first modem to transmit the digital signature via the communication network; and
  
  a certificate authority, the certificate authority including;
  
  a second modem connected with the communication network, wherein the second modem receives the digital signature from the communication network;
  
  a decrypting processor connected with the second modem, wherein the decrypting processor receives the digital signature from the second modem and decrypts the digital signature to recover the digital representation;
  
  a comparator connected to the decrypting processor, wherein the comparator receives the digital representation from the decrypting processor and compares the digital representation with a verified digital signature and, if a match is found between the digital signature and the verified digital signature, the comparator generates an authenticated signal; and
  
  a second encrypting processor connected with the comparator and responsive to the authenticated signal, wherein, in response to the authenticated signal, the second encrypting processor encrypts the digital signature thereby forming a digital certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Commercial Electronics Incorporated
Original Assignee
Commercial Electronics Incorporated
Inventors
Padgett, Robert D., Maxwell, John C. III
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
Darrow, Justin T.

Application Number

US09/123,793
Time in Patent Office

882 Days
Field of Search

713/202, 713/156, 713/158, 713/159, 713/172, 713/173, 713/176, 380/4, 380/23, 380/25, 380/30, 380/285, 380/155
US Class Current

713/186
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/33   using certificates

G06F 21/64   Protecting data integrity, ...

G07C 9/257   electronically G07C9/26 tak...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Digital signature providing non-repudiation based on biological indicia

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Digital signature providing non-repudiation based on biological indicia

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links